1
0

CI/CD: Use patched nginx-proxy & docker-gen images

This commit is contained in:
Nicolas Duchon 2020-12-21 22:47:43 +01:00
parent a6aaac7d72
commit 4692095e40
No known key found for this signature in database
GPG Key ID: EA3151C66A4D79E7
4 changed files with 164 additions and 12 deletions

@ -9,7 +9,7 @@ env:
TEST_DOMAINS: le1.wtf,le2.wtf,le3.wtf
jobs:
build:
companion-build:
runs-on: ubuntu-latest
steps:
@ -24,15 +24,42 @@ jobs:
- name: List Docker Images
run: docker images
- name: Export Image Artifact
run: docker save $IMAGE > image.tar
run: docker save $IMAGE > companion.tar
- name: Upload Image Artifact
uses: actions/upload-artifact@v2
with:
name: image.tar
path: image.tar
name: companion.tar
path: companion.tar
nginx-proxy-build:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v2
- name: Build patched nginx-proxy Image
run: docker build -t "jwilder/nginx-proxy:latest" ./test/setup/nginx-proxy
- name: Build patched docker-gen Image
run: docker build -t "jwilder/docker-gen:latest" ./test/setup/docker-gen
- name: List Docker Images
run: docker images
- name: Export Images Artifacts
run: |
docker save jwilder/nginx-proxy:latest > nginx-proxy.tar
docker save jwilder/docker-gen:latest > docker-gen.tar
- name: Upload nginx-proxy Image Artifact
uses: actions/upload-artifact@v2
with:
name: nginx-proxy.tar
path: nginx-proxy.tar
- name: Upload docker-gen Image Artifact
uses: actions/upload-artifact@v2
with:
name: docker-gen.tar
path: docker-gen.tar
docker-specs-testing:
needs: build
needs: companion-build
runs-on: ubuntu-latest
steps:
@ -44,16 +71,18 @@ jobs:
- name: Download Builded Image
uses: actions/download-artifact@v2
with:
name: image.tar
name: companion.tar
- name: Import Builded Image
run: docker load < image.tar
run: docker load < companion.tar
- name: Docker Specifications Testing
run: official-images/test/run.sh "$IMAGE"
- if: ${{ failure() }}
run: test/github_actions/containers-logs.sh
integration-testing:
needs: build
needs:
- companion-build
- nginx-proxy-build
strategy:
fail-fast: false
matrix:
@ -90,6 +119,18 @@ jobs:
done
- name: Setup Boulder
run: test/setup/setup-boulder.sh
- name: Download nginx-proxy Patched Image
uses: actions/download-artifact@v2
with:
name: nginx-proxy.tar
- name: Download docker-gen Patched Image
uses: actions/download-artifact@v2
with:
name: docker-gen.tar
- name: Import nginx-proxy patched Images
run: |
docker load < nginx-proxy.tar
docker load < docker-gen.tar
- name: Setup NGINX Proxy
env:
SETUP: ${{ matrix.setup }}
@ -98,11 +139,13 @@ jobs:
- name: Download Builded Image
uses: actions/download-artifact@v2
with:
name: image.tar
name: companion.tar
- name: Import Builded Image
run: docker load < image.tar
run: docker load < companion.tar
# TEST
- name: Integration Testing
env:
SETUP: ${{ matrix.setup }}
run: test/run.sh -t ${{ matrix.test-name }} "$IMAGE"
- if: ${{ failure() }}
run: test/github_actions/containers-logs.sh

@ -1,6 +1,6 @@
FROM golang:1.15-alpine AS go-builder
ENV DOCKER_GEN_VERSION=0.7.4
ENV DOCKER_GEN_VERSION=fix-current-container-id
# Build docker-gen
RUN apk add --no-cache --virtual .build-deps \
@ -9,7 +9,8 @@ RUN apk add --no-cache --virtual .build-deps \
git \
make \
musl-dev \
&& go get github.com/jwilder/docker-gen \
&& go get github.com/buchdag/docker-gen \
&& mv /go/src/github.com/buchdag /go/src/github.com/jwilder \
&& cd /go/src/github.com/jwilder/docker-gen \
&& git -c advice.detachedHead=false checkout $DOCKER_GEN_VERSION \
&& make get-deps \

@ -0,0 +1,37 @@
FROM golang:1.15-alpine AS build-docker-gen
ARG DOCKER_GEN_VERSION=fix-current-container-id
LABEL stage=intermediate
# Install build dependencies for docker-gen
RUN apk add --update \
curl \
gcc \
git \
make \
musl-dev
# Build docker-gen
RUN go get github.com/buchdag/docker-gen \
&& mv /go/src/github.com/buchdag /go/src/github.com/jwilder \
&& cd /go/src/github.com/jwilder/docker-gen \
&& git -c advice.detachedHead=false checkout $DOCKER_GEN_VERSION \
&& make get-deps \
&& make all
FROM alpine:3.8
LABEL maintainer="Nicolas Duchon <nicolas.duchon@gmail.com>"
# DOCKER_GEN_VERSION environment variable is required by letsencrypt-nginx-proxy-companion
ENV DOCKER_GEN_VERSION=0.7.4 \
DOCKER_HOST=unix:///tmp/docker.sock
# Copy docker-gen binary from build stage
COPY --from=build-docker-gen /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/
# Get latest nginx.tmpl
ADD https://raw.githubusercontent.com/jwilder/nginx-proxy/master/nginx.tmpl /etc/docker-gen/templates/
ENTRYPOINT ["/usr/local/bin/docker-gen"]

@ -0,0 +1,71 @@
FROM golang:1.15-alpine AS go-builder
ARG DOCKER_GEN_VERSION=fix-current-container-id
ARG FOREGO_VERSION=20180216151118
LABEL stage=intermediate
# Install build dependencies for docker-gen and forego
RUN apk add --update \
curl \
gcc \
git \
make \
musl-dev
# Build forego
RUN go get github.com/ddollar/forego \
&& cd /go/src/github.com/ddollar/forego \
&& git -c advice.detachedHead=false checkout $FOREGO_VERSION \
&& make all
# Build docker-gen
RUN go get github.com/buchdag/docker-gen \
&& mv /go/src/github.com/buchdag /go/src/github.com/jwilder \
&& cd /go/src/github.com/jwilder/docker-gen \
&& git -c advice.detachedHead=false checkout $DOCKER_GEN_VERSION \
&& make get-deps \
&& make all
FROM nginx:1.19-alpine
LABEL maintainer="Nicolas Duchon <nicolas.duchon@gmail.com>"
# DOCKER_GEN_VERSION environment variable is required by letsencrypt-nginx-proxy-companion
ENV DOCKER_GEN_VERSION=0.7.4 \
DOCKER_HOST=unix:///tmp/docker.sock
# Install/update run dependencies
RUN apk add --update \
bash \
ca-certificates \
curl \
openssl \
&& rm -rf /var/cache/apk/*
# Configure Nginx and apply fix for very long server names
RUN echo "daemon off;" >> /etc/nginx/nginx.conf \
&& sed -i 's/worker_processes 1/worker_processes auto/' /etc/nginx/nginx.conf
# Copy forego and docker-gen binaries from build stage
COPY --from=go-builder /go/src/github.com/ddollar/forego/forego /usr/local/bin/
COPY --from=go-builder /go/src/github.com/jwilder/docker-gen/docker-gen /usr/local/bin/
# Install nginx-proxy
RUN mkdir /src /app \
&& curl -sSL https://github.com/jwilder/nginx-proxy/archive/master.tar.gz \
| tar -C /src -xz \
&& cp /src/nginx-proxy-master/Procfile /app/ \
&& cp /src/nginx-proxy-master/dhparam.pem.default /app/ \
&& cp /src/nginx-proxy-master/docker-entrypoint.sh /app/ \
&& cp /src/nginx-proxy-master/generate-dhparam.sh /app/ \
&& cp /src/nginx-proxy-master/nginx.tmpl /app/ \
&& cp /src/nginx-proxy-master/network_internal.conf /etc/nginx/ \
&& rm -rf /src
WORKDIR /app
VOLUME ["/etc/nginx/certs", "/etc/nginx/dhparam"]
ENTRYPOINT ["/app/docker-entrypoint.sh"]
CMD ["forego", "start", "-r"]