PR#1214: Remove supervisord from our Docker containers - copr/copr

		`@@ -0,0 +1,39 @@`
		`+ version: '3'`
		`+ services:`
		`+`
		`+ # The main docker-compose.yaml file runs Copr services installed from RPM packages.`
		`+ # For development purposes it might be useful to run them from git`
		`+ # (changes doesn't need to be commited)`
		`+`
		`+ # Use this configuration by running`
		`+ # docker-compose -f docker-compose.dev.yaml up <service>`
		`+`
		`+ backend:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/backend`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /opt/copr/backend/run/copr_be.py`
		`+`
		`+ backend-log:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/backend`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /opt/copr/backend/run/copr_run_logger.py`
		`+`
		`+ backend-vmm:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/backend`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_vmm.py`
		`+`
		`+ backend-build:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/backend`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_build_dispatcher.py`
		`+`
		`+ backend-action:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/backend`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_action_dispatcher.py`
		`+`
		`+ frontend:`
		`+ environment:`
		`+ - PYTHONPATH=/opt/copr/frontend/coprs_frontend`
		`+ command: /usr/sbin/runuser -u copr-fe -g copr-fe -- /opt/copr/frontend/coprs_frontend/manage.py runserver -p 5000 -h 0.0.0.0 --without-threads --no-reload`

docker-compose.shell.yaml

file added

+28

		`@@ -0,0 +1,28 @@`
		`+ version: '3'`
		`+ services:`
		`+`
		`+ # The main docker-compose.yaml file runs Copr services installed from RPM packages.`
		`+ # This configuration allows you tu run a container that is ready-to-use, but`
		`+ # doesn't run the service for you. Instead, you can open a shell, hack, and run`
		`+ # the service as pleased.`
		`+`
		`+ # Use this configuration by running`
		`+ # docker-compose -f docker-compose.shell.yaml up <service>`
		`+`
		`+ backend:`
		`+ command: /bin/bash`
		`+`
		`+ backend-log:`
		`+ command: /bin/bash`
		`+`
		`+ backend-vmm:`
		`+ command: /bin/bash`
		`+`
		`+ backend-build:`
		`+ command: /bin/bash`
		`+`
		`+ backend-action:`
		`+ command: /bin/bash`
		`+`
		`+ frontend:`
		`+ command: /bin/bash`

docker-compose.yaml

file modified

+99 -10

		`@@ -1,23 +1,98 @@`
		`version: '3'`
		`services:`
		`+`
		`+ # @TODO Probably not all backend services should use the same Dockerfile`
		`+`
		`backend:`
		`build:`
		`context: .`
		`dockerfile: docker/backend/Dockerfile`
		`hostname: backend`
		`- command: /bin/run.sh`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_be.py`
		`+ depends_on:`
		`+ - backend-log`
		`+ - backend-vmm`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`
		`+`
		`+ backend-log:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/backend/Dockerfile`
		`+ hostname: backend-log`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_logger.py`
		`depends_on:`
		`- redis`
		`- - backend_httpd`
		`stdin_open: true`
		`tty: true`
		`- privileged: true`
		`- cap_add:`
		`- - NET_ADMIN`
		`- - SYS_ADMIN`
		`volumes:`
		`- .:/opt/copr:z`
		`- results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`
		`+`
		`+ backend-vmm:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/backend/Dockerfile`
		`+ hostname: backend-vmm`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_vmm.py`
		`+ depends_on:`
		`+ - backend-log`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`
		`+`
		`+ backend-build:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/backend/Dockerfile`
		`+ hostname: backend-build`
		`+ command: /usr/sbin/runuser -u copr -g copr -G obsrun -- /usr/bin/copr_run_build_dispatcher.py`
		`+ depends_on:`
		`+ - backend-log`
		`+ - backend-vmm`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`
		`+`
		`+ backend-action:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/backend/Dockerfile`
		`+ hostname: backend-action`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/bin/copr_run_action_dispatcher.py`
		`+ depends_on:`
		`+ - backend-log`
		`+ - backend-vmm`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`
		`+`
		`+ backend-signd:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/backend/Dockerfile`
		`+ hostname: backend-signd`
		`+ command: /usr/sbin/runuser -u copr -g copr -- /usr/sbin/signd`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - results:/var/lib/copr/public_html/results`
		`+ - backend-etc:/etc`

		`redis:`
		`image: centos/redis-32-centos7`
		`@@ -38,7 +113,6 @@`
		`context: .`
		`dockerfile: docker/builder/Dockerfile`
		`hostname: builder`
		`- command: /bin/run.sh`
		`stdin_open: true`
		`tty: true`
		`privileged: true`
		`@@ -53,7 +127,6 @@`
		`context: .`
		`dockerfile: docker/frontend/Dockerfile`
		`hostname: frontend`
		`- command: /bin/run.sh`
		`depends_on:`
		`- database`
		`- redis`
		`@@ -71,9 +144,12 @@`
		`context: .`
		`dockerfile: docker/database/Dockerfile`
		`hostname: database`
		`- command: /bin/run.sh`
		`stdin_open: true`
		`tty: true`
		`+ environment:`
		`+ - POSTGRESQL_USER=copr-fe`
		`+ - POSTGRESQL_PASSWORD=coprpass`
		`+ - POSTGRESQL_DATABASE=coprdb`
		`ports:`
		`- 5432:5432`

		`@@ -82,13 +158,24 @@`
		`context: .`
		`dockerfile: docker/distgit/Dockerfile`
		`hostname: distgit`
		`- command: /bin/run.sh`
		`+ stdin_open: true`
		`+ tty: true`
		`+ volumes:`
		`+ - .:/opt/copr:z`
		`+ - dist-git:/var/lib/dist-git`
		`+`
		`+ distgit-httpd:`
		`+ build:`
		`+ context: .`
		`+ dockerfile: docker/distgit-httpd/Dockerfile`
		`+ hostname: distgit-httpd`
		`stdin_open: true`
		`tty: true`
		`ports:`
		`- "5001:80"`
		`volumes:`
		`- .:/opt/copr:z`
		`+ - dist-git:/var/lib/dist-git`

		`keygen-signd:`
		`build:`
		`@@ -115,3 +202,5 @@`
		`volumes:`
		`results:`
		`copr-keygen:`
		`+ dist-git:`
		`+ backend-etc:`

docker/backend/Dockerfile

file modified

+9 -1

		`@@ -1,6 +1,9 @@`
		`FROM fedora:30`
		`MAINTAINER copr-devel@lists.fedorahosted.org`

		`+ ENV export LANG=en_US.UTF-8`
		`+ ENV PYTHONPATH="/usr/share/copr/"`
		`+`
		`RUN dnf -y install dnf-plugins-core && dnf -y copr enable @copr/copr`

		`# TERM is to make the tito work in container, rhbz#1733043`
		`@@ -19,9 +22,9 @@`
		`git \`
		`sudo \`
		`openssh-server \`
		`- supervisor \`
		`psmisc \`
		`nginx \`
		`+ python3-ipdb \`
		`# to get more entropy for generation of gpg keys`
		`rng-tools \`
		`# for unbuffer package`
		`@@ -90,5 +93,10 @@`
		`# copr user needs permissions to create lock files`
		`RUN chmod o+w /var/lock`

		`+ # using /dev/urandom is a hack just for devel, /dev/hwrandom or /dev/hwrng should be used in production`
		`+ RUN rngd -r /dev/urandom`
		`+`
		`+ # Required for Copr VMM service to run spawn_local.yml`
		`+ RUN ln -s /usr/bin/python3 /usr/bin/python`

		`CMD ["/bin/run.sh"]`

docker/backend/files/etc/copr/copr-be.conf

file modified

+1 -1

		`@@ -15,7 +15,7 @@`
		`#frontend_auth=1234`
		`frontend_auth=1234`

		`- dist_git_url=http://distgit/cgit`
		`+ dist_git_url=http://distgit-httpd/cgit`
		`#dist_git_url=http://cgit`

		`# Set a number of build groups (default is 1)`

docker/backend/files/etc/supervisord.conf

file removed

-175

		`@@ -1,175 +0,0 @@`
		`- ; Sample supervisor config file.`
		`-`
		`- [unix_http_server]`
		`- file=/var/run/supervisor/supervisor.sock ; (the path to the socket file)`
		`- ;chmod=0700 ; sockef file mode (default 0700)`
		`- ;chown=nobody:nogroup ; socket file uid:gid owner`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- ;[inet_http_server] ; inet (TCP) server disabled by default`
		`- ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface)`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- [supervisord]`
		`- logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)`
		`- logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)`
		`- logfile_backups=10 ; (num of main logfile rotation backups;default 10)`
		`- loglevel=info ; (log level;default info; others: debug,warn,trace)`
		`- pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)`
		`- nodaemon=false ; (start in foreground if true;default false)`
		`- minfds=1024 ; (min. avail startup file descriptors;default 1024)`
		`- minprocs=200 ; (min. avail process descriptors;default 200)`
		`- ;umask=022 ; (process file creation umask;default 022)`
		`- ;user=chrism ; (default is current user, required if root)`
		`- ;identifier=supervisor ; (supervisord identifier, default is 'supervisor')`
		`- ;directory=/tmp ; (default is not to cd during start)`
		`- ;nocleanup=true ; (don't clean up tempfiles at start;default false)`
		`- ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)`
		`- ;environment=KEY=value ; (key value pairs to add to environment)`
		`- ;strip_ansi=false ; (strip ansi escape codes in logs; def. false)`
		`-`
		`- ; the below section must remain in the config file for RPC`
		`- ; (supervisorctl/web interface) to work, additional interfaces may be`
		`- ; added by defining them in separate rpcinterface: sections`
		`- [rpcinterface:supervisor]`
		`- supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface`
		`-`
		`- [supervisorctl]`
		`- serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket`
		`- ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket`
		`- ;username=chris ; should be same as http_username if set`
		`- ;password=123 ; should be same as http_password if set`
		`- ;prompt=mysupervisor ; cmd line prompt (default "supervisor")`
		`- ;history_file=~/.sc_history ; use readline history if available`
		`-`
		`- ; The below sample program section shows all possible program subsection values,`
		`- ; create one or more 'real' program: sections to be able to control them under`
		`- ; supervisor.`
		`-`
		`- ;[program:theprogramname]`
		`- ;command=/bin/cat ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=999 ; the relative start priority (default 999)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=true ; retstart at unexpected quit (default: true)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)`
		`- ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions (def no adds)`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample eventlistener section shows all possible`
		`- ; eventlistener subsection values, create one or more 'real'`
		`- ; eventlistener: sections to be able to handle event notifications`
		`- ; sent by supervisor.`
		`-`
		`- ;[eventlistener:theeventlistenername]`
		`- ;command=/bin/eventlistener ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;events=EVENT ; event notif. types to subscribe to (req'd)`
		`- ;buffer_size=10 ; event buffer queue size (default 10)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=-1 ; the relative start priority (default -1)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=unexpected ; restart at unexpected quit (default: unexpected)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups ; # of stderr logfile backups (default 10)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample group section shows all possible group values,`
		`- ; create one or more 'real' group: sections to create "heterogeneous"`
		`- ; process groups.`
		`-`
		`- ;[group:thegroupname]`
		`- ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions`
		`- ;priority=999 ; the relative start priority (default 999)`
		`-`
		`- ; The [include] section can just contain the "files" setting. This`
		`- ; setting can list multiple files (separated by whitespace or`
		`- ; newlines). It can also contain wildcards. The filenames are`
		`- ; interpreted as relative to this file. Included files cannot`
		`- ; include files themselves.`
		`-`
		`- [program:sshd]`
		`- command=/usr/sbin/sshd -D`
		`-`
		`- [program:uwsgi]`
		`- command=/usr/sbin/uwsgi --ini /etc/uwsgi.ini`
		`-`
		`- [program:signd]`
		`- command=/usr/sbin/signd`
		`- user=copr`
		`- group=copr`
		`-`
		`- [program:copr-backend-log]`
		`- command=/usr/bin/copr_run_logger.py`
		`- user=copr`
		`- group=copr`
		`- environment=PYTHONPATH="/usr/share/copr/",HOME=/home/copr`
		`- priority=901`
		`-`
		`- [program:copr-backend-vmm]`
		`- command=/usr/bin/copr_run_vmm.py`
		`- user=copr`
		`- group=copr`
		`- environment=PYTHONPATH="/usr/share/copr/",HOME=/home/copr`
		`- priority=902`
		`-`
		`- [program:copr-backend-build]`
		`- command=/usr/bin/copr_run_build_dispatcher.py`
		`- user=copr`
		`- group=copr`
		`- environment=PYTHONPATH="/usr/share/copr/",HOME=/home/copr`
		`- priority=903`
		`-`
		`- [program:copr-backend-action]`
		`- command=/usr/bin/copr_run_action_dispatcher.py`
		`- user=copr`
		`- group=copr`
		`- environment=PYTHONPATH="/usr/share/copr/",HOME=/home/copr`
		`- priority=904`
		`-`
		`- [program:copr-backend]`
		`- command=/usr/bin/copr_be.py -u copr -g copr`
		`- user=copr`
		`- group=copr`
		`- environment=PYTHONPATH="/usr/share/copr/",HOME=/home/copr`
		`- priority=903`
		`-`
		`- [include]`
		`- files = supervisord.d/*.ini`

docker/backend/files/etc/sysctl.conf

file modified

+1 -1

		`@@ -9,4 +9,4 @@`
		`#`
		`# For more information, see sysctl.conf(5) and sysctl.d(5).`

		`- net.core.somaxconn = 512`
		`+ net.core.somaxconn = 4096`
		`\ No newline at end of file`

docker/backend/files/usr/bin/killallcopr

file removed

-2

		`@@ -1,2 +0,0 @@`
		`- #!/bin/bash`
		`- /usr/bin/killall --user copr`

docker/backend/files/usr/bin/run.sh

file removed

-8

		`@@ -1,8 +0,0 @@`
		`- #!/bin/bash`
		`-`
		`- export LANG=en_US.UTF-8`
		`-`
		`- echo 4096 > /proc/sys/net/core/somaxconn`
		`- /usr/bin/supervisord -c /etc/supervisord.conf`
		`- rngd -r /dev/urandom # using /dev/urandom is a hack just for devel, /dev/hwrandom or /dev/hwrng should be used in production`
		`- /bin/bash`

docker/builder/Dockerfile

file modified

+2 -2

		`@@ -12,7 +12,7 @@`
		`which \`
		`wget \`
		`vim \`
		`- supervisor \`
		`+ python3-ipdb \`
		`# builder packages`
		`openssh-server \`
		`packagedb-cli \`
		`@@ -54,4 +54,4 @@`

		`RUN echo 'config_opts["use_nspawn"] = False' >> /etc/mock/site-defaults.cfg`

		`- CMD ["/bin/run.sh"]`
		`+ CMD ["/usr/sbin/sshd", "-D"]`

docker/builder/files/etc/copr-rpmbuild/main.ini

file modified

+3 -3

		`@@ -23,6 +23,6 @@`
		`distgit_clone_url = https://src.stg.fedoraproject.org/%(module)s`

		`[distgit4]`
		`- distgit_hostname_pattern = distgit`
		`- distgit_lookaside_url = http://distgit/repo/pkgs/%(ns2)s/%(ns1)s/%(name)s/%(filename)s/%(hash)s/%(filename)s`
		`- distgit_clone_url = http://distgit/git/%(module)s`
		`+ distgit_hostname_pattern = distgit-httpd`
		`+ distgit_lookaside_url = http://distgit-httpd/repo/pkgs/%(ns2)s/%(ns1)s/%(name)s/%(filename)s/%(hash)s/%(filename)s`
		`+ distgit_clone_url = http://distgit-httpd/git/%(module)s`

docker/builder/files/etc/supervisord.conf

file removed

-132

		`@@ -1,132 +0,0 @@`
		`- ; Sample supervisor config file.`
		`-`
		`- [unix_http_server]`
		`- file=/var/run/supervisor/supervisor.sock ; (the path to the socket file)`
		`- ;chmod=0700 ; sockef file mode (default 0700)`
		`- ;chown=nobody:nogroup ; socket file uid:gid owner`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- ;[inet_http_server] ; inet (TCP) server disabled by default`
		`- ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface)`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- [supervisord]`
		`- logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)`
		`- logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)`
		`- logfile_backups=10 ; (num of main logfile rotation backups;default 10)`
		`- loglevel=info ; (log level;default info; others: debug,warn,trace)`
		`- pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)`
		`- nodaemon=false ; (start in foreground if true;default false)`
		`- minfds=1024 ; (min. avail startup file descriptors;default 1024)`
		`- minprocs=200 ; (min. avail process descriptors;default 200)`
		`- ;umask=022 ; (process file creation umask;default 022)`
		`- ;user=chrism ; (default is current user, required if root)`
		`- ;identifier=supervisor ; (supervisord identifier, default is 'supervisor')`
		`- ;directory=/tmp ; (default is not to cd during start)`
		`- ;nocleanup=true ; (don't clean up tempfiles at start;default false)`
		`- ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)`
		`- ;environment=KEY=value ; (key value pairs to add to environment)`
		`- ;strip_ansi=false ; (strip ansi escape codes in logs; def. false)`
		`-`
		`- ; the below section must remain in the config file for RPC`
		`- ; (supervisorctl/web interface) to work, additional interfaces may be`
		`- ; added by defining them in separate rpcinterface: sections`
		`- [rpcinterface:supervisor]`
		`- supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface`
		`-`
		`- [supervisorctl]`
		`- serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket`
		`- ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket`
		`- ;username=chris ; should be same as http_username if set`
		`- ;password=123 ; should be same as http_password if set`
		`- ;prompt=mysupervisor ; cmd line prompt (default "supervisor")`
		`- ;history_file=~/.sc_history ; use readline history if available`
		`-`
		`- ; The below sample program section shows all possible program subsection values,`
		`- ; create one or more 'real' program: sections to be able to control them under`
		`- ; supervisor.`
		`-`
		`- ;[program:theprogramname]`
		`- ;command=/bin/cat ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=999 ; the relative start priority (default 999)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=true ; retstart at unexpected quit (default: true)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)`
		`- ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions (def no adds)`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample eventlistener section shows all possible`
		`- ; eventlistener subsection values, create one or more 'real'`
		`- ; eventlistener: sections to be able to handle event notifications`
		`- ; sent by supervisor.`
		`-`
		`- ;[eventlistener:theeventlistenername]`
		`- ;command=/bin/eventlistener ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;events=EVENT ; event notif. types to subscribe to (req'd)`
		`- ;buffer_size=10 ; event buffer queue size (default 10)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=-1 ; the relative start priority (default -1)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=unexpected ; restart at unexpected quit (default: unexpected)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups ; # of stderr logfile backups (default 10)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample group section shows all possible group values,`
		`- ; create one or more 'real' group: sections to create "heterogeneous"`
		`- ; process groups.`
		`-`
		`- ;[group:thegroupname]`
		`- ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions`
		`- ;priority=999 ; the relative start priority (default 999)`
		`-`
		`- ; The [include] section can just contain the "files" setting. This`
		`- ; setting can list multiple files (separated by whitespace or`
		`- ; newlines). It can also contain wildcards. The filenames are`
		`- ; interpreted as relative to this file. Included files cannot`
		`- ; include files themselves.`
		`-`
		`- [program:sshd]`
		`- command=/usr/sbin/sshd -D`
		`-`
		`- [include]`
		`- files = supervisord.d/*.ini`

docker/builder/files/usr/bin/run.sh

file removed

-5

		`@@ -1,5 +0,0 @@`
		`- #!/bin/bash`
		`-`
		`- /usr/bin/supervisord -c /etc/supervisord.conf`
		`-`
		`- /bin/bash`

docker/database/Dockerfile

file modified

+1 -32

		`@@ -1,33 +1,2 @@`
		`- FROM fedora:30`
		`+ FROM centos/postgresql-12-centos7`
		`MAINTAINER copr-devel@lists.fedorahosted.org`
		`-`
		`- RUN dnf -y install dnf-plugins-core && dnf -y copr enable @copr/copr`
		`-`
		`- # base packages`
		`- RUN dnf -y update && \`
		`- dnf -y install htop \`
		`- which \`
		`- wget \`
		`- vim \`
		`- supervisor \`
		`- copr-selinux \`
		`- postgresql-server \`
		`- redis`
		`-`
		`- COPY docker/database/files/ /`
		`-`
		`- RUN runuser -l postgres -c "initdb -E UTF8 -D /var/lib/pgsql/data"`
		`-`
		`- RUN echo "listen_addresses = '*'" >> /var/lib/pgsql/data/postgresql.conf`
		`-`
		`- # I want to prepend some lines to a file - I'll do it in three steps`
		`- # 1. backup the database config file`
		`- RUN mv /var/lib/pgsql/data/pg_hba.conf /tmp/pg_hba.conf`
		`-`
		`- # 2. write the lines`
		`- RUN printf 'local coprdb copr-fe md5\nhost coprdb copr-fe 127.0.0.1/8 md5\nhost coprdb copr-fe ::1/128 md5\nlocal coprdb postgres ident\nhost coprdb copr-fe 172.18.0.0/12 md5\n' \| tee /var/lib/pgsql/data/pg_hba.conf`
		`-`
		`- # 3. write the file back after those lines`
		`- RUN cat /tmp/pg_hba.conf \| tee -a /var/lib/pgsql/data/pg_hba.conf`
		`-`
		`- CMD ["/bin/run.sh"]`

docker/database/files/etc/supervisord.conf

file removed

-135

		`@@ -1,135 +0,0 @@`
		`- ; Sample supervisor config file.`
		`-`
		`- [unix_http_server]`
		`- file=/var/run/supervisor/supervisor.sock ; (the path to the socket file)`
		`- ;chmod=0700 ; sockef file mode (default 0700)`
		`- ;chown=nobody:nogroup ; socket file uid:gid owner`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- ;[inet_http_server] ; inet (TCP) server disabled by default`
		`- ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface)`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- [supervisord]`
		`- logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)`
		`- logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)`
		`- logfile_backups=10 ; (num of main logfile rotation backups;default 10)`
		`- loglevel=info ; (log level;default info; others: debug,warn,trace)`
		`- pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)`
		`- nodaemon=false ; (start in foreground if true;default false)`
		`- minfds=1024 ; (min. avail startup file descriptors;default 1024)`
		`- minprocs=200 ; (min. avail process descriptors;default 200)`
		`- ;umask=022 ; (process file creation umask;default 022)`
		`- ;user=chrism ; (default is current user, required if root)`
		`- ;identifier=supervisor ; (supervisord identifier, default is 'supervisor')`
		`- ;directory=/tmp ; (default is not to cd during start)`
		`- ;nocleanup=true ; (don't clean up tempfiles at start;default false)`
		`- ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)`
		`- ;environment=KEY=value ; (key value pairs to add to environment)`
		`- ;strip_ansi=false ; (strip ansi escape codes in logs; def. false)`
		`-`
		`- ; the below section must remain in the config file for RPC`
		`- ; (supervisorctl/web interface) to work, additional interfaces may be`
		`- ; added by defining them in separate rpcinterface: sections`
		`- [rpcinterface:supervisor]`
		`- supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface`
		`-`
		`- [supervisorctl]`
		`- serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket`
		`- ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket`
		`- ;username=chris ; should be same as http_username if set`
		`- ;password=123 ; should be same as http_password if set`
		`- ;prompt=mysupervisor ; cmd line prompt (default "supervisor")`
		`- ;history_file=~/.sc_history ; use readline history if available`
		`-`
		`- ; The below sample program section shows all possible program subsection values,`
		`- ; create one or more 'real' program: sections to be able to control them under`
		`- ; supervisor.`
		`-`
		`- ;[program:theprogramname]`
		`- ;command=/bin/cat ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=999 ; the relative start priority (default 999)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=true ; retstart at unexpected quit (default: true)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)`
		`- ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions (def no adds)`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample eventlistener section shows all possible`
		`- ; eventlistener subsection values, create one or more 'real'`
		`- ; eventlistener: sections to be able to handle event notifications`
		`- ; sent by supervisor.`
		`-`
		`- ;[eventlistener:theeventlistenername]`
		`- ;command=/bin/eventlistener ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;events=EVENT ; event notif. types to subscribe to (req'd)`
		`- ;buffer_size=10 ; event buffer queue size (default 10)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=-1 ; the relative start priority (default -1)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=unexpected ; restart at unexpected quit (default: unexpected)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups ; # of stderr logfile backups (default 10)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample group section shows all possible group values,`
		`- ; create one or more 'real' group: sections to create "heterogeneous"`
		`- ; process groups.`
		`-`
		`- ;[group:thegroupname]`
		`- ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions`
		`- ;priority=999 ; the relative start priority (default 999)`
		`-`
		`- ; The [include] section can just contain the "files" setting. This`
		`- ; setting can list multiple files (separated by whitespace or`
		`- ; newlines). It can also contain wildcards. The filenames are`
		`- ; interpreted as relative to this file. Included files cannot`
		`- ; include files themselves.`
		`-`
		`- [program:postgresql]`
		`- ;command=/usr/lib/postgresql/9.1/bin/postgres -D /var/lib/postgresql/9.1/main -c config_file=/etc/postgresql/9.1/main/postgresql.conf`
		`- command=/usr/bin/postgres -D /var/lib/pgsql/data -p 5432`
		`- user=postgres`
		`- group=postgres`
		`-`
		`- [include]`
		`- files = supervisord.d/*.ini`

docker/database/files/usr/bin/run.sh

file removed

-10

		`@@ -1,10 +0,0 @@`
		`- #!/bin/bash`
		`-`
		`- export LANG=en_US.UTF-8`
		`-`
		`- /usr/bin/supervisord -c /etc/supervisord.conf`
		`-`
		`- supervisorctl start postgresql`
		`- su - postgres -c 'PGPASSWORD=coprpass ; createdb -E UTF8 coprdb ; yes $PGPASSWORD \| createuser -P -sDR copr-fe'`
		`-`
		`- /bin/bash`

docker/distgit-httpd/Dockerfile

file added

+33

		`@@ -0,0 +1,33 @@`
		`+ FROM fedora:30`
		`+ MAINTAINER copr-devel@lists.fedorahosted.org`
		`+`
		`+ # TERM is to make the tito work in container, rhbz#1733043`
		`+ ENV TERM=linux`
		`+`
		`+ # For copr-common`
		`+ RUN dnf -y install dnf-plugins-core && dnf -y copr enable @copr/copr`
		`+`
		`+ # base packages`
		`+ RUN dnf -y update && \`
		`+ dnf -y install htop \`
		`+ which \`
		`+ wget \`
		`+ vim \`
		`+ copr-selinux \`
		`+ cgit \`
		`+ tito`
		`+`
		`+ COPY . /copr`
praiskup commented 4 years ago This is only OK for development. Our production servers will run against released packages.
		`+`
		`+ RUN cd /copr/dist-git && \`
		`+ dnf builddep -y *spec && \`
		`+ tito build --rpm --test --rpmbuild-options='--nocheck' && \`
		`+ ( dnf -y install /tmp/tito/noarch/copr-dist-git*.noarch.rpm \|\| true ) && \`
		`+ dnf clean all`
		`+`
		`+ RUN rm /etc/httpd/conf.d/ssl.conf`
		`+`
		`+ RUN echo "AliasMatch \"/repo(/.)/md5(/.)\" \"/var/lib/dist-git/cache/lookaside\\$1\\$2\"" >> /etc/httpd/conf.d/dist-git/lookaside-copr.conf && \`
		`+ echo "Alias /repo/ /var/lib/dist-git/cache/lookaside/" >> /etc/httpd/conf.d/dist-git/lookaside-copr.conf`
		`+`
		`+ CMD ["/usr/sbin/httpd", "-DFOREGROUND"]`

docker/distgit/Dockerfile

file modified

+3 -9

		`@@ -3,6 +3,7 @@`

		`# TERM is to make the tito work in container, rhbz#1733043`
		`ENV TERM=linux`
		`+ ENV PYTHONPATH=/usr/share/copr/`

		`RUN dnf -y install dnf-plugins-core && dnf -y copr enable @copr/copr`

		`@@ -12,14 +13,13 @@`
		`which \`
		`wget \`
		`vim \`
		`- supervisor \`
		`copr-selinux \`
		`cgit \`
		`python3-rpkg \`
		`+ python3-ipdb \`
		`tito`

		`COPY . /copr`
		`- COPY docker/distgit/files/ /`

		`RUN cd /copr/dist-git && \`
		`dnf builddep -y *spec && \`
		`@@ -40,13 +40,7 @@`
		`echo " name = Copr dist git" >> /home/copr-dist-git/.gitconfig && \`
		`chown copr-dist-git:copr-dist-git /home/copr-dist-git/.gitconfig`

		`- RUN echo "AliasMatch \"/repo(/.)/md5(/.)\" \"/var/lib/dist-git/cache/lookaside\\$1\\$2\"" >> /etc/httpd/conf.d/dist-git/lookaside-copr.conf && \`
		`- echo "Alias /repo/ /var/lib/dist-git/cache/lookaside/" >> /etc/httpd/conf.d/dist-git/lookaside-copr.conf`
		`-`
		`RUN sed -i "s/^cache-size.*//" /etc/cgitrc`
		`-`
		`RUN echo 'scan-path=/var/lib/dist-git/git/rpms' \| tee -a /etc/cgitrc`

		`- RUN rm /etc/httpd/conf.d/ssl.conf`
		`-`
		`- CMD ["/bin/run.sh"]`
		`+ CMD ["/usr/sbin/runuser", "-u", "root", "-g", "packager", "/usr/bin/importer_runner.py"]`
praiskup commented 4 years ago I doubt `-u root` will be allowed in openshift.

docker/distgit/files/etc/supervisord.conf

file removed

-141

		`@@ -1,141 +0,0 @@`
		`- ; Sample supervisor config file.`
		`-`
		`- [unix_http_server]`
		`- file=/var/run/supervisor/supervisor.sock ; (the path to the socket file)`
		`- ;chmod=0700 ; sockef file mode (default 0700)`
		`- ;chown=nobody:nogroup ; socket file uid:gid owner`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- ;[inet_http_server] ; inet (TCP) server disabled by default`
		`- ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface)`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- [supervisord]`
		`- logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)`
		`- logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)`
		`- logfile_backups=10 ; (num of main logfile rotation backups;default 10)`
		`- loglevel=info ; (log level;default info; others: debug,warn,trace)`
		`- pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)`
		`- nodaemon=false ; (start in foreground if true;default false)`
		`- minfds=1024 ; (min. avail startup file descriptors;default 1024)`
		`- minprocs=200 ; (min. avail process descriptors;default 200)`
		`- ;umask=022 ; (process file creation umask;default 022)`
		`- ;user=chrism ; (default is current user, required if root)`
		`- ;identifier=supervisor ; (supervisord identifier, default is 'supervisor')`
		`- ;directory=/tmp ; (default is not to cd during start)`
		`- ;nocleanup=true ; (don't clean up tempfiles at start;default false)`
		`- ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)`
		`- ;environment=KEY=value ; (key value pairs to add to environment)`
		`- ;strip_ansi=false ; (strip ansi escape codes in logs; def. false)`
		`-`
		`- ; the below section must remain in the config file for RPC`
		`- ; (supervisorctl/web interface) to work, additional interfaces may be`
		`- ; added by defining them in separate rpcinterface: sections`
		`- [rpcinterface:supervisor]`
		`- supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface`
		`-`
		`- [supervisorctl]`
		`- serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket`
		`- ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket`
		`- ;username=chris ; should be same as http_username if set`
		`- ;password=123 ; should be same as http_password if set`
		`- ;prompt=mysupervisor ; cmd line prompt (default "supervisor")`
		`- ;history_file=~/.sc_history ; use readline history if available`
		`-`
		`- ; The below sample program section shows all possible program subsection values,`
		`- ; create one or more 'real' program: sections to be able to control them under`
		`- ; supervisor.`
		`-`
		`- ;[program:theprogramname]`
		`- ;command=/bin/cat ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=999 ; the relative start priority (default 999)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=true ; retstart at unexpected quit (default: true)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)`
		`- ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions (def no adds)`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample eventlistener section shows all possible`
		`- ; eventlistener subsection values, create one or more 'real'`
		`- ; eventlistener: sections to be able to handle event notifications`
		`- ; sent by supervisor.`
		`-`
		`- ;[eventlistener:theeventlistenername]`
		`- ;command=/bin/eventlistener ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;events=EVENT ; event notif. types to subscribe to (req'd)`
		`- ;buffer_size=10 ; event buffer queue size (default 10)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=-1 ; the relative start priority (default -1)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=unexpected ; restart at unexpected quit (default: unexpected)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups ; # of stderr logfile backups (default 10)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample group section shows all possible group values,`
		`- ; create one or more 'real' group: sections to create "heterogeneous"`
		`- ; process groups.`
		`-`
		`- ;[group:thegroupname]`
		`- ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions`
		`- ;priority=999 ; the relative start priority (default 999)`
		`-`
		`- ; The [include] section can just contain the "files" setting. This`
		`- ; setting can list multiple files (separated by whitespace or`
		`- ; newlines). It can also contain wildcards. The filenames are`
		`- ; interpreted as relative to this file. Included files cannot`
		`- ; include files themselves.`
		`-`
		`- [program:copr-dist-git]`
		`- environment=PYTHONPATH=/usr/share/copr/`
		`- command=/usr/bin/importer_runner.py`
		`- ;user=copr-dist-git`
		`- user=root`
		`- group=packager`
		`-`
		`- [program:httpd]`
		`- redirect_stderr=true`
		`- command=/usr/sbin/httpd -DFOREGROUND`
		`- process_name = httpd`
		`-`
		`- [include]`
		`- files = supervisord.d/*.ini`

docker/distgit/files/usr/bin/run.sh

file removed

-12

		`@@ -1,12 +0,0 @@`
		`- #!/bin/bash`
		`-`
		`- /usr/bin/supervisord -c /etc/supervisord.conf`
		`-`
		`- cat <<-EOF`
		`- echo "#########################################################"`
		`- echo "### Your development instance of Copr Dist Git ###"`
		`- echo "### is now running at: http://localhost:5001/cgit ###"`
		`- echo "#########################################################"`
		`- EOF`
		`-`
		`- /bin/bash`

docker/frontend/Dockerfile

file modified

+7 -2

		`@@ -3,9 +3,12 @@`

		`# TERM is to make the tito work in container, rhbz#1733043`
		`ENV TERM=linux`
		`+ ENV LANG=en_US.UTF-8`

		`RUN dnf -y install dnf-plugins-core && dnf -y copr enable @copr/copr`

		`+ RUN echo 'nameserver 8.8.8.8' \| tee -a /etc/resolv.conf`
		`+`
		`# base packages`
		`RUN dnf -y update && \`
		`dnf -y install htop \`
		`@@ -15,9 +18,9 @@`
		`vim \`
		`yum \`
		`sudo \`
		`- supervisor \`
		`copr-selinux \`
		`python3-alembic \`
		`+ python3-ipdb \`
		`postgresql-server \`
		`redis \`
		`mock-core-configs \`
		`@@ -33,6 +36,8 @@`
		`( dnf -y install /tmp/tito/noarch/copr-frontend*.noarch.rpm \|\| true ) && \`
		`dnf clean all`

		`- RUN echo 'nameserver 8.8.8.8' \| tee -a /etc/resolv.conf`
		`+ RUN mkdir -p /usr/share/copr/data/whooshee`
		`+ RUN chown -R copr-fe:copr-fe /usr/share/copr`
		`+ RUN chown -R copr-fe:copr-fe /var/log/copr-frontend`
praiskup commented 4 years ago Again, this isn't to be fixed right now, but ... It sounds weird to adjust permissions like that. During `podman bud`, such directories should only be owned by the copr-frontend package, and should have correct ownership.

		`CMD ["/bin/run.sh"]`

docker/frontend/files/etc/copr/copr.conf

file modified

+1 -1

		`@@ -84,7 +84,7 @@`
		`PUBLIC_COPR_BASE_URL = 'http://frontend:5000'`

		`BACKEND_BASE_URL = 'http://backend_httpd:5002'`
		`- DIST_GIT_CLONE_URL = 'http://distgit/git/'`
		`+ DIST_GIT_CLONE_URL = 'http://distgit-httpd/git/'`
		`DIST_GIT_URL = 'http://localhost:5001/cgit'`
		`COPR_DIST_GIT_LOGS_URL = 'http://localhost:5001/per-task-logs'`

docker/frontend/files/etc/supervisord.conf

file removed

-135

		`@@ -1,135 +0,0 @@`
		`- ; Sample supervisor config file.`
		`-`
		`- [unix_http_server]`
		`- file=/var/run/supervisor/supervisor.sock ; (the path to the socket file)`
		`- ;chmod=0700 ; sockef file mode (default 0700)`
		`- ;chown=nobody:nogroup ; socket file uid:gid owner`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- ;[inet_http_server] ; inet (TCP) server disabled by default`
		`- ;port=127.0.0.1:9001 ; (ip_address:port specifier, *:port for all iface)`
		`- ;username=user ; (default is no username (open server))`
		`- ;password=123 ; (default is no password (open server))`
		`-`
		`- [supervisord]`
		`- logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)`
		`- logfile_maxbytes=50MB ; (max main logfile bytes b4 rotation;default 50MB)`
		`- logfile_backups=10 ; (num of main logfile rotation backups;default 10)`
		`- loglevel=info ; (log level;default info; others: debug,warn,trace)`
		`- pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)`
		`- nodaemon=false ; (start in foreground if true;default false)`
		`- minfds=1024 ; (min. avail startup file descriptors;default 1024)`
		`- minprocs=200 ; (min. avail process descriptors;default 200)`
		`- ;umask=022 ; (process file creation umask;default 022)`
		`- ;user=chrism ; (default is current user, required if root)`
		`- ;identifier=supervisor ; (supervisord identifier, default is 'supervisor')`
		`- ;directory=/tmp ; (default is not to cd during start)`
		`- ;nocleanup=true ; (don't clean up tempfiles at start;default false)`
		`- ;childlogdir=/tmp ; ('AUTO' child log dir, default $TEMP)`
		`- ;environment=KEY=value ; (key value pairs to add to environment)`
		`- ;strip_ansi=false ; (strip ansi escape codes in logs; def. false)`
		`-`
		`- ; the below section must remain in the config file for RPC`
		`- ; (supervisorctl/web interface) to work, additional interfaces may be`
		`- ; added by defining them in separate rpcinterface: sections`
		`- [rpcinterface:supervisor]`
		`- supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface`
		`-`
		`- [supervisorctl]`
		`- serverurl=unix:///var/run/supervisor/supervisor.sock ; use a unix:// URL for a unix socket`
		`- ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket`
		`- ;username=chris ; should be same as http_username if set`
		`- ;password=123 ; should be same as http_password if set`
		`- ;prompt=mysupervisor ; cmd line prompt (default "supervisor")`
		`- ;history_file=~/.sc_history ; use readline history if available`
		`-`
		`- ; The below sample program section shows all possible program subsection values,`
		`- ; create one or more 'real' program: sections to be able to control them under`
		`- ; supervisor.`
		`-`
		`- ;[program:theprogramname]`
		`- ;command=/bin/cat ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=999 ; the relative start priority (default 999)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=true ; retstart at unexpected quit (default: true)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups=10 ; # of stderr logfile backups (default 10)`
		`- ;stderr_capture_maxbytes=1MB ; number of bytes in 'capturemode' (default 0)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions (def no adds)`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample eventlistener section shows all possible`
		`- ; eventlistener subsection values, create one or more 'real'`
		`- ; eventlistener: sections to be able to handle event notifications`
		`- ; sent by supervisor.`
		`-`
		`- ;[eventlistener:theeventlistenername]`
		`- ;command=/bin/eventlistener ; the program (relative uses PATH, can take args)`
		`- ;process_name=%(program_name)s ; process_name expr (default %(program_name)s)`
		`- ;numprocs=1 ; number of processes copies to start (def 1)`
		`- ;events=EVENT ; event notif. types to subscribe to (req'd)`
		`- ;buffer_size=10 ; event buffer queue size (default 10)`
		`- ;directory=/tmp ; directory to cwd to before exec (def no cwd)`
		`- ;umask=022 ; umask for process (default None)`
		`- ;priority=-1 ; the relative start priority (default -1)`
		`- ;autostart=true ; start at supervisord start (default: true)`
		`- ;autorestart=unexpected ; restart at unexpected quit (default: unexpected)`
		`- ;startsecs=10 ; number of secs prog must stay running (def. 1)`
		`- ;startretries=3 ; max # of serial start failures (default 3)`
		`- ;exitcodes=0,2 ; 'expected' exit codes for process (default 0,2)`
		`- ;stopsignal=QUIT ; signal used to kill process (default TERM)`
		`- ;stopwaitsecs=10 ; max num secs to wait b4 SIGKILL (default 10)`
		`- ;user=chrism ; setuid to this UNIX account to run the program`
		`- ;redirect_stderr=true ; redirect proc stderr to stdout (default false)`
		`- ;stdout_logfile=/a/path ; stdout log path, NONE for none; default AUTO`
		`- ;stdout_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stdout_logfile_backups=10 ; # of stdout logfile backups (default 10)`
		`- ;stdout_events_enabled=false ; emit events on stdout writes (default false)`
		`- ;stderr_logfile=/a/path ; stderr log path, NONE for none; default AUTO`
		`- ;stderr_logfile_maxbytes=1MB ; max # logfile bytes b4 rotation (default 50MB)`
		`- ;stderr_logfile_backups ; # of stderr logfile backups (default 10)`
		`- ;stderr_events_enabled=false ; emit events on stderr writes (default false)`
		`- ;environment=A=1,B=2 ; process environment additions`
		`- ;serverurl=AUTO ; override serverurl computation (childutils)`
		`-`
		`- ; The below sample group section shows all possible group values,`
		`- ; create one or more 'real' group: sections to create "heterogeneous"`
		`- ; process groups.`
		`-`
		`- ;[group:thegroupname]`
		`- ;programs=progname1,progname2 ; each refers to 'x' in [program:x] definitions`
		`- ;priority=999 ; the relative start priority (default 999)`
		`-`
		`- ; The [include] section can just contain the "files" setting. This`
		`- ; setting can list multiple files (separated by whitespace or`
		`- ; newlines). It can also contain wildcards. The filenames are`
		`- ; interpreted as relative to this file. Included files cannot`
		`- ; include files themselves.`
		`-`
		`- [program:httpd]`
		`- ;command=/usr/sbin/httpd -c "ErrorLog /dev/stdout" -DFOREGROUND`
		`- redirect_stderr=true`
		`- command=/usr/sbin/httpd -DFOREGROUND`
		`- process_name = httpd`
		`-`
		`- [include]`
		`- files = supervisord.d/*.ini`

docker/frontend/files/usr/bin/run.sh

file modified

+4 -26

		`@@ -1,33 +1,11 @@`
		`#!/bin/bash`

		`- export LANG=en_US.UTF-8`
		`-`
		`- /usr/bin/supervisord -c /etc/supervisord.conf`
		`-`
		`- chown -R copr-fe:copr-fe /var/log/copr-frontend`
		`- chown -R copr-fe:copr-fe /usr/share/copr`
		+ # @FIXME The `database` container can be up while postgresql can be unreachable for few miliseconds
		`+ # and therefore the alembic migration fails. Waiting 1s workarounds the issue`
		`+ sleep 1`

		`cd /usr/share/copr/coprs_frontend/ && sudo -u copr-fe copr-frontend create-db --alembic alembic.ini`
		`sudo -u copr-fe copr-frontend create-chroot \`
		`$(ls /etc/mock/{fedora,epel}-*-{i386,x86_64}.cfg \|xargs -I{} -n1 basename {} .cfg)`

		`- # selinux: make data dir writeable for httpd`
		`- # TODO: probly correct solution is to uncomment first four lines in`
		`- # coprs_frontend/config/copr.conf so that data are stored under /var/lib`
		`- # and not under /usr/share/copr. copr-selinux does not account for storing`
		`- # data under /usr/share/copr/. Discuss this with peers.`
		`- chcon -R -t httpd_sys_rw_content_t /usr/share/copr/data`
		`-`
		`-`
		`-`
		`- echo "#########################################################"`
		`- echo "### Your development instance of Copr Frontend ###"`
		`- echo "### is now running at: http://localhost:5000 ###"`
		`- echo "#########################################################"`
		`-`
		`- # Workaround`
		`- setenforce 0`
		`-`
		`- supervisorctl restart httpd`
		`-`
		`- /bin/bash`
		`+ /usr/sbin/httpd -DFOREGROUND`
praiskup commented 4 years ago I don't know whether it is possible, but theoretically we could just use https://github.com/sclorg/httpd-container But not now...

frontend/coprs_frontend/commands/create_sqlite_file.py

file modified

+11 -6

		`@@ -1,15 +1,20 @@`
		`import os`
		`import flask`
		`import click`
		`+ from coprs import app`


		`def create_sqlite_file_function():`
		`- if flask.current_app.config["SQLALCHEMY_DATABASE_URI"].startswith("sqlite"):`
		`- # strip sqlite:///`
		`- datadir_name = os.path.dirname(`
		`- flask.current_app.config["SQLALCHEMY_DATABASE_URI"][10:])`
		`- if not os.path.exists(datadir_name):`
		`- os.makedirs(datadir_name)`
		`+ with app.app_context():`
		`+ uri = app.config["SQLALCHEMY_DATABASE_URI"]`
		`+`
		`+ if not uri.startswith("sqlite"):`
		`+ return None`
		`+`
		`+ # strip sqlite:///`
		`+ datadir_name = os.path.dirname(uri[10:])`
		`+ if not os.path.exists(datadir_name):`
		`+ os.makedirs(datadir_name)`

		`@click.command()`
		`def create_sqlite_file():`

frostyx commented 4 years ago

In this PR, I am removing supervisord from our docker containers. A byproduct of this change was fragmenting our existing containers into multiple smaller ones, each running only one process on the foreground.

Additionally, all of our containers were executing /bin/run.sh script from the CMD instruction. This script was then starting supervisord and also optionally running some commands. I got rid of those scripts with only one exception which is frontend container. I can't see any other way how to run alembic migrations. I suppose we will figure this thing out once we get all of it running in OpenShift.

That being said, running in OpenShift will 100% require some additional tweaks, but I just don't want to delay sharing these changes with you.

This won't be fun to review, I am sorry for that.

There is another important information - this PR will break the development workflow described here - http://frostyx.cz/posts/copr-stack-dockerized#my-personal-workflow , which AFAIK half of our team follow. So I suggest the following temporary solution before we completely migrate to CommuniShift and figure out a new way to try changes locally.

Let's use frontend container as an example here, but this is applicable for all other containers. The docker/frontend/Dockerfile says, that copr-frontend package is installed via tito. Then /usr/bin/httpd process is executed on the foreground. If you make a change in the source code and want to preview that change, the former workflow would suggest killing the httpd process and then running something like

PYTHONPATH=/opt/copr/frontend/coprs_frontend sudo --preserve-env=PYTHONPATH -u copr-fe /opt/copr/frontend/coprs_frontend/manage.py runserver -p 5000 -h 0.0.0.0 --without-threads --no-reload

Which won't work because killing the httpd process will kill the whole container. I don't know how to deal with this properly and more importantly comfortably (because we want our ipdb, not having to rebuild containers after each change, etc). For this reason, I've added docker-compose.dev.yaml and docker-compose.shell.yaml which extends the main one. Remember, this is a temporary solution until we finish the transition. These files override CMD from the Dockerfiles and

docker-compose.dev.yaml - runs the services from /opt/copr , which is a shared codebase from the host
docker-compose.shell.yaml - doesn't run any service, it just starts prepared container but rest is up to you

So let's say, that you completely wiped your current docker-compose environment and created a new one from this PR

docker-compose down --rmi 'all'
docker-compose up -d

Everything should be working now. Then you made a change in frontend's code. I would suggest running

docker-compose -f docker-compose.yaml -f docker-compose.shell.yaml up -d frontend

which will use the main docker-compose file, override it by the shell one, stop the current frontend container and run a new one with just bash. You can open it as usual

docker exec -it copr_frontend_1 bash

Then you can run

[root@frontend /]# PYTHONPATH=/opt/copr/frontend/coprs_frontend sudo --preserve-env=PYTHONPATH -u copr-fe /opt/copr/frontend/coprs_frontend/manage.py runserver -p 5000 -h 0.0.0.0 --without-threads --no-reload

see the change, and work as you are used to.

praiskup commented 4 years ago

Which won't work because killing the httpd process will kill the whole container. I don't know how to deal with this properly and more importantly comfortably

Basically, from OpenShift POV, restarting the process shouldn't be a big issue. Everything
should happen automatically.

praiskup commented 4 years ago

That said, I agree with the adjusted local workflow, taking into account that we should sooner or later give up the *-compose thing entirely. That's just additional maintenance when we can use openshift directly.

praiskup commented on line 38 of docker/frontend/files/usr/bin/run.sh 4 years ago

I don't know whether it is possible, but theoretically we could just use https://github.com/sclorg/httpd-container
But not now...

praiskup commented on line 32 of docker/frontend/Dockerfile 4 years ago

Again, this isn't to be fixed right now, but ...
It sounds weird to adjust permissions like that. During podman bud, such directories should only be owned by the copr-frontend package, and should have correct ownership.

praiskup commented on line 39 of docker/distgit/Dockerfile 4 years ago

I doubt -u root will be allowed in openshift.

praiskup commented on line 21 of docker/distgit-httpd/Dockerfile 4 years ago

This is only OK for development. Our production servers will run against released packages.

praiskup commented 4 years ago

This is WIP, and I don't see any reason not to merge ... so feel free as you wish. There are dozens of things we need to iterate on and doing it everything at once isn't worth it.

frostyx commented 4 years ago

Thank you for the review @praiskup,
I will let the PR open until tomorrow morning to give @dturecek and @thrnciar time to check, whether it breaks something for their local development. Then I will merge and continue working on the things, you pointed out in the comments.

frostyx commented 4 years ago

There is no negative feedback, I am merging the PR so we can work on a next iteration on the Dockerfiles.

Basically, from OpenShift POV, restarting the process shouldn't be a big issue. Everything
should happen automatically.

Agreed, this is a bummer only for local development.

That said, I agree with the adjusted local workflow, taking into account that we should sooner or later give up the *-compose thing entirely. That's just additional maintenance when we can use openshift directly.

Agreed, managing two different ways to orchestrate the containers for (local) development is a waste of resources. That being said the docker-compose.yaml is quite simple and reliable (for the lack of a better word). When there is a problem with the dev environment, it is rarely caused by the docker-compose, but rather by the Dockerfiles themselves almost every time.

We will ultimately get rid of it, no doubt. But we don't need to unnecessarily rush it, that's all that I am trying to say.

I don't know whether it is possible, but theoretically we could just use https://github.com/sclorg/httpd-container

It sounds weird to adjust permissions like that.

I doubt -u root will be allowed in openshift.

This is only OK for development. Our production servers will run against released packages.

Those are good points, let's address them in separate pull requests

rebased onto 828fc9e

4 years ago

Pull-Request has been merged by frostyx

4 years ago