diff --git a/Dockerfile b/Dockerfile new file mode 100755 index 0000000..64b91e8 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,26 @@ +ARG GO_IMAGE=docker.io/golang:1.14.4-stretch +ARG RELEASE_IMAGE=scratch +FROM ${GO_IMAGE} as builder + +# Inject custom root certificate authorities if needed +# Docker does not have a good conditional copy statement and requires that a source file exists +# to complete the copy function without error. Therefore the README.md file will be copied to +# the image every time even if there are no .crt files. +COPY ./certs/* /usr/local/share/ca-certificates/ +RUN update-ca-certificates + +SHELL [ "/bin/bash", "-cex" ] +WORKDIR /usr/src/airshipui + +# Take advantage of caching for dependency acquisition +COPY go.mod go.sum /usr/src/airshipui/ +RUN go mod download + +COPY . /usr/src/airshipui/ +ARG MAKE_TARGET=build +RUN for target in $MAKE_TARGET; do make $target; done + +FROM ${RELEASE_IMAGE} as release +COPY --from=builder /usr/src/airshipui/bin/airshipui /usr/local/bin/airshipui +USER 65534 +ENTRYPOINT [ "/usr/local/bin/airshipui" ] \ No newline at end of file diff --git a/Makefile b/Makefile old mode 100644 new mode 100755 index 1f55a2f..5bf75b8 --- a/Makefile +++ b/Makefile @@ -16,6 +16,20 @@ JSLINTER_BIN := $(realpath tools)/node-v12.16.3/bin NPM := $(JSLINTER_BIN)/npm NPX := $(JSLINTER_BIN)/npx +# docker +DOCKER_MAKE_TARGET := build + +# docker image options +DOCKER_REGISTRY ?= quay.io +DOCKER_FORCE_CLEAN ?= true +DOCKER_IMAGE_NAME ?= airshipui +DOCKER_IMAGE_PREFIX ?= airshipit +DOCKER_IMAGE_TAG ?= dev +DOCKER_IMAGE ?= $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) +DOCKER_TARGET_STAGE ?= release +PUBLISH ?= false + +# test flags COVERAGE_OUTPUT := coverage.out TESTFLAGS ?= -count=1 @@ -76,6 +90,53 @@ cover: TESTFLAGS += -coverprofile=$(COVERAGE_OUTPUT) cover: test go tool cover -html=$(COVERAGE_OUTPUT) +.PHONY: images +images: docker-image + +.PHONY: docker-image +docker-image: +ifeq ($(USE_PROXY), true) + @docker build . --network=host \ + --build-arg http_proxy=$(PROXY) \ + --build-arg https_proxy=$(PROXY) \ + --build-arg HTTP_PROXY=$(PROXY) \ + --build-arg HTTPS_PROXY=$(PROXY) \ + --build-arg no_proxy=$(NO_PROXY) \ + --build-arg NO_PROXY=$(NO_PROXY) \ + --build-arg MAKE_TARGET=$(DOCKER_MAKE_TARGET) \ + --tag $(DOCKER_IMAGE) \ + --target $(DOCKER_TARGET_STAGE) \ + --force-rm=$(DOCKER_FORCE_CLEAN) +else + @docker build . --network=host \ + --build-arg MAKE_TARGET=$(DOCKER_MAKE_TARGET) \ + --tag $(DOCKER_IMAGE) \ + --target $(DOCKER_TARGET_STAGE) \ + --force-rm=$(DOCKER_FORCE_CLEAN) +endif +ifeq ($(PUBLISH), true) + @docker push $(DOCKER_IMAGE) +endif + +.PHONY: print-docker-image-tag +print-docker-image-tag: + @echo "$(DOCKER_IMAGE)" + +.PHONY: docker-image-test-suite +docker-image-test-suite: DOCKER_MAKE_TARGET = "lint cover" +docker-image-test-suite: DOCKER_TARGET_STAGE = builder +docker-image-test-suite: docker-image + +.PHONY: docker-image-unit-tests +docker-image-unit-tests: DOCKER_MAKE_TARGET = cover +docker-image-unit-tests: DOCKER_TARGET_STAGE = builder +docker-image-unit-tests: docker-image + +.PHONY: docker-image-lint +docker-image-lint: DOCKER_MAKE_TARGET = lint +docker-image-lint: DOCKER_TARGET_STAGE = builder +docker-image-lint: docker-image + .PHONY: clean clean: rm -rf $(BUILD_DIR) $(COVERAGE_OUTPUT) diff --git a/certs/README.md b/certs/README.md new file mode 100755 index 0000000..7d04f7e --- /dev/null +++ b/certs/README.md @@ -0,0 +1,6 @@ +# Additional Docker image root certificate authorities +If you require additional certificate authorities for your Docker image: +* Add ASCII PEM encoded .crt files to this directory + * The files will be copied into your docker image at build time. + +To update manually copy the .crt files to /usr/local/share/ca-certificates/ and run sudo update-ca-certificates. \ No newline at end of file diff --git a/docs/source/developers.md b/docs/source/developers.md index 6900c4d..5c43eea 100644 --- a/docs/source/developers.md +++ b/docs/source/developers.md @@ -99,6 +99,10 @@ The UI will initiate the websocket and request data. The backend uses a functio [Minikube](https://kubernetes.io/docs/setup/learning-environment/minikube/) runs a single-node Kubernetes cluster for users looking to try out Kubernetes or develop with it day-to-day. Installation instructions are available on the kubernetes website: https://kubernetes.io/docs/tasks/tools/install-minikube/). If you are running behind a proxy it may be necessary to follow the steps outlined in the [How to use an HTTP/HTTPS proxy with minikube](https://minikube.sigs.k8s.io/docs/reference/networking/proxy/) website. +### Docker on Windows + +The default Docker install on windows will attempt to enable Hyper-V. Note: if you are using VirtualBox it cannot coexist with Hyper-V enabled at the same time. To build docker images you will have to shut down VirtualBox and enable Hyper-V for the build. You will need to disable Hyper-V to use VirtualBox after the images have been built. + ### Issues with npm / npx and the electron go module It is possible that the airship ui will exit with an error code 1 when attempting to start the first time: