✨ Add redis in dockerfile

go-sigma · Jul 20, 2023 · 3aaf1d6 · 3aaf1d6
1 parent a782ce3
commit 3aaf1d6
Show file tree

Hide file tree

Showing 29 changed files with 2,776 additions and 137 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -18,7 +18,7 @@ linters-settings:
     multi-func: true
   cyclop:
     max-complexity: 30
-    package-average: 15
+    package-average: 30
     skip-tests: true
   gci:
     sections:

diff --git a/Makefile b/Makefile
@@ -20,7 +20,7 @@ RESET           := $(shell tput -Txterm sgr0)
 GOLDFLAGS       += -X github.com/go-sigma/sigma/cmd.version=$(shell git describe --tags --dirty --always)
 GOLDFLAGS       += -X github.com/go-sigma/sigma/cmd.buildDate=$(shell date -u '+%Y-%m-%dT%H:%M:%SZ')
 GOLDFLAGS       += -X github.com/go-sigma/sigma/cmd.gitHash=$(shell git rev-parse --short HEAD)
-GOFLAGS          = -ldflags '-extldflags "-static" -s -w $(GOLDFLAGS)'
+GOFLAGS          = -ldflags '-s -w $(GOLDFLAGS)'
 
 .PHONY: all test build vendor
 
@@ -29,14 +29,14 @@ all: build
 ## Build:
 build: ## Build your project and put the output binary in ./bin
 	@$(GOCMD) mod download
-	@CGO_ENABLED=0 GO111MODULE=on $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
+	@CGO_ENABLED=1 GO111MODULE=on $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
 
 build-release: ## Build your project for release and put the output binary in ./bin
 	@$(GOCMD) mod download
-	@CGO_ENABLED=0 GO111MODULE=on $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
+	@CGO_ENABLED=1 GO111MODULE=on $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
 
 build-linux: ## Build your project for linux and put the output binary in ./bin
-	@CGO_ENABLED=0 GO111MODULE=on GOOS=linux $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
+	@CGO_ENABLED=1 GO111MODULE=on GOOS=linux $(GOCMD) build $(GOFLAGS) -tags timetzdata -o bin/$(BINARY_NAME) -v .
 
 clean: ## Remove build related file
 	rm -fr ./bin

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -15,8 +15,7 @@ RUN set -eux && yarn install --frozen-lockfile && yarn build
 FROM alpine:${ALPINE_VERSION} as syft
 
 ARG SYFT_VERSION=0.84.1
-
-ARG TARGETARCH
+ARG TARGETARCH=amd64
 
 RUN set -eux && \
   sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories && \
@@ -30,8 +29,7 @@ FROM alpine:${ALPINE_VERSION} as trivy
 
 ARG TRIVY_VERSION=0.43.1
 ARG ORAS_VERSION=1.0.0
-
-ARG TARGETARCH
+ARG TARGETARCH=amd64
 
 RUN set -eux && \
   sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories && \
@@ -73,6 +71,10 @@ COPY --from=syft /usr/local/bin/syft /usr/local/bin/syft
 COPY --from=trivy /usr/local/bin/trivy /usr/local/bin/trivy
 COPY --from=trivy /opt/trivy/trivy.db /opt/trivy/db/trivy.db
 COPY ./conf/config.yaml /etc/sigma/config.yaml
+COPY ./build/entrypoint.sh /entrypoint.sh
+COPY ./conf/redis.conf /etc/sigma/redis.conf
 COPY --from=builder /go/src/github.com/go-sigma/sigma/bin/sigma /usr/local/bin/sigma
 
-ENTRYPOINT ["/usr/local/bin/sigma"]
+ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["sigma", "server"]
diff --git a/build/entrypoint.sh b/build/entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+if [ "$(yq ".redis.type" < /etc/sigma/config.yaml)" = "internal"  ]; then
+  if [ ! -d /var/lib/sigma/redis/ ]; then
+    mkdir -p /var/lib/sigma/redis/
+  fi
+  redis-server /etc/sigma/redis.conf
+  until nc -zv 127.0.0.1 6379; do echo waiting for redis; sleep 2; done
+fi
+
+exec "$@"
diff --git a/build/local.Dockerfile b/build/local.Dockerfile
@@ -3,8 +3,7 @@ ARG ALPINE_VERSION=3.18
 FROM alpine:${ALPINE_VERSION} as syft
 
 ARG SYFT_VERSION=0.84.1
-
-ARG TARGETARCH
+ARG TARGETARCH=amd64
 
 RUN set -eux && \
   sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories && \
@@ -18,8 +17,7 @@ FROM alpine:${ALPINE_VERSION} as trivy
 
 ARG TRIVY_VERSION=0.43.1
 ARG ORAS_VERSION=1.0.0
-
-ARG TARGETARCH
+ARG TARGETARCH=amd64
 
 RUN set -eux && \
   sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories && \
@@ -45,11 +43,19 @@ RUN set -eux && \
 
 FROM alpine:${ALPINE_VERSION}
 
+RUN set -eux && \
+  sed -i "s/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g" /etc/apk/repositories && \
+  apk add --no-cache redis yq
+
 COPY --from=syft /usr/local/bin/syft /usr/local/bin/syft
 COPY --from=trivy /usr/local/bin/trivy /usr/local/bin/trivy
 COPY --from=trivy /opt/trivy/trivy.db /opt/trivy/db/trivy.db
 COPY --from=trivy /opt/trivy/metadata.json /opt/trivy/db/metadata.json
+COPY ./conf/redis.conf /etc/sigma/redis.conf
 COPY ./conf/config.yaml /etc/sigma/config.yaml
+COPY ./build/entrypoint.sh /entrypoint.sh
 COPY ./bin/sigma /usr/local/bin/sigma
 
-ENTRYPOINT ["/usr/local/bin/sigma"]
+ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["sigma", "server"]
diff --git a/conf/config.yaml b/conf/config.yaml
@@ -3,7 +3,7 @@ log:
   proxyLevel: info
 database:
   # The database type to use. Supported types are: sqlite3, mysql, postgresql
-  type: mysql
+  type: sqlite3
   sqlite3:
     path: sigma.db
   mysql:
@@ -19,8 +19,28 @@ database:
     password: ximager
     dbname: ximager
     sslmode: disable
+
+# deploy avaliable: single, replica
+# replica should use external redis
+deploy: single
+
 redis:
-  url: redis://:ximager@localhost:6379/0
+  # redis type avaliable: internal, external
+  type: internal
+  url: redis://:sigma@localhost:6379/0
+
+cache:
+  # the cache type avaliable is: redis
+  type: redis
+  # please attation in multi
+  inmemory: {}
+  redis: {}
+
+workqueue:
+  # the workqueue type avaliable: redis
+  type: redis
+  redis: {}
+
 http:
   # endpoint can be a domain or domain with port, eg: http://sigma.test.io, https://sigma.test.io:30080, http://127.0.0.1:3000
   # this endpoint will be used to generate the token service url in auth middleware,
@@ -40,9 +60,9 @@ http:
     key: ./conf/sigma.test.io.key
 storage:
   rootdirectory: ./storage
-  type: s3
+  type: filesystem
   filesystem:
-    path: /
+    path: /var/lib/sigma/oci/
   s3:
     ak: ximager
     sk: ximager-ximager