From 274dac706940e4966ba996db2e398d43cad33e69 Mon Sep 17 00:00:00 2001 From: Ralph Bean Date: Thu, 10 May 2018 16:38:53 +0000 Subject: [PATCH] Try building waiverdb the same way as greenwave. --- .../waiverdb/templates/buildconfig.yml | 23 ++++++++-------- .../waiverdb/templates/deploymentconfig.yml | 4 +-- .../waiverdb/templates/imagestream.yml | 27 ++++++++++++------- 3 files changed, 31 insertions(+), 23 deletions(-) diff --git a/roles/openshift-apps/waiverdb/templates/buildconfig.yml b/roles/openshift-apps/waiverdb/templates/buildconfig.yml index 4440d2a403..9701b99ebd 100644 --- a/roles/openshift-apps/waiverdb/templates/buildconfig.yml +++ b/roles/openshift-apps/waiverdb/templates/buildconfig.yml @@ -6,16 +6,17 @@ metadata: environment: "waiverdb" spec: runPolicy: Serial - # This docker build exists only to layer some links ontop of the base waiverdb - # image from candidate-registry.fedoraproject.org source: dockerfile: |- - FROM candidate-registry.fedoraproject.org/f26/waiverdb:latest + # See imagestream.yml for the definition + FROM waiverdb-upstream:latest + # fedmsg needs a username. + ENV USER=waiverdb + + # Become root during build to chmod USER 0 - RUN dnf -y install --setopt=tsflags=nodocs fedmsg && dnf -y clean all - # create a symlink for configuring fedmsg. RUN ln -sfn /etc/fedmsg-waiverdb.d/waiverdb.py /etc/fedmsg.d/zz_waiverdb.py @@ -27,17 +28,17 @@ spec: # Make sure fedmsg can write its CRL. RUN chmod 777 /var/run/fedmsg/ + # Become non-root again USER 1001 strategy: type: Docker dockerStrategy: - # Unclear if caching needs to be regularly turned off here... - #noCache: true - forcePull: true from: - kind: DockerImage - name: candidate-registry.fedoraproject.org/f26/waiverdb:latest + kind: "ImageStreamTag" + name: "waiverdb-upstream:latest" + triggers: + - type: ImageChange output: to: kind: ImageStreamTag - name: waiverdb-deployment:latest + name: waiverdb:latest diff --git a/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml b/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml index f383a7f6cd..eea0a06bb5 100644 --- a/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml +++ b/roles/openshift-apps/waiverdb/templates/deploymentconfig.yml @@ -32,7 +32,7 @@ spec: spec: containers: - name: web - image: waiverdb-deployment + image: waiverdb ports: - containerPort: 8080 volumeMounts: @@ -101,5 +101,5 @@ spec: - web from: kind: ImageStreamTag - name: waiverdb-deployment:latest + name: waiverdb:latest - type: ConfigChange diff --git a/roles/openshift-apps/waiverdb/templates/imagestream.yml b/roles/openshift-apps/waiverdb/templates/imagestream.yml index 903f8f7ad3..16b7543f4e 100644 --- a/roles/openshift-apps/waiverdb/templates/imagestream.yml +++ b/roles/openshift-apps/waiverdb/templates/imagestream.yml @@ -1,17 +1,24 @@ apiVersion: v1 kind: ImageStream metadata: - name: waiverdb -spec: - tags: - - name: latest - from: - kind: DockerImage - name: candidate-registry.fedoraproject.org/f26/waiverdb:latest - importPolicy: - scheduled: true + name: "waiverdb" --- apiVersion: v1 kind: ImageStream metadata: - name: waiverdb-deployment + name: "waiverdb-upstream" +spec: + tags: + - name: latest + importPolicy: + scheduled: true + from: + kind: DockerImage +{% if env == 'staging' %} + # The latest successful build of master that passes tests + # is auto-tagged here. + name: quay.io/factory2/waiverdb:latest +{% else %} + # This is 'prod' tag is maintained by hand. + name: quay.io/factory2/waiverdb:prod +{% endif %}