From e3015df4fc0863e587de66371d46d9f8137b6926 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 10:04:12 -0500 Subject: [PATCH 1/9] Revert "don't build docker images in CI (#1062)" This reverts commit 1e742ff0a27ad553d66e01e2c000553bb2478353. --- .github/workflows/docker-image.yml | 42 ++++++++++++++++++++++++++++++ Dockerfile | 41 +++++++++++++++++++++++++++++ README.adoc | 4 +++ 3 files changed, 87 insertions(+) create mode 100644 .github/workflows/docker-image.yml create mode 100644 Dockerfile diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml new file mode 100644 index 00000000000..952b5701d4f --- /dev/null +++ b/.github/workflows/docker-image.yml @@ -0,0 +1,42 @@ +# +# GitHub Actions configuration to automatically build and publish a Docker image +# for Omicron. See README for details. +# +name: docker-image +on: push +jobs: + docker-image: + runs-on: ubuntu-18.04 + steps: + # actions/checkout@v2 + - uses: actions/checkout@28c7f3d2b5162b5ddd3dfd9a45aa55eaf396478b + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: Login to GitHub Packages Docker Registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract branch name + shell: bash + run: BRANCH="${GITHUB_HEAD_REF//\//-}"; echo "::set-output name=branch::${BRANCH:-main}" + id: extract_branch + - name: Build and push + # This pushes a docker image to github's container registry. + # It is not a public image by default. + # The docs are here: https://github.com/docker/build-push-action + uses: docker/build-push-action@9379083e426e2e84abb80c8c091f5cdeb7d3fd7a + with: + push: ${{ ! startsWith(github.ref, 'refs/heads/dependabot') }} + file: ./Dockerfile + tags: ghcr.io/${{ github.repository_owner }}/omicron:${{ steps.extract_branch.outputs.branch }},ghcr.io/${{ github.repository_owner }}/omicron:${{ github.sha }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000000..4afcf1f7a99 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,41 @@ +# +# Dockerfile: build a Docker image for Omicron. This is used by the console for +# prototyping and development. This will not be used for deployment to a real +# rack. +# +# ------------------------------------------------------------------------------ +# Cargo Build Stage +# ------------------------------------------------------------------------------ + +FROM rust:latest as cargo-build + +ENV DEBIAN_FRONTEND=noninteractive + +WORKDIR /usr/src/omicron + +COPY . . + +WORKDIR /usr/src/omicron +RUN cargo build --release + +# ------------------------------------------------------------------------------ +# Final Stage +# ------------------------------------------------------------------------------ + +FROM debian:sid-slim + +RUN apt-get update && apt-get install -y \ + ca-certificates \ + libpq5 \ + libssl1.1 \ + libsqlite3-0 \ + --no-install-recommends \ + && rm -rf /var/lib/apt/lists/* + + +COPY --from=cargo-build /usr/src/omicron/target/release/nexus /usr/bin/nexus +COPY --from=cargo-build /usr/src/omicron/target/release/omicron-dev /usr/bin/omicron-dev +COPY --from=cargo-build /usr/src/omicron/target/release/omicron-package /usr/bin/omicron-package +COPY --from=cargo-build /usr/src/omicron/target/release/sled-agent-sim /usr/bin/sled-agent-sim + +CMD ["sled-agent-sim"] diff --git a/README.adoc b/README.adoc index 85fa7580301..123d016493e 100644 --- a/README.adoc +++ b/README.adoc @@ -49,6 +49,10 @@ This mode of operation will be used in production. See: xref:docs/how-to-run.adoc[]. +== Docker image + +This repo includes a Dockerfile that builds an image containing the Nexus and sled agent. There's a GitHub Actions workflow that builds and publishes the Docker image. This is used by the https://github.com/oxidecomputer/console/[console] project for prototyping, demoing, and testing. This is **not** the way Omicron will be deployed on production systems, but it's a useful vehicle for working with it. + == Configuration reference `nexus` requires a TOML configuration file. There's an example in From 491c829700f2114238bca75b0b2a2c60ee188405 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 10:06:00 -0500 Subject: [PATCH 2/9] update readme to mention CLI, not console --- README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.adoc b/README.adoc index 123d016493e..60f27194bdf 100644 --- a/README.adoc +++ b/README.adoc @@ -51,7 +51,7 @@ See: xref:docs/how-to-run.adoc[]. == Docker image -This repo includes a Dockerfile that builds an image containing the Nexus and sled agent. There's a GitHub Actions workflow that builds and publishes the Docker image. This is used by the https://github.com/oxidecomputer/console/[console] project for prototyping, demoing, and testing. This is **not** the way Omicron will be deployed on production systems, but it's a useful vehicle for working with it. +This repo includes a Dockerfile that builds an image containing the Nexus and sled agent. There's a GitHub Actions workflow that builds and publishes the Docker image. This is used by [cli](https://github.com/oxidecomputer/cli) for testing. This is **not** the way Omicron will be deployed on production systems, but it's a useful vehicle for working with it. == Configuration reference From 6d93b65d0390d9b14a8218d95a47d4c08f09303c Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 10:27:30 -0500 Subject: [PATCH 3/9] the obvious thing would be to use install_prereqs.sh directly, but let's try this instead --- Dockerfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Dockerfile b/Dockerfile index 4afcf1f7a99..6c68d201289 100644 --- a/Dockerfile +++ b/Dockerfile @@ -29,6 +29,10 @@ RUN apt-get update && apt-get install -y \ libpq5 \ libssl1.1 \ libsqlite3-0 \ + xmlsec1 \ + libxmlsec1-dev \ + libxmlsec1-openssl \ + pkg-config \ --no-install-recommends \ && rm -rf /var/lib/apt/lists/* From f5dc77ba15a808ab720e52b2c11462c14a709e54 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 11:05:26 -0500 Subject: [PATCH 4/9] give up, attempt to run install_prerequisites.sh --- Dockerfile | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6c68d201289..b2daff7619a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,6 +16,7 @@ WORKDIR /usr/src/omicron COPY . . WORKDIR /usr/src/omicron +RUN tools/install_prerequisites.sh -y RUN cargo build --release # ------------------------------------------------------------------------------ @@ -29,10 +30,6 @@ RUN apt-get update && apt-get install -y \ libpq5 \ libssl1.1 \ libsqlite3-0 \ - xmlsec1 \ - libxmlsec1-dev \ - libxmlsec1-openssl \ - pkg-config \ --no-install-recommends \ && rm -rf /var/lib/apt/lists/* From 5a7503f9fb21fe14805cb6f222dcbf68874a410f Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 11:08:46 -0500 Subject: [PATCH 5/9] just for fun, remove sudo from install prereqs script --- tools/install_prerequisites.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/install_prerequisites.sh b/tools/install_prerequisites.sh index d4d82a434f7..49d35fd4ea0 100755 --- a/tools/install_prerequisites.sh +++ b/tools/install_prerequisites.sh @@ -80,11 +80,11 @@ if [[ "${HOST_OS}" == "Linux" ]]; then 'libclang-dev' 'libsqlite3-dev' ) - sudo apt-get update + apt-get update if [[ "${ASSUME_YES}" == "true" ]]; then - sudo apt-get install -y ${packages[@]} + apt-get install -y ${packages[@]} else - confirm "Install (or update) [${packages[*]}]?" && sudo apt-get install ${packages[@]} + confirm "Install (or update) [${packages[*]}]?" && apt-get install ${packages[@]} fi elif [[ "${HOST_OS}" == "SunOS" ]]; then packages=( From 5a32fa8c7e982f253b61aef5415d381add43650e Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 11:11:24 -0500 Subject: [PATCH 6/9] also try copying the install step out of the script, but *before* cargo build --- Dockerfile | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b2daff7619a..11c619c8fde 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,16 @@ WORKDIR /usr/src/omicron COPY . . WORKDIR /usr/src/omicron -RUN tools/install_prerequisites.sh -y +RUN apt-get update && apt-get install -y \ + libpq-dev \ + pkg-config \ + xmlsec1 \ + libxmlsec1-dev \ + libxmlsec1-openssl \ + libclang-dev \ + libsqlite3-dev \ + --no-install-recommends \ + && rm -rf /var/lib/apt/lists/* RUN cargo build --release # ------------------------------------------------------------------------------ From b860ad22b22776e1e91b47995bbf0a7b42284556 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Wed, 15 Jun 2022 11:32:56 -0500 Subject: [PATCH 7/9] Revert "just for fun, remove sudo from install prereqs script" 5a7503f9fb21fe14805cb6f222dcbf68874a410f --- tools/install_prerequisites.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/install_prerequisites.sh b/tools/install_prerequisites.sh index 49d35fd4ea0..d4d82a434f7 100755 --- a/tools/install_prerequisites.sh +++ b/tools/install_prerequisites.sh @@ -80,11 +80,11 @@ if [[ "${HOST_OS}" == "Linux" ]]; then 'libclang-dev' 'libsqlite3-dev' ) - apt-get update + sudo apt-get update if [[ "${ASSUME_YES}" == "true" ]]; then - apt-get install -y ${packages[@]} + sudo apt-get install -y ${packages[@]} else - confirm "Install (or update) [${packages[*]}]?" && apt-get install ${packages[@]} + confirm "Install (or update) [${packages[*]}]?" && sudo apt-get install ${packages[@]} fi elif [[ "${HOST_OS}" == "SunOS" ]]; then packages=( From 4bf842c2f90bfee758feef503fa6302d7ca4a5e3 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Thu, 16 Jun 2022 18:07:07 -0500 Subject: [PATCH 8/9] use prereqs script again, this time with workarounds --- Dockerfile | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 11c619c8fde..e08d4057800 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,16 +16,9 @@ WORKDIR /usr/src/omicron COPY . . WORKDIR /usr/src/omicron -RUN apt-get update && apt-get install -y \ - libpq-dev \ - pkg-config \ - xmlsec1 \ - libxmlsec1-dev \ - libxmlsec1-openssl \ - libclang-dev \ - libsqlite3-dev \ - --no-install-recommends \ - && rm -rf /var/lib/apt/lists/* +ENV PATH=/usr/src/omicron/out/cockroachdb/bin:/usr/src/omicron/out/clickhouse:${PATH} +RUN apt-get update && apt-get install -y sudo --no-install-recommends && rm -rf /var/lib/apt/lists/* +RUN tools/install_prerequisites.sh -y RUN cargo build --release # ------------------------------------------------------------------------------ From 8653c2fa1c8b104c0e76167b2b9ea32c8e5c23b2 Mon Sep 17 00:00:00 2001 From: David Crespo Date: Thu, 16 Jun 2022 18:55:46 -0500 Subject: [PATCH 9/9] try and fix the branch name extractor --- .github/workflows/docker-image.yml | 2 +- Dockerfile | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 952b5701d4f..353058a46d4 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -27,7 +27,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Extract branch name shell: bash - run: BRANCH="${GITHUB_HEAD_REF//\//-}"; echo "::set-output name=branch::${BRANCH:-main}" + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF_NAME//\//-})" id: extract_branch - name: Build and push # This pushes a docker image to github's container registry. diff --git a/Dockerfile b/Dockerfile index e08d4057800..7fde038a9e3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,9 +16,12 @@ WORKDIR /usr/src/omicron COPY . . WORKDIR /usr/src/omicron + +# sudo and path thing are only needed to get prereqs script to run ENV PATH=/usr/src/omicron/out/cockroachdb/bin:/usr/src/omicron/out/clickhouse:${PATH} RUN apt-get update && apt-get install -y sudo --no-install-recommends && rm -rf /var/lib/apt/lists/* RUN tools/install_prerequisites.sh -y + RUN cargo build --release # ------------------------------------------------------------------------------