This repository has been archived by the owner on Mar 31, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdocker.version.mk
326 lines (261 loc) · 9.28 KB
/
docker.version.mk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
### DOCKER_IMAGE ###############################################################
DOCKER_PROJECT ?= sicz
DOCKER_PROJECT_DESC ?= $(BASE_IMAGE_OS_NAME) based image modified for Docker-friendliness
DOCKER_PROJECT_URL ?= $(BASE_IMAGE_OS_URL)
DOCKER_NAME ?= baseimage-$(BASE_IMAGE_NAME)
DOCKER_IMAGE_TAG ?= $(BASE_IMAGE_TAG)
### BUILD ######################################################################
VARIANT_DIR ?= $(PROJECT_DIR)/$(BASE_IMAGE_NAME)
### DOCKER_EXECUTOR ############################################################
# Use the Docker Compose executor
DOCKER_EXECUTOR ?= compose
# Use multiple Docker executor configurations
DOCKER_CONFIGS ?= default \
secrets \
custom
# Get the name of the Docker executor configuration
DOCKER_CONFIG_FILE ?= .docker-executor-config
DOCKER_CONFIG ?= $(shell \
if [ -e $(DOCKER_CONFIG_FILE) ]; then \
cat $(DOCKER_CONFIG_FILE); \
else \
echo "default"; \
fi \
)
# Use the same service name for all variants
SERVICE_NAME ?= baseimage
### DEFAULT_CONFIG #############################################################
# Default configuration with Simple CA
COMPOSE_VARS += SIMPLE_CA_IMAGE
ifeq ($(DOCKER_CONFIG),default)
COMPOSE_VARS += SERVER_CRT_HOST \
SERVER_KEY_PWD_FILE \
SERVER_P12_FILE
TEST_VARS += CA_CRT_FILE \
CA_USER_NAME_FILE \
CA_USER_PWD_FILE
CA_CRT_FILE ?= /etc/ssl/certs/ca.crt
CA_USER_NAME_FILE ?= /etc/ssl/private/ca_user.name
CA_USER_PWD_FILE ?= /etc/ssl/private/ca_user.pwd
SERVER_CRT_HOST ?= $(SERVICE_NAME).local
SERVER_KEY_PWD_FILE ?= /etc/ssl/private/server.pwd
SERVER_P12_FILE ?= /etc/ssl/private/server.p12
endif
### SECRETS_CONFIG #############################################################
# Default configuration with Simple CA and Docker Swarm like secrets
ifeq ($(DOCKER_CONFIG),secrets)
COMPOSE_VARS += SERVER_CRT_HOST \
SERVER_KEY_PWD_FILE \
SERVER_P12_FILE
TEST_VARS += CA_CRT_FILE \
CA_USER_NAME_FILE \
CA_USER_PWD_FILE
CA_CRT_FILE ?= /run/secrets/ca.crt
CA_USER_NAME_FILE ?= /run/secrets/ca_user.name
CA_USER_PWD_FILE ?= /run/secrets/ca_user.pwd
SERVER_CRT_HOST ?= $(SERVICE_NAME).local
SERVER_KEY_PWD_FILE ?= /etc/ssl/private/server.pwd
SERVER_P12_FILE ?= /etc/ssl/private/server.p12
endif
### CUSTOM_CONFIG ##############################################################
# Custom configuration with Simple CA
ifeq ($(DOCKER_CONFIG),custom)
COMPOSE_VARS += CA_CRT_FILE \
CA_USER_NAME_FILE \
CA_USER_PWD_FILE \
SERVER_CRT_SUBJECT \
SERVER_CRT_HOST \
SERVER_CRT_IP \
SERVER_CRT_OID \
SERVER_CRT_DIR \
SERVER_CRT_FILE \
SERVER_KEY_DIR \
SERVER_KEY_FILE \
SERVER_KEY_PWD_FILE \
SERVER_P12_FILE
CA_CRT_FILE ?= /root/ca.pem
CA_USER_NAME_FILE ?= /root/user.name
CA_USER_PWD_FILE ?= /root/user.pwd
SERVER_CRT_SUBJECT ?= /O=test/CN=$(SERVICE_NAME)
SERVER_CRT_HOST ?= $(SERVICE_NAME).local,$(SERVICE_NAME).test
SERVER_CRT_IP ?= 1.2.3.4
SERVER_CRT_OID ?= 1.2.3.4.5.6
SERVER_CRT_DIR ?= /var/lib
SERVER_CRT_FILE ?= /root/crt.pem
SERVER_KEY_DIR ?= /var/lib
SERVER_KEY_FILE ?= /root/key.pem
SERVER_KEY_PWD_FILE ?= /root/key.pwd
SERVER_P12_FILE ?= /root/keystore.p12
endif
### TEST #######################################################################
TEST_VARS += BASE_IMAGE_OS_NAME \
BASE_IMAGE_OS_VERSION \
DOCKER_CONFIG
### SIMPLE_CA ##################################################################
# Docker image dependencies
DOCKER_IMAGE_DEPENDENCIES += $(SIMPLE_CA_IMAGE)
# Simple CA image
SIMPLE_CA_NAME ?= simple-ca
SIMPLE_CA_IMAGE_NAME ?= $(DOCKER_PROJECT)/$(SIMPLE_CA_NAME)
SIMPLE_CA_IMAGE_TAG ?= latest
SIMPLE_CA_IMAGE ?= $(SIMPLE_CA_IMAGE_NAME):$(SIMPLE_CA_IMAGE_TAG)
# Simple CA service name in Docker Compose file
SIMPLE_CA_SERVICE_NAME ?= $(shell echo $(SIMPLE_CA_NAME) | sed -E -e "s/[^[:alnum:]_]+/_/g")
# Simple CA container name
ifeq ($(DOCKER_EXECUTOR),container)
SIMPLE_CA_CONTAINER_NAME ?= $(DOCKER_EXECUTOR_ID)_$(SIMPLE_CA_SERVICE_NAME)
else ifeq ($(DOCKER_EXECUTOR),compose)
SIMPLE_CA_CONTAINER_NAME ?= $(DOCKER_EXECUTOR_ID)_$(SIMPLE_CA_SERVICE_NAME)_1
else ifeq ($(DOCKER_EXECUTOR),stack)
# TODO: Docker Swarm Stack executor
SIMPLE_CA_CONTAINER_NAME ?= $(DOCKER_EXECUTOR_ID)_$(SIMPLE_CA_SERVICE_NAME)_1
else
$(error Unknown Docker executor "$(DOCKER_EXECUTOR)")
endif
### MAKE_VARS ##################################################################
# Display the make variables
MAKE_VARS ?= GITHUB_MAKE_VARS \
BASE_IMAGE_OS_MAKE_VARS \
BASE_IMAGE_MAKE_VARS \
DOCKER_IMAGE_MAKE_VARS \
BUILD_MAKE_VARS \
EXECUTOR_MAKE_VARS \
CONFIG_MAKE_VARS \
SHELL_MAKE_VARS \
DOCKER_REGISTRY_MAKE_VARS
define BASE_IMAGE_OS_MAKE_VARS
BASE_IMAGE_OS_NAME: $(BASE_IMAGE_OS_NAME)
BASE_IMAGE_OS_VERSION: $(BASE_IMAGE_OS_VERSION)
BASE_IMAGE_OS_URL: $(BASE_IMAGE_OS_URL)
endef
export BASE_IMAGE_OS_MAKE_VARS
define CONFIG_MAKE_VARS
SIMPLE_CA_IMAGE_NAME: $(SIMPLE_CA_IMAGE_NAME)
SIMPLE_CA_IMAGE_TAG: $(SIMPLE_CA_IMAGE_TAG)
SIMPLE_CA_IMAGE: $(SIMPLE_CA_IMAGE)
SIMPLE_CA_SERVICE_NAME: $(SIMPLE_CA_SERVICE_NAME)
SIMPLE_CA_CONTAINER_NAME: $(SIMPLE_CA_CONTAINER_NAME)
CA_CRT_FILE: $(CA_CRT_FILE)
CA_USER_NAME_FILE: $(CA_USER_NAME_FILE)
CA_USER_PWD_FILE: $(CA_USER_PWD_FILE)
SERVER_CRT_SUBJECT: $(SERVER_CRT_SUBJECT)
SERVER_CRT_HOST: $(SERVER_CRT_HOST)
SERVER_CRT_IP $(SERVER_CRT_IP)
SERVER_CRT_OID: $(SERVER_CRT_OID)
SERVER_CRT_DIR: $(SERVER_CRT_DIR)
SERVER_CRT_FILE: $(SERVER_CRT_FILE)
SERVER_KEY_DIR: $(SERVER_KEY_DIR)
SERVER_KEY_FILE: $(SERVER_KEY_FILE)
SERVER_KEY_PWD_FILE: $(SERVER_KEY_PWD_FILE)
SERVER_P12_FILE: $(SERVER_P12_FILE)
endef
export CONFIG_MAKE_VARS
### MAKE_TARGETS #############################################################
# Build a new image and run tests for current configuration
.PHONY: all
all: clean build start wait logs test
# Build a new image and run tests for all configurations
.PHONY: ci
ci: clean build test-all
### BUILD_TARGETS ##############################################################
# Build a new image with using the Docker layer caching
.PHONY: build
build: docker-build
# Build a new image without using the Docker layer caching
.PHONY: rebuild
rebuild: docker-rebuild
### EXECUTOR_TARGETS ###########################################################
# Display the name of the current configuration
.PHONY: config
config: display-executor-config
# Display the configuration file for the current configuration
.PHONY: config-file
config-file: display-config-file
# Display the make variables for the current configuration
.PHONY: makevars vars
makevars vars: display-makevars
# Switch the configuration environment
.PHONY: $(addsuffix -config,$(DOCKER_CONFIGS))
$(addsuffix -config,$(DOCKER_CONFIGS)): clean
@set -eo pipefail; \
$(MAKE) set-executor-config DOCKER_CONFIG=$(shell echo $@ | sed "s/-config//")
# Remove the containers and then run them fresh
.PHONY: run up
run up: docker-up
# Create the containers
.PHONY: create
create: display-executor-config docker-create .docker-$(DOCKER_EXECUTOR)-secrets
@true
.docker-$(DOCKER_EXECUTOR)-secrets: secrets
@$(ECHO) "Copying secrets to container $(CONTAINER_NAME)"
@docker cp secrets/ca.crt $(CONTAINER_NAME):$(CA_CRT_FILE)
@docker cp secrets/ca_user.name $(CONTAINER_NAME):$(CA_USER_NAME_FILE)
@docker cp secrets/ca_user.pwd $(CONTAINER_NAME):$(CA_USER_PWD_FILE)
@$(ECHO) $(CONTAINER_NAME) > $@
# Start the containers
.PHONY: start
start: create docker-start
# Wait for the start of the containers
.PHONY: wait
wait: start docker-wait
# Display running containers
.PHONY: ps
ps: docker-ps
# Display the container logs
.PHONY: logs
logs: docker-logs
# Follow the container logs
.PHONY: logs-tail tail
logs-tail tail: docker-logs-tail
# Run the shell in the container
.PHONY: shell sh
shell sh: start docker-shell
# Run the current configuration tests
.PHONY: test
test: start docker-test
# Run tests for all configurations
.PHONY: test-all
test-all: $(addprefix test-,$(DOCKER_CONFIGS))
.PHONY: $(addprefix test-,$(DOCKER_CONFIGS))
$(addprefix test-,$(DOCKER_CONFIGS)):
@$(ECHO)
@$(ECHO)
@$(ECHO) "===> $(DOCKER_IMAGE) with $(shell echo $@ | sed -E -e "s/^test-//") configuration"
@$(ECHO)
@$(ECHO)
@$(MAKE) $$(echo "$@-config" | sed -E -e "s/^test-//")
@$(MAKE) start wait logs test clean
# Run the shell in the test container
.PHONY: test-shell tsh
test-shell tsh:
@$(MAKE) test TEST_CMD=/bin/bash
# Stop the containers
.PHONY: stop
stop: docker-stop
# Restart the containers
.PHONY: restart
restart: stop start
# Remove the containers
.PHONY: down rm
down rm: docker-rm clean-secrets
# Remove all containers and work files
.PHONY: clean
clean: docker-clean clean-secrets
### SIMPLE_CA_TARGETS ##########################################################
# Create the Simple CA secrets
secrets:
@$(COMPOSE_CMD) up $(COMPOSE_UP_OPTS) $(SIMPLE_CA_SERVICE_NAME)
@sleep 1
@$(ECHO) "Copying secrets from container $(SIMPLE_CA_CONTAINER_NAME)"
@docker cp $(SIMPLE_CA_CONTAINER_NAME):/var/lib/simple-ca/secrets .
# Clean the Simple CA secrets
.PHONY: clean-secrets
clean-secrets:
@if [ -e secrets ]; then \
$(ECHO) "Removing secrets directory"; \
rm -rf secrets; \
fi
### MK_DOCKER_IMAGE ############################################################
MK_DIR ?= $(PROJECT_DIR)/../Mk
include $(MK_DIR)/docker.image.mk
################################################################################