artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 13:11:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: enable bazel builds for docker images (#51241)

Browse Source 
Reintroduces the same changes as
https://github.com/sourcegraph/sourcegraph/pull/51104 minus
syntax-highlighter which we're unable to compile with the right
toolchain at the moment.

Tested as a full main-dry-run, as well as running the stack with compose
and checking indexing and syntax-highlighting.

Executors are also built correctly. 


## Test plan

CI + manual test via compose.

---------

Co-authored-by: Jean-Hadrien Chabran <jh@chabran.fr>
This commit is contained in:
Dave Try 2023-04-28 03:41:13 -05:00 committed by GitHub
parent ff90add17a
commit 321e0e9d01
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
130 changed files with 1850 additions and 339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.bazelrc
View File

@ -17,5 +17,10 @@ try-import %workspace%/.aspect/bazelrc/user.bazelrc
# Enable bazel hack for autogold; apply to both build & test to avoid busting analysis cache
build --test_env=ENABLE_BAZEL_PACKAGES_LOAD_HACK=true
# Needed by https://github.com/uber/bazel-zig-cc which we use to cross-compile
# CGo code for cmd/symbols to be used in containers.
build --incompatible_enable_cc_toolchain_resolution
# Except in CI run E2E tests in headless mode
try-import %workspace%/user.bazelrc

6
.buildkite/hooks/pre-command
View File

@ -1,6 +1,6 @@
#!/usr/bin/env bash
set -eu
set -e
# Create the folder for annotations
mkdir -p ./annotations/
@ -15,11 +15,13 @@ if [[ "$BUILDKITE_AGENT_META_DATA_QUEUE" != "bazel" ]]; then
asdf install golang
elif [[ "$BUILDKITE_STEP_KEY" == "pipeline-upload" ]]; then
echo "pipeline-upload step: skipping asdf install"
elif [[ "${BUILDKITE_GROUP_KEY:=\"\"}" == "Publishimages" ]]; then
echo "publish image step: skipping asdf install"
else
echo "running normal install"
./dev/ci/asdf-install.sh
fi
#else
#else
# Only enable when you're debugging, this produces about 300 log files
# export BUILDKITE_ARTIFACT_PATHS="$(bazel info bazel-testlogs)/**/*.log"
fi

3
BUILD.bazel generated
View File

@ -229,4 +229,7 @@ nogo(
exports_files([
"go.mod",
# Used for when copy_to_directory might reference an empty filegroup
# under certain conditions. See //ui/assets/...
"CHANGELOG.md",
])

16
WORKSPACE
View File

@ -252,6 +252,22 @@ load("@crate_index//:defs.bzl", "crate_repositories")
crate_repositories()
BAZEL_ZIG_CC_VERSION = "v1.0.1"
http_archive(
name = "bazel-zig-cc",
sha256 = "e9f82bfb74b3df5ca0e67f4d4989e7f1f7ce3386c295fd7fda881ab91f83e509",
strip_prefix = "bazel-zig-cc-{}".format(BAZEL_ZIG_CC_VERSION),
urls = [
"https://mirror.bazel.build/github.com/uber/bazel-zig-cc/releases/download/{0}/{0}.tar.gz".format(BAZEL_ZIG_CC_VERSION),
"https://github.com/uber/bazel-zig-cc/releases/download/{0}/{0}.tar.gz".format(BAZEL_ZIG_CC_VERSION),
],
)
load("@bazel-zig-cc//toolchain:defs.bzl", zig_toolchains = "toolchains")
zig_toolchains()
load("//dev/backcompat:defs.bzl", "back_compat_defs")
back_compat_defs()

6
client/web/BUILD.bazel generated
View File

@ -1977,6 +1977,7 @@ ENTERPRISE_BUNDLE_DATA_DEPS = BUNDLE_DATA_DEPS + [
"NODE_ENV": "production" if prod else "development",
},
output_dir = True,
visibility = ["//ui/assets:__subpackages__"],
webpack_config = "webpack.bazel.config.js",
deps = WEBPACK_CONFIG_DEPS,
)
@ -2005,11 +2006,12 @@ webpack_bundle(
"WEBPACK_USE_NAMED_CHUNKS": "false",
},
output_dir = True,
visibility = ["//ui/assets:__subpackages__"],
webpack_config = "webpack.bazel.config.js",
deps = WEBPACK_CONFIG_DEPS,
)
# Used for integartion tests and has bigger bundle size
# Used for integration tests and has bigger bundle size
# because of the inlined source-maps.
webpack_web_app(
name = "app-enterprise",
@ -2027,7 +2029,7 @@ webpack_web_app(
"INTEGRATION_TESTS": "true",
},
output_dir = True,
visibility = ["//client/web:__subpackages__"],
visibility = ["//visibility:public"],
webpack_config = "webpack.bazel.config.js",
deps = WEBPACK_CONFIG_DEPS,
)

2
cmd/blobstore/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

5
cmd/blobstore/build.sh
View File

@ -11,13 +11,12 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/gitserver \
./dev/ci/bazel.sh build //cmd/blobstore \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/blobstore --output=files)
out=$(./dev/ci/bazel.sh cquery //cmd/blobstore --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/blobstore/Dockerfile -t "$IMAGE" "$OUTPUT" \

6
cmd/frontend/BUILD.bazel generated
View File

@ -8,6 +8,8 @@ go_library(
deps = [
"//cmd/frontend/shared",
"//cmd/sourcegraph-oss/osscmd",
"//ui/assets",
"//ui/assets/oss",
],
)
@ -15,4 +17,8 @@ go_binary(
name = "frontend",
embed = [":frontend_lib"],
visibility = ["//visibility:public"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
)

2
cmd/frontend/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

12
cmd/frontend/build.sh
View File

@ -9,6 +9,18 @@ cleanup() {
rm -rf "$OUTPUT"
}
trap cleanup EXIT
if [[ "$DOCKER_BAZEL" == "true" ]]; then
./dev/ci/bazel.sh build //cmd/frontend
out=$(./dev/ci/bazel.sh cquery //cmd/frontend --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on

4
cmd/frontend/internal/app/assetsutil/handler.go
View File

@ -15,7 +15,7 @@ import (
// NewAssetHandler creates the static asset handler. The handler should be wrapped into a middleware
// that enables cross-origin requests to allow the loading of the Phabricator native extension assets.
func NewAssetHandler(mux *http.ServeMux) http.Handler {
fs := httpgzip.FileServer(assets.Assets, httpgzip.FileServerOptions{DisableDirListing: true})
fs := httpgzip.FileServer(assets.Provider.Assets(), httpgzip.FileServerOptions{DisableDirListing: true})
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Kludge to set proper MIME type. Automatic MIME detection somehow detects text/xml under
@ -44,7 +44,7 @@ func NewAssetHandler(mux *http.ServeMux) http.Handler {
//
// Assets is backed by in-memory byte arrays, so this is a
// cheap operation.
f, err := assets.Assets.Open(r.URL.Path)
f, err := assets.Provider.Assets().Open(r.URL.Path)
if f != nil {
defer f.Close()
}

2
cmd/frontend/internal/app/ui/handlers.go
View File

@ -144,7 +144,7 @@ func newCommon(w http.ResponseWriter, r *http.Request, db database.DB, title str
return mockNewCommon(w, r, title, serveError)
}
manifest, err := assets.LoadWebpackManifest()
manifest, err := assets.Provider.LoadWebpackManifest()
if err != nil {
return nil, errors.Wrap(err, "loading webpack manifest")
}

2
cmd/frontend/internal/app/ui/handlers_test.go
View File

@ -32,6 +32,7 @@ import (
)
func TestRedirects(t *testing.T) {
assets.UseDevAssetsProvider()
assets.MockLoadWebpackManifest = func() (*assets.WebpackManifest, error) {
return &assets.WebpackManifest{}, nil
}
@ -121,6 +122,7 @@ func TestRepoShortName(t *testing.T) {
}
func TestNewCommon_repo_error(t *testing.T) {
assets.UseDevAssetsProvider()
assets.MockLoadWebpackManifest = func() (*assets.WebpackManifest, error) {
return &assets.WebpackManifest{}, nil
}

2
cmd/frontend/internal/app/ui/tmpl.go
View File

@ -50,7 +50,7 @@ var funcMap = template.FuncMap{
}
// Read file contents and calculate MD5 sum to represent version.
f, err := assets.Assets.Open(fp)
f, err := assets.Provider.Assets().Open(fp)
if err != nil {
return "", err
}

8
cmd/frontend/main.go
View File

@ -2,10 +2,18 @@
package main
import (
"os"
"github.com/sourcegraph/sourcegraph/cmd/frontend/shared"
"github.com/sourcegraph/sourcegraph/cmd/sourcegraph-oss/osscmd"
"github.com/sourcegraph/sourcegraph/ui/assets"
_ "github.com/sourcegraph/sourcegraph/ui/assets/oss" // Select oss assets
)
func main() {
if os.Getenv("WEBPACK_DEV_SERVER") == "1" {
assets.UseDevAssetsProvider()
}
osscmd.DeprecatedSingleServiceMainOSS(shared.Service)
}

4
cmd/frontend/pre-build.sh
View File

@ -2,6 +2,10 @@
set -ex
cd "$(dirname "${BASH_SOURCE[0]}")"/../..
if [[ "$DOCKER_BAZEL" == "true" ]]; then
exit 0
fi
# Build the webapp typescript code.
echo "--- pnpm install"
# mutex is necessary since CI runs various pnpm installs in parallel

2
cmd/github-proxy/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

5
cmd/github-proxy/build.sh
View File

@ -11,13 +11,12 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/github-proxy \
./dev/ci/bazel.sh build //cmd/github-proxy \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/github-proxy --output=files)
out=$(./dev/ci/bazel.sh cquery //cmd/github-proxy --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/github-proxy/Dockerfile -t "$IMAGE" "$OUTPUT" \

8
cmd/gitserver/Dockerfile
View File

@ -4,7 +4,7 @@
# ignores.
# Install p4 CLI (keep this up to date with cmd/server/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4cli
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
@ -13,19 +13,19 @@ RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr
chmod +x /usr/local/bin/p4 && \
sha256sum -c expected_hash
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4-fusion
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion
COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh
RUN /p4-fusion-install-alpine.sh
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS coursier
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

8
cmd/gitserver/build.sh
View File

@ -15,12 +15,8 @@ trap cleanup EXIT
cp -a ./cmd/gitserver/p4-fusion-install-alpine.sh "$OUTPUT"
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/gitserver \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/gitserver --output=files)
./dev/ci/bazel.sh build //cmd/gitserver
out=$(./dev/ci/bazel.sh cquery //cmd/gitserver --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/gitserver/Dockerfile -t "$IMAGE" "$OUTPUT" \

2
cmd/loadtest/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

9
cmd/loadtest/build.sh
View File

@ -11,13 +11,8 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/loadtest \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/loadtest --output=files)
./dev/ci/bazel.sh build //cmd/loadtest
out=$(./dev/ci/bazel.sh cquery //cmd/loadtest --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/loadtest/Dockerfile -t "$IMAGE" "$OUTPUT" \

2
cmd/migrator/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

55
cmd/migrator/build.sh
View File

@ -11,36 +11,6 @@ cleanup() {
}
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/migrator \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/migrator --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/migrator/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64
export GOOS=linux
export CGO_ENABLED=0
echo "--- go build"
pkg=${1:-"github.com/sourcegraph/sourcegraph/cmd/migrator"}
output="$OUTPUT/$(basename "$pkg")"
# shellcheck disable=SC2153
go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$output" "$pkg"
echo "--- compile schema descriptions"
mkdir -p "${OUTPUT}/schema-descriptions"
@ -107,6 +77,31 @@ for version in "${git_versions[@]}"; do
git show "${version}:internal/database/schema.codeinsights.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.codeinsights.json"
done
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //cmd/migrator
out=$(./dev/ci/bazel.sh cquery //cmd/migrator --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/migrator/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64
export GOOS=linux
export CGO_ENABLED=0
echo "--- go build"
pkg=${1:-"github.com/sourcegraph/sourcegraph/cmd/migrator"}
output="$OUTPUT/$(basename "$pkg")"
# shellcheck disable=SC2153
go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$output" "$pkg"
echo "--- docker build"
docker build -f cmd/migrator/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \

6
cmd/repo-updater/Dockerfile
View File

@ -4,7 +4,7 @@
# ignores.
# # Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile and cmd/server/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4cli
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
@ -13,14 +13,14 @@ RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr
chmod +x /usr/local/bin/p4 && \
sha256sum -c expected_hash
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS coursier
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

8
cmd/repo-updater/build.sh
View File

@ -12,12 +12,8 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/repo-updater \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/repo-updater --output=files)
./dev/ci/bazel.sh build //cmd/repo-updater
out=$(./dev/ci/bazel.sh cquery //cmd/repo-updater --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/repo-updater/Dockerfile -t "$IMAGE" "$OUTPUT" \

2
cmd/searcher/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
RUN apk --no-cache add pcre sqlite-libs libev

8
cmd/searcher/build.sh
View File

@ -11,12 +11,8 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/searcher \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/searcher --output=files)
./dev/ci/bazel.sh build //cmd/searcher
out=$(./dev/ci/bazel.sh cquery //cmd/searcher --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/searcher/Dockerfile -t "$IMAGE" "$OUTPUT" \

5
cmd/server/BUILD.bazel generated
View File

@ -5,7 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/cmd/server",
visibility = ["//visibility:private"],
deps = ["//cmd/server/shared"],
deps = [
"//cmd/server/shared",
"//ui/assets/oss",
],
)
go_binary(

8
cmd/server/Dockerfile
View File

@ -1,5 +1,5 @@
# Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4cli
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
@ -9,20 +9,20 @@ RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr
sha256sum -c expected_hash
# Install p4-fusion (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4-fusion
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion
COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh
RUN /p4-fusion-install-alpine.sh
# Install coursier (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS coursier
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
# TODO(security): This container should not be running as root!
#
# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments

138
cmd/server/Dockerfile.bazel Normal file
View File

@ -0,0 +1,138 @@
# Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \
wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \
chmod +x /usr/local/bin/p4 && \
sha256sum -c expected_hash
# Install p4-fusion (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion
COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh
RUN /p4-fusion-install-alpine.sh
# Install coursier (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
# TODO(security): This container should not be running as root!
#
# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments
# cannot be easily migrated we have not changed this from root -> sourcegraph. See:
# https://github.com/sourcegraph/sourcegraph/issues/13238
# hadolint ignore=DL3002
USER root
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"
ARG VERSION="unknown"
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
LABEL org.opencontainers.image.created=${DATE}
LABEL org.opencontainers.image.version=${VERSION}
LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA}
RUN apk add --no-cache --verbose \
# Minimal version requirement to address vulnerabilities
# https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/
'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \
git-lfs \
git-p4 \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \
# NOTE that the Postgres version we run is different
# from our *Minimum Supported Version* which alone dictates
# the features we can depend on. See this link for more information:
# https://github.com/sourcegraph/sourcegraph/blob/main/doc/dev/postgresql.md#version-requirements
# You can't just bump the major version since that requires pgupgrade
# between Sourcegraph releases.
&& apk add --no-cache --verbose \
postgresql=~12 \
postgresql-contrib=~12 \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.12/main \
&& apk add --no-cache --verbose \
'bash>=5.0.17' \
'redis>=5.0' \
python2 \
python3 \
'nginx>=1.18.0' openssh-client pcre sqlite-libs libev su-exec 'nodejs-current>=14.5.0' \
# We require libstdc++ for p4-fusion
libstdc++
# IMPORTANT: If you update the syntax-highlighter version below, you MUST confirm
# the ENV variables from its Dockerfile (https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/syntax-highlighter/Dockerfile)
# have been appropriately set in cmd/server/shared/shared.go.
# hadolint ignore=DL3022
COPY --from=comby/comby:alpine-3.14-1.8.1@sha256:a5e80d6bad6af008478679809dc8327ebde7aeff7b23505b11b20e36aa62a0b2 /usr/local/bin/comby /usr/local/bin/comby
# hadolint ignore=DL3022
COPY --from=docker.io/sourcegraph/syntax-highlighter:186324_2022-12-01_02d3b4384446 /syntax_highlighter /usr/local/bin/
# install blobstore (keep this up to date with the upstream Docker image
# referenced in docker-images/)
RUN apk add --no-cache --verbose openjdk11
# hadolint ignore=DL3022
COPY --from=sourcegraph/blobstore:server /opt/s3proxy /opt/s3proxy
COPY ctags-install-alpine.sh /ctags-install-alpine.sh
RUN /ctags-install-alpine.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/prom-wrapper /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/alertmanager /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /alertmanager.sh /alertmanager.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/prometheus /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /prometheus.sh /prometheus.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /usr/share/prometheus /usr/share/prometheus
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /sg_config_prometheus /sg_config_prometheus
RUN set -ex && \
addgroup -S grafana && \
adduser -S -G grafana grafana && \
apk add --no-cache libc6-compat ca-certificates su-exec
# hadolint ignore=DL3022
COPY --from=sourcegraph/grafana:server /usr/share/grafana /usr/share/grafana
COPY . /
# hadolint ignore=DL3022
COPY --from=p4cli /usr/local/bin/p4 /usr/local/bin/p4
COPY --from=p4-fusion /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion
COPY --from=coursier /usr/local/bin/coursier /usr/local/bin/coursier
# This is a trick to include libraries required by p4,
# please refer to https://blog.tilander.org/docker-perforce/
# hadolint ignore=DL4006
RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory /
# hadolint ignore=DL3022
COPY --from=sourcegraph/grafana:server /sg_config_grafana /sg_config_grafana
# hadolint ignore=DL3022
COPY --from=sourcegraph/postgres_exporter:server /usr/local/bin/postgres_exporter /usr/local/bin/postgres_exporter
RUN echo "hosts: files dns" > /etc/nsswitch.conf
# symbols is cgo, ensure we have the requisite dynamic libraries
RUN env SANITY_CHECK=true /usr/local/bin/symbols
WORKDIR /
ENV GO111MODULES=on LANG=en_US.utf8
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/server"]

132
cmd/server/build-bazel.sh Executable file
View File

@ -0,0 +1,132 @@
#!/usr/bin/env bash
# We want to build multiple go binaries, so we use a custom build step on CI.
cd "$(dirname "${BASH_SOURCE[0]}")/../.."
set -eux
# Fail early if env vars are not set
[ -n "$VERSION" ]
[ -n "$IMAGE" ]
OUTPUT=$(mktemp -d -t sgserver_XXXXXXX)
TMP=$(mktemp -d -t sgserver_tmp_XXXXXXX)
export OUTPUT
export BINDIR="$OUTPUT/usr/local/bin"
mkdir -p "$BINDIR"
cleanup() {
rm -rf "$OUTPUT"
rm -rf "$TMP"
}
trap cleanup EXIT
OSS_TARGETS=(
//cmd/frontend
//cmd/worker
//cmd/migrator
//cmd/repo-updater
//cmd/github-proxy
//cmd/gitserver
//cmd/searcher
//cmd/server
# https://github.com/sourcegraph/s3proxy is still the default for now.
# //cmd/blobstore
@com_github_sourcegraph_zoekt//cmd/zoekt-archive-index
@com_github_sourcegraph_zoekt//cmd/zoekt-git-index
@com_github_sourcegraph_zoekt//cmd/zoekt-sourcegraph-indexserver
@com_github_sourcegraph_zoekt//cmd/zoekt-webserver
)
ENTERPRISE_TARGETS=(
//cmd/github-proxy
//cmd/searcher
//enterprise/cmd/frontend
//enterprise/cmd/gitserver
//enterprise/cmd/worker
//enterprise/cmd/migrator
//enterprise/cmd/repo-updater
//enterprise/cmd/precise-code-intel-worker
//enterprise/cmd/server
)
MUSL_TARGETS=(
@com_github_sourcegraph_zoekt//cmd/zoekt-archive-index
@com_github_sourcegraph_zoekt//cmd/zoekt-git-index
@com_github_sourcegraph_zoekt//cmd/zoekt-sourcegraph-indexserver
@com_github_sourcegraph_zoekt//cmd/zoekt-webserver
)
if [[ "${ENTERPRISE:-"false"}" == "false" ]]; then
MUSL_TARGETS+=(//cmd/symbols)
exit $?
else
MUSL_TARGETS+=(//enterprise/cmd/symbols)
fi
echo "--- bazel build musl"
bazel \
--bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
build \
"${MUSL_TARGETS[@]}" \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl
for MUSL_TARGET in "${MUSL_TARGETS[@]}"; do
out=$(bazel --bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
cquery \
"$MUSL_TARGET" \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl \
--output=files)
cp "$out" "$BINDIR"
echo "copying $MUSL_TARGET"
done
if [[ "${ENTERPRISE:-"false"}" == "false" ]]; then
TARGETS=("${OSS_TARGETS[@]}")
exit $?
else
TARGETS=("${ENTERPRISE_TARGETS[@]}")
fi
echo "--- bazel build"
./dev/ci/bazel.sh build "${TARGETS[@]}"
echo "-- preparing rootfs"
cp -a ./cmd/server/rootfs/. "$OUTPUT"
for TARGET in "${TARGETS[@]}"; do
out=$(./dev/ci/bazel.sh cquery "$TARGET" --output=files)
cp "$out" "$BINDIR"
echo "copying $TARGET"
done
echo "--- prometheus"
IMAGE=sourcegraph/prometheus:server CACHE=true docker-images/prometheus/build-bazel.sh
echo "--- grafana"
IMAGE=sourcegraph/grafana:server CACHE=true docker-images/grafana/build-bazel.sh
echo "--- blobstore"
IMAGE=sourcegraph/blobstore:server CACHE=true docker-images/blobstore/build.sh
echo "--- postgres exporter"
IMAGE=sourcegraph/postgres_exporter:server CACHE=true docker-images/postgres_exporter/build.sh
echo "--- build scripts"
cp -a ./cmd/symbols/ctags-install-alpine.sh "$OUTPUT"
cp -a ./cmd/gitserver/p4-fusion-install-alpine.sh "$OUTPUT"
echo "--- docker build"
docker build -f cmd/server/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \
--platform linux/amd64 \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

6
cmd/server/main.go
View File

@ -1,6 +1,10 @@
package main
import "github.com/sourcegraph/sourcegraph/cmd/server/shared"
import (
"github.com/sourcegraph/sourcegraph/cmd/server/shared"
_ "github.com/sourcegraph/sourcegraph/ui/assets/oss" // Select oss assets
)
func main() {
shared.Main()

4
cmd/symbols/BUILD.bazel generated
View File

@ -15,4 +15,8 @@ go_binary(
name = "symbols",
embed = [":symbols_lib"],
visibility = ["//visibility:public"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
)

4
cmd/symbols/Dockerfile
View File

@ -1,5 +1,5 @@
# NOTE: This layer of the docker image is also used in local development as a wrapper around universal-ctags
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS ctags
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS ctags
# hadolint ignore=DL3002
USER root
@ -38,7 +38,7 @@ RUN \
-o /symbols \
$PKG
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS symbols
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS symbols
# TODO(security): This container should not run as root!
#

42
cmd/symbols/Dockerfile.bazel Normal file
View File

@ -0,0 +1,42 @@
# NOTE: This layer of the docker image is also used in local development as a wrapper around universal-ctags
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS ctags
# hadolint ignore=DL3002
USER root
COPY ctags-install-alpine.sh /ctags-install-alpine.sh
RUN /ctags-install-alpine.sh
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS symbols
# TODO(security): This container should not run as root!
#
# See https://github.com/sourcegraph/sourcegraph/issues/13237
# hadolint ignore=DL3002
USER root
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"
ARG VERSION="unknown"
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
LABEL org.opencontainers.image.created=${DATE}
LABEL org.opencontainers.image.version=${VERSION}
LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA}
# ctags is dynamically linked against jansson
# libstdc++ and libgcc are for tree-sitter
RUN apk add --no-cache bind-tools ca-certificates mailcap tini jansson libstdc++ libgcc
COPY --from=ctags /usr/local/bin/universal-ctags /usr/local/bin/universal-ctags
COPY symbols /usr/local/bin/symbols
# symbols is cgo, ensure we have the requisite dynamic libraries
RUN env SANITY_CHECK=true /usr/local/bin/symbols
# Use SYMBOLS_CACHE_DIR to set the cache dir at runtime for the symbols service. Setting CACHE_DIR
# will also apply to other services and is deprecated.
ENV CACHE_DIR=/mnt/cache/symbols
RUN mkdir -p ${CACHE_DIR}
EXPOSE 3184
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/symbols"]

43
cmd/symbols/build-bazel.sh Executable file
View File

@ -0,0 +1,43 @@
#!/usr/bin/env bash
# This script builds the symbols docker image.
cd "$(dirname "${BASH_SOURCE[0]}")/../.."
set -eu
OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX)
cleanup() {
rm -rf "$OUTPUT"
}
trap cleanup EXIT
echo "--- bazel build"
bazel build \
--bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
//cmd/symbols \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl
out=$(
bazel build \
--bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \ cquery //cmd/symbols \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl \
--output=files
)
cp "$out" "$OUTPUT"
cp cmd/symbols/ctags-install-alpine.sh "$OUTPUT"
docker build -f cmd/symbols/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

4
cmd/worker/BUILD.bazel generated
View File

@ -15,4 +15,8 @@ go_binary(
name = "worker",
embed = [":worker_lib"],
visibility = ["//visibility:public"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
)

2
cmd/worker/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

9
cmd/worker/build.sh
View File

@ -12,13 +12,8 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //cmd/worker \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
out=$(bazel cquery //cmd/worker --output=files)
./dev/ci/bazel.sh build //cmd/worker
out=$(./dev/ci/bazel.sh cquery //cmd/worker --output=files)
cp "$out" "$OUTPUT"
docker build -f cmd/worker/Dockerfile -t "$IMAGE" "$OUTPUT" \

5
deps.bzl
View File

@ -6177,6 +6177,11 @@ def go_dependencies():
name = "com_github_sourcegraph_zoekt",
build_file_proto_mode = "disable_global",
importpath = "github.com/sourcegraph/zoekt",
patches = ["//third_party/com_github_sourcegraph_zoekt:zoekt_archive_index.patch",
"//third_party/com_github_sourcegraph_zoekt:zoekt_git_index.patch",
"//third_party/com_github_sourcegraph_zoekt:zoekt_webserver.patch",
"//third_party/com_github_sourcegraph_zoekt:zoekt_indexserver.patch"],
patch_args = ["-p1"],
sum = "h1:moc3LRc+FZ6RmjMjpsuJy8siNO2gWJxzD1p5eYr4SE8=",
version = "v0.0.0-20230405161007-b247fb51dece",
)

2
dev/build-tracker/Dockerfile
View File

@ -10,7 +10,7 @@ WORKDIR /repo/dev/build-tracker
RUN go build -o /build-tracker .
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS build-tracker
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS build-tracker
RUN apk --no-cache add tzdata
COPY --from=build-tracker-build /build-tracker /usr/local/bin/build-tracker

18
dev/ci/bazel.sh Executable file
View File

@ -0,0 +1,18 @@
#!/bin/bash
if [[ "${CI:-false}" == "true" ]]; then
if [[ "$1" == "build" || "$1" == "test" || "$1" == "run" ]]; then
# shellcheck disable=SC2145
echo "--- :bazel: bazel $@"
fi
bazel \
--bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
"$@" \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64
else
bazel "$@"
fi

2
dev/sg/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

2
dev/src-expose/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

36
doc/dev/background-information/ci/reference.md
View File

@ -175,14 +175,14 @@ Base pipeline (more steps might be included based on branch changes):
- **Metadata**: Pipeline metadata
- **Pipeline setup**: Trigger async
- **Image builds**: Build alpine-3.14, Build cadvisor, Build codeinsights-db, Build codeintel-db, Build frontend, Build github-proxy, Build gitserver, Build grafana, Build indexed-searcher, Build jaeger-agent, Build jaeger-all-in-one, Build blobstore, Build blobstore2, Build node-exporter, Build postgres-12-alpine, Build postgres_exporter, Build precise-code-intel-worker, Build prometheus, Build prometheus-gcp, Build redis-cache, Build redis-store, Build redis_exporter, Build repo-updater, Build search-indexer, Build searcher, Build symbols, Build syntax-highlighter, Build worker, Build migrator, Build executor, Build executor-kubernetes, Build executor-vm, Build batcheshelper, Build opentelemetry-collector, Build embeddings, Build dind, Build bundled-executor, Build server, Build sg, Build llm-proxy, Build executor image, Build executor binary, Build docker registry mirror image
- **Image security scans**: Scan alpine-3.14, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan jaeger-agent, Scan jaeger-all-in-one, Scan blobstore2, Scan node-exporter, Scan postgres-12-alpine, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan symbols, Scan syntax-highlighter, Scan worker, Scan migrator, Scan executor, Scan executor-kubernetes, Scan executor-vm, Scan batcheshelper, Scan opentelemetry-collector, Scan embeddings, Scan dind, Scan bundled-executor, Scan sg, Scan llm-proxy
- **Image builds**: Build syntax-highlighter, Build Docker images, Build Docker images, Build Docker images, Build executor image, Build executor binary, Build docker registry mirror image
- **Image security scans**: Scan symbols, Scan executor, Scan alpine-3.14, Scan postgres-12-alpine, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan migrator, Scan node-exporter, Scan opentelemetry-collector, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan syntax-highlighter, Scan worker, Scan batcheshelper, Scan blobstore2, Scan bundled-executor, Scan dind, Scan embeddings, Scan executor-kubernetes, Scan executor-vm, Scan jaeger-agent, Scan jaeger-all-in-one, Scan llm-proxy, Scan sg
- **Bazel**: Ensure buildfiles are up to date, Tests, BackCompat Tests
- **Linters and static analysis**: Run sg lint
- **Client checks**: Upload Storybook to Chromatic, Enterprise build, Build (client/jetbrains), Tests for VS Code extension, Integration tests for the Cody VS Code extension, ESLint (all), ESLint (web), Stylelint (all)
- **Integration tests**: Backend integration tests (gRPC), Backend integration tests, Code Intel QA
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph QA, Sourcegraph Cluster (deploy-sourcegraph) QA, Sourcegraph Upgrade
- **Publish images**: alpine-3.14, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, jaeger-agent, jaeger-all-in-one, blobstore, blobstore2, node-exporter, postgres-12-alpine, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, symbols, syntax-highlighter, worker, migrator, executor, executor-kubernetes, executor-vm, batcheshelper, opentelemetry-collector, embeddings, dind, bundled-executor, server, sg, llm-proxy, Publish executor image, Publish executor binary, Publish docker registry mirror image
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph Upgrade
- **Publish images**: symbols, server, executor, alpine-3.14, postgres-12-alpine, blobstore, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, migrator, node-exporter, opentelemetry-collector, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, syntax-highlighter, worker, batcheshelper, blobstore2, bundled-executor, dind, embeddings, executor-kubernetes, executor-vm, jaeger-agent, jaeger-all-in-one, llm-proxy, sg, Publish executor image, Publish executor binary, Publish docker registry mirror image
### Release branch
@ -192,14 +192,14 @@ Base pipeline (more steps might be included based on branch changes):
- **Metadata**: Pipeline metadata
- **Pipeline setup**: Trigger async
- **Image builds**: Build alpine-3.14, Build cadvisor, Build codeinsights-db, Build codeintel-db, Build frontend, Build github-proxy, Build gitserver, Build grafana, Build indexed-searcher, Build jaeger-agent, Build jaeger-all-in-one, Build blobstore, Build blobstore2, Build node-exporter, Build postgres-12-alpine, Build postgres_exporter, Build precise-code-intel-worker, Build prometheus, Build prometheus-gcp, Build redis-cache, Build redis-store, Build redis_exporter, Build repo-updater, Build search-indexer, Build searcher, Build symbols, Build syntax-highlighter, Build worker, Build migrator, Build executor, Build executor-kubernetes, Build executor-vm, Build batcheshelper, Build opentelemetry-collector, Build embeddings, Build dind, Build bundled-executor, Build server, Build sg, Build llm-proxy, Build executor image, Build executor binary, Build docker registry mirror image
- **Image security scans**: Scan alpine-3.14, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan jaeger-agent, Scan jaeger-all-in-one, Scan blobstore2, Scan node-exporter, Scan postgres-12-alpine, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan symbols, Scan syntax-highlighter, Scan worker, Scan migrator, Scan executor, Scan executor-kubernetes, Scan executor-vm, Scan batcheshelper, Scan opentelemetry-collector, Scan embeddings, Scan dind, Scan bundled-executor, Scan sg, Scan llm-proxy
- **Image builds**: Build syntax-highlighter, Build Docker images, Build Docker images, Build Docker images, Build executor image, Build executor binary, Build docker registry mirror image
- **Image security scans**: Scan symbols, Scan executor, Scan alpine-3.14, Scan postgres-12-alpine, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan migrator, Scan node-exporter, Scan opentelemetry-collector, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan syntax-highlighter, Scan worker, Scan batcheshelper, Scan blobstore2, Scan bundled-executor, Scan dind, Scan embeddings, Scan executor-kubernetes, Scan executor-vm, Scan jaeger-agent, Scan jaeger-all-in-one, Scan llm-proxy, Scan sg
- **Bazel**: Ensure buildfiles are up to date, Tests, BackCompat Tests
- **Linters and static analysis**: Run sg lint
- **Client checks**: Upload Storybook to Chromatic, Enterprise build, Build (client/jetbrains), Tests for VS Code extension, Integration tests for the Cody VS Code extension, ESLint (all), ESLint (web), Stylelint (all)
- **Integration tests**: Backend integration tests (gRPC), Backend integration tests, Code Intel QA
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph QA, Sourcegraph Cluster (deploy-sourcegraph) QA, Sourcegraph Upgrade
- **Publish images**: alpine-3.14, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, jaeger-agent, jaeger-all-in-one, blobstore, blobstore2, node-exporter, postgres-12-alpine, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, symbols, syntax-highlighter, worker, migrator, executor, executor-kubernetes, executor-vm, batcheshelper, opentelemetry-collector, embeddings, dind, bundled-executor, server, sg, llm-proxy
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph Upgrade
- **Publish images**: symbols, server, executor, alpine-3.14, postgres-12-alpine, blobstore, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, migrator, node-exporter, opentelemetry-collector, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, syntax-highlighter, worker, batcheshelper, blobstore2, bundled-executor, dind, embeddings, executor-kubernetes, executor-vm, jaeger-agent, jaeger-all-in-one, llm-proxy, sg
### Browser extension release build
@ -250,14 +250,14 @@ Base pipeline (more steps might be included based on branch changes):
- **Metadata**: Pipeline metadata
- **Pipeline setup**: Trigger async
- **Image builds**: Build alpine-3.14, Build cadvisor, Build codeinsights-db, Build codeintel-db, Build frontend, Build github-proxy, Build gitserver, Build grafana, Build indexed-searcher, Build jaeger-agent, Build jaeger-all-in-one, Build blobstore, Build blobstore2, Build node-exporter, Build postgres-12-alpine, Build postgres_exporter, Build precise-code-intel-worker, Build prometheus, Build prometheus-gcp, Build redis-cache, Build redis-store, Build redis_exporter, Build repo-updater, Build search-indexer, Build searcher, Build symbols, Build syntax-highlighter, Build worker, Build migrator, Build executor, Build executor-kubernetes, Build executor-vm, Build batcheshelper, Build opentelemetry-collector, Build embeddings, Build dind, Build bundled-executor, Build server, Build sg, Build llm-proxy, Build executor image, Build executor binary
- **Image security scans**: Scan alpine-3.14, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan jaeger-agent, Scan jaeger-all-in-one, Scan blobstore2, Scan node-exporter, Scan postgres-12-alpine, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan symbols, Scan syntax-highlighter, Scan worker, Scan migrator, Scan executor, Scan executor-kubernetes, Scan executor-vm, Scan batcheshelper, Scan opentelemetry-collector, Scan embeddings, Scan dind, Scan bundled-executor, Scan sg, Scan llm-proxy
- **Image builds**: Build syntax-highlighter, Build Docker images, Build Docker images, Build Docker images, Build executor image, Build executor binary
- **Image security scans**: Scan symbols, Scan executor, Scan alpine-3.14, Scan postgres-12-alpine, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan migrator, Scan node-exporter, Scan opentelemetry-collector, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan syntax-highlighter, Scan worker, Scan batcheshelper, Scan blobstore2, Scan bundled-executor, Scan dind, Scan embeddings, Scan executor-kubernetes, Scan executor-vm, Scan jaeger-agent, Scan jaeger-all-in-one, Scan llm-proxy, Scan sg
- **Bazel**: Ensure buildfiles are up to date, Tests, BackCompat Tests
- **Linters and static analysis**: Run sg lint
- **Client checks**: Upload Storybook to Chromatic, Enterprise build, Build (client/jetbrains), Tests for VS Code extension, Integration tests for the Cody VS Code extension, ESLint (all), ESLint (web), Stylelint (all)
- **Integration tests**: Backend integration tests (gRPC), Backend integration tests, Code Intel QA
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph QA, Sourcegraph Cluster (deploy-sourcegraph) QA, Sourcegraph Upgrade
- **Publish images**: alpine-3.14, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, jaeger-agent, jaeger-all-in-one, blobstore, blobstore2, node-exporter, postgres-12-alpine, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, symbols, syntax-highlighter, worker, migrator, executor, executor-kubernetes, executor-vm, batcheshelper, opentelemetry-collector, embeddings, dind, bundled-executor, server, sg, llm-proxy, Publish executor image, Publish executor binary
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph Upgrade
- **Publish images**: symbols, server, executor, alpine-3.14, postgres-12-alpine, blobstore, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, migrator, node-exporter, opentelemetry-collector, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, syntax-highlighter, worker, batcheshelper, blobstore2, bundled-executor, dind, embeddings, executor-kubernetes, executor-vm, jaeger-agent, jaeger-all-in-one, llm-proxy, sg, Publish executor image, Publish executor binary
### Main dry run
@ -272,14 +272,14 @@ Base pipeline (more steps might be included based on branch changes):
- **Metadata**: Pipeline metadata
- **Pipeline setup**: Trigger async
- **Image builds**: Build alpine-3.14, Build cadvisor, Build codeinsights-db, Build codeintel-db, Build frontend, Build github-proxy, Build gitserver, Build grafana, Build indexed-searcher, Build jaeger-agent, Build jaeger-all-in-one, Build blobstore, Build blobstore2, Build node-exporter, Build postgres-12-alpine, Build postgres_exporter, Build precise-code-intel-worker, Build prometheus, Build prometheus-gcp, Build redis-cache, Build redis-store, Build redis_exporter, Build repo-updater, Build search-indexer, Build searcher, Build symbols, Build syntax-highlighter, Build worker, Build migrator, Build executor, Build executor-kubernetes, Build executor-vm, Build batcheshelper, Build opentelemetry-collector, Build embeddings, Build dind, Build bundled-executor, Build server, Build sg, Build llm-proxy, Build executor image, Build executor binary
- **Image security scans**: Scan alpine-3.14, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan jaeger-agent, Scan jaeger-all-in-one, Scan blobstore2, Scan node-exporter, Scan postgres-12-alpine, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan symbols, Scan syntax-highlighter, Scan worker, Scan migrator, Scan executor, Scan executor-kubernetes, Scan executor-vm, Scan batcheshelper, Scan opentelemetry-collector, Scan embeddings, Scan dind, Scan bundled-executor, Scan sg, Scan llm-proxy
- **Image builds**: Build syntax-highlighter, Build Docker images, Build Docker images, Build Docker images, Build executor image, Build executor binary
- **Image security scans**: Scan symbols, Scan executor, Scan alpine-3.14, Scan postgres-12-alpine, Scan cadvisor, Scan codeinsights-db, Scan codeintel-db, Scan frontend, Scan github-proxy, Scan gitserver, Scan grafana, Scan indexed-searcher, Scan migrator, Scan node-exporter, Scan opentelemetry-collector, Scan postgres_exporter, Scan precise-code-intel-worker, Scan prometheus, Scan prometheus-gcp, Scan redis-cache, Scan redis-store, Scan redis_exporter, Scan repo-updater, Scan search-indexer, Scan searcher, Scan syntax-highlighter, Scan worker, Scan batcheshelper, Scan blobstore2, Scan bundled-executor, Scan dind, Scan embeddings, Scan executor-kubernetes, Scan executor-vm, Scan jaeger-agent, Scan jaeger-all-in-one, Scan llm-proxy, Scan sg
- **Bazel**: Ensure buildfiles are up to date, Tests, BackCompat Tests
- **Linters and static analysis**: Run sg lint
- **Client checks**: Upload Storybook to Chromatic, Enterprise build, Build (client/jetbrains), Tests for VS Code extension, Integration tests for the Cody VS Code extension, ESLint (all), ESLint (web), Stylelint (all)
- **Integration tests**: Backend integration tests (gRPC), Backend integration tests, Code Intel QA
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph QA, Sourcegraph Cluster (deploy-sourcegraph) QA, Sourcegraph Upgrade
- **Publish images**: alpine-3.14, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, jaeger-agent, jaeger-all-in-one, blobstore, blobstore2, node-exporter, postgres-12-alpine, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, symbols, syntax-highlighter, worker, migrator, executor, executor-kubernetes, executor-vm, batcheshelper, opentelemetry-collector, embeddings, dind, bundled-executor, server, sg, llm-proxy
- **End-to-end tests**: Executors E2E, Sourcegraph E2E, Sourcegraph Upgrade
- **Publish images**: symbols, server, executor, alpine-3.14, postgres-12-alpine, blobstore, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, migrator, node-exporter, opentelemetry-collector, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, syntax-highlighter, worker, batcheshelper, blobstore2, bundled-executor, dind, embeddings, executor-kubernetes, executor-vm, jaeger-agent, jaeger-all-in-one, llm-proxy, sg
### Patch image
@ -311,8 +311,8 @@ sg ci build docker-images-candidates-notest
Base pipeline (more steps might be included based on branch changes):
- **Metadata**: Pipeline metadata
- **Image builds**: Build alpine-3.14, Build cadvisor, Build codeinsights-db, Build codeintel-db, Build frontend, Build github-proxy, Build gitserver, Build grafana, Build indexed-searcher, Build jaeger-agent, Build jaeger-all-in-one, Build blobstore, Build blobstore2, Build node-exporter, Build postgres-12-alpine, Build postgres_exporter, Build precise-code-intel-worker, Build prometheus, Build prometheus-gcp, Build redis-cache, Build redis-store, Build redis_exporter, Build repo-updater, Build search-indexer, Build searcher, Build symbols, Build syntax-highlighter, Build worker, Build migrator, Build executor, Build executor-kubernetes, Build executor-vm, Build batcheshelper, Build opentelemetry-collector, Build embeddings, Build dind, Build bundled-executor, Build server, Build sg, Build llm-proxy
- **Publish images**: alpine-3.14, cadvisor, codeinsights-db, codeintel-db, frontend, github-proxy, gitserver, grafana, indexed-searcher, jaeger-agent, jaeger-all-in-one, blobstore, blobstore2, node-exporter, postgres-12-alpine, postgres_exporter, precise-code-intel-worker, prometheus, prometheus-gcp, redis-cache, redis-store, redis_exporter, repo-updater, search-indexer, searcher, symbols, syntax-highlighter, worker, migrator, executor, executor-kubernetes, executor-vm, batcheshelper, opentelemetry-collector, embeddings, dind, bundled-executor, server, sg, llm-proxy
- **Image builds**: Build syntax-highlighter, Build Docker images, Build Docker images, Build Docker images
- **Publish images**: Publish images
### Build executor without testing

2
docker-images/blobstore/Dockerfile
View File

@ -13,7 +13,7 @@ RUN mvn package -DskipTests && \
cp src/main/resources/run-docker-container.sh /opt/s3proxy
# Build our final Alpine-based image
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

10
docker-images/blobstore/build.sh
View File

@ -2,14 +2,8 @@
cd "$(dirname "${BASH_SOURCE[0]}")"
set -ex
# Enable image build caching via CACHE=true
BUILD_CACHE="--no-cache"
if [[ "$CACHE" == "true" ]]; then
BUILD_CACHE=""
fi
# shellcheck disable=SC2086
docker build ${BUILD_CACHE} -t "${IMAGE:-"sourcegraph/blobstore"}" . \
docker build -t "${IMAGE:-"sourcegraph/blobstore"}" . \
--platform linux/amd64 \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \

2
docker-images/cadvisor/build.sh
View File

@ -2,7 +2,7 @@
cd "$(dirname "${BASH_SOURCE[0]}")"
set -ex
docker build --no-cache -t "${IMAGE:-"sourcegraph/cadvisor"}" . \
docker build -t "${IMAGE:-"sourcegraph/cadvisor"}" . \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \

2
docker-images/grafana/Dockerfile
View File

@ -1,7 +1,7 @@
# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana
# Build monitoring definitions
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS monitoring_builder
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder
RUN mkdir -p '/generated/grafana'
COPY ./.bin/monitoring-generator /bin/monitoring-generator
RUN GRAFANA_DIR='/generated/grafana' PROMETHEUS_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator

2
docker-images/grafana/Dockerfile.alpine
View File

@ -1,7 +1,7 @@
# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana
# Build monitoring definitions
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS monitoring_builder
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder
RUN mkdir -p '/generated/grafana'
COPY ./.bin/monitoring-generator /bin/monitoring-generator
RUN GRAFANA_DIR='/generated/grafana' PROMETHEUS_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator

45
docker-images/grafana/Dockerfile.bazel Normal file
View File

@ -0,0 +1,45 @@
# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana
FROM grafana/grafana:7.5.17@sha256:15abb652aa82eeb9f45589278b34ae6ef0e96f74c389cadde31831eb0b1ce228 as production
LABEL com.sourcegraph.grafana.version=7.5.17
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"
ARG VERSION="unknown"
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
LABEL org.opencontainers.image.created=${DATE}
LABEL org.opencontainers.image.version=${VERSION}
LABEL org.opencontainers.image.url=https://sourcegraph.com/
LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/
LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/
# hadolint ignore=DL3020
ADD config /sg_config_grafana
COPY grafana/home.json /usr/share/grafana/public/dashboards/home.json
COPY grafana/* /sg_config_grafana/provisioning/dashboards/sourcegraph/
# Overwrite default entrypoint with the local one
COPY entry-alpine.sh /entry.sh
# Create optional folders to avoid error logs about missing dirs
USER root
# Create optional folders to avoid error logs about missing dirs
RUN mkdir /sg_grafana_additional_dashboards
RUN mkdir /sg_config_grafana/provisioning/plugins && chown grafana:root /sg_config_grafana/provisioning/plugins
# @FIXME: Update redis image
# Pin busybox=1.32.1-r7 https://github.com/sourcegraph/sourcegraph/issues/27965
# RUN apk add --upgrade \
# 'apk-tools>=2.12' \
# 'krb5-libs>=1.18.4' \
# 'libssl1.1>=1.1.1s-r0' \
# 'openssl>=1.1.1s-r0' \
# 'busybox>=1.32.1' \
# 'ncurses-libs>=6.2_p20210109-r1' \
# 'ncurses-terminfo-base>=6.2_p20210109-r1' \
# 'libtirpc>=1.3.1-r1'
EXPOSE 3370
USER grafana
ENTRYPOINT ["/entry.sh"]

9
docker-images/grafana/build-alpine.sh
View File

@ -30,14 +30,7 @@ go build \
# Final pre-build stage.
pushd "$BUILDDIR"
# Enable image build caching via CACHE=true
BUILD_CACHE="--no-cache"
if [[ "$CACHE" == "true" ]]; then
BUILD_CACHE=""
fi
# shellcheck disable=SC2086
docker build ${BUILD_CACHE} -f Dockerfile.alpine -t "${IMAGE:-sourcegraph/grafana}" . \
docker build -f Dockerfile.alpine -t "${IMAGE:-sourcegraph/grafana}" . \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \

31
docker-images/grafana/build-bazel.sh Executable file
View File

@ -0,0 +1,31 @@
#!/usr/bin/env bash
set -ex
BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX)
TMP=$(mktemp -d -t sggraf_tmp_XXXXXXX)
cleanup() {
rm -rf "$BUILDDIR"
rm -rf "$TMP"
}
trap cleanup EXIT
./dev/ci/bazel.sh build //monitoring:generate_config
monitoring_cfg=$(./dev/ci/bazel.sh cquery //monitoring:generate_config --output=files)
cp "$monitoring_cfg" "$TMP"
pushd "$TMP"
unzip "monitoring.zip"
popd
cp -r docker-images/grafana/entry-alpine.sh "$BUILDDIR/"
cp -r docker-images/grafana/config "$BUILDDIR/"
cp -r "$TMP/monitoring/grafana" "$BUILDDIR/"
# # shellcheck disable=SC2086
docker build -f docker-images/grafana/Dockerfile.bazel -t "${IMAGE:-sourcegraph/grafana}" "$BUILDDIR" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

9
docker-images/grafana/build.sh
View File

@ -30,14 +30,7 @@ go build \
# Final pre-build stage.
pushd "$BUILDDIR"
# Enable image build caching via CACHE=true
BUILD_CACHE="--no-cache"
if [[ "$CACHE" == "true" ]]; then
BUILD_CACHE=""
fi
# shellcheck disable=SC2086
docker build ${BUILD_CACHE} -f Dockerfile -t "${IMAGE:-sourcegraph/grafana}" . \
docker build -f Dockerfile -t "${IMAGE:-sourcegraph/grafana}" . \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \

2
docker-images/jaeger-agent/Dockerfile
View File

@ -3,7 +3,7 @@
ARG JAEGER_VERSION
FROM jaegertracing/jaeger-agent:${JAEGER_VERSION} as base
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
USER root
RUN apk --no-cache add bash curl apk-tools>=2.10.8-r0

2
docker-images/jaeger-all-in-one/Dockerfile
View File

@ -5,7 +5,7 @@
ARG JAEGER_VERSION
FROM jaegertracing/all-in-one:${JAEGER_VERSION} as base
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
USER root
RUN apk update
RUN apk --no-cache add bash curl 'apk-tools>=2.10.8-r0' 'krb5-libs>=1.18.4-r0'

2
docker-images/opentelemetry-collector/Dockerfile
View File

@ -22,7 +22,7 @@ RUN go run go.opentelemetry.io/collector/cmd/builder@v${OTEL_COLLECTOR_VERSION}
--output-path=/cmd/otelcol-sourcegraph
# Package the final distribution image
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

2
docker-images/postgres_exporter/Dockerfile
View File

@ -1,5 +1,5 @@
FROM prometheuscommunity/postgres-exporter:v0.11.1@sha256:a7f8f66064b95c2b08dce9a0aaafe78c6639b7546d472fab649e9e7480be0454 as postgres_exporter
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
# hadolint ignore=DL3048
LABEL com.sourcegraph.postgres_exporter.version=v0.9.0

6
docker-images/prometheus-gcp/build.sh
View File

@ -6,4 +6,8 @@ cd "$(dirname "${BASH_SOURCE[0]}")"
export BASE_IMAGE="gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0"
export IMAGE="${IMAGE:-sourcegraph/prometheus-gcp}"
../prometheus/build.sh
if [[ "$DOCKER_BAZEL" == "true" ]]; then
../prometheus/build-bazel.sh
else
../prometheus/build.sh
fi

2
docker-images/prometheus/Dockerfile
View File

@ -11,7 +11,7 @@ FROM ${BASE_IMAGE} AS prom_upstream
FROM prom/alertmanager:v0.25.0@sha256:db8303fa05341f5dc6b19b36a97325cd1b8307254ed9042a2c554af71f3c0284 AS am_upstream
# Build monitoring definitions
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS monitoring_builder
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder
RUN mkdir -p '/generated/prometheus'
COPY ./.bin/monitoring-generator /bin/monitoring-generator
RUN PROMETHEUS_DIR='/generated/prometheus' GRAFANA_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator

86
docker-images/prometheus/Dockerfile.bazel Normal file
View File

@ -0,0 +1,86 @@
# sourcegraph/prometheus - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/prometheus
# Note: to be able to use an ARG with a FROM it has to be at the TOP of the Dockerfile
# This allows the base image to be substituted for a GCP image that ships metrics to managed Prometheus. Default base image is regular upstream Prometheus
# https://cloud.google.com/stackdriver/docs/managed-prometheus/setup-unmanaged#run-gmp
# To upgrade Prometheus or Alertmanager, see https://docs.sourcegraph.com/dev/background-information/observability/prometheus#upgrading-prometheus-or-alertmanager
ARG BASE_IMAGE="prom/prometheus:v2.42.0@sha256:5689a4360cf1479bbad944b1311a90b495546c498c46f48e44fa7e5ac6412191"
# https://github.com/hadolint/hadolint/issues/339
# hadolint ignore=DL3006
FROM ${BASE_IMAGE} AS prom_upstream
FROM prom/alertmanager:v0.25.0@sha256:db8303fa05341f5dc6b19b36a97325cd1b8307254ed9042a2c554af71f3c0284 AS am_upstream
# Build monitoring definitions
# FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS monitoring_builder
# RUN mkdir -p '/generated/prometheus'
# COPY ./.bin/monitoring-generator /bin/monitoring-generator
# RUN PROMETHEUS_DIR='/generated/prometheus' GRAFANA_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator
# RUN ls '/generated/prometheus'
# Prepare final image
# hadolint ignore=DL3007
FROM quay.io/prometheus/busybox-linux-amd64:latest
# Should reflect versions above
LABEL com.sourcegraph.prometheus.version=v2.38.0
LABEL com.sourcegraph.alertmanager.version=v0.24.0
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"
ARG VERSION="unknown"
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
LABEL org.opencontainers.image.created=${DATE}
LABEL org.opencontainers.image.version=${VERSION}
LABEL org.opencontainers.image.url=https://sourcegraph.com/
LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/
LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/
# Prometheus - extended from https://github.com/prometheus/prometheus/blob/VERSION/Dockerfile
# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading
COPY --from=prom_upstream /bin/prometheus /bin/prometheus
COPY --from=prom_upstream /bin/promtool /bin/promtool
COPY --from=prom_upstream /etc/prometheus/prometheus.yml /etc/prometheus/prometheus.yml
COPY --from=prom_upstream /usr/share/prometheus/console_libraries/ /usr/share/prometheus/console_libraries/
COPY --from=prom_upstream /usr/share/prometheus/consoles/ /usr/share/prometheus/consoles/
COPY --from=prom_upstream /LICENSE /LICENSE
COPY --from=prom_upstream /NOTICE /NOTICE
# hadolint ignore=DL3010
COPY --from=prom_upstream /npm_licenses.tar.bz2 /npm_licenses.tar.bz2
# Alertmanager - extended from https://github.com/prometheus/alertmanager/blob/VERSION/Dockerfile
# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading
COPY --from=am_upstream /bin/alertmanager /bin/alertmanager
RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/
# TODO(uwe): remove "USER root" line once https://github.com/prometheus/prometheus/issues/3441 is resolved
#
# This is needed currently because the upstream image has us running as "nobody"
# which cannot create the sourcegraph user below.
USER root
# Add the sourcegraph group, user, and create the home directory.
#
# We use a static GID/UID assignment to ensure files can be chown'd to this
# user on the host machine (where this user does not exist).
# See https://github.com/sourcegraph/sourcegraph/issues/1884
#
# Note: This mirrors what we do in e.g. our base alpine image: https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/alpine/Dockerfile#L10-L15
RUN addgroup -g 101 -S sourcegraph && adduser -u 100 -S -G sourcegraph -h /home/sourcegraph sourcegraph
RUN mkdir -p /prometheus && chown -R sourcegraph:sourcegraph /prometheus
RUN mkdir -p /alertmanager && chown -R sourcegraph:sourcegraph /alertmanager
USER sourcegraph
COPY ./prom-wrapper /bin/prom-wrapper
COPY ./prometheus.sh /prometheus.sh
COPY ./alertmanager.sh /alertmanager.sh
# Copy config
COPY sg_config_prometheus /sg_config_prometheus/
ENTRYPOINT ["/bin/prom-wrapper"]
# Note that upstream's 'VOLUME' directive was deliberately removed. Including it makes it impossible
# to chmod the directory to our 'sourcegraph' user.
WORKDIR /prometheus
# Prometheus is reverse-proxied from 9092 to 9090
EXPOSE 9090

39
docker-images/prometheus/build-bazel.sh Executable file
View File

@ -0,0 +1,39 @@
#!/usr/bin/env bash
set -ex
cd "$(dirname "${BASH_SOURCE[0]}")/../.."
# We build out of tree to prevent triggering dev watch scripts when we copy go
# files.
BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX)
TMP=$(mktemp -d -t sgprom_tmp_XXXXXXX)
cleanup() {
rm -rf "$BUILDDIR"
rm -rf "$TMP"
}
trap cleanup EXIT
./dev/ci/bazel.sh build //docker-images/prometheus/cmd/prom-wrapper //monitoring:generate_config
out=$(./dev/ci/bazel.sh cquery //docker-images/prometheus/cmd/prom-wrapper --output=files)
cp "$out" "$BUILDDIR"
monitoring_cfg=$(./dev/ci/bazel.sh cquery //monitoring:generate_config --output=files)
cp "$monitoring_cfg" "$TMP/"
pushd "$TMP"
unzip "monitoring.zip"
popd
cp -r docker-images/prometheus/config "$BUILDDIR/sg_config_prometheus"
cp docker-images/prometheus/*.sh "$BUILDDIR/"
cp -r "$TMP/monitoring/prometheus"/* "$BUILDDIR/sg_config_prometheus"
mkdir "$BUILDDIR/sg_prometheus_add_ons"
cp dev/prometheus/linux/prometheus_targets.yml "$BUILDDIR/sg_prometheus_add_ons"
docker build -f docker-images/prometheus/Dockerfile.bazel -t "${IMAGE:-sourcegraph/prometheus}" "$BUILDDIR" \
--platform linux/amd64 \
--progress=plain \
--build-arg BASE_IMAGE \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

9
docker-images/prometheus/build.sh
View File

@ -44,14 +44,7 @@ pushd "$BUILDDIR"
# https://github.com/sourcegraph/sourcegraph/pull/11832#discussion_r451109637
chmod -R 777 config
# Enable image build caching via CACHE=true
BUILD_CACHE="--no-cache"
if [[ "$CACHE" == "true" ]]; then
BUILD_CACHE=""
fi
# shellcheck disable=SC2086
docker build ${BUILD_CACHE} -t "${IMAGE:-sourcegraph/prometheus}" . \
docker build -t "${IMAGE:-sourcegraph/prometheus}" . \
--progress=plain \
--build-arg BASE_IMAGE \
--build-arg COMMIT_SHA \

5
docker-images/prometheus/cmd/prom-wrapper/BUILD.bazel generated
View File

@ -41,6 +41,11 @@ go_library(
go_binary(
name = "prom-wrapper",
embed = [":prom-wrapper_lib"],
gotags = [
"netgo",
"dist",
],
static = "on",
visibility = ["//visibility:public"],
)

18
docker-images/sg/build.sh
View File

@ -10,6 +10,23 @@ cleanup() {
}
trap cleanup EXIT
if [[ "$DOCKER_BAZEL" == "true" ]]; then
./dev/ci/bazel.sh build //dev/sg
out=$(./dev/ci/bazel.sh cquery //dev/sg --output=files)
cp "$out" "$OUTPUT"
echo "--- docker build $IMAGE"
docker build -f dev/sg/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64
@ -20,7 +37,6 @@ echo "--- go build"
pkg="github.com/sourcegraph/sourcegraph/dev/sg"
go build -trimpath -ldflags "-X main.BuildCommit=$BUILD_COMMIT" -o "$OUTPUT/sg" -buildmode exe "$pkg"
echo "--- docker build $IMAGE"
docker build -f dev/sg/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \

2
docker-images/syntax-highlighter/Dockerfile
View File

@ -43,7 +43,7 @@ RUN go build -o /http-server-stabilizer .
#######################
# Compile final image #
#######################
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
COPY --from=ss syntax_highlighter /
COPY --from=hss http-server-stabilizer /

45
docker-images/syntax-highlighter/Dockerfile.bazel.unused Normal file
View File

@ -0,0 +1,45 @@
################################
# Build http-server-stabilizer #
################################
FROM golang:1.19-alpine@sha256:70df3b8f9f099da7f60f0b32480015165e3d0b51bfacf9e255b59f3dd6bd2828 as hss
RUN apk add --no-cache git>=2.26.3
RUN git clone --branch v1.1.0 --single-branch https://github.com/sourcegraph/http-server-stabilizer /repo
WORKDIR /repo
RUN go build -o /http-server-stabilizer .
#######################
# Compile final image #
#######################
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
COPY syntect_server /syntax_highlighter
COPY --from=hss http-server-stabilizer /
# even with everything, we can't get this to statically link
RUN apk add --no-cache libstdc++
EXPOSE 9238
ENV ROCKET_ENV "production"
ENV ROCKET_LIMITS "{json=10485760}"
# syntect_server does not need a secret key since it uses no cookies, but
# without one set Rocket emits a warning.
ENV ROCKET_SECRET_KEY "SeerutKeyIsI7releuantAndknvsuZPluaseIgnorYA="
# When keep-alive is on, we observe connection resets in our Go clients of
# syntect_server. It is unclear why this is, especially because our Go clients do
# not reuse the connection (i.e. we make a fresh connection every time).
# Disabling keep-alive does resolve the issue though, our best guess is that
# this is a bug in Hyper 0.10 (see https://github.com/SergioBenitez/Rocket/issues/928#issuecomment-464632953).
# See https://github.com/sourcegraph/sourcegraph/issues/2615 for details on
# what we observed when this was enabled with the default 5s.
ENV ROCKET_KEEP_ALIVE=0
# The more workers, the more resilient syntect_server is to getting stuck on
# bad grammar/file combinations. If it happens with four workers, only 1/4th of
# requests will be affected for a short period of time. Each worker can require
# at peak around 1.1 GiB of memory.
ENV WORKERS=4
ENV QUIET=true
CMD ["sh", "-c", "/http-server-stabilizer -listen=:9238 -prometheus-app-name=syntax_highlighter -workers=$WORKERS -- env ROCKET_PORT={{.Port}} /syntax_highlighter"]

22
docker-images/syntax-highlighter/build-bazel.sh.unused Executable file
View File

@ -0,0 +1,22 @@
#!/usr/bin/env bash
set -ex
cd "$(dirname "${BASH_SOURCE[0]}")/../.."
BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX)
cleanup() {
rm -rf "$BUILDDIR"
}
trap cleanup EXIT
./dev/ci/bazel.sh build //docker-images/syntax-highlighter:syntect_server
out=$(./dev/ci/bazel.sh cquery //docker-images/syntax-highlighter:syntect_server --output=files)
cp "$out" "$BUILDDIR"
# # shellcheck disable=SC2086
docker build -f docker-images/syntax-highlighter/Dockerfile.bazel -t "${IMAGE:-sourcegraph/syntax-highlighter}" "$BUILDDIR" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

2
enterprise/cmd/batcheshelper/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

13
enterprise/cmd/batcheshelper/build.sh
View File

@ -15,6 +15,19 @@ export GOARCH=amd64
export GOOS=linux
export CGO_ENABLED=0
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/batcheshelper
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/batcheshelper --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/batcheshelper/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/batcheshelper"
go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg"

2
enterprise/cmd/bundled-executor/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

21
enterprise/cmd/bundled-executor/build.sh
View File

@ -18,6 +18,27 @@ export GOARCH=amd64
export GOOS=linux
export CGO_ENABLED=0
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
TARGETS=(
//enterprise/cmd/batcheshelper
//enterprise/cmd/executor
)
./dev/ci/bazel.sh build "${TARGETS[@]}"
for TARGET in "${TARGETS[@]}"; do
out=$(./dev/ci/bazel.sh cquery "$TARGET" --output=files)
cp "$out" "$OUTPUT"
echo "copying $TARGET"
done
docker build -f enterprise/cmd/batcheshelper/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
pushd ./enterprise/cmd/executor 1>/dev/null
pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor"
go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist,shell -o "$OUTPUT/$(basename $pkg)" "$pkg"

2
enterprise/cmd/embeddings/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

15
enterprise/cmd/embeddings/build.sh
View File

@ -10,6 +10,20 @@ cleanup() {
}
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/embeddings
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/embeddings --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/embeddings/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64
@ -24,3 +38,4 @@ docker build -f enterprise/cmd/embeddings/Dockerfile -t "$IMAGE" "$OUTPUT" \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

2
enterprise/cmd/executor-kubernetes/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:201280_2023-02-23_4.5-1071f8b97a60@sha256:c4970b21169db155c1b497740e622adb23007ac11a87ec571d9ecef8aba0adc5
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

14
enterprise/cmd/executor-kubernetes/build.sh
View File

@ -10,6 +10,20 @@ cleanup() {
}
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/executor
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/executor-kubernetes/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64

2
enterprise/cmd/executor/docker-image/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

18
enterprise/cmd/executor/docker-image/build.sh
View File

@ -10,6 +10,24 @@ cleanup() {
}
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/executor //internal/cmd/src-cli-version
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files)
cp "$out" "$OUTPUT"
src_cli=$(./dev/ci/bazel.sh cquery //internal/cmd/src-cli-version --output=files)
SRC_CLI_VERSION=$(eval "$src_cli")
docker build -f enterprise/cmd/executor/docker-image/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
SRC_CLI_VERSION="$(go run ./internal/cmd/src-cli-version/main.go)"
# Environment for building linux binaries

6
enterprise/cmd/frontend/BUILD.bazel generated
View File

@ -5,9 +5,15 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/frontend",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/frontend/shared",
"//enterprise/cmd/sourcegraph/enterprisecmd",
"//ui/assets",
"//ui/assets/enterprise",
],
)

2
enterprise/cmd/frontend/Dockerfile
View File

@ -3,7 +3,7 @@
# file, please don't be scared to make it more pleasant / remove hadolint
# ignores.
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

9
enterprise/cmd/frontend/build.sh
View File

@ -12,13 +12,8 @@ cleanup() {
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
bazel build //enterprise/cmd/frontend \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms=@io_bazel_rules_go//go/toolchain:linux_amd64 \
--//:assets_bundle_type=enterprise
out=$(bazel cquery //enterprise/cmd/frontend --output=files)
./dev/ci/bazel.sh build //enterprise/cmd/frontend
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/frontend --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \

8
enterprise/cmd/frontend/main.go
View File

@ -2,10 +2,18 @@
package main
import (
"os"
"github.com/sourcegraph/sourcegraph/enterprise/cmd/frontend/shared"
"github.com/sourcegraph/sourcegraph/enterprise/cmd/sourcegraph/enterprisecmd"
"github.com/sourcegraph/sourcegraph/ui/assets"
_ "github.com/sourcegraph/sourcegraph/ui/assets/enterprise" // Select enterprise assets
)
func main() {
if os.Getenv("WEBPACK_DEV_SERVER") == "1" {
assets.UseDevAssetsProvider()
}
enterprisecmd.DeprecatedSingleServiceMainEnterprise(shared.Service)
}

4
enterprise/cmd/frontend/pre-build.sh
View File

@ -3,6 +3,10 @@
set -exuo pipefail
cd "$(dirname "${BASH_SOURCE[0]}")"/../../..
if [[ "$DOCKER_BAZEL" == "true" ]]; then
exit 0
fi
parallel_run() {
./dev/ci/parallel_run.sh "$@"
}

4
enterprise/cmd/gitserver/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/gitserver",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/gitserver/shared",
"//enterprise/cmd/sourcegraph/enterprisecmd",

8
enterprise/cmd/gitserver/Dockerfile
View File

@ -4,7 +4,7 @@
# ignores.
# Install p4 CLI (keep this up to date with cmd/server/Dockerfile)
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4cli
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
@ -13,19 +13,19 @@ RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr
chmod +x /usr/local/bin/p4 && \
sha256sum -c expected_hash
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS p4-fusion
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion
COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh
RUN /p4-fusion-install-alpine.sh
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 AS coursier
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

13
enterprise/cmd/gitserver/build.sh
View File

@ -14,6 +14,19 @@ trap cleanup EXIT
cp -a ./enterprise/cmd/gitserver/p4-fusion-install-alpine.sh "$OUTPUT"
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/gitserver
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/gitserver --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/gitserver/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64

4
enterprise/cmd/migrator/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/migrator",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//cmd/migrator/shared",
"//enterprise/internal/oobmigration/migrations",

4
enterprise/cmd/precise-code-intel-worker/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/precise-code-intel-worker",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/precise-code-intel-worker/shared",
"//enterprise/cmd/sourcegraph/enterprisecmd",

2
enterprise/cmd/precise-code-intel-worker/Dockerfile
View File

@ -1,4 +1,4 @@
FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2
FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"

13
enterprise/cmd/precise-code-intel-worker/build.sh
View File

@ -11,6 +11,19 @@ cleanup() {
}
trap cleanup EXIT
if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then
./dev/ci/bazel.sh build //enterprise/cmd/precise-code-intel-worker
out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/precise-code-intel-worker --output=files)
cp "$out" "$OUTPUT"
docker build -f enterprise/cmd/precise-code-intel-worker/Dockerfile -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION
exit $?
fi
# Environment for building linux binaries
export GO111MODULE=on
export GOARCH=amd64

4
enterprise/cmd/repo-updater/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/repo-updater",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/repo-updater/shared",
"//enterprise/cmd/sourcegraph/enterprisecmd",

5
enterprise/cmd/server/BUILD.bazel generated
View File

@ -5,7 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/server",
visibility = ["//visibility:private"],
deps = ["//cmd/server/shared"],
deps = [
"//cmd/server/shared",
"//ui/assets/enterprise",
],
)
go_binary(

7
enterprise/cmd/server/build-bazel.sh Executable file
View File

@ -0,0 +1,7 @@
#!/usr/bin/env bash
# We want to build multiple go binaries, so we use a custom build step on CI.
set -ex
cd "$(dirname "${BASH_SOURCE[0]}")"/../../..
ENTERPRISE=true ./cmd/server/build-bazel.sh

2
enterprise/cmd/server/main.go
View File

@ -6,6 +6,8 @@ import (
"strconv"
"github.com/sourcegraph/sourcegraph/cmd/server/shared"
_ "github.com/sourcegraph/sourcegraph/ui/assets/enterprise" // Select enterprise assets
)
func main() {

2
enterprise/cmd/sourcegraph/BUILD.bazel generated
View File

@ -20,6 +20,8 @@ go_library(
"//enterprise/cmd/worker/shared",
"//internal/service",
"//internal/service/servegit",
"//ui/assets",
"//ui/assets/enterprise",
],
)

6
enterprise/cmd/sourcegraph/main.go
View File

@ -18,6 +18,9 @@ import (
repoupdater_shared "github.com/sourcegraph/sourcegraph/enterprise/cmd/repo-updater/shared"
symbols_shared "github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols/shared"
worker_shared "github.com/sourcegraph/sourcegraph/enterprise/cmd/worker/shared"
"github.com/sourcegraph/sourcegraph/ui/assets"
_ "github.com/sourcegraph/sourcegraph/ui/assets/enterprise" // Select enterprise assets
)
// services is a list of services to run in the enterprise build.
@ -37,5 +40,8 @@ var services = []service.Service{
}
func main() {
if os.Getenv("WEBPACK_DEV_SERVER") == "1" {
assets.UseDevAssetsProvider()
}
enterprisecmd.MainEnterprise(services, os.Args)
}

4
enterprise/cmd/symbols/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/sourcegraph/enterprisecmd",
"//enterprise/cmd/symbols/shared",

45
enterprise/cmd/symbols/build-bazel.sh Executable file
View File

@ -0,0 +1,45 @@
#!/usr/bin/env bash
# This script builds the symbols docker image.
cd "$(dirname "${BASH_SOURCE[0]}")/../../.."
set -eux
OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX)
cleanup() {
rm -rf "$OUTPUT"
}
trap cleanup EXIT
echo "--- bazel build"
bazel \
--bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
build \
//enterprise/cmd/symbols \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl
out=$(
bazel --bazelrc=.bazelrc \
--bazelrc=.aspect/bazelrc/ci.bazelrc \
--bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc \
cquery \
//enterprise/cmd/symbols \
--stamp \
--workspace_status_command=./dev/bazel_stamp_vars.sh \
--platforms @zig_sdk//platform:linux_amd64 \
--extra_toolchains @zig_sdk//toolchain:linux_amd64_musl \
--output=files
)
cp "$out" "$OUTPUT"
cp cmd/symbols/ctags-install-alpine.sh "$OUTPUT"
docker build -f cmd/symbols/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \
--progress=plain \
--build-arg COMMIT_SHA \
--build-arg DATE \
--build-arg VERSION

4
enterprise/cmd/worker/BUILD.bazel generated
View File

@ -5,6 +5,10 @@ go_library(
srcs = ["main.go"],
importpath = "github.com/sourcegraph/sourcegraph/enterprise/cmd/worker",
visibility = ["//visibility:private"],
x_defs = {
"github.com/sourcegraph/sourcegraph/internal/version.version": "{STABLE_VERSION}",
"github.com/sourcegraph/sourcegraph/internal/version.timestamp": "{VERSION_TIMESTAMP}",
},
deps = [
"//enterprise/cmd/sourcegraph/enterprisecmd",
"//enterprise/cmd/worker/shared",

Some files were not shown because too many files have changed in this diff Show More