artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 18:11:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
3d9b72e43c
sourcegraph/cmd/server/Dockerfile
Peter Guy 3d9b72e43c
test the code host connection for Perforce (fixes #43855) (#49069) 
# changes

- add p4 to the repo-updater Dockerfile
- bump the version of p4 from 21.2 to 22.2 for all Dockerfiles, and add
hash checking of the download
- enhance the Perforce VCSSyncer so that it captures the output of `p4
depots` and matches it to the given depot, returning errors if the given
depot doen't match any of the depots returned by `p4 depots`
- fill out `ListRepos` in the Perforce Source so that it calls the
Perforce VCSSyncer's IsCloneable, which checks the given depot agains
the depots from the Perforce server

# before and after videos

https://www.loom.com/share/73099aa7f0ec4427a564f07b80a19a46
https://www.loom.com/share/b7d38469baab496ea50ab22bdfa256da

## Test plan
Add or edit a code host with purposefully wrong connection info; either
the host/port, the username, or the password. A warning message will
display (sometimes a timeout message displays instead) in the Manage
Code Host screen, and an error message will display in the list of code
hosts (sometimes have to wait for the next sync before that appears).

Add or modify a depot so that it is invalid. The repository count will
not increase, and an error message will display in the list of code
hosts. There's no error message in the Manage Code Hose screen, which
would be nice - fodder for iteration.
<!-- All pull requests REQUIRE a test plan:
https://docs.sourcegraph.com/dev/background-information/testing_principles
-->

---------

Co-authored-by: Thorsten Ball <mrnugget@gmail.com>
Co-authored-by: Indradhanush Gupta <indradhanush.gupta@gmail.com>
2023-03-10 13:16:22 -08:00

138 lines
6.1 KiB
Docker
Raw Blame History

# Install p4 CLI (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:201280_2023-02-23_4.5-1071f8b97a60@sha256:c4970b21169db155c1b497740e622adb23007ac11a87ec571d9ecef8aba0adc5 AS p4cli
# hash provided in http://filehost.perforce.com/perforce/r22.2/bin.linux26x86_64/SHA256SUMS
# if the hash is not provided, calculate it by downloading the file and running `sha256sum` on it in Terminal
RUN echo "8bc10fca1c5a26262b4072deec76150a668581a9749d0504cd443084773d4fd0 /usr/local/bin/p4" >expected_hash && \
wget http://cdist2.perforce.com/perforce/r22.2/bin.linux26x86_64/p4 -O /usr/local/bin/p4 && \
chmod +x /usr/local/bin/p4 && \
sha256sum -c expected_hash
# Install p4-fusion (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:201280_2023-02-23_4.5-1071f8b97a60@sha256:c4970b21169db155c1b497740e622adb23007ac11a87ec571d9ecef8aba0adc5 AS p4-fusion
COPY p4-fusion-install-alpine.sh /p4-fusion-install-alpine.sh
RUN /p4-fusion-install-alpine.sh
# Install coursier (keep this up to date with cmd/gitserver/Dockerfile)
FROM sourcegraph/alpine-3.14:201280_2023-02-23_4.5-1071f8b97a60@sha256:c4970b21169db155c1b497740e622adb23007ac11a87ec571d9ecef8aba0adc5 AS coursier
RUN wget -O coursier.gz https://github.com/coursier/coursier/releases/download/v2.1.0-RC4/cs-x86_64-pc-linux-static.gz && \
gzip -d coursier.gz && \
mv coursier /usr/local/bin/coursier && \
chmod +x /usr/local/bin/coursier
FROM sourcegraph/alpine-3.14:201280_2023-02-23_4.5-1071f8b97a60@sha256:c4970b21169db155c1b497740e622adb23007ac11a87ec571d9ecef8aba0adc5
# TODO(security): This container should not be running as root!
#
# The default user in sourcegraph/alpine is a non-root `sourcegraph` user but because old deployments
# cannot be easily migrated we have not changed this from root -> sourcegraph. See:
# https://github.com/sourcegraph/sourcegraph/issues/13238
# hadolint ignore=DL3002
USER root
ARG COMMIT_SHA="unknown"
ARG DATE="unknown"
ARG VERSION="unknown"
LABEL org.opencontainers.image.revision=${COMMIT_SHA}
LABEL org.opencontainers.image.created=${DATE}
LABEL org.opencontainers.image.version=${VERSION}
LABEL com.sourcegraph.github.url=https://github.com/sourcegraph/sourcegraph/commit/${COMMIT_SHA}
RUN apk add --no-cache --verbose \
# Minimal version requirement to address vulnerabilities
# https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/
'git>=2.39.2-r0' --repository=http://dl-cdn.alpinelinux.org/alpine/edge/main \
git-lfs \
git-p4 \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.17/main \
# NOTE that the Postgres version we run is different
# from our *Minimum Supported Version* which alone dictates
# the features we can depend on. See this link for more information:
# https://github.com/sourcegraph/sourcegraph/blob/main/doc/dev/postgresql.md#version-requirements
# You can't just bump the major version since that requires pgupgrade
# between Sourcegraph releases.
&& apk add --no-cache --verbose \
postgresql=~12 \
postgresql-contrib=~12 \
--repository=http://dl-cdn.alpinelinux.org/alpine/v3.12/main \
&& apk add --no-cache --verbose \
'bash>=5.0.17' \
'redis>=5.0' \
python2 \
python3 \
'nginx>=1.18.0' openssh-client pcre sqlite-libs libev su-exec 'nodejs-current>=14.5.0' \
# We require libstdc++ for p4-fusion
libstdc++
# IMPORTANT: If you update the syntax-highlighter version below, you MUST confirm
# the ENV variables from its Dockerfile (https://github.com/sourcegraph/sourcegraph/blob/main/docker-images/syntax-highlighter/Dockerfile)
# have been appropriately set in cmd/server/shared/shared.go.
# hadolint ignore=DL3022
COPY --from=comby/comby:alpine-3.14-1.8.1@sha256:a5e80d6bad6af008478679809dc8327ebde7aeff7b23505b11b20e36aa62a0b2 /usr/local/bin/comby /usr/local/bin/comby
# hadolint ignore=DL3022
COPY --from=docker.io/sourcegraph/syntax-highlighter:186324_2022-12-01_02d3b4384446 /syntax_highlighter /usr/local/bin/
# install blobstore (keep this up to date with the upstream Docker image
# referenced in docker-images/)
RUN apk add --no-cache --verbose openjdk11
# hadolint ignore=DL3022
COPY --from=sourcegraph/blobstore:server /opt/s3proxy /opt/s3proxy
COPY ctags-install-alpine.sh /ctags-install-alpine.sh
RUN /ctags-install-alpine.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/prom-wrapper /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/alertmanager /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /alertmanager.sh /alertmanager.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /bin/prometheus /bin
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /prometheus.sh /prometheus.sh
# hadolint ignore=DL3022
COPY --from=sourcegraph/prometheus:server /usr/share/prometheus /usr/share/prometheus
RUN set -ex && \
addgroup -S grafana && \
adduser -S -G grafana grafana && \
apk add --no-cache libc6-compat ca-certificates su-exec
# hadolint ignore=DL3022
COPY --from=sourcegraph/grafana:server /usr/share/grafana /usr/share/grafana
COPY . /
# hadolint ignore=DL3022
COPY --from=p4cli /usr/local/bin/p4 /usr/local/bin/p4
COPY --from=p4-fusion /usr/local/bin/p4-fusion /usr/local/bin/p4-fusion
COPY --from=coursier /usr/local/bin/coursier /usr/local/bin/coursier
# This is a trick to include libraries required by p4,
# please refer to https://blog.tilander.org/docker-perforce/
# hadolint ignore=DL4006
RUN wget -O - https://github.com/jtilander/p4d/raw/4600d741720f85d77852dcca7c182e96ad613358/lib/lib-x64.tgz | tar zx --directory /
# hadolint ignore=DL3022
COPY --from=sourcegraph/grafana:server /sg_config_grafana/provisioning/dashboards /sg_config_grafana/provisioning/dashboards
# hadolint ignore=DL3022
COPY --from=sourcegraph/postgres_exporter:server /usr/local/bin/postgres_exporter /usr/local/bin/postgres_exporter
RUN echo "hosts: files dns" > /etc/nsswitch.conf
# symbols is cgo, ensure we have the requisite dynamic libraries
RUN env SANITY_CHECK=true /usr/local/bin/symbols
WORKDIR /
ENV GO111MODULES=on LANG=en_US.utf8
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/server"]
Reference in New Issue View Git Blame Copy Permalink