picsolve_docker_builder 0.3.2 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d6be2d37c3e4b320770aa0e2dfbcacc7a9eec84e
-  data.tar.gz: b29d93eede20b3353bbe379c87c5daf333af2bc6
+  metadata.gz: 5ec84ff2c54bd70531b955c0433b32fc7612a096
+  data.tar.gz: 9721fdeccf7b27d7440119c40d3fc657e3b4b9e4
 SHA512:
-  metadata.gz: bd1711c680c3cb51a7eaedd369217bbdd627a4f4ad6eed3c45927125f709443ce5333d10d29157e254826d0c64c9fa1bd8c93d8d45e68a3c1a01f6246229dc8d
-  data.tar.gz: f6ad1e2b94b222c65b6a6099e7d0ce3d476719696cc424ca7a8e1725a11cf314e4fbd43df303b24619b5038970c2434d2a62128c0d496a076880ecd06508ae73
+  metadata.gz: 4673382c5b8cdd99de881ae5522f815b5021d3f4f30fecdc7bbe4511dd8fbc3b1846241ad881125f50787ca0437abcddcc420a3c7a275fb6c46199c98bb4c7df
+  data.tar.gz: c14aa9c909bbf0927e9283ade875b24363b341b5d6a13a0e365971d95f38a26d51466176835d482beb0d3348cf314caf8c3d7b2b0fc5543c7fd61d638e4b3c1d

data/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Change Log
 
+## [0.4.0] - 2016-01-11
+### Added
+- Scala library build support
+- SSH Auth forwarding support
+
 ## [0.3.2] - 2015-12-10
 ### Fixed
 - Fix pulling bug in picsolve_docker_builder DE153

data/README.md

@@ -66,6 +66,52 @@ scala:
       - clean
       - "universal:packageZipTarball"
 ```
+## Usage examples
+
+### Building
+
+#### Scala
+
+##### Scala app docker image
+
+###### .docker-builder.yml
+
+```yaml
+docker:
+  base_image: docker.picsolve.net/java-8
+  image_name: docker.picsolve.net/my-app-name
+```
+
+###### build image
+
+`bundle exec rake docker:build`
+
+###### push to registry
+
+`bundle exec rake docker:push`
+
+###### for jenkins
+
+`bundle exec rake docker:jenkins`
+
+##### Library snapshot build
+
+###### .docker-builder.yml
+
+```yaml
+docker:
+  base_image: docker.picsolve.net/java-8
+  image_name: null
+  ssh_auth_forwarding: true
+```
+
+###### build & publish snapshot
+
+`bundle exec rake scala:lib:snapshot`
+
+###### build & publish release
+
+`bundle exec rake scala:lib:release`
 
 ## Release process
 

data/lib/picsolve_docker_builder/frame.rb

@@ -1,3 +1,4 @@
+require 'picsolve_docker_builder/helpers/ssh_auth_forwarding'
 require 'picsolve_docker_builder/composer/registry'
 require 'picsolve_docker_builder/base'
 require 'docker'
@@ -209,7 +210,9 @@ module PicsolveDockerBuilder
     end
 
     def volumes_array
-      [volume_workspace]
+      volumes = [volume_workspace]
+      volumes << volume_ssh_auth_forwarding if ssh_auth_forwarding?
+      volumes
     end
 
     def volumes
@@ -252,9 +255,13 @@ module PicsolveDockerBuilder
         blacklist.include? key
       end
 
-      keys.map do |key|
+      env = keys.map do |key|
         "#{key}=#{ENV[key]}"
       end
+
+      env << "SSH_AUTH_SOCK=#{ssh_auth_forwarding_path}" if ssh_auth_forwarding?
+
+      env
     end
 
     def create_container
@@ -302,19 +309,62 @@ module PicsolveDockerBuilder
       nil
     end
 
-    def fetch_asset_image
-      log.debug "pulling image '#{image_name}' from registry"
-      Docker::Image.create({'fromImage' => image_name}, Composer::Registry.creds)
-      log.debug "building asset image from '#{image_name}'"
-      dockerfile_asset = <<EOS
-FROM #{image_name}
-MAINTAINER Picsolve Onlineops <onlineops@picsolve.com>
-#{dockerfile_hooks_asset_build_early}
-RUN useradd -m -d #{build_user_home} -u #{build_user_uid} #{build_user}
-#{dockerfile_hooks_asset_build_late}
-EOS
+    def ssh_auth_forwarding?
+      return true if config['docker']['ssh_auth_forwarding']
+      false
+    end
+
+    def ssh_auth_forwarding_dockerfile
+      return "\n" unless ssh_auth_forwarding?
+      # add ssh known hosts to the image if using forwards
+      "ADD ssh_known_hosts #{File.join(build_user_home, '.ssh/known_hosts')}"
+    end
+
+    def ssh_auth_forwarding_path
+      '/tmp/ssh_auth_sock/ssh_auth_sock'
+    end
+
+    def volume_ssh_auth_forwarding
+      @ssh_auth_forwarding = Helpers::SshAuthForwarding.new
+      [
+        @ssh_auth_forwarding.dir,
+        File.dirname(ssh_auth_forwarding_path)
+      ]
+    end
+
+    def ssh_known_hosts
+      File.open(File.join(Dir.home, '.ssh/known_hosts')).read
+    end
+
+    def asset_image_dockerfile
+      [
+        "FROM #{image_name}",
+        'MAINTAINER Picsolve Onlineops <onlineops@picsolve.com>',
+        dockerfile_hooks_asset_build_early,
+        "RUN useradd -m -d #{build_user_home} \\",
+        " -u #{build_user_uid} #{build_user}",
+        "ADD .gitconfig #{File.join(build_user_home, '.gitconfig')}",
+        ssh_auth_forwarding_dockerfile,
+        "RUN chown -cR #{build_user} #{build_user_home}",
+        dockerfile_hooks_asset_build_late
+      ]
+    end
+
+    def asset_image_build
+      tar_contents = {
+        'Dockerfile' => asset_image_dockerfile.join("\n"),
+        '.gitconfig' => [
+          '[user]',
+          'name = Jenkins London Picsolve',
+          'email = jenkins@picsolve.com'
+        ].join("\n")
+      }
+
+      tar_contents['ssh_known_hosts'] = ssh_known_hosts if ssh_auth_forwarding?
+
+      tar = StringIO.new Docker::Util.create_tar(tar_contents)
       begin
-        Docker::Image.build(dockerfile_asset) do |stream|
+        Docker::Image.build_from_tar(tar) do |stream|
           s = JSON.parse(stream)['stream']
           log.debug s.strip unless s.nil?
         end
@@ -324,6 +374,16 @@ EOS
       end
     end
 
+    def fetch_asset_image
+      log.debug "pulling image '#{image_name}' from registry"
+      Docker::Image.create(
+        { 'fromImage' => image_name },
+        Composer::Registry.creds
+      )
+      log.debug "building asset image from '#{image_name}'"
+      asset_image_build
+    end
+
     def asset_image
       @asset_image ||= fetch_asset_image
     end

data/lib/picsolve_docker_builder/helpers/ssh_auth_forwarding.rb

@@ -0,0 +1,72 @@
+require 'picsolve_docker_builder/base'
+require 'fileutils'
+require 'securerandom'
+
+module PicsolveDockerBuilder
+  module Helpers
+    # Ruby class that forwards a ssh auth socket into a docker container
+    class SshAuthForwarding
+      include PicsolveDockerBuilder::Base
+
+      def initialize
+        fail 'Environment var SSH_AUTH_SOCK not found, ssh forward impossible' \
+          if env_ssh_auth_sock.nil?
+      end
+
+      def generate_dir_path
+        File.join(
+          File.dirname(env_ssh_auth_sock),
+          "docker_builder_temp_#{SecureRandom.hex(2)}"
+        )
+      end
+
+      def create_dir
+        dir = generate_dir_path
+        begin
+          Dir.mkdir(dir, 0700)
+          # ensure cleanup
+          at_exit do
+            cleanup(dir)
+          end
+        rescue Errno::EEXIST
+          FileUtils.rm_rf(dir)
+          log.warn "Directory '#{dir}' already exists, removing it"
+          retry
+        end
+
+        log.debug \
+          "Creating temporary dir '#{dir}' for mapping auth socket into docker"
+        FileUtils.chmod 0700, dir
+        FileUtils.ln env_ssh_auth_sock, File.join(dir, 'ssh_auth_sock')
+        dir
+      end
+
+      def cleanup(dir = nil)
+        # return if nothing to do
+        if dir.nil?
+          if @dir.nil?
+            return
+          else
+            dir = @dir
+            @dir = nil
+          end
+        end
+
+        log.debug "Removing temporary dir '#{dir}'"
+        FileUtils.rm_rf(dir)
+      end
+
+      def dir
+        @dir ||= create_dir
+      end
+
+      def env_var_name
+        'SSH_AUTH_SOCK'
+      end
+
+      def env_ssh_auth_sock
+        ENV[env_var_name]
+      end
+    end
+  end
+end

data/lib/picsolve_docker_builder/scala.rb

@@ -139,12 +139,24 @@ module PicsolveDockerBuilder
     end
 
     def sbt_command
+      return @sbt_command unless @sbt_command.nil?
+
       runs = config['scala']['sbt']['build_task'].map do |tasks|
         "sbt #{tasks}"
       end
       runs.join ' && '
     end
 
+    def sbt_lib_snapshot
+      @sbt_command = 'sbt clean update test publish'
+      build
+    end
+
+    def sbt_lib_release
+      @sbt_command = "sbt clean test \"release cross with-defaults\""
+      build
+    end
+
     def asset_build
       log.info "start asset building with image #{image_name}"
 

data/lib/picsolve_docker_builder/version.rb

@@ -1,4 +1,4 @@
 # version
 module PicsolveDockerBuilder
-  VERSION = '0.3.2'
+  VERSION = '0.4.0'
 end

data/lib/tasks/scala.rake

@@ -9,3 +9,17 @@ namespace :docker do
     @docker_builder ||= PicsolveDockerBuilder::Scala.new
   end
 end
+
+namespace :scala do
+  namespace :lib do
+    desc 'build & publish a scala library snapshot'
+    task snapshot: :'docker:prepare' do
+      @docker_builder.sbt_lib_snapshot
+    end
+
+    desc 'build & publish a scala library release'
+    task release: :'docker:prepare' do
+      @docker_builder.sbt_lib_release
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: picsolve_docker_builder
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.4.0
 platform: ruby
 authors:
 - Christian Simon
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-10 00:00:00.000000000 Z
+date: 2016-01-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -278,6 +278,7 @@ files:
 - lib/picsolve_docker_builder/helpers/kubernetes_manager.rb
 - lib/picsolve_docker_builder/helpers/registry.rb
 - lib/picsolve_docker_builder/helpers/repository.rb
+- lib/picsolve_docker_builder/helpers/ssh_auth_forwarding.rb
 - lib/picsolve_docker_builder/helpers/ssh_connection.rb
 - lib/picsolve_docker_builder/helpers/ssh_forward.rb
 - lib/picsolve_docker_builder/nodejs.rb