From de5fdaafad9fccba0b9a7f308d72f26816dd1a0f Mon Sep 17 00:00:00 2001 From: vrvarma Date: Tue, 3 Mar 2020 22:22:28 -0500 Subject: Adding the generic solver code Add docker file for optim engine Run pods as a non-root user Fix docker tag script Change-Id: If25fe66b839a70e83e35292031a2da012e81fe47 Signed-off-by: vrvarma Issue-ID: OPTFRA-712 --- docker/Dockerfile | 69 ---------------------- docker/assembly/osdf-files.xml | 66 --------------------- docker/build_image.sh | 105 ---------------------------------- docker/opteng/Dockerfile | 74 ++++++++++++++++++++++++ docker/opteng/assembly/osdf-files.xml | 55 ++++++++++++++++++ docker/osdf/Dockerfile | 76 ++++++++++++++++++++++++ docker/osdf/assembly/osdf-files.xml | 66 +++++++++++++++++++++ docker/osdf/build_image.sh | 105 ++++++++++++++++++++++++++++++++++ 8 files changed, 376 insertions(+), 240 deletions(-) delete mode 100644 docker/Dockerfile delete mode 100644 docker/assembly/osdf-files.xml delete mode 100755 docker/build_image.sh create mode 100644 docker/opteng/Dockerfile create mode 100644 docker/opteng/assembly/osdf-files.xml create mode 100644 docker/osdf/Dockerfile create mode 100644 docker/osdf/assembly/osdf-files.xml create mode 100755 docker/osdf/build_image.sh (limited to 'docker') diff --git a/docker/Dockerfile b/docker/Dockerfile deleted file mode 100644 index e339ea7..0000000 --- a/docker/Dockerfile +++ /dev/null @@ -1,69 +0,0 @@ -# -# ------------------------------------------------------------------------- -# Copyright (c) 2018 AT&T Intellectual Property -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# ------------------------------------------------------------------------- -# - -FROM ubuntu:16.04 - -ARG MVN_ARTIFACT_VERSION -ARG REPO -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY - -ENV OSDF_PORT "8699" -EXPOSE ${OSDF_PORT} - -ENV MZN 2.4.2 -ENV MZN_BASENAME MiniZincIDE-${MZN}-bundle-linux -ENV MZN_GH_BASE https://github.com/MiniZinc/MiniZincIDE -ENV MZN_DL_URL ${MZN_GH_BASE}/releases/download/${MZN}/${MZN_BASENAME}-x86_64.tgz - -RUN apt-get update -y \ - && apt-get install -y vim unzip wget libmpfr-dev \ - && apt-get install -y git libqt5printsupport5 build-essential \ - && apt-get install -y python3 python3-setuptools python3-dev \ - && easy_install3 pip \ - && pip install --upgrade virtualenv pip wheel setuptools - -RUN ln -s /usr/bin/python3.5 /usr/bin/python - -# Minizinc -RUN wget -q $MZN_DL_URL -O /tmp/mz.tgz \ - && tar xzf /tmp/mz.tgz \ - && mv $MZN_BASENAME /mz-dist \ - && rm /tmp/mz.tgz \ - && echo PATH=/mz-dist/bin:$PATH >> ~/.bashrc - -ENV SHELL /bin/bash -ENV PATH /mz-dist:$PATH - -# OSDF -WORKDIR /opt/osdf -#RUN wget -O /opt/osdf.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=releases&g=org.onap.optf.osdf&a=optf-osdf&e=zip&v=1.3.4" && \ -# unzip -q -o -B /opt/osdf.zip -d /opt/ && \ -# rm -f /opt/osdf.zip - -COPY onap-osdf-tm/optf-osdf-${MVN_ARTIFACT_VERSION}.zip /tmp/optf-osdf.zip -COPY onap-osdf-tm/apps /opt/osdf/apps -RUN unzip -q -o -B /tmp/optf-osdf.zip -d /opt/ && rm -f /tmp/optf-osdf.zip -RUN mkdir -p /var/log/onap/optf/osdf/ -RUN pip install --no-cache-dir -r requirements.txt - -CMD [ "/opt/osdf/osdfapp.sh" ] diff --git a/docker/assembly/osdf-files.xml b/docker/assembly/osdf-files.xml deleted file mode 100644 index fc8a864..0000000 --- a/docker/assembly/osdf-files.xml +++ /dev/null @@ -1,66 +0,0 @@ - - - - - - osdf-files - - - tar.gz - - false - - - - - - ${project.build.finalName}.zip - - ${project.build.directory} - / - - - - apps/** - - - **/*.pyc - **/__pycache__/** - - / - - - - diff --git a/docker/build_image.sh b/docker/build_image.sh deleted file mode 100755 index 3d9d823..0000000 --- a/docker/build_image.sh +++ /dev/null @@ -1,105 +0,0 @@ -#!/bin/bash - -# The script starts in the root folder of the repo, which has the following outline -# We fetch the version information from version.properties, build docker files and -# do a docker push. Since the job will be run under Jenkins, it will have the Nexus -# credentials -# -# ├── docker -# │   ├── Dockerfile -# │   └── build_image.sh <--- THIS SCRIPT is here -# ├── docs -# ├── osdf -# ├── pom.xml -# ├── test -# └── version.properties <--- Version information here - -set -e - -# Folder settings -DOCKER_REPOSITORY=nexus3.onap.org:10003 -ORG=onap -PROJECT=optf-osdf -IMAGE_NAME=$DOCKER_REPOSITORY/$ORG/$PROJECT - -# Version properties -source version.properties -VERSION=$release_version -SNAPSHOT=$snapshot_version -STAGING=${release_version}-STAGING -TIMESTAMP=$(date +"%Y%m%dT%H%M%S")Z -REPO="" - -BUILD_ARGS="--no-cache" -if [ $HTTP_PROXY ]; then - BUILD_ARGS+=" --build-arg HTTP_PROXY=${HTTP_PROXY}" -fi -if [ $HTTPS_PROXY ]; then - BUILD_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" -fi - -function log_ts() { # Log message with timestamp - echo [DEBUG LOG at $(date -u +%Y%m%d:%H%M%S)] "$@" -} - -function get_artifact_version() { - log_ts Get Maven Artifact version from pom.xml - MVN_ARTIFACT_VERSION=`echo -e "setns x=http://maven.apache.org/POM/4.0.0 \n xpath /x:project/x:version/text() "| xmllint --shell pom.xml | grep content | sed 's/.*content=//'` - log_ts Maven artifact version for OSDF is $MVN_ARTIFACT_VERSION - if [[ "$MVN_ARTIFACT_VERSION" =~ SNAPSHOT ]]; then - log_ts "REPO is snapshots"; - REPO=snapshots - else - log_ts "REPO is releases"; - REPO=releases - fi - BUILD_ARGS+=" --build-arg REPO=${REPO}" - BUILD_ARGS+=" --build-arg MVN_ARTIFACT_VERSION=${MVN_ARTIFACT_VERSION}" -} - -function build_image() { - log_ts Building Image in folder: $PWD with build arguments ${BUILD_ARGS} - docker build ${BUILD_ARGS} -t ${IMAGE_NAME}:latest . - log_ts ... Built -} - -function push_image() { - if [[ "$REPO" == snapshots ]]; then - push_snapshot_image - else - push_staging_image - fi -} - - -function push_snapshot_image(){ - log_ts Tagging images: ${IMAGE_NAME}:\{${SNAPSHOT}-${TIMESTAMP},${SNAPSHOT}-latest\} - docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${SNAPSHOT}-${TIMESTAMP} - docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${SNAPSHOT}-latest - log_ts ... Tagged images - - log_ts Pushing images: ${IMAGE_NAME}:\{${SNAPSHOT}-${TIMESTAMP},${SNAPSHOT}-latest\} - docker push ${IMAGE_NAME}:${SNAPSHOT}-${TIMESTAMP} - docker push ${IMAGE_NAME}:${SNAPSHOT}-latest - log_ts ... Pushed images -} - -function push_staging_image(){ - log_ts Tagging images: ${IMAGE_NAME}:\{${STAGING}-${TIMESTAMP},${STAGING}-latest\} - docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${STAGING}-${TIMESTAMP} - docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${STAGING}-latest - log_ts ... Tagged images - - log_ts Pushing images: ${IMAGE_NAME}:\{${STAGING}-${TIMESTAMP},${STAGING}-latest\} - docker push ${IMAGE_NAME}:${STAGING}-${TIMESTAMP} - docker push ${IMAGE_NAME}:${STAGING}-latest - log_ts ... Pushed images -} - -( - get_artifact_version - # Switch to docker build directory - cd $(dirname $0) - build_image - push_image -) diff --git a/docker/opteng/Dockerfile b/docker/opteng/Dockerfile new file mode 100644 index 0000000..9dca3e7 --- /dev/null +++ b/docker/opteng/Dockerfile @@ -0,0 +1,74 @@ +# +# ------------------------------------------------------------------------- +# Copyright (c) 2020 AT&T Intellectual Property +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ------------------------------------------------------------------------- +# + +FROM python:3.8-alpine + +ARG MVN_ARTIFACT_VERSION +ARG REPO +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY + +ENV OSDF_PORT "8699" +EXPOSE ${OSDF_PORT} + +ENV MZN 2.4.2 +ENV MZN_BASENAME MiniZincIDE-${MZN}-bundle-linux +ENV MZN_GH_BASE https://github.com/MiniZinc/MiniZincIDE +ENV MZN_DL_URL ${MZN_GH_BASE}/releases/download/${MZN}/${MZN_BASENAME}-x86_64.tgz + +RUN apk update && apk upgrade \ + && apk --no-cache --update add --virtual build-deps openssl wget \ + && apk --no-cache --update add less ca-certificates bash libxslt-dev unzip \ + freetype freetype-dev libstdc++ build-base libc6-compat \ + && ln -s /lib/libc.musl-x86_64.so.1 /lib/ld-linux-x86-64.so.2 + +# Minizinc +RUN wget -q $MZN_DL_URL -O mz.tgz \ + && tar xzf mz.tgz \ + && mv $MZN_BASENAME /mz-dist \ + && rm mz.tgz \ + && echo PATH=/mz-dist/bin:$PATH >> ~/.bashrc + +ENV SHELL /bin/bash +ENV PATH /mz-dist:$PATH + +RUN addgroup -S onap && adduser -S -G onap onap + +# OSDF +WORKDIR /opt/osdf +#RUN wget -O /opt/osdf.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=releases&g=org.onap.optf.osdf&a=optf-osdf&e=zip&v=1.3.4" && \ +# unzip -q -o -B /opt/osdf.zip -d /opt/ && \ +# rm -f /opt/osdf.zip + +COPY onap-osdf-tm/optf-osdf-${MVN_ARTIFACT_VERSION}.zip /tmp/optf-osdf.zip +COPY onap-osdf-tm/runtime /opt/osdf/runtime +COPY onap-osdf-tm/requirements-opteng.txt . +RUN unzip -q -o -B /tmp/optf-osdf.zip -d /opt/ && rm -f /tmp/optf-osdf.zip +RUN mkdir -p /var/log/onap/optf/osdf/ \ + && chown onap:onap /var/log/onap -R \ + && chown onap:onap /opt/osdf -R + +RUN pip install --no-cache-dir -r requirements.txt -r requirements-opteng.txt + +USER onap + +CMD [ "/opt/osdf/osdfapp.sh", "-x", "solverapp.py", "-c", "/opt/osdf/config/opteng_config.yaml" ] diff --git a/docker/opteng/assembly/osdf-files.xml b/docker/opteng/assembly/osdf-files.xml new file mode 100644 index 0000000..60dd6cc --- /dev/null +++ b/docker/opteng/assembly/osdf-files.xml @@ -0,0 +1,55 @@ + + + osdf-files + + + tar.gz + + false + + + + + + ${project.build.finalName}.zip + + ${project.build.directory} + / + + + + runtime/** + + + **/*.pyc + **/__pycache__/** + + / + + + + requirements-opteng.txt + + / + + + + diff --git a/docker/osdf/Dockerfile b/docker/osdf/Dockerfile new file mode 100644 index 0000000..5860df2 --- /dev/null +++ b/docker/osdf/Dockerfile @@ -0,0 +1,76 @@ +# +# ------------------------------------------------------------------------- +# Copyright (c) 2018 AT&T Intellectual Property +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ------------------------------------------------------------------------- +# + +FROM ubuntu:16.04 + +ARG MVN_ARTIFACT_VERSION +ARG REPO +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY + +ENV OSDF_PORT "8699" +EXPOSE ${OSDF_PORT} + +ENV MZN 2.4.2 +ENV MZN_BASENAME MiniZincIDE-${MZN}-bundle-linux +ENV MZN_GH_BASE https://github.com/MiniZinc/MiniZincIDE +ENV MZN_DL_URL ${MZN_GH_BASE}/releases/download/${MZN}/${MZN_BASENAME}-x86_64.tgz + +RUN apt-get update -y \ + && apt-get install -y vim unzip wget libmpfr-dev \ + && apt-get install -y git libqt5printsupport5 build-essential \ + && apt-get install -y python3 python3-setuptools python3-dev \ + && easy_install3 pip \ + && pip install --upgrade virtualenv pip wheel setuptools + +RUN ln -s /usr/bin/python3.5 /usr/bin/python + +# Minizinc +RUN wget -q $MZN_DL_URL -O /tmp/mz.tgz \ + && tar xzf /tmp/mz.tgz \ + && mv $MZN_BASENAME /mz-dist \ + && rm /tmp/mz.tgz \ + && echo PATH=/mz-dist/bin:$PATH >> ~/.bashrc + +ENV SHELL /bin/bash +ENV PATH /mz-dist:$PATH + +# OSDF +WORKDIR /opt/osdf +#RUN wget -O /opt/osdf.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=releases&g=org.onap.optf.osdf&a=optf-osdf&e=zip&v=1.3.4" && \ +# unzip -q -o -B /opt/osdf.zip -d /opt/ && \ +# rm -f /opt/osdf.zip +RUN groupadd onap \ + && useradd -m -g onap onap + +COPY onap-osdf-tm/optf-osdf-${MVN_ARTIFACT_VERSION}.zip /tmp/optf-osdf.zip +COPY onap-osdf-tm/apps /opt/osdf/apps +RUN unzip -q -o -B /tmp/optf-osdf.zip -d /opt/ && rm -f /tmp/optf-osdf.zip +RUN mkdir -p /var/log/onap/optf/osdf/ \ + && chown -R onap:onap /var/log/onap \ + && chown -R onap:onap /opt/osdf + +RUN pip install --no-cache-dir -r requirements.txt + +USER onap + +CMD [ "/opt/osdf/osdfapp.sh", "-x", "osdfapp.py" ] diff --git a/docker/osdf/assembly/osdf-files.xml b/docker/osdf/assembly/osdf-files.xml new file mode 100644 index 0000000..fc8a864 --- /dev/null +++ b/docker/osdf/assembly/osdf-files.xml @@ -0,0 +1,66 @@ + + + + + + osdf-files + + + tar.gz + + false + + + + + + ${project.build.finalName}.zip + + ${project.build.directory} + / + + + + apps/** + + + **/*.pyc + **/__pycache__/** + + / + + + + diff --git a/docker/osdf/build_image.sh b/docker/osdf/build_image.sh new file mode 100755 index 0000000..3d9d823 --- /dev/null +++ b/docker/osdf/build_image.sh @@ -0,0 +1,105 @@ +#!/bin/bash + +# The script starts in the root folder of the repo, which has the following outline +# We fetch the version information from version.properties, build docker files and +# do a docker push. Since the job will be run under Jenkins, it will have the Nexus +# credentials +# +# ├── docker +# │   ├── Dockerfile +# │   └── build_image.sh <--- THIS SCRIPT is here +# ├── docs +# ├── osdf +# ├── pom.xml +# ├── test +# └── version.properties <--- Version information here + +set -e + +# Folder settings +DOCKER_REPOSITORY=nexus3.onap.org:10003 +ORG=onap +PROJECT=optf-osdf +IMAGE_NAME=$DOCKER_REPOSITORY/$ORG/$PROJECT + +# Version properties +source version.properties +VERSION=$release_version +SNAPSHOT=$snapshot_version +STAGING=${release_version}-STAGING +TIMESTAMP=$(date +"%Y%m%dT%H%M%S")Z +REPO="" + +BUILD_ARGS="--no-cache" +if [ $HTTP_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTP_PROXY=${HTTP_PROXY}" +fi +if [ $HTTPS_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" +fi + +function log_ts() { # Log message with timestamp + echo [DEBUG LOG at $(date -u +%Y%m%d:%H%M%S)] "$@" +} + +function get_artifact_version() { + log_ts Get Maven Artifact version from pom.xml + MVN_ARTIFACT_VERSION=`echo -e "setns x=http://maven.apache.org/POM/4.0.0 \n xpath /x:project/x:version/text() "| xmllint --shell pom.xml | grep content | sed 's/.*content=//'` + log_ts Maven artifact version for OSDF is $MVN_ARTIFACT_VERSION + if [[ "$MVN_ARTIFACT_VERSION" =~ SNAPSHOT ]]; then + log_ts "REPO is snapshots"; + REPO=snapshots + else + log_ts "REPO is releases"; + REPO=releases + fi + BUILD_ARGS+=" --build-arg REPO=${REPO}" + BUILD_ARGS+=" --build-arg MVN_ARTIFACT_VERSION=${MVN_ARTIFACT_VERSION}" +} + +function build_image() { + log_ts Building Image in folder: $PWD with build arguments ${BUILD_ARGS} + docker build ${BUILD_ARGS} -t ${IMAGE_NAME}:latest . + log_ts ... Built +} + +function push_image() { + if [[ "$REPO" == snapshots ]]; then + push_snapshot_image + else + push_staging_image + fi +} + + +function push_snapshot_image(){ + log_ts Tagging images: ${IMAGE_NAME}:\{${SNAPSHOT}-${TIMESTAMP},${SNAPSHOT}-latest\} + docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${SNAPSHOT}-${TIMESTAMP} + docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${SNAPSHOT}-latest + log_ts ... Tagged images + + log_ts Pushing images: ${IMAGE_NAME}:\{${SNAPSHOT}-${TIMESTAMP},${SNAPSHOT}-latest\} + docker push ${IMAGE_NAME}:${SNAPSHOT}-${TIMESTAMP} + docker push ${IMAGE_NAME}:${SNAPSHOT}-latest + log_ts ... Pushed images +} + +function push_staging_image(){ + log_ts Tagging images: ${IMAGE_NAME}:\{${STAGING}-${TIMESTAMP},${STAGING}-latest\} + docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${STAGING}-${TIMESTAMP} + docker tag ${IMAGE_NAME}:latest ${IMAGE_NAME}:${STAGING}-latest + log_ts ... Tagged images + + log_ts Pushing images: ${IMAGE_NAME}:\{${STAGING}-${TIMESTAMP},${STAGING}-latest\} + docker push ${IMAGE_NAME}:${STAGING}-${TIMESTAMP} + docker push ${IMAGE_NAME}:${STAGING}-latest + log_ts ... Pushed images +} + +( + get_artifact_version + # Switch to docker build directory + cd $(dirname $0) + build_image + push_image +) -- cgit 1.2.3-korg