From e0746e18e59025a92fbf9eb806201c17ee4f09b7 Mon Sep 17 00:00:00 2001 From: Jean-Hadrien Chabran Date: Wed, 21 Jun 2023 18:58:39 +0200 Subject: [PATCH] dev: drop outdated build scripts + minor updates (#53841) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR drops all now outdated `build.sh`, `Dockerfile*` from artifacts entirely built from Bazel. It also updates `sg.config.yaml` to replace `install` steps that were using them. ## Test plan - Ran locally all new sg targets - CI - 🟢 Main-dry-run https://buildkite.com/sourcegraph/sourcegraph/builds/229439 --- cmd/blobstore/BUILD.bazel | 64 -------- cmd/blobstore/Dockerfile | 21 --- cmd/blobstore/build.sh | 43 ------ cmd/frontend/Dockerfile | 21 --- cmd/frontend/Dockerfile.wolfi | 22 --- cmd/frontend/build-wolfi.sh | 40 ----- cmd/frontend/build.sh | 40 ----- cmd/frontend/pre-build.sh | 19 --- cmd/github-proxy/Dockerfile | 20 --- cmd/github-proxy/Dockerfile.wolfi | 21 --- cmd/github-proxy/build-wolfi.sh | 43 ------ cmd/github-proxy/build.sh | 43 ------ cmd/gitserver/Dockerfile | 70 --------- cmd/gitserver/Dockerfile.wolfi | 20 --- cmd/gitserver/build-wolfi.sh | 41 ----- cmd/gitserver/build.sh | 59 -------- cmd/gitserver/p4-fusion-install-alpine.sh | 116 --------------- cmd/loadtest/Dockerfile | 18 --- cmd/loadtest/Dockerfile.wolfi | 18 --- cmd/loadtest/build-wolfi.sh | 39 ----- cmd/loadtest/build.sh | 39 ----- cmd/migrator/Dockerfile | 18 --- cmd/migrator/Dockerfile.wolfi | 21 --- cmd/migrator/build-wolfi.sh | 110 -------------- cmd/migrator/build.sh | 111 -------------- cmd/repo-updater/Dockerfile | 45 ------ cmd/repo-updater/Dockerfile.wolfi | 19 --- cmd/repo-updater/build-wolfi.sh | 42 ------ cmd/repo-updater/build.sh | 42 ------ cmd/searcher/Dockerfile | 30 ---- cmd/searcher/Dockerfile.wolfi | 21 --- cmd/searcher/build-wolfi.sh | 39 ----- cmd/searcher/build.sh | 39 ----- cmd/server/Dockerfile | 138 ----------------- cmd/server/Dockerfile.bazel | 140 ------------------ cmd/server/Dockerfile.wolfi | 67 --------- cmd/server/build-bazel.sh | 135 ----------------- cmd/server/build-wolfi.sh | 105 ------------- cmd/server/build.sh | 109 -------------- cmd/server/go-build-wolfi.sh | 20 --- cmd/server/go-build.sh | 20 --- cmd/server/pre-build.sh | 7 - cmd/symbols/Dockerfile | 91 ------------ cmd/symbols/Dockerfile.bazel | 45 ------ cmd/symbols/Dockerfile.wolfi | 67 --------- cmd/symbols/build-bazel.sh | 70 --------- cmd/symbols/build-wolfi.sh | 14 -- cmd/symbols/build.sh | 14 -- cmd/symbols/ctags-install-alpine.sh | 43 ------ cmd/symbols/go-build-wolfi.sh | 28 ---- cmd/symbols/go-build.sh | 26 ---- cmd/worker/Dockerfile | 18 --- cmd/worker/Dockerfile.wolfi | 21 --- cmd/worker/build-wolfi.sh | 42 ------ cmd/worker/build.sh | 42 ------ doc/dev/setup/troubleshooting.md | 15 -- docker-images/blobstore/Dockerfile | 67 --------- docker-images/blobstore/Dockerfile.wolfi | 44 ------ docker-images/blobstore/build-wolfi.sh | 10 -- docker-images/blobstore/build.sh | 10 -- docker-images/cadvisor/Dockerfile | 37 ----- docker-images/cadvisor/Dockerfile.wolfi | 33 ----- docker-images/cadvisor/build-wolfi.sh | 9 -- docker-images/cadvisor/build.sh | 9 -- docker-images/grafana/BUILD.bazel | 3 +- docker-images/grafana/Dockerfile | 48 ------ docker-images/grafana/Dockerfile.alpine | 57 ------- docker-images/grafana/Dockerfile.bazel | 45 ------ docker-images/grafana/build-alpine.sh | 40 ----- docker-images/grafana/build-bazel.sh | 31 ---- docker-images/grafana/build.sh | 40 ----- docker-images/grafana/entry-alpine.sh | 7 - docker-images/grafana/entry-bazel.sh | 16 -- docker-images/grafana/entry.sh | 11 +- .../indexed-searcher/Dockerfile.wolfi | 32 ---- docker-images/indexed-searcher/build-wolfi.sh | 13 -- docker-images/indexed-searcher/build.sh | 16 -- docker-images/jaeger-agent/Dockerfile | 30 ---- docker-images/jaeger-agent/Dockerfile.wolfi | 14 -- docker-images/jaeger-agent/build-wolfi.sh | 13 -- docker-images/jaeger-agent/build.sh | 17 --- docker-images/jaeger-all-in-one/Dockerfile | 69 --------- .../jaeger-all-in-one/Dockerfile.wolfi | 46 ------ .../jaeger-all-in-one/build-wolfi.sh | 13 -- docker-images/jaeger-all-in-one/build.sh | 17 --- docker-images/node-exporter/Dockerfile.wolfi | 16 -- docker-images/node-exporter/build-wolfi.sh | 9 -- docker-images/node-exporter/build.sh | 10 -- .../opentelemetry-collector/Dockerfile | 48 ------ .../opentelemetry-collector/Dockerfile.wolfi | 17 --- .../opentelemetry-collector/build-wolfi.sh | 10 -- .../opentelemetry-collector/build.sh | 14 -- docker-images/postgres_exporter/Dockerfile | 29 ---- .../postgres_exporter/Dockerfile.wolfi | 21 --- .../postgres_exporter/build-wolfi.sh | 61 -------- docker-images/postgres_exporter/build.sh | 61 -------- .../build-bazel.sh | 0 docker-images/prometheus-gcp/build-wolfi.sh | 9 -- docker-images/prometheus-gcp/build.sh | 6 +- docker-images/prometheus/Dockerfile | 89 ----------- docker-images/prometheus/Dockerfile.wolfi | 78 ---------- docker-images/prometheus/build-wolfi.sh | 55 ------- docker-images/prometheus/build.sh | 55 ------- docker-images/redis-cache/Dockerfile | 15 -- docker-images/redis-cache/Dockerfile.wolfi | 6 - docker-images/redis-cache/build-wolfi.sh | 6 - docker-images/redis-cache/build.sh | 6 - docker-images/redis-store/Dockerfile | 15 -- docker-images/redis-store/Dockerfile.wolfi | 6 - docker-images/redis-store/build-wolfi.sh | 6 - docker-images/redis-store/build.sh | 6 - docker-images/redis_exporter/Dockerfile.wolfi | 7 - docker-images/redis_exporter/build-wolfi.sh | 6 - docker-images/redis_exporter/build.sh | 9 -- docker-images/search-indexer/Dockerfile.wolfi | 33 ----- docker-images/search-indexer/build-wolfi.sh | 13 -- docker-images/search-indexer/build.sh | 16 -- docker-images/sg/Dockerfile.wolfi | 16 -- docker-images/sg/build-wolfi.sh | 47 ------ docker-images/sg/build.sh | 45 ------ docker-images/syntax-highlighter/Dockerfile | 77 ---------- .../Dockerfile.bazel.unused | 45 ------ .../syntax-highlighter/Dockerfile.wolfi | 36 ----- .../syntax-highlighter/build-bazel.sh.unused | 22 --- .../syntax-highlighter/build-wolfi.sh | 6 - docker-images/syntax-highlighter/build.sh | 6 - enterprise/cmd/batcheshelper/Dockerfile | 23 --- enterprise/cmd/batcheshelper/Dockerfile.wolfi | 17 --- enterprise/cmd/batcheshelper/build-wolfi.sh | 39 ----- enterprise/cmd/batcheshelper/build.sh | 39 ----- enterprise/cmd/bundled-executor/Dockerfile | 54 ------- .../cmd/bundled-executor/Dockerfile.wolfi | 34 ----- .../cmd/bundled-executor/build-wolfi.sh | 61 -------- enterprise/cmd/bundled-executor/build.sh | 61 -------- enterprise/cmd/cody-gateway/Dockerfile | 17 --- enterprise/cmd/cody-gateway/Dockerfile.wolfi | 18 --- enterprise/cmd/cody-gateway/build-wolfi.sh | 26 ---- enterprise/cmd/cody-gateway/build.sh | 26 ---- enterprise/cmd/embeddings/Dockerfile | 19 --- enterprise/cmd/embeddings/Dockerfile.wolfi | 18 --- enterprise/cmd/embeddings/build-wolfi.sh | 40 ----- enterprise/cmd/embeddings/build.sh | 40 ----- enterprise/cmd/executor-kubernetes/Dockerfile | 27 ---- .../cmd/executor-kubernetes/Dockerfile.wolfi | 15 -- .../cmd/executor-kubernetes/build-wolfi.sh | 42 ------ enterprise/cmd/executor-kubernetes/build.sh | 42 ------ enterprise/cmd/executor/build-wolfi.sh | 10 -- enterprise/cmd/executor/build.sh | 10 -- .../cmd/executor/docker-image/Dockerfile | 40 ----- .../executor/docker-image/Dockerfile.wolfi | 28 ---- .../cmd/executor/docker-image/build-wolfi.sh | 49 ------ enterprise/cmd/executor/docker-image/build.sh | 49 ------ enterprise/cmd/frontend/Dockerfile | 22 --- enterprise/cmd/frontend/Dockerfile.wolfi | 22 --- enterprise/cmd/frontend/build-wolfi.sh | 42 ------ enterprise/cmd/frontend/build.sh | 42 ------ enterprise/cmd/frontend/pre-build.sh | 39 ----- enterprise/cmd/gitserver/Dockerfile | 71 --------- enterprise/cmd/gitserver/Dockerfile.wolfi | 22 --- enterprise/cmd/gitserver/build-wolfi.sh | 41 ----- enterprise/cmd/gitserver/build.sh | 59 -------- .../cmd/gitserver/p4-fusion-install-alpine.sh | 116 --------------- enterprise/cmd/migrator/build-wolfi.sh | 6 - enterprise/cmd/migrator/build.sh | 6 - .../cmd/precise-code-intel-worker/Dockerfile | 18 --- .../Dockerfile.wolfi | 21 --- .../precise-code-intel-worker/build-wolfi.sh | 42 ------ .../cmd/precise-code-intel-worker/build.sh | 42 ------ enterprise/cmd/repo-updater/build-wolfi.sh | 6 - enterprise/cmd/repo-updater/build.sh | 11 -- enterprise/cmd/server/build-bazel.sh | 7 - enterprise/cmd/server/build-wolfi.sh | 17 --- enterprise/cmd/server/build.sh | 17 --- enterprise/cmd/server/pre-build.sh | 87 ----------- enterprise/cmd/symbols/build-bazel.sh | 70 --------- enterprise/cmd/symbols/build-wolfi.sh | 10 -- enterprise/cmd/symbols/build.sh | 10 -- enterprise/cmd/symbols/go-build-wolfi.sh | 8 - enterprise/cmd/symbols/go-build.sh | 8 - enterprise/cmd/worker/Dockerfile | 18 --- enterprise/cmd/worker/Dockerfile.wolfi | 21 --- enterprise/cmd/worker/build-wolfi.sh | 43 ------ enterprise/cmd/worker/build.sh | 43 ------ .../dev/ci/internal/ci/bazel_operations.go | 12 -- enterprise/dev/ci/internal/ci/operations.go | 7 - sg.config.yaml | 53 +++++-- 186 files changed, 54 insertions(+), 6315 deletions(-) delete mode 100644 cmd/blobstore/Dockerfile delete mode 100755 cmd/blobstore/build.sh delete mode 100644 cmd/frontend/Dockerfile delete mode 100644 cmd/frontend/Dockerfile.wolfi delete mode 100755 cmd/frontend/build-wolfi.sh delete mode 100755 cmd/frontend/build.sh delete mode 100755 cmd/frontend/pre-build.sh delete mode 100644 cmd/github-proxy/Dockerfile delete mode 100644 cmd/github-proxy/Dockerfile.wolfi delete mode 100755 cmd/github-proxy/build-wolfi.sh delete mode 100755 cmd/github-proxy/build.sh delete mode 100644 cmd/gitserver/Dockerfile delete mode 100644 cmd/gitserver/Dockerfile.wolfi delete mode 100755 cmd/gitserver/build-wolfi.sh delete mode 100755 cmd/gitserver/build.sh delete mode 100755 cmd/gitserver/p4-fusion-install-alpine.sh delete mode 100644 cmd/loadtest/Dockerfile delete mode 100644 cmd/loadtest/Dockerfile.wolfi delete mode 100755 cmd/loadtest/build-wolfi.sh delete mode 100755 cmd/loadtest/build.sh delete mode 100644 cmd/migrator/Dockerfile delete mode 100644 cmd/migrator/Dockerfile.wolfi delete mode 100755 cmd/migrator/build-wolfi.sh delete mode 100755 cmd/migrator/build.sh delete mode 100644 cmd/repo-updater/Dockerfile delete mode 100644 cmd/repo-updater/Dockerfile.wolfi delete mode 100755 cmd/repo-updater/build-wolfi.sh delete mode 100755 cmd/repo-updater/build.sh delete mode 100644 cmd/searcher/Dockerfile delete mode 100644 cmd/searcher/Dockerfile.wolfi delete mode 100755 cmd/searcher/build-wolfi.sh delete mode 100755 cmd/searcher/build.sh delete mode 100644 cmd/server/Dockerfile delete mode 100644 cmd/server/Dockerfile.bazel delete mode 100644 cmd/server/Dockerfile.wolfi delete mode 100755 cmd/server/build-bazel.sh delete mode 100755 cmd/server/build-wolfi.sh delete mode 100755 cmd/server/build.sh delete mode 100755 cmd/server/go-build-wolfi.sh delete mode 100755 cmd/server/go-build.sh delete mode 100755 cmd/server/pre-build.sh delete mode 100644 cmd/symbols/Dockerfile delete mode 100644 cmd/symbols/Dockerfile.bazel delete mode 100644 cmd/symbols/Dockerfile.wolfi delete mode 100755 cmd/symbols/build-bazel.sh delete mode 100755 cmd/symbols/build-wolfi.sh delete mode 100755 cmd/symbols/build.sh delete mode 100755 cmd/symbols/ctags-install-alpine.sh delete mode 100755 cmd/symbols/go-build-wolfi.sh delete mode 100755 cmd/symbols/go-build.sh delete mode 100644 cmd/worker/Dockerfile delete mode 100644 cmd/worker/Dockerfile.wolfi delete mode 100755 cmd/worker/build-wolfi.sh delete mode 100644 cmd/worker/build.sh delete mode 100644 docker-images/blobstore/Dockerfile delete mode 100644 docker-images/blobstore/Dockerfile.wolfi delete mode 100755 docker-images/blobstore/build-wolfi.sh delete mode 100755 docker-images/blobstore/build.sh delete mode 100644 docker-images/cadvisor/Dockerfile delete mode 100644 docker-images/cadvisor/Dockerfile.wolfi delete mode 100755 docker-images/cadvisor/build-wolfi.sh delete mode 100755 docker-images/cadvisor/build.sh delete mode 100644 docker-images/grafana/Dockerfile delete mode 100644 docker-images/grafana/Dockerfile.alpine delete mode 100644 docker-images/grafana/Dockerfile.bazel delete mode 100755 docker-images/grafana/build-alpine.sh delete mode 100755 docker-images/grafana/build-bazel.sh delete mode 100755 docker-images/grafana/build.sh delete mode 100755 docker-images/grafana/entry-alpine.sh delete mode 100755 docker-images/grafana/entry-bazel.sh delete mode 100644 docker-images/indexed-searcher/Dockerfile.wolfi delete mode 100755 docker-images/indexed-searcher/build-wolfi.sh delete mode 100755 docker-images/indexed-searcher/build.sh delete mode 100644 docker-images/jaeger-agent/Dockerfile delete mode 100644 docker-images/jaeger-agent/Dockerfile.wolfi delete mode 100755 docker-images/jaeger-agent/build-wolfi.sh delete mode 100755 docker-images/jaeger-agent/build.sh delete mode 100644 docker-images/jaeger-all-in-one/Dockerfile delete mode 100644 docker-images/jaeger-all-in-one/Dockerfile.wolfi delete mode 100755 docker-images/jaeger-all-in-one/build-wolfi.sh delete mode 100755 docker-images/jaeger-all-in-one/build.sh delete mode 100644 docker-images/node-exporter/Dockerfile.wolfi delete mode 100755 docker-images/node-exporter/build-wolfi.sh delete mode 100755 docker-images/node-exporter/build.sh delete mode 100644 docker-images/opentelemetry-collector/Dockerfile delete mode 100644 docker-images/opentelemetry-collector/Dockerfile.wolfi delete mode 100755 docker-images/opentelemetry-collector/build-wolfi.sh delete mode 100755 docker-images/opentelemetry-collector/build.sh delete mode 100644 docker-images/postgres_exporter/Dockerfile delete mode 100644 docker-images/postgres_exporter/Dockerfile.wolfi delete mode 100755 docker-images/postgres_exporter/build-wolfi.sh delete mode 100755 docker-images/postgres_exporter/build.sh rename docker-images/{prometheus => prometheus-gcp}/build-bazel.sh (100%) delete mode 100755 docker-images/prometheus-gcp/build-wolfi.sh delete mode 100644 docker-images/prometheus/Dockerfile delete mode 100644 docker-images/prometheus/Dockerfile.wolfi delete mode 100755 docker-images/prometheus/build-wolfi.sh delete mode 100755 docker-images/prometheus/build.sh delete mode 100644 docker-images/redis-cache/Dockerfile delete mode 100644 docker-images/redis-cache/Dockerfile.wolfi delete mode 100755 docker-images/redis-cache/build-wolfi.sh delete mode 100755 docker-images/redis-cache/build.sh delete mode 100644 docker-images/redis-store/Dockerfile delete mode 100644 docker-images/redis-store/Dockerfile.wolfi delete mode 100755 docker-images/redis-store/build-wolfi.sh delete mode 100755 docker-images/redis-store/build.sh delete mode 100644 docker-images/redis_exporter/Dockerfile.wolfi delete mode 100755 docker-images/redis_exporter/build-wolfi.sh delete mode 100755 docker-images/redis_exporter/build.sh delete mode 100644 docker-images/search-indexer/Dockerfile.wolfi delete mode 100755 docker-images/search-indexer/build-wolfi.sh delete mode 100755 docker-images/search-indexer/build.sh delete mode 100644 docker-images/sg/Dockerfile.wolfi delete mode 100755 docker-images/sg/build-wolfi.sh delete mode 100755 docker-images/sg/build.sh delete mode 100644 docker-images/syntax-highlighter/Dockerfile delete mode 100644 docker-images/syntax-highlighter/Dockerfile.bazel.unused delete mode 100644 docker-images/syntax-highlighter/Dockerfile.wolfi delete mode 100755 docker-images/syntax-highlighter/build-bazel.sh.unused delete mode 100755 docker-images/syntax-highlighter/build-wolfi.sh delete mode 100755 docker-images/syntax-highlighter/build.sh delete mode 100644 enterprise/cmd/batcheshelper/Dockerfile delete mode 100644 enterprise/cmd/batcheshelper/Dockerfile.wolfi delete mode 100755 enterprise/cmd/batcheshelper/build-wolfi.sh delete mode 100755 enterprise/cmd/batcheshelper/build.sh delete mode 100644 enterprise/cmd/bundled-executor/Dockerfile delete mode 100644 enterprise/cmd/bundled-executor/Dockerfile.wolfi delete mode 100755 enterprise/cmd/bundled-executor/build-wolfi.sh delete mode 100755 enterprise/cmd/bundled-executor/build.sh delete mode 100644 enterprise/cmd/cody-gateway/Dockerfile delete mode 100644 enterprise/cmd/cody-gateway/Dockerfile.wolfi delete mode 100755 enterprise/cmd/cody-gateway/build-wolfi.sh delete mode 100755 enterprise/cmd/cody-gateway/build.sh delete mode 100644 enterprise/cmd/embeddings/Dockerfile delete mode 100644 enterprise/cmd/embeddings/Dockerfile.wolfi delete mode 100755 enterprise/cmd/embeddings/build-wolfi.sh delete mode 100755 enterprise/cmd/embeddings/build.sh delete mode 100644 enterprise/cmd/executor-kubernetes/Dockerfile delete mode 100644 enterprise/cmd/executor-kubernetes/Dockerfile.wolfi delete mode 100755 enterprise/cmd/executor-kubernetes/build-wolfi.sh delete mode 100755 enterprise/cmd/executor-kubernetes/build.sh delete mode 100755 enterprise/cmd/executor/build-wolfi.sh delete mode 100755 enterprise/cmd/executor/build.sh delete mode 100644 enterprise/cmd/executor/docker-image/Dockerfile delete mode 100644 enterprise/cmd/executor/docker-image/Dockerfile.wolfi delete mode 100755 enterprise/cmd/executor/docker-image/build-wolfi.sh delete mode 100755 enterprise/cmd/executor/docker-image/build.sh delete mode 100644 enterprise/cmd/frontend/Dockerfile delete mode 100644 enterprise/cmd/frontend/Dockerfile.wolfi delete mode 100755 enterprise/cmd/frontend/build-wolfi.sh delete mode 100755 enterprise/cmd/frontend/build.sh delete mode 100755 enterprise/cmd/frontend/pre-build.sh delete mode 100644 enterprise/cmd/gitserver/Dockerfile delete mode 100644 enterprise/cmd/gitserver/Dockerfile.wolfi delete mode 100755 enterprise/cmd/gitserver/build-wolfi.sh delete mode 100755 enterprise/cmd/gitserver/build.sh delete mode 100755 enterprise/cmd/gitserver/p4-fusion-install-alpine.sh delete mode 100755 enterprise/cmd/migrator/build-wolfi.sh delete mode 100755 enterprise/cmd/migrator/build.sh delete mode 100644 enterprise/cmd/precise-code-intel-worker/Dockerfile delete mode 100644 enterprise/cmd/precise-code-intel-worker/Dockerfile.wolfi delete mode 100755 enterprise/cmd/precise-code-intel-worker/build-wolfi.sh delete mode 100755 enterprise/cmd/precise-code-intel-worker/build.sh delete mode 100755 enterprise/cmd/repo-updater/build-wolfi.sh delete mode 100755 enterprise/cmd/repo-updater/build.sh delete mode 100755 enterprise/cmd/server/build-bazel.sh delete mode 100755 enterprise/cmd/server/build-wolfi.sh delete mode 100755 enterprise/cmd/server/build.sh delete mode 100755 enterprise/cmd/server/pre-build.sh delete mode 100755 enterprise/cmd/symbols/build-bazel.sh delete mode 100755 enterprise/cmd/symbols/build-wolfi.sh delete mode 100755 enterprise/cmd/symbols/build.sh delete mode 100755 enterprise/cmd/symbols/go-build-wolfi.sh delete mode 100755 enterprise/cmd/symbols/go-build.sh delete mode 100644 enterprise/cmd/worker/Dockerfile delete mode 100644 enterprise/cmd/worker/Dockerfile.wolfi delete mode 100755 enterprise/cmd/worker/build-wolfi.sh delete mode 100755 enterprise/cmd/worker/build.sh diff --git a/cmd/blobstore/BUILD.bazel b/cmd/blobstore/BUILD.bazel index 3a00a15650d..6ed75b79f89 100644 --- a/cmd/blobstore/BUILD.bazel +++ b/cmd/blobstore/BUILD.bazel @@ -2,7 +2,6 @@ load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") load("@container_structure_test//:defs.bzl", "container_structure_test") load("@rules_oci//oci:defs.bzl", "oci_image", "oci_push", "oci_tarball") load("@rules_pkg//:pkg.bzl", "pkg_tar") -load("//dev:oci_defs.bzl", "image_repository") go_library( name = "blobstore_lib", @@ -59,66 +58,3 @@ container_structure_test( "requires-network", ], ) - -# The rules below covers the old blobstore, which is based on s3 proxy. We don't push the newer one, as it's still considered experimental. -oci_image( - name = "s3_proxy_image", - base = "@wolfi_s3proxy_base", - entrypoint = [ - "/sbin/tini", - "--", - "/opt/s3proxy/run-docker-container.sh", - ], - env = { - "LOG_LEVEL": "info", - "S3PROXY_AUTHORIZATION": "none", - "S3PROXY_ENDPOINT": "http://0.0.0.0:9000", - "S3PROXY_IDENTITY": "local-identity", - "S3PROXY_CREDENTIAL": "local-credential", - "S3PROXY_VIRTUALHOST": "", - "S3PROXY_CORS_ALLOW_ALL": "false", - "S3PROXY_CORS_ALLOW_ORIGINS": "", - "S3PROXY_CORS_ALLOW_METHODS": "", - "S3PROXY_CORS_ALLOW_HEADERS": "", - "S3PROXY_IGNORE_UNKNOWN_HEADERS": "false", - "S3PROXY_ENCRYPTED_BLOBSTORE": "", - "S3PROXY_ENCRYPTED_BLOBSTORE_PASSWORD": "", - "S3PROXY_ENCRYPTED_BLOBSTORE_SALT": "", - "S3PROXY_V4_MAX_NON_CHUNKED_REQ_SIZE": "33554432", - "JCLOUDS_PROVIDER": "filesystem", - "JCLOUDS_ENDPOINT": "", - "JCLOUDS_REGION": "", - "JCLOUDS_REGIONS": "us-east-1", - "JCLOUDS_IDENTITY": "remote-identity", - "JCLOUDS_CREDENTIAL": "remote-credential", - "JCLOUDS_KEYSTONE_VERSION": "", - "JCLOUDS_KEYSTONE_SCOPE": "", - "JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME": "", - "JCLOUDS_FILESYSTEM_BASEDIR": "/data", - }, - user = "sourcegraph", -) - -container_structure_test( - name = "s3_proxy_image_test", - timeout = "short", - configs = ["s3_proxy_image_test.yaml"], - driver = "docker", - image = ":s3_proxy_image", - tags = [ - "exclusive", - "requires-network", - ], -) - -oci_tarball( - name = "s3_proxy_image_tarball", - image = ":s3_proxy_image", - repo_tags = ["blobstore:candidate"], -) - -oci_push( - name = "s3_proxy_candidate_push", - image = ":s3_proxy_image", - repository = image_repository("blobstore"), -) diff --git a/cmd/blobstore/Dockerfile b/cmd/blobstore/Dockerfile deleted file mode 100644 index 2063f5b06a4..00000000000 --- a/cmd/blobstore/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache \ - bash - -RUN mkdir -p /data && chown -R sourcegraph:sourcegraph /data -USER sourcegraph - -EXPOSE 9000 -WORKDIR / -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/blobstore"] -COPY blobstore /usr/local/bin/ diff --git a/cmd/blobstore/build.sh b/cmd/blobstore/build.sh deleted file mode 100755 index fab1b248444..00000000000 --- a/cmd/blobstore/build.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/blobstore \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64 - - out=$(./dev/ci/bazel.sh cquery //cmd/blobstore --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/blobstore/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/blobstore" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/blobstore/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/frontend/Dockerfile b/cmd/frontend/Dockerfile deleted file mode 100644 index bcc7ca4402a..00000000000 --- a/cmd/frontend/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV CONFIGURATION_MODE=server PGDATABASE=sg PGHOST=pgsql PGPORT=5432 PGSSLMODE=disable PGUSER=sg CODEINTEL_PGDATABASE=sg CODEINTEL_PGHOST=codeintel-db CODEINTEL_PGPORT=5432 CODEINTEL_PGSSLMODE=disable CODEINTEL_PGUSER=sg PUBLIC_REPO_REDIRECTS=true -USER sourcegraph -CMD ["serve"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/frontend"] -COPY frontend /usr/local/bin/ diff --git a/cmd/frontend/Dockerfile.wolfi b/cmd/frontend/Dockerfile.wolfi deleted file mode 100644 index e8ccd3bcd5f..00000000000 --- a/cmd/frontend/Dockerfile.wolfi +++ /dev/null @@ -1,22 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV CONFIGURATION_MODE=server PGDATABASE=sg PGHOST=pgsql PGPORT=5432 PGSSLMODE=disable PGUSER=sg CODEINTEL_PGDATABASE=sg CODEINTEL_PGHOST=codeintel-db CODEINTEL_PGPORT=5432 CODEINTEL_PGSSLMODE=disable CODEINTEL_PGUSER=sg PUBLIC_REPO_REDIRECTS=true -USER sourcegraph - -CMD ["serve"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/frontend"] -COPY frontend /usr/local/bin/ diff --git a/cmd/frontend/build-wolfi.sh b/cmd/frontend/build-wolfi.sh deleted file mode 100755 index 208a239378a..00000000000 --- a/cmd/frontend/build-wolfi.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/frontend - out=$(./dev/ci/bazel.sh cquery //cmd/frontend --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/frontend/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/cmd/frontend" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build $IMAGE" -docker build -f cmd/frontend/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/frontend/build.sh b/cmd/frontend/build.sh deleted file mode 100755 index 6039286f181..00000000000 --- a/cmd/frontend/build.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/frontend - out=$(./dev/ci/bazel.sh cquery //cmd/frontend --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/cmd/frontend" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build $IMAGE" -docker build -f cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/frontend/pre-build.sh b/cmd/frontend/pre-build.sh deleted file mode 100755 index faf60e19eae..00000000000 --- a/cmd/frontend/pre-build.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - exit 0 -fi - -# Build the webapp typescript code. -echo "--- pnpm install" -# mutex is necessary since CI runs various pnpm installs in parallel -if [[ -z "${CI}" ]]; then - pnpm install -else - ./dev/ci/pnpm-install-with-retry.sh -fi - -echo "--- pnpm build-web" -NODE_ENV=production DISABLE_TYPECHECKING=true pnpm build-web diff --git a/cmd/github-proxy/Dockerfile b/cmd/github-proxy/Dockerfile deleted file mode 100644 index ee7f8d6280a..00000000000 --- a/cmd/github-proxy/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV LOG_REQUEST=true -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/github-proxy"] -COPY github-proxy /usr/local/bin/ diff --git a/cmd/github-proxy/Dockerfile.wolfi b/cmd/github-proxy/Dockerfile.wolfi deleted file mode 100644 index 060f19b4f6b..00000000000 --- a/cmd/github-proxy/Dockerfile.wolfi +++ /dev/null @@ -1,21 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV LOG_REQUEST=true -USER sourcegraph - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/github-proxy"] -COPY github-proxy /usr/local/bin/ diff --git a/cmd/github-proxy/build-wolfi.sh b/cmd/github-proxy/build-wolfi.sh deleted file mode 100755 index aff9fbf73d1..00000000000 --- a/cmd/github-proxy/build-wolfi.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/github-proxy \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64 - - out=$(./dev/ci/bazel.sh cquery //cmd/github-proxy --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/github-proxy/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/github-proxy" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/github-proxy/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/github-proxy/build.sh b/cmd/github-proxy/build.sh deleted file mode 100755 index 6c6c5d201c5..00000000000 --- a/cmd/github-proxy/build.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/github-proxy \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --platforms=@io_bazel_rules_go//go/toolchain:linux_amd64 - - out=$(./dev/ci/bazel.sh cquery //cmd/github-proxy --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/github-proxy/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/github-proxy" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/github-proxy/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/gitserver/Dockerfile b/cmd/gitserver/Dockerfile deleted file mode 100644 index 84953f8c14a..00000000000 --- a/cmd/gitserver/Dockerfile +++ /dev/null @@ -1,70 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -# Install p4 CLI (keep this up to date with cmd/server/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS build - -# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS -# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal -RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \ - wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \ - chmod +x /usr/local/bin/p4 && \ - sha256sum -c expected_hash - -COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh -RUN /p4-fusion-install-alpine.sh - -RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \ - gzip -d coursier.gz && \ - mv coursier /usr/local/bin/coursier && \ - chmod +x /usr/local/bin/coursier - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - git-lfs \ - git-p4 \ - openssh-client \ - # We require libstdc++ for p4-fusion - libstdc++ \ - python2 \ - python3 \ - bash - -COPY --from=build /usr/local/bin/p4 /usr/local/bin/p4 -COPY --from=build /usr/local/bin/coursier /usr/local/bin/coursier - -# copy into place the p4-fusion binary and the wrapper shell script -# that facilitates better handling of killing of the p4-fusion -# (for example, if the Docker host's OOM Reaper killed it) -COPY --from=build /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion-binary -COPY p4-fusion-wrapper-detect-kill.sh /usr/local/bin/p4-fusion -COPY process-stats-watcher.sh /usr/local/bin/process-stats-watcher.sh - -# This is a trick to include libraries required by p4, -# please refer to https://blog.tilander.org/docker-perforce/ -# hadolint ignore=DL4006 -RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory / - -RUN mkdir -p /data/repos && chown -R sourcegraph:sourcegraph /data/repos -USER sourcegraph - -WORKDIR / - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/gitserver"] -COPY gitserver /usr/local/bin/ diff --git a/cmd/gitserver/Dockerfile.wolfi b/cmd/gitserver/Dockerfile.wolfi deleted file mode 100644 index 1a107652dc9..00000000000 --- a/cmd/gitserver/Dockerfile.wolfi +++ /dev/null @@ -1,20 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-gitserver-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/gitserver"] -COPY gitserver /usr/local/bin/ diff --git a/cmd/gitserver/build-wolfi.sh b/cmd/gitserver/build-wolfi.sh deleted file mode 100755 index 8821d76a591..00000000000 --- a/cmd/gitserver/build-wolfi.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) - -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/gitserver - out=$(./dev/ci/bazel.sh cquery //cmd/gitserver --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/gitserver/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/gitserver" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/gitserver/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/gitserver/build.sh b/cmd/gitserver/build.sh deleted file mode 100755 index dabbc4849c8..00000000000 --- a/cmd/gitserver/build.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/env bash - -# the build process for the OSS gitserver is identical to the build process for the Enterprise gitserver -# pull some shenanigans up front so that we don't have to sprinkle "enterprise" all throughout the enterprise version - -exedir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) - -path="cmd/gitserver" - -if [[ ${exedir} = */enterprise/cmd/gitserver ]]; then - # We want to build multiple go binaries, so we use a custom build step on CI. - cd "${exedir}"/../../.. || exit 1 - path="enterprise/${path}" -else - # We want to build multiple go binaries, so we use a custom build step on CI. - cd "${exedir}"/../.. || exit 1 -fi - -### OSS and Enterprise builds should be identical after this point - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) - -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT - -for f in p4-fusion-install-alpine.sh p4-fusion-wrapper-detect-kill.sh process-stats-watcher.sh; do - cp -a "./${path}/${f}" "${OUTPUT}" -done - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //${path} - out=$(./dev/ci/bazel.sh cquery //${path} --output=files) - cp "$out" "$OUTPUT" - - docker build -f ${path}/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/${path}" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f ${path}/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/gitserver/p4-fusion-install-alpine.sh b/cmd/gitserver/p4-fusion-install-alpine.sh deleted file mode 100755 index 8f73a2fe568..00000000000 --- a/cmd/gitserver/p4-fusion-install-alpine.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/sh - -# This script installs p4-fusion within an alpine container. - -set -eu - -tmpdir=$(mktemp -d) -cd "$tmpdir" - -cleanup() { - echo "--- cleanup" - apk --no-cache --purge del p4-build-deps 2>/dev/null || true - cd / - rm -rf "$tmpdir" || true -} - -trap cleanup EXIT - -test_p4_fusion() { - # Test that p4-fusion runs and is on the path - echo "--- p4-fusion test" - ldd "$(which p4-fusion)" - p4-fusion >/dev/null -} - -set -x - -# Hello future traveler. Building p4-fusion is one of our slowest steps in CI. -# Luckily the versions very rarely change and nearly everything is statically -# linked. This means we can manually upload the output of this build script to -# a bucket and save lots of time. -# -# If the version has changed please add it to the sha256sum in the prebuilt -# binary check. You can run -# -# docker build -t p4-fusion --target=p4-fusion . -# -# Then extract the binary from /usr/local/bin/p4-fusion. Please rename it -# follow the format and upload to the bucket here -# https://console.cloud.google.com/storage/browser/sourcegraph-artifacts/p4-fusion -export P4_FUSION_VERSION=v1.12 - -# Runtime dependencies -echo "--- p4-fusion apk runtime-deps" -apk add --no-cache libstdc++ - -# Check if we have a prebuilt binary -echo "--- p4-fusion prebuilt binary check" -if wget https://storage.googleapis.com/sourcegraph-artifacts/p4-fusion/p4-fusion-"$P4_FUSION_VERSION"-musl-x86_64; then - src=p4-fusion-"$P4_FUSION_VERSION"-musl-x86_64 - cat </dev/null >"${outfile}"; then - rm "${outfile}" - fi -} - -for version in "${gcs_versions[@]}"; do - echo "Persisting schemas for ${version} from GCS..." - for filename in "${gcs_filenames[@]}"; do - download_gcs "${version}" "${filename}" - done -done - -git_versions=( - v3.42.0 v3.42.1 v3.42.2 - v3.43.0 v3.43.1 v3.43.2 - v4.0.0 v4.0.1 - v4.1.0 v4.1.1 v4.1.2 v4.1.3 - v4.2.0 v4.2.1 - v4.3.0 v4.3.1 - v4.4.0 v4.4.1 v4.4.2 - v4.5.0 v4.5.1 - v5.0.0 v5.0.1 v5.0.2 v5.0.3) - -for version in "${git_versions[@]}"; do - echo "Persisting schemas for ${version} from Git..." - git show "${version}:internal/database/schema.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.json" - git show "${version}:internal/database/schema.codeintel.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.codeintel.json" - git show "${version}:internal/database/schema.codeinsights.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.codeinsights.json" -done - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/migrator - out=$(./dev/ci/bazel.sh cquery //cmd/migrator --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/migrator/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg=${1:-"github.com/sourcegraph/sourcegraph/cmd/migrator"} -output="$OUTPUT/$(basename "$pkg")" -# shellcheck disable=SC2153 -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$output" "$pkg" - -echo "--- docker build" -docker build -f cmd/migrator/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/migrator/build.sh b/cmd/migrator/build.sh deleted file mode 100755 index 3cfbf62ba7e..00000000000 --- a/cmd/migrator/build.sh +++ /dev/null @@ -1,111 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the migrator docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -echo "--- compile schema descriptions" -mkdir -p "${OUTPUT}/schema-descriptions" - -# See internal/database/migration/cliutil/drift-schemas/generate-all.sh -gcs_versions=( - v3.20.0 v3.20.1 - v3.21.0 v3.21.1 v3.21.2 - v3.22.0 v3.22.1 - v3.23.0 - v3.24.0 v3.24.1 - v3.25.0 v3.25.1 v3.25.2 - v3.26.0 v3.26.1 v3.26.2 v3.26.3 - v3.27.0 v3.27.1 v3.27.2 v3.27.3 v3.27.4 v3.27.5 - v3.28.0 - v3.29.0 v3.29.1 - v3.30.0 v3.30.1 v3.30.2 v3.30.3 v3.30.4 - v3.31.0 v3.31.1 v3.31.2 - v3.32.0 v3.32.1 - v3.33.0 v3.33.1 v3.33.2 - v3.34.0 v3.34.1 v3.34.2 - v3.35.0 v3.35.1 v3.35.2 - v3.36.0 v3.36.1 v3.36.2 v3.36.3 - v3.37.0 - v3.38.0 v3.38.1 - v3.39.0 v3.39.1 - v3.40.0 v3.40.1 v3.40.2 - v3.41.0 v3.41.1 -) -gcs_filenames=( - internal_database_schema.json - internal_database_schema.codeintel.json - internal_database_schema.codeinsights.json -) - -function download_gcs() { - outfile="${OUTPUT}/schema-descriptions/${1}-${2}" - echo "${outfile}" - if ! curl -fsSL "https://storage.googleapis.com/sourcegraph-assets/migrations/drift/${1}-${2}" 2>/dev/null >"${outfile}"; then - rm "${outfile}" - fi -} - -for version in "${gcs_versions[@]}"; do - echo "Persisting schemas for ${version} from GCS..." - for filename in "${gcs_filenames[@]}"; do - download_gcs "${version}" "${filename}" - done -done - -git_versions=( - v3.42.0 v3.42.1 v3.42.2 - v3.43.0 v3.43.1 v3.43.2 - v4.0.0 v4.0.1 - v4.1.0 v4.1.1 v4.1.2 v4.1.3 - v4.2.0 v4.2.1 - v4.3.0 v4.3.1 - v4.4.0 v4.4.1 v4.4.2 - v4.5.0 v4.5.1 - v5.0.0 v5.0.1 v5.0.2 v5.0.3 v5.0.4 v5.0.5 v5.0.6) - -for version in "${git_versions[@]}"; do - echo "Persisting schemas for ${version} from Git..." - git show "${version}:internal/database/schema.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.json" - git show "${version}:internal/database/schema.codeintel.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.codeintel.json" - git show "${version}:internal/database/schema.codeinsights.json" >"${OUTPUT}/schema-descriptions/${version}-internal_database_schema.codeinsights.json" -done - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/migrator - out=$(./dev/ci/bazel.sh cquery //cmd/migrator --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/migrator/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg=${1:-"github.com/sourcegraph/sourcegraph/cmd/migrator"} -output="$OUTPUT/$(basename "$pkg")" -# shellcheck disable=SC2153 -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$output" "$pkg" - -echo "--- docker build" -docker build -f cmd/migrator/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/repo-updater/Dockerfile b/cmd/repo-updater/Dockerfile deleted file mode 100644 index f61ca52bb78..00000000000 --- a/cmd/repo-updater/Dockerfile +++ /dev/null @@ -1,45 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -# # Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile and cmd/server/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli - -# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS -# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal -RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \ - wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \ - chmod +x /usr/local/bin/p4 && \ - sha256sum -c expected_hash - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier - -RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \ - gzip -d coursier.gz && \ - mv coursier /usr/local/bin/coursier && \ - chmod +x /usr/local/bin/coursier - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -COPY --from=p4cli /usr/local/bin/p4 /usr/local/bin/p4 - -COPY --from=coursier /usr/local/bin/coursier /usr/local/bin/coursier - -# This is a trick to include libraries required by p4, -# please refer to https://blog.tilander.org/docker-perforce/ -# hadolint ignore=DL4006 -RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory / - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/repo-updater"] -COPY repo-updater /usr/local/bin/ diff --git a/cmd/repo-updater/Dockerfile.wolfi b/cmd/repo-updater/Dockerfile.wolfi deleted file mode 100644 index 4cfd7a40706..00000000000 --- a/cmd/repo-updater/Dockerfile.wolfi +++ /dev/null @@ -1,19 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-repo-updater-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/repo-updater"] -COPY repo-updater /usr/local/bin/ diff --git a/cmd/repo-updater/build-wolfi.sh b/cmd/repo-updater/build-wolfi.sh deleted file mode 100755 index 5dbcf285789..00000000000 --- a/cmd/repo-updater/build-wolfi.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -path_to_package=${1:-github.com/sourcegraph/sourcegraph/cmd/repo-updater} -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/repo-updater - out=$(./dev/ci/bazel.sh cquery //cmd/repo-updater --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/repo-updater/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -for pkg in $path_to_package; do - go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename "$pkg")" "$pkg" -done - -docker build -f cmd/repo-updater/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/repo-updater/build.sh b/cmd/repo-updater/build.sh deleted file mode 100755 index b57bfa6e168..00000000000 --- a/cmd/repo-updater/build.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -path_to_package=${1:-github.com/sourcegraph/sourcegraph/cmd/repo-updater} -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - package=${1:-//cmd/repo-updater} - ./dev/ci/bazel.sh build "$package" - out=$(./dev/ci/bazel.sh cquery "$package" --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/repo-updater/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -for pkg in $path_to_package; do - go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename "$pkg")" "$pkg" -done - -docker build -f cmd/repo-updater/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/searcher/Dockerfile b/cmd/searcher/Dockerfile deleted file mode 100644 index fe707a2d16c..00000000000 --- a/cmd/searcher/Dockerfile +++ /dev/null @@ -1,30 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -RUN apk --no-cache add pcre sqlite-libs libev - -# The comby/comby image is a small binary-only distribution. See the bin and src directories -# here: https://github.com/comby-tools/comby/tree/master/dockerfiles/alpine -# hadolint ignore=DL3022 -COPY --from=comby/comby:alpine-3.14-1.8.1@sha256:a5e80d6bad6af008478679809dc8327ebde7aeff7b23505b11b20e36aa62a0b2 /usr/local/bin/comby /usr/local/bin/comby - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# Use SEARCHER_CACHE_DIR to set the cache dir at runtime for searcher. Setting CACHE_DIR will also -# apply to other services and is deprecated. -ENV CACHE_DIR=/mnt/cache/searcher -RUN mkdir -p ${CACHE_DIR} && chown -R sourcegraph:sourcegraph ${CACHE_DIR} -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/searcher"] -COPY searcher /usr/local/bin/ diff --git a/cmd/searcher/Dockerfile.wolfi b/cmd/searcher/Dockerfile.wolfi deleted file mode 100644 index 3586e3edcda..00000000000 --- a/cmd/searcher/Dockerfile.wolfi +++ /dev/null @@ -1,21 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-searcher-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV CACHE_DIR=/mnt/cache/searcher -USER sourcegraph - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/searcher"] -COPY searcher /usr/local/bin/ diff --git a/cmd/searcher/build-wolfi.sh b/cmd/searcher/build-wolfi.sh deleted file mode 100755 index 95801d19769..00000000000 --- a/cmd/searcher/build-wolfi.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/searcher - out=$(./dev/ci/bazel.sh cquery //cmd/searcher --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/searcher/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/searcher" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/searcher/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/searcher/build.sh b/cmd/searcher/build.sh deleted file mode 100755 index 92c589a8150..00000000000 --- a/cmd/searcher/build.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/searcher - out=$(./dev/ci/bazel.sh cquery //cmd/searcher --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/searcher/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/cmd/searcher" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f cmd/searcher/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/server/Dockerfile b/cmd/server/Dockerfile deleted file mode 100644 index 2f81ab40b13..00000000000 --- a/cmd/server/Dockerfile +++ /dev/null @@ -1,138 +0,0 @@ -# Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli - -# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS -# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal -RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \ - wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \ - chmod +x /usr/local/bin/p4 && \ - sha256sum -c expected_hash - -# Install p4-fusion (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion - -COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh -RUN /p4-fusion-install-alpine.sh - -# Install coursier (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier - -RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \ - gzip -d coursier.gz && \ - mv coursier /usr/local/bin/coursier && \ - chmod +x /usr/local/bin/coursier - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -# TODO(security): This container should not be running as root! -# -# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments -# cannot be easily migrated we have not changed this from root -> sourcegraph. See: -# https://github.com/sourcegraph/sourcegraph/issues/13238 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache --verbose \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - git-lfs \ - git-p4 \ - --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - # NOTE that the Postgres version we run is different - # from our *Minimum Supported Version* which alone dictates - # the features we can depend on. See this link for more information: - # https://github.com/sourcegraph/sourcegraph/blob/main/doc/dev/postgresql.md#version-requirements - # You can't just bump the major version since that requires pgupgrade - # between Sourcegraph releases. - && apk add --no-cache --verbose \ - postgresql=~12 \ - postgresql-contrib=~12 \ - --repository=http://dl-cdn.alpinelinux.org/alpine/v3.12/main \ - && apk add --no-cache --verbose \ - 'bash>=5.0.17' \ - 'redis>=5.0' \ - python2 \ - python3 \ - 'nginx>=1.18.0' openssh-client pcre sqlite-libs libev su-exec 'nodejs-current>=14.5.0' \ - # We require libstdc++ for p4-fusion - libstdc++ - -# IMPORTANT: If you update the syntax-highlighter version below, you MUST confirm -# the ENV variables from its Dockerfile (https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/syntax-highlighter/Dockerfile) -# have been appropriately set in cmd/server/shared/shared.go. -# hadolint ignore=DL3022 -COPY --from=comby/comby:alpine-3.14-1.8.1@sha256:a5e80d6bad6af008478679809dc8327ebde7aeff7b23505b11b20e36aa62a0b2 /usr/local/bin/comby /usr/local/bin/comby -# hadolint ignore=DL3022 -COPY --from=docker.io/sourcegraph/syntax-highlighter:215692_2023-04-27_5.0-fb61a539c3a1 /syntax_highlighter /usr/local/bin/ - - -# install blobstore (keep this up to date with the upstream Docker image -# referenced in docker-images/) -RUN apk add --no-cache --verbose openjdk11 -# hadolint ignore=DL3022 -COPY --from=sourcegraph/blobstore:server /opt/s3proxy /opt/s3proxy - - -COPY ctags-install-alpine.sh /ctags-install-alpine.sh -RUN /ctags-install-alpine.sh - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prom-wrapper /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/alertmanager /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /alertmanager.sh /alertmanager.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prometheus /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /prometheus.sh /prometheus.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /usr/share/prometheus /usr/share/prometheus - -RUN set -ex && \ - addgroup -S grafana && \ - adduser -S -G grafana grafana && \ - apk add --no-cache libc6-compat ca-certificates su-exec - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /usr/share/grafana /usr/share/grafana - -COPY . / - -# hadolint ignore=DL3022 -COPY --from=p4cli /usr/local/bin/p4 /usr/local/bin/p4 - -COPY --from=p4-fusion /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion - -COPY --from=coursier /usr/local/bin/coursier /usr/local/bin/coursier - -# This is a trick to include libraries required by p4, -# please refer to https://blog.tilander.org/docker-perforce/ -# hadolint ignore=DL4006 -RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory / - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /sg_config_grafana/provisioning/dashboards /sg_config_grafana/provisioning/dashboards - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/postgres_exporter:server /usr/local/bin/postgres_exporter /usr/local/bin/postgres_exporter - -RUN echo "hosts: files dns" > /etc/nsswitch.conf - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -WORKDIR / - -ENV GO111MODULES=on LANG=en_US.utf8 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/server"] diff --git a/cmd/server/Dockerfile.bazel b/cmd/server/Dockerfile.bazel deleted file mode 100644 index 301489f37b7..00000000000 --- a/cmd/server/Dockerfile.bazel +++ /dev/null @@ -1,140 +0,0 @@ -# Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4cli - -# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS -# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal -RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \ - wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \ - chmod +x /usr/local/bin/p4 && \ - sha256sum -c expected_hash - -# Install p4-fusion (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS p4-fusion - -COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh -RUN /p4-fusion-install-alpine.sh - -# Install coursier (keep this up to date with cmd/gitserver/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS coursier - -RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \ - gzip -d coursier.gz && \ - mv coursier /usr/local/bin/coursier && \ - chmod +x /usr/local/bin/coursier - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -# TODO(security): This container should not be running as root! -# -# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments -# cannot be easily migrated we have not changed this from root -> sourcegraph. See: -# https://github.com/sourcegraph/sourcegraph/issues/13238 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache --verbose \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - git-lfs \ - git-p4 \ - --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - # NOTE that the Postgres version we run is different - # from our *Minimum Supported Version* which alone dictates - # the features we can depend on. See this link for more information: - # https://github.com/sourcegraph/sourcegraph/blob/main/doc/dev/postgresql.md#version-requirements - # You can't just bump the major version since that requires pgupgrade - # between Sourcegraph releases. - && apk add --no-cache --verbose \ - postgresql=~12 \ - postgresql-contrib=~12 \ - --repository=http://dl-cdn.alpinelinux.org/alpine/v3.12/main \ - && apk add --no-cache --verbose \ - 'bash>=5.0.17' \ - 'redis>=5.0' \ - python2 \ - python3 \ - 'nginx>=1.18.0' openssh-client pcre sqlite-libs libev su-exec 'nodejs-current>=14.5.0' \ - # We require libstdc++ for p4-fusion - libstdc++ - -# IMPORTANT: If you update the syntax-highlighter version below, you MUST confirm -# the ENV variables from its Dockerfile (https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/syntax-highlighter/Dockerfile) -# have been appropriately set in cmd/server/shared/shared.go. -# hadolint ignore=DL3022 -COPY --from=comby/comby:alpine-3.14-1.8.1@sha256:a5e80d6bad6af008478679809dc8327ebde7aeff7b23505b11b20e36aa62a0b2 /usr/local/bin/comby /usr/local/bin/comby -# hadolint ignore=DL3022 -COPY --from=docker.io/sourcegraph/syntax-highlighter:223909_2023-06-02_5.0-6fd7735ab9c2 /syntax_highlighter /usr/local/bin/ -# hadolint ignore=DL3022 -COPY --from=docker.io/sourcegraph/symbols:223909_2023-06-02_5.0-6fd7735ab9c2 /usr/local/bin/scip-ctags /usr/local/bin/scip-ctags - - -# install blobstore (keep this up to date with the upstream Docker image -# referenced in docker-images/) -RUN apk add --no-cache --verbose openjdk11 -# hadolint ignore=DL3022 -COPY --from=sourcegraph/blobstore:server /opt/s3proxy /opt/s3proxy - -COPY ctags-install-alpine.sh /ctags-install-alpine.sh -RUN /ctags-install-alpine.sh - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prom-wrapper /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/alertmanager /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /alertmanager.sh /alertmanager.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prometheus /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /prometheus.sh /prometheus.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /usr/share/prometheus /usr/share/prometheus -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /sg_config_prometheus /sg_config_prometheus - -RUN set -ex && \ - addgroup -S grafana && \ - adduser -S -G grafana grafana && \ - apk add --no-cache libc6-compat ca-certificates su-exec - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /usr/share/grafana /usr/share/grafana - -COPY . / - -# hadolint ignore=DL3022 -COPY --from=p4cli /usr/local/bin/p4 /usr/local/bin/p4 - -COPY --from=p4-fusion /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion - -COPY --from=coursier /usr/local/bin/coursier /usr/local/bin/coursier - -# This is a trick to include libraries required by p4, -# please refer to https://blog.tilander.org/docker-perforce/ -# hadolint ignore=DL4006 -RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory / - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /sg_config_grafana /sg_config_grafana - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/postgres_exporter:server /usr/local/bin/postgres_exporter /usr/local/bin/postgres_exporter - -RUN echo "hosts: files dns" > /etc/nsswitch.conf - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -WORKDIR / - -ENV GO111MODULES=on LANG=en_US.utf8 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/server"] diff --git a/cmd/server/Dockerfile.wolfi b/cmd/server/Dockerfile.wolfi deleted file mode 100644 index c08b289ce1f..00000000000 --- a/cmd/server/Dockerfile.wolfi +++ /dev/null @@ -1,67 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-server-base:latest - -# TODO(security): This container should not be running as root! -# -# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments -# cannot be easily migrated we have not changed this from root -> sourcegraph. See: -# https://github.com/sourcegraph/sourcegraph/issues/13238 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# IMPORTANT: If you update the syntax-highlighter version below, you MUST confirm -# the ENV variables from its Dockerfile (https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/syntax-highlighter/Dockerfile) -# have been appropriately set in cmd/server/shared/shared.go. -# TODO: Update this to use the correct syntax-highlighter build -# hadolint ignore=DL3022 -COPY --from=us.gcr.io/sourcegraph-dev/wolfi-syntax-highlighter:latest /usr/local/bin/syntax_highlighter /usr/local/bin/ - - -# install blobstore (keep this up to date with the upstream Docker image -# referenced in docker-images/) -# hadolint ignore=DL3022 -COPY --from=sourcegraph/blobstore:server /opt/s3proxy /opt/s3proxy - - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prom-wrapper /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/alertmanager /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /alertmanager.sh /alertmanager.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /bin/prometheus /bin -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /prometheus.sh /prometheus.sh -# hadolint ignore=DL3022 -COPY --from=sourcegraph/prometheus:server /usr/share/prometheus /usr/share/prometheus - -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /usr/share/grafana /usr/share/grafana -# hadolint ignore=DL3022 -COPY --from=sourcegraph/grafana:server /sg_config_grafana/provisioning/dashboards /sg_config_grafana/provisioning/dashboards - -COPY . / - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -WORKDIR / - -ENV GO111MODULES=on -ENV LANG=en_US.utf8 -ENV PGHOST=/var/run/postgresql -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/server"] diff --git a/cmd/server/build-bazel.sh b/cmd/server/build-bazel.sh deleted file mode 100755 index bb8e2847ef6..00000000000 --- a/cmd/server/build-bazel.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eux - -# Fail early if env vars are not set -[ -n "$VERSION" ] -[ -n "$IMAGE" ] - -OUTPUT=$(mktemp -d -t sgserver_XXXXXXX) -TMP=$(mktemp -d -t sgserver_tmp_XXXXXXX) -export OUTPUT -export BINDIR="$OUTPUT/usr/local/bin" -mkdir -p "$BINDIR" -cleanup() { - rm -rf "$OUTPUT" - rm -rf "$TMP" -} -trap cleanup EXIT - -OSS_TARGETS=( - //cmd/frontend - //cmd/worker - //cmd/migrator - //cmd/repo-updater - //cmd/github-proxy - //cmd/gitserver - //cmd/searcher - //cmd/server - //docker-images/syntax-highlighter:scip-ctags - # https://github.com/sourcegraph/s3proxy is still the default for now. - # //cmd/blobstore - @com_github_sourcegraph_zoekt//cmd/zoekt-archive-index - @com_github_sourcegraph_zoekt//cmd/zoekt-git-index - @com_github_sourcegraph_zoekt//cmd/zoekt-sourcegraph-indexserver - @com_github_sourcegraph_zoekt//cmd/zoekt-webserver -) - -ENTERPRISE_TARGETS=( - //cmd/github-proxy - //cmd/searcher - //enterprise/cmd/frontend - //enterprise/cmd/gitserver - //enterprise/cmd/worker - //enterprise/cmd/migrator - //enterprise/cmd/repo-updater - //enterprise/cmd/precise-code-intel-worker - //enterprise/cmd/server -) - -MUSL_TARGETS=( - @com_github_sourcegraph_zoekt//cmd/zoekt-archive-index - @com_github_sourcegraph_zoekt//cmd/zoekt-git-index - @com_github_sourcegraph_zoekt//cmd/zoekt-sourcegraph-indexserver - @com_github_sourcegraph_zoekt//cmd/zoekt-webserver -) - -if [[ "${ENTERPRISE:-"false"}" == "false" ]]; then - MUSL_TARGETS+=(//cmd/symbols) -else - MUSL_TARGETS+=(//enterprise/cmd/symbols) -fi - -bazelrc=( - --bazelrc=.bazelrc -) -if [[ ${CI:-""} == "true" ]]; then - bazelrc+=( - --bazelrc=.aspect/bazelrc/ci.bazelrc - --bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc - ) -fi - -echo "--- bazel build musl" -bazel \ - "${bazelrc[@]}" \ - build \ - "${MUSL_TARGETS[@]}" \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 - -for MUSL_TARGET in "${MUSL_TARGETS[@]}"; do - out=$(bazel "${bazelrc[@]}" \ - cquery \ - "$MUSL_TARGET" \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 \ - --output=files) - cp "$out" "$BINDIR" - echo "copying $MUSL_TARGET" -done - -if [[ "${ENTERPRISE:-"false"}" == "false" ]]; then - TARGETS=("${OSS_TARGETS[@]}") -else - TARGETS=("${ENTERPRISE_TARGETS[@]}") -fi - -echo "--- bazel build" -./dev/ci/bazel.sh build "${TARGETS[@]}" - -echo "-- preparing rootfs" -cp -a ./cmd/server/rootfs/. "$OUTPUT" -for TARGET in "${TARGETS[@]}"; do - out=$(./dev/ci/bazel.sh cquery "$TARGET" --output=files) - cp "$out" "$BINDIR" - echo "copying $TARGET" -done - -echo "--- prometheus" -IMAGE=sourcegraph/prometheus:server CACHE=true docker-images/prometheus/build-bazel.sh - -echo "--- grafana" -IMAGE=sourcegraph/grafana:server CACHE=true docker-images/grafana/build-bazel.sh - -echo "--- blobstore" -IMAGE=sourcegraph/blobstore:server CACHE=true docker-images/blobstore/build.sh - -echo "--- postgres exporter" -IMAGE=sourcegraph/postgres_exporter:server CACHE=true docker-images/postgres_exporter/build.sh - -echo "--- build scripts" -cp -a ./cmd/symbols/ctags-install-alpine.sh "$OUTPUT" -cp -a ./cmd/gitserver/p4-fusion-install-alpine.sh "$OUTPUT" - -echo "--- docker build" -docker build -f cmd/server/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \ - --platform linux/amd64 \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/server/build-wolfi.sh b/cmd/server/build-wolfi.sh deleted file mode 100755 index db64f77c115..00000000000 --- a/cmd/server/build-wolfi.sh +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eux - -# Fail early if env vars are not set -[ -n "$VERSION" ] -[ -n "$IMAGE" ] - -OUTPUT=$(mktemp -d -t sgserver_XXXXXXX) -export OUTPUT -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -parallel_run() { - ./dev/ci/parallel_run.sh "$@" -} -export -f parallel_run - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Additional images passed in here when this script is called externally by our -# enterprise build scripts. -additional_images=() -if [ $# -eq 0 ]; then - additional_images+=("github.com/sourcegraph/sourcegraph/cmd/frontend" "github.com/sourcegraph/sourcegraph/cmd/worker" "github.com/sourcegraph/sourcegraph/cmd/migrator" "github.com/sourcegraph/sourcegraph/cmd/repo-updater" "github.com/sourcegraph/sourcegraph/cmd/symbols") -else - additional_images+=("$@") -fi -export additional_images - -# Overridable server package path for when this script is called externally by -# our enterprise build scripts. -export server_pkg=${SERVER_PKG:-github.com/sourcegraph/sourcegraph/cmd/server} - -cp -a ./cmd/server/rootfs/. "$OUTPUT" -export BINDIR="$OUTPUT/usr/local/bin" -mkdir -p "$BINDIR" - -go_build() { - local package="$1" - - if [[ "${CI_DEBUG_PROFILE:-"false"}" == "true" ]]; then - env time -v ./cmd/server/go-build-wolfi.sh "$package" - else - ./cmd/server/go-build-wolfi.sh "$package" - fi -} -export -f go_build - -echo "--- go build" - -PACKAGES=( - github.com/sourcegraph/sourcegraph/cmd/github-proxy - github.com/sourcegraph/sourcegraph/cmd/gitserver - github.com/sourcegraph/sourcegraph/cmd/searcher - github.com/sourcegraph/zoekt/cmd/zoekt-archive-index - github.com/sourcegraph/zoekt/cmd/zoekt-git-index - github.com/sourcegraph/zoekt/cmd/zoekt-sourcegraph-indexserver - github.com/sourcegraph/zoekt/cmd/zoekt-webserver -) - -PACKAGES+=("${additional_images[@]}") -PACKAGES+=("$server_pkg") - -parallel_run go_build {} ::: "${PACKAGES[@]}" - -echo "--- monitoring generation" -# For code generation we need to match the local machine so we can run the generator -if [[ "$OSTYPE" == "darwin"* ]]; then - pushd monitoring && GOOS=darwin go generate && popd -else - pushd monitoring && go generate && popd -fi - -echo "--- prometheus" -cp -r docker-images/prometheus/config "$OUTPUT/sg_config_prometheus" -mkdir "$OUTPUT/sg_prometheus_add_ons" -cp dev/prometheus/linux/prometheus_targets.yml "$OUTPUT/sg_prometheus_add_ons" -IMAGE=sourcegraph/prometheus:server CACHE=true docker-images/prometheus/build-wolfi.sh - -echo "--- grafana" -cp -r docker-images/grafana/config "$OUTPUT/sg_config_grafana" -cp -r dev/grafana/linux "$OUTPUT/sg_config_grafana/provisioning/datasources" -IMAGE=sourcegraph/grafana:server CACHE=true docker-images/grafana/build.sh - -echo "--- postgres exporter" -IMAGE=sourcegraph/postgres_exporter:server CACHE=true docker-images/postgres_exporter/build-wolfi.sh - -echo "--- blobstore" -IMAGE=sourcegraph/blobstore:server docker-images/blobstore/build-wolfi.sh - -echo "--- docker build" -docker build -f cmd/server/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/server/build.sh b/cmd/server/build.sh deleted file mode 100755 index a3821ee9ad7..00000000000 --- a/cmd/server/build.sh +++ /dev/null @@ -1,109 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eux - -# Fail early if env vars are not set -[ -n "$VERSION" ] -[ -n "$IMAGE" ] - -OUTPUT=$(mktemp -d -t sgserver_XXXXXXX) -export OUTPUT -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -parallel_run() { - ./dev/ci/parallel_run.sh "$@" -} -export -f parallel_run - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Additional images passed in here when this script is called externally by our -# enterprise build scripts. -additional_images=() -if [ $# -eq 0 ]; then - additional_images+=("github.com/sourcegraph/sourcegraph/cmd/frontend" "github.com/sourcegraph/sourcegraph/cmd/worker" "github.com/sourcegraph/sourcegraph/cmd/migrator" "github.com/sourcegraph/sourcegraph/cmd/repo-updater" "github.com/sourcegraph/sourcegraph/cmd/symbols") -else - additional_images+=("$@") -fi -export additional_images - -# Overridable server package path for when this script is called externally by -# our enterprise build scripts. -export server_pkg=${SERVER_PKG:-github.com/sourcegraph/sourcegraph/cmd/server} - -cp -a ./cmd/server/rootfs/. "$OUTPUT" -export BINDIR="$OUTPUT/usr/local/bin" -mkdir -p "$BINDIR" - -go_build() { - local package="$1" - - if [[ "${CI_DEBUG_PROFILE:-"false"}" == "true" ]]; then - env time -v ./cmd/server/go-build.sh "$package" - else - ./cmd/server/go-build.sh "$package" - fi -} -export -f go_build - -echo "--- go build" - -PACKAGES=( - github.com/sourcegraph/sourcegraph/cmd/github-proxy - github.com/sourcegraph/sourcegraph/cmd/gitserver - github.com/sourcegraph/sourcegraph/cmd/searcher - github.com/sourcegraph/zoekt/cmd/zoekt-archive-index - github.com/sourcegraph/zoekt/cmd/zoekt-git-index - github.com/sourcegraph/zoekt/cmd/zoekt-sourcegraph-indexserver - github.com/sourcegraph/zoekt/cmd/zoekt-webserver -) - -PACKAGES+=("${additional_images[@]}") -PACKAGES+=("$server_pkg") - -parallel_run go_build {} ::: "${PACKAGES[@]}" - -echo "--- build scripts" -cp -a ./cmd/symbols/ctags-install-alpine.sh "$OUTPUT" -cp -a ./cmd/gitserver/p4-fusion-install-alpine.sh "$OUTPUT" - -echo "--- monitoring generation" -# For code generation we need to match the local machine so we can run the generator -if [[ "$OSTYPE" == "darwin"* ]]; then - pushd monitoring && GOOS=darwin go generate && popd -else - pushd monitoring && go generate && popd -fi - -echo "--- prometheus" -cp -r docker-images/prometheus/config "$OUTPUT/sg_config_prometheus" -mkdir "$OUTPUT/sg_prometheus_add_ons" -cp dev/prometheus/linux/prometheus_targets.yml "$OUTPUT/sg_prometheus_add_ons" -IMAGE=sourcegraph/prometheus:server CACHE=true docker-images/prometheus/build.sh - -echo "--- grafana" -cp -r docker-images/grafana/config "$OUTPUT/sg_config_grafana" -cp -r dev/grafana/linux "$OUTPUT/sg_config_grafana/provisioning/datasources" -IMAGE=sourcegraph/grafana:server CACHE=true docker-images/grafana/build-alpine.sh - -echo "--- postgres exporter" -IMAGE=sourcegraph/postgres_exporter:server CACHE=true docker-images/postgres_exporter/build.sh - -echo "--- blobstore" -IMAGE=sourcegraph/blobstore:server docker-images/blobstore/build.sh - -echo "--- docker build" -docker build -f cmd/server/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/server/go-build-wolfi.sh b/cmd/server/go-build-wolfi.sh deleted file mode 100755 index c87fd31e451..00000000000 --- a/cmd/server/go-build-wolfi.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash - -set -euxo pipefail - -PACKAGE="$1" -RELATIVE_PACKAGE="${PACKAGE#github.com/sourcegraph/sourcegraph/}" -BASENAME="$(basename "$PACKAGE")" - -if [[ "$BASENAME" != "server" ]] && [[ -f "$RELATIVE_PACKAGE/go-build-wolfi.sh" ]]; then - # Application builds itself (e.g. requires CGO) - bash "$RELATIVE_PACKAGE/go-build-wolfi.sh" "$BINDIR" -else - go build \ - -trimpath \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -buildmode exe \ - -installsuffix netgo \ - -tags "dist netgo" \ - -o "$BINDIR/$BASENAME" "$PACKAGE" -fi diff --git a/cmd/server/go-build.sh b/cmd/server/go-build.sh deleted file mode 100755 index 5b1d4a003da..00000000000 --- a/cmd/server/go-build.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash - -set -euxo pipefail - -PACKAGE="$1" -RELATIVE_PACKAGE="${PACKAGE#github.com/sourcegraph/sourcegraph/}" -BASENAME="$(basename "$PACKAGE")" - -if [[ "$BASENAME" != "server" ]] && [[ -f "$RELATIVE_PACKAGE/go-build.sh" ]]; then - # Application builds itself (e.g. requires CGO) - bash "$RELATIVE_PACKAGE/go-build.sh" "$BINDIR" -else - go build \ - -trimpath \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -buildmode exe \ - -installsuffix netgo \ - -tags "dist netgo" \ - -o "$BINDIR/$BASENAME" "$PACKAGE" -fi diff --git a/cmd/server/pre-build.sh b/cmd/server/pre-build.sh deleted file mode 100755 index 4fbcc1c0ce7..00000000000 --- a/cmd/server/pre-build.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. - -set -ex - -./cmd/frontend/pre-build.sh diff --git a/cmd/symbols/Dockerfile b/cmd/symbols/Dockerfile deleted file mode 100644 index b053ad941ed..00000000000 --- a/cmd/symbols/Dockerfile +++ /dev/null @@ -1,91 +0,0 @@ -# NOTE: This layer of the docker image is also used in local development as a wrapper around universal-ctags -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS ctags -# hadolint ignore=DL3002 -COPY cmd/symbols/ctags-install-alpine.sh /ctags-install-alpine.sh -RUN /ctags-install-alpine.sh - -FROM rust:1.68.0-alpine3.17@sha256:d119a621ae12f84ec0c5fed77c24795120ed1c7874b2428b5a6ccc0f294dbe18 as scip-ctags -# hadolint ignore=DL3002 -USER root -RUN apk add --no-cache musl-dev>=1.1.24-r10 build-base -COPY docker-images/syntax-highlighter /repo -WORKDIR /repo -RUN cargo fetch - -ARG TARGETARCH - -# Because .cargo/config.toml doesnt support triplet-specific env -COPY cmd/symbols/cargo-config.sh /cargo-config.sh -RUN /cargo-config.sh - -RUN cargo rustc --release --bin scip-ctags - -RUN cp ./target/release/scip-ctags /usr/local/bin/scip-ctags - -FROM golang:1.19.8-alpine@sha256:841c160ed35923d96c95c52403c4e6db5decd9cbce034aa851e412ade5d4b74f AS symbols-build -# hadolint ignore=DL3002 -USER root - -ENV GO111MODULE on -ENV GOARCH amd64 -ENV GOOS linux -ENV CGO_ENABLED 1 - -RUN apk add --no-cache gcc g++ - -COPY . /repo - -WORKDIR /repo - -ARG VERSION="unknown" -ENV VERSION $VERSION - -ARG PKG -ENV PKG=$PKG - -RUN \ - --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/root/go/pkg/mod \ - go build \ - -trimpath \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -buildmode exe \ - -tags dist \ - -o /symbols \ - $PKG - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS symbols - -# TODO(security): This container should not run as root! -# -# See https://github.com/sourcegraph/sourcegraph/issues/13237 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# ctags is dynamically linked against jansson -# libstdc++ and libgcc are for tree-sitter -RUN apk add --no-cache bind-tools ca-certificates mailcap tini jansson libstdc++ libgcc - -COPY --from=ctags /usr/local/bin/universal-ctags /usr/local/bin/universal-ctags -COPY --from=scip-ctags /usr/local/bin/scip-ctags /usr/local/bin/scip-ctags - -COPY --from=symbols-build /symbols /usr/local/bin/symbols - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -# Use SYMBOLS_CACHE_DIR to set the cache dir at runtime for the symbols service. Setting CACHE_DIR -# will also apply to other services and is deprecated. -ENV CACHE_DIR=/mnt/cache/symbols -RUN mkdir -p ${CACHE_DIR} -EXPOSE 3184 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/symbols"] diff --git a/cmd/symbols/Dockerfile.bazel b/cmd/symbols/Dockerfile.bazel deleted file mode 100644 index 50e0801aa93..00000000000 --- a/cmd/symbols/Dockerfile.bazel +++ /dev/null @@ -1,45 +0,0 @@ -# NOTE: This layer of the docker image is also used in local development as a wrapper around universal-ctags -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS ctags -# hadolint ignore=DL3002 -USER root - -COPY ctags-install-alpine.sh /ctags-install-alpine.sh -RUN /ctags-install-alpine.sh - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS symbols - -# TODO(security): This container should not run as root! -# -# See https://github.com/sourcegraph/sourcegraph/issues/13237 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# ctags is dynamically linked against jansson -# libstdc++ and libgcc are for tree-sitter -RUN apk add --no-cache bind-tools ca-certificates mailcap tini jansson libstdc++ libgcc - -COPY --from=ctags /usr/local/bin/universal-ctags /usr/local/bin/universal-ctags - -# the scip binary and symbols was already built by bazel -# see cmd/symbols/build-bazel.sh where it is built and put in the context directory aka $OUTPUT for docker -COPY scip-ctags /usr/local/bin/scip-ctags -COPY symbols /usr/local/bin/symbols - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -# Use SYMBOLS_CACHE_DIR to set the cache dir at runtime for the symbols service. Setting CACHE_DIR -# will also apply to other services and is deprecated. -ENV CACHE_DIR=/mnt/cache/symbols -RUN mkdir -p ${CACHE_DIR} -EXPOSE 3184 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/symbols"] diff --git a/cmd/symbols/Dockerfile.wolfi b/cmd/symbols/Dockerfile.wolfi deleted file mode 100644 index a60a784123b..00000000000 --- a/cmd/symbols/Dockerfile.wolfi +++ /dev/null @@ -1,67 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# TODO: See if we can switch back to cgr.dev/chainguard/go:latest -# hadolint ignore=DL3007 -FROM cgr.dev/chainguard/go:latest AS symbols-build -# hadolint ignore=DL3002 -USER root - -ENV GO111MODULE on -ENV GOARCH amd64 -ENV GOOS linux -ENV CGO_ENABLED 1 - -# RUN apt-get update && \ -# apt-get install -y \ -# gcc \ -# g++ - -COPY . /repo - -WORKDIR /repo - -ARG VERSION="unknown" -ENV VERSION $VERSION - -ARG PKG -ENV PKG=$PKG - -RUN \ - --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/root/go/pkg/mod \ - go build \ - -trimpath \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -buildmode exe \ - -tags dist \ - -o /symbols \ - $PKG - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-symbols-base:latest AS symbols - -# TODO(security): This container should not run as root! -# -# See https://github.com/sourcegraph/sourcegraph/issues/13237 -# hadolint ignore=DL3002 -USER root - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -COPY --from=symbols-build /symbols /usr/local/bin/symbols - -# symbols is cgo, ensure we have the requisite dynamic libraries -RUN env SANITY_CHECK=true /usr/local/bin/symbols - -ENV CACHE_DIR=/mnt/cache/symbols -EXPOSE 3184 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/symbols"] diff --git a/cmd/symbols/build-bazel.sh b/cmd/symbols/build-bazel.sh deleted file mode 100755 index 736864bdc6f..00000000000 --- a/cmd/symbols/build-bazel.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -echo "--- :bazel: bazel build for targets //cmd/symbols" - -bazelrc=( - --bazelrc=.bazelrc -) -if [[ ${CI:-""} == "true" ]]; then - bazelrc+=( - --bazelrc=.aspect/bazelrc/ci.bazelrc - --bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc - ) -fi - -bazel "${bazelrc[@]}" \ - build \ - //cmd/symbols \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 - -out=$( - bazel "${bazelrc[@]}" \ - cquery //cmd/symbols \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 \ - --output=files -) -cp -v "$out" "$OUTPUT" - -# we can't build scip-ctags with symbols since the platform args conflict -# NOTE: cmd/symbols/cargo-config.sh sets some specific config when running on arm64 -# since this bazel run typically runs on CI that config change isn't made -echo "--- :bazel: bazel build for target //docker-images/syntax-highlighter:scip-ctags" -bazel "${bazelrc[@]}" \ - build //docker-images/syntax-highlighter:scip-ctags \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh - -out=$( - bazel "${bazelrc[@]}" \ - cquery //docker-images/syntax-highlighter:scip-ctags \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --output=files -) -cp -v "$out" "$OUTPUT" - -cp cmd/symbols/ctags-install-alpine.sh "$OUTPUT" - -echo ":docker: context directory contains the following:" -ls -lah "$OUTPUT" -echo "--- :docker: docker build for symbols" -docker build -f cmd/symbols/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/symbols/build-wolfi.sh b/cmd/symbols/build-wolfi.sh deleted file mode 100755 index e5cb3d3e8de..00000000000 --- a/cmd/symbols/build-wolfi.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eu - -echo "--- docker build symbols" -docker build -f cmd/symbols/Dockerfile.wolfi -t "$IMAGE" "$(pwd)" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION \ - --build-arg PKG="${PKG:-github.com/sourcegraph/sourcegraph/cmd/symbols}" diff --git a/cmd/symbols/build.sh b/cmd/symbols/build.sh deleted file mode 100755 index 4d9c5df060e..00000000000 --- a/cmd/symbols/build.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eu - -echo "--- docker build symbols" -docker build -f cmd/symbols/Dockerfile -t "$IMAGE" "$(pwd)" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION \ - --build-arg PKG="${PKG:-github.com/sourcegraph/sourcegraph/cmd/symbols}" diff --git a/cmd/symbols/ctags-install-alpine.sh b/cmd/symbols/ctags-install-alpine.sh deleted file mode 100755 index ce7bb50c5c4..00000000000 --- a/cmd/symbols/ctags-install-alpine.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/bin/sh - -# This script installs universal-ctags within an alpine container. - -# Commit hash of github.com/universal-ctags/ctags. -# Last bumped 2022-04-04. -# When bumping please remember to also update Zoekt: https://github.com/sourcegraph/zoekt/blob/d3a8fbd8385f0201dd54ab24114ebd588dfcf0d8/install-ctags-alpine.sh -CTAGS_VERSION=f95bb3497f53748c2b6afc7f298cff218103ab90 - -cleanup() { - apk --no-cache --purge del ctags-build-deps || true - cd / - rm -rf /tmp/ctags-$CTAGS_VERSION -} - -trap cleanup EXIT - -set -eux - -apk --no-cache add \ - --virtual ctags-build-deps \ - autoconf \ - automake \ - binutils \ - curl \ - g++ \ - gcc \ - jansson-dev \ - make \ - pkgconfig - -# ctags is dynamically linked against jansson -apk --no-cache add jansson - -NUMCPUS=$(grep -c '^processor' /proc/cpuinfo) - -# Installation -curl --retry 5 "https://codeload.github.com/universal-ctags/ctags/tar.gz/$CTAGS_VERSION" | tar xz -C /tmp -cd /tmp/ctags-$CTAGS_VERSION -./autogen.sh -./configure --program-prefix=universal- --enable-json -make -j"$NUMCPUS" --load-average="$NUMCPUS" -make install diff --git a/cmd/symbols/go-build-wolfi.sh b/cmd/symbols/go-build-wolfi.sh deleted file mode 100755 index fec6eaaa88e..00000000000 --- a/cmd/symbols/go-build-wolfi.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols go binary. -# Requires a single argument which is the path to the target bindir. -# -# To test you can run -# -# VERSION=test ./cmd/symbols/go-build-wolfi.sh /tmp - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eu - -OUTPUT="${1:?no output path provided}" - -echo "--- docker symbols build" - -# Required due to use of RUN --mount=type=cache in Dockerfile. -export DOCKER_BUILDKIT=1 - -# TODO: The platform flag is required for server image to build, but will break local builds -docker build -f cmd/symbols/Dockerfile.wolfi -t symbols-build "$(pwd)" \ - --target=symbols-build \ - --platform="${PLATFORM:-linux/amd64}" \ - --progress=plain \ - --build-arg VERSION \ - --build-arg PKG="${PKG:-github.com/sourcegraph/sourcegraph/cmd/symbols}" - -docker cp "$(docker create --rm symbols-build)":/symbols "$OUTPUT/symbols" diff --git a/cmd/symbols/go-build.sh b/cmd/symbols/go-build.sh deleted file mode 100755 index 0d0fb2aa607..00000000000 --- a/cmd/symbols/go-build.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols go binary. -# Requires a single argument which is the path to the target bindir. -# -# To test you can run -# -# VERSION=test ./cmd/symbols/go-build.sh /tmp - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -eu - -OUTPUT="${1:?no output path provided}" - -echo "--- docker symbols build" - -# Required due to use of RUN --mount=type=cache in Dockerfile. -export DOCKER_BUILDKIT=1 - -docker build -f cmd/symbols/Dockerfile -t symbols-build "$(pwd)" \ - --target=symbols-build \ - --progress=plain \ - --build-arg VERSION \ - --build-arg PKG="${PKG:-github.com/sourcegraph/sourcegraph/cmd/symbols}" - -docker cp "$(docker create --rm symbols-build)":/symbols "$OUTPUT/symbols" diff --git a/cmd/worker/Dockerfile b/cmd/worker/Dockerfile deleted file mode 100644 index 77aaaabd880..00000000000 --- a/cmd/worker/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk update && apk add --no-cache \ - tini - -USER sourcegraph -EXPOSE 3189 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/worker"] -COPY worker /usr/local/bin/ diff --git a/cmd/worker/Dockerfile.wolfi b/cmd/worker/Dockerfile.wolfi deleted file mode 100644 index 8cd0659bd7e..00000000000 --- a/cmd/worker/Dockerfile.wolfi +++ /dev/null @@ -1,21 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -EXPOSE 3189 - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/worker"] -COPY worker /usr/local/bin/ diff --git a/cmd/worker/build-wolfi.sh b/cmd/worker/build-wolfi.sh deleted file mode 100755 index 91dc4d0d258..00000000000 --- a/cmd/worker/build-wolfi.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the worker docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/worker - out=$(./dev/ci/bazel.sh cquery //cmd/worker --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/worker/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/cmd/worker" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f cmd/worker/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/cmd/worker/build.sh b/cmd/worker/build.sh deleted file mode 100644 index b449e627f2b..00000000000 --- a/cmd/worker/build.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the worker docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //cmd/worker - out=$(./dev/ci/bazel.sh cquery //cmd/worker --output=files) - cp "$out" "$OUTPUT" - - docker build -f cmd/worker/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/cmd/worker" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f cmd/worker/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/doc/dev/setup/troubleshooting.md b/doc/dev/setup/troubleshooting.md index 64d57ebe4c0..787bbc6fcdb 100644 --- a/doc/dev/setup/troubleshooting.md +++ b/doc/dev/setup/troubleshooting.md @@ -157,18 +157,3 @@ When trying to install `sg` with the pre-built binaries on WSL2 you may run into Note: this change will be reverted when your session ends. You will need to reset these limits every time you open a new session and want to use `sg`. -## Symbols docker image creation fails - -If you see an error like this: - -``` -executor failed running [/bin/sh -c /ctags-install-alpine.sh]: exit code: 133 --------------------------------------------------------------------------------- -❌ failed to run symbols -``` -and you are running the default `sg start` look for the error string `rosetta error: futex(FUTEX_LOCK_PI_PRIVATE) failure:` - -You may have enabled Rosetta emulation in your docker configuration. -You may either disable Rosetta emulation in docker or manually build the symbols -binary with `./dev/ctags-install.sh` and then set the `CTAGS_COMMAND` env var -in your sg.config.overwrite.yaml to point to the binary. diff --git a/docker-images/blobstore/Dockerfile b/docker-images/blobstore/Dockerfile deleted file mode 100644 index da7c3dccb17..00000000000 --- a/docker-images/blobstore/Dockerfile +++ /dev/null @@ -1,67 +0,0 @@ -# Build s3proxy from source -# hadolint ignore=DL3022 -FROM maven:3.8.6-openjdk-11-slim AS builder - -# hadolint ignore=DL3008,DL3009 -RUN apt-get update && \ - apt-get install -y --no-install-recommends git - -RUN git clone https://github.com/sourcegraph/s3proxy /build -WORKDIR /build -RUN mvn package -DskipTests && \ - mv target/ /opt/s3proxy && \ - cp src/main/resources/run-docker-container.sh /opt/s3proxy - -# Build our final Alpine-based image -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk update && apk add --no-cache \ - openjdk11 - -COPY --from=builder /opt/s3proxy /opt/s3proxy - -ENV \ - LOG_LEVEL="info" \ - S3PROXY_AUTHORIZATION="none" \ - S3PROXY_ENDPOINT="http://0.0.0.0:9000" \ - S3PROXY_IDENTITY="local-identity" \ - S3PROXY_CREDENTIAL="local-credential" \ - S3PROXY_VIRTUALHOST="" \ - S3PROXY_CORS_ALLOW_ALL="false" \ - S3PROXY_CORS_ALLOW_ORIGINS="" \ - S3PROXY_CORS_ALLOW_METHODS="" \ - S3PROXY_CORS_ALLOW_HEADERS="" \ - S3PROXY_IGNORE_UNKNOWN_HEADERS="false" \ - S3PROXY_ENCRYPTED_BLOBSTORE="" \ - S3PROXY_ENCRYPTED_BLOBSTORE_PASSWORD="" \ - S3PROXY_ENCRYPTED_BLOBSTORE_SALT="" \ - S3PROXY_V4_MAX_NON_CHUNKED_REQ_SIZE=33554432 \ - JCLOUDS_PROVIDER="filesystem" \ - JCLOUDS_ENDPOINT="" \ - JCLOUDS_REGION="" \ - JCLOUDS_REGIONS="us-east-1" \ - JCLOUDS_IDENTITY="remote-identity" \ - JCLOUDS_CREDENTIAL="remote-credential" \ - JCLOUDS_KEYSTONE_VERSION="" \ - JCLOUDS_KEYSTONE_SCOPE="" \ - JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME="" \ - JCLOUDS_FILESYSTEM_BASEDIR="/data" - -RUN mkdir -p /data && chown -R sourcegraph:sourcegraph /data -USER sourcegraph - -EXPOSE 9000 -WORKDIR /opt/s3proxy -ENTRYPOINT ["/sbin/tini", "--", "/opt/s3proxy/run-docker-container.sh"] diff --git a/docker-images/blobstore/Dockerfile.wolfi b/docker-images/blobstore/Dockerfile.wolfi deleted file mode 100644 index 3ad67194753..00000000000 --- a/docker-images/blobstore/Dockerfile.wolfi +++ /dev/null @@ -1,44 +0,0 @@ -# Build our final Wolfi-based image -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-blobstore-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV \ - LOG_LEVEL="info" \ - S3PROXY_AUTHORIZATION="none" \ - S3PROXY_ENDPOINT="http://0.0.0.0:9000" \ - S3PROXY_IDENTITY="local-identity" \ - S3PROXY_CREDENTIAL="local-credential" \ - S3PROXY_VIRTUALHOST="" \ - S3PROXY_CORS_ALLOW_ALL="false" \ - S3PROXY_CORS_ALLOW_ORIGINS="" \ - S3PROXY_CORS_ALLOW_METHODS="" \ - S3PROXY_CORS_ALLOW_HEADERS="" \ - S3PROXY_IGNORE_UNKNOWN_HEADERS="false" \ - S3PROXY_ENCRYPTED_BLOBSTORE="" \ - S3PROXY_ENCRYPTED_BLOBSTORE_PASSWORD="" \ - S3PROXY_ENCRYPTED_BLOBSTORE_SALT="" \ - S3PROXY_V4_MAX_NON_CHUNKED_REQ_SIZE=33554432 \ - JCLOUDS_PROVIDER="filesystem" \ - JCLOUDS_ENDPOINT="" \ - JCLOUDS_REGION="" \ - JCLOUDS_REGIONS="us-east-1" \ - JCLOUDS_IDENTITY="remote-identity" \ - JCLOUDS_CREDENTIAL="remote-credential" \ - JCLOUDS_KEYSTONE_VERSION="" \ - JCLOUDS_KEYSTONE_SCOPE="" \ - JCLOUDS_KEYSTONE_PROJECT_DOMAIN_NAME="" \ - JCLOUDS_FILESYSTEM_BASEDIR="/data" - -USER sourcegraph - -EXPOSE 9000 -ENTRYPOINT ["/sbin/tini", "--", "/opt/s3proxy/run-docker-container.sh"] diff --git a/docker-images/blobstore/build-wolfi.sh b/docker-images/blobstore/build-wolfi.sh deleted file mode 100755 index 2be201d7773..00000000000 --- a/docker-images/blobstore/build-wolfi.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -docker build -f Dockerfile.wolfi -t "${IMAGE:-"sourcegraph/blobstore"}" . \ - --platform linux/amd64 \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/blobstore/build.sh b/docker-images/blobstore/build.sh deleted file mode 100755 index 26ed567f702..00000000000 --- a/docker-images/blobstore/build.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -docker build -t "${IMAGE:-"sourcegraph/blobstore"}" . \ - --platform linux/amd64 \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/cadvisor/Dockerfile b/docker-images/cadvisor/Dockerfile deleted file mode 100644 index 335726bff32..00000000000 --- a/docker-images/cadvisor/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -# NOTE: Check the README before updating -FROM gcr.io/cadvisor/cadvisor@sha256:adc29827d88730174181e9fe221938323baa6ba8c5734c2ec52aa2e86a0c303e -LABEL com.sourcegraph.cadvisor.version=v0.47.0 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# hadolint ignore=SC2261 -RUN apk add --upgrade --no-cache apk-tools>=2.10.8-r0 krb5-libs>=1.18.4-r0 \ - libtirpc>=1.3.2-r1 \ - busybox \ - wget - -# Reflects cAdvisor Dockerfile at https://github.com/google/cadvisor/blob/v0.45.0/deploy/Dockerfile -# alongside additional Sourcegraph defaults. -ENTRYPOINT ["/usr/bin/cadvisor", "-logtostderr", \ - # sourcegraph cAdvisor custom port - "-port=48080", \ - # For metrics categories, see: - # https://github.com/google/cadvisor/blob/master/docs/storage/prometheus.md#prometheus-container-metrics - # and cross-reference with search in the codebase to decide which categories we need - "-enable_metrics=cpu,diskIO,memory,network", \ - # Aligned 1:1 with Kubelet defaults: - # https://sourcegraph.com/github.com/google/cadvisor@v0.45.0/-/blob/deploy/kubernetes/overlays/examples/cadvisor-args.yaml - "-docker_only", \ - "-housekeeping_interval=10s", \ - "-max_housekeeping_interval=15s", \ - "-event_storage_event_limit=default=0", \ - "-event_storage_age_limit=default=0"] diff --git a/docker-images/cadvisor/Dockerfile.wolfi b/docker-images/cadvisor/Dockerfile.wolfi deleted file mode 100644 index ba781b37fd2..00000000000 --- a/docker-images/cadvisor/Dockerfile.wolfi +++ /dev/null @@ -1,33 +0,0 @@ -# TODO: Experimental cAdvisor Dockerfile. Entirely untested, and may require additional libraries - -# NOTE: Check the README before updating -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-cadvisor-base:latest -LABEL com.sourcegraph.cadvisor.version=v0.47.1 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -# Reflects cAdvisor Dockerfile at https://github.com/google/cadvisor/blob/v0.45.0/deploy/Dockerfile -# alongside additional Sourcegraph defaults. -ENTRYPOINT ["/usr/bin/cadvisor", "-logtostderr", \ - # sourcegraph cAdvisor custom port - "-port=48080", \ - # For metrics categories, see: - # https://github.com/google/cadvisor/blob/master/docs/storage/prometheus.md#prometheus-container-metrics - # and cross-reference with search in the codebase to decide which categories we need - "-enable_metrics=cpu,diskIO,memory,network", \ - # Aligned 1:1 with Kubelet defaults: - # https://sourcegraph.com/github.com/google/cadvisor@v0.45.0/-/blob/deploy/kubernetes/overlays/examples/cadvisor-args.yaml - "-docker_only", \ - "-housekeeping_interval=10s", \ - "-max_housekeeping_interval=15s", \ - "-event_storage_event_limit=default=0", \ - "-v=3", \ - "-event_storage_age_limit=default=0", \ - "-containerd=/var/run/containerd/containerd.sock"] diff --git a/docker-images/cadvisor/build-wolfi.sh b/docker-images/cadvisor/build-wolfi.sh deleted file mode 100755 index 1a6ce763b84..00000000000 --- a/docker-images/cadvisor/build-wolfi.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -docker build -f Dockerfile.wolfi -t "${IMAGE:-"sourcegraph/cadvisor"}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/cadvisor/build.sh b/docker-images/cadvisor/build.sh deleted file mode 100755 index 47410eaff44..00000000000 --- a/docker-images/cadvisor/build.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -docker build -t "${IMAGE:-"sourcegraph/cadvisor"}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/grafana/BUILD.bazel b/docker-images/grafana/BUILD.bazel index dcf57e6b5da..f8d679ec0c2 100644 --- a/docker-images/grafana/BUILD.bazel +++ b/docker-images/grafana/BUILD.bazel @@ -5,7 +5,7 @@ load("//dev:oci_defs.bzl", "image_repository") filegroup( name = "config_files", - srcs = glob(["config/*"]) + ["entry-bazel.sh"], + srcs = glob(["config/*"]) + ["entry.sh"], ) pkg_tar( @@ -16,7 +16,6 @@ pkg_tar( ], remap_paths = { "docker-images/grafana/config": "/sg_config_grafana", - "/entry-bazel.sh": "/entry.sh", }, ) diff --git a/docker-images/grafana/Dockerfile b/docker-images/grafana/Dockerfile deleted file mode 100644 index c3293ecf6f8..00000000000 --- a/docker-images/grafana/Dockerfile +++ /dev/null @@ -1,48 +0,0 @@ -# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana - -# Build monitoring definitions -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder -RUN mkdir -p '/generated/grafana' -COPY ./.bin/monitoring-generator /bin/monitoring-generator -RUN GRAFANA_DIR='/generated/grafana' PROMETHEUS_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator -RUN ls '/generated/grafana' - -# Prepare final image -# When upgrading the Grafana version, please refer to https://docs.sourcegraph.com/dev/background-information/observability/grafana#upgrading-grafana -# DO NOT UPGRADE to AGPL Grafana without consulting Stephen+legal, Grafana >= 8.0 is AGPLv3 Licensed -# See https://docs.google.com/document/d/1nSmz1ChL_rBvX8FAKTB-CNzgcff083sUlIpoXEz6FHE/edit#heading=h.69clsrno4211 -# We use a Grafana base image built by Chainguard -# TODO(@willdollman): This image was manually uploaded to our registry 2023-04-06 -FROM us.gcr.io/sourcegraph-dev/wolfi-grafana@sha256:ec1049f35ff7e4ab6ff7b4cc6790996ad74d196b8dcee8ea5283fca759156637 as production -LABEL com.sourcegraph.grafana.version=7.5.17 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# This removes the Chainguard-supplied config and replaces it with our own -# TODO: Ask Chainguard to remove this from the base image -USER root -RUN rm -rf /sg_config_grafana/provisioning/dashboards/sourcegraph/ -# hadolint ignore=DL3020 -ADD config /sg_config_grafana -COPY --from=monitoring_builder /generated/grafana/home.json /usr/share/grafana/public/dashboards/home.json -COPY --from=monitoring_builder /generated/grafana/* /sg_config_grafana/provisioning/dashboards/sourcegraph/ - -# Overwrite default entrypoint with the local one -COPY entry.sh /opt/grafana/ - -# Create optional folders to avoid error logs about missing dirs -RUN chown grafana:root /sg_config_grafana/provisioning/plugins - - -EXPOSE 3370 -USER grafana -ENTRYPOINT ["/opt/grafana/entry.sh"] diff --git a/docker-images/grafana/Dockerfile.alpine b/docker-images/grafana/Dockerfile.alpine deleted file mode 100644 index 62a7642fb85..00000000000 --- a/docker-images/grafana/Dockerfile.alpine +++ /dev/null @@ -1,57 +0,0 @@ -# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana - -# Build monitoring definitions -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder -RUN mkdir -p '/generated/grafana' -COPY ./.bin/monitoring-generator /bin/monitoring-generator -RUN GRAFANA_DIR='/generated/grafana' PROMETHEUS_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator -RUN ls '/generated/grafana' - -# Prepare final image -# when upgrading the Grafana version, please refer to https://docs.sourcegraph.com/dev/background-information/observability/grafana#upgrading-grafana -# DO NOT UPGRADE to AGPL Grafana without consulting Stephen+legal, Grafana >= 8.0 is AGPLv3 Licensed -# See https://docs.google.com/document/d/1nSmz1ChL_rBvX8FAKTB-CNzgcff083sUlIpoXEz6FHE/edit#heading=h.69clsrno4211 -FROM grafana/grafana:7.5.17@sha256:15abb652aa82eeb9f45589278b34ae6ef0e96f74c389cadde31831eb0b1ce228 as production -LABEL com.sourcegraph.grafana.version=7.5.17 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# hadolint ignore=DL3020 -ADD config /sg_config_grafana -COPY --from=monitoring_builder /generated/grafana/home.json /usr/share/grafana/public/dashboards/home.json -COPY --from=monitoring_builder /generated/grafana/* /sg_config_grafana/provisioning/dashboards/sourcegraph/ - -# hadolint ignore=DL3020 -ADD entry-alpine.sh / - - -USER root - -# Create optional folders to avoid error logs about missing dirs -RUN mkdir /sg_grafana_additional_dashboards -RUN mkdir /sg_config_grafana/provisioning/plugins && chown grafana:root /sg_config_grafana/provisioning/plugins - -# @FIXME: Update redis image -# Pin busybox=1.32.1-r7 https://github.com/sourcegraph/sourcegraph/issues/27965 -RUN apk add --upgrade --no-cache \ - 'apk-tools>=2.12' \ - 'krb5-libs>=1.18.4' \ - 'libssl1.1>=1.1.1s-r0' \ - 'openssl>=1.1.1s-r0' \ - 'busybox>=1.32.1' \ - 'ncurses-libs>=6.2_p20210109-r1' \ - 'ncurses-terminfo-base>=6.2_p20210109-r1' \ - 'libtirpc>=1.3.1-r1' - -EXPOSE 3370 -USER grafana -ENTRYPOINT ["/entry.sh"] diff --git a/docker-images/grafana/Dockerfile.bazel b/docker-images/grafana/Dockerfile.bazel deleted file mode 100644 index f8bdbee840e..00000000000 --- a/docker-images/grafana/Dockerfile.bazel +++ /dev/null @@ -1,45 +0,0 @@ -# sourcegraph/grafana - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/grafana -FROM grafana/grafana:7.5.17@sha256:15abb652aa82eeb9f45589278b34ae6ef0e96f74c389cadde31831eb0b1ce228 as production -LABEL com.sourcegraph.grafana.version=7.5.17 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# hadolint ignore=DL3020 -ADD config /sg_config_grafana -COPY grafana/home.json /usr/share/grafana/public/dashboards/home.json -COPY grafana/* /sg_config_grafana/provisioning/dashboards/sourcegraph/ - -# Overwrite default entrypoint with the local one -COPY entry-alpine.sh /entry.sh - -# Create optional folders to avoid error logs about missing dirs -USER root - -# Create optional folders to avoid error logs about missing dirs -RUN mkdir /sg_grafana_additional_dashboards -RUN mkdir /sg_config_grafana/provisioning/plugins && chown grafana:root /sg_config_grafana/provisioning/plugins - -# @FIXME: Update redis image -# Pin busybox=1.32.1-r7 https://github.com/sourcegraph/sourcegraph/issues/27965 -# RUN apk add --upgrade \ -# 'apk-tools>=2.12' \ -# 'krb5-libs>=1.18.4' \ -# 'libssl1.1>=1.1.1s-r0' \ -# 'openssl>=1.1.1s-r0' \ -# 'busybox>=1.32.1' \ -# 'ncurses-libs>=6.2_p20210109-r1' \ -# 'ncurses-terminfo-base>=6.2_p20210109-r1' \ -# 'libtirpc>=1.3.1-r1' - -EXPOSE 3370 -USER grafana -ENTRYPOINT ["/entry.sh"] diff --git a/docker-images/grafana/build-alpine.sh b/docker-images/grafana/build-alpine.sh deleted file mode 100755 index 0c6f037a75f..00000000000 --- a/docker-images/grafana/build-alpine.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -cd "$(dirname "${BASH_SOURCE[0]}")" - -# We build out of tree to prevent triggering dev watch scripts when we copy go -# files. -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" -} -trap cleanup EXIT - -# Copy assets -cp -R . "$BUILDDIR" - -# Build args for Go cross-compilation. -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Cross-compile monitoring generator before building the image. -pushd "../../monitoring" -go build \ - -trimpath \ - -o "$BUILDDIR"/.bin/monitoring-generator . - -# Final pre-build stage. -pushd "$BUILDDIR" - -docker build -f Dockerfile.alpine -t "${IMAGE:-sourcegraph/grafana}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - -# cd out of $BUILDDIR for cleanup -popd diff --git a/docker-images/grafana/build-bazel.sh b/docker-images/grafana/build-bazel.sh deleted file mode 100755 index 08677af5e3b..00000000000 --- a/docker-images/grafana/build-bazel.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -TMP=$(mktemp -d -t sggraf_tmp_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" - rm -rf "$TMP" - -} -trap cleanup EXIT - -./dev/ci/bazel.sh build //monitoring:generate_config_zip -monitoring_cfg=$(./dev/ci/bazel.sh cquery //monitoring:generate_config_zip --output=files) - -cp "$monitoring_cfg" "$TMP" -pushd "$TMP" -unzip "monitoring.zip" -popd - -cp -r docker-images/grafana/entry-alpine.sh "$BUILDDIR/" -cp -r docker-images/grafana/config "$BUILDDIR/" -cp -r "$TMP/monitoring/grafana" "$BUILDDIR/" - -# # shellcheck disable=SC2086 -docker build -f docker-images/grafana/Dockerfile.bazel -t "${IMAGE:-sourcegraph/grafana}" "$BUILDDIR" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/grafana/build.sh b/docker-images/grafana/build.sh deleted file mode 100755 index 1dcf51cc66d..00000000000 --- a/docker-images/grafana/build.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -cd "$(dirname "${BASH_SOURCE[0]}")" - -# We build out of tree to prevent triggering dev watch scripts when we copy go -# files. -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" -} -trap cleanup EXIT - -# Copy assets -cp -R . "$BUILDDIR" - -# Build args for Go cross-compilation. -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Cross-compile monitoring generator before building the image. -pushd "../../monitoring" -go build \ - -trimpath \ - -o "$BUILDDIR"/.bin/monitoring-generator . - -# Final pre-build stage. -pushd "$BUILDDIR" - -docker build -f Dockerfile -t "${IMAGE:-sourcegraph/grafana}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - -# cd out of $BUILDDIR for cleanup -popd diff --git a/docker-images/grafana/entry-alpine.sh b/docker-images/grafana/entry-alpine.sh deleted file mode 100755 index 709b247e7f4..00000000000 --- a/docker-images/grafana/entry-alpine.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash -set -e - -export GF_PATHS_PROVISIONING=/sg_config_grafana/provisioning -export GF_PATHS_CONFIG=/sg_config_grafana/grafana.ini - -exec "/run.sh" diff --git a/docker-images/grafana/entry-bazel.sh b/docker-images/grafana/entry-bazel.sh deleted file mode 100755 index 2caf6b511d5..00000000000 --- a/docker-images/grafana/entry-bazel.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env bash -set -e - -export GF_PATHS_PROVISIONING=/sg_config_grafana/provisioning -export GF_PATHS_CONFIG=/sg_config_grafana/grafana.ini - -exec grafana-server \ - --homepath="$GF_PATHS_HOME" \ - --config="$GF_PATHS_CONFIG" \ - --packaging=docker \ - "$@" \ - cfg:default.log.mode="console" \ - cfg:default.paths.data="$GF_PATHS_DATA" \ - cfg:default.paths.logs="$GF_PATHS_LOGS" \ - cfg:default.paths.plugins="$GF_PATHS_PLUGINS" \ - cfg:default.paths.provisioning="$GF_PATHS_PROVISIONING" diff --git a/docker-images/grafana/entry.sh b/docker-images/grafana/entry.sh index e4b6dd2007b..2caf6b511d5 100755 --- a/docker-images/grafana/entry.sh +++ b/docker-images/grafana/entry.sh @@ -4,4 +4,13 @@ set -e export GF_PATHS_PROVISIONING=/sg_config_grafana/provisioning export GF_PATHS_CONFIG=/sg_config_grafana/grafana.ini -exec "/opt/grafana/run.sh" +exec grafana-server \ + --homepath="$GF_PATHS_HOME" \ + --config="$GF_PATHS_CONFIG" \ + --packaging=docker \ + "$@" \ + cfg:default.log.mode="console" \ + cfg:default.paths.data="$GF_PATHS_DATA" \ + cfg:default.paths.logs="$GF_PATHS_LOGS" \ + cfg:default.paths.plugins="$GF_PATHS_PLUGINS" \ + cfg:default.paths.provisioning="$GF_PATHS_PROVISIONING" diff --git a/docker-images/indexed-searcher/Dockerfile.wolfi b/docker-images/indexed-searcher/Dockerfile.wolfi deleted file mode 100644 index fc9cf3f0815..00000000000 --- a/docker-images/indexed-searcher/Dockerfile.wolfi +++ /dev/null @@ -1,32 +0,0 @@ -# Note: to be able to use an ARG with a FROM it has to be at the TOP of the Dockerfile -ARG ZOEKT_IMAGE="index.docker.io/sourcegraph/zoekt-webserver" -ARG ZOEKT_VERSION -FROM $ZOEKT_IMAGE:$ZOEKT_VERSION AS zoekt_upstream - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -ENV DATA_DIR /data/index - -USER sourcegraph -WORKDIR /home/sourcegraph - -COPY --from=zoekt_upstream /usr/local/bin/zoekt-webserver /usr/local/bin/ - -# zoekt-webserver has a large stable heap size (10s of gigs), and as such the -# default GOGC=100 could be better tuned. https://dave.cheney.net/tag/gogc -# In go1.18 the GC changed significantly and from experimentation we tuned it -# down from 50 to 25. -ENV GOGC=25 - -ENTRYPOINT ["/sbin/tini", "--"] -# hadolint ignore=DL3025 -CMD zoekt-webserver -index $DATA_DIR -pprof -rpc -indexserver_proxy diff --git a/docker-images/indexed-searcher/build-wolfi.sh b/docker-images/indexed-searcher/build-wolfi.sh deleted file mode 100755 index 0300af790ac..00000000000 --- a/docker-images/indexed-searcher/build-wolfi.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -ZOEKT_VERSION=$(go mod edit -print | awk '/sourcegraph\/zoekt/ {print substr($2, 2)}') - -docker build --no-cache -f Dockerfile.wolfi -t "${IMAGE:-"sourcegraph/indexed-searcher"}" . \ - --progress=plain \ - --build-arg ZOEKT_VERSION="$ZOEKT_VERSION" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/indexed-searcher/build.sh b/docker-images/indexed-searcher/build.sh deleted file mode 100755 index 5c09878cf35..00000000000 --- a/docker-images/indexed-searcher/build.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -# This merely re-tags the image to match our official versioning scheme. The -# actual image currently lives here: -# https://github.com/sourcegraph/zoekt/blob/master/Dockerfile.webserver -# -# The images are tagged using the same pseudo-versions as go mod, so we -# extract the version from our go.mod - -version=$(go mod edit -print | awk '/sourcegraph\/zoekt/ {print substr($2, 2)}') - -docker pull index.docker.io/sourcegraph/zoekt-webserver:"$version" -docker tag index.docker.io/sourcegraph/zoekt-webserver:"$version" "$IMAGE" diff --git a/docker-images/jaeger-agent/Dockerfile b/docker-images/jaeger-agent/Dockerfile deleted file mode 100644 index 39d6e3756e1..00000000000 --- a/docker-images/jaeger-agent/Dockerfile +++ /dev/null @@ -1,30 +0,0 @@ -# This Dockerfile tracks jaegertracing/jaeger-agent, but includes more debugging tools and runs as a -# non-root user. It requires JAEGER_VERSION to be set as an argument to build. -ARG JAEGER_VERSION -FROM jaegertracing/jaeger-agent:${JAEGER_VERSION} as base - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -USER root -RUN apk --no-cache add bash curl apk-tools>=2.10.8-r0 - -COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt -COPY --from=base /go/bin/agent-linux /go/bin/agent-linux - -RUN adduser -S -u 10001 jaeger -RUN chown jaeger /go/bin/agent-linux -USER jaeger - -EXPOSE 5775/udp 6831/udp 6832/udp 5778 -ENTRYPOINT ["/go/bin/agent-linux"] - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ -LABEL com.sourcegraph.jaeger.version=${JAEGER_VERSION} diff --git a/docker-images/jaeger-agent/Dockerfile.wolfi b/docker-images/jaeger-agent/Dockerfile.wolfi deleted file mode 100644 index 3ac8edb192c..00000000000 --- a/docker-images/jaeger-agent/Dockerfile.wolfi +++ /dev/null @@ -1,14 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-jaeger-agent-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.jaeger.version=${JAEGER_VERSION} - -EXPOSE 5775/udp 6831/udp 6832/udp 5778 -ENTRYPOINT ["/usr/local/bin/jaeger-agent"] diff --git a/docker-images/jaeger-agent/build-wolfi.sh b/docker-images/jaeger-agent/build-wolfi.sh deleted file mode 100755 index 66eccb287b5..00000000000 --- a/docker-images/jaeger-agent/build-wolfi.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -cd "$(dirname "${BASH_SOURCE[0]}")" - -IMAGE=${IMAGE:-sourcegraph/jaeger-agent} - -docker build --no-cache -f Dockerfile.wolfi -t "${IMAGE}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/jaeger-agent/build.sh b/docker-images/jaeger-agent/build.sh deleted file mode 100755 index 004ca3dbf84..00000000000 --- a/docker-images/jaeger-agent/build.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -cd "$(dirname "${BASH_SOURCE[0]}")" - -export JAEGER_VERSION="${JAEGER_VERSION:-1.42.0}" -IMAGE=${IMAGE:-sourcegraph/jaeger-agent} - -echo "Building image ${IMAGE} from Jaeger ${JAEGER_VERSION}" - -docker build --no-cache -t "${IMAGE}" . \ - --progress=plain \ - --build-arg JAEGER_VERSION \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/jaeger-all-in-one/Dockerfile b/docker-images/jaeger-all-in-one/Dockerfile deleted file mode 100644 index ac44dcc1413..00000000000 --- a/docker-images/jaeger-all-in-one/Dockerfile +++ /dev/null @@ -1,69 +0,0 @@ -# This Dockerfile tracks jaegertracing/all-in-one -# (https://github.com/jaegertracing/jaeger/blob/master/cmd/all-in-one/Dockerfile), but includes more -# debugging tools and runs as a non-root user. It requires JAEGER_VERSION to be set as an argument -# to build. -ARG JAEGER_VERSION -FROM jaegertracing/all-in-one:${JAEGER_VERSION} as base - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -USER root -RUN apk update -RUN apk --no-cache add bash curl 'apk-tools>=2.10.8-r0' 'krb5-libs>=1.18.4-r0' - -COPY --from=base /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt -COPY --from=base /go/bin/all-in-one-linux /go/bin/all-in-one-linux -COPY --from=base /etc/jaeger/sampling_strategies.json /etc/jaeger/sampling_strategies.json - -RUN adduser -S -u 10001 jaeger -RUN chown jaeger /go/bin/all-in-one-linux -RUN chown jaeger /etc/jaeger/sampling_strategies.json -USER jaeger - -# Agent zipkin.thrift compact -EXPOSE 5775/udp - -# Agent jaeger.thrift compact -EXPOSE 6831/udp - -# Agent jaeger.thrift binary -EXPOSE 6832/udp - -# Agent config HTTP -EXPOSE 5778 - -# Collector HTTP -EXPOSE 14268 - -# Collector gRPC -EXPOSE 14250 - -# Web HTTP -EXPOSE 16686 - -# Ensure the /tmp directory is chown'd to user jaeger -USER root -RUN mkdir -p /tmp -RUN chown -R jaeger /tmp -USER jaeger -VOLUME ["/tmp"] - -# Used in order to reverse proxy the Jaeger UI -ENV QUERY_BASE_PATH="/-/debug/jaeger" - -# Default configuration file for setting sampling strategies, we override the command in docker-compose -ENV SAMPLING_STRATEGIES_FILE=/etc/jaeger/sampling_strategies.json - -ENTRYPOINT ["/go/bin/all-in-one-linux"] -CMD ["--sampling.strategies-file=/etc/jaeger/sampling_strategies.json"] - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ -LABEL com.sourcegraph.jaeger.version=${JAEGER_VERSION} diff --git a/docker-images/jaeger-all-in-one/Dockerfile.wolfi b/docker-images/jaeger-all-in-one/Dockerfile.wolfi deleted file mode 100644 index 0867e8cdee4..00000000000 --- a/docker-images/jaeger-all-in-one/Dockerfile.wolfi +++ /dev/null @@ -1,46 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-jaeger-all-in-one-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.jaeger.version=${JAEGER_VERSION} - -COPY ./config/sampling_strategies.json /etc/jaeger/sampling_strategies.json - -USER jaeger -VOLUME ["/tmp"] - -# Agent zipkin.thrift compact -EXPOSE 5775/udp - -# Agent jaeger.thrift compact -EXPOSE 6831/udp - -# Agent jaeger.thrift binary -EXPOSE 6832/udp - -# Agent config HTTP -EXPOSE 5778 - -# Collector HTTP -EXPOSE 14268 - -# Collector gRPC -EXPOSE 14250 - -# Web HTTP -EXPOSE 16686 - -# Used in order to reverse proxy the Jaeger UI -ENV QUERY_BASE_PATH="/-/debug/jaeger" - -# Default configuration file for setting sampling strategies, we override the command in docker-compose -ENV SAMPLING_STRATEGIES_FILE=/etc/jaeger/sampling_strategies.json - -ENTRYPOINT ["/usr/local/bin/jaeger-all-in-one"] -CMD ["--sampling.strategies-file=/etc/jaeger/sampling_strategies.json"] diff --git a/docker-images/jaeger-all-in-one/build-wolfi.sh b/docker-images/jaeger-all-in-one/build-wolfi.sh deleted file mode 100755 index b53f5650478..00000000000 --- a/docker-images/jaeger-all-in-one/build-wolfi.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -cd "$(dirname "${BASH_SOURCE[0]}")" - -IMAGE=${IMAGE:-sourcegraph/jaeger-all-in-one} - -docker build --no-cache -f Dockerfile.wolfi -t "${IMAGE}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/jaeger-all-in-one/build.sh b/docker-images/jaeger-all-in-one/build.sh deleted file mode 100755 index a6294be13fe..00000000000 --- a/docker-images/jaeger-all-in-one/build.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -cd "$(dirname "${BASH_SOURCE[0]}")" - -export JAEGER_VERSION="${JAEGER_VERSION:-1.42.0}" -IMAGE=${IMAGE:-sourcegraph/jaeger-all-in-one} - -echo "Building image ${IMAGE} from Jaeger ${JAEGER_VERSION}" - -docker build --no-cache -t "${IMAGE}" . \ - --progress=plain \ - --build-arg JAEGER_VERSION \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/node-exporter/Dockerfile.wolfi b/docker-images/node-exporter/Dockerfile.wolfi deleted file mode 100644 index bb1779e6c0c..00000000000 --- a/docker-images/node-exporter/Dockerfile.wolfi +++ /dev/null @@ -1,16 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-node-exporter-base:latest -# hadolint ignore=DL3048 -LABEL com.sourcegraph.node_exporter.version=v1.5.0 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -EXPOSE 9100 -USER nobody -ENTRYPOINT [ "/usr/bin/node_exporter" ] diff --git a/docker-images/node-exporter/build-wolfi.sh b/docker-images/node-exporter/build-wolfi.sh deleted file mode 100755 index 76ca60b1afd..00000000000 --- a/docker-images/node-exporter/build-wolfi.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/node-exporter}" . \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/node-exporter/build.sh b/docker-images/node-exporter/build.sh deleted file mode 100755 index d063260c7be..00000000000 --- a/docker-images/node-exporter/build.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -# Retag the upstream node-exporter release -VERSION="v1.5.0@sha256:fa8e5700b7762fffe0674e944762f44bb787a7e44d97569fe55348260453bf80" - -docker pull prom/node-exporter:$VERSION -docker tag prom/node-exporter:$VERSION "$IMAGE" diff --git a/docker-images/opentelemetry-collector/Dockerfile b/docker-images/opentelemetry-collector/Dockerfile deleted file mode 100644 index 467666aa098..00000000000 --- a/docker-images/opentelemetry-collector/Dockerfile +++ /dev/null @@ -1,48 +0,0 @@ -# Build custom collector binary -FROM golang:1.19.8-alpine@sha256:841c160ed35923d96c95c52403c4e6db5decd9cbce034aa851e412ade5d4b74f AS build - -ARG OTEL_COLLECTOR_VERSION -ENV OTEL_COLLECTOR_VERSION=${OTEL_COLLECTOR_VERSION} - -# Get some requirements for building the collector -RUN apk add --no-cache gettext git gcc g++ - -# Prep workspace for build -RUN mkdir -p /build -WORKDIR /build - -# Populate builder template with version variables -COPY ./builder.template.yaml ./builder.template.yaml -RUN envsubst <./builder.template.yaml >./builder.yaml - -# Run the collector builder -RUN mkdir -p /cmd/otelcol-sourcegraph -RUN go run go.opentelemetry.io/collector/cmd/builder@v${OTEL_COLLECTOR_VERSION} \ - --config ./builder.yaml \ - --output-path=/cmd/otelcol-sourcegraph - -# Package the final distribution image -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ -LABEL com.sourcegraph.opentelemetry-collector.version=${OTEL_COLLECTOR_VERSION} - -# Set up a home directory -RUN mkdir -p /otel-collector -WORKDIR /otel-collector - -# Set up bundled configuration - see README -COPY ./configs /etc/otel-collector/configs - -# Get the custom distribution we built, and set it to the default entrypoint -COPY --from=build /cmd/otelcol-sourcegraph/otelcol-sourcegraph /bin/otelcol-sourcegraph -ENTRYPOINT [ "/bin/otelcol-sourcegraph" ] diff --git a/docker-images/opentelemetry-collector/Dockerfile.wolfi b/docker-images/opentelemetry-collector/Dockerfile.wolfi deleted file mode 100644 index df0e1a2151e..00000000000 --- a/docker-images/opentelemetry-collector/Dockerfile.wolfi +++ /dev/null @@ -1,17 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-opentelemetry-collector-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -# TODO: Alpine image runs as root - required? - -# Set up bundled configuration - see README -COPY ./configs /etc/otel-collector/configs - -ENTRYPOINT [ "/bin/otelcol-sourcegraph" ] diff --git a/docker-images/opentelemetry-collector/build-wolfi.sh b/docker-images/opentelemetry-collector/build-wolfi.sh deleted file mode 100755 index 560126e998c..00000000000 --- a/docker-images/opentelemetry-collector/build-wolfi.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/opentelemetry-collector}" . \ - --platform linux/amd64 \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/opentelemetry-collector/build.sh b/docker-images/opentelemetry-collector/build.sh deleted file mode 100755 index 4f8fee34028..00000000000 --- a/docker-images/opentelemetry-collector/build.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -# Keep in sync with version in go.mod -export OTEL_COLLECTOR_VERSION="${OTEL_COLLECTOR_VERSION:-0.71.0}" - -docker build -t "${IMAGE:-sourcegraph/opentelemetry-collector}" . \ - --platform linux/amd64 \ - --build-arg OTEL_COLLECTOR_VERSION \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/postgres_exporter/Dockerfile b/docker-images/postgres_exporter/Dockerfile deleted file mode 100644 index 50c53a7f958..00000000000 --- a/docker-images/postgres_exporter/Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -FROM prometheuscommunity/postgres-exporter:v0.12.0@sha256:f34d50a64a4d558ad118ffc73be45a359ac8f30b8daba4b241458bcb9f94e254 as postgres_exporter -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -# hadolint ignore=DL3048 -LABEL com.sourcegraph.postgres_exporter.version=v0.12.0 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# hadolint ignore=DL3022 -COPY --from=postgres_exporter /bin/postgres_exporter /usr/local/bin/postgres_exporter - -RUN addgroup -S postgres_exporter && adduser --uid 20001 -S postgres_exporter -G postgres_exporter - -USER postgres_exporter - -COPY ./*.yaml /config/ -ENV PG_EXPORTER_EXTEND_QUERY_PATH=/config/queries.yaml - -EXPOSE 9187 - -ENTRYPOINT [ "/usr/local/bin/postgres_exporter"] diff --git a/docker-images/postgres_exporter/Dockerfile.wolfi b/docker-images/postgres_exporter/Dockerfile.wolfi deleted file mode 100644 index 2920c564e20..00000000000 --- a/docker-images/postgres_exporter/Dockerfile.wolfi +++ /dev/null @@ -1,21 +0,0 @@ - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-postgres-exporter-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -USER postgres_exporter - -COPY ./*.yaml /config/ -ENV PG_EXPORTER_EXTEND_QUERY_PATH=/config/queries.yaml - -EXPOSE 9187 - -# TODO: Error 'Error opening config file "postgres_exporter.yml"' occurs at startup in v0.12.0 - confirm this is working as expected -ENTRYPOINT [ "/usr/bin/postgres_exporter"] diff --git a/docker-images/postgres_exporter/build-wolfi.sh b/docker-images/postgres_exporter/build-wolfi.sh deleted file mode 100755 index 61e7bf65ce8..00000000000 --- a/docker-images/postgres_exporter/build-wolfi.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -OUTPUT=$(mktemp -d -t sgpostgres_exporter_XXXXXXX) -export OUTPUT -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -mkdir -p "${OUTPUT}" -OUTPUT_FILE="${OUTPUT}/queries.yaml" -CODEINTEL_OUTPUT_FILE="${OUTPUT}/code_intel_queries.yaml" -CODEINSIGHTS_OUTPUT_FILE="${OUTPUT}/code_insights_queries.yaml" - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"codeintel"* || "$source" == *"codeinsights"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${OUTPUT_FILE}" -done - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"frontend"* || "$source" == *"codeinsights"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${CODEINTEL_OUTPUT_FILE}" -done - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"frontend"* || "$source" == *"codeintel"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${CODEINSIGHTS_OUTPUT_FILE}" -done - -echo "${OUTPUT_FILE}" -echo "${CODEINTEL_OUTPUT_FILE}" -echo "${CODEINSIGHTS_OUTPUT_FILE}" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/postgres_exporter}" "${OUTPUT}" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/postgres_exporter/build.sh b/docker-images/postgres_exporter/build.sh deleted file mode 100755 index b11a4d943a9..00000000000 --- a/docker-images/postgres_exporter/build.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash -cd "$(dirname "${BASH_SOURCE[0]}")" -set -ex - -OUTPUT=$(mktemp -d -t sgpostgres_exporter_XXXXXXX) -export OUTPUT -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -mkdir -p "${OUTPUT}" -OUTPUT_FILE="${OUTPUT}/queries.yaml" -CODEINTEL_OUTPUT_FILE="${OUTPUT}/code_intel_queries.yaml" -CODEINSIGHTS_OUTPUT_FILE="${OUTPUT}/code_insights_queries.yaml" - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"codeintel"* || "$source" == *"codeinsights"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${OUTPUT_FILE}" -done - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"frontend"* || "$source" == *"codeinsights"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${CODEINTEL_OUTPUT_FILE}" -done - -for source in ./config/*.yaml; do - { - if [[ "$source" == *"frontend"* || "$source" == *"codeintel"* ]]; then - echo "# skipping $source" - continue - fi - echo "# source: ${source}" - cat "$source" - echo "" - } >>"${CODEINSIGHTS_OUTPUT_FILE}" -done - -echo "${OUTPUT_FILE}" -echo "${CODEINTEL_OUTPUT_FILE}" -echo "${CODEINSIGHTS_OUTPUT_FILE}" - -docker build -f ./Dockerfile -t "${IMAGE:-sourcegraph/postgres_exporter}" "${OUTPUT}" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/prometheus/build-bazel.sh b/docker-images/prometheus-gcp/build-bazel.sh similarity index 100% rename from docker-images/prometheus/build-bazel.sh rename to docker-images/prometheus-gcp/build-bazel.sh diff --git a/docker-images/prometheus-gcp/build-wolfi.sh b/docker-images/prometheus-gcp/build-wolfi.sh deleted file mode 100755 index 6c35e3b4aef..00000000000 --- a/docker-images/prometheus-gcp/build-wolfi.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -export BASE_IMAGE="gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0" -export IMAGE="${IMAGE:-sourcegraph/prometheus-gcp}" - -../prometheus/build-wolfi.sh diff --git a/docker-images/prometheus-gcp/build.sh b/docker-images/prometheus-gcp/build.sh index ce865a4ab2e..58099030162 100755 --- a/docker-images/prometheus-gcp/build.sh +++ b/docker-images/prometheus-gcp/build.sh @@ -6,8 +6,4 @@ cd "$(dirname "${BASH_SOURCE[0]}")" export BASE_IMAGE="gke.gcr.io/prometheus-engine/prometheus:v2.35.0-gmp.2-gke.0" export IMAGE="${IMAGE:-sourcegraph/prometheus-gcp}" -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ../prometheus/build-bazel.sh -else - ../prometheus/build.sh -fi +./build-bazel.sh diff --git a/docker-images/prometheus/Dockerfile b/docker-images/prometheus/Dockerfile deleted file mode 100644 index 04d0610982c..00000000000 --- a/docker-images/prometheus/Dockerfile +++ /dev/null @@ -1,89 +0,0 @@ -# sourcegraph/prometheus - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/prometheus - -# Note: to be able to use an ARG with a FROM it has to be at the TOP of the Dockerfile -# This allows the base image to be substituted for a GCP image that ships metrics to managed Prometheus. Default base image is regular upstream Prometheus -# https://cloud.google.com/stackdriver/docs/managed-prometheus/setup-unmanaged#run-gmp -# To upgrade Prometheus or Alertmanager, see https://docs.sourcegraph.com/dev/background-information/observability/prometheus#upgrading-prometheus-or-alertmanager -ARG BASE_IMAGE="prom/prometheus:v2.42.0@sha256:5689a4360cf1479bbad944b1311a90b495546c498c46f48e44fa7e5ac6412191" -# https://github.com/hadolint/hadolint/issues/339 -# hadolint ignore=DL3006 -FROM ${BASE_IMAGE} AS prom_upstream -FROM prom/alertmanager:v0.25.0@sha256:db8303fa05341f5dc6b19b36a97325cd1b8307254ed9042a2c554af71f3c0284 AS am_upstream - -# Build monitoring definitions -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS monitoring_builder -RUN mkdir -p '/generated/prometheus' -COPY ./.bin/monitoring-generator /bin/monitoring-generator -RUN PROMETHEUS_DIR='/generated/prometheus' GRAFANA_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator -RUN ls '/generated/prometheus' - -# Prepare final image -# hadolint ignore=DL3007 -FROM quay.io/prometheus/busybox-linux-amd64:latest - -# Should reflect versions above -LABEL com.sourcegraph.prometheus.version=v2.38.0 -LABEL com.sourcegraph.alertmanager.version=v0.24.0 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL org.opencontainers.image.url=https://sourcegraph.com/ -LABEL org.opencontainers.image.source=https://github.com/sourcegraph/sourcegraph/ -LABEL org.opencontainers.image.documentation=https://docs.sourcegraph.com/ - -# Prometheus - extended from https://github.com/prometheus/prometheus/blob/VERSION/Dockerfile -# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading -COPY --from=prom_upstream /bin/prometheus /bin/prometheus -COPY --from=prom_upstream /bin/promtool /bin/promtool -COPY --from=prom_upstream /etc/prometheus/prometheus.yml /etc/prometheus/prometheus.yml -COPY --from=prom_upstream /usr/share/prometheus/console_libraries/ /usr/share/prometheus/console_libraries/ -COPY --from=prom_upstream /usr/share/prometheus/consoles/ /usr/share/prometheus/consoles/ -COPY --from=prom_upstream /LICENSE /LICENSE -COPY --from=prom_upstream /NOTICE /NOTICE -# hadolint ignore=DL3010 -COPY --from=prom_upstream /npm_licenses.tar.bz2 /npm_licenses.tar.bz2 - -# Alertmanager - extended from https://github.com/prometheus/alertmanager/blob/VERSION/Dockerfile -# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading -COPY --from=am_upstream /bin/alertmanager /bin/alertmanager - -RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/ - -# TODO(uwe): remove "USER root" line once https://github.com/prometheus/prometheus/issues/3441 is resolved -# -# This is needed currently because the upstream image has us running as "nobody" -# which cannot create the sourcegraph user below. -USER root -# Add the sourcegraph group, user, and create the home directory. -# -# We use a static GID/UID assignment to ensure files can be chown'd to this -# user on the host machine (where this user does not exist). -# See https://github.com/sourcegraph/sourcegraph/issues/1884 -# -# Note: This mirrors what we do in e.g. our base alpine image: https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/alpine/Dockerfile#L10-L15 -RUN addgroup -g 101 -S sourcegraph && adduser -u 100 -S -G sourcegraph -h /home/sourcegraph sourcegraph -RUN mkdir -p /prometheus && chown -R sourcegraph:sourcegraph /prometheus -RUN mkdir -p /alertmanager && chown -R sourcegraph:sourcegraph /alertmanager -USER sourcegraph - -COPY ./.bin/prom-wrapper /bin/prom-wrapper -COPY ./prometheus.sh /prometheus.sh -COPY ./alertmanager.sh /alertmanager.sh - -# Copy config -COPY --from=monitoring_builder /generated/prometheus/* /sg_config_prometheus/ -COPY config/*_rules.yml /sg_config_prometheus/ -COPY config/prometheus.yml /sg_config_prometheus/ -COPY config/alertmanager.yml /sg_config_prometheus/ - -ENTRYPOINT ["/bin/prom-wrapper"] -# Note that upstream's 'VOLUME' directive was deliberately removed. Including it makes it impossible -# to chmod the directory to our 'sourcegraph' user. -WORKDIR /prometheus -# Prometheus is reverse-proxied from 9092 to 9090 -EXPOSE 9090 diff --git a/docker-images/prometheus/Dockerfile.wolfi b/docker-images/prometheus/Dockerfile.wolfi deleted file mode 100644 index fb4101bdfe0..00000000000 --- a/docker-images/prometheus/Dockerfile.wolfi +++ /dev/null @@ -1,78 +0,0 @@ -# sourcegraph/prometheus - learn more about this image in https://docs.sourcegraph.com/dev/background-information/observability/prometheus - -# Note: to be able to use an ARG with a FROM it has to be at the TOP of the Dockerfile -# This allows the base image to be substituted for a GCP image that ships metrics to managed Prometheus. Default base image is regular upstream Prometheus -# https://cloud.google.com/stackdriver/docs/managed-prometheus/setup-unmanaged#run-gmp -# To upgrade Prometheus or Alertmanager, see https://docs.sourcegraph.com/dev/background-information/observability/prometheus#upgrading-prometheus-or-alertmanager -ARG BASE_IMAGE="prom/prometheus:v2.42.0@sha256:5689a4360cf1479bbad944b1311a90b495546c498c46f48e44fa7e5ac6412191" -# https://github.com/hadolint/hadolint/issues/339 -# hadolint ignore=DL3006 -FROM ${BASE_IMAGE} AS prom_upstream -FROM prom/alertmanager:v0.25.0@sha256:db8303fa05341f5dc6b19b36a97325cd1b8307254ed9042a2c554af71f3c0284 AS am_upstream - -# Build monitoring definitions -# hadolint ignore=DL3007 -FROM cgr.dev/chainguard/bash:latest AS monitoring_builder -RUN mkdir -p '/generated/prometheus' -COPY ./.bin/monitoring-generator /bin/monitoring-generator -RUN PROMETHEUS_DIR='/generated/prometheus' GRAFANA_DIR='' DOCS_DIR='' NO_PRUNE=true /bin/monitoring-generator -RUN ls '/generated/prometheus' - -# Prepare final image -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -# Should reflect versions above -LABEL com.sourcegraph.prometheus.version=v2.42.0 -LABEL com.sourcegraph.alertmanager.version=v0.25.0 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -# Prometheus - extended from https://github.com/prometheus/prometheus/blob/VERSION/Dockerfile -# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading -# TODO: Check directories in sourcegraph-base -COPY --from=prom_upstream /bin/prometheus /bin/prometheus -COPY --from=prom_upstream /bin/promtool /bin/promtool -COPY --from=prom_upstream /etc/prometheus/prometheus.yml /etc/prometheus/prometheus.yml -COPY --from=prom_upstream /usr/share/prometheus/console_libraries/ /usr/share/prometheus/console_libraries/ -COPY --from=prom_upstream /usr/share/prometheus/consoles/ /usr/share/prometheus/consoles/ -COPY --from=prom_upstream /LICENSE /LICENSE -COPY --from=prom_upstream /NOTICE /NOTICE -# hadolint ignore=DL3010 -COPY --from=prom_upstream /npm_licenses.tar.bz2 /npm_licenses.tar.bz2 - -# Alertmanager - extended from https://github.com/prometheus/alertmanager/blob/VERSION/Dockerfile -# Check the upstream image (replacing VERSION with the appropriate Prometheus version) when upgrading -COPY --from=am_upstream /bin/alertmanager /bin/alertmanager - -# Temporarily run as root -USER root -RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/ - -# Add required directories and switch to sourcegraph user -RUN mkdir -p /prometheus && chown -R sourcegraph:sourcegraph /prometheus -RUN mkdir -p /alertmanager && chown -R sourcegraph:sourcegraph /alertmanager -USER sourcegraph - -COPY ./.bin/prom-wrapper /bin/prom-wrapper -COPY ./prometheus.sh /prometheus.sh -COPY ./alertmanager.sh /alertmanager.sh - -# Copy config -COPY --from=monitoring_builder /generated/prometheus/* /sg_config_prometheus/ -COPY config/*_rules.yml /sg_config_prometheus/ -COPY config/prometheus.yml /sg_config_prometheus/ -COPY config/alertmanager.yml /sg_config_prometheus/ - -ENTRYPOINT ["/bin/prom-wrapper"] -# Note that upstream's 'VOLUME' directive was deliberately removed. Including it makes it impossible -# to chmod the directory to our 'sourcegraph' user. -WORKDIR /prometheus -# Prometheus is reverse-proxied from 9092 to 9090 -EXPOSE 9090 diff --git a/docker-images/prometheus/build-wolfi.sh b/docker-images/prometheus/build-wolfi.sh deleted file mode 100755 index 400f09a1b0a..00000000000 --- a/docker-images/prometheus/build-wolfi.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -cd "$(dirname "${BASH_SOURCE[0]}")" - -# We build out of tree to prevent triggering dev watch scripts when we copy go -# files. -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" -} -trap cleanup EXIT - -# Copy assets -cp -R . "$BUILDDIR" - -# Build args for Go cross-compilation. -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Cross-compile prom-wrapper before building the image. -go build \ - -trimpath \ - -installsuffix netgo \ - -tags "dist netgo" \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -o "$BUILDDIR"/.bin/prom-wrapper ./cmd/prom-wrapper - -# Cross-compile monitoring generator before building the image. -pushd "../../monitoring" -go build \ - -trimpath \ - -o "$BUILDDIR"/.bin/monitoring-generator . - -# Final pre-build stage. -pushd "$BUILDDIR" - -# Note: This chmod is so that both the `sourcegraph` user and host system user (what `whoami` reports on -# Linux) both have access to the files in the container AND files mounted by `-v` into the container without it -# running as root. For more details, see: -# https://github.com/sourcegraph/sourcegraph/pull/11832#discussion_r451109637 -chmod -R 777 config - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/prometheus}" . \ - --progress=plain \ - --build-arg BASE_IMAGE \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - -# cd out of $BUILDDIR for cleanup -popd diff --git a/docker-images/prometheus/build.sh b/docker-images/prometheus/build.sh deleted file mode 100755 index df2385db0e6..00000000000 --- a/docker-images/prometheus/build.sh +++ /dev/null @@ -1,55 +0,0 @@ -#!/usr/bin/env bash - -set -ex - -cd "$(dirname "${BASH_SOURCE[0]}")" - -# We build out of tree to prevent triggering dev watch scripts when we copy go -# files. -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" -} -trap cleanup EXIT - -# Copy assets -cp -R . "$BUILDDIR" - -# Build args for Go cross-compilation. -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -# Cross-compile prom-wrapper before building the image. -go build \ - -trimpath \ - -installsuffix netgo \ - -tags "dist netgo" \ - -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" \ - -o "$BUILDDIR"/.bin/prom-wrapper ./cmd/prom-wrapper - -# Cross-compile monitoring generator before building the image. -pushd "../../monitoring" -go build \ - -trimpath \ - -o "$BUILDDIR"/.bin/monitoring-generator . - -# Final pre-build stage. -pushd "$BUILDDIR" - -# Note: This chmod is so that both the `sourcegraph` user and host system user (what `whoami` reports on -# Linux) both have access to the files in the container AND files mounted by `-v` into the container without it -# running as root. For more details, see: -# https://github.com/sourcegraph/sourcegraph/pull/11832#discussion_r451109637 -chmod -R 777 config - -docker build -t "${IMAGE:-sourcegraph/prometheus}" . \ - --progress=plain \ - --build-arg BASE_IMAGE \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - -# cd out of $BUILDDIR for cleanup -popd diff --git a/docker-images/redis-cache/Dockerfile b/docker-images/redis-cache/Dockerfile deleted file mode 100644 index f882d2a4845..00000000000 --- a/docker-images/redis-cache/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM redis:5-alpine@sha256:fea243676a4d2d67f5990ddcbd4a56db9423b7f25e55758491e39988efc1cfbe - -RUN mkdir -p /redis-data && chown -R redis:redis /redis-data - -# @FIXME: Update redis image -# Pin busybox=1.33.1-r6 https://github.com/sourcegraph/sourcegraph/issues/27965 -# hadolint ignore=SC2261 -RUN apk --upgrade --no-cache add tini 'apk-tools>=2.12.7-r0' 'libssl1.1>=1.1.1t-r0' 'libcrypto1.1>=1.1.1t-r0' 'busybox>=1.33.1-r6' - - -USER redis -COPY redis.conf /etc/redis/redis.conf - -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["redis-server", "/etc/redis/redis.conf"] diff --git a/docker-images/redis-cache/Dockerfile.wolfi b/docker-images/redis-cache/Dockerfile.wolfi deleted file mode 100644 index 89434747ac9..00000000000 --- a/docker-images/redis-cache/Dockerfile.wolfi +++ /dev/null @@ -1,6 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-redis-base:latest - -COPY redis.conf /etc/redis/redis.conf - -ENTRYPOINT ["redis-server", "/etc/redis/redis.conf"] diff --git a/docker-images/redis-cache/build-wolfi.sh b/docker-images/redis-cache/build-wolfi.sh deleted file mode 100755 index b3cafc63b35..00000000000 --- a/docker-images/redis-cache/build-wolfi.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/redis-cache}" . diff --git a/docker-images/redis-cache/build.sh b/docker-images/redis-cache/build.sh deleted file mode 100755 index 28a2361ed26..00000000000 --- a/docker-images/redis-cache/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -t "${IMAGE:-sourcegraph/redis-cache}" . diff --git a/docker-images/redis-store/Dockerfile b/docker-images/redis-store/Dockerfile deleted file mode 100644 index 95140368358..00000000000 --- a/docker-images/redis-store/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM redis:5-alpine@sha256:fea243676a4d2d67f5990ddcbd4a56db9423b7f25e55758491e39988efc1cfbe - -RUN mkdir -p /redis-data && chown -R redis:redis /redis-data - -# @FIXME: Update redis image -# Pin busybox=1.33.1-r6 https://github.com/sourcegraph/sourcegraph/issues/27965 - -# hadolint ignore=SC2261 -RUN apk --upgrade --no-cache add tini 'apk-tools>=2.12.7-r0' 'libssl1.1>=1.1.1t-r0' 'libcrypto1.1>=1.1.1t-r0' 'busybox>=1.33.1-r6' - -USER redis -COPY redis.conf /etc/redis/redis.conf - -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["redis-server", "/etc/redis/redis.conf"] diff --git a/docker-images/redis-store/Dockerfile.wolfi b/docker-images/redis-store/Dockerfile.wolfi deleted file mode 100644 index 89434747ac9..00000000000 --- a/docker-images/redis-store/Dockerfile.wolfi +++ /dev/null @@ -1,6 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-redis-base:latest - -COPY redis.conf /etc/redis/redis.conf - -ENTRYPOINT ["redis-server", "/etc/redis/redis.conf"] diff --git a/docker-images/redis-store/build-wolfi.sh b/docker-images/redis-store/build-wolfi.sh deleted file mode 100755 index feecc6a8bcf..00000000000 --- a/docker-images/redis-store/build-wolfi.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/redis-store}" . diff --git a/docker-images/redis-store/build.sh b/docker-images/redis-store/build.sh deleted file mode 100755 index 7b28ec4bef3..00000000000 --- a/docker-images/redis-store/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -t "${IMAGE:-sourcegraph/redis-store}" . diff --git a/docker-images/redis_exporter/Dockerfile.wolfi b/docker-images/redis_exporter/Dockerfile.wolfi deleted file mode 100644 index c6256dbb82c..00000000000 --- a/docker-images/redis_exporter/Dockerfile.wolfi +++ /dev/null @@ -1,7 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-redis-exporter-base:latest - -USER sourcegraph -EXPOSE 9121 - -ENTRYPOINT [ "/usr/local/bin/redis_exporter" ] diff --git a/docker-images/redis_exporter/build-wolfi.sh b/docker-images/redis_exporter/build-wolfi.sh deleted file mode 100755 index af749ff543c..00000000000 --- a/docker-images/redis_exporter/build-wolfi.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/redis_exporter}" . diff --git a/docker-images/redis_exporter/build.sh b/docker-images/redis_exporter/build.sh deleted file mode 100755 index 462c9bf53c7..00000000000 --- a/docker-images/redis_exporter/build.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -# Retag the v1.35.0 redis-exporter release -VERSION="v1.35.0@sha256:edb0c9b19cacd90acc78f13f0908a7e6efd1df704e401805c24bffd241285f70" -docker pull oliver006/redis_exporter:$VERSION -docker tag oliver006/redis_exporter:$VERSION "$IMAGE" diff --git a/docker-images/search-indexer/Dockerfile.wolfi b/docker-images/search-indexer/Dockerfile.wolfi deleted file mode 100644 index 48ed8703a70..00000000000 --- a/docker-images/search-indexer/Dockerfile.wolfi +++ /dev/null @@ -1,33 +0,0 @@ -# Note: to be able to use an ARG with a FROM it has to be at the TOP of the Dockerfile -ARG ZOEKT_IMAGE="index.docker.io/sourcegraph/zoekt-indexserver" -ARG ZOEKT_VERSION -FROM $ZOEKT_IMAGE:$ZOEKT_VERSION AS zoekt_upstream - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-search-indexer-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} - -# DONE -ENV SRC_FRONTEND_INTERNAL http://sourcegraph-frontend-internal -# DONE -ENV DATA_DIR /data/index - -USER sourcegraph -WORKDIR /home/sourcegraph - -COPY --from=zoekt_upstream \ - /usr/local/bin/scip-ctags \ - /usr/local/bin/zoekt-sourcegraph-indexserver \ - /usr/local/bin/zoekt-archive-index \ - /usr/local/bin/zoekt-git-index \ - /usr/local/bin/zoekt-merge-index \ - /usr/local/bin/ - -ENTRYPOINT ["/sbin/tini", "--", "zoekt-sourcegraph-indexserver"] diff --git a/docker-images/search-indexer/build-wolfi.sh b/docker-images/search-indexer/build-wolfi.sh deleted file mode 100755 index d7dcb4dfc41..00000000000 --- a/docker-images/search-indexer/build-wolfi.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -ZOEKT_VERSION=$(go mod edit -print | awk '/sourcegraph\/zoekt/ {print substr($2, 2)}') - -docker build --no-cache -f Dockerfile.wolfi -t "${IMAGE:-"sourcegraph/search-indexer"}" . \ - --progress=plain \ - --build-arg ZOEKT_VERSION="$ZOEKT_VERSION" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/search-indexer/build.sh b/docker-images/search-indexer/build.sh deleted file mode 100755 index a4188a199d2..00000000000 --- a/docker-images/search-indexer/build.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -# This merely re-tags the image to match our official versioning scheme. The -# actual image currently lives here: -# https://github.com/sourcegraph/zoekt/blob/master/Dockerfile.indexserver -# -# The images are tagged using the same pseudo-versions as go mod, so we -# extract the version from our go.mod - -version=$(go mod edit -print | awk '/sourcegraph\/zoekt/ {print substr($2, 2)}') - -docker pull index.docker.io/sourcegraph/zoekt-indexserver:"$version" -docker tag index.docker.io/sourcegraph/zoekt-indexserver:"$version" "$IMAGE" diff --git a/docker-images/sg/Dockerfile.wolfi b/docker-images/sg/Dockerfile.wolfi deleted file mode 100644 index 50c73682e8c..00000000000 --- a/docker-images/sg/Dockerfile.wolfi +++ /dev/null @@ -1,16 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -COPY sg /usr/local/bin/ - -USER sourcegraph -ENTRYPOINT ["/usr/local/bin/sg"] diff --git a/docker-images/sg/build-wolfi.sh b/docker-images/sg/build-wolfi.sh deleted file mode 100755 index a75d7f9fabc..00000000000 --- a/docker-images/sg/build-wolfi.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //dev/sg - - out=$(./dev/ci/bazel.sh cquery //dev/sg --output=files) - - cp "$out" "$OUTPUT" - - echo "--- docker build $IMAGE" - # TODO: Move to dev/sg/Dockerfile - docker build -f docker-images/sg/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/dev/sg" -go build -trimpath -ldflags "-X main.BuildCommit=$BUILD_COMMIT" -o "$OUTPUT/sg" -buildmode exe "$pkg" - -echo "--- docker build $IMAGE" -# TODO: Move to dev/sg/Dockerfile -docker build -f docker-images/sg/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/sg/build.sh b/docker-images/sg/build.sh deleted file mode 100755 index dd1b6e66752..00000000000 --- a/docker-images/sg/build.sh +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //dev/sg - - out=$(./dev/ci/bazel.sh cquery //dev/sg --output=files) - - cp "$out" "$OUTPUT" - - echo "--- docker build $IMAGE" - docker build -f dev/sg/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/dev/sg" -go build -trimpath -ldflags "-X main.BuildCommit=$BUILD_COMMIT" -o "$OUTPUT/sg" -buildmode exe "$pkg" - -echo "--- docker build $IMAGE" -docker build -f dev/sg/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/syntax-highlighter/Dockerfile b/docker-images/syntax-highlighter/Dockerfile deleted file mode 100644 index 7af33c499d3..00000000000 --- a/docker-images/syntax-highlighter/Dockerfile +++ /dev/null @@ -1,77 +0,0 @@ -# syntax=docker/dockerfile:1.3-labs - -################################### -# Build syntect_server statically # -################################### - -# Keep Rust version in sync with /WORKSPACE -# and docker-images/syntax-highlighter/rust-toolchain.toml -FROM rust:1.68.0-alpine3.17@sha256:d119a621ae12f84ec0c5fed77c24795120ed1c7874b2428b5a6ccc0f294dbe18 as ss -RUN apk add --no-cache musl-dev>=1.1.24-r10 build-base -COPY . /repo -WORKDIR /repo -RUN cargo fetch - -ARG TARGETARCH - -# Because .cargo/config.toml doesnt support triplet-specific env -RUN <> .cargo/config.toml - [env] - CFLAGS="-mno-outline-atomics" - FOE -fi; -EOF - -RUN cargo test --release --workspace -RUN cargo rustc --release -RUN ls ./target - -RUN cp ./target/release/syntect_server /syntax_highlighter - -################################ -# Build http-server-stabilizer # -################################ -FROM golang:1.19-alpine@sha256:70df3b8f9f099da7f60f0b32480015165e3d0b51bfacf9e255b59f3dd6bd2828 as hss - -RUN apk add --no-cache git>=2.26.3 -RUN git clone --branch v1.1.0 --single-branch https://github.com/sourcegraph/http-server-stabilizer /repo -WORKDIR /repo -RUN go build -o /http-server-stabilizer . - -####################### -# Compile final image # -####################### -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -COPY --from=ss syntax_highlighter / -COPY --from=hss http-server-stabilizer / - -# even with everything, we can't get this to statically link -RUN apk add --no-cache libstdc++ - -EXPOSE 9238 -ENV ROCKET_ENV "production" -ENV ROCKET_LIMITS "{json=10485760}" - -# syntect_server does not need a secret key since it uses no cookies, but -# without one set Rocket emits a warning. -ENV ROCKET_SECRET_KEY "SeerutKeyIsI7releuantAndknvsuZPluaseIgnorYA=" - -# When keep-alive is on, we observe connection resets in our Go clients of -# syntect_server. It is unclear why this is, especially because our Go clients do -# not reuse the connection (i.e. we make a fresh connection every time). -# Disabling keep-alive does resolve the issue though, our best guess is that -# this is a bug in Hyper 0.10 (see https://github.com/SergioBenitez/Rocket/issues/928#issuecomment-464632953). -# See https://github.com/sourcegraph/sourcegraph/issues/2615 for details on -# what we observed when this was enabled with the default 5s. -ENV ROCKET_KEEP_ALIVE=0 - -# The more workers, the more resilient syntect_server is to getting stuck on -# bad grammar/file combinations. If it happens with four workers, only 1/4th of -# requests will be affected for a short period of time. Each worker can require -# at peak around 1.1 GiB of memory. -ENV WORKERS=4 - -ENV QUIET=true -CMD ["sh", "-c", "/http-server-stabilizer -listen=:9238 -prometheus-app-name=syntax_highlighter -workers=$WORKERS -- env ROCKET_PORT={{.Port}} /syntax_highlighter"] diff --git a/docker-images/syntax-highlighter/Dockerfile.bazel.unused b/docker-images/syntax-highlighter/Dockerfile.bazel.unused deleted file mode 100644 index 3bb5d77a3e8..00000000000 --- a/docker-images/syntax-highlighter/Dockerfile.bazel.unused +++ /dev/null @@ -1,45 +0,0 @@ -################################ -# Build http-server-stabilizer # -################################ -FROM golang:1.19-alpine@sha256:70df3b8f9f099da7f60f0b32480015165e3d0b51bfacf9e255b59f3dd6bd2828 as hss - -RUN apk add --no-cache git>=2.26.3 -RUN git clone --branch v1.1.0 --single-branch https://github.com/sourcegraph/http-server-stabilizer /repo -WORKDIR /repo -RUN go build -o /http-server-stabilizer . - -####################### -# Compile final image # -####################### -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a -COPY syntect_server /syntax_highlighter -COPY --from=hss http-server-stabilizer / - -# even with everything, we can't get this to statically link -RUN apk add --no-cache libstdc++ - -EXPOSE 9238 -ENV ROCKET_ENV "production" -ENV ROCKET_LIMITS "{json=10485760}" - -# syntect_server does not need a secret key since it uses no cookies, but -# without one set Rocket emits a warning. -ENV ROCKET_SECRET_KEY "SeerutKeyIsI7releuantAndknvsuZPluaseIgnorYA=" - -# When keep-alive is on, we observe connection resets in our Go clients of -# syntect_server. It is unclear why this is, especially because our Go clients do -# not reuse the connection (i.e. we make a fresh connection every time). -# Disabling keep-alive does resolve the issue though, our best guess is that -# this is a bug in Hyper 0.10 (see https://github.com/SergioBenitez/Rocket/issues/928#issuecomment-464632953). -# See https://github.com/sourcegraph/sourcegraph/issues/2615 for details on -# what we observed when this was enabled with the default 5s. -ENV ROCKET_KEEP_ALIVE=0 - -# The more workers, the more resilient syntect_server is to getting stuck on -# bad grammar/file combinations. If it happens with four workers, only 1/4th of -# requests will be affected for a short period of time. Each worker can require -# at peak around 1.1 GiB of memory. -ENV WORKERS=4 - -ENV QUIET=true -CMD ["sh", "-c", "/http-server-stabilizer -listen=:9238 -prometheus-app-name=syntax_highlighter -workers=$WORKERS -- env ROCKET_PORT={{.Port}} /syntax_highlighter"] diff --git a/docker-images/syntax-highlighter/Dockerfile.wolfi b/docker-images/syntax-highlighter/Dockerfile.wolfi deleted file mode 100644 index 7bfc4b7e830..00000000000 --- a/docker-images/syntax-highlighter/Dockerfile.wolfi +++ /dev/null @@ -1,36 +0,0 @@ -# syntax=docker/dockerfile:1.3-labs - -# IMPORTANT: The Dockerfile for building syntect_server includes a `-mno-outline-atomics` -# flag for arm64 builds - this is not done for Wolfi package builds - -####################### -# Compile final image # -####################### -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-syntax-highlighter-base:latest - -EXPOSE 9238 -ENV ROCKET_ENV "production" -ENV ROCKET_LIMITS "{json=10485760}" - -# syntect_server does not need a secret key since it uses no cookies, but -# without one set Rocket emits a warning. -ENV ROCKET_SECRET_KEY "SeerutKeyIsI7releuantAndknvsuZPluaseIgnorYA=" - -# When keep-alive is on, we observe connection resets in our Go clients of -# syntect_server. It is unclear why this is, especially because our Go clients do -# not reuse the connection (i.e. we make a fresh connection every time). -# Disabling keep-alive does resolve the issue though, our best guess is that -# this is a bug in Hyper 0.10 (see https://github.com/SergioBenitez/Rocket/issues/928#issuecomment-464632953). -# See https://github.com/sourcegraph/sourcegraph/issues/2615 for details on -# what we observed when this was enabled with the default 5s. -ENV ROCKET_KEEP_ALIVE=0 - -# The more workers, the more resilient syntect_server is to getting stuck on -# bad grammar/file combinations. If it happens with four workers, only 1/4th of -# requests will be affected for a short period of time. Each worker can require -# at peak around 1.1 GiB of memory. -ENV WORKERS=4 - -ENV QUIET=true -CMD ["sh", "-c", "/usr/local/bin/http-server-stabilizer -listen=:9238 -prometheus-app-name=syntax_highlighter -workers=$WORKERS -- env ROCKET_PORT={{.Port}} /usr/local/bin/syntax_highlighter"] diff --git a/docker-images/syntax-highlighter/build-bazel.sh.unused b/docker-images/syntax-highlighter/build-bazel.sh.unused deleted file mode 100755 index eed50b61ffd..00000000000 --- a/docker-images/syntax-highlighter/build-bazel.sh.unused +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")/../.." - -BUILDDIR=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$BUILDDIR" -} -trap cleanup EXIT - -./dev/ci/bazel.sh build //docker-images/syntax-highlighter:syntect_server -out=$(./dev/ci/bazel.sh cquery //docker-images/syntax-highlighter:syntect_server --output=files) - -cp "$out" "$BUILDDIR" - -# # shellcheck disable=SC2086 -docker build -f docker-images/syntax-highlighter/Dockerfile.bazel -t "${IMAGE:-sourcegraph/syntax-highlighter}" "$BUILDDIR" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/docker-images/syntax-highlighter/build-wolfi.sh b/docker-images/syntax-highlighter/build-wolfi.sh deleted file mode 100755 index 8c245555ca8..00000000000 --- a/docker-images/syntax-highlighter/build-wolfi.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -f Dockerfile.wolfi -t "${IMAGE:-sourcegraph/syntax-highlighter}" . diff --git a/docker-images/syntax-highlighter/build.sh b/docker-images/syntax-highlighter/build.sh deleted file mode 100755 index 2eae3e86fda..00000000000 --- a/docker-images/syntax-highlighter/build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/usr/bin/env bash - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")" - -docker build -t "${IMAGE:-sourcegraph/syntax-highlighter}" . diff --git a/enterprise/cmd/batcheshelper/Dockerfile b/enterprise/cmd/batcheshelper/Dockerfile deleted file mode 100644 index d940bdbc644..00000000000 --- a/enterprise/cmd/batcheshelper/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main - -COPY batcheshelper /usr/local/bin/ diff --git a/enterprise/cmd/batcheshelper/Dockerfile.wolfi b/enterprise/cmd/batcheshelper/Dockerfile.wolfi deleted file mode 100644 index efda7cf7786..00000000000 --- a/enterprise/cmd/batcheshelper/Dockerfile.wolfi +++ /dev/null @@ -1,17 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-batcheshelper-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -COPY batcheshelper /usr/local/bin/ diff --git a/enterprise/cmd/batcheshelper/build-wolfi.sh b/enterprise/cmd/batcheshelper/build-wolfi.sh deleted file mode 100755 index 1e8c7f0cd04..00000000000 --- a/enterprise/cmd/batcheshelper/build-wolfi.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/batcheshelper - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/batcheshelper --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/batcheshelper/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/batcheshelper" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/batcheshelper/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --platform="${PLATFORM:-linux/amd64}" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/batcheshelper/build.sh b/enterprise/cmd/batcheshelper/build.sh deleted file mode 100755 index 63c7ed62c11..00000000000 --- a/enterprise/cmd/batcheshelper/build.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/batcheshelper - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/batcheshelper --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/batcheshelper/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/batcheshelper" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/batcheshelper/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --platform="${PLATFORM:-linux/amd64}" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/bundled-executor/Dockerfile b/enterprise/cmd/bundled-executor/Dockerfile deleted file mode 100644 index 75e77171255..00000000000 --- a/enterprise/cmd/bundled-executor/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# Firecracker doesn't work in docker, so disable it by default. -ENV EXECUTOR_USE_FIRECRACKER=false - -# Preconfigure bundled-executor to take 1 parallel job and restart afterwards, this is to keep the -# environment clean-ish. -ENV EXECUTOR_MAXIMUM_NUM_JOBS=1 -ENV EXECUTOR_NUM_TOTAL_JOBS=1 - -# Install git and docker. We use the same version here as we use in gitserver. -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - ca-certificates - -# Install src-cli. -ARG SRC_CLI_VERSION -RUN set -ex && \ - curl -f -L -o src-cli.tar.gz "https://github.com/sourcegraph/src-cli/releases/download/${SRC_CLI_VERSION}/src-cli_${SRC_CLI_VERSION}_linux_amd64.tar.gz" && \ - tar -xvzf src-cli.tar.gz src && \ - mv src /usr/local/bin/src && \ - chmod +x /usr/local/bin/src && \ - rm -rf src-cli.tar.gz - -# Install additional common tools for running batch changes. -RUN apk add --no-cache \ - xmlstarlet \ - python3 py3-pip \ - openjdk11 \ - maven - -# Install batcheshelper. -COPY batcheshelper /usr/local/bin/ - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/bundled-executor/Dockerfile.wolfi b/enterprise/cmd/bundled-executor/Dockerfile.wolfi deleted file mode 100644 index c3d7615544b..00000000000 --- a/enterprise/cmd/bundled-executor/Dockerfile.wolfi +++ /dev/null @@ -1,34 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-bundled-executor-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV \ - # Firecracker doesn't work in docker, so disable it by default - EXECUTOR_USE_FIRECRACKER=false \ - # Preconfigure bundled-executor to take 1 parallel job and restart afterwards, this is to keep the environment clean-ish - EXECUTOR_MAXIMUM_NUM_JOBS=1 \ - EXECUTOR_NUM_TOTAL_JOBS=1 - -# Install src-cli. -ARG SRC_CLI_VERSION -RUN set -ex && \ - curl -f -L -o src-cli.tar.gz "https://github.com/sourcegraph/src-cli/releases/download/${SRC_CLI_VERSION}/src-cli_${SRC_CLI_VERSION}_linux_amd64.tar.gz" && \ - tar -xvzf src-cli.tar.gz src && \ - mv src /usr/local/bin/src && \ - chmod +x /usr/local/bin/src && \ - rm -rf src-cli.tar.gz - -# Install batcheshelper. -COPY batcheshelper /usr/local/bin/ - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/bundled-executor/build-wolfi.sh b/enterprise/cmd/bundled-executor/build-wolfi.sh deleted file mode 100755 index 37a9e5ccbb5..00000000000 --- a/enterprise/cmd/bundled-executor/build-wolfi.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -SRC_CLI_VERSION="$(go run ./internal/cmd/src-cli-version/main.go)" - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - - TARGETS=( - //enterprise/cmd/batcheshelper - //enterprise/cmd/executor - ) - ./dev/ci/bazel.sh build "${TARGETS[@]}" - for TARGET in "${TARGETS[@]}"; do - out=$(./dev/ci/bazel.sh cquery "$TARGET" --output=files) - cp "$out" "$OUTPUT" - echo "copying $TARGET" - done - - SRC_CLI_VERSION="$(bazel run //internal/cmd/src-cli-version)" - - docker build -f enterprise/cmd/bundled-executor/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist,shell -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -pushd ./enterprise/cmd/batcheshelper 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/batcheshelper" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/bundled-executor/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --platform=linux/amd64 \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/bundled-executor/build.sh b/enterprise/cmd/bundled-executor/build.sh deleted file mode 100755 index 2807a8664da..00000000000 --- a/enterprise/cmd/bundled-executor/build.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -SRC_CLI_VERSION="$(go run ./internal/cmd/src-cli-version/main.go)" - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - - TARGETS=( - //enterprise/cmd/batcheshelper - //enterprise/cmd/executor - ) - ./dev/ci/bazel.sh build "${TARGETS[@]}" - for TARGET in "${TARGETS[@]}"; do - out=$(./dev/ci/bazel.sh cquery "$TARGET" --output=files) - cp "$out" "$OUTPUT" - echo "copying $TARGET" - done - - SRC_CLI_VERSION="$(bazel run //internal/cmd/src-cli-version)" - - docker build -f enterprise/cmd/bundled-executor/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist,shell -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -pushd ./enterprise/cmd/batcheshelper 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/batcheshelper" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/bundled-executor/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --platform=linux/amd64 \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/cody-gateway/Dockerfile b/enterprise/cmd/cody-gateway/Dockerfile deleted file mode 100644 index 82d21398f27..00000000000 --- a/enterprise/cmd/cody-gateway/Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -FROM sourcegraph/alpine-3.14:211375_2023-04-02_5.0-05ccd1762636@sha256:cd5089e0b0f7e5a5cd18996f5acd23cfa2bde33f6b7ffb9ace47f552941f0be2 - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/cody-gateway"] -COPY cody-gateway /usr/local/bin/ - -# Embeddings uses 9991, let's take the next one -EXPOSE 9992 diff --git a/enterprise/cmd/cody-gateway/Dockerfile.wolfi b/enterprise/cmd/cody-gateway/Dockerfile.wolfi deleted file mode 100644 index 954f2c68ca9..00000000000 --- a/enterprise/cmd/cody-gateway/Dockerfile.wolfi +++ /dev/null @@ -1,18 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/cody-gateway"] -COPY cody-gateway /usr/local/bin/ - -# Embeddings uses 9991, let's take the next one -EXPOSE 9992 diff --git a/enterprise/cmd/cody-gateway/build-wolfi.sh b/enterprise/cmd/cody-gateway/build-wolfi.sh deleted file mode 100755 index d287ab3e2de..00000000000 --- a/enterprise/cmd/cody-gateway/build-wolfi.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/cody-gateway" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/cody-gateway/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/cody-gateway/build.sh b/enterprise/cmd/cody-gateway/build.sh deleted file mode 100755 index dc6465db62c..00000000000 --- a/enterprise/cmd/cody-gateway/build.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/cody-gateway" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/cody-gateway/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/embeddings/Dockerfile b/enterprise/cmd/embeddings/Dockerfile deleted file mode 100644 index fa474686ab5..00000000000 --- a/enterprise/cmd/embeddings/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache \ - bash - -USER sourcegraph -EXPOSE 9991 -WORKDIR / -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/embeddings"] -COPY embeddings /usr/local/bin/ diff --git a/enterprise/cmd/embeddings/Dockerfile.wolfi b/enterprise/cmd/embeddings/Dockerfile.wolfi deleted file mode 100644 index 3899d44008b..00000000000 --- a/enterprise/cmd/embeddings/Dockerfile.wolfi +++ /dev/null @@ -1,18 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -EXPOSE 9991 -WORKDIR / - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/embeddings"] -COPY embeddings /usr/local/bin/ diff --git a/enterprise/cmd/embeddings/build-wolfi.sh b/enterprise/cmd/embeddings/build-wolfi.sh deleted file mode 100755 index 98e2547ce6e..00000000000 --- a/enterprise/cmd/embeddings/build-wolfi.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - - ./dev/ci/bazel.sh build //enterprise/cmd/embeddings - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/embeddings --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/embeddings/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/embeddings" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/embeddings/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/embeddings/build.sh b/enterprise/cmd/embeddings/build.sh deleted file mode 100755 index 03b9c4739a6..00000000000 --- a/enterprise/cmd/embeddings/build.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - - ./dev/ci/bazel.sh build //enterprise/cmd/embeddings - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/embeddings --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/embeddings/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/embeddings" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/embeddings/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/executor-kubernetes/Dockerfile b/enterprise/cmd/executor-kubernetes/Dockerfile deleted file mode 100644 index 611073d1e33..00000000000 --- a/enterprise/cmd/executor-kubernetes/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# Install git. We use the same version here as we use in gitserver. -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - ca-certificates - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/executor-kubernetes/Dockerfile.wolfi b/enterprise/cmd/executor-kubernetes/Dockerfile.wolfi deleted file mode 100644 index e7444faff2e..00000000000 --- a/enterprise/cmd/executor-kubernetes/Dockerfile.wolfi +++ /dev/null @@ -1,15 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-executor-kubernetes-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/executor-kubernetes/build-wolfi.sh b/enterprise/cmd/executor-kubernetes/build-wolfi.sh deleted file mode 100755 index ea76886f6d6..00000000000 --- a/enterprise/cmd/executor-kubernetes/build-wolfi.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/executor - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/executor-kubernetes/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/executor-kubernetes/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/executor-kubernetes/build.sh b/enterprise/cmd/executor-kubernetes/build.sh deleted file mode 100755 index 3ab938c5ec2..00000000000 --- a/enterprise/cmd/executor-kubernetes/build.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/executor - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/executor-kubernetes/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/executor-kubernetes/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/executor/build-wolfi.sh b/enterprise/cmd/executor/build-wolfi.sh deleted file mode 100755 index 41f4880b290..00000000000 --- a/enterprise/cmd/executor/build-wolfi.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -# This file is required, because docker images are always assumed to live in the root of the cmd directory. -# Since we build various versions of executor images, we want to forward this for now and might reconsider -# making this an option in our CI framework at some point. - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")"/docker-image - -./build-wolfi.sh "$@" diff --git a/enterprise/cmd/executor/build.sh b/enterprise/cmd/executor/build.sh deleted file mode 100755 index 74cdd7bb2ad..00000000000 --- a/enterprise/cmd/executor/build.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -# This file is required, because docker images are always assumed to live in the root of the cmd directory. -# Since we build various versions of executor images, we want to forward this for now and might reconsider -# making this an option in our CI framework at some point. - -set -ex -cd "$(dirname "${BASH_SOURCE[0]}")"/docker-image - -./build.sh "$@" diff --git a/enterprise/cmd/executor/docker-image/Dockerfile b/enterprise/cmd/executor/docker-image/Dockerfile deleted file mode 100644 index b5057bb413d..00000000000 --- a/enterprise/cmd/executor/docker-image/Dockerfile +++ /dev/null @@ -1,40 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# Firecracker doesn't work in docker, so disable it by default. -ENV EXECUTOR_USE_FIRECRACKER=false - -# Install git and docker. We use the same version here as we use in gitserver. -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - docker \ - ca-certificates - -# Install src-cli. -ARG SRC_CLI_VERSION -RUN set -ex && \ - curl -f -L -o src-cli.tar.gz "https://github.com/sourcegraph/src-cli/releases/download/${SRC_CLI_VERSION}/src-cli_${SRC_CLI_VERSION}_linux_amd64.tar.gz" && \ - tar -xvzf src-cli.tar.gz src && \ - mv src /usr/local/bin/src && \ - chmod +x /usr/local/bin/src && \ - rm -rf src-cli.tar.gz - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/executor/docker-image/Dockerfile.wolfi b/enterprise/cmd/executor/docker-image/Dockerfile.wolfi deleted file mode 100644 index 37c4dca5ea5..00000000000 --- a/enterprise/cmd/executor/docker-image/Dockerfile.wolfi +++ /dev/null @@ -1,28 +0,0 @@ -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-executor-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -# Firecracker doesn't work in docker, so disable it by default. -ENV EXECUTOR_USE_FIRECRACKER=false - -# Install src-cli -# TODO: Replace with a bazel-built binary -ARG SRC_CLI_VERSION -RUN set -ex && \ - curl -f -L -o src-cli.tar.gz "https://github.com/sourcegraph/src-cli/releases/download/${SRC_CLI_VERSION}/src-cli_${SRC_CLI_VERSION}_linux_amd64.tar.gz" && \ - tar -xvzf src-cli.tar.gz src && \ - mv src /usr/local/bin/src && \ - chmod +x /usr/local/bin/src && \ - rm -rf src-cli.tar.gz - -USER sourcegraph -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/executor"] -COPY executor /usr/local/bin/ diff --git a/enterprise/cmd/executor/docker-image/build-wolfi.sh b/enterprise/cmd/executor/docker-image/build-wolfi.sh deleted file mode 100755 index ddef9d4d359..00000000000 --- a/enterprise/cmd/executor/docker-image/build-wolfi.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/executor //internal/cmd/src-cli-version - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files) - cp "$out" "$OUTPUT" - - src_cli=$(./dev/ci/bazel.sh cquery //internal/cmd/src-cli-version --output=files) - SRC_CLI_VERSION=$(eval "$src_cli") - - docker build -f enterprise/cmd/executor/docker-image/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -SRC_CLI_VERSION="$(go run ./internal/cmd/src-cli-version/main.go)" - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/executor/docker-image/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/executor/docker-image/build.sh b/enterprise/cmd/executor/docker-image/build.sh deleted file mode 100755 index 1601e7e9778..00000000000 --- a/enterprise/cmd/executor/docker-image/build.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")"/../../../.. -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/executor //internal/cmd/src-cli-version - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/executor --output=files) - cp "$out" "$OUTPUT" - - src_cli=$(./dev/ci/bazel.sh cquery //internal/cmd/src-cli-version --output=files) - SRC_CLI_VERSION=$(eval "$src_cli") - - docker build -f enterprise/cmd/executor/docker-image/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - - exit $? -fi - -SRC_CLI_VERSION="$(go run ./internal/cmd/src-cli-version/main.go)" - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pushd ./enterprise/cmd/executor 1>/dev/null -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/executor" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" -popd 1>/dev/null - -docker build -f enterprise/cmd/executor/docker-image/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg SRC_CLI_VERSION="${SRC_CLI_VERSION}" \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/frontend/Dockerfile b/enterprise/cmd/frontend/Dockerfile deleted file mode 100644 index e97d97c56bc..00000000000 --- a/enterprise/cmd/frontend/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV CONFIGURATION_MODE=server PGDATABASE=sg PGHOST=pgsql PGPORT=5432 PGSSLMODE=disable PGUSER=sg CODEINTEL_PGDATABASE=sg CODEINTEL_PGHOST=codeintel-db CODEINTEL_PGPORT=5432 CODEINTEL_PGSSLMODE=disable CODEINTEL_PGUSER=sg PUBLIC_REPO_REDIRECTS=true -RUN mkdir -p /mnt/cache/frontend && chown -R sourcegraph:sourcegraph /mnt/cache/frontend -USER sourcegraph -CMD ["serve"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/frontend"] -COPY frontend /usr/local/bin/ diff --git a/enterprise/cmd/frontend/Dockerfile.wolfi b/enterprise/cmd/frontend/Dockerfile.wolfi deleted file mode 100644 index e8ccd3bcd5f..00000000000 --- a/enterprise/cmd/frontend/Dockerfile.wolfi +++ /dev/null @@ -1,22 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -ENV CONFIGURATION_MODE=server PGDATABASE=sg PGHOST=pgsql PGPORT=5432 PGSSLMODE=disable PGUSER=sg CODEINTEL_PGDATABASE=sg CODEINTEL_PGHOST=codeintel-db CODEINTEL_PGPORT=5432 CODEINTEL_PGSSLMODE=disable CODEINTEL_PGUSER=sg PUBLIC_REPO_REDIRECTS=true -USER sourcegraph - -CMD ["serve"] -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/frontend"] -COPY frontend /usr/local/bin/ diff --git a/enterprise/cmd/frontend/build-wolfi.sh b/enterprise/cmd/frontend/build-wolfi.sh deleted file mode 100755 index ca09dd96ef5..00000000000 --- a/enterprise/cmd/frontend/build-wolfi.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the frontend docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/frontend - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/frontend --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/frontend/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/frontend" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f enterprise/cmd/frontend/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/frontend/build.sh b/enterprise/cmd/frontend/build.sh deleted file mode 100755 index 282feb8a1e0..00000000000 --- a/enterprise/cmd/frontend/build.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the frontend docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/frontend - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/frontend --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/frontend" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f enterprise/cmd/frontend/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/frontend/pre-build.sh b/enterprise/cmd/frontend/pre-build.sh deleted file mode 100755 index c9262b72d6c..00000000000 --- a/enterprise/cmd/frontend/pre-build.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/env bash - -set -exuo pipefail -cd "$(dirname "${BASH_SOURCE[0]}")"/../../.. - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - exit 0 -fi - -parallel_run() { - ./dev/ci/parallel_run.sh "$@" -} - -echo "--- pnpm root" -./dev/ci/pnpm-install-with-retry.sh - -MAYBE_TIME_PREFIX="" -if [[ "${CI_DEBUG_PROFILE:-"false"}" == "true" ]]; then - MAYBE_TIME_PREFIX="env time -v" -fi - -build_browser() { - echo "--- pnpm browser" - (cd client/browser && TARGETS=phabricator eval "${MAYBE_TIME_PREFIX} pnpm build") -} - -build_web() { - echo "--- pnpm web" - NODE_ENV=production eval "${MAYBE_TIME_PREFIX} pnpm build-web --color" -} - -export -f build_browser -export -f build_web - -echo "--- (enterprise) build browser and web concurrently" -parallel_run ::: build_browser build_web - -echo "--- (enterprise) generate" -go run ./dev/sg generate diff --git a/enterprise/cmd/gitserver/Dockerfile b/enterprise/cmd/gitserver/Dockerfile deleted file mode 100644 index b35f26b37fe..00000000000 --- a/enterprise/cmd/gitserver/Dockerfile +++ /dev/null @@ -1,71 +0,0 @@ -# This Dockerfile was generated from github.com/sourcegraph/godockerize. It -# was not written by a human, and as such looks janky. As you change this -# file, please don't be scared to make it more pleasant / remove hadolint -# ignores. - -# Install p4 CLI (keep this up to date with cmd/server/Dockerfile) -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a AS build - -# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS -# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal -RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \ - wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \ - chmod +x /usr/local/bin/p4 && \ - sha256sum -c expected_hash - -COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh -RUN /p4-fusion-install-alpine.sh - -RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \ - gzip -d coursier.gz && \ - mv coursier /usr/local/bin/coursier && \ - chmod +x /usr/local/bin/coursier - -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk add --no-cache \ - # Minimal version requirement to address vulnerabilities - # https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/ - # Don't use alpine/edge, the git release on this segfaults - 'git>=2.38.0' --repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \ - git-lfs \ - git-p4 \ - openssh-client \ - # We require libstdc++ for p4-fusion - libstdc++ \ - python2 \ - python3 \ - bash - -COPY --from=build /usr/local/bin/p4 /usr/local/bin/p4 -COPY --from=build /usr/local/bin/coursier /usr/local/bin/coursier - -# copy into place the p4-fusion binary and the wrapper shell script -# that facilitates better handling of killing of the p4-fusion -# (for example, either because it exceeded gitLongCommandTimeout, or the Docker host's OOM Reaper killed it) -# actually, I'm not sure about gitLongCommandTimeout, because that may directly terminate the wrapper script. -COPY --from=build /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion-binary -COPY p4-fusion-wrapper-detect-kill.sh /usr/local/bin/p4-fusion -COPY process-stats-watcher.sh /usr/local/bin/process-stats-watcher.sh - -# This is a trick to include libraries required by p4, -# please refer to https://blog.tilander.org/docker-perforce/ -# hadolint ignore=DL4006 -RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory / - -RUN mkdir -p /data/repos && chown -R sourcegraph:sourcegraph /data/repos -USER sourcegraph - -WORKDIR / - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/gitserver"] -COPY gitserver /usr/local/bin/ diff --git a/enterprise/cmd/gitserver/Dockerfile.wolfi b/enterprise/cmd/gitserver/Dockerfile.wolfi deleted file mode 100644 index 66a491c30e9..00000000000 --- a/enterprise/cmd/gitserver/Dockerfile.wolfi +++ /dev/null @@ -1,22 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-gitserver-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph - -WORKDIR / - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/gitserver"] -COPY gitserver /usr/local/bin/ diff --git a/enterprise/cmd/gitserver/build-wolfi.sh b/enterprise/cmd/gitserver/build-wolfi.sh deleted file mode 100755 index c2d8b1cc98f..00000000000 --- a/enterprise/cmd/gitserver/build-wolfi.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash - -# We want to build multiple go binaries, so we use a custom build step on CI. -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -ex - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) - -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/gitserver - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/gitserver --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/gitserver/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/gitserver" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f enterprise/cmd/gitserver/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/gitserver/build.sh b/enterprise/cmd/gitserver/build.sh deleted file mode 100755 index dabbc4849c8..00000000000 --- a/enterprise/cmd/gitserver/build.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/env bash - -# the build process for the OSS gitserver is identical to the build process for the Enterprise gitserver -# pull some shenanigans up front so that we don't have to sprinkle "enterprise" all throughout the enterprise version - -exedir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) - -path="cmd/gitserver" - -if [[ ${exedir} = */enterprise/cmd/gitserver ]]; then - # We want to build multiple go binaries, so we use a custom build step on CI. - cd "${exedir}"/../../.. || exit 1 - path="enterprise/${path}" -else - # We want to build multiple go binaries, so we use a custom build step on CI. - cd "${exedir}"/../.. || exit 1 -fi - -### OSS and Enterprise builds should be identical after this point - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) - -cleanup() { - rm -rf "$OUTPUT" -} - -trap cleanup EXIT - -for f in p4-fusion-install-alpine.sh p4-fusion-wrapper-detect-kill.sh process-stats-watcher.sh; do - cp -a "./${path}/${f}" "${OUTPUT}" -done - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //${path} - out=$(./dev/ci/bazel.sh cquery //${path} --output=files) - cp "$out" "$OUTPUT" - - docker build -f ${path}/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -pkg="github.com/sourcegraph/sourcegraph/${path}" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -docker build -f ${path}/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/gitserver/p4-fusion-install-alpine.sh b/enterprise/cmd/gitserver/p4-fusion-install-alpine.sh deleted file mode 100755 index 8f73a2fe568..00000000000 --- a/enterprise/cmd/gitserver/p4-fusion-install-alpine.sh +++ /dev/null @@ -1,116 +0,0 @@ -#!/bin/sh - -# This script installs p4-fusion within an alpine container. - -set -eu - -tmpdir=$(mktemp -d) -cd "$tmpdir" - -cleanup() { - echo "--- cleanup" - apk --no-cache --purge del p4-build-deps 2>/dev/null || true - cd / - rm -rf "$tmpdir" || true -} - -trap cleanup EXIT - -test_p4_fusion() { - # Test that p4-fusion runs and is on the path - echo "--- p4-fusion test" - ldd "$(which p4-fusion)" - p4-fusion >/dev/null -} - -set -x - -# Hello future traveler. Building p4-fusion is one of our slowest steps in CI. -# Luckily the versions very rarely change and nearly everything is statically -# linked. This means we can manually upload the output of this build script to -# a bucket and save lots of time. -# -# If the version has changed please add it to the sha256sum in the prebuilt -# binary check. You can run -# -# docker build -t p4-fusion --target=p4-fusion . -# -# Then extract the binary from /usr/local/bin/p4-fusion. Please rename it -# follow the format and upload to the bucket here -# https://console.cloud.google.com/storage/browser/sourcegraph-artifacts/p4-fusion -export P4_FUSION_VERSION=v1.12 - -# Runtime dependencies -echo "--- p4-fusion apk runtime-deps" -apk add --no-cache libstdc++ - -# Check if we have a prebuilt binary -echo "--- p4-fusion prebuilt binary check" -if wget https://storage.googleapis.com/sourcegraph-artifacts/p4-fusion/p4-fusion-"$P4_FUSION_VERSION"-musl-x86_64; then - src=p4-fusion-"$P4_FUSION_VERSION"-musl-x86_64 - cat <>"$tmpfile" - - # We know for sure that renovate has nothing to do with the client files. - grep -v "renovate.json" <"$tmpfile" | sort -k 2 | sha1sum | awk '{print $1}' -} - -function generate_cache_desc { - echo -e "- Generated from commit: \`$(git rev-parse HEAD)\`" - echo -e "- Created at: \`$(date)\`" -} - -echo "--- (enterprise) pre-build frontend" - -if [[ "$BUILDKITE" != "true" || "${SERVER_NO_CLIENT_BUNDLE_CACHE:-}" == "true" ]]; then - # Not-in-buildkite simple install. - # - # Or When we are building a release, we do not want to cache the client bundle. - # - # This is a defensive measure, as caching the client bundle is tricky when it comes to invalidating it. - # This makes sure that we're running integration tests on a fresh bundle and, the image - # that 99% of our customers are using is exactly the same as the other deployments. - ./enterprise/cmd/frontend/pre-build.sh -else - # set the buildkite cache access keys - AWS_CONFIG_DIR_PATH="/buildkite/.aws" - mkdir -p "$AWS_CONFIG_DIR_PATH" - AWS_CONFIG_FILE="$AWS_CONFIG_DIR_PATH/config" - export AWS_CONFIG_FILE - AWS_SHARED_CREDENTIALS_FILE="/buildkite/.aws/credentials" - export AWS_SHARED_CREDENTIALS_FILE - aws configure set aws_access_key_id "$BUILDKITE_HMAC_KEY" --profile buildkite - aws configure set aws_secret_access_key "$BUILDKITE_HMAC_SECRET" --profile buildkite - - # scan and concat all the sha1sums of the files into a single blob which is then sha1sum'd again to give us our checksum - checksum=$(checksum_client_code) - cache_file="cache-client-bundle-$checksum.tar.gz" - cache_desc_file="cache-client-bundle-$checksum.txt" - cache_key="$BUILDKITE_ORGANIZATION_SLUG/$BUILDKITE_PIPELINE_NAME/$cache_file" - cache_desc_key="$BUILDKITE_ORGANIZATION_SLUG/$BUILDKITE_PIPELINE_NAME/$cache_desc_file" - - echo -e "~~~ ClientBundle 🔍 Locating cache: $cache_key" - if aws s3api head-object --bucket "sourcegraph_buildkite_cache" --profile buildkite --endpoint-url 'https://storage.googleapis.com' --region "us-central1" --key "$cache_key"; then - echo -e "~~~ ClientBundle 🔥 Cache hit: $cache_key" - # Getting the cached bundle - aws s3 cp --profile buildkite --endpoint-url 'https://storage.googleapis.com' --region "us-central1" "s3://sourcegraph_buildkite_cache/$cache_key" "./" - bsdtar xzf "$cache_file" - rm "$cache_file" - - # Retrieving the cache description - aws s3 cp --profile buildkite --endpoint-url 'https://storage.googleapis.com' --region "us-central1" "s3://sourcegraph_buildkite_cache/$cache_desc_key" "./" - echo -e "\`$cache_key\`\n\n$(cat "$cache_desc_file")" >>"./annotations/🔥 Client bundle cache hit.md" - rm "$cache_desc_file" - else - echo -e "~~~ ClientBundle 🚨 Cache miss: $cache_key" - # Building the bundle - echo "~~~ Building client from scratch" - ./enterprise/cmd/frontend/pre-build.sh - echo "~~~ Cache build client installation" - bsdtar cfz "$cache_file" ./ui - aws s3 cp --profile buildkite --endpoint-url 'https://storage.googleapis.com' --region "us-central1" "$cache_file" "s3://sourcegraph_buildkite_cache/$cache_key" - rm "$cache_file" - - # Building the bundle description - generate_cache_desc >"$cache_desc_file" - aws s3 cp --profile buildkite --endpoint-url 'https://storage.googleapis.com' --region "us-central1" "$cache_desc_file" "s3://sourcegraph_buildkite_cache/$cache_desc_key" - rm "$cache_desc_file" - fi -fi diff --git a/enterprise/cmd/symbols/build-bazel.sh b/enterprise/cmd/symbols/build-bazel.sh deleted file mode 100755 index 32a8b4742d7..00000000000 --- a/enterprise/cmd/symbols/build-bazel.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -echo "--- :bazel: bazel build for targets //enterprise/cmd/symbols" - -bazelrc=( - --bazelrc=.bazelrc -) -if [[ ${CI:-""} == "true" ]]; then - bazelrc+=( - --bazelrc=.aspect/bazelrc/ci.bazelrc - --bazelrc=.aspect/bazelrc/ci.sourcegraph.bazelrc - ) -fi - -bazel "${bazelrc[@]}" \ - build \ - //enterprise/cmd/symbols \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 - -out=$( - bazel "${bazelrc[@]}" \ - cquery //enterprise/cmd/symbols \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --config incompat-zig-linux-amd64 \ - --output=files -) -cp -v "$out" "$OUTPUT" - -# we can't build scip-ctags with symbols since the platform args conflict -# NOTE: cmd/symbols/cargo-config.sh sets some specific config when running on arm64 -# since this bazel run typically runs on CI that config change isn't made -echo "--- :bazel: bazel build for target //docker-images/syntax-highlighter:scip-ctags" -bazel "${bazelrc[@]}" \ - build //docker-images/syntax-highlighter:scip-ctags \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh - -out=$( - bazel "${bazelrc[@]}" \ - cquery //docker-images/syntax-highlighter:scip-ctags \ - --stamp \ - --workspace_status_command=./dev/bazel_stamp_vars.sh \ - --output=files -) -cp -v "$out" "$OUTPUT" - -cp cmd/symbols/ctags-install-alpine.sh "$OUTPUT" - -echo ":docker: context directory contains the following:" -ls -lah "$OUTPUT" -echo "--- :docker: docker build for symbols" -docker build -f cmd/symbols/Dockerfile.bazel -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/symbols/build-wolfi.sh b/enterprise/cmd/symbols/build-wolfi.sh deleted file mode 100755 index 7703024fd3f..00000000000 --- a/enterprise/cmd/symbols/build-wolfi.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -env \ - PKG=github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols \ - cmd/symbols/build-wolfi.sh diff --git a/enterprise/cmd/symbols/build.sh b/enterprise/cmd/symbols/build.sh deleted file mode 100755 index c7a84f2b90f..00000000000 --- a/enterprise/cmd/symbols/build.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the symbols docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -env \ - PKG=github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols \ - cmd/symbols/build.sh diff --git a/enterprise/cmd/symbols/go-build-wolfi.sh b/enterprise/cmd/symbols/go-build-wolfi.sh deleted file mode 100755 index 5c8f8e6d8ed..00000000000 --- a/enterprise/cmd/symbols/go-build-wolfi.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -env \ - PKG=github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols \ - cmd/symbols/go-build-wolfi.sh "$@" diff --git a/enterprise/cmd/symbols/go-build.sh b/enterprise/cmd/symbols/go-build.sh deleted file mode 100755 index db8ab0dbfee..00000000000 --- a/enterprise/cmd/symbols/go-build.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/usr/bin/env bash - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -env \ - PKG=github.com/sourcegraph/sourcegraph/enterprise/cmd/symbols \ - cmd/symbols/go-build.sh "$@" diff --git a/enterprise/cmd/worker/Dockerfile b/enterprise/cmd/worker/Dockerfile deleted file mode 100644 index 77aaaabd880..00000000000 --- a/enterprise/cmd/worker/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM sourcegraph/alpine-3.14:213466_2023-04-17_5.0-bdda34a71619@sha256:6354a4ff578b685e36c8fbde81f62125ae0011b047fb2cc22d1b0de616b3c59a - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -RUN apk update && apk add --no-cache \ - tini - -USER sourcegraph -EXPOSE 3189 -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/worker"] -COPY worker /usr/local/bin/ diff --git a/enterprise/cmd/worker/Dockerfile.wolfi b/enterprise/cmd/worker/Dockerfile.wolfi deleted file mode 100644 index 8cd0659bd7e..00000000000 --- a/enterprise/cmd/worker/Dockerfile.wolfi +++ /dev/null @@ -1,21 +0,0 @@ -# Dockerfile for Wolfi-based images -# This is currently being tested in parallel to Alpine - you don't need to update this -# file if you change the regular Dockerfile. - -# hadolint ignore=DL3007 -FROM us.gcr.io/sourcegraph-dev/wolfi-sourcegraph-base:latest - -ARG COMMIT_SHA="unknown" -ARG DATE="unknown" -ARG VERSION="unknown" - -LABEL org.opencontainers.image.revision=${COMMIT_SHA} -LABEL org.opencontainers.image.created=${DATE} -LABEL org.opencontainers.image.version=${VERSION} -LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA} - -USER sourcegraph -EXPOSE 3189 - -ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/worker"] -COPY worker /usr/local/bin/ diff --git a/enterprise/cmd/worker/build-wolfi.sh b/enterprise/cmd/worker/build-wolfi.sh deleted file mode 100755 index d69e34221f6..00000000000 --- a/enterprise/cmd/worker/build-wolfi.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the enterprise worker docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/worker - - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/worker --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/worker/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/worker" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f enterprise/cmd/worker/Dockerfile.wolfi -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/cmd/worker/build.sh b/enterprise/cmd/worker/build.sh deleted file mode 100755 index 758699830ec..00000000000 --- a/enterprise/cmd/worker/build.sh +++ /dev/null @@ -1,43 +0,0 @@ -#!/usr/bin/env bash - -# This script builds the enterprise worker docker image. - -cd "$(dirname "${BASH_SOURCE[0]}")/../../.." -set -eu - -OUTPUT=$(mktemp -d -t sgdockerbuild_XXXXXXX) -cleanup() { - rm -rf "$OUTPUT" -} -trap cleanup EXIT - -if [[ "${DOCKER_BAZEL:-false}" == "true" ]]; then - ./dev/ci/bazel.sh build //enterprise/cmd/worker - - out=$(./dev/ci/bazel.sh cquery //enterprise/cmd/worker --output=files) - cp "$out" "$OUTPUT" - - docker build -f enterprise/cmd/worker/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION - exit $? -fi - -# Environment for building linux binaries -export GO111MODULE=on -export GOARCH=amd64 -export GOOS=linux -export CGO_ENABLED=0 - -echo "--- go build" -pkg="github.com/sourcegraph/sourcegraph/enterprise/cmd/worker" -go build -trimpath -ldflags "-X github.com/sourcegraph/sourcegraph/internal/version.version=$VERSION -X github.com/sourcegraph/sourcegraph/internal/version.timestamp=$(date +%s)" -buildmode exe -tags dist -o "$OUTPUT/$(basename $pkg)" "$pkg" - -echo "--- docker build" -docker build -f enterprise/cmd/worker/Dockerfile -t "$IMAGE" "$OUTPUT" \ - --progress=plain \ - --build-arg COMMIT_SHA \ - --build-arg DATE \ - --build-arg VERSION diff --git a/enterprise/dev/ci/internal/ci/bazel_operations.go b/enterprise/dev/ci/internal/ci/bazel_operations.go index 04645f5b2f7..2f063def0f9 100644 --- a/enterprise/dev/ci/internal/ci/bazel_operations.go +++ b/enterprise/dev/ci/internal/ci/bazel_operations.go @@ -296,12 +296,6 @@ func bazelBuildCandidateDockerImages(apps []string, version string, tag string, } return "enterprise/cmd/" + folder }() - // TODO(JH) we don't need this anymore. - // preBuildScript := cmdDir + "/pre-build.sh" - // if _, err := os.Stat(preBuildScript); err == nil { - // // Allow all - // cmds = append(cmds, bk.AnnotatedCmd(preBuildScript, buildAnnotationOptions)) - // } buildScriptPath := filepath.Join(cmdDir, "build.sh") _, err := os.Stat(filepath.Join(cmdDir, "build-bazel.sh")) if err == nil { @@ -399,12 +393,6 @@ func bazelBuildCandidateDockerImage(app string, version string, tag string, rt r } return "enterprise/cmd/" + folder }() - // TODO(JH) we don't need this anymore. - // preBuildScript := cmdDir + "/pre-build.sh" - // if _, err := os.Stat(preBuildScript); err == nil { - // // Allow all - // cmds = append(cmds, bk.AnnotatedCmd(preBuildScript, buildAnnotationOptions)) - // } buildScriptPath := filepath.Join(cmdDir, "build.sh") _, err := os.Stat(filepath.Join(cmdDir, "build-bazel.sh")) if err == nil { diff --git a/enterprise/dev/ci/internal/ci/operations.go b/enterprise/dev/ci/internal/ci/operations.go index 9141da4a2df..c129e396d6a 100644 --- a/enterprise/dev/ci/internal/ci/operations.go +++ b/enterprise/dev/ci/internal/ci/operations.go @@ -442,13 +442,6 @@ func buildGoTests(f func(description, testSuffix string, additionalOpts ...bk.St } } -// Builds the OSS and Enterprise Go commands. -func addGoBuild(pipeline *bk.Pipeline) { - pipeline.AddStep(":go: Build", - bk.Cmd("./dev/ci/go-build.sh"), - ) -} - func addBrowserExtensionE2ESteps(pipeline *bk.Pipeline) { for _, browser := range []string{"chrome"} { // Run e2e tests diff --git a/sg.config.yaml b/sg.config.yaml index 946bfd04e28..a623fb61619 100644 --- a/sg.config.yaml +++ b/sg.config.yaml @@ -534,9 +534,17 @@ commands: while true; do sleep 1 done - install: ./enterprise/cmd/executor-kubernetes/build.sh + install: | + if [[ $(uname) == "Linux" ]]; then + bazel build //enterprise/cmd/executor-kubernetes:image_tarball + docker load --input $(bazel cquery //enterprise/cmd/executor-kubernetes:image_tarball --output=files) + else + bazel build //enterprise/cmd/executor-kubernetes:image_tarball --config darwin-docker + docker load --input $(bazel cquery //enterprise/cmd/executor-kubernetes:image_tarball --config darwin-docker --output=files) + fi + env: - IMAGE: sourcegraph/executor-kubernetes:insiders + IMAGE: executor-kubernetes:candidate # TODO: This is required but should only be set on M1 Macs. PLATFORM: linux/arm64 watch: @@ -598,9 +606,16 @@ commands: batcheshelper-builder: # Nothing to run for this, we just want to re-run the install script every time. cmd: exit 0 - install: ./enterprise/cmd/batcheshelper/build.sh + install: | + if [[ $(uname) == "Linux" ]]; then + bazel build //enterprise/cmd/batcheshelper:image_tarball + docker load --input $(bazel cquery //enterprise/cmd/batcheshelper:image_tarball --output=files) + else + bazel build //enterprise/cmd/batcheshelper:image_tarball --config darwin-docker + docker load --input $(bazel cquery //enterprise/cmd/batcheshelper:image_tarball --config darwin-docker --output=files) + fi env: - IMAGE: sourcegraph/batcheshelper:insiders + IMAGE: batcheshelper:candidate # TODO: This is required but should only be set on M1 Macs. PLATFORM: linux/arm64 watch: @@ -684,13 +699,15 @@ commands: -p 0.0.0.0:3370:3370 ${ADD_HOST_FLAG} \ -v "${GRAFANA_DISK}":/var/lib/grafana \ -v "$(pwd)"/dev/grafana/all:/sg_config_grafana/provisioning/datasources \ - sourcegraph/grafana:dev >"${GRAFANA_LOG_FILE}" 2>&1 + grafana:candidate >"${GRAFANA_LOG_FILE}" 2>&1 install: | + echo foobar mkdir -p "${GRAFANA_DISK}" mkdir -p "$(dirname ${GRAFANA_LOG_FILE})" export CACHE=true docker inspect $CONTAINER >/dev/null 2>&1 && docker rm -f $CONTAINER - ./docker-images/grafana/build.sh + bazel build //docker-images/grafana:image_tarball + docker load --input $(bazel cquery //docker-images/grafana:image_tarball --output=files) env: GRAFANA_DISK: $HOME/.sourcegraph-dev/data/grafana # Log file location: since we log outside of the Docker container, we should @@ -701,7 +718,7 @@ commands: # We want to capture that output, but because it's fairly noisy, don't want to # display it in the normal case. GRAFANA_LOG_FILE: $HOME/.sourcegraph-dev/logs/grafana/grafana.log - IMAGE: sourcegraph/grafana:dev + IMAGE: grafana:candidate CONTAINER: grafana PORT: 3370 # docker containers must access things via docker host on non-linux platforms @@ -746,12 +763,19 @@ commands: fi cp ${PROM_TARGETS} "${CONFIG_DIR}"/prometheus_targets.yml - CACHE=true ./docker-images/prometheus/build.sh + + if [[ $(uname) == "Linux" ]]; then + bazel build //docker-images/prometheus:image_tarball + docker load --input $(bazel cquery //docker-images/prometheus:image_tarball --output=files) + else + bazel build //docker-images/prometheus:image_tarball --config darwin-docker + docker load --input $(bazel cquery //docker-images/prometheus:image_tarball --config darwin-docker --output=files) + fi env: PROMETHEUS_DISK: $HOME/.sourcegraph-dev/data/prometheus # See comment above for `grafana` PROMETHEUS_LOG_FILE: $HOME/.sourcegraph-dev/logs/prometheus/prometheus.log - IMAGE: sourcegraph/prometheus:dev + IMAGE: prometheus:candidate CONTAINER: prometheus PORT: 9090 CONFIG_DIR: docker-images/prometheus/config @@ -790,7 +814,14 @@ commands: LOKI_LOG_FILE: $HOME/.sourcegraph-dev/logs/loki/loki.log otel-collector: - install: docker-images/opentelemetry-collector/build.sh + install: | + if [[ $(uname) == "Linux" ]]; then + bazel build //docker-images/opentelemetry-collector:image_tarball + docker load --input $(bazel cquery //docker-images/opentelemetry-collector:image_tarball --output=files) + else + bazel build //docker-images/opentelemetry-collector:image_tarball --config darwin-docker + docker load --input $(bazel cquery //docker-images/opentelemetry-collector:image_tarball --config darwin-docker --output=files) + fi description: OpenTelemetry collector cmd: | JAEGER_HOST='host.docker.internal' @@ -811,7 +842,7 @@ commands: -e HONEYCOMB_DATASET=$HONEYCOMB_DATASET \ $IMAGE --config "/etc/otel-collector/$CONFIGURATION_FILE" env: - IMAGE: sourcegraph/opentelemetry-collector:dev + IMAGE: opentelemetry-collector:candidate # Overwrite the following in sg.config.overwrite.yaml, based on which collector # config you are using - see docker-images/opentelemetry-collector for more details. CONFIGURATION_FILE: "configs/jaeger.yaml"