Skip to content

Commit

Permalink
Cloud mta build tool docker images (SAP#997)
Browse files Browse the repository at this point in the history 
* new file:   Dockerfile_mbtci_java11
	new file:   Dockerfile_mbtci_java17
	new file:   Dockerfile_mbtci_java8
	new file:   docker-compose.test.yml
	new file:   scripts/build_image
	new file:   scripts/publish_image
	new file:   test/goss/README.MD
	new file:   test/goss/goss_template.yaml

	modified:   .circleci/config.yml
	modified:   cmd/testdata/mta/node-js/package.json
	modified:   go.mod
	modified:   go.sum
	modified:   integration/testdata/mta_assemble/node/package.json
	modified:   integration/testdata/mta_demo/node-js/package.json
	modified:   integration/testdata/mta_demo/node/package.json
	modified:   internal/artifacts/testdata/mta/node-js/package.json
	modified:   internal/exec/testdata/mta/node-js/package.json

* modified:   .circleci/config.yml
	modified:   cmd/testdata/mta/node-js/package.json
	modified:   go.mod
	modified:   go.sum
	modified:   integration/testdata/mta_assemble/node/package.json
	modified:   integration/testdata/mta_demo/node-js/package.json
	modified:   integration/testdata/mta_demo/node/package.json
	modified:   internal/artifacts/testdata/mta/node-js/package.json
	modified:   internal/exec/testdata/mta/node-js/package.json

* revert on-pr-build and on_merge_build_test workflow

* upgrad node 16 version and change workflow logic which after test success the rest step will run

* modified:   .circleci/config.yml

Co-authored-by: Young Yang <young.yang03@sap.com>
  • Loading branch information
@young-yang03
young-yang03 and Young Yang authored Oct 27, 2022
1 parent 1e62707 commit 4dfaf96
Show file tree
Hide file tree
Showing 17 changed files with 612 additions and 38 deletions.
115 changes: 83 additions & 32 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# Golang CircleCI 2.0 configuration
version: 2.1
jobs:

build-node:
docker:
- image: cimg/node:lts
Expand All @@ -13,8 +12,7 @@ jobs:

build:
docker:
- image: cimg/go:1.16

- image: cimg/go:1.17
environment:
working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
steps:
Expand Down Expand Up @@ -67,10 +65,22 @@ jobs:
command: |
pip3 install --user reuse
~/.local/bin/reuse lint
release:
ghpages:
docker:
- image: squidfunk/mkdocs-material:4.3.1
working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
steps:
- checkout
- run:
name: release to GitHub Pages
command: |
cd docs
mkdocs gh-deploy --config-file ../docs/mkdocs.yml --remote-branch gh-pages
release-to-github:
docker:
- image: cimg/go:1.16
- image: cimg/go:1.17
working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
steps:
- add_ssh_keys:
Expand Down Expand Up @@ -107,11 +117,15 @@ jobs:
sed -i "/\"version\":/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./package.json
sed -i "/cli_version:/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./configs/version.yaml
sed -i "s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./VERSION
sed -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java8
sed -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java11
sed -i "/ARG MBT_VERSION=/ s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./Dockerfile_mbtci_java17
sed -i "s/- ${CURR_MBT_VERSION}/- ${MBT_VERSION}/" ./test/goss/goss_template.yaml
sed -i "/- Cloud MTA Build Tool -/s/${CURR_MBT_VERSION}/${MBT_VERSION}/" ./README.md
#Generate version file
go generate -run "go run ./internal/buildtools/embed.go ./internal/buildtools/buildtools_msg.go -source=./configs/version.yaml -target=./internal/version/version_cfg.go -name=VersionConfig -package=version"
#Add all updated files to commit
git add ./package.json ./configs/version.yaml ./VERSION ./internal/version/version_cfg.go ./README.md
git add ./package.json ./configs/version.yaml ./VERSION ./internal/version/version_cfg.go ./Dockerfile_mbtci_java8 ./Dockerfile_mbtci_java11 ./Dockerfile_mbtci_java17 ./test/goss/goss_template.yaml ./README.md
git config user.email "${CLOUD_MTA_BOT_EMAIL}"
git config user.name "${CLOUD_MTA_BOT_USER}"
git commit --allow-empty -m "[skip ci] Bump version ${MBT_VERSION}"
Expand All @@ -127,8 +141,45 @@ jobs:
git checkout master
export GITHUB_TOKEN=${CLOUD_MTA_BOT_GITHUB_TOKEN}
curl -sL https://git.io/goreleaser | bash
publish:
publish-to-dockerhub:
docker:
- image: cimg/go:1.17
working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
steps:
- checkout
- setup_remote_docker:
version: 20.10.6
- run:
name: build image pre-setup
command: |
#Make sure HEAD points to master
git checkout master
git fetch
git rebase
- run:
name: "build Java 17 & Node 16 image"
command: |
MBT_VERSION=$(cat ./VERSION)
sh $PWD/scripts/build_image 17 16.18.0 ${MBT_VERSION}
- run:
name: publish image
command: |
#Make sure HEAD points to master
git checkout master
git fetch
git rebase
MBT_VERSION=$(cat ./VERSION)
echo "Image release: ${MBT_VERSION}"
#Push to Docker Hub
echo "$DOCKER_HUB_TOKEN" | docker login --username $DOCKER_HUB_USER --password-stdin
sh $PWD/scripts/publish_image 17 16.18.0 ${MBT_VERSION} "devxci"
#Push to GitHub Container Registry
echo "$CLOUD_MTA_BOT_GITHUB_TOKEN" | docker login "ghcr.io" --username $CLOUD_MTA_BOT_USER --password-stdin
sh $PWD/scripts/publish_image 17 16.18.0 ${MBT_VERSION} "ghcr.io/sap"
publish-to-npm:
docker:
- image: cimg/node:lts
working_directory: ~/repo
Expand All @@ -145,6 +196,7 @@ jobs:
git fetch
git rebase
- run:
# mbt is an unscoped package, do not need to add "--access public" option in npm publish cmd
name: publish to npm
command: |
echo "//registry.npmjs.org/:_authToken=$CLOUD_MTA_BOT_NPM_TOKEN" > .npmrc
Expand All @@ -156,21 +208,10 @@ jobs:
name: remove dummy release tag
command: |
git push https://github.com/SAP/cloud-mta-build-tool.git --delete release
ghpages:
docker:
- image: squidfunk/mkdocs-material:4.3.1
working_directory: ~/go/src/github.com/SAP/cloud-mta-build-tool
steps:
- checkout
- run:
name: release to GitHub Pages
command: |
cd docs
mkdocs gh-deploy --config-file ../docs/mkdocs.yml --remote-branch gh-pages
workflows:
version: 2
# when sub-branch's code is commited, this workflow will be execed
on_pr_build:
jobs:
- build:
Expand All @@ -192,6 +233,7 @@ workflows:
branches:
ignore: master

# when master's code is commited or merged from sub-branch, this workflow will be execed
on_merge_build_test:
jobs:
- build:
Expand All @@ -201,7 +243,7 @@ workflows:
- build-node:
filters:
branches:
ignore: master
only: master
- compliance:
filters:
branches:
Expand All @@ -213,42 +255,51 @@ workflows:
branches:
only: master

on_tag_build_test_deploy:
# when a branch is taged by "release", this workflow will be execed
on_tag_build_release_publish:
jobs:
- build:
filters: # required since `release` has tag filters AND requires `build`
filters:
tags:
only: /release/
branches:
ignore: /.*/
- test:
requires:
- build
filters: # required since `release` has tag filters AND requires `test`
filters:
tags:
only: /release/
branches:
ignore: /.*/
- release:
- ghpages:
requires:
- test
filters: # job runs on tag 'release' for no branches
filters:
tags:
only: /release/
branches:
ignore: /.*/
- ghpages:
- release-to-github:
requires:
- test
filters: # job runs on tag 'release' for no branches
filters:
tags:
only: /release/
branches:
ignore: /.*/
- publish:
- publish-to-dockerhub:
requires:
- release
filters: # job runs on tag 'release' for no branches
- release-to-github
filters:
tags:
only: /release/
branches:
ignore: /.*/
- publish-to-npm:
requires:
- publish-to-dockerhub
filters:
tags:
only: /release/
branches:
Expand Down
99 changes: 99 additions & 0 deletions Dockerfile_mbtci_java11
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
FROM sapmachine:11

# Build time arguments
ARG MTA_USER_HOME=/home/mta
ARG MBT_VERSION=1.2.18
ARG GO_VERSION=1.15.6
# node version as found in https://nodejs.org/dist/ e.g: "v16.15.0"
ARG NODE_VERSION=NODE_VERSION_TEMPLATE
ARG MAVEN_VERSION=3.6.3

# Environment variables
ENV PYTHON /usr/bin/python3
ENV M2_HOME=/opt/maven/apache-maven-${MAVEN_VERSION}
ENV GOPATH /go
ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
ENV CGO_ENABLED=0
ENV GOOS=linux
ENV DEBIAN_FRONTEND=noninteractive

ADD http://aia.pki.co.sap.com/aia/SAP%20Global%20Root%20CA.crt \
/etc/ssl/certs/SAP_Global_Root_CA.crt

# Download required env tools
RUN apt-get update && \
apt-get install --yes --no-install-recommends \
ca-certificates \
git \
curl && \

# Change security level as the SAP npm repo doesnt support buster new security upgrade
# the default configuration for OpenSSL in Buster explicitly requires using more secure ciphers and protocols,
# and the server running at http://npm.sap.com/ is running software configured to only provide insecure, older ciphers.
# This causes SSL connections using OpenSSL from a Buster based installation to fail
# Should be remove once SAP npm repo will patch the security level
# see - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912759
sed -i -E 's/(CipherString\s*=\s*DEFAULT@SECLEVEL=)2/\11/' /etc/ssl/openssl.cnf && \

# install node
NODE_HOME=/opt/nodejs; mkdir -p ${NODE_HOME} && \
curl --fail --silent --output - "https://nodejs.org/dist/${NODE_VERSION}/node-${NODE_VERSION}-linux-x64.tar.gz" \
| tar -xzv -f - -C "${NODE_HOME}" && \
ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/node" /usr/local/bin/node && \
ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/npm" /usr/local/bin/npm && \
ln -s "${NODE_HOME}/node-${NODE_VERSION}-linux-x64/bin/npx" /usr/local/bin/ && \
npm install --prefix /usr/local/ -g grunt-cli && \

# install ui5-cli temporay solution
npm install --prefix /usr/local/ -g @ui5/cli && \

# installing Golang
curl -O https://storage.googleapis.com/golang/go${GO_VERSION}.linux-amd64.tar.gz && tar -xvf go${GO_VERSION}.linux-amd64.tar.gz && \
mv go /usr/local && \
mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH" && \
mkdir -p ${GOPATH}/src ${GOPATH}/bin && \

# update maven home
M2_BASE="$(dirname ${M2_HOME})" && \
mkdir -p "${M2_BASE}" && \
curl --fail --silent --output - "https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries/apache-maven-${MAVEN_VERSION}-bin.tar.gz" \
| tar -xzvf - -C "${M2_BASE}" && \
ln -s "${M2_HOME}/bin/mvn" /usr/local/bin/mvn && \
chmod --recursive a+w "${M2_HOME}"/conf/* && \

# Download MBT
curl -L "https://github.com/SAP/cloud-mta-build-tool/releases/download/v${MBT_VERSION}/cloud-mta-build-tool_${MBT_VERSION}_Linux_amd64.tar.gz" | tar -zx -C /usr/local/bin && \
chown root:root /usr/local/bin/mbt && \

# handle users permission
useradd --home-dir "${MTA_USER_HOME}" \
--create-home \
--shell /bin/bash \
--user-group \
--uid 1000 \
--comment 'Cloud MTA Build Tool' \
--password "$(echo weUseMta |openssl passwd -1 -stdin)" mta && \
# allow anybody to write into the images HOME
chmod a+w "${MTA_USER_HOME}" && \

# Install essential build tools and python, required for building db modules
apt-get install --yes --no-install-recommends \
build-essential \
python2.7 \
python3 && \

# Install python 3.10
#apt-get install software-properties-common && \
#apt-get update && \
#add-apt-repository ppa:deadsnakes/ppa && \
#apt-get install python3.10 && \

# remove build env tools
apt-get remove --purge --autoremove --yes \
curl && \

rm -rf /var/lib/apt/lists/*

ENV PATH=$PATH:./node_modules/.bin HOME=${MTA_USER_HOME}
WORKDIR /project
USER mta
Loading

0 comments on commit 4dfaf96

Please sign in to comment.