From 1c339279fceef41c232198f1653f3f2adbe171a1 Mon Sep 17 00:00:00 2001 From: Oliver Heger Date: Thu, 20 Aug 2020 14:26:55 +0200 Subject: [PATCH 1/2] chore: replace proxy.env by template If proxy settings need to be configured, the proxy.env file is always reported by git as modified. To prevent this, it has been replaced by a template file. The template can be copied to proxy.env and modified. proxy.env has been added to .gitignore; therefore it can be freely manipulated. Signed-off-by: Oliver Heger --- .gitignore | 1 + README.md | 9 ++++++--- configuration/{proxy.env => proxy.env.template} | 7 ++++++- sw360chores.pl | 6 ++++++ 4 files changed, 19 insertions(+), 4 deletions(-) rename configuration/{proxy.env => proxy.env.template} (61%) diff --git a/.gitignore b/.gitignore index a36dadf..436c7f0 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ _* .idea *.war /miscellaneous/prepare-liferay/downloads +/configuration/proxy.env diff --git a/README.md b/README.md index d0ab719..7c064ea 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,7 @@ configuration │   ├── nginx.pem │   └── regenerateCerts.sh ├── POSTGRES_PASSWORD -├── proxy.env +├── proxy.env.template └── sw360 ├── sw360.env ├── fossology @@ -97,8 +97,11 @@ There is also the file `./configuration/nginx/regenerateCerts.sh`, which is used #### The file `./configuration/POSTGRES_PASSWORD` This file just contains the password for postgres and it is added as secret to the containers. -#### The file `./configuration/proxy.env` -Here one can add proxy settings, which are passed to all docker-compose calls and into the containers, which need to connect to the internet. +#### The file `./configuration/proxy.env.template` +This is a template file for configuring proxy settings. To enable support for a proxy, copy this file to a file named `proxy.env` (in +the same folder). In `proxy.env` one can add proxy settings, which are passed to all docker-compose calls and into the containers, which need to connect to the internet. + +_Note:_ The file `proxy.env` is excluded from source control; so it is not shown as outgoing changes. #### The folder `./configuration/sw360/` diff --git a/configuration/proxy.env b/configuration/proxy.env.template similarity index 61% rename from configuration/proxy.env rename to configuration/proxy.env.template index 9974399..71c03cd 100644 --- a/configuration/proxy.env +++ b/configuration/proxy.env.template @@ -6,8 +6,13 @@ # which accompanies this distribution, and is available at # http://www.eclipse.org/legal/epl-v10.html +# Template for a proxy configuration file. This file provides a # common environment for adding proxy settings, sourced by containers which need -# to talk to the outside while running +# to talk to the outside while running. +# In order to activate proxy settings, create a copy of this template under the +# name 'proxy.env' and adapt the properties according to your needs. +# (The file proxy.env is excluded from version control; so a 'git status' +# command will show no modifications.) #proxy_host=myproxy.example.invalid #proxy_port=8080 diff --git a/sw360chores.pl b/sw360chores.pl index 77121a1..767fe6a 100755 --- a/sw360chores.pl +++ b/sw360chores.pl @@ -164,6 +164,12 @@ =head1 SYNOPSIS say STDERR " \@ARGV = @ARGV"; } +# create proxy.env file from template if it does not exist yet +if (not -e "configuration/proxy.env") { + say "INFO: creating proxy.env from template."; + copy ("configuration/proxy.env.template", "configuration/proxy.env"); +} + ################################################################################ my $imagesSrcDir = "./docker-images"; my $saveDir = "./_images"; From 2b7e8a203a074e70659e72d45f6e66d41ae74082 Mon Sep 17 00:00:00 2001 From: Oliver Heger Date: Fri, 21 Aug 2020 10:37:19 +0200 Subject: [PATCH 2/2] feat: add support for network mode host The sw360chpores.pl script now supports the new parameter --net-host to enable the Docker network mode host. This is useful when building images in a restricted network environment. Resolves #79 Signed-off-by: Oliver Heger --- docker-images/couchdb-lucene/prepare.sh | 29 ++++++++++++++++++++++--- sw360chores.pl | 16 ++++++++++++-- 2 files changed, 40 insertions(+), 5 deletions(-) diff --git a/docker-images/couchdb-lucene/prepare.sh b/docker-images/couchdb-lucene/prepare.sh index 8da29dd..5788aad 100755 --- a/docker-images/couchdb-lucene/prepare.sh +++ b/docker-images/couchdb-lucene/prepare.sh @@ -13,7 +13,22 @@ DIR="$(cd "$(dirname "${BASH_SOURCE[0]}" )" && pwd )" BRANCH="v2.1.0" TARGET="couchdb-lucene-2.1.0-dist.zip" -if [[ $1 == "--cleanup" ]]; then +CLEANUP=false +NO_DOCKER=false +NET_HOST=false + +for arg in "$@" +do + if [[ $arg == "--cleanup" ]]; then + CLEANUP=true + elif [[ $arg == "build-without-docker" ]]; then + NO_DOCKER=true + elif [[ $arg == "--net-host" ]]; then + NET_HOST=true + fi +done + +if [[ "$CLEANUP" == true ]]; then if [ -f "$TARGET" ]; then rm "$TARGET" fi @@ -31,9 +46,12 @@ if [ ! -f "$DIR/$TARGET" ]; then TMP=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXX) git clone --branch $BRANCH --depth 1 https://github.com/rnewson/couchdb-lucene "$TMP/couchdb-lucene.git" - cmdMvn="mvn -DskipTests -Dhttp.proxyHost=$proxy_host -Dhttp.proxyPort=$proxy_port -Dhttps.proxyHost=$proxy_host -Dhttps.proxyPort=$proxy_port -Dhttp.nonProxyHosts=localhost" + cmdMvn="mvn -DskipTests " + if [ "$NET_HOST" -eq false ] || [ "$NO_DOCKER" -eq true ]; then + cmdMvn="$cmdMvn -Dhttp.proxyHost=$proxy_host -Dhttp.proxyPort=$proxy_port -Dhttps.proxyHost=$proxy_host -Dhttps.proxyPort=$proxy_port -Dhttp.nonProxyHosts=localhost" + fi echo "DEBUG: $cmdMvn" - if [[ $1 == "build-without-docker" ]]; then + if [[ "$NO_DOCKER" == true ]]; then ( cd "$TMP/couchdb-lucene.git" $cmdMvn @@ -45,6 +63,10 @@ if [ ! -f "$DIR/$TARGET" ]; then } } + paramHost="" + if [ "$NET_HOST" == true ]; then + paramHost="--net=host" + fi cmdDocker="$(addSudoIfNeeded) docker" $cmdDocker pull maven:3-jdk-8-alpine $cmdDocker run -i \ @@ -52,6 +74,7 @@ if [ ! -f "$DIR/$TARGET" ]; then -v "$TMP/couchdb-lucene.git:/couchdb-lucene" \ --env MAVEN_CONFIG=/tmp/ \ -w /couchdb-lucene \ + $paramHost \ maven:3-jdk-8-alpine \ $cmdMvn -Dmaven.repo.local=/tmp/m2/repository fi diff --git a/sw360chores.pl b/sw360chores.pl index 767fe6a..39dffb1 100755 --- a/sw360chores.pl +++ b/sw360chores.pl @@ -44,6 +44,8 @@ =head1 SYNOPSIS ./sw360chores.pl --prod [options] [-- arguments for docker-compose] ## enable cve-search server ./sw360chores.pl --cve-search [options] [-- arguments for docker-compose] + ## enable network=host when building docker images: + ./sw360chores.pl --net-host [options] [-- arguments for docker-compose] # evironmental variables $SW360CHORES_VERSION @@ -86,6 +88,7 @@ =head1 SYNOPSIS my $backupDir = ''; my $restoreDir = ''; my $debug = ''; +my $netHost = ''; { # parse config and read command line arguments my $configFile = "./configuration/configuration.pl"; @@ -135,7 +138,8 @@ =head1 SYNOPSIS }, # misc 'help' => sub {pod2usage();}, - 'debug' => \$debug + 'debug' => \$debug, + 'net-host' => \$netHost ) or pod2usage(); } $ENV{COMPOSE_PROJECT_NAME} = $projectName; @@ -155,6 +159,7 @@ =head1 SYNOPSIS say STDERR " \$cpDeployDir = " . ($cpDeployDir // ""); say STDERR " \$backupDir = $backupDir"; say STDERR " \$restoreDir = $restoreDir"; + say STDERR " \$netHost = $netHost"; say STDERR " \$debug = $debug"; say STDERR " environmental variables:"; say STDERR " SW360CHORES_VERSION = $ENV{SW360CHORES_VERSION}" if defined($ENV{SW360CHORES_VERSION}); @@ -311,6 +316,9 @@ =head1 SYNOPSIS unshift(@args, ("--build-arg", "https_proxy=$ENV{'https_proxy'}")) if (defined $ENV{"https_proxy"}); unshift(@args, ("--build-arg", "no_proxy=$ENV{'no_proxy'}")) if (defined $ENV{"no_proxy"}); + if($netHost) { + unshift(@args, "--network=host") + } unshift(@args, ("build", "-t", "sw360/$name", "--rm=true", "--force-rm=true")); push @args, "$imagesSrcDir/$name/"; @@ -383,7 +391,11 @@ sub prepareImage { if (-x $prepareScriptPl) { do $prepareScriptPl; } elsif (-x $prepareScriptSh) { - 0 == system($prepareScriptSh) + my @cmd = ($prepareScriptSh); + if($netHost) { + push @cmd, ("--net-host"); + } + 0 == system(@cmd) or die "failed to prepare $name"; } }