mir/vinyldns
2
0
Fork 0
mirror of https://github.com/VinylDNS/vinyldns synced 2025-08-22 02:02:14 +00:00
Code Issues Releases Wiki Activity

Update Release

Browse Source 
- Added images to `build/docker`
- Update `quickstart` script to be more functional
This commit is contained in:
Emerle, Ryan 2021-11-01 12:25:17 -04:00
parent f2db11e89a
commit c4d10a201e
No known key found for this signature in database
GPG Key ID: C0D34C592AED41CE
22 changed files with 476 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci.yml vendored
View File

@ -28,4 +28,4 @@ jobs:
- name: Codecov
uses: codecov/codecov-action@v1
with:
fail_ci_if_error: true # optional (default = false)
fail_ci_if_error: true

3
.github/workflows/publish-site.yml vendored
View File

@ -5,8 +5,7 @@ name: Microsite
on:
push:
branches:
- master
branches: [ 'master', 'main' ]
jobs:
site:

14
build/docker/.env
View File

@ -1,17 +1,19 @@
REST_PORT=9000
# portal settings
# Portal settings
PORTAL_PORT=9001
PLAY_HTTP_SECRET_KEY=change-this-for-prod
VINYLDNS_BACKEND_URL=http://vinyldns-integration:9000
VINYLDNS_BACKEND_URL=http://vinyldns-api:9000
LDAP_PROVIDER_URL=ldap://vinyldns-ldap:19004
TEST_LOGIN=false
# API Settings
REST_PORT=9000
SQS_ENDPOINT=http://vinyldns-integration:19003
SNS_SERVICE_ENDPOINT=http://vinyldns-integration:19003
MYSQL_ENDPOINT=vinyldns-integration:19002
TEST_LOGIN=true
DEFAULT_DNS_ADDRESS=vinyldns-integration:19001
JDBC_DRIVER=org.mariadb.jdbc.Driver
JDBC_URL=jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass
JDBC_MIGRATION_URL=jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass
JDBC_USER=root
JDBC_PASSWORD=pass
DEFAULT_DNS_ADDRESS=127.0.0.1:19001

6
build/docker/api/.jvmopts
View File

@ -1,6 +0,0 @@
-Xms512M
-Xmx1024M
-Xss2M
-XX:MaxMetaspaceSize=512M
-XX:ReservedCodeCacheSize=512M
-Djava.net.preferIPv4Stack=true

47
build/docker/api/Dockerfile
View File

@ -1,31 +1,36 @@
FROM hseeberger/scala-sbt:11.0.8_1.3.13_2.11.12 as builder
# Build VinylDNS API if the JAR doesn't already exist
FROM vinyldns/build:base-build as base-build
COPY . /build/
WORKDIR /build
ARG BRANCH=master
ARG VINYLDNS_VERSION
RUN git clone -b ${BRANCH} --single-branch --depth 1 https://github.com/vinyldns/vinyldns.git /vinyldns
# The default jvmopts are huge, meant for running everything, use a paired down version
COPY .jvmopts /vinyldns
RUN cd /vinyldns ; sbt "set version in ThisBuild := \"${VINYLDNS_VERSION}\"" api/stage
## Run the build if we don't already have a vinyldns.jar
RUN mkdir -p /opt/vinyldns/conf && \
if [ -f assembly/vinyldns.jar ]; then cp assembly/vinyldns.jar /opt/vinyldns/; fi && \
if [ ! -f /opt/vinyldns/vinyldns.jar ]; then \
env SBT_OPTS="-XX:+UseConcMarkSweepGC -Xmx4G -Xms1G" \
sbt -Dbuild.scalafmtOnCompile=false -Dbuild.lintOnCompile=fase ";project api;coverageOff;assembly" \
&& cp assembly/vinyldns.jar /opt/vinyldns/; \
fi
FROM adoptopenjdk/openjdk11:jdk-11.0.8_10-alpine
RUN apk add --update --no-cache netcat-openbsd bash
COPY --from=builder /vinyldns/modules/api/target/universal/stage /opt/docker
# This will set the vinyldns version, make sure to have this in config... version = ${?VINYLDNS_VERSION}
ARG DOCKER_FILE_PATH
ARG VINYLDNS_VERSION
ENV VINYLDNS_VERSION=$VINYLDNS_VERSION
RUN mkdir -p /opt/docker/lib_extra
RUN apk add --update --no-cache bash && mkdir -p /opt/vinyldns/lib_extra
COPY --from=base-build /opt/vinyldns /opt/vinyldns
COPY ${DOCKER_FILE_PATH}/application.conf /opt/vinyldns/conf
COPY ${DOCKER_FILE_PATH}/logback.xml /opt/vinyldns/conf
RUN echo "${VINYLDNS_VERSION}" > /opt/vinyldns/conf/version
# Mount the volume for config file and lib extras
# Note: These volume names are used in the build.sbt
VOLUME ["/opt/docker/lib_extra/", "/opt/docker/conf"]
VOLUME ["/opt/vinyldns/lib_extra/", "/opt/vinyldns/conf/"]
EXPOSE 9000
ENTRYPOINT ["/opt/docker/bin/api"]
ENTRYPOINT ["/bin/bash", "-c", "java -Dconfig.file=/opt/vinyldns/conf/application.conf \
-Dlogback.configurationFile=/opt/vinyldns/conf/logback.xml \
-Dvinyldns.version=$(cat /opt/vinyldns/conf/version) \
-cp /opt/vinyldns/lib_extra/* \
-jar /opt/vinyldns/vinyldns.jar" ]

49
build/docker/api/Makefile Normal file
View File

@ -0,0 +1,49 @@
SHELL=bash
IMAGE_TAG=$(shell awk -F'"' '{print $$2}' ../../../version.sbt)
IMAGE_NAME=vinyldns/api
ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
# Check that the required version of make is being used
REQ_MAKE_VER:=3.82
ifneq ($(REQ_MAKE_VER),$(firstword $(sort $(MAKE_VERSION) $(REQ_MAKE_VER))))
$(error The version of MAKE $(REQ_MAKE_VER) or higher is required; you are running $(MAKE_VERSION))
endif
# Extract arguments for `make run`
EXTRACT_ARGS=true
ifeq (run,$(firstword $(MAKECMDGOALS)))
EXTRACT_ARGS=true
endif
ifeq ($(EXTRACT_ARGS),true)
# use the rest as arguments for "run"
WITH_ARGS ?= $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS))
endif
ifdef $(WITH_ARGS)
ARG_SEPARATOR=--
endif
%:
@:
.ONESHELL:
.PHONY: all build run publish
all: build run
build:
@set -euo pipefail
cd ../../..
docker build $(BUILD_ARGS) --build-arg DOCKER_FILE_PATH="$$(realpath --relative-to="." "$(ROOT_DIR)")" --build-arg VINYLDNS_VERSION="$(IMAGE_TAG)" -t $(IMAGE_NAME):$(IMAGE_TAG) -f "$(ROOT_DIR)/Dockerfile" .
docker tag $(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE_NAME):latest
run:
@set -euo pipefail
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -it --rm --env-file "$(ROOT_DIR)/../.env" --network vinyldns_net $(DOCKER_PARAMS) -v "$$(pwd)/:/opt/vinyldns/conf/" -p 9000:9000 $(IMAGE_NAME):$(IMAGE_TAG) $(ARG_SEPARATOR) $(WITH_ARGS)
publish: build
@set -euo pipefail
DOCKER_CONTENT_TRUST=1 docker push $(IMAGE_NAME):$(IMAGE_TAG)
DOCKER_CONTENT_TRUST=1 docker push $(IMAGE_NAME):latest

330
build/docker/api/application.conf
View File

@ -1,48 +1,165 @@
vinyldns {
version = "unknown"
version = ${?VINYLDNS_VERSION}
base-version = "0.0.0-local-dev"
version = ${vinyldns.base-version} # default to the base version if not overridden
version = ${?VINYLDNS_VERSION} # override the base version via env var
# How often to any particular zone can be synchronized in milliseconds
sync-delay = 10000
sync-delay = ${?SYNC_DELAY}
# If we should start up polling for change requests, set this to false for the inactive cluster
processing-disabled = false
processing-disabled = ${?PROCESSING_DISABLED}
# Number of records that can be in a zone
max-zone-size = 60000
max-zone-size = ${?MAX_ZONE_SIZE}
# Types of unowned records that users can access in shared zones
shared-approved-types = ["A", "AAAA", "CNAME", "PTR", "TXT"]
# Batch change settings
batch-change-limit = 1000
batch-change-limit = ${?BATCH_CHANGE_LIMIT}
manual-batch-review-enabled = true
manual-batch-review-enabled = ${?MANUAL_BATCH_REVIEW_ENABLED}
scheduled-changes-enabled = true
scheduled-changes-enabled = ${?SCHEDULED_CHANGES_ENABLED}
multi-record-batch-change-enabled = true
multi-record-batch-change-enabled = ${?MULTI_RECORD_BATCH_CHANGE_ENABLED}
# configured backend providers
backend {
# Use "default" when dns backend legacy = true
# otherwise, use the id of one of the connections in any of your backends
default-backend-id = "default"
# this is where we can save additional backends
backend-providers = [
{
class-name = "vinyldns.api.backend.dns.DnsBackendProviderLoader"
settings = {
legacy = false
backends = [
{
id = "default"
zone-connection = {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "127.0.0.1"
primary-server = ${?DEFAULT_DNS_ADDRESS}
}
transfer-connection = {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "127.0.0.1"
primary-server = ${?DEFAULT_DNS_ADDRESS}
},
tsig-usage = "always"
},
{
id = "func-test-backend"
zone-connection = {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "127.0.0.1"
primary-server = ${?DEFAULT_DNS_ADDRESS}
}
transfer-connection = {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "127.0.0.1"
primary-server = ${?DEFAULT_DNS_ADDRESS}
},
tsig-usage = "always"
}
]
}
}
]
}
queue {
class-name = "vinyldns.mysql.queue.MySqlMessageQueueProvider"
polling-interval = 250.millis
class-name = "vinyldns.sqs.queue.SqsMessageQueueProvider"
messages-per-poll = 10
polling-interval = 250.millis
settings {
# AWS access key and secret.
access-key = "test"
access-key = ${?AWS_ACCESS_KEY}
secret-key = "test"
secret-key = ${?AWS_SECRET_ACCESS_KEY}
# Regional endpoint to make your requests (eg. 'us-west-2', 'us-east-1', etc.). This is the region where your queue is housed.
signing-region = "us-east-1"
signing-region = ${?SQS_REGION}
# Endpoint to access queue
service-endpoint = "http://vinyldns-integration:19003/"
service-endpoint = ${?SQS_SERVICE_ENDPOINT}
# Queue name. Should be used in conjunction with service endpoint, rather than using a queue url which is subject to change.
queue-name = "vinyldns"
queue-name = ${?SQS_QUEUE_NAME}
}
}
email {
class-name = "vinyldns.api.notifier.email.EmailNotifierProvider"
class-name = ${?EMAIL_CLASS_NAME}
settings = {
name = "vinyldns"
name = ${?JDBC_DB_NAME}
driver = "org.mariadb.jdbc.Driver"
driver = ${?JDBC_DRIVER}
migration-url = "jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass"
migration-url = ${?JDBC_MIGRATION_URL}
url = "jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass"
url = ${?JDBC_URL}
user = "root"
user = ${?JDBC_USER}
password = "pass"
password = ${?JDBC_PASSWORD}
from = "VinylDNS <do-not-reply@vinyldns.io>"
}
}
# see https://github.com/brettwooldridge/HikariCP
connection-timeout-millis = 1000
idle-timeout = 10000
max-lifetime = 30000
maximum-pool-size = 5
minimum-idle = 0
my-sql-properties = {
cachePrepStmts=true
prepStmtCacheSize=250
prepStmtCacheSqlLimit=2048
rewriteBatchedStatements=true
}
sns {
class-name = "vinyldns.apadi.notifier.sns.SnsNotifierProvider"
class-name = ${?SNS_CLASS_NAME}
settings {
topic-arn = "arn:aws:sns:us-east-1:000000000000:batchChanges"
topic-arn = ${?SNS_TOPIC_ARN}
access-key = "test"
access-key = ${?SNS_ACCESS_KEY}
secret-key = "test"
secret-key = ${?SNS_SECRET_KEY}
service-endpoint = "http://vinyldns-integration:19003"
service-endpoint = ${?SNS_SERVICE_ENDPOINT}
signing-region = "us-east-1"
signing-region = ${?SNS_REGION}
}
}
rest {
host = "0.0.0.0"
port = 9000
port=${?API_SERVICE_PORT}
}
sync-delay = 10000
approved-name-servers = [
"172.17.42.1.",
"ns1.parent.com."
"ns1.parent.com1."
"ns1.parent.com2."
"ns1.parent.com3."
"ns1.parent.com4."
]
crypto {
type = "vinyldns.core.crypto.NoOpCrypto"
@ -56,16 +173,16 @@ vinyldns {
# these must be overridden to use MYSQL for production use
# assumes a docker or mysql instance running locally
name = "vinyldns"
name = ${?JDBC_DB_NAME}
driver = "org.mariadb.jdbc.Driver"
name = ${?DATABASE_NAME}
driver = "org.h2.Driver"
driver = ${?JDBC_DRIVER}
migration-url = "jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass"
migration-url = "jdbc:h2:mem:vinyldns;MODE=MYSQL;DB_CLOSE_DELAY=-1;DATABASE_TO_LOWER=TRUE;IGNORECASE=TRUE;INIT=RUNSCRIPT FROM 'classpath:test/ddl.sql'"
migration-url = ${?JDBC_MIGRATION_URL}
url = "jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass"
url = "jdbc:h2:mem:vinyldns;MODE=MYSQL;DB_CLOSE_DELAY=-1;DATABASE_TO_LOWER=TRUE;IGNORECASE=TRUE;INIT=RUNSCRIPT FROM 'classpath:test/ddl.sql'"
url = ${?JDBC_URL}
user = "root"
user = "sa"
user = ${?JDBC_USER}
password = "pass"
password = ""
password = ${?JDBC_PASSWORD}
# see https://github.com/brettwooldridge/HikariCP
connection-timeout-millis = 1000
@ -78,71 +195,37 @@ vinyldns {
# Repositories that use this data store are listed here
repositories {
zone {
# no additional settings for now
}
batch-change {
# no additional settings for now
}
user {
}
record-set {
}
zone-change {
}
record-change {
}
group {
}
group-change {
}
membership {
}
group-change {
}
zone-change {
}
record-change {
}
}
}
defaultZoneConnection {
name = "vinyldns."
keyName = "vinyldns."
keyName = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primaryServer = "vinyldns-integration:19001"
primaryServer = ${?DEFAULT_DNS_ADDRESS}
}
backends = []
defaultTransferConnection {
name = "vinyldns."
keyName = "vinyldns."
keyName = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primaryServer = "vinyldns-integration:19001"
primaryServer = ${?DEFAULT_DNS_ADDRESS}
}
backends = [
{
id = "func-test-backend"
zone-connection {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "vinyldns-integration:19001"
primary-server = ${?DEFAULT_DNS_ADDRESS}
}
transfer-connection {
name = "vinyldns."
key-name = "vinyldns."
key-name = ${?DEFAULT_DNS_KEY_NAME}
key = "nzisn+4G2ldMn0q1CV3vsg=="
key = ${?DEFAULT_DNS_KEY_SECRET}
primary-server = "vinyldns-integration:19001"
primary-server = ${?DEFAULT_DNS_ADDRESS}
}
}
]
batch-change-limit = 1000
# FQDNs / IPs that cannot be modified via VinylDNS
# regex-list used for all record types except PTR
@ -152,6 +235,7 @@ vinyldns {
"high-value-domain.*" # for testing
]
ip-list = [
# using reverse zones in the vinyldns/bind9 docker image for testing
"192.0.2.252",
"192.0.2.253",
"fd69:27cc:fe91:0:0:0:0:ffff",
@ -159,10 +243,78 @@ vinyldns {
]
}
# types of unowned records that users can access in shared zones
shared-approved-types = ["A", "AAAA", "CNAME", "PTR", "TXT"]
# FQDNs / IPs / zone names that require manual review upon submission in batch change interface
# domain-list used for all record types except PTR
# ip-list used exclusively for PTR records
manual-review-domains = {
domain-list = [
"needs-review.*"
]
ip-list = [
"192.0.1.254",
"192.0.1.255",
"192.0.2.254",
"192.0.2.255",
"192.0.3.254",
"192.0.3.255",
"192.0.4.254",
"192.0.4.255",
"fd69:27cc:fe91:0:0:0:ffff:1",
"fd69:27cc:fe91:0:0:0:ffff:2",
"fd69:27cc:fe92:0:0:0:ffff:1",
"fd69:27cc:fe92:0:0:0:ffff:2",
"fd69:27cc:fe93:0:0:0:ffff:1",
"fd69:27cc:fe93:0:0:0:ffff:2",
"fd69:27cc:fe94:0:0:0:ffff:1",
"fd69:27cc:fe94:0:0:0:ffff:2"
]
zone-name-list = [
"zone.requires.review."
"zone.requires.review1."
"zone.requires.review2."
"zone.requires.review3."
"zone.requires.review4."
]
}
manual-batch-review-enabled = true
# FQDNs / IPs that cannot be modified via VinylDNS
# regex-list used for all record types except PTR
# ip-list used exclusively for PTR records
high-value-domains = {
regex-list = [
"high-value-domain.*" # for testing
]
ip-list = [
# using reverse zones in the vinyldns/bind9 docker image for testing
"192.0.1.252",
"192.0.1.253",
"192.0.2.252",
"192.0.2.253",
"192.0.3.252",
"192.0.3.253",
"192.0.4.252",
"192.0.4.253",
"fd69:27cc:fe91:0:0:0:0:ffff",
"fd69:27cc:fe91:0:0:0:ffff:0",
"fd69:27cc:fe92:0:0:0:0:ffff",
"fd69:27cc:fe92:0:0:0:ffff:0",
"fd69:27cc:fe93:0:0:0:0:ffff",
"fd69:27cc:fe93:0:0:0:ffff:0",
"fd69:27cc:fe94:0:0:0:0:ffff",
"fd69:27cc:fe94:0:0:0:ffff:0"
]
}
global-acl-rules = [
{
group-ids: ["global-acl-group-id"],
fqdn-regex-list: [".*shared[0-9]{1}."]
},
{
group-ids: ["another-global-acl-group"],
fqdn-regex-list: [".*ok[0-9]{1}."]
}
]
}
akka {

59
build/docker/docker-compose.yml
View File

@ -1,59 +0,0 @@
version: "3.0"
services:
api:
build:
context: ./api
image: "vinyldns/api:${VINYLDNS_VERSION}"
container_name: "vinyldns-api"
environment:
MYSQL_ROOT_PASSWORD: 'pass'
MYSQL_ROOT_HOST: '%'
logging:
driver: none
ports:
- "9000:9000"
volumes:
- ./api/application.conf:/opt/docker/conf/application.conf
- ./api/logback.xml:/opt/docker/conf/logback.xml
depends_on:
- integration
ldap:
container_name: "vinyldns-ldap"
image: vinyldns/build:openldap
ports:
- "19004:19004"
integration:
container_name: "vinyldns-api-integration"
hostname: "vinyldns-integration"
image: "vinyldns-api-integration"
build:
context: ../
dockerfile: test/api/integration/Dockerfile
environment:
RUN_SERVICES: "deps-only tail-logs"
env_file:
.env
ports:
- "19001-19003:19001-19003/tcp"
- "19001:19001/udp"
portal:
build:
context: ./portal
image: "vinyldns/portal:${VINYLDNS_VERSION}"
container_name: "vinyldns-portal"
environment:
MYSQL_ROOT_PASSWORD: 'pass'
MYSQL_ROOT_HOST: '%'
logging:
driver: none
ports:
- "9001:9000"
volumes:
- ./portal/application.conf:/opt/docker/conf/application.conf
depends_on:
- api
- ldap

130
build/docker/docker-release.sh
View File

@ -1,130 +0,0 @@
#!/bin/bash
CURDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
function usage() {
printf "usage: docker-release.sh [OPTIONS]\n\n"
printf "builds and releases vinyldns artifacts\n\n"
printf "options:\n"
printf "\t-b, --branch: the branch of tag to use for the build; default is master\n"
printf "\t-c, --clean: indicates a fresh build or attempt to work with existing images; default is off\n"
printf "\t-l, --latest: indicates docker will tag image with latest; default is off\n"
printf "\t-p, --push: indicates docker will push to the repository; default is off\n"
printf "\t-r, --repository [REPOSITORY]: the docker repository where this image will be pushed; default is docker.io\n"
printf "\t-t, --tag [TAG]: sets the qualifier for the semver version; default is to not use a build tag\n"
printf "\t-v, --version [VERSION]: overrides version calculation and forces the version specified\n"
}
# Default the build to -SNAPSHOT if not set
BUILD_TAG=
REPOSITORY="docker.io"
DOCKER_PUSH=0
DO_BUILD=0
BRANCH="master"
V=
TAG_LATEST=0
while [ "$1" != "" ]; do
case "$1" in
-b | --branch)
BRANCH="$2"
shift 2
;;
-c | --clean)
DO_BUILD=1
shift
;;
-l | --latest)
TAG_LATEST=1
shift
;;
-p | --push)
DOCKER_PUSH=1
shift
;;
-r | --repository)
REPOSITORY="$2"
shift 2
;;
-t | --tag)
BUILD_TAG="-b$2"
shift 2
;;
-v | --version)
V="$2"
shift 2
;;
*)
usage
exit
;;
esac
done
BASEDIR=$CURDIR/../
# Clear out our target
rm -rf $CURDIR/target && mkdir -p $CURDIR/target
# Download just the version.sbt file from the branch specified, we use this to calculate the version
wget "https://raw.githubusercontent.com/vinyldns/vinyldns/${BRANCH}/version.sbt" -P "${CURDIR}/target"
if [ -z "$V" ]; then
# Calculate the version by using version.sbt, this will pull out something like 0.9.4
V=$(find $CURDIR/target -name "version.sbt" | head -n1 | xargs grep "[ \\t]*version in ThisBuild :=" | head -n1 | sed 's/.*"\(.*\)".*/\1/')
echo "VERSION ON BRANCH ${BRANCH} IS ${V}"
VINYLDNS_VERSION=
if [[ "$V" == *-SNAPSHOT ]]; then
if [ -z "$BUILD_TAG" ]; then
# build tag is not defined, so assume -SNAPSHOT
VINYLDNS_VERSION="$V"
else
# build tag IS defined, drop the SNAPSHOT and append the build tag
VINYLDNS_VERSION="${V%?????????}${BUILD_TAG}"
fi
else
# NOT a -SNAPSHOT, append the build tag if there is one otherwise it will be empty!
VINYLDNS_VERSION="$V${BUILD_TAG}"
fi
else
VINYLDNS_VERSION="$V"
fi
export VINYLDNS_VERSION=$VINYLDNS_VERSION
echo "VINYLDNS VERSION BEING RELEASED IS $VINYLDNS_VERSION"
if [ $DO_BUILD -eq 1 ]; then
docker-compose -f "${CURDIR}/docker-compose.yml" build \
--no-cache \
--parallel \
--build-arg VINYLDNS_VERSION="${VINYLDNS_VERSION}" \
--build-arg BRANCH="${BRANCH}"
if [ $? -eq 0 ]; then
# Runs smoke tests to make sure the new images are sound
docker-compose -f "${CURDIR}/docker-compose.yml" --log-level ERROR up --exit-code-from functest
fi
if [ $? -eq 0 ]; then
docker tag vinyldns/api:$VINYLDNS_VERSION $REPOSITORY/vinyldns/api:$VINYLDNS_VERSION
docker tag vinyldns/portal:$VINYLDNS_VERSION $REPOSITORY/vinyldns/portal:$VINYLDNS_VERSION
if [ $TAG_LATEST -eq 1 ]; then
echo "Tagging latest..."
docker tag vinyldns/api:$VINYLDNS_VERSION $REPOSITORY/vinyldns/api:latest
docker tag vinyldns/portal:$VINYLDNS_VERSION $REPOSITORY/vinyldns/portal:latest
fi
fi
fi
if [ $DOCKER_PUSH -eq 1 ]; then
docker push $REPOSITORY/vinyldns/api:$VINYLDNS_VERSION
docker push $REPOSITORY/vinyldns/portal:$VINYLDNS_VERSION
if [ $TAG_LATEST -eq 1 ]; then
echo "Pushing latest..."
docker push $REPOSITORY/vinyldns/api:latest
docker push $REPOSITORY/vinyldns/portal:latest
fi
fi

6
build/docker/portal/.jvmopts
View File

@ -1,6 +0,0 @@
-Xms512M
-Xmx1024M
-Xss2M
-XX:MaxMetaspaceSize=512M
-XX:ReservedCodeCacheSize=512M
-Djava.net.preferIPv4Stack=true

43
build/docker/portal/Dockerfile
View File

@ -1,34 +1,37 @@
FROM vinyldns/build:base-build-portal as builder
ARG BRANCH=master
ARG VINYLDNS_VERSION
RUN git clone -b ${BRANCH} --single-branch --depth 1 https://github.com/vinyldns/vinyldns.git /vinyldns
COPY . /vinyldns
# The default jvmopts are huge, meant for running everything, use a paired down version
COPY .jvmopts /vinyldns
WORKDIR /vinyldns
RUN cp /build/node_modules.tar.xz /vinyldns/modules/portal && \
cd /vinyldns/modules/portal && tar Jxf node_modules.tar.xz && \
cd /vinyldns
RUN cd /vinyldns ; sbt "set version in ThisBuild := \"${VINYLDNS_VERSION}\"" portal/preparePortal universal:packageZipTarball
RUN sbt "set version in ThisBuild := \"${VINYLDNS_VERSION}\"; project portal; preparePortal"
RUN sbt "set version in ThisBuild := \"${VINYLDNS_VERSION}\"; project portal; universal:packageZipTarball"
FROM adoptopenjdk/openjdk11:jdk-11.0.8_10-alpine
ARG DOCKER_FILE_PATH
ARG VINYLDNS_VERSION
RUN apk add --update --no-cache netcat-openbsd bash
RUN test -n "VINYLDNS_VERSION" || (echo "VINYLDNS_VERSION not set" && false)
COPY --from=builder /vinyldns/modules/portal/target/universal/portal.tgz /
RUN mkdir -p /opt && \
tar -xzvf /portal.tgz && \
mv /portal /opt/docker && \
mkdir -p /opt/docker/lib_extra
RUN apk add --update --no-cache bash && \
mkdir -p /opt/vinyldns/lib_extra && \
tar -xzf /portal.tgz && \
rm /portal.tgz && \
mv /portal/* /opt/vinyldns && \
echo "${VINYLDNS_VERSION}" > /opt/vinyldns/conf/version
# This will set the vinyldns version, make sure to have this in config... version = ${?VINYLDNS_VERSION}
ARG VINYLDNS_VERSION
ENV VINYLDNS_VERSION=$VINYLDNS_VERSION
COPY ${DOCKER_FILE_PATH}/application.conf /opt/vinyldns/conf/
# Mount the volume for config file and lib extras
# Note: These volume names are used in the build.sbt
VOLUME ["/opt/docker/lib_extra/", "/opt/docker/conf"]
VOLUME ["/opt/vinyldns/lib_extra/", "/opt/vinyldns/conf/"]
EXPOSE 9000
EXPOSE 9001
ENTRYPOINT ["/opt/docker/bin/portal"]
ENTRYPOINT ["/bin/bash","-c", "java -Dvinyldns.version=$(cat /opt/vinyldns/conf/version) \
-Dconfig.file=/opt/vinyldns/conf/application.conf \
-cp /opt/vinyldns/conf:/opt/vinyldns/lib/*:/opt/vinyldns/lib_extra/* \
play.core.server.ProdServerStart"]

53
build/docker/portal/Makefile Normal file
View File

@ -0,0 +1,53 @@
SHELL=bash
IMAGE_TAG=$(shell awk -F'"' '{print $$2}' ../../../version.sbt)
IMAGE_NAME=vinyldns/portal
ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
# Check that the required version of make is being used
REQ_MAKE_VER:=3.82
ifneq ($(REQ_MAKE_VER),$(firstword $(sort $(MAKE_VERSION) $(REQ_MAKE_VER))))
$(error The version of MAKE $(REQ_MAKE_VER) or higher is required; you are running $(MAKE_VERSION))
endif
# Extract arguments for `make run`
EXTRACT_ARGS=true
ifeq (run,$(firstword $(MAKECMDGOALS)))
EXTRACT_ARGS=true
endif
ifeq ($(EXTRACT_ARGS),true)
# use the rest as arguments for "run"
WITH_ARGS ?= $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS))
endif
ifdef $(WITH_ARGS)
ARG_SEPARATOR=--
endif
%:
@:
.ONESHELL:
.PHONY: all build run
all: build run
.PHONY: all build run publish
all: build run
build:
@set -euo pipefail
cd ../../..
docker build $(BUILD_ARGS) --build-arg DOCKER_FILE_PATH="$$(realpath --relative-to="." "$(ROOT_DIR)")" --build-arg VINYLDNS_VERSION="$(IMAGE_TAG)" -t $(IMAGE_NAME):$(IMAGE_TAG) -f "$(ROOT_DIR)/Dockerfile" .
docker tag $(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE_NAME):latest
run:
@set -euo pipefail
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -it --rm --network vinyldns_net --env-file "$(ROOT_DIR)/../.env" $(DOCKER_PARAMS) -v "$$(pwd)/application.conf:/opt/vinyldns/conf/application.conf" -p 9001:9001 $(IMAGE_NAME):$(IMAGE_TAG) $(ARG_SEPARATOR) $(WITH_ARGS)
publish: build
@set -euo pipefail
DOCKER_CONTENT_TRUST=1 docker push $(IMAGE_NAME):$(IMAGE_TAG)
DOCKER_CONTENT_TRUST=1 docker push $(IMAGE_NAME):latest

36
build/docker/portal/application.conf
View File

@ -11,7 +11,7 @@ LDAP {
# This will be the name of the LDAP field that carries the user's login id (what they enter in the username in login form)
userNameAttribute = "uid"
# For ogranization, leave empty for this demo, the domainName is what matters, and that is the LDAP structure
# For organization, leave empty for this demo, the domainName is what matters, and that is the LDAP structure
# to search for users that require login
searchBase = [
{organization = "", domainName = "ou=people,dc=planetexpress,dc=com"},
@ -38,41 +38,15 @@ crypto {
type = "vinyldns.core.crypto.NoOpCrypto"
}
http.port = 9000
http.port = 9001
http.port = ${?PORTAL_PORT}
data-stores = ["mysql"]
portal.vinyldns.backend.url = "http://vinyldns-integration:9000"
portal.vinyldns.backend.url = ${?API_URL}
# Note: The default mysql settings assume a local docker compose setup with mysql named vinyldns-mysql
# follow the configuration guide to point to your mysql
# Only 3 repositories are needed for portal: user, task, user-change
mysql {
settings {
# JDBC Settings, these are all values in scalikejdbc-config, not our own
# these must be overridden to use MYSQL for production use
# assumes a docker or mysql instance running locally
name = "vinyldns"
driver = "org.mariadb.jdbc.Driver"
migration-url = "jdbc:mariadb://vinyldns-integration:19002/?user=root&password=pass"
migration-url = ${?JDBC_MIGRATION_URL}
url = "jdbc:mariadb://vinyldns-integration:19002/vinyldns?user=root&password=pass"
url = ${?JDBC_URL}
user = "root"
user = ${?JDBC_USER}
password = "pass"
password = ${?JDBC_PASSWORD}
# see https://github.com/brettwooldridge/HikariCP
connection-timeout-millis = 1000
idle-timeout = 10000
max-lifetime = 600000
maximum-pool-size = 20
minimum-idle = 20
register-mbeans = true
}
repositories {
user {
}
@ -85,6 +59,4 @@ mysql {
# You generate this yourself following https://www.playframework.com/documentation/2.7.x/ApplicationSecret
play.http.secret.key = "rpkTGtoJvLIdIV?WU=0@yW^x:pcEGyAt`^p/P3G0fpbj9:uDnD@caSjCDqA0@tB="
vinyldns.version = "unknown"
vinyldns.version = ${?VINYLDNS_VERSION}
play.http.secret.key = ${?PLAY_HTTP_SECRET_KEY}

70
build/docker/start.sh
View File

@ -1,70 +0,0 @@
#!/bin/bash
CURDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
function usage() {
printf "usage: start.sh [OPTIONS]\n\n"
printf "starts a specific version of vinyldns\n\n"
printf "options:\n"
printf "\t-v, --version: the version to start up; required\n"
}
function wait_for_url() {
echo -n "Checking ${URL}..."
RETRY="$TIMEOUT"
while [ "$RETRY" -gt 0 ]; do
if curl -I -s "${URL}" -o /dev/null -w "%{http_code}" &>/dev/null || false; then
echo "Succeeded in connecting to ${URL}!"
break
else
echo -n "."
((RETRY -= 1))
sleep 1
if [ "$RETRY" -eq 0 ]; then
echo "Exceeded retries waiting for ${URL} to be ready, failing"
exit 1
fi
fi
done
}
# Default the build to -SNAPSHOT if not set
VINYLDNS_VERSION=
while [ "$1" != "" ]; do
case "$1" in
-v | --version)
VINYLDNS_VERSION="$2"
shift 2
;;
*)
usage
exit
;;
esac
done
if [ -z "$VINYLDNS_VERSION" ]; then
echo "VINYLDNS_VERSION not set"
usage
exit
else
export VINYLDNS_VERSION=$VINYLDNS_VERSION
fi
# Actually starts up our docker images
docker-compose -f "${CURDIR}/docker/docker-compose.yml" up --no-build -d api portal
# Waits for the URL to be available
wait_for_url "http://localhost:9001"
if [ $? -eq 0 ]; then
echo "VinylDNS started and available at http://localhost:9001"
exit 0
else
echo "VinylDNS startup failed!"
"${CURDIR}/stop.sh"
exit 1
fi

5
build/docker/stop.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
CURDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
docker-compose -f $CURDIR/docker/docker-compose.yml down

1
quickstart/.env
View File

@ -6,6 +6,7 @@ VINYLDNS_PORTAL_URL=http://localhost:9001
PORTAL_PORT=9001
PLAY_HTTP_SECRET_KEY=change-this-for-prod
VINYLDNS_BACKEND_URL=http://vinyldns-api:9000
LDAP_PROVIDER_URL=ldap://vinyldns-ldap:19004
TEST_LOGIN=false
# API Settings

16
quickstart/README.md
View File

@ -26,10 +26,12 @@ The `quickstart-vinyldns.sh` script takes a number of optional arguments:
| Flag | Description |
|:---|:---|
| -a, --api-only | do not start up the VinylDNS Portal|
| -b, --build | force a rebuild of the Docker images with the local code|
| -r, --reset | reset any the running containers|
| -s, --service | specify the service to run|
| -t, --timeout | the time to wait (in seconds) for the portal and API to start (default: 60)|
| -u, --update | remove the local quickstart images to force a re-pull from docker hub|
| -v, --version-tag | specify Docker image tag version (default: latest)|
| `-a, --api-only` | do not start up the VinylDNS Portal" |
| `-b, --build` | force a rebuild of the Docker images with the local code" |
| `-c, --clean` | stops all VinylDNS containers" |
| `-d, --deps-only` | only start up the dependencies, not the API or Portal" |
| `-r, --reset` | reset any the running containers" |
| `-s, --service` | specify the service to run" |
| `-t, --timeout` | the time to wait (in seconds) for the Portal and API to start (default: 60)" |
| `-u, --update` | remove the local quickstart images to force a re-pull from Docker Hub" |
| `-v, --version-tag` | specify Docker image tag version (default: latest)" |

6
quickstart/api/Makefile
View File

@ -37,10 +37,12 @@ build:
run:
@set -euo pipefail
docker run -it --rm $(DOCKER_PARAMS) -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9000:9000 $(IMAGE_NAME) $(ARG_SEPARATOR) $(WITH_ARGS)
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -it --rm $(DOCKER_PARAMS) --network vinyldns_net -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9000:9000 $(IMAGE_NAME) $(ARG_SEPARATOR) $(WITH_ARGS)
run-bg:
@set -euo pipefail
docker stop $(IMAGE_NAME) &> /dev/null || true
docker rm $(IMAGE_NAME) &> /dev/null || true
docker run -td --name $(IMAGE_NAME) --rm $(DOCKER_PARAMS) -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9001:9001 $(IMAGE_NAME) -- /bin/bash
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -td --name $(IMAGE_NAME) --rm $(DOCKER_PARAMS) --network vinyldns_net -v "$$(pwd)/application.conf:/opt/vinyldns/conf/vinyldns.conf" -v "$$(pwd)/logback.xml:/opt/vinyldns/conf/logback.xml" -p 9001:9001 $(IMAGE_NAME) -- /bin/bash

4
quickstart/portal/Dockerfile
View File

@ -5,7 +5,7 @@ COPY . /vinyldns
WORKDIR /vinyldns
RUN cp /build/node_modules.tar.xz /vinyldns/modules/portal && \
cd /vinyldns/modules/portal && tar Jxvf node_modules.tar.xz && \
cd /vinyldns/modules/portal && tar Jxf node_modules.tar.xz && \
cd /vinyldns
RUN sbt "set version in ThisBuild := \"${VINYLDNS_VERSION}\"; project portal; preparePortal"
@ -18,7 +18,7 @@ RUN apk add --update --no-cache bash
COPY --from=builder /vinyldns/modules/portal/target/universal/portal.tgz /
RUN mkdir -p /opt && \
tar -xzvf /portal.tgz && \
tar -xzf /portal.tgz && \
mv /portal /opt/vinyldns && \
mkdir -p /opt/vinyldns/lib_extra

9
quickstart/portal/Makefile
View File

@ -1,5 +1,6 @@
SHELL=bash
IMAGE_NAME=vinyldns/portal:local-dev
IMAGE_TAG=$(shell awk -F'"' '{print $$2}' ../../../version.sbt)
IMAGE_NAME=vinyldns/portal
ROOT_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
# Check that the required version of make is being used
@ -37,10 +38,12 @@ build:
run:
@set -euo pipefail
docker run -it --rm $(DOCKER_PARAMS) -p 9001:9001 $(IMAGE_NAME) $(ARG_SEPARATOR) $(WITH_ARGS)
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -it --rm $(DOCKER_PARAMS) --network vinyldns_net -p 9001:9001 $(IMAGE_NAME) $(ARG_SEPARATOR) $(WITH_ARGS)
run-bg:
@set -euo pipefail
docker stop $(IMAGE_NAME) &> /dev/null || true
docker rm $(IMAGE_NAME) &> /dev/null || true
docker run -td --name $(IMAGE_NAME) --rm $(DOCKER_PARAMS) -p 9001:9001 $(IMAGE_NAME) -- /bin/bash
docker network create --driver bridge vinyldns_net &> /dev/null || true
docker run -td --name $(IMAGE_NAME) --rm $(DOCKER_PARAMS) --network vinyldns_net -p 9001:9001 $(IMAGE_NAME) -- /bin/bash

2
quickstart/portal/application.conf
View File

@ -39,6 +39,7 @@ crypto {
}
http.port = 9001
http.port = ${?PORTAL_PORT}
data-stores = ["mysql"]
@ -58,3 +59,4 @@ mysql {
# You generate this yourself following https://www.playframework.com/documentation/2.7.x/ApplicationSecret
play.http.secret.key = "rpkTGtoJvLIdIV?WU=0@yW^x:pcEGyAt`^p/P3G0fpbj9:uDnD@caSjCDqA0@tB="
play.http.secret.key = ${?PLAY_HTTP_SECRET_KEY}

60
quickstart/quickstart-vinyldns.sh
View File

@ -8,7 +8,10 @@
#####################################################################################################
set -eo pipefail
DIR=$( cd "$(dirname "$0")" || exit ; pwd -P )
DIR=$(
cd "$(dirname "$0")" || exit
pwd -P
)
source "${DIR}/../utils/includes/terminal_colors.sh"
function usage() {
@ -18,10 +21,12 @@ function usage() {
echo -e "options:"
echo -e "\t-a, --api-only do not start up the VinylDNS Portal"
echo -e "\t-b, --build force a rebuild of the Docker images with the local code"
echo -e "\t-c, --clean stops all VinylDNS containers"
echo -e "\t-d, --deps-only only start up the dependencies, not the API or Portal"
echo -e "\t-r, --reset reset any the running containers"
echo -e "\t-s, --service specify the service to run"
echo -e "\t-t, --timeout the time to wait (in seconds) for the portal and API to start (default: 60)"
echo -e "\t-u, --update remove the local quickstart images to force a re-pull from docker hub"
echo -e "\t-t, --timeout the time to wait (in seconds) for the Portal and API to start (default: 60)"
echo -e "\t-u, --update remove the local quickstart images to force a re-pull from Docker Hub"
echo -e "\t-v, --version-tag specify Docker image tag version (default: latest)"
echo
echo -e "\t-h, --help show this help"
@ -46,22 +51,31 @@ function wait_for_url() {
fi
done
}
function is_running() {
if (docker ps --format "{{.Image}}" | grep -q "$1"); then
return 0
fi
return 1
}
function wait_for_api() {
URL="$VINYLDNS_API_URL"
wait_for_url "VinylDNS API"
if is_running "vinyldns/api"; then
URL="$VINYLDNS_API_URL"
wait_for_url "VinylDNS API"
fi
}
function wait_for_portal() {
# check if portal was skipped
if [ "$SERVICE" != "api" ]; then
if is_running "vinyldns/portal"; then
URL="$VINYLDNS_PORTAL_URL"
wait_for_url "VinylDNS Portal"
fi
}
# Source customizable env files ('-a' causes all variables to be exported)
set -a; source "${DIR}/.env"; set +a
set -a
source "${DIR}/.env"
set +a
# Set defaults and parse args
export VINYLDNS_VERSION=latest
@ -71,6 +85,7 @@ SERVICE=""
BUILD=""
RESET_DOCKER=0
UPDATE=0
CLEAN=0
while [[ $# -gt 0 ]]; do
case "$1" in
-t | --timeout)
@ -78,10 +93,18 @@ while [[ $# -gt 0 ]]; do
shift
shift
;;
-d | --deps-only)
SERVICE="integration ldap"
shift
;;
-a | --api-only)
SERVICE="api"
shift
;;
-c | --clean)
CLEAN=1
shift
;;
-s | --service)
SERVICE="$2"
shift
@ -111,8 +134,12 @@ while [[ $# -gt 0 ]]; do
esac
done
if [[ $RESET_DOCKER -eq 1 ]]; then
if [[ $RESET_DOCKER -eq 1 ]] || [[ $CLEAN -eq 1 ]]; then
"${DIR}/../utils/clean-vinyldns-containers.sh"
if [[ $CLEAN -eq 1 ]]; then
echo "${F_GREEN}Clean up completed!${F_RESET}"
exit 0
fi
fi
export VINYLDNS_IMAGE_VERSION=${VINYLDNS_VERSION}
@ -134,17 +161,22 @@ if [ -n "${BUILD}" ]; then
else
echo "Starting VinylDNS (${VINYLDNS_IMAGE_VERSION}) the background..."
fi
docker-compose -f "${DOCKER_COMPOSE_CONFIG}" up ${BUILD} -d ${SERVICE} || (echo -e "${F_RED}Sorry, there was an error starting VinylDNS :-(\nTry resetting any existing containers with:\n\t${F_RESET}'$0 --reset'"; exit 1)
docker-compose -f "${DOCKER_COMPOSE_CONFIG}" up ${BUILD} -d ${SERVICE} || (
echo -e "${F_RED}Sorry, there was an error starting VinylDNS :-(\nTry resetting any existing containers with:\n\t${F_RESET}'$0 --reset'"
exit 1
)
echo
wait_for_api
wait_for_portal
echo
if [ "${SERVICE}" != "api" ]; then
echo "${F_GREEN}VinylDNS started. You can connect to the portal via ${F_RESET}${VINYLDNS_PORTAL_URL}"
if is_running "vinyldns/portal"; then
echo "${F_GREEN}VinylDNS started! You can connect to the portal via ${F_RESET}${VINYLDNS_PORTAL_URL}"
elif is_running "vinyldns/api"; then
echo "${F_GREEN}VinylDNS API started! You can connect to the API via ${F_RESET}${VINYLDNS_API_URL}"
else
echo "${F_GREEN}VinylDNS API started. You can connect to the API via ${F_RESET}${VINYLDNS_API_URL}"
echo "${F_GREEN}VinylDNS dependencies started!${F_RESET}"
fi
echo "${F_GREEN}To clean up the running containers:${F_RESET}"
echo " $0 --reset"
echo " $0 --clean"