-
Notifications
You must be signed in to change notification settings - Fork 237
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Distribute docker container to run ATH #238
Merged
Merged
Changes from all commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
4ea67bd
Distribute docker contianer to run ATH
olivergondza 7741607
Ilustrate container usage
olivergondza bbcb0a3
Update vnc out redirection
olivergondza 9d6105a
Fix vnc output and add containerargs to Jenkinsfile
olivergondza 69e8dff
Delegate to docker.build step
olivergondza 57d5b0c
Merge branch 'master' into ci.jenkins.io
olivergondza c8326cc
Skip tests explicitly requesting plugins not in update center
olivergondza 8658c14
Let's see if highram have docker installed
olivergondza 327c293
Address some of the Jesse's comments
olivergondza f89e312
highram label does not seem to be present
olivergondza 828ea25
Silly typo
olivergondza b2261ba
Do not duplicate the Jenkins file in documentation
olivergondza 197f522
Do not waste time installing docker daemon
olivergondza da824c4
Expose VNC port and avoid xauth warning
olivergondza 39acd00
Merge branch 'master' into ci.jenkins.io
olivergondza cc60e66
Add unzip and git into ATH container
olivergondza 46ef7ea
Avoid random failures of `apt-get update`
olivergondza File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
// For ci.jenkins.io | ||
// https://github.com/jenkins-infra/documentation/blob/master/ci.adoc | ||
|
||
def mavenName = 'mvn' | ||
def jdkName = 'jdk8' | ||
|
||
node('docker') { | ||
checkout scm | ||
|
||
def uid = sh returnStdout: true, script: "id -u | tr -d '\n'" | ||
def gid = sh returnStdout: true, script: "id -g | tr -d '\n'" | ||
|
||
def buildArgs = "--build-arg=uid=${uid} --build-arg=gid=${gid} src/main/resources/ath-container" | ||
def image = docker.build('jenkins/ath', buildArgs) | ||
|
||
String containerArgs = '-v /var/run/docker.sock:/var/run/docker.sock' | ||
image.inside(containerArgs) { | ||
sh ''' | ||
eval $(./vnc.sh) | ||
./run.sh firefox latest -Dmaven.test.failure.ignore=true -DforkCount=1 -B | ||
''' | ||
} | ||
|
||
junit 'target/surefire-reports/TEST-*.xml' | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
# Running tests in docker container | ||
|
||
Depending on the CI infrastructure setup one may need to run the ATH itself in a docker container with access to the host docker service, following a strategy similar to the one described in [this article](http://jpetazzo.github.io/2015/09/03/do-not-use-docker-in-docker-for-ci/). When this is needed, the docker fixtures should not be accessed through mapped ports on the docker host, but directly through their container IP and port since they are "sibling" containers to the ATH. To enable this, set the environment variable SHARED_DOCKER_SERVICE=true, and then the functions ipBound(n) and port(n) will just return the container's IP and port where the fixture can be accessed. | ||
|
||
TO-DO: Instead of depending on setting this environment variable, in the future we could try to somehow automatically detect the situation. | ||
|
||
Interactive shell: | ||
|
||
$ docker build --build-arg=uid=$(id -u) --build-arg=gid=$(id -g) -t jenkins/ath src/main/resources/ath-container | ||
$ docker run -it --rm -P -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/home/ath-user/ath --user ath-user jenkins/ath bash -c 'cd $HOME/ath && bash' | ||
$ eval $(./vnc.sh) | ||
$ ./run.sh firefox latest -Dmaven.test.failure.ignore=true -DforkCount=1 -B | ||
|
||
Jenkinsfile: | ||
|
||
See the repository `Jenkinsfile` for inspiration. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
# Dockerfile to be used to run ATH itself. | ||
# | ||
# see docs/DOCKER.md for usage | ||
|
||
|
||
FROM debian:stretch | ||
MAINTAINER ogondza@gmail.com | ||
|
||
RUN apt-get clean && \ | ||
apt-get -y update && \ | ||
apt-get install -y \ | ||
curl \ | ||
git \ | ||
imagemagick \ | ||
iptables \ | ||
firefox-esr \ | ||
maven \ | ||
openjdk-8-jdk \ | ||
unzip \ | ||
vnc4server | ||
|
||
# All we need is a statically linked client library - no need to install daemon deps: https://get.docker.com/builds/ | ||
RUN curl -fsSLO https://get.docker.com/builds/Linux/x86_64/docker-17.04.0-ce.tgz && \ | ||
tar --strip-components=1 -xvzf docker-17.04.0-ce.tgz -C /usr/local/bin | ||
|
||
# Allow injecting uid and git to match directory ownership | ||
ARG uid=1000 | ||
ENV uid $uid | ||
ARG gid=1000 | ||
ENV gid $gid | ||
|
||
EXPOSE 5942 | ||
|
||
# So it is owned by root and has the permissions vncserver seems to require: | ||
RUN mkdir /tmp/.X11-unix && chmod 1777 /tmp/.X11-unix/ | ||
|
||
RUN groupadd ath-user -g $gid && \ | ||
useradd ath-user -u $uid -g $gid -m -d /home/ath-user | ||
|
||
# TODO seems this can be picked up from the host, which is unwanted: | ||
ENV XAUTHORITY /home/ath-user/.Xauthority | ||
|
||
USER ath-user | ||
RUN mkdir /home/ath-user/.vnc && (echo ath-user; echo ath-user) | vncpasswd /home/ath-user/.vnc/passwd | ||
# Default content includes x-window-manager, which is not installed, plus other stuff we do not need (vncconfig, x-terminal-emulator, etc.): | ||
RUN touch /home/ath-user/.vnc/xstartup && chmod a+x /home/ath-user/.vnc/xstartup | ||
# Prevent xauth to complain in a confusing way | ||
RUN touch /home/ath-user/.Xauthority | ||
|
||
# Set SUID and SGID for docker binary so it can communicate with mapped socket its uid:gid we can not control. Alternative | ||
# approach used for this is adding ath-user to the group of /var/run/docker.sock but that require root permission we do not | ||
# have in ENTRYPOINT as the container is started as ath-user. | ||
USER root | ||
RUN chmod ug+s "$(which docker)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should expose port 9042 or whatever it is, so people can attach a desktop
vncviewer
to the container and watch the magic happen.