diff --git a/12.6/Dockerfile b/12.6/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..24244bfe27113b4e357babc21b35117340f67377 --- /dev/null +++ b/12.6/Dockerfile @@ -0,0 +1,38 @@ +ARG BASE_REGISTRY=registry.access.redhat.com +ARG BASE_IMAGE=ubi8/ubi +ARG BASE_TAG=8.0 + +ARG GITLAB_VERSION=v12.6.1-ubi8 + +ARG UBI_IMAGE=${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG} +ARG RAILS_IMAGE=registry.access.redhat.com/gitlab/gitlab/gitlab-rails:12.6 + +FROM ${RAILS_IMAGE} + +ARG GITLAB_VERSION +ARG GITLAB_USER=git + +LABEL source="https://github.com/mperham/sidekiq" \ + name="GitLab Sidekiq" \ + maintainer="GitLab Distribution Team" \ + vendor="GitLab" \ + version=${GITLAB_VERSION} \ + release=${GITLAB_VERSION} \ + summary="Geo Log Cursor daemon." \ + description="Geo Log Cursor daemon." + +ENV SIDEKIQ_CONCURRENCY=25 +ENV SIDEKIQ_TIMEOUT=4 + +COPY scripts/ /scripts/ + +RUN dnf clean all \ + && rm -r /var/cache/dnf \ + && dnf --disableplugin=subscription-manager --nogpgcheck install -yb --nodocs procps openssh-clients \ + && chown -R ${GITLAB_USER}:${GITLAB_USER} /scripts + +USER ${GITLAB_USER}:${GITLAB_USER} + +CMD /scripts/process-wrapper + +HEALTHCHECK --interval=30s --timeout=30s --retries=5 CMD /scripts/healthcheck diff --git a/12.6/LICENSE b/12.6/LICENSE new file mode 100644 index 0000000000000000000000000000000000000000..5285f420ff222526f9afa7acf507362367132f9c --- /dev/null +++ b/12.6/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2017 + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/12.6/README.md b/12.6/README.md new file mode 100644 index 0000000000000000000000000000000000000000..9eb45e8548b2107c724eaf9bcc6c6f23be21686e --- /dev/null +++ b/12.6/README.md @@ -0,0 +1,40 @@ +# gitlab-sidekiq-container + +Sidekiq async task processor. + +## GitLab 12.6.0 release + +The hardened containers for GitLab 12.6 require the gitlab 12.6 blob to be available for download. + +There are some included scripts to make this easier for user building images offline on their machine. + + +## Building + +1. Switch to the 12.6 directory +2. Run `./build-scripts/build.sh` + * Runs docker build, and takes care of setting the appropriate build args for users running locally + +`build-script/build.sh` is provided as an example and helpful for building locally. You can also instead call docker build and pass build-args directly. + +## Build Phases + +Some of the GitLab containers are build ontop of previous containers, building the containers in ordered phases is necessary to build all containers. + +- Phase One + * kubectl + * gitlab-ruby + * gitlab-container-registry +- Phase Two + * git-base + * gitlab-exporter + * gitlab-mailroom + * gitlab-shell + * gitlab-rails + * gitlab-workhorse +- Phase 3 + * gitaly +- Phase 4 + * gitlab-sidekiq + * gitlab-task-runner + * gitlab-unicorn diff --git a/12.6/build-scripts/build.sh b/12.6/build-scripts/build.sh new file mode 100755 index 0000000000000000000000000000000000000000..c3d219e135c9aa3dc5bfa38d08677b2b4ac0a688 --- /dev/null +++ b/12.6/build-scripts/build.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +# NOTICE: This script requires `docker`. + +set -euxo pipefail + +TAG=${1:-12.6} +REPOSITORY=${2:-} +NEXUS_SERVER=${NEXUS_SERVER:-} +PACKAGE_URL=${PACKAGE_URL:-} +DOCKER_OPTS=${DOCKER_OPTS:-""} + +imageName() { + printf "${REPOSITORY}${1}:${TAG}" +} + +buildImage() { + IMAGE="${1}" + CONTEXT="${IMAGE%*-ee}" + { + docker build \ + -t "$(imageName ${IMAGE})" . \ + ${DOCKER_OPTS:-} | tee ${CONTEXT}.out + } || { + echo "${CONTEXT}" >> failed.log + } +} + +# Cleanup log outputs from previous build +rm -f *.out failed.log + +if [ $NEXUS_SERVER ]; then + DOCKER_OPTS="$DOCKER_OPTS --build-arg NEXUS_SERVER=${NEXUS_SERVER}" +fi + +if [ $PACKAGE_URL ]; then + DOCKER_OPTS="$DOCKER_OPTS --build-arg PACKAGE_URL=${PACKAGE_URL}" +fi + +DOCKER_OPTS="$DOCKER_OPTS --build-arg RAILS_IMAGE=$(imageName gitlab-rails)" +buildImage gitlab-sidekiq diff --git a/12.6/build-scripts/cleanup.sh b/12.6/build-scripts/cleanup.sh new file mode 100755 index 0000000000000000000000000000000000000000..ad291f98ba8b4db3c80d564f753a1288550c8f10 --- /dev/null +++ b/12.6/build-scripts/cleanup.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +set -euxo pipefail + +rm -f *.tar.gz *.out failed.log diff --git a/12.6/scripts/healthcheck b/12.6/scripts/healthcheck new file mode 100755 index 0000000000000000000000000000000000000000..da03bbc9ba0986816d22b2e29d66fa2bada0b2fa --- /dev/null +++ b/12.6/scripts/healthcheck @@ -0,0 +1,5 @@ +#!/bin/bash + +set -e + +/usr/bin/pgrep -f sidekiq diff --git a/12.6/scripts/process-wrapper b/12.6/scripts/process-wrapper new file mode 100755 index 0000000000000000000000000000000000000000..b58a98bcdbce7d7b6b6b5856d9a3e73fdeb29acb --- /dev/null +++ b/12.6/scripts/process-wrapper @@ -0,0 +1,18 @@ +#!/bin/bash + +set -e + +echo "Starting Sidekiq" +/srv/gitlab/bin/bundle exec sidekiq \ + -r /srv/gitlab \ + -e production \ + -c $SIDEKIQ_CONCURRENCY \ + -t $SIDEKIQ_TIMEOUT \ + -C /srv/gitlab/config/sidekiq_queues.yml & + +# touch logs that would be generated by Jobs +touch /var/log/gitlab/repocheck.log + +tail -f /var/log/gitlab/* + +wait