opendev/system-config
Code Issues Proposed changes
system-config/docker/gerrit/base/Dockerfile
Clark Boylan ca630db7b2 Update gerrit image builds for 3.6.4 and 3.7.1 tags 
We actually just build 3.6.4 and 3.7.1 images using 3.6.3 and 3.7.0
versions of plugins. We also deployed the resulting 3.6.4 image to prod.
Luckily for us 3.6.3 plugin tags match 3.6.4 and 3.7.0 tags match 3.7.1.

There was one exception which we were alredy checking out master for in
order to fix build errors. Now that there is a new reviewnotes tag for
3.6.4 we can drop the master checkout for that plugin and use the tag.

TL;DR this should be a noop for our images but is nice bookkeeping to
avoid surprises.

Change-Id: Ica8b3605ecb0f3f93747b904c39913800d1eee4e
2023-03-02 14:04:52 -08:00

81 lines
2.7 KiB
Docker
Raw Blame History

# Copyright (c) 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Thu Mar 2 22:04:19 UTC 2023 - trigger rebuild
FROM docker.io/opendevorg/python-builder:3.9-bullseye as builder
COPY . /tmp/src
RUN assemble
FROM docker.io/opendevorg/python-base:3.9-bullseye as gerrit-base
RUN echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/95disable-recommends
RUN apt-get update \
&& apt-get install -y dumb-init git openssh-client openjdk-11-jdk-headless unzip \
# This next set of installs helps align us with the old openjdk image \
# but they may not all be necessary \
&& apt-get install -y xz-utils bzip2 wget curl gnupg \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /output/ /output
RUN /output/install-from-bindep
# 3000 is what the existing opendev gerrit2 uid is
RUN addgroup gerrit --gid 3000 --system \
&& adduser \
--system \
--uid 3000 \
--home /var/gerrit \
--shell /bin/bash \
--ingroup gerrit \
gerrit
# Startup scripts
COPY wait-for-it.sh /wait-for-it.sh
RUN chmod +x /wait-for-it.sh
COPY run-gerrit.sh /run-gerrit.sh
RUN chmod +x /run-gerrit.sh
USER gerrit
RUN mkdir /var/gerrit/bin \
&& mkdir /var/gerrit/hooks \
&& mkdir /var/gerrit/static
# Download mariadb java client.
# Modern gerrit stopped downloading missing libs during init which means we
# need to do the downland and install ourselves.
# Note the perms on this are 0600 hence the need for the chown otherwise
# they are root owned and Gerrit can't use the jdbc driver.
ADD --chown=gerrit:gerrit https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/2.7.2/mariadb-java-client-2.7.2.jar /var/gerrit/lib/mariadb-java-client.jar
# Allow incoming traffic
# OpenDev Gerrit listens on 8081 not default of 8080
EXPOSE 29418 8081
VOLUME /var/gerrit/git /var/gerrit/index /var/gerrit/cache /var/gerrit/db /var/gerrit/etc /var/log/gerrit /var/gerrit/tmp /var/gerrit/data
RUN ln -s /var/log/gerrit /var/gerrit/logs
# container.javaOptions
# Also include container.heapLimit - but with -Xmx prefixing it
ENV JAVA_OPTIONS ""
# Ulimits should be set on command line or in docker-compose.yaml
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD "/run-gerrit.sh"
View Git Blame Copy Permalink