From 6caf78d01a3ec8c647f54cf82936f26c6ea147b4 Mon Sep 17 00:00:00 2001 From: Adam Coard Date: Thu, 9 Apr 2020 10:32:07 -0700 Subject: [PATCH] OpenShift WIP - still partially complete, but need to commit to OS can pull down --- README.md | 4 +- openshift/templates/nginx/Dockerfile | 18 ++++ openshift/templates/nginx/nginx.conf.template | 48 +++++++++ openshift/templates/readme.md | 14 +++ openshift/templates/web-build-chain.yaml | 98 +++++++++++++++++++ web/Dockerfile | 9 +- ....conf.template => nginx.conf.template-dev} | 9 ++ 7 files changed, 194 insertions(+), 6 deletions(-) create mode 100644 openshift/templates/nginx/Dockerfile create mode 100644 openshift/templates/nginx/nginx.conf.template create mode 100644 openshift/templates/readme.md create mode 100644 openshift/templates/web-build-chain.yaml rename web/{nginx.conf.template => nginx.conf.template-dev} (77%) diff --git a/README.md b/README.md index 3adc965c..18e8634f 100644 --- a/README.md +++ b/README.md @@ -44,8 +44,8 @@ Make sure you have docker and docker-compose installed (`docker-compose --versio # import sql - tip: use tab completion \i BC_Timesheet_MasterData.sql - \i Risk_MasterData.sql - # \i RiskUpdate.sql - Removed as Risk_MasterData.sql has been updated with everything needed + # \i Risk_MasterData.sql - Replaced with 'latest' below. + \i Risk_MasterData_Latest.sql # log out of container exit diff --git a/openshift/templates/nginx/Dockerfile b/openshift/templates/nginx/Dockerfile new file mode 100644 index 00000000..308cbbfe --- /dev/null +++ b/openshift/templates/nginx/Dockerfile @@ -0,0 +1,18 @@ +FROM nginx:stable + +RUN chmod g+rwx /var/cache/nginx /var/run /var/log/nginx +# users are not allowed to listen on priviliged ports +# RUN sed -i.bak 's/listen\(.*\)80;/listen 8081;/' /etc/nginx/conf.d/default.conf +EXPOSE 8081 +# comment user directive as master process is run as user in OpenShift anyhow +# RUN sed -i.bak 's/^user/#user/' /etc/nginx/nginx.conf +COPY ./nginx.conf.template /etc/nginx/nginx.conf + + +WORKDIR /code + +COPY ./dist . + +EXPOSE 8080:8080 + +CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/openshift/templates/nginx/nginx.conf.template b/openshift/templates/nginx/nginx.conf.template new file mode 100644 index 00000000..5e6816ba --- /dev/null +++ b/openshift/templates/nginx/nginx.conf.template @@ -0,0 +1,48 @@ +worker_processes auto; +error_log /var/log/nginx/error.log warn; +# pid /var/run/nginx.pid; # ORIG +pid /tmp/nginx.pid; # from OpenShift.com blog +events { + worker_connections 1024; +} +http { + include /etc/nginx/mime.types; + + # Set custom paths for OpenShift permissions (non root) + client_body_temp_path /tmp/client_temp; + proxy_temp_path /tmp/proxy_temp_path; + fastcgi_temp_path /tmp/fastcgi_temp; + uwsgi_temp_path /tmp/uwsgi_temp; + scgi_temp_path /tmp/scgi_temp; + + + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log /var/log/nginx/access.log main; + sendfile on; + keepalive_timeout 65; + server { + listen 8080; + server_name localhost; + location / { + root /app; + index index.html; + try_files $uri $uri/ /index.html; + } + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # For status of ngnix service, OpenShift is configured to call this + location /nginx_status { + # Enable Nginx stats + stub_status on; + # No need to log this request, its just noise + access_log off; + } + + } +} \ No newline at end of file diff --git a/openshift/templates/readme.md b/openshift/templates/readme.md new file mode 100644 index 00000000..ee9b527f --- /dev/null +++ b/openshift/templates/readme.md @@ -0,0 +1,14 @@ +# OpenShift + + + +## Initial Setup + +### Enable cross-project pulling of ImageStreams (e.g. from tools -> dev) + + +Run below 3 times, one for `dev`, `test`, `prod` + + oc policy add-role-to-group \ + system:image-puller system:serviceaccounts:aifsul-dev \ + --namespace=aifsul-tools diff --git a/openshift/templates/web-build-chain.yaml b/openshift/templates/web-build-chain.yaml new file mode 100644 index 00000000..12126638 --- /dev/null +++ b/openshift/templates/web-build-chain.yaml @@ -0,0 +1,98 @@ +--- +kind: Template +apiVersion: v1 +metadata: + name: timemachine-web + namespace: aifsul-tools + creationTimestamp: +objects: + +# Two image-streams. "-vue" is intermediate stream used for chain build +- kind: ImageStream + apiVersion: v1 + metadata: + name: "${NAME}-vue" +- kind: ImageStream + apiVersion: v1 + metadata: + name: "${NAME}" + +# Build-configs. First is intermediate build +- kind: BuildConfig + apiVersion: v1 + metadata: + name: "${NAME}-vue" + creationTimestamp: + labels: + app: "${NAME}-vue" + spec: + runPolicy: Serial + completionDeadlineSeconds: 1800 + triggers: + - type: ImageChange + source: + type: Git + git: + uri: "${GIT_SOURCE_URL}" + ref: "${GIT_REFERENCE}" + contextDir: "${CONTEXT_DIR}" + strategy: + type: Docker + output: + to: + kind: ImageStreamTag + name: "${NAME}-vue:latest" + status: + lastVersion: 0 + + +# Create the vue-on-nginx final build +- kind: BuildConfig + apiVersion: v1 + metadata: + name: ${NAME} + spec: + output: + to: + kind: ImageStreamTag + name: ${NAME}:latest + source: + type: Dockerfile + contextDir: openshift/templates/nginx + images: + - from: + kind: ImageStreamTag + name: ${NAME}-vue:latest + paths: + # Is this path modified by contextDir above? If so, remove contextDir and replace + # with dockerFilePath + - sourcePath: /dist + destinationDir: "." + strategy: + type: Docker + triggers: + - imageChange: {} + type: ImageChange + + +parameters: +- name: NAME + displayName: Name + description: The name assigned to all of the objects defined in this template. + required: true + value: timemachine-web +- name: GIT_SOURCE_URL + displayName: GIT Source Repo URL + description: A GIT URL to your source code. + required: true + value: https://github.com/bcgov/Project-and-time-tracker.git +- name: GIT_REFERENCE + displayName: Git Reference + description: Optional branch, tag, or commit. + required: true + value: master +- name: CONTEXT_DIR + displayName: contextDir + description: Sub directory, e.g. `api/` or `web/` + required: true + value: web/ diff --git a/web/Dockerfile b/web/Dockerfile index 599f5fa8..8de247a1 100644 --- a/web/Dockerfile +++ b/web/Dockerfile @@ -1,4 +1,4 @@ -FROM node:8.11.1 +FROM node:12.14.1 # copy project files and folders to the web directory COPY . /web @@ -11,8 +11,9 @@ RUN npm install # build app for production with minification -RUN npm run build +# RUN npm run build +CMD npm run build -EXPOSE 8080 +# EXPOSE 8080 -CMD [ "npm", "run", "serve" ] \ No newline at end of file +# CMD [ "npm", "run", "serve" ] \ No newline at end of file diff --git a/web/nginx.conf.template b/web/nginx.conf.template-dev similarity index 77% rename from web/nginx.conf.template rename to web/nginx.conf.template-dev index 385df250..acb985cc 100644 --- a/web/nginx.conf.template +++ b/web/nginx.conf.template-dev @@ -26,5 +26,14 @@ http { location = /50x.html { root /usr/share/nginx/html; } + + # For status of ngnix service, OpenShift is configured to call this + location /nginx_status { + # Enable Nginx stats + stub_status on; + # No need to log this request, its just noise + access_log off; + } + } } \ No newline at end of file