Use $QUAYPATH and $QUAYDIR in conf and init files

2017-02-02 00:17:25 +01:00 · 2017-02-02 00:17:25 +01:00 · cdb3722c17
commit cdb3722c17
parent 334a08d90b
59 changed files with 341 additions and 225 deletions
--- a/conf/init/certs_create.sh
+++ b/conf/init/certs_create.sh
@ -1,8 +1,10 @@
 #! /bin/bash
 set -e
-
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+cd ${QUAYDIR:-"/"}
 # Create certs for jwtproxy to mitm outgoing TLS connections
 echo '{"CN":"CA","key":{"algo":"rsa","size":2048}}' | cfssl gencert -initca - | cfssljson -bare mitm
-cp mitm-key.pem /conf/mitm.key
-cp mitm.pem /conf/mitm.cert
+cp mitm-key.pem $QUAYCONF/mitm.key
+cp mitm.pem $QUAYCONF/mitm.cert
 cp mitm.pem /usr/local/share/ca-certificates/mitm.crt
--- a/conf/init/certs_install.sh
+++ b/conf/init/certs_install.sh
@ -1,34 +1,38 @@
 #! /bin/bash
 set -e
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+cd ${QUAYDIR:-"/"}

 # Add the custom LDAP certificate
-if [ -e /conf/stack/ldap.crt ]
+if [ -e $QUAYCONF/stack/ldap.crt ]
 then
-  cp /conf/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
+  cp $QUAYCONF/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
 fi

 # Add extra trusted certificates (as a directory)
-if [ -d /conf/stack/extra_ca_certs ]; then
-  if test "$(ls -A "/conf/stack/extra_ca_certs")"; then
-      echo "Installing extra certificates found in /conf/stack/extra_ca_certs directory"
-      cp /conf/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
-      cat /conf/stack/extra_ca_certs/* >> /venv/lib/python2.7/site-packages/requests/cacert.pem
+if [ -d $QUAYCONF/stack/extra_ca_certs ]; then
+  if test "$(ls -A "$QUAYCONF/stack/extra_ca_certs")"; then
+      echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs directory"
+      cp $QUAYCONF/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
+      cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/requests/cacert.pem
  fi
 fi

 # Add extra trusted certificates (as a file)
-if [ -f /conf/stack/extra_ca_certs ]; then
-  echo "Installing extra certificates found in /conf/stack/extra_ca_certs file"
-  csplit -z -f /usr/local/share/ca-certificates/extra-ca- /conf/stack/extra_ca_certs  '/-----BEGIN CERTIFICATE-----/' '{*}'
-  cat /conf/stack/extra_ca_certs >> /venv/lib/python2.7/site-packages/requests/cacert.pem
+if [ -f $QUAYCONF/stack/extra_ca_certs ]; then
+  echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs file"
+  csplit -z -f /usr/local/share/ca-certificates/extra-ca- $QUAYCONF/stack/extra_ca_certs  '/-----BEGIN CERTIFICATE-----/' '{*}'
+  cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/requests/cacert.pem
 fi

 # Add extra trusted certificates (prefixed)
-for f in $(find /conf/stack/ -maxdepth 1 -type f -name "extra_ca*")
+for f in $(find $QUAYCONF/stack/ -maxdepth 1 -type f -name "extra_ca*")
 do
 echo "Installing extra cert $f"
 cp "$f" /usr/local/share/ca-certificates/
- cat "$f" >> /venv/lib/python2.7/site-packages/requests/cacert.pem
+ cat "$f" >> venv/lib/python2.7/site-packages/requests/cacert.pem
 done

 # Update all CA certificates.
--- a/conf/init/copy_config_files.sh
+++ b/conf/init/copy_config_files.sh
@ -1,11 +1,15 @@
 #! /bin/sh
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}

-if [ -e /conf/stack/robots.txt ]
+cd ${QUAYDIR:-"/"}
+
+if [ -e $QUAYCONF/stack/robots.txt ]
 then
-  cp /conf/stack/robots.txt /templates/robots.txt
+  cp $QUAYCONF/stack/robots.txt $QUAYPATH/templates/robots.txt
 fi

-if [ -e /conf/stack/favicon.ico ]
+if [ -e $QUAYCONF/stack/favicon.ico ]
 then
-  cp /conf/stack/favicon.ico /static/favicon.ico
+  cp $QUAYCONF/stack/favicon.ico $QUAYPATH/static/favicon.ico
 fi
--- a/conf/init/copy_syslog_config.sh
+++ b/conf/init/copy_syslog_config.sh
@ -1,6 +1,10 @@
 #! /bin/sh
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}

-if [ -e /conf/stack/syslog-ng-extra.conf ]
+cd ${QUAYDIR:-"/"}
+
+if [ -e $QUAYCONF/stack/syslog-ng-extra.conf ]
 then
-	cp /conf/stack/syslog-ng-extra.conf /etc/syslog-ng/conf.d/
+	cp $QUAYCONF/stack/syslog-ng-extra.conf /etc/syslog-ng/conf.d/
 fi
--- a/conf/init/nginx_conf_create.py
+++ b/conf/init/nginx_conf_create.py
@ -0,0 +1,51 @@
+import os
+import os.path
+
+import yaml
+import jinja2
+
+QUAYPATH = os.getenv("QUAYPATH", ".")
+QUAYDIR = os.getenv("QUAYDIR", "/")
+QUAYCONF_DIR = os.getenv("QUAYCONF", os.path.join(QUAYDIR, QUAYPATH, "conf"))
+STATIC_DIR = os.path.join(QUAYDIR, 'static/')
+
+def write_config(filename, **kwargs):
+  with open(filename + ".jnj") as f:
+    template = jinja2.Template(f.read())
+  rendered = template.render(kwargs)
+
+  with open(filename, 'w') as f:
+    f.write(rendered)
+
+
+def generate_nginx_config():
+  """
+  Generates nginx config from the app config
+  """
+  use_https = os.path.exists(os.path.join(QUAYCONF_DIR, 'stack/ssl.key'))
+  write_config(os.path.join(QUAYCONF_DIR, 'nginx/nginx.conf'), use_https=use_https)
+
+
+def generate_server_config(config):
+  """
+  Generates server config from the app config
+  """
+  config = config or {}
+  tuf_server = config.get('TUF_SERVER', None)
+  tuf_host = config.get('TUF_HOST', None)
+  signing_enabled = config.get('FEATURE_SIGNING', False)
+  maximum_layer_size = config.get('MAXIMUM_LAYER_SIZE', '20G')
+
+  write_config(
+    os.path.join(QUAYCONF_DIR, 'nginx/server-base.conf'), tuf_server=tuf_server, tuf_host=tuf_host,
+    signing_enabled=signing_enabled, maximum_layer_size=maximum_layer_size, static_dir=STATIC_DIR)
+
+
+if __name__ == "__main__":
+  if os.path.exists(os.path.join(QUAYCONF_DIR, 'stack/config.yaml')):
+    with open(os.path.join(QUAYCONF_DIR, 'stack/config.yaml'), 'r') as f:
+      config = yaml.load(f)
+  else:
+    config = None
+  generate_server_config(config)
+  generate_nginx_config()
--- a/conf/init/nginx_conf_create.sh
+++ b/conf/init/nginx_conf_create.sh
@ -1,51 +1,8 @@
-#!/venv/bin/python
+#!/bin/bash

-import os.path
+QUAYDIR=${QUAYDIR:-"/"}
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}

-import yaml
-import jinja2
-
-
-def write_config(filename, **kwargs):
-  with open(filename + ".jnj") as f:
-    template = jinja2.Template(f.read())
-    rendered = template.render(kwargs)
-
-  with open(filename, 'w') as f:
-    f.write(rendered)
-
-
-def generate_nginx_config():
-  """
-  Generates nginx config from the app config
-  """
-  use_https = os.path.exists('conf/stack/ssl.key')
-  write_config('conf/nginx/nginx.conf',
-               use_https=use_https)
-
-
-def generate_server_config(config):
-  """
-  Generates server config from the app config
-  """
-  config = config or {}
-  tuf_server = config.get('TUF_SERVER', None)
-  tuf_host = config.get('TUF_HOST', None)
-  signing_enabled = config.get('FEATURE_SIGNING', False)
-  maximum_layer_size = config.get('MAXIMUM_LAYER_SIZE', '20G')
-
-  write_config('conf/nginx/server-base.conf',
-               tuf_server=tuf_server,
-               tuf_host=tuf_host,
-               signing_enabled=signing_enabled,
-               maximum_layer_size=maximum_layer_size)
-
-
-if __name__ == "__main__":
-  if os.path.exists('conf/stack/config.yaml'):
-    with open('conf/stack/config.yaml', 'r') as f:
-      config = yaml.load(f)
-  else:
-    config = None
-  generate_server_config(config)
-  generate_nginx_config()
+cd $QUAYDIR
+venv/bin/python $QUAYCONF/init/nginx_conf_create.py
--- a/conf/init/runmigration.sh
+++ b/conf/init/runmigration.sh
@ -1,5 +1,6 @@
-#! /bin/bash
+#!/bin/bash
 set -e
+cd ${QUAYDIR:-"/"}

 # Run the database migration
-PYTHONPATH=. venv/bin/alembic upgrade head
+PYTHONPATH=${QUAYPATH:-"."} venv/bin/alembic upgrade head
--- a/conf/init/service/blobuploadcleanupworker/run
+++ b/conf/init/service/blobuploadcleanupworker/run
@ -2,7 +2,9 @@

 echo 'Starting Blob upload cleanup worker'

-cd /
-venv/bin/python -m workers.blobuploadcleanupworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.blobuploadcleanupworker 2>&1

 echo 'Blob upload cleanup exited'
--- a/conf/init/service/buildlogsarchiver/run
+++ b/conf/init/service/buildlogsarchiver/run
@ -2,7 +2,8 @@

 echo 'Starting build logs archiver worker'

-cd /
-venv/bin/python -m workers.buildlogsarchiver 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.buildlogsarchiver 2>&1

 echo 'Diffs worker exited'
--- a/conf/init/service/buildmanager/run
+++ b/conf/init/service/buildmanager/run
@ -6,7 +6,9 @@ echo 'Starting internal build manager'
 monit

 # Run the build manager.
-cd /
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+export PYTHONPATH=$QUAYPATH
 exec venv/bin/python -m buildman.builder 2>&1

 echo 'Internal build manager exited'
--- a/conf/init/service/chunkcleanupworker/run
+++ b/conf/init/service/chunkcleanupworker/run
@ -2,7 +2,8 @@

 echo 'Starting chunk cleanup worker'

-cd /
-venv/bin/python -m workers.chunkcleanupworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.chunkcleanupworker 2>&1

 echo 'Chunk cleanup worker exited'
--- a/conf/init/service/gcworker/run
+++ b/conf/init/service/gcworker/run
@ -2,7 +2,8 @@

 echo 'Starting GC worker'

-cd /
-venv/bin/python -m workers.gc.gcworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.gc.gcworker 2>&1

-echo 'Repository GC exited'
+echo 'Repository GC exited'
--- a/conf/init/service/globalpromstats/run
+++ b/conf/init/service/globalpromstats/run
@ -2,7 +2,8 @@

 echo 'Starting global prometheus stats worker'

-cd /
-venv/bin/python -m workers.globalpromstats
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.globalpromstats

 echo 'Global prometheus stats exited'
--- a/conf/init/service/gunicorn_registry/run
+++ b/conf/init/service/gunicorn_registry/run
@ -2,7 +2,10 @@

 echo 'Starting gunicon'

-cd /
-nice -n 10 venv/bin/gunicorn -c conf/gunicorn_registry.py registry:application
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH nice -n 10 venv/bin/gunicorn -c $QUAYCONF/gunicorn_registry.py registry:application

 echo 'Gunicorn exited'
--- a/conf/init/service/gunicorn_secscan/run
+++ b/conf/init/service/gunicorn_secscan/run
@ -2,7 +2,10 @@

 echo 'Starting gunicon'

-cd /
-venv/bin/gunicorn -c conf/gunicorn_secscan.py secscan:application
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/gunicorn -c $QUAYCONF/gunicorn_secscan.py secscan:application

 echo 'Gunicorn exited'
--- a/conf/init/service/gunicorn_verbs/run
+++ b/conf/init/service/gunicorn_verbs/run
@ -2,7 +2,10 @@

 echo 'Starting gunicon'

-cd /
-nice -n 10 venv/bin/gunicorn -c conf/gunicorn_verbs.py verbs:application
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH nice -n 10 venv/bin/gunicorn -c $QUAYCONF/gunicorn_verbs.py verbs:application

 echo 'Gunicorn exited'
--- a/conf/init/service/gunicorn_web/run
+++ b/conf/init/service/gunicorn_web/run
@ -2,7 +2,10 @@

 echo 'Starting gunicon'

-cd /
-venv/bin/gunicorn -c conf/gunicorn_web.py web:application
+QUAYPATH=${QUAYPATH:-"."}
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/gunicorn -c $QUAYCONF/gunicorn_web.py web:application

 echo 'Gunicorn exited'
--- a/conf/init/service/jwtproxy/run
+++ b/conf/init/service/jwtproxy/run
@ -1,12 +1,16 @@
 #! /bin/bash
-cd /

-if [ -f conf/jwtproxy_conf.yaml ];
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+if [ -f $QUAYCONF/jwtproxy_conf.yaml ];
 then
  echo 'Starting jwtproxy'
-  /usr/local/bin/jwtproxy --config conf/jwtproxy_conf.yaml 
+  /usr/local/bin/jwtproxy --config $QUAYCONF/jwtproxy_conf.yaml
  rm /tmp/jwtproxy_secscan.sock
  echo 'Jwtproxy exited'
 else
-  sleep 1 
+  sleep 1
 fi
--- a/conf/init/service/logrotateworker/run
+++ b/conf/init/service/logrotateworker/run
@ -2,7 +2,8 @@

 echo 'Starting log rotation worker'

-cd /
-venv/bin/python -m workers.logrotateworker
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.logrotateworker

 echo 'Log rotation worker exited'
--- a/conf/init/service/nginx/run
+++ b/conf/init/service/nginx/run
@ -2,6 +2,11 @@

 echo 'Starting nginx'

-/usr/sbin/nginx -c /conf/nginx/nginx.conf
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH
+QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}
+
+/usr/sbin/nginx -c $QUAYCONF/nginx/nginx.conf

 echo 'Nginx exited'
--- a/conf/init/service/notificationworker/run
+++ b/conf/init/service/notificationworker/run
@ -2,7 +2,9 @@

 echo 'Starting notification worker'

-cd /
-venv/bin/python -m workers.notificationworker
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.notificationworker

 echo 'Notification worker exited'
--- a/conf/init/service/queuecleanupworker/run
+++ b/conf/init/service/queuecleanupworker/run
@ -2,7 +2,8 @@

 echo 'Starting Queue cleanup worker'

-cd /
-venv/bin/python -m workers.queuecleanupworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.queuecleanupworker 2>&1

 echo 'Repository Queue cleanup exited'
--- a/conf/init/service/repositoryactioncounter/run
+++ b/conf/init/service/repositoryactioncounter/run
@ -2,7 +2,8 @@

 echo 'Starting repository action count worker'

-cd /
-venv/bin/python -m workers.repositoryactioncounter 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.repositoryactioncounter 2>&1

 echo 'Repository action worker exited'
--- a/conf/init/service/security_notification_worker/run
+++ b/conf/init/service/security_notification_worker/run
@ -2,7 +2,8 @@

 echo 'Starting security scanner notification worker'

-cd /
-venv/bin/python -m workers.security_notification_worker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.security_notification_worker 2>&1

 echo 'Security scanner notification worker exited'
--- a/conf/init/service/securityworker/run
+++ b/conf/init/service/securityworker/run
@ -2,7 +2,8 @@

 echo 'Starting security scanner worker'

-cd /
-venv/bin/python -m workers.securityworker.securityworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.securityworker.securityworker 2>&1

 echo 'Security scanner worker exited'
--- a/conf/init/service/service_key_worker/run
+++ b/conf/init/service/service_key_worker/run
@ -2,7 +2,8 @@

 echo 'Starting service key worker'

-cd /
-venv/bin/python -m workers.service_key_worker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.service_key_worker 2>&1

 echo 'Service key worker exited'
--- a/conf/init/service/storagereplication/run
+++ b/conf/init/service/storagereplication/run
@ -2,7 +2,8 @@

 echo 'Starting storage replication worker'

-cd /
-venv/bin/python -m workers.storagereplication 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.storagereplication 2>&1

 echo 'Repository storage replication exited'
--- a/conf/init/service/teamsyncworker/run
+++ b/conf/init/service/teamsyncworker/run
@ -2,7 +2,8 @@

 echo 'Starting team synchronization worker'

-cd /
-venv/bin/python -m workers.teamsyncworker 2>&1
+QUAYPATH=${QUAYPATH:-"."}
+cd ${QUAYDIR:-"/"}
+PYTHONPATH=$QUAYPATH venv/bin/python -m workers.teamsyncworker 2>&1

 echo 'Team synchronization worker exited'
--- a/conf/init/zz_boot.sh
+++ b/conf/init/zz_boot.sh
@ -1,3 +1,4 @@
 #!/bin/bash
+cd ${QUAYDIR:-"/"}

-/venv/bin/python /boot.py
+venv/bin/python ${QUAYPATH:-"."}/boot.py