From b0bfb94303519b044fa795671cb21b81f1a1861d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sat, 11 May 2024 20:43:54 +0800 Subject: [PATCH 1/8] Add Dockerfile for warg-server following Dockerfile best-practice --- .dockerignore | 25 ++++++++++++++++++++- .gitignore | 3 +++ crates/server/Dockerfile | 43 +++++++++++++++++++++++++++++++++++++ crates/server/entrypoint.sh | 4 ++++ 4 files changed, 74 insertions(+), 1 deletion(-) create mode 100644 crates/server/Dockerfile create mode 100644 crates/server/entrypoint.sh diff --git a/.dockerignore b/.dockerignore index 04c71435..d1e37f42 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,26 @@ +.github + +# IDE +.vscode +.idea + +# Build target +**/*.wasm + +# Documentation +docs +LICENSE +**/*.md +**/*.yaml + +# test +tests + +# Deployment infra -docker-compose*.yaml +ci + +# Docker +**/docker-compose*.yaml +**/Dockerfile diff --git a/.gitignore b/.gitignore index 6f848019..38f1f0d0 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,6 @@ publish # Test generated files bundled.wasm locked.wasm + +# IDE specific files +.idea diff --git a/crates/server/Dockerfile b/crates/server/Dockerfile new file mode 100644 index 00000000..56536abb --- /dev/null +++ b/crates/server/Dockerfile @@ -0,0 +1,43 @@ +FROM rust:1.78-slim AS builder + +ARG FEATURES=postgres + +WORKDIR /usr/src/bytecodealliance/registry + +# musl-dev libpq-dev +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends pkg-config libssl-dev libpq-dev -y + +COPY . . + +RUN --mount=type=cache,target=/usr/local/cargo/registry \ + --mount=type=cache,target=/usr/src/bytecodealliance/registry/target \ + cargo build --release --workspace --features "$FEATURES" && \ + cp target/release/warg-server /usr/local/bin + +FROM debian:stable-slim + +# Create volume for content directory +ENV CONTENT_DIR=/var/lib/warg-server/data +RUN mkdir -p "$CONTENT_DIR" +VOLUME $CONTENT_DIR + +# Configure port settings +EXPOSE 8090 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends libpq5 -y + +# Configure container user and group +RUN groupadd -r warg-server && useradd --no-log-init -r -g warg-server warg-server +USER warg-server + +COPY --chown=warg-server --chmod=700 crates/server/entrypoint.sh / + +COPY --from=builder --chown=warg-server /usr/local/bin/warg-server /usr/local/bin/ + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/crates/server/entrypoint.sh b/crates/server/entrypoint.sh new file mode 100644 index 00000000..8ea796de --- /dev/null +++ b/crates/server/entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/bash +set -e + +exec warg-server --content-dir "$CONTENT_DIR" From 6a204cb8a7dfee935ddbe9b4ffcd06a1d5d0c0e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 00:31:23 +0800 Subject: [PATCH 2/8] Move Dockerfile to top-level directory --- Dockerfile | 109 +++++++++++++-------------------------- crates/server/Dockerfile | 43 --------------- tmp.Dockerfile | 82 +++++++++++++++++++++++++++++ 3 files changed, 117 insertions(+), 117 deletions(-) delete mode 100644 crates/server/Dockerfile create mode 100644 tmp.Dockerfile diff --git a/Dockerfile b/Dockerfile index 698f0f7f..903c9ad1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,82 +1,43 @@ -# Create shared chef base image for planner and builder targets. -# Chef is used to optimize caching of Rust dependency building. -# Separate stages are used to avoid error-prone cleaning of temporary files -# during the chef planner stage that generates a recipe -FROM rust:1.69-bullseye AS chef -RUN rustup update stable --no-self-update \ - && rustup default stable \ - && rustup target add wasm32-wasi \ - && rustup target add wasm32-unknown-unknown -RUN cargo install cargo-chef --locked +FROM rust:1.78-slim AS builder -# Create Chef's recipe.json which captures dependency build information. -FROM chef AS planner -WORKDIR /usr/src/bytecodealliance/registry -COPY . . -RUN cargo chef prepare --recipe-path recipe.json - -# Uses Chef's recipe.json to first build dependencies in a layer that is cached -# before building the project thereby limiting unnecessary rebuilding if only -# source code is changed. -FROM chef AS builder ARG FEATURES=postgres + WORKDIR /usr/src/bytecodealliance/registry -COPY --from=planner /usr/src/bytecodealliance/registry/recipe.json ./ -RUN cargo chef cook --release --workspace --features "$FEATURES" --recipe-path recipe.json -COPY . . -RUN cargo build --release --workspace --features "$FEATURES" -# A minimal container with just the warg-server binary. It uses a slim base -# image instead of distroless for ease of installing the libpq5 library which -# is required for the postgres feature. -# -# TODO: Use distroless by copying in contents of libpq5 as a layer. -FROM debian:bullseye-slim AS warg-server -WORKDIR /app -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg-server" /usr/local/bin/ -ENTRYPOINT [ "/usr/local/bin/warg-server" ] +# musl-dev libpq-dev +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends pkg-config libssl-dev libpq-dev -y + +COPY crates/server . + +RUN --mount=type=cache,target=/usr/local/cargo/registry \ + --mount=type=cache,target=/usr/src/bytecodealliance/registry/target \ + cargo build --release --workspace --features "$FEATURES" && \ + cp target/release/warg-server /usr/local/bin + +FROM debian:stable-slim + +# Create volume for content directory +ENV CONTENT_DIR=/var/lib/warg-server/data +RUN mkdir -p "$CONTENT_DIR" +VOLUME $CONTENT_DIR + +# Configure port settings +EXPOSE 8090 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends libpq5 -y -# A warg-server container variant with some additional utilities installed for -# debugging. -FROM warg-server AS warg-server-debug -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - ca-certificates curl netcat inetutils-ping postgresql-client jq \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -RUN curl -sSL https://github.com/mikefarah/yq/releases/download/v4.33.3/yq_linux_amd64.tar.gz \ - | tar -O -zxf - ./yq_linux_amd64 \ - | tee /usr/local/bin/yq >/dev/null \ - && chmod +x /usr/local/bin/yq +# Configure container user and group +RUN groupadd -r warg-server && useradd --no-log-init -r -g warg-server warg-server +USER warg-server -# A container for the warg cli tool which can be used in one-off tasks or -# scheduled cron jobs for example. -FROM gcr.io/distroless/cc AS warg -COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg" /usr/local/bin/ -ENTRYPOINT [ "/usr/local/bin/warg" ] +COPY --chown=warg-server --chmod=700 crates/server/entrypoint.sh / -# A base image for building database migration utiltiy containers based on -# diesel, the library used by warg for the postgres feature. -FROM rust:1.69-bullseye AS diesel -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -RUN cargo install diesel_cli --no-default-features --features postgres +COPY --from=builder --chown=warg-server /usr/local/bin/warg-server /usr/local/bin/ -# A container with an entrypoint configured to apply the warg postgres database -# migrations using the diesel utility. Add the database-url option as a command -# line argument or an environment variable to use. -FROM debian:bullseye-slim AS warg-postgres-migration -WORKDIR /app -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -COPY --from=diesel /usr/local/cargo/bin/diesel /usr/local/bin -COPY ./crates/server/diesel.toml ./ -COPY ./crates/server/src/datastore/postgres ./src/datastore/postgres -ENTRYPOINT [ "/usr/local/bin/diesel", "migration", "run", "--migration-dir", "./src/datastore/postgres/migrations" ] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/crates/server/Dockerfile b/crates/server/Dockerfile deleted file mode 100644 index 56536abb..00000000 --- a/crates/server/Dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -FROM rust:1.78-slim AS builder - -ARG FEATURES=postgres - -WORKDIR /usr/src/bytecodealliance/registry - -# musl-dev libpq-dev -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - apt update && apt upgrade --no-install-recommends -y && \ - apt install --no-install-recommends pkg-config libssl-dev libpq-dev -y - -COPY . . - -RUN --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/src/bytecodealliance/registry/target \ - cargo build --release --workspace --features "$FEATURES" && \ - cp target/release/warg-server /usr/local/bin - -FROM debian:stable-slim - -# Create volume for content directory -ENV CONTENT_DIR=/var/lib/warg-server/data -RUN mkdir -p "$CONTENT_DIR" -VOLUME $CONTENT_DIR - -# Configure port settings -EXPOSE 8090 - -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - apt update && apt upgrade --no-install-recommends -y && \ - apt install --no-install-recommends libpq5 -y - -# Configure container user and group -RUN groupadd -r warg-server && useradd --no-log-init -r -g warg-server warg-server -USER warg-server - -COPY --chown=warg-server --chmod=700 crates/server/entrypoint.sh / - -COPY --from=builder --chown=warg-server /usr/local/bin/warg-server /usr/local/bin/ - -ENTRYPOINT ["/entrypoint.sh"] diff --git a/tmp.Dockerfile b/tmp.Dockerfile new file mode 100644 index 00000000..698f0f7f --- /dev/null +++ b/tmp.Dockerfile @@ -0,0 +1,82 @@ +# Create shared chef base image for planner and builder targets. +# Chef is used to optimize caching of Rust dependency building. +# Separate stages are used to avoid error-prone cleaning of temporary files +# during the chef planner stage that generates a recipe +FROM rust:1.69-bullseye AS chef +RUN rustup update stable --no-self-update \ + && rustup default stable \ + && rustup target add wasm32-wasi \ + && rustup target add wasm32-unknown-unknown +RUN cargo install cargo-chef --locked + +# Create Chef's recipe.json which captures dependency build information. +FROM chef AS planner +WORKDIR /usr/src/bytecodealliance/registry +COPY . . +RUN cargo chef prepare --recipe-path recipe.json + +# Uses Chef's recipe.json to first build dependencies in a layer that is cached +# before building the project thereby limiting unnecessary rebuilding if only +# source code is changed. +FROM chef AS builder +ARG FEATURES=postgres +WORKDIR /usr/src/bytecodealliance/registry +COPY --from=planner /usr/src/bytecodealliance/registry/recipe.json ./ +RUN cargo chef cook --release --workspace --features "$FEATURES" --recipe-path recipe.json +COPY . . +RUN cargo build --release --workspace --features "$FEATURES" + +# A minimal container with just the warg-server binary. It uses a slim base +# image instead of distroless for ease of installing the libpq5 library which +# is required for the postgres feature. +# +# TODO: Use distroless by copying in contents of libpq5 as a layer. +FROM debian:bullseye-slim AS warg-server +WORKDIR /app +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + libpq5 \ + && rm -rf /var/cache/apt/archives /var/lib/apt/lists +COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg-server" /usr/local/bin/ +ENTRYPOINT [ "/usr/local/bin/warg-server" ] + +# A warg-server container variant with some additional utilities installed for +# debugging. +FROM warg-server AS warg-server-debug +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + ca-certificates curl netcat inetutils-ping postgresql-client jq \ + && rm -rf /var/cache/apt/archives /var/lib/apt/lists +RUN curl -sSL https://github.com/mikefarah/yq/releases/download/v4.33.3/yq_linux_amd64.tar.gz \ + | tar -O -zxf - ./yq_linux_amd64 \ + | tee /usr/local/bin/yq >/dev/null \ + && chmod +x /usr/local/bin/yq + +# A container for the warg cli tool which can be used in one-off tasks or +# scheduled cron jobs for example. +FROM gcr.io/distroless/cc AS warg +COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg" /usr/local/bin/ +ENTRYPOINT [ "/usr/local/bin/warg" ] + +# A base image for building database migration utiltiy containers based on +# diesel, the library used by warg for the postgres feature. +FROM rust:1.69-bullseye AS diesel +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + libpq5 \ + && rm -rf /var/cache/apt/archives /var/lib/apt/lists +RUN cargo install diesel_cli --no-default-features --features postgres + +# A container with an entrypoint configured to apply the warg postgres database +# migrations using the diesel utility. Add the database-url option as a command +# line argument or an environment variable to use. +FROM debian:bullseye-slim AS warg-postgres-migration +WORKDIR /app +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + libpq5 \ + && rm -rf /var/cache/apt/archives /var/lib/apt/lists +COPY --from=diesel /usr/local/cargo/bin/diesel /usr/local/bin +COPY ./crates/server/diesel.toml ./ +COPY ./crates/server/src/datastore/postgres ./src/datastore/postgres +ENTRYPOINT [ "/usr/local/bin/diesel", "migration", "run", "--migration-dir", "./src/datastore/postgres/migrations" ] From 0a37aed5eb4464f5d9aff14962553b1954d1c178 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 04:12:18 +0800 Subject: [PATCH 3/8] Update docker-compose.yaml --- Dockerfile | 48 +++++++++++++++++++--- docker-compose.postgres.yaml | 80 +++++++++++++++++------------------- docker-compose.yaml | 53 ++++++++++++------------ 3 files changed, 107 insertions(+), 74 deletions(-) diff --git a/Dockerfile b/Dockerfile index 903c9ad1..b5afcd4f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,19 +10,59 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ apt update && apt upgrade --no-install-recommends -y && \ apt install --no-install-recommends pkg-config libssl-dev libpq-dev -y -COPY crates/server . +# Build diesel CLI +RUN cargo install diesel_cli --no-default-features --features postgres + +COPY . . RUN --mount=type=cache,target=/usr/local/cargo/registry \ --mount=type=cache,target=/usr/src/bytecodealliance/registry/target \ cargo build --release --workspace --features "$FEATURES" && \ - cp target/release/warg-server /usr/local/bin + cp target/release/warg target/release/warg-server /usr/local/bin + +FROM debian:stable-slim AS migration + +WORKDIR /app + +# Install libpq5 +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends -y libpq5 + +# Copy diesl CLI from builder +COPY --from=builder /usr/local/cargo/bin/diesel /usr/local/bin + +# Copy migration required files from source +COPY ./crates/server/diesel.toml ./ +COPY ./crates/server/src/datastore/postgres ./src/datastore/postgres + +CMD ["/usr/local/bin/diesel", "migration", "run", "--migration-dir", "./src/datastore/postgres/migrations"] + +FROM debian:stable-slim AS warg + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + apt update && apt upgrade --no-install-recommends -y && \ + apt install --no-install-recommends openssl -y + +# Configure container user and group +RUN groupadd -r warg && useradd --no-log-init -r -g warg warg +USER warg + +COPY --from=builder --chown=warg /usr/local/bin/warg /usr/local/bin/ + +ENTRYPOINT ["/usr/local/bin/warg"] FROM debian:stable-slim +# Create container user and group +RUN groupadd -g 1000 -r warg-server && useradd --no-log-init -u 1000 -r -g warg-server warg-server + # Create volume for content directory ENV CONTENT_DIR=/var/lib/warg-server/data -RUN mkdir -p "$CONTENT_DIR" VOLUME $CONTENT_DIR +RUN mkdir -p "$CONTENT_DIR" && chown warg-server:warg-server "$CONTENT_DIR" # Configure port settings EXPOSE 8090 @@ -32,8 +72,6 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ apt update && apt upgrade --no-install-recommends -y && \ apt install --no-install-recommends libpq5 -y -# Configure container user and group -RUN groupadd -r warg-server && useradd --no-log-init -r -g warg-server warg-server USER warg-server COPY --chown=warg-server --chmod=700 crates/server/entrypoint.sh / diff --git a/docker-compose.postgres.yaml b/docker-compose.postgres.yaml index 3bd76a3c..5f07b27e 100644 --- a/docker-compose.postgres.yaml +++ b/docker-compose.postgres.yaml @@ -1,52 +1,48 @@ # PostgreSQL-enabled configuration override for the registry service +name: warg-server + services: - db: - # NOTE: Note as of 2023-04-26 not all IaaS supports v15 for managed SQL - image: postgres:14 - restart: always + api: environment: - POSTGRES_DB: warg_registry - POSTGRES_USER: postgres - POSTGRES_PASSWORD_FILE: /var/secrets/warg/data-store/postgres/password - ports: - - "${WARG_POSTGRES_LISTEN_ADDRESS?e.g., 127.0.0.1:17514}:5432" - healthcheck: - test: [ "CMD", "pg_isready", "-q", "-d", "warg_registry", "-U", "postgres" ] - interval: 1s - timeout: 1s - retries: 30 - volumes: - - warg-secrets:/var/secrets/warg:ro - - postgres-data:/var/lib/postgresql/data:rw - networks: - - infra + WARG_DATA_STORE: postgres + WARG_DATABASE_URL: "postgres://warg:${POSTGRES_PASSWORD}@postgres:5432/warg" depends_on: - import-secrets: + migration: condition: service_completed_successfully - warg-registry-db-migration: + + migration: build: - target: warg-postgres-migration + context: . + target: migration + environment: + DATABASE_URL: "postgres://warg:${POSTGRES_PASSWORD}@postgres:5432/warg" depends_on: - db: + postgres: condition: service_healthy - import-secrets: - condition: service_completed_successfully - env_file: - - ./infra/local/.secrets/data-store/postgres/database_url_env - networks: - - infra - warg-registry: - depends_on: - import-secrets: - condition: service_completed_successfully - warg-registry-db-migration: - condition: service_completed_successfully - # Database config using cli args because base config already set from base environment. - # NOTE: Test for cli args support. - command: - - --data-store - - postgres - - --database-url-file - - /var/secrets/warg/data-store/postgres/database_url + + postgres: + image: postgres:16-alpine + environment: + POSTGRES_DB: warg + POSTGRES_USER: warg + POSTGRES_PASSWORD_FILE: /run/secrets/postgres_password + healthcheck: + test: [ "CMD", "pg_isready", "-q", "-d", "warg", "-U", "warg" ] + start_period: 5s + start_interval: 10s + interval: 10s + timeout: 5s + retries: 5 + secrets: + - postgres_password + expose: + - 5432 + volumes: + - postgres-data:/var/lib/postgresql/data + +secrets: + postgres_password: + environment: "POSTGRES_PASSWORD" + volumes: postgres-data: diff --git a/docker-compose.yaml b/docker-compose.yaml index 0b041ddc..44521b98 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,34 +1,33 @@ -# Base in-memory configuration for the registry service +name: warg-server + services: - import-secrets: - container_name: import-secrets - image: debian:bullseye-slim - command: ["cp", "-v", "-R", "-T", "/src/secrets/warg", "/var/secrets/warg"] + fix-permission: + image: busybox + command: ["sh", "-c", "chown -R 1000:1000 /var/lib/warg-server/data"] volumes: - - warg-secrets:/var/secrets/warg:rw - - ./infra/local/.secrets:/src/secrets/warg:ro - warg-registry: - build: - target: warg-server - args: - - FEATURES=postgres - ports: - - '${WARG_SERVER_LISTEN_ADDRESS?e.g., 127.0.0.1:17513}:8090' - # Set the base settings with environment variables. - # NOTE: Test for cli environment variables support. + - content:/var/lib/warg-server/data + + api: + build: . + develop: + watch: + - path: . + action: rebuild environment: - - WARG_CONTENT_DIR=/var/run/warg/server-content - - WARG_OPERATOR_KEY_FILE=/var/secrets/warg/operator_key + WARG_OPERATOR_KEY_FILE: /run/secrets/warg_operator_key + secrets: + - warg_operator_key + ports: + - 8090:8090 volumes: - - warg-server-content:/var/run/warg/server-content:rw - - warg-secrets:/var/secrets/warg:ro - networks: - - infra + - content:/var/lib/warg-server/data depends_on: - import-secrets: + fix-permission: condition: service_completed_successfully + +secrets: + warg_operator_key: + environment: "WARG_OPERATOR_KEY" + volumes: - warg-server-content: - warg-secrets: -networks: - infra: + content: From d86fa0f05f037ba564b796c76d23a9b847de8556 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 04:41:19 +0800 Subject: [PATCH 4/8] Add CONTRIBUTING.md with docker local development guide --- CONTRIBUTING.md | 213 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 213 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..e6b916e5 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,213 @@ + +# Contributing to warg + +First off, thanks for taking the time to contribute! ❤️ + +All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us maintainers and smooth out the experience for all involved. The community looks forward to your contributions. 🎉 + +> And if you like the project, but just don't have time to contribute, that's fine. There are other easy ways to support the project and show your appreciation, which we would also be very happy about: +> - Star the project +> - Tweet about it +> - Refer this project in your project's readme +> - Mention the project at local meetups and tell your friends/colleagues + + +## Table of Contents + +- [I Have a Question](#i-have-a-question) +- [I Want To Contribute](#i-want-to-contribute) +- [Reporting Bugs](#reporting-bugs) +- [Suggesting Enhancements](#suggesting-enhancements) +- [Your First Code Contribution](#your-first-code-contribution) +- [Improving The Documentation](#improving-the-documentation) +- [Styleguides](#styleguides) +- [Commit Messages](#commit-messages) +- [Join The Project Team](#join-the-project-team) + + + +## I Have a Question + +> If you want to ask a question, we assume that you have read the available [Documentation](https://github.com/bytecodealliance/registry/tree/main/docs). + +Before you ask a question, it is best to search for existing [Issues](https://github.com/bytecodealliance/registry/issues) that might help you. In case you have found a suitable issue and still need clarification, you can write your question in this issue. It is also advisable to search the internet for answers first. + +If you then still feel the need to ask a question and need clarification, we recommend the following: + +- Open an [Issue](https://github.com/bytecodealliance/registry/issues/new). +- Provide as much context as you can about what you're running into. +- Provide project and platform versions (nodejs, npm, etc), depending on what seems relevant. + +We will then take care of the issue as soon as possible. + + + +## I Want To Contribute + +> ### Legal Notice +> When contributing to this project, you must agree that you have authored 100% of the content, that you have the necessary rights to the content and that the content you contribute may be provided under the project license. + +### Reporting Bugs + + +#### Before Submitting a Bug Report + +A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to investigate carefully, collect information and describe the issue in detail in your report. Please complete the following steps in advance to help us fix any potential bug as fast as possible. + +- Make sure that you are using the latest version. +- Determine if your bug is really a bug and not an error on your side e.g. using incompatible environment components/versions (Make sure that you have read the [documentation](https://github.com/bytecodealliance/registry/tree/main/docs). If you are looking for support, you might want to check [this section](#i-have-a-question)). +- To see if other users have experienced (and potentially already solved) the same issue you are having, check if there is not already a bug report existing for your bug or error in the [bug tracker](https://github.com/bytecodealliance/registryissues?q=label%3Abug). +- Also make sure to search the internet (including Stack Overflow) to see if users outside of the GitHub community have discussed the issue. +- Collect information about the bug: +- Stack trace (Traceback) +- OS, Platform and Version (Windows, Linux, macOS, x86, ARM) +- Version of the interpreter, compiler, SDK, runtime environment, package manager, depending on what seems relevant. +- Possibly your input and the output +- Can you reliably reproduce the issue? And can you also reproduce it with older versions? + + +#### How Do I Submit a Good Bug Report? + +> You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to <>. + + +We use GitHub issues to track bugs and errors. If you run into an issue with the project: + +- Open an [Issue](https://github.com/bytecodealliance/registry/issues/new). (Since we can't be sure at this point whether it is a bug or not, we ask you not to talk about a bug yet and not to label the issue.) +- Explain the behavior you would expect and the actual behavior. +- Please provide as much context as possible and describe the *reproduction steps* that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case. +- Provide the information you collected in the previous section. + +Once it's filed: + +- The project team will label the issue accordingly. +- A team member will try to reproduce the issue with your provided steps. If there are no reproduction steps or no obvious way to reproduce the issue, the team will ask you for those steps and mark the issue as `needs-repro`. Bugs with the `needs-repro` tag will not be addressed until they are reproduced. +- If the team is able to reproduce the issue, it will be marked `needs-fix`, as well as possibly other tags (such as `critical`), and the issue will be left to be [implemented by someone](#your-first-code-contribution). + + + + +### Suggesting Enhancements + +This section guides you through submitting an enhancement suggestion for warg, **including completely new features and minor improvements to existing functionality**. Following these guidelines will help maintainers and the community to understand your suggestion and find related suggestions. + + +#### Before Submitting an Enhancement + +- Make sure that you are using the latest version. +- Read the [documentation](https://github.com/bytecodealliance/registry/tree/main/docs) carefully and find out if the functionality is already covered, maybe by an individual configuration. +- Perform a [search](https://github.com/bytecodealliance/registry/issues) to see if the enhancement has already been suggested. If it has, add a comment to the existing issue instead of opening a new one. +- Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature. Keep in mind that we want features that will be useful to the majority of our users and not just a small subset. If you're just targeting a minority of users, consider writing an add-on/plugin library. + + +#### How Do I Submit a Good Enhancement Suggestion? + +Enhancement suggestions are tracked as [GitHub issues](https://github.com/bytecodealliance/registry/issues). + +- Use a **clear and descriptive title** for the issue to identify the suggestion. +- Provide a **step-by-step description of the suggested enhancement** in as many details as possible. +- **Describe the current behavior** and **explain which behavior you expected to see instead** and why. At this point you can also tell which alternatives do not work for you. +- You may want to **include screenshots and animated GIFs** which help you demonstrate the steps or point out the part which the suggestion is related to. You can use [this tool](https://www.cockos.com/licecap/) to record GIFs on macOS and Windows, and [this tool](https://github.com/colinkeenan/silentcast) or [this tool](https://github.com/GNOME/byzanz) on Linux. +- **Explain why this enhancement would be useful** to most warg users. You may also want to point out the other projects that solved it better and which could serve as inspiration. + + + +### Your First Code Contribution + + +#### Running the server + +The warg server currently supports two types of storing method for its state, either `in memory` or using `postgres`. +You can use `docker-compose` to run the server with both methods. + +To start the warg server using `in memory` state store, run the following commands: +```bash +# Specify the required private key of the server operator +export WARG_OPERATOR_KEY=ecdsa-p256:I+UlDo0HxyBBFeelhPPWmD+LnklOpqZDkrFP5VduASk=; + +docker compose up -d +``` + +To start the warg server using `postgres` state store, run the following commands: +```bash +# Specify the required private key of the server operator +export WARG_OPERATOR_KEY=ecdsa-p256:I+UlDo0HxyBBFeelhPPWmD+LnklOpqZDkrFP5VduASk=; +# Specify the required password for postgres +export POSTGRES_PASSWORD=U9Vu62udJho584TFF44X; + +docker compose -f ./docker-compose.yaml -f ./docker-compose.postgres.yaml up -d +``` + +If you want to watch file changes and rebuild the container during development, run the following commands instead: +```bash +# Specify the required private key of the server operator +export WARG_OPERATOR_KEY=ecdsa-p256:I+UlDo0HxyBBFeelhPPWmD+LnklOpqZDkrFP5VduASk=; +# Specify the required password for postgres +export POSTGRES_PASSWORD=U9Vu62udJho584TFF44X; + +docker compose -f ./docker-compose.yaml -f ./docker-compose.postgres.yaml up --watch +``` + +After all the services are started and ready, you can start access the warg server through `localhost:8090` + +#### Setting up the client + +Start by configuring the client to use the local server's URL: + +```bash +warg config --registry http://127.0.0.1:8090 +``` + +This creates a [`$CONFIG_DIR/warg/config.json`][config_dir] configuration file; +the configuration file will specify the home registry URL to use so that the +`--registry` option does not need to be specified for every command. + +Data downloaded by the client is stored in [`$CACHE_DIR/warg`][cache_dir] by +default. + +Next, create a new signing key to publish packages with: + +```bash +warg key new 127.0.0.1:8090 +``` + +The new signing key will be stored in your operating system's key store and +used to sign package log entries when publishing to the registry. + +[config_dir]: https://docs.rs/dirs/5.0.0/dirs/fn.config_dir.html +[cache_dir]: https://docs.rs/dirs/5.0.0/dirs/fn.cache_dir.html + +### Improving The Documentation + + +## Styleguides +### Commit Messages + + +## Join The Project Team + + + +## Attribution +This guide is based on the **contributing-gen**. [Make your own](https://github.com/bttger/contributing-gen)! \ No newline at end of file From 1fde41fb09e710967792dcb5e670f7aea1c7e60a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 04:42:19 +0800 Subject: [PATCH 5/8] Remove the old infra directory --- infra/local/.env | 2 -- infra/local/.gitignore | 2 -- infra/local/README.md | 40 -------------------------------------- infra/local/down.sh | 28 -------------------------- infra/local/locals.inc.sh | 38 ------------------------------------ infra/local/rebuild.sh | 35 --------------------------------- infra/local/secrets.inc.sh | 40 -------------------------------------- infra/local/stop.sh | 25 ------------------------ infra/local/up.sh | 35 --------------------------------- 9 files changed, 245 deletions(-) delete mode 100644 infra/local/.env delete mode 100644 infra/local/.gitignore delete mode 100644 infra/local/README.md delete mode 100755 infra/local/down.sh delete mode 100644 infra/local/locals.inc.sh delete mode 100755 infra/local/rebuild.sh delete mode 100644 infra/local/secrets.inc.sh delete mode 100755 infra/local/stop.sh delete mode 100755 infra/local/up.sh diff --git a/infra/local/.env b/infra/local/.env deleted file mode 100644 index 74161f6e..00000000 --- a/infra/local/.env +++ /dev/null @@ -1,2 +0,0 @@ -WARG_SERVER_LISTEN_ADDRESS=127.0.0.1:17513 -WARG_POSTGRES_LISTEN_ADDRESS=127.0.0.1:17514 diff --git a/infra/local/.gitignore b/infra/local/.gitignore deleted file mode 100644 index f2630b9f..00000000 --- a/infra/local/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -*.local.* -.secrets diff --git a/infra/local/README.md b/infra/local/README.md deleted file mode 100644 index 834e17c7..00000000 --- a/infra/local/README.md +++ /dev/null @@ -1,40 +0,0 @@ -## Overview - -This directory contains scripts and Docker Compose configuration to run the registry along with associated infra like -a database for storage for local development and testing purposes. The script names closely mirror the `docker-compose` -commands. - -To help avoid conflicts with other processes that may be running on one's machine, the locally bound ports start with a -random number, 17513. This configuration along with other variables are set in `.env`. - -### Usage - -Start up the local infra: - -``` -./up.sh -``` - -Start the local infra while forcing a rebuild of source code: - -``` -./rebuild.sh -``` - -Both the above commands generate `*.local.*` files that provide assistance for interacting with the local infra: - -- `pgpass.local.conf`, the `pgpass` configuration for connecting to the database -- `psql.local.sh`, a `psql` convenience wrapper script that uses the above `pgpass` - - -Stopping the local infra: - -``` -./stop.sh -``` - -Stopping the local infra and completely removing any resources: - -``` -./down.sh -``` diff --git a/infra/local/down.sh b/infra/local/down.sh deleted file mode 100755 index 9aebf82e..00000000 --- a/infra/local/down.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/env bash -# -# Stops the local infra and removes any associated data and container resources. - -set -eou pipefail - -SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)" - -if [[ ! -d "$SCRIPT_DIR" ]]; then - printf "Unexpected error, calculated SCRIPT_DIR was not a directory: %s\n" "$SCRIPT_DIR" 1>&2 - exit 2 -fi - -# SEE: https://github.com/docker/buildx/issues/197 -REPO_DIR="$(realpath "$SCRIPT_DIR/../..")" - -if [[ ! -d "$REPO_DIR" ]]; then - printf "Unexpected error, calculated REPO_DIR was not a directory: %s\n" "$REPO_DIR" 1>&2 - exit 2 -fi - -docker compose --env-file "$SCRIPT_DIR/.env" \ - -f "$REPO_DIR/docker-compose.yaml" \ - -f "$REPO_DIR/docker-compose.postgres.yaml" \ - down --remove-orphans --volumes - -find "$SCRIPT_DIR" -type f -name '*.local.*' -exec rm -f '{}' \; -rm -rf "$SCRIPT_DIR/.secrets" diff --git a/infra/local/locals.inc.sh b/infra/local/locals.inc.sh deleted file mode 100644 index 713a21dc..00000000 --- a/infra/local/locals.inc.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/env bash -# -# Combines locally generated secrets with runtime information for local -# connection utilities. - -function generate_locals { - if [[ ! -d "${REPO_DIR:-}" ]]; then - printf "The environment variable REPO_DIR was not set nor a directory.\n" 1>&2 - fi - - local LOCAL_INFRA_DIR SECRETS_DIR PGPORT PGPASS PGPASS_FILE PSQL_FILE - - LOCAL_INFRA_DIR="$REPO_DIR/infra/local" - SECRETS_DIR="$LOCAL_INFRA_DIR/.secrets" - - PGPASS_FILE="$SECRETS_DIR/pgpass.local.conf" - PSQL_FILE="$SCRIPT_DIR/psql.local.sh" - - # Extract the local randomly bound port number used for exposing postgres. - PGPORT=$(docker port registry-db-1 5432 | sed -e 's/.*://g') - - PGPASS="localhost" - PGPASS="$PGPASS:$PGPORT" - PGPASS="$PGPASS:warg_registry" - PGPASS="$PGPASS:postgres" - PGPASS="$PGPASS:$(<"$SECRETS_DIR/data-store/postgres/password")" - printf "%s\n" "$PGPASS" >"$PGPASS_FILE" - chmod 600 "$PGPASS_FILE" - - cat >"$PSQL_FILE" </dev/null && pwd)" - -if [[ ! -d "$SCRIPT_DIR" ]]; then - printf "Unexpected error, calculated SCRIPT_DIR was not a directory: %s\n" "$SCRIPT_DIR" 1>&2 - exit 2 -fi - -# SEE: https://github.com/docker/buildx/issues/197 -REPO_DIR="$(realpath "$SCRIPT_DIR/../..")" - -if [[ ! -d "$REPO_DIR" ]]; then - printf "Unexpected error, calculated REPO_DIR was not a directory: %s\n" "$REPO_DIR" 1>&2 - exit 2 -fi - -# shellcheck disable=SC1091 -. "$SCRIPT_DIR/locals.inc.sh" - -# shellcheck disable=SC1091 -. "$SCRIPT_DIR/secrets.inc.sh" - -generate_secrets - -docker compose --env-file "$SCRIPT_DIR/.env" \ - -f "$REPO_DIR/docker-compose.yaml" \ - -f "$REPO_DIR/docker-compose.postgres.yaml" \ - up --build -d - -generate_locals "$SCRIPT_DIR" diff --git a/infra/local/secrets.inc.sh b/infra/local/secrets.inc.sh deleted file mode 100644 index 6bbe34e9..00000000 --- a/infra/local/secrets.inc.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash -# -# Builds the secrets needed for the local infra if not already present. - -function generate_password { - # macOS (because its tr cannot handle urandom input), or Linux if installed - if command -v uuidgen >/dev/null; then - uuidgen - else - tr &2 - fi - - SECRETS_DIR="$REPO_DIR/infra/local/.secrets" - POSTGRES_CREDS_DIR="$SECRETS_DIR/data-store/postgres" - - mkdir -p "$POSTGRES_CREDS_DIR" - - # NOTE: the password should not require escaping/encoding for a URL - if [[ ! -f "$POSTGRES_CREDS_DIR/password" ]]; then - echo -n "$(generate_password)" >"$POSTGRES_CREDS_DIR/password" - fi - - if [[ ! -f "$POSTGRES_CREDS_DIR/database_url" ]]; then - echo -n "postgres://postgres:$(<"$POSTGRES_CREDS_DIR/password")@db:5432/warg_registry" >"$POSTGRES_CREDS_DIR/database_url" - fi - if [[ ! -f "$POSTGRES_CREDS_DIR/database_url_env" ]]; then - echo "WARG_DATABASE_URL=$(<"$POSTGRES_CREDS_DIR/database_url")" >"$POSTGRES_CREDS_DIR/database_url_env" - fi - - # TODO: generate operator-key dynamically - echo -n "ecdsa-p256:I+UlDo0HxyBBFeelhPPWmD+LnklOpqZDkrFP5VduASk=" >"$SECRETS_DIR/operator_key" -} diff --git a/infra/local/stop.sh b/infra/local/stop.sh deleted file mode 100755 index 6cb3215f..00000000 --- a/infra/local/stop.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash -# -# Stops the local infra while preserving any data. - -set -eou pipefail - -SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)" - -if [[ ! -d "$SCRIPT_DIR" ]]; then - printf "Unexpected error, calculated SCRIPT_DIR was not a directory: %s\n" "$SCRIPT_DIR" 1>&2 - exit 2 -fi - -# SEE: https://github.com/docker/buildx/issues/197 -REPO_DIR="$(realpath "$SCRIPT_DIR/../..")" - -if [[ ! -d "$REPO_DIR" ]]; then - printf "Unexpected error, calculated REPO_DIR was not a directory: %s\n" "$REPO_DIR" 1>&2 - exit 2 -fi - -docker compose --env-file "$SCRIPT_DIR/.env" \ - -f "$REPO_DIR/docker-compose.yaml" \ - -f "$REPO_DIR/docker-compose.postgres.yaml" \ - stop diff --git a/infra/local/up.sh b/infra/local/up.sh deleted file mode 100755 index c6bda5d5..00000000 --- a/infra/local/up.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/usr/bin/env bash -# -# Starts the local infra. - -set -eou pipefail - -SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)" - -if [[ ! -d "$SCRIPT_DIR" ]]; then - printf "Unexpected error, calculated SCRIPT_DIR was not a directory: %s\n" "$SCRIPT_DIR" 1>&2 - exit 2 -fi - -# SEE: https://github.com/docker/buildx/issues/197 -REPO_DIR="$(realpath "$SCRIPT_DIR/../..")" - -if [[ ! -d "$REPO_DIR" ]]; then - printf "Unexpected error, calculated REPO_DIR was not a directory: %s\n" "$REPO_DIR" 1>&2 - exit 2 -fi - -# shellcheck disable=SC1091 -. "$SCRIPT_DIR/locals.inc.sh" - -# shellcheck disable=SC1091 -. "$SCRIPT_DIR/secrets.inc.sh" - -generate_secrets - -docker compose --env-file "$SCRIPT_DIR/.env" \ - -f "$REPO_DIR/docker-compose.yaml" \ - -f "$REPO_DIR/docker-compose.postgres.yaml" \ - up -d - -generate_locals "$SCRIPT_DIR" From 57ecb38adeb4cbc78d0b9a5009f79f2ec3108e71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 04:44:40 +0800 Subject: [PATCH 6/8] Improve the TOC indent of CONTRIBUTING.md --- CONTRIBUTING.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e6b916e5..2e856c62 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -16,12 +16,12 @@ All types of contributions are encouraged and valued. See the [Table of Contents - [I Have a Question](#i-have-a-question) - [I Want To Contribute](#i-want-to-contribute) -- [Reporting Bugs](#reporting-bugs) -- [Suggesting Enhancements](#suggesting-enhancements) -- [Your First Code Contribution](#your-first-code-contribution) -- [Improving The Documentation](#improving-the-documentation) + - [Reporting Bugs](#reporting-bugs) + - [Suggesting Enhancements](#suggesting-enhancements) + - [Your First Code Contribution](#your-first-code-contribution) + - [Improving The Documentation](#improving-the-documentation) - [Styleguides](#styleguides) -- [Commit Messages](#commit-messages) + - [Commit Messages](#commit-messages) - [Join The Project Team](#join-the-project-team) From 7243bd25e4af780481bbc52592af14057deffadb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=B6=99=E5=AD=90=E8=B3=A2?= Date: Sun, 12 May 2024 05:02:34 +0800 Subject: [PATCH 7/8] Remove tmp.Dockerfile --- tmp.Dockerfile | 82 -------------------------------------------------- 1 file changed, 82 deletions(-) delete mode 100644 tmp.Dockerfile diff --git a/tmp.Dockerfile b/tmp.Dockerfile deleted file mode 100644 index 698f0f7f..00000000 --- a/tmp.Dockerfile +++ /dev/null @@ -1,82 +0,0 @@ -# Create shared chef base image for planner and builder targets. -# Chef is used to optimize caching of Rust dependency building. -# Separate stages are used to avoid error-prone cleaning of temporary files -# during the chef planner stage that generates a recipe -FROM rust:1.69-bullseye AS chef -RUN rustup update stable --no-self-update \ - && rustup default stable \ - && rustup target add wasm32-wasi \ - && rustup target add wasm32-unknown-unknown -RUN cargo install cargo-chef --locked - -# Create Chef's recipe.json which captures dependency build information. -FROM chef AS planner -WORKDIR /usr/src/bytecodealliance/registry -COPY . . -RUN cargo chef prepare --recipe-path recipe.json - -# Uses Chef's recipe.json to first build dependencies in a layer that is cached -# before building the project thereby limiting unnecessary rebuilding if only -# source code is changed. -FROM chef AS builder -ARG FEATURES=postgres -WORKDIR /usr/src/bytecodealliance/registry -COPY --from=planner /usr/src/bytecodealliance/registry/recipe.json ./ -RUN cargo chef cook --release --workspace --features "$FEATURES" --recipe-path recipe.json -COPY . . -RUN cargo build --release --workspace --features "$FEATURES" - -# A minimal container with just the warg-server binary. It uses a slim base -# image instead of distroless for ease of installing the libpq5 library which -# is required for the postgres feature. -# -# TODO: Use distroless by copying in contents of libpq5 as a layer. -FROM debian:bullseye-slim AS warg-server -WORKDIR /app -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg-server" /usr/local/bin/ -ENTRYPOINT [ "/usr/local/bin/warg-server" ] - -# A warg-server container variant with some additional utilities installed for -# debugging. -FROM warg-server AS warg-server-debug -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - ca-certificates curl netcat inetutils-ping postgresql-client jq \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -RUN curl -sSL https://github.com/mikefarah/yq/releases/download/v4.33.3/yq_linux_amd64.tar.gz \ - | tar -O -zxf - ./yq_linux_amd64 \ - | tee /usr/local/bin/yq >/dev/null \ - && chmod +x /usr/local/bin/yq - -# A container for the warg cli tool which can be used in one-off tasks or -# scheduled cron jobs for example. -FROM gcr.io/distroless/cc AS warg -COPY --from=builder "/usr/src/bytecodealliance/registry/target/release/warg" /usr/local/bin/ -ENTRYPOINT [ "/usr/local/bin/warg" ] - -# A base image for building database migration utiltiy containers based on -# diesel, the library used by warg for the postgres feature. -FROM rust:1.69-bullseye AS diesel -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -RUN cargo install diesel_cli --no-default-features --features postgres - -# A container with an entrypoint configured to apply the warg postgres database -# migrations using the diesel utility. Add the database-url option as a command -# line argument or an environment variable to use. -FROM debian:bullseye-slim AS warg-postgres-migration -WORKDIR /app -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ - libpq5 \ - && rm -rf /var/cache/apt/archives /var/lib/apt/lists -COPY --from=diesel /usr/local/cargo/bin/diesel /usr/local/bin -COPY ./crates/server/diesel.toml ./ -COPY ./crates/server/src/datastore/postgres ./src/datastore/postgres -ENTRYPOINT [ "/usr/local/bin/diesel", "migration", "run", "--migration-dir", "./src/datastore/postgres/migrations" ] From ca377f1d389894598bd8f3b44b7198b30bf6034d Mon Sep 17 00:00:00 2001 From: Calvin Prewitt Date: Tue, 14 May 2024 06:04:11 -0500 Subject: [PATCH 8/8] fixed host binding on server to run correctly in docker `0.0.0.0` instead of `127.0.0.1` --- crates/server/README.md | 2 +- crates/server/src/bin/warg-server.rs | 2 +- crates/server/src/lib.rs | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crates/server/README.md b/crates/server/README.md index f08414db..02709fd0 100644 --- a/crates/server/README.md +++ b/crates/server/README.md @@ -20,7 +20,7 @@ Also, provide the `WARG_NAMESPACE` environment variable to define the initial na $ WARG_NAMESPACE=example WARG_OPERATOR_KEY="ecdsa-p256:I+UlDo0HxyBBFeelhPPWmD+LnklOpqZDkrFP5VduASk=" cargo run -- --content-dir content 2023-04-18T23:48:52.149746Z INFO warg_server::services::core: initializing core service 2023-04-18T23:48:52.170199Z INFO warg_server::services::core: core service is running -2023-04-18T23:48:52.170233Z INFO warg_server: listening on 127.0.0.1:8090 +2023-04-18T23:48:52.170233Z INFO warg_server: listening on 0.0.0.0:8090 ``` ### PostgreSQL storage diff --git a/crates/server/src/bin/warg-server.rs b/crates/server/src/bin/warg-server.rs index 9b86a9b8..3a092986 100644 --- a/crates/server/src/bin/warg-server.rs +++ b/crates/server/src/bin/warg-server.rs @@ -24,7 +24,7 @@ struct Args { verbose: u8, /// Address to listen to - #[arg(short, long, env = "WARG_LISTEN", default_value = "127.0.0.1:8090")] + #[arg(short, long, env = "WARG_LISTEN", default_value = "0.0.0.0:8090")] listen: SocketAddr, /// The content storage directory to use. diff --git a/crates/server/src/lib.rs b/crates/server/src/lib.rs index 9857d466..b574ea38 100644 --- a/crates/server/src/lib.rs +++ b/crates/server/src/lib.rs @@ -17,7 +17,7 @@ pub mod datastore; pub mod policy; pub mod services; -const DEFAULT_BIND_ADDRESS: &str = "127.0.0.1:8090"; +const DEFAULT_BIND_ADDRESS: &str = "0.0.0.0:8090"; const DEFAULT_CHECKPOINT_INTERVAL: Duration = Duration::from_secs(5); type ShutdownFut = Pin + Send + Sync>>;