[kie-tools#2571] [sonataflow-management-console] Convert Containerfil…

…es to Cekit (apache#2573) Signed-off-by: Ricardo Zanini <ricardozanini@gmail.com>
rgdoliveira · Sep 12, 2024 · daebcf8 · daebcf8
1 parent 6f15810
commit daebcf8
Show file tree

Hide file tree

Showing 13 changed files with 197 additions and 206 deletions.
diff --git a/packages/python-venv/requirements.txt b/packages/python-venv/requirements.txt
@@ -1,9 +1,9 @@
 requests<2.32.0
-cekit==4.11.0
+cekit==4.13.0
 behave==1.2.6
 lxml==5.2.1
 docker==7.0.0
-docker-squash==1.2.0
+docker-squash==1.2.1
 elementpath==4.4.0
 pyyaml==6.0.1
 ruamel.yaml==0.18.6

diff --git a/packages/sonataflow-image-common/resources/modules/kogito-system-user/add-user b/packages/sonataflow-image-common/resources/modules/kogito-system-user/add-user
@@ -17,8 +17,21 @@
 # specific language governing permissions and limitations
 # under the License.
 #
-groupadd -r kogito -g 1001 && useradd -u 1001 -r -g root -G "${USER}" -m -d "${KOGITO_HOME}" -s /sbin/nologin -c "Kogito user" ${USER}
 
-mkdir "${KOGITO_HOME}"/bin
+# Check if group 1001 exists, if not, create it
+if ! getent group kogito >/dev/null; then
+  groupadd -r kogito -g ${USER_ID}
+fi
+
+# Check if user 1001 exists, if not, reuse it for kogito
+if ! id "${USER_ID}" >/dev/null 2>&1; then
+  useradd -u "${USER_ID}" -r -g kogito -G root -m -d "${KOGITO_HOME}" -s /sbin/nologin -c "Kogito user" ${USER}
+else
+  echo "User with UID ${USER_ID} already exists, reusing it."
+  # Change home directory and group for the existing user
+  usermod -d "${KOGITO_HOME}" -g kogito ${USER}
+fi
+
+mkdir -p "${KOGITO_HOME}"/bin
 chmod ug+rwX "${KOGITO_HOME}"
 
diff --git a/packages/sonataflow-image-common/resources/modules/kogito-system-user/module.yaml b/packages/sonataflow-image-common/resources/modules/kogito-system-user/module.yaml
@@ -31,3 +31,5 @@ envs:
     value: "/home/kogito"
   - name: "USER"
     value: "kogito"
+  - name: "USER_ID"
+    value: 1001
diff --git a/packages/sonataflow-management-console-image/Containerfile b/packages/sonataflow-management-console-image/Containerfile
diff --git a/packages/sonataflow-management-console-image/env/index.js b/packages/sonataflow-management-console-image/env/index.js
@@ -17,7 +17,7 @@
  * under the License.
  */
 
-const { varsWithName, composeEnv, getOrDefault } = require("@kie-tools-scripts/build-env");
+const { varsWithName, composeEnv } = require("@kie-tools-scripts/build-env");
 
 const rootEnv = require("@kie-tools/root-env/env");
 

diff --git a/packages/sonataflow-management-console-image/package.json b/packages/sonataflow-management-console-image/package.json
@@ -13,8 +13,8 @@
     "url": "https://github.com/apache/incubator-kie-tools/issues"
   },
   "scripts": {
-    "build:dev": "pnpm cleanup && pnpm env-json:schema:generate && pnpm copy:assets && run-script-if --bool \"$(build-env containerImages.build)\" --then \"pnpm image:docker:build\"",
-    "build:prod": "pnpm cleanup && pnpm env-json:schema:generate && pnpm copy:assets && run-script-if --bool \"$(build-env containerImages.build)\" --then \"pnpm image:docker:build\"",
+    "build:dev": "pnpm cleanup && pnpm env-json:schema:generate && pnpm copy:assets && run-script-if --bool \"$(build-env containerImages.build)\" --then \"pnpm image:cekit:build\"",
+    "build:prod": "pnpm cleanup && pnpm env-json:schema:generate && pnpm copy:assets && run-script-if --bool \"$(build-env containerImages.build)\" --then \"pnpm image:cekit:build\"",
     "cleanup": "rimraf dist-dev && mkdir dist-dev",
     "copy:assets": "pnpm copy:webapp-assets && pnpm copy:image-env-to-json",
     "copy:image-env-to-json": "run-script-os",
@@ -24,14 +24,20 @@
     "copy:webapp-assets:linux:darwin": "cp -R ./node_modules/@kie-tools/sonataflow-management-console-webapp/dist/ ./dist-dev/sonataflow-management-console-webapp",
     "copy:webapp-assets:win32": "pnpm powershell \"Copy-Item -R ./node_modules/@kie-tools/sonataflow-management-console-webapp/dist/ ./dist-dev/sonataflow-management-console-webapp\"",
     "env-json:schema:generate": "ts-json-schema-generator --tsconfig ./node_modules/@kie-tools/sonataflow-management-console-webapp/tsconfig.json --path ./node_modules/@kie-tools/sonataflow-management-console-webapp/src/env/EnvJson.ts --type EnvJson --id EnvJson --out ./dist-dev/EnvJson.schema.json",
-    "image:docker:build": "kie-tools--image-builder build -r \"$(build-env sonataflowManagementConsoleImageEnv.registry)\" -a \"$(build-env sonataflowManagementConsoleImageEnv.account)\" -n \"$(build-env sonataflowManagementConsoleImageEnv.name)\" -t \"$(build-env sonataflowManagementConsoleImageEnv.buildTag)\" --build-arg SONATAFLOW_MANAGEMENT_CONSOLE_PORT=\"$(build-env sonataflowManagementConsoleImageEnv.port)\""
+    "image:cekit:build": "run-script-os",
+    "image:cekit:build:linux": "pnpm image:cekit:copy && pnpm image:cekit:setup:env make -C ./dist-dev build",
+    "image:cekit:build:win32:darwin": "echo \"Build skipped on macOS and Windows\"",
+    "image:cekit:copy": "cp -R ./node_modules/@kie-tools/sonataflow-image-common/resources/* ./dist-dev/ && cp -R resources/* ./dist-dev/",
+    "image:cekit:setup:env": ". ./node_modules/@kie-tools/python-venv/venv/bin/activate && cross-env SWF_IMAGE_REGISTRY=$(build-env sonataflowManagementConsoleImageEnv.registry) SWF_IMAGE_REGISTRY_ACCOUNT=$(build-env sonataflowManagementConsoleImageEnv.account) SWF_IMAGE_NAME=$(build-env sonataflowManagementConsoleImageEnv.name) SWF_IMAGE_TAG=$(build-env sonataflowManagementConsoleImageEnv.buildTag) QUARKUS_PLATFORM_VERSION=$(build-env quarkusPlatform.version) KOGITO_VERSION=$(build-env kogitoRuntime.version) SONATAFLOW_MANAGEMENT_CONSOLE_PORT=$(build-env sonataflowManagementConsoleImageEnv.port)"
   },
   "devDependencies": {
-    "@kie-tools/image-builder": "workspace:*",
     "@kie-tools/image-env-to-json": "workspace:*",
+    "@kie-tools/python-venv": "workspace:*",
     "@kie-tools/root-env": "workspace:*",
+    "@kie-tools/sonataflow-image-common": "workspace:*",
     "@kie-tools/sonataflow-management-console-image-env": "workspace:*",
     "@kie-tools/sonataflow-management-console-webapp": "workspace:*",
+    "cross-env": "^7.0.3",
     "rimraf": "^3.0.2",
     "run-script-os": "^1.1.6",
     "ts-json-schema-generator": "^1.1.2"

diff --git a/...management-console-image/resources/incubator-kie-sonataflow-management-console-image.yaml b/...management-console-image/resources/incubator-kie-sonataflow-management-console-image.yaml
@@ -0,0 +1,62 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+- name: "docker.io/apache/incubator-kie-sonataflow-devmode"
+  from: "registry.access.redhat.com/ubi9/httpd-24:1-336.1725850633"
+  version: "0.0.0"
+  description: "SonataFlow Management Console Image"
+
+  labels:
+    - name: "io.quarkus.platform.version"
+      value: "### SET ME DURING BUILD PROCESS ###"
+    - name: "org.kie.kogito.version"
+      value: "### SET ME DURING BUILD PROCESS ###"
+    - name: "maintainer"
+      value: "Apache KIE <dev@kie.apache.org>"
+    - name: "io.k8s.description"
+      value: "SonataFlow Management Console Image."
+    - name: "io.k8s.display-name"
+      value: "Sonataflow Management Console"
+    - name: "io.openshift.tags"
+      value: "sonataflow,serverless,workflow"
+    - name: "io.openshift.expose-services"
+      value: "8080:http"
+
+  modules:
+    repositories:
+      - path: modules
+    install:
+      - name: org.kie.kogito.system.user
+      - name: org.kie.kogito.logging
+      - name: org.kie.kogito.project.versions
+      - name: org.kie.sonataflow.management.console
+
+  ports:
+    - value: 8080
+
+  envs:
+    - name: SONATAFLOW_MANAGEMENT_CONSOLE_KOGITO_ENV_MODE
+      value: PROD
+    - name: SUMMARY
+      value: "SonataFlow Management Console Image"
+
+  run:
+    workdir: "/home/kogito/management-console"
+    user: 1001
+    cmd:
+      - "/home/kogito/management-console/launch/entrypoint.sh"
diff --git a/...ow-management-console-image/entrypoint.sh → ...ow/management-console/added/entrypoint.sh b/...ow-management-console-image/entrypoint.sh → ...ow/management-console/added/entrypoint.sh
@@ -17,11 +17,12 @@
 # specific language governing permissions and limitations
 # under the License.
 #
+set -e
 
 # Copying the Task Console assets here is essential for when the container is running with the readOnlyRootFilesystem flag.
 # But, just like any other directory modified during runtime, the /var/www/html must be a mounted volume in the container in this case.
-cp -R /management-console/app/* /var/www/html
+cp -R "${KOGITO_HOME}/management-console/app/"* "${HTTPD_DATA_PATH}/html"
 
-/management-console/image-env-to-json-standalone --directory /var/www/html --json-schema /management-console/EnvJson.schema.json
+"${KOGITO_HOME}/management-console/image-env-to-json-standalone" --directory "${HTTPD_DATA_PATH}/html" --json-schema "${KOGITO_HOME}/management-console/EnvJson.schema.json"
 
-httpd -D FOREGROUND
+run-httpd
diff --git a/...nagement-console-image/resources/modules/sonataflow/management-console/configure-httpd.sh b/...nagement-console-image/resources/modules/sonataflow/management-console/configure-httpd.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+set -e
+
+SOURCES_DIR=/tmp/artifacts
+SCRIPT_DIR=$(dirname "${0}")
+MGMT_CONSOLE_HOME="${KOGITO_HOME}/management-console"
+
+# Configure the default httpd conf
+echo "Mutex posixsem" >> "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i -e "/#ServerName www.example.com:80/aHeader set Content-Security-Policy \"frame-ancestors 'self';\"" "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i -e 's/Options Indexes FollowSymLinks/Options -Indexes +FollowSymLinks/' "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i "s/Listen 80/Listen ${SONATAFLOW_MANAGEMENT_CONSOLE_PORT}/g" "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i "s/#ServerName www.example.com:80/ServerName 127.0.0.1:${SONATAFLOW_MANAGEMENT_CONSOLE_PORT}/g" "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i '$ a ServerTokens Prod' "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i '$ a ServerSignature Off' "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+sed -i -e '/<Directory "\/var\/www\/html">/a    RewriteEngine on\n    RewriteCond %{REQUEST_FILENAME} -f [OR]\n    RewriteCond %{REQUEST_FILENAME} -d\n    RewriteRule ^ - [L]\n    RewriteRule ^ index.html [L]' "${HTTPD_MAIN_CONF_PATH}/httpd.conf"
+
+
+# Set the required paths
+mkdir -p "${MGMT_CONSOLE_HOME}/launch"
+
+# Copy the entrypoint and other init scripts
+cp -v "${SCRIPT_DIR}"/added/* "${MGMT_CONSOLE_HOME}"/launch
+
+# Fixing permissions
+chmod +x "${MGMT_CONSOLE_HOME}/launch/entrypoint.sh" "${MGMT_CONSOLE_HOME}/image-env-to-json-standalone"
+chown -R "${USER_ID}" "${MGMT_CONSOLE_HOME}"
+
+ if [ -f "${MGMT_CONSOLE_HOME}/app/env.json" ]; then chmod a+w "${MGMT_CONSOLE_HOME}/app/env.json"; fi
diff --git a/...flow-management-console-image/resources/modules/sonataflow/management-console/module.yaml b/...flow-management-console-image/resources/modules/sonataflow/management-console/module.yaml
@@ -0,0 +1,41 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+schema_version: 1
+name: org.kie.sonataflow.management.console
+version: "0.0.0"
+description: "SonataFlow Management Console Launch Scripts and Configurations"
+
+execute:
+  - script: configure-httpd.sh
+
+envs:
+  - name: SONATAFLOW_MANAGEMENT_CONSOLE_PORT
+    value: 8080
+
+artifacts:
+  - name: sonataflow-management-console-webapp
+    path: "../../../../../sonataflow-management-console-webapp/"
+    dest: /home/kogito/management-console/app
+    target: app
+  - name: image-env-to-json-standalone
+    path: "../../../../../image-env-to-json-standalone"
+    dest: /home/kogito/management-console
+  - name: EnvJson.schema.json
+    path: "../../../../../EnvJson.schema.json"
+    dest: /home/kogito/management-console