From 28ccfb2a3a486556cfc7ff3a1686cfb6afc532b8 Mon Sep 17 00:00:00 2001 From: Pierre Lasorak Date: Tue, 11 Jun 2024 15:47:00 +0100 Subject: [PATCH 1/3] a docker file for dockerphiles --- Dockerfile | 73 +++++++++++++++++++++++++------------------ Dockerfile_standalone | 66 -------------------------------------- 2 files changed, 43 insertions(+), 96 deletions(-) delete mode 100644 Dockerfile_standalone diff --git a/Dockerfile b/Dockerfile index 08b0783b..b7ddde02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,48 +5,61 @@ FROM python:3.10.4-bullseye SHELL ["/bin/bash", "-c"] # Update the packages list and install the required packages -RUN apt update && apt install -y --no-install-recommends \ +RUN apt-get update + +RUN apt-get install -y --no-install-recommends \ git \ openssh-server \ - openssh-client + openssh-client \ + net-tools \ + sudo + +RUN cd /etc/ssh/ && ssh-keygen -A + +RUN echo 'root:r00t' | chpasswd + +# Update the SSHD configuration to allow root login without password +RUN printf "\nPermitRootLogin without-password\n" >> /etc/ssh/sshd_config && \ + printf "Port 23\n" >> /etc/ssh/sshd_config + +RUN printf " Port 23\n" >> /etc/ssh/ssh_config && \ + printf " StrictHostKeyChecking no\n" >> /etc/ssh/ssh_config && \ + printf " PasswordAuthentication no\n" >> /etc/ssh/ssh_config && \ + printf " UserKnownHostsFile /dev/null\n" >> /etc/ssh/ssh_config && \ + printf " AddressFamily inet" >> /etc/ssh/ssh_config + +RUN mkdir /run/sshd + +RUN adduser --shell /bin/bash --ingroup sudo patreides +RUN echo 'patreides:chani' | chpasswd +RUN usermod -aG sudo patreides + +RUN service ssh start + +# Expose SSH port (which was changed from 22 to 23 a couple of lines above) +EXPOSE 23 +EXPOSE 10054 + +USER patreides + +WORKDIR /home/patreides -# Clone the repository and install the required Python packages -RUN cd / && \ +RUN cd /home/patreides && \ git clone -b develop https://github.com/DUNE-DAQ/druncschema.git && \ cd druncschema && \ pip install -r requirements.txt && \ pip install . -RUN cd / && \ +RUN cd /home/patreides && \ git clone -b develop https://github.com/DUNE-DAQ/drunc.git && \ cd drunc && \ pip install -r requirements.txt && \ pip install . -# # Start a new build stage with Python 3.10.4-bullseye as the base image -# FROM python:3.10.4-bullseye - -# # Copy everything from the builder stage -# COPY --from=builder / / - -# Generate root ssh key -RUN mkdir -p /root/.ssh && \ - ssh-keygen -b 2048 -t rsa -f /root/.ssh/id_rsa -q -N "" && \ - cp /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys - -# Update the SSHD configuration to allow root login without password -RUN echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config && \ - echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \ - echo "UserKnownHostsFile /dev/null" >> /etc/ssh/ssh_config - -# # Define environment variables -# ENV DRUNC_DIR=/drunc -# ENV DRUNC_DATA=/drunc/data - -# Expose SSH default port -EXPOSE 22 -EXPOSE 10054 +RUN mkdir /home/patreides/.ssh +RUN ssh-keygen -f /home/patreides/.ssh/id_rsa -q -N "" +RUN cp /home/patreides/.ssh/id_rsa.pub /home/patreides/.ssh/authorized_keys -# Run SSHD in the background and drunc-process-manager in the foreground -ENTRYPOINT service ssh start && drunc-process-manager --loglevel debug /drunc/data/process-manager-pocket.json +# Run SSHD in the background +#ENTRYPOINT echo 'chani' | sudo -S service ssh start diff --git a/Dockerfile_standalone b/Dockerfile_standalone deleted file mode 100644 index c6662b60..00000000 --- a/Dockerfile_standalone +++ /dev/null @@ -1,66 +0,0 @@ -# Use Python 3.10.4-bullseye as a base image -FROM python:3.10.4-bullseye - -# Define shell -SHELL ["/bin/bash", "-c"] - -# Update the packages list and install the required packages -RUN apt-get update - -RUN apt-get install -y --no-install-recommends \ - git \ - openssh-server \ - openssh-client \ - net-tools \ - sudo - -# Clone the repository and install the required Python packages -RUN cd / && \ - git clone -b develop https://github.com/DUNE-DAQ/druncschema.git && \ - cd druncschema && \ - pip install -r requirements.txt && \ - pip install . - -RUN cd / && \ - git clone -b develop https://github.com/DUNE-DAQ/drunc.git && \ - cd drunc && \ - pip install -r requirements.txt && \ - pip install . - -RUN cd /etc/ssh/ && ssh-keygen -A - -RUN echo 'root:r00t' | chpasswd - -# Update the SSHD configuration to allow root login without password -RUN printf "\nPermitRootLogin without-password\n" >> /etc/ssh/sshd_config && \ - printf "Port 23\n" >> /etc/ssh/sshd_config - -RUN printf " Port 23\n" >> /etc/ssh/ssh_config && \ - printf " StrictHostKeyChecking no\n" >> /etc/ssh/ssh_config && \ - printf " PasswordAuthentication no\n" >> /etc/ssh/ssh_config && \ - printf " UserKnownHostsFile /dev/null\n" >> /etc/ssh/ssh_config && \ - printf " AddressFamily inet" >> /etc/ssh/ssh_config - -RUN mkdir /run/sshd - -RUN adduser --shell /bin/bash --ingroup sudo patreides -RUN echo 'patreides:chani' | chpasswd -RUN usermod -aG sudo patreides - -RUN service ssh start - -# Expose SSH port (which was changed from 22 to 23 a couple of lines above) -EXPOSE 23 -EXPOSE 10054 - -USER patreides - -WORKDIR /home/patreides - -RUN mkdir /home/patreides/.ssh -RUN ssh-keygen -f /home/patreides/.ssh/id_rsa -q -N "" -RUN cp /home/patreides/.ssh/id_rsa.pub /home/patreides/.ssh/authorized_keys - -# Run SSHD in the background and drunc-process-manager in the foreground -ENTRYPOINT echo 'chani' | sudo -S service ssh start && drunc-process-manager /drunc/data/process-manager-pocket.json - From e419872e35f2e94caf9cdbaa6f7691deb604d935 Mon Sep 17 00:00:00 2001 From: Pierre Lasorak Date: Tue, 11 Jun 2024 16:10:54 +0100 Subject: [PATCH 2/3] freeze the all the versions in requirements --- requirements.txt | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/requirements.txt b/requirements.txt index 405aa49c..0f3d4116 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,16 +1,15 @@ -click -click_shell -grpcio -googleapis-common-protos -grpcio-status -grpcio_tools -gunicorn -kafka-python -nest_asyncio -rich -requests -flask -flask-restful -sh -druncschema @ git+https://github.com/DUNE-DAQ/druncschema.git@v0.3.0 +click==8.1.2 +click-shell==2.1 +grpcio==1.64.1 +googleapis-common-protos==1.63.1 +grpcio-status==1.62.2 +grpcio-tools==1.62.2 +gunicorn==20.1.0 +kafka-python==2.0.2 +nest-asyncio==1.6.0 +rich==13.3.2 +requests==2.25.0 +Flask==2.1.1 +Flask-RESTful==0.3.9 +sh==1.14.1 kubernetes==29.0.0 From 8be25c927577d1f2eed758a8364b55c069059c2b Mon Sep 17 00:00:00 2001 From: Pierre Lasorak Date: Tue, 11 Jun 2024 16:13:45 +0100 Subject: [PATCH 3/3] add a github action to build image --- .github/workflows/build_docker_image.yml | 48 ++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 .github/workflows/build_docker_image.yml diff --git a/.github/workflows/build_docker_image.yml b/.github/workflows/build_docker_image.yml new file mode 100644 index 00000000..a7a79f9c --- /dev/null +++ b/.github/workflows/build_docker_image.yml @@ -0,0 +1,48 @@ +name: Build drunc docker image + +on: + push: + branches: + - develop + tags: + - 'v*' + paths: + - Dockerfile + + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout drunc code + uses: actions/checkout@v4 + with: + repository: DUNE-DAQ/drunc + path: drunc + + - name: Log in to the Container registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: | + ghcr.io/DUNE-DAQ/drunc + tags: | + type=raw,value=latest + type=ref,event=branch + type=ref,event=tag + + - name: Build and push Docker images + uses: docker/build-push-action@v3 + with: + context: ${{ github.workspace }}/drunc/ + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file