Adding docker image and release scripts #123
Conversation
Dockerfile
Outdated
| @@ -0,0 +1,46 @@ | |||
| FROM alpine:3.4 | |||
| MAINTAINER Anubhav Mishra <anubhav.mishra@hootsuite.com> | |||
There was a problem hiding this comment.
Also MAINTAINER is deprecated now, use LABEL maintainer="SvenDowideit@home.org.au" instead (see https://docs.docker.com/engine/reference/builder/#maintainer-deprecated)
Dockerfile
Outdated
| @@ -0,0 +1,46 @@ | |||
| FROM alpine:3.4 | |||
There was a problem hiding this comment.
someone else mentioned this (can't find where) but you should use 3.6 since it's the latest
Dockerfile
Outdated
| FROM alpine:3.4 | ||
| MAINTAINER Anubhav Mishra <anubhav.mishra@hootsuite.com> | ||
|
|
||
| ENV DOCKER_BASE_VERSION=0.0.4 |
There was a problem hiding this comment.
can you add the comment from here: https://github.com/hashicorp/docker-consul/blob/master/0.X/Dockerfile#L8 otherwise unclear what this is for
docker-entrypoint.sh
Outdated
| fi | ||
|
|
||
| # Look for atlantis subcommands. | ||
| if [ "$1" = '--version' ]; then |
There was a problem hiding this comment.
we don't have a --version flag
Dockerfile
Outdated
| gpg --batch --verify docker-base_${DOCKER_BASE_VERSION}_SHA256SUMS.sig docker-base_${DOCKER_BASE_VERSION}_SHA256SUMS && \ | ||
| grep ${DOCKER_BASE_VERSION}_linux_amd64.zip docker-base_${DOCKER_BASE_VERSION}_SHA256SUMS | sha256sum -c && \ | ||
| unzip docker-base_${DOCKER_BASE_VERSION}_linux_amd64.zip && \ | ||
| cp bin/gosu bin/dumb-init /bin && \ |
There was a problem hiding this comment.
is this all just to get gosu and dumb-init? Why not install directly
https://github.com/Yelp/dumb-init#option-3-downloading-the-binary-directly
https://github.com/tianon/gosu#installation
| COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh | ||
|
|
||
| ENTRYPOINT ["docker-entrypoint.sh"] | ||
| CMD ["server"] |
There was a problem hiding this comment.
just curious how big is the container in the end?
docker-entrypoint.sh
Outdated
| # We can't use the return code to check for the existence of a subcommand, so | ||
| # we have to use grep to look for a pattern in the help output. | ||
| set -- atlantis "$@" | ||
| fi |
There was a problem hiding this comment.
can you check if we need all this?
|
Finally got it working with CircleCI version 2! Mark spend a day on this, now I know why. :( |
| command: make end-to-end-deps | ||
| - run: | ||
| name: Starting atlantis server in the background | ||
| command: cd "${CIRCLE_WORKING_DIRECTORY}/e2e" && ./atlantis server --gh-user="$GITHUB_USERNAME" --gh-token="$GITHUB_PASSWORD" --data-dir="/tmp" --log-level="debug" &> /tmp/atlantis-server.log |
There was a problem hiding this comment.
should we add the webhook-secret as well?
| # https://discuss.circleci.com/t/git-tag-deploys-in-2-0/9493/6 | ||
| command: | | ||
| if [ "${CIRCLE_BRANCH}" == "master" ]; then | ||
| for TAG in $(git tag --contains $CIRCLE_SHA1); do |
There was a problem hiding this comment.
so this checks if there's a tag for this commit and if so pushes a new docker image? Doesn't this build run on master so how will there be a tag at the time that this build runs?
There was a problem hiding this comment.
yea, so CircleCI doesn't have support for tagged events from Github. So we will merge something to master, create a tag and then rebuild on master to push the docker image.
| @@ -258,6 +258,44 @@ $ atlantis server --atlantis-url $URL --gh-user $USERNAME --gh-token $TOKEN --gh | |||
| Atlantis is now running! | |||
| **We recommend running it under something like Systemd or Supervisord.** | |||
|
|
|||
| ### Docker | |||
There was a problem hiding this comment.
add to the outline at the top
README.md
Outdated
| @@ -258,6 +258,44 @@ $ atlantis server --atlantis-url $URL --gh-user $USERNAME --gh-token $TOKEN --gh | |||
| Atlantis is now running! | |||
| **We recommend running it under something like Systemd or Supervisord.** | |||
|
|
|||
| ### Docker | |||
| Atlantis also ships inside a docker image along side Terraform binaries. Run the docker image: | |||
There was a problem hiding this comment.
maybe instead of "along side Ter.." say "Atlantis also ships inside a Docker image with Terraform versions 0.8.8, 0.9.11 and 0.10.0"? Probably better to be clear about what's in the Docker image so people don't have to look at the Dockerfile
README.md
Outdated
| # copy aws credentials | ||
| COPY credentials /home/atlantis/.aws/credentials | ||
|
|
||
| ENTRYPOINT ["docker-entrypoint.sh"] |
There was a problem hiding this comment.
do we need to redefine the ENTRYPOINT and CMD?
There was a problem hiding this comment.
just tested it, we don't need to redefine them, they're inherited.
README.md
Outdated
| * Build docker image | ||
|
|
||
| ```bash | ||
| docker build -t hootsuite/atlantis-custom -f Dockerfile-custom |
There was a problem hiding this comment.
probably wouldn't make sense for them to name it hootsuite/atlantis-custom since they don't be able to push to our Docker registry. Maybe just say docker build -t {your-docker-org}/atlantis-custom?
README.md
Outdated
| * Run docker image | ||
|
|
||
| ```bash | ||
| docker run -it hootsuite/atlantis-custom server --gh-user=GITHUB_USERNAME --gh-token=GITHUB_TOKEN |
There was a problem hiding this comment.
they don't need to run -it do they?
scripts/e2e-deps.sh
Outdated
|
|
||
| # cd into e2e folder | ||
| cd e2e/ | ||
| # Decrypting secrets for atlantis runtime: https://github.com/circleci/encrypted-files | ||
| openssl aes-256-cbc -d -in secrets-envs -k $KEY >> ~/.circlerc | ||
| # openssl aes-256-cbc -d -in secrets-envs -k $KEY >> ~/.circlerc |
There was a problem hiding this comment.
don't need this anymore? can we delete it?
|
Cool! wouldn't it be necessary to use a filter for the ngrok query (based on the protocol) Like I did here: https://github.com/honestbee/atlantis/commit/f76eb19e62f2f42aa7441a0c2e6bf235cf9a363b#diff-fd8635a5248b5832a7faf06a8e572e17R12 |
Fixes: #105