Initial commit

psprings · Jul 26, 2018 · 0174d6e · 0174d6e
commit 0174d6e
Show file tree

Hide file tree

Showing 7 changed files with 145 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+grafeas/
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,17 @@
+FROM golang:1.10.3
+COPY . /go/src/github.com/grafeas/grafeas/
+WORKDIR /go/src/github.com/grafeas/grafeas/samples/server/go-server/api/server/main
+RUN CGO_ENABLED=0 go build -o grafeas-server .
+
+FROM alpine:latest
+WORKDIR /
+ADD https://github.com/kelseyhightower/confd/releases/download/v0.15.0/confd-0.15.0-linux-amd64 /usr/local/bin/confd
+COPY build-files /tmp
+RUN chmod +x /usr/local/bin/confd && \
+    mv /tmp/confd /etc && \
+    mv /tmp/entrypoint.sh /entrypoint.sh && \
+    chmod +x /entrypoint.sh
+COPY --from=0 /go/src/github.com/grafeas/grafeas/samples/server/go-server/api/server/main/grafeas-server /grafeas-server
+EXPOSE 8080
+ENTRYPOINT ["/entrypoint.sh"]
+CMD ["-config", "config.yaml"]
diff --git a/README.md b/README.md
@@ -0,0 +1,42 @@
+# docker-grafeas
+
+## Building the image
+
+To build and run this image locally, run the following command:
+
+```bash
+./build.sh
+```
+
+## Start a Grafeas server
+
+From locally built image:
+
+```bash
+docker run --name grafeas -p 8080:8080 grafeas
+```
+
+A prebuilt image can also be used:
+
+```bash
+docker run --name grafeas -p 8080:8080 psprings/grafeas
+```
+
+## Environment variables
+
+The following environment variables can be set to modify the Grafeas `config.yaml`. The naming conventions are based on the structure of the `config.yaml` but are in a format that can be interpreted by `confd`.
+
+| Name                               | Description                                                          | Default          |
+|------------------------------------|----------------------------------------------------------------------|------------------|
+| `GRAFEAS_API_SERVER`               | Endpoint address                                                     | `0.0.0.0:8080`   |
+| `GRAFEAS_API_CAFILE`               | PKI configuration (optional)                                         |                  |
+| `GRAFEAS_API_KEYFILE`              | PKI configuration (optional)                                         |                  |
+| `GRAFEAS_API_CERTFILE`             | PKI configuration (optional)                                         |                  |
+| `GRAFEAS_API_CORS_ALLOWED_ORIGINS` | Comma separated domains to allow for CORS. E.g. "http://example.net" |                  |
+| `GRAFEAS_STORAGE_TYPE`             | Supported options are `memstore` and `postgres`                      | `memstore`       |
+| `GRAFEAS_POSTGRES_HOST`            | Database host                                                        | `127.0.0.1:5432` |
+| `GRAFEAS_POSTGRES_DBNAME`          | Database name                                                        | `postgres`       |
+| `GRAFEAS_POSTGRES_USER`            | Database username                                                    | `postgres`       |
+| `GRAFEAS_POSTGRES_PASSWORD`        | Database password                                                    | `password`       |
+| `GRAFEAS_POSTGRES_SSLMODE`         |                                                                      | `require`        |
+| `GRAFEAS_POSTGRES_PAGINATIONKEY`   |                                                                      |                  |
diff --git a/build-files/confd/conf.d/config.yaml.toml b/build-files/confd/conf.d/config.yaml.toml
@@ -0,0 +1,17 @@
+[template]
+src = "config.yaml.tmpl"
+dest = "/config.yaml"
+keys = [
+    "/grafeas/api/address",
+    "/grafeas/api/cafile",
+    "/grafeas/api/keyfile",
+    "/grafeas/api/certfile",
+    "/grafeas/api/cors/allowed/origins",
+    "/grafeas/storage/type",
+    "/grafeas/postgres/host",
+    "/grafeas/postgres/dbname",
+    "/grafeas/postgres/user",
+    "/grafeas/postgres/password",
+    "/grafeas/postgres/sslmode",
+    "/grafeas/postgres/paginationkey"
+]
diff --git a/build-files/confd/templates/config.yaml.tmpl b/build-files/confd/templates/config.yaml.tmpl
@@ -0,0 +1,48 @@
+# Copyright 2017 The Grafeas Authors. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+grafeas:
+  # Grafeas api server config
+  api:
+    # Endpoint address
+    address: "{{if ls "/grafeas/api/address"}}{{getv "/grafeas/api/address"}}{{else}}0.0.0.0:8080{{end}}"
+    # PKI configuration (optional)
+    cafile: {{if ls "/grafeas/api/cafile"}}"{{getv "/grafeas/api/cafile"}}"{{end}}
+    keyfile: {{if ls "/grafeas/api/keyfile"}}"{{getv "/grafeas/api/keyfile"}}"{{end}}
+    certfile: {{if ls "/grafeas/api/certfile"}}"{{getv "/grafeas/api/certfile"}}"{{end}}
+    # CORS configuration (optional)
+    cors_allowed_origins:
+      {{- if ls "/grafeas/api/cors/allowed/origins"}}{{ $origins := split (getv "/grafeas/api/cors/allowed/origins") "," }}{{- range $idx, $origin := $origins }}
+       - "{{ $origin }}"{{end}}{{else}}
+       # - "http://example.net"{{end}}
+  # Supported storage types are "memstore" and "postgres"
+  storage_type: "{{if ls "/grafeas/storage/type"}}{{getv "/grafeas/storage/type"}}{{else}}memstore{{end}}"
+  # Postgres options
+  postgres:
+    # Database host
+    host: "{{if ls "/grafeas/postgres/host"}}{{getv "/grafeas/postgres/host"}}{{else}}127.0.0.1:5432{{end}}"
+    # Database name
+    dbname: "{{if ls "/grafeas/postgres/dbname"}}{{getv "/grafeas/postgres/dbname"}}{{else}}postgres{{end}}"
+    # Database username
+    user: "{{if ls "/grafeas/postgres/user"}}{{getv "/grafeas/postgres/user"}}{{else}}postgres{{end}}"
+    # Database password
+    password: "{{if ls "/grafeas/postgres/password"}}{{getv "/grafeas/postgres/password"}}{{else}}password{{end}}"
+    # Valid sslmodes disable, allow, prefer, require, verify-ca, verify-full.
+    # See https://www.postgresql.org/docs/current/static/libpq-connect.html for details
+    sslmode: "{{if ls "/grafeas/postgres/sslmode"}}{{getv "/grafeas/postgres/sslmode"}}{{else}}require{{end}}"
+    # 32-bit URL-safe base64 key used to encrypt pagination tokens
+    # If one is not provided, it will be generated.
+    # Multiple grafeas instances in the same cluster need the same value.
+    paginationkey: {{if ls "/grafeas/postgres/paginationkey"}}{{getv "/grafeas/postgres/paginationkey"}}{{end}}
+
diff --git a/build-files/entrypoint.sh b/build-files/entrypoint.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# RUN THE DEFAULT CONFD BACKEND
+if [ -z "${CONFD_BACKEND}" ]; then
+    export CONFD_BACKEND=env
+fi
+
+/usr/local/bin/confd -onetime -backend "${CONFD_BACKEND}"
+
+exec /grafeas-server "$@"
diff --git a/build.sh b/build.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+if [ -d grafeas ]; then
+    rm -rf grafeas
+fi
+git clone https://github.com/grafeas/grafeas.git
+cp -R build-files grafeas
+cp Dockerfile grafeas
+cd grafeas
+docker build -t grafeas .