sle2docker 0.2.4 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3f15d09b5ede994585073034cba25c4c68c271aa
-  data.tar.gz: 7a7d3c1fcdae3a14470dc0338b7d108733ea31c0
+  metadata.gz: 66989f86821ec67600802b06f47b06949c850ef2
+  data.tar.gz: 5309625b91a0c5eea400ad81c6e5d62505217dcc
 SHA512:
-  metadata.gz: b5fd6e752a653025541797f876a0cf9e807998fa52c78704cfd9373801717c16f0f58074b2e2e6026035716bc72df3205b643c9e19767a4d5751fd2be97281ec
-  data.tar.gz: 0ce0c1b71744653b85cb1f483493820d7da2e843c51e8e8a719661bd6642514393ec7792a86d78528143485f5d1bfaa17004bea1000921fcb3e73370daeb6a56
+  metadata.gz: 61ac461a8d6aafb94ea5edbee727134340f36d49bc9f0d92eb06b41d882c4ae96a5730cf6301be51f62e9c8d3374a0128730a11b8dc15fe16b7cb4e2917a16ce
+  data.tar.gz: f2cb23ff54f2d3cb67da418e5527e0a796f5fdf7c4a0c89906081aa20051241e0c62d1b1bee210e0b383b622d288d16442921c3f39c30508f3e6d2c9360c7200

data/.gitignore

@@ -1 +1,4 @@
 pkg
+Vagrantfile
+package/sle2docker.8
+package/sle2docker.8.html

data/.rubocop.yml

@@ -0,0 +1,5 @@
+AllCops:
+  Exclude:
+    - Vagrantfile
+    - sle2docker.gemspec
+    - lib/templates/**/*

data/.travis.yml

@@ -0,0 +1,7 @@
+language: ruby
+rvm:
+- 2.1.2
+addons:
+  code_climate:
+    repo_token:
+      secure: eLzFNGAZk9F3FBXO+zCR11DxoPf7OH7mW8+4Ige4fifBgxGbwGeLEgF9YqALgNYd9MzR/UNcUR5+2Lyr2sPkmZzu9h81Bju3yi5dQICWdmldQQ26OBaeDloD4VHn9GLiunFyTFLQv8Z9GfAE1lRZYxLCS2nr+hi1hJOAazq+bhk=

data/Changelog

@@ -1,3 +1,15 @@
+Tue Jun 16 23:04:11 CEST 2015  Flavio Castelli <flavio@castelli.name>
+
+	* Version 0.4.0:
+	- Drop old build system: do no longer build images using kiwi
+	- Revisit the activation code: it is no longer necessary to copy
+		the org credentials or the host repositories into the final image
+
+Mon Apr 20 17:46:52 CEST 2015  Flavio Castelli <flavio@castelli.name>
+
+	* Version 0.3.0 rc1:
+		- Added support for pre-built Docker images.
+
 Mon Dec 01 17:38:53 CET 2014  Flavio Castelli <fcastelli@suse.com>
 
 	* Version 0.2.4:

data/Gemfile

@@ -2,3 +2,5 @@ source 'https://rubygems.org/'
 
 # Specify your gem's dependencies in sle2docker.gemspec
 gemspec
+
+gem 'codeclimate-test-reporter', group: :test, require: nil

data/README.md

@@ -1,13 +1,21 @@
-sle2docker is a convenience tool which creates SUSE Linux Enterprise images for
-[Docker](http://docker.com).
+[![Build Status](https://travis-ci.org/SUSE/sle2docker.svg)](https://travis-ci.org/SUSE/sle2docker)
+[![Code Climate](https://codeclimate.com/github/SUSE/sle2docker/badges/gpa.svg)](https://codeclimate.com/github/SUSE/sle2docker)
+[![Test Coverage](https://codeclimate.com/github/SUSE/sle2docker/badges/coverage.svg)](https://codeclimate.com/github/SUSE/sle2docker)
 
-The tool relies on [KIWI](https://github.com/openSUSE/kiwi) and Docker itself
-to build the images.
+sle2docker is a convenience tool which imports the pre-built SUSE Linux Enterprise
+images for Docker.
 
-Packages can be fetched either from SUSE Customer Center (SCC) or from a local
-Subscription Management Tool (SMT).
+The tool takes advantage of pre-built Docker images distributed by SUSE to
+create the base Docker image that users can later customize using Docker's
+integrated build system. The pre-built images are distributed by SUSE as RPMs.
 
-Using DVD sources is currently unsupported.
+Pre-built images do not have repositories configured but zypper will
+automatically have access to the right repositories when the Docker host has a
+SLE subscription that provides access to the product used in the image. For
+more details read the "Customizing the images" section below.
+
+Previous versions of the tool built the Docker images from KIWI templates
+distributed by SUSE. This is no longer possible.
 
 # Requirements
 
@@ -24,104 +32,125 @@ The recommended way to install sle2docker is via zypper:
 sudo zypper in sle2docker
 ```
 
-However sle2docker can be installed via gem:
+However sle2docker can also be installed via gem:
 
 ```
 sudo gem install --no-format-exec sle2docker
 ```
 
 The `--no-format-exec` is recommended otherwise the `sle2docker` binary will
-be prefixed with the ruby version installed on the system (eg: the binary on
+be prefixed with the ruby version installed on the system (e.g.: the binary on
 SLE12 would be called `sle2docker.ruby2.1`).
 
-# How it works
+# Usage
 
-The sle2docker gem comes with a set of supported SLE templates. These are KIWI
-source files which are filled with the informations provided by the user at
-runtime.
+To list the available pre-built images use the following command:
 
-The image creation happens inside of
-[this](https://registry.hub.docker.com/u/opensuse/kiwi/)
-Docker image. This has to be done because on recent systems (like SLE12) KIWI
-cannot create SLE11 images. That happens because building a SLE11 systems
-requires the `db45-utils` package to be installed on the host system; this
-package is obsolete and is not available on SLE12.
+```
+sle2docker list
+Available pre-built images:
+ - sles11sp3-docker.x86_64-1.0.0-Build1.3
+ - sles12-docker.x86_64-1.0.0-Build7.4
+```
 
-The Docker image used by sle2docker is based on openSUSE and it's freely
-downloadable from the [Docker Hub](https://registry.hub.docker.com/). The image
-is built using Docker's build system by starting from the
-[official openSUSE image](https://registry.hub.docker.com/_/opensuse/).
-The `Dockerfile` used to create this image can be found inside of
-[this](https://github.com/openSUSE/docker-containers) repository.
+To activate the pre-built image use the following command:
 
-sle2docker automatically fetches the `opensuse/kiwi` image if not found on the
-system.
+`sle2docker activate IMAGE_NAME`
 
-# Usage
+# Customizing the images
 
-To build a template just use the following command:
+To create custom Docker images based on the official ones use
+[Docker's integrated build system](http://docs.docker.com/reference/builder/).
 
-```
-sle2docker build TEMPLATE
-```
+The pre-built images do not have any repository configured. They
+contain a [zypper service](https://github.com/SUSE/container-suseconnect) that
+contacts either the SUSE Customer Center (SCC) or your Subscription
+Management Tool (SMT) server according to the configuration of the SLE host
+running the Docker container. The service obtains the list of repositories
+available for the product used by the Docker image.
 
-A list of the available templates may be obtained by running:
+There is no need to add any credential to the Docker image because the machine
+credentials are automatically injected into the container by the docker daemon.
+These are injected inside of the `/run/secrets` directory. The same applies to
+the `/etc/SUSEConnect` file of the host system, which is automatically injected
+into the `/run/secrets`.
 
-```
-sle2docker list
-```
+The contents of the `/run/secrets` directory are never committed to a Docker
+image, hence there's no risk of leaking your credentials.
 
-A templated rendered with user provided data can be printed by using the
-following command:
+To obtain the list of repositories invoke:
 
-```
-sle2docker show TEMPLATE
-```
+`zypper ref -s`
+
+This will automatically add all the repositories to your container. For each
+repository added to the system a new file is going to be created under
+`/etc/zypp/repos.d`. The URLs of these repositories include an access token
+that automatically expires after 12 hours. To renew the token just call the
+`zypper ref -s` command. It is totally fine, and secure, to commit these files
+to a Docker image.
+
+If you want to use a different set of credentials, place a custom
+`/etc/zypp/credentials.d/SCCcredentials` with the machine credentials
+having the subscription you want to use inside of the Docker image.
+The same applies to the `SUSEConnect` file: if you want to override the one
+available on the host system running the Docker container you have to add a
+custom `/etc/SUSEConnect` file inside of the Docker image.
 
-## SUSE Customer Center integration
+## Creating a custom SLE12 image
 
-By default sle2docker downloads all the required packages from SUSE
-Customer Center (SCC). Before the build starts sle2docker ask the user
-his credentials. It is possible to start a build in a non interactive way by
-using the following command:
+This Dockerfile creates a simple Docker image based on SLE12:
 
 ```
-sle2docker build -u USERNAME -p PASSWORD TEMPLATE_NAME
+FROM suse/sles12:latest
+
+RUN zypper --gpg-auto-import-keys ref -s
+RUN zypper -n in vim
 ```
 
+When the Docker host machine is registered against an internal SMT
+server the Docker image requires the ssl certificate used by SMT:
 
-## Subscription Management Tool integration
+```
+FROM suse/sles12:latest
 
-It is possible to download all the required packages from a local 
-Subscription Management Tool (SMT) instance:
+# Import the crt file of our private SMT server
+ADD http://smt.test.lan/smt.crt /etc/pki/trust/anchors/smt.crt
+RUN update-ca-certificates
 
-```
-sle2docker build -s SMT_SERVER_HOSTNAME/repo TEMPLATE
+RUN zypper --gpg-auto-import-keys ref -s
+RUN zypper -n in vim
 ```
 
-By default sle2docker assumes the contents of the SMT server are served over
-HTTPS. To force the retrieval of the package over plain HTTP use the
-following command:
+## Creating a custom SLE11SP3 image
+
+This Dockerfile creates a simple Docker image based on SLE12:
 
 ```
-sle2docker build -s SMT_SERVER_HOSTNAME/repo --disable-https TEMPLATE
+FROM suse/sles11sp3:latest
+
+RUN zypper --gpg-auto-import-keys ref -s
+RUN zypper -n in vim
 ```
 
-Example: Say the FQDN of your SMT is mysmt.company.com and you want to build a SLE12 Docker image.
-The corresponding call to sle2docker would look like this:
+When the Docker host machine is registered against an internal SMT
+server the Docker image requires the ssl certificate used by SMT:
 
 ```
-sle2docker build -s mysmt.company.com/repo --disable-https SLE12
-```
+FROM suse/sles11sp3:latest
 
-By default sle2docker expects the SMT instance to not require any form of
-authentication. However it is possible to specify the access credentials by
-using the following command:
+# Import the crt file of our private SMT server
+ADD http://smt.test.lan/smt.crt /etc/ssl/certs/smt.pem
+RUN c_rehash /etc/ssl/certs
 
+RUN zypper --gpg-auto-import-keys ref -s
+RUN zypper -n in vim
 ```
-sle2docker build -s SMT_SERVER_HOSTNAME -u USERNAME -p PASSWORD TEMPLATE
-```
 
+# Additional documentation
+
+For more information visit the
+[SUSE's Docker documentation](https://www.suse.com/documentation/sles-12/dockerquick/data/dockerquick.html)
+page.
 
 # License
 

data/Rakefile

@@ -14,5 +14,16 @@ begin
   require 'yard'
   YARD::Rake::YardocTask.new
 rescue LoadError
-  puts "Yard not available. To generate documentation install it with: gem install yard"
+  warn 'Yard not available. To generate documentation install it with: ' \
+       'gem install yard'
+end
+
+require 'rubocop/rake_task'
+RuboCop::RakeTask.new
+
+task default: :test
+
+desc 'Generate man pages'
+task :man do
+  system "ronn #{File.expand_path('../package/sle2docker.8.ronn', __FILE__)}"
 end

data/bin/sle2docker

@@ -1,5 +1,14 @@
 #!/usr/bin/env ruby
 require_relative '../lib/sle2docker'
 
-Sle2Docker::Cli.start(ARGV)
-
+begin
+  Sle2Docker::Cli.start(ARGV)
+rescue Sle2Docker::TemplateNotFoundError => ex
+  $stderr.printf(ex.message + "\n")
+  $stderr.printf("To list the available templates use:\n")
+  $stderr.printf("  sle2docker list\n")
+  exit(1)
+rescue StandardError => e
+  $stderr.printf(e.message + "\n")
+  exit(1)
+end

data/lib/sle2docker.rb

@@ -1,3 +1,5 @@
+require 'docker'
+require 'English'
 require 'erb'
 require 'fileutils'
 require 'io/console'
@@ -6,7 +8,6 @@ require 'thor'
 require 'tmpdir'
 
 require_relative 'sle2docker/cli'
-require_relative 'sle2docker/builder'
 require_relative 'sle2docker/exceptions'
-require_relative 'sle2docker/template'
+require_relative 'sle2docker/prebuilt_image'
 require_relative 'sle2docker/version'

data/lib/sle2docker/cli.rb

@@ -1,107 +1,47 @@
 module Sle2Docker
-
+  # Entry point of the command line interface
   class Cli < Thor
+    desc 'list', 'List available pre-built images'
+    def list
+      puts 'Available pre-built images:'
+      prebuilt_images = PrebuiltImage.list
+      if prebuilt_images.empty?
+        puts 'No pre-built image found.'
+        puts "\nPre-built images can be installed from SLE12 Update " \
+          'repository using zypper:'
+        puts '  zypper install \"sle*-docker-image\"'
+      else
+        prebuilt_images.each { |image| puts " - #{image}" }
+      end
+    end
 
-    #def initialize
-    #  @options, @template_dir = parse_options()
-    #end
+    desc 'activate IMAGE_NAME', 'Activate a pre-built image'
+    def activate(image_name)
+      ensure_can_access_dockerd
 
-    #def start
-    #  builder = Builder.new(@options)
-    #  builder.create(@template_dir)
-    #rescue ConfigNotFoundError => e
-    #  $stderr.printf(e.message + "\n")
-    #  exit(1)
-    #end
+      prebuilt_image = Sle2Docker::PrebuiltImage.new(image_name, options)
+      if prebuilt_image.activated?
+        warn 'Image has already been activated. Exiting'
+        exit(0)
+      end
 
-    desc "list", "List the available templates"
-    def list
-      puts "Available templates:"
-      Template.list.each {|template| puts "  - #{template}"}
+      prebuilt_image.activate
+      puts "#{prebuilt_image.image_id} activated"
     end
 
-    map "-v" => :version
-    desc "version", "Display version"
+    map '-v' => :version
+    desc 'version', 'Display version'
     def version
       puts Sle2Docker::VERSION
     end
 
-    desc "show TEMPLATE", "Print the rendered TEMPLATE"
-    method_option :username, :aliases => "-u", :type => :string,
-                  :default => nil,
-                  :desc => "Username required to access repositories"
-    method_option :password, :aliases => "-p", :type => :string,
-                  :default => "",
-                  :desc => "Password required to access repositories"
-    method_option :smt_host, :aliases => ["-s", "--smt-host"], :type => :string,
-                  :default => nil,
-                  :desc => "SMT machine hosting the repositories"
-    method_option :disable_https, :aliases => ["--disable-https"],
-                  :type => :boolean,
-                  :default => false,
-                  :desc => "Do not use HTTPS when accessing repositories"
-    method_option :include_build_repositories, :aliases => ["--include-build-repos"],
-                  :type => :boolean,
-                  :default => true,
-                  :desc => "Add the repositories used at build time to the Docker image"
-    def show(template_name)
-      template_dir = Template.template_dir(template_name)
-      builder = Builder.new(options)
-      template_file = builder.find_template_file(template_dir)
-      if template_file.end_with?('.erb')
-        template = builder.render_template(template_file)
-        puts "\n\n"
-        puts template
-      end
-    rescue ConfigNotFoundError => e
-      $stderr.printf(e.message + "\n")
-      exit(1)
-    rescue TemplateNotFoundError => ex
-      $stderr.printf(ex.message + "\n")
-      $stderr.printf("To list the available templates use:\n")
-      $stderr.printf("  sle2docker list\n")
-      exit(1)
-    end
+    private
 
-    desc "build TEMPLATE", "Use TEMPLATE to build a SLE Docker image"
-    method_option :username, :aliases => "-u", :type => :string,
-                  :default => nil,
-                  :desc => "Username required to access repositories"
-    method_option :password, :aliases => "-p", :type => :string,
-                  :default => "",
-                  :desc => "Password required to access repositories"
-    method_option :smt_host, :aliases => ["-s", "--smt-host"], :type => :string,
-                  :default => nil,
-                  :desc => "SMT machine hosting the repositories"
-    method_option :disable_https, :aliases => ["--disable-https"],
-                  :type => :boolean,
-                  :default => false,
-                  :desc => "Do not use HTTPS when accessing repositories"
-    method_option :http_proxy, :aliases => ["--http-proxy"],
-                  :default => ENV['http_proxy'],
-                  :desc => "HTTP proxy to use (eg: http://squid.local:3128)"
-    method_option :include_build_repositories, :aliases => ["--include-build-repos"],
-                  :type => :boolean,
-                  :default => true,
-                  :desc => "Add the repositories used at build time to the Docker image"
-    def build(template_name)
-      template_dir = Template.template_dir(template_name)
-      builder = Builder.new(options)
-      container = builder.create(template_dir)
-      puts "Container created, it can be imported by running the following command:"
-      puts "  docker import - <desired image name> < #{container}"
-      puts "\nThen the '#{File.expand_path(File.join(File.dirname(container), '..'))}' directory and all its contents can be removed."
-      puts "Note well: KIWI created some of these files while running as root user, " +
-           "hence root privileges are required to remove them."
-    rescue ConfigNotFoundError => e
-      $stderr.printf(e.message + "\n")
-      exit(1)
-    rescue TemplateNotFoundError => ex
-      $stderr.printf(ex.message + "\n")
-      $stderr.printf("To list the available templates use:\n")
-      $stderr.printf("  sle2docker list\n")
-      exit(1)
+    def ensure_can_access_dockerd
+      output = `docker info`
+      if $CHILD_STATUS.exitstatus != 0
+        raise output
+      end
     end
-
   end
 end