mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 03:35:21 +01:00
feat(cicd) parameterize docker base image and external url
Signed-off-by: Ziming Zhang <zziming@vmware.com>
This commit is contained in:
parent
e1ba985b7c
commit
572ebef685
20
Makefile
20
Makefile
@ -91,6 +91,7 @@ GEN_TLS=
|
|||||||
VERSIONTAG=dev
|
VERSIONTAG=dev
|
||||||
# for base docker image tag
|
# for base docker image tag
|
||||||
BASEIMAGETAG=dev
|
BASEIMAGETAG=dev
|
||||||
|
BASEIMAGENAMESPACE=goharbor
|
||||||
# for harbor package name
|
# for harbor package name
|
||||||
PKGVERSIONTAG=dev
|
PKGVERSIONTAG=dev
|
||||||
|
|
||||||
@ -111,6 +112,15 @@ CHARTMUSEUMVERSION=v0.9.0
|
|||||||
# version of registry for pulling the source code
|
# version of registry for pulling the source code
|
||||||
REGISTRY_SRC_TAG=v2.7.1
|
REGISTRY_SRC_TAG=v2.7.1
|
||||||
|
|
||||||
|
# dependency binaries
|
||||||
|
CLAIRURL=https://storage.googleapis.com/harbor-builds/bin/clair/release2.0-${CLAIRVERSION}/clair
|
||||||
|
CHARTURL=https://storage.googleapis.com/harbor-builds/bin/chartmuseum/release-${CHARTMUSEUMVERSION}/chartm
|
||||||
|
NORARYURL=https://storage.googleapis.com/harbor-builds/bin/notary/release-${NOTARYVERSION}/binary-bundle.tgz
|
||||||
|
REGISTRYURL=https://storage.googleapis.com/harbor-builds/bin/registry/release-${REGISTRYVERSION}/registry
|
||||||
|
CLAIR_ADAPTER_DOWNLOAD_URL=https://github.com/goharbor/harbor-scanner-clair/releases/download/$(CLAIRADAPTERVERSION)/harbor-scanner-clair_$(CLAIRADAPTERVERSION:v%=%)_Linux_x86_64.tar.gz
|
||||||
|
TRIVY_DOWNLOAD_URL=https://github.com/aquasecurity/trivy/releases/download/$(TRIVYVERSION)/trivy_$(TRIVYVERSION:v%=%)_Linux-64bit.tar.gz
|
||||||
|
TRIVY_ADAPTER_DOWNLOAD_URL=https://github.com/aquasecurity/harbor-scanner-trivy/releases/download/$(TRIVYADAPTERVERSION)/harbor-scanner-trivy_$(TRIVYADAPTERVERSION:v%=%)_Linux_x86_64.tar.gz
|
||||||
|
|
||||||
define VERSIONS_FOR_PREPARE
|
define VERSIONS_FOR_PREPARE
|
||||||
VERSION_TAG: $(VERSIONTAG)
|
VERSION_TAG: $(VERSIONTAG)
|
||||||
REGISTRY_VERSION: $(REGISTRYVERSION)
|
REGISTRY_VERSION: $(REGISTRYVERSION)
|
||||||
@ -366,19 +376,21 @@ build:
|
|||||||
-e CLAIRVERSION=$(CLAIRVERSION) -e CLAIRADAPTERVERSION=$(CLAIRADAPTERVERSION) -e VERSIONTAG=$(VERSIONTAG) \
|
-e CLAIRVERSION=$(CLAIRVERSION) -e CLAIRADAPTERVERSION=$(CLAIRADAPTERVERSION) -e VERSIONTAG=$(VERSIONTAG) \
|
||||||
-e BUILDBIN=$(BUILDBIN) \
|
-e BUILDBIN=$(BUILDBIN) \
|
||||||
-e CHARTMUSEUMVERSION=$(CHARTMUSEUMVERSION) -e DOCKERIMAGENAME_CHART_SERVER=$(DOCKERIMAGENAME_CHART_SERVER) \
|
-e CHARTMUSEUMVERSION=$(CHARTMUSEUMVERSION) -e DOCKERIMAGENAME_CHART_SERVER=$(DOCKERIMAGENAME_CHART_SERVER) \
|
||||||
-e NPM_REGISTRY=$(NPM_REGISTRY) -e BASEIMAGETAG=$(BASEIMAGETAG)
|
-e NPM_REGISTRY=$(NPM_REGISTRY) -e BASEIMAGETAG=$(BASEIMAGETAG) -e BASEIMAGENAMESPACE=$(BASEIMAGENAMESPACE) \
|
||||||
|
-e CLAIRURL=$(CLAIRURL) -e CHARTURL=$(CHARTURL) -e NORARYURL=$(NORARYURL) -e REGISTRYURL=$(REGISTRYURL) -e CLAIR_ADAPTER_DOWNLOAD_URL=$(CLAIR_ADAPTER_DOWNLOAD_URL) \
|
||||||
|
-e TRIVY_DOWNLOAD_URL=$(TRIVY_DOWNLOAD_URL) -e TRIVY_ADAPTER_DOWNLOAD_URL=$(TRIVY_ADAPTER_DOWNLOAD_URL)
|
||||||
|
|
||||||
build_base_docker:
|
build_base_docker:
|
||||||
@for name in chartserver clair clair-adapter trivy-adapter core db jobservice log nginx notary-server notary-signer portal prepare redis registry registryctl; do \
|
@for name in chartserver clair clair-adapter trivy-adapter core db jobservice log nginx notary-server notary-signer portal prepare redis registry registryctl; do \
|
||||||
echo $$name ; \
|
echo $$name ; \
|
||||||
$(DOCKERBUILD) --pull -f $(MAKEFILEPATH_PHOTON)/$$name/Dockerfile.base -t goharbor/harbor-$$name-base:$(BASEIMAGETAG) . ; \
|
$(DOCKERBUILD) --pull -f $(MAKEFILEPATH_PHOTON)/$$name/Dockerfile.base -t $(BASEIMAGENAMESPACE)/harbor-$$name-base:$(BASEIMAGETAG) . ; \
|
||||||
$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) goharbor/harbor-$$name-base:$(BASEIMAGETAG) $(REGISTRYUSER) $(REGISTRYPASSWORD) ; \
|
$(PUSHSCRIPTPATH)/$(PUSHSCRIPTNAME) $(BASEIMAGENAMESPACE)/harbor-$$name-base:$(BASEIMAGETAG) $(REGISTRYUSER) $(REGISTRYPASSWORD) ; \
|
||||||
done
|
done
|
||||||
|
|
||||||
pull_base_docker:
|
pull_base_docker:
|
||||||
@for name in chartserver clair clair-adapter trivy-adapter core db jobservice log nginx notary-server notary-signer portal prepare redis registry registryctl; do \
|
@for name in chartserver clair clair-adapter trivy-adapter core db jobservice log nginx notary-server notary-signer portal prepare redis registry registryctl; do \
|
||||||
echo $$name ; \
|
echo $$name ; \
|
||||||
$(DOCKERPULL) goharbor/harbor-$$name-base:$(BASEIMAGETAG) ; \
|
$(DOCKERPULL) $(BASEIMAGENAMESPACE)/harbor-$$name-base:$(BASEIMAGETAG) ; \
|
||||||
done
|
done
|
||||||
|
|
||||||
install: compile build prepare start
|
install: compile build prepare start
|
||||||
|
@ -13,12 +13,14 @@ SRCPATH=./src
|
|||||||
TOOLSPATH=$(CURDIR)/tools
|
TOOLSPATH=$(CURDIR)/tools
|
||||||
SEDCMD=$(shell which sed)
|
SEDCMD=$(shell which sed)
|
||||||
WGET=$(shell which wget)
|
WGET=$(shell which wget)
|
||||||
|
CURL=$(shell which curl)
|
||||||
|
|
||||||
# docker parameters
|
# docker parameters
|
||||||
DOCKERCMD=$(shell which docker)
|
DOCKERCMD=$(shell which docker)
|
||||||
DOCKERBUILD=$(DOCKERCMD) build
|
DOCKERBUILD=$(DOCKERCMD) build
|
||||||
DOCKERRMIMAGE=$(DOCKERCMD) rmi
|
DOCKERRMIMAGE=$(DOCKERCMD) rmi
|
||||||
DOCKERIMASES=$(DOCKERCMD) images
|
DOCKERIMASES=$(DOCKERCMD) images
|
||||||
|
BASEIMAGENAMESPACE=goharbor
|
||||||
|
|
||||||
# binary
|
# binary
|
||||||
CORE_SOURCECODE=$(SRCPATH)/core
|
CORE_SOURCECODE=$(SRCPATH)/core
|
||||||
@ -60,7 +62,6 @@ DOCKERIMAGENAME_POSTGRESQL=goharbor/postgresql-photon
|
|||||||
DOCKERFILEPATH_CLAIR=$(DOCKERFILEPATH)/clair
|
DOCKERFILEPATH_CLAIR=$(DOCKERFILEPATH)/clair
|
||||||
DOCKERFILENAME_CLAIR=Dockerfile
|
DOCKERFILENAME_CLAIR=Dockerfile
|
||||||
DOCKERIMAGENAME_CLAIR=goharbor/clair-photon
|
DOCKERIMAGENAME_CLAIR=goharbor/clair-photon
|
||||||
CLAIR_ADAPTER_DOWNLOAD_URL=https://github.com/goharbor/harbor-scanner-clair/releases/download/$(CLAIRADAPTERVERSION)/harbor-scanner-clair_$(CLAIRADAPTERVERSION:v%=%)_Linux_x86_64.tar.gz
|
|
||||||
|
|
||||||
DOCKERFILEPATH_CLAIR_ADAPTER=$(DOCKERFILEPATH)/clair-adapter
|
DOCKERFILEPATH_CLAIR_ADAPTER=$(DOCKERFILEPATH)/clair-adapter
|
||||||
DOCKERFILENAME_CLAIR_ADAPTER=Dockerfile
|
DOCKERFILENAME_CLAIR_ADAPTER=Dockerfile
|
||||||
@ -69,8 +70,6 @@ DOCKERIMAGENAME_CLAIR_ADAPTER=goharbor/clair-adapter-photon
|
|||||||
DOCKERFILEPATH_TRIVY_ADAPTER=$(DOCKERFILEPATH)/trivy-adapter
|
DOCKERFILEPATH_TRIVY_ADAPTER=$(DOCKERFILEPATH)/trivy-adapter
|
||||||
DOCKERFILENAME_TRIVY_ADAPTER=Dockerfile
|
DOCKERFILENAME_TRIVY_ADAPTER=Dockerfile
|
||||||
DOCKERIMAGENAME_TRIVY_ADAPTER=goharbor/trivy-adapter-photon
|
DOCKERIMAGENAME_TRIVY_ADAPTER=goharbor/trivy-adapter-photon
|
||||||
TRIVY_DOWNLOAD_URL=https://github.com/aquasecurity/trivy/releases/download/$(TRIVYVERSION)/trivy_$(TRIVYVERSION:v%=%)_Linux-64bit.tar.gz
|
|
||||||
TRIVY_ADAPTER_DOWNLOAD_URL=https://github.com/aquasecurity/harbor-scanner-trivy/releases/download/$(TRIVYADAPTERVERSION)/harbor-scanner-trivy_$(TRIVYADAPTERVERSION:v%=%)_Linux_x86_64.tar.gz
|
|
||||||
|
|
||||||
DOCKERFILEPATH_NGINX=$(DOCKERFILEPATH)/nginx
|
DOCKERFILEPATH_NGINX=$(DOCKERFILEPATH)/nginx
|
||||||
DOCKERFILENAME_NGINX=Dockerfile
|
DOCKERFILENAME_NGINX=Dockerfile
|
||||||
@ -105,44 +104,44 @@ CHART_SERVER_BIN_NAME=chartm
|
|||||||
|
|
||||||
_build_prepare:
|
_build_prepare:
|
||||||
@echo "building prepare container for photon..."
|
@echo "building prepare container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_PREPARE)/$(DOCKERFILENAME_PREPARE) -t $(DOCKERIMAGENAME_PREPARE):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_PREPARE)/$(DOCKERFILENAME_PREPARE) -t $(DOCKERIMAGENAME_PREPARE):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_db:
|
_build_db:
|
||||||
@echo "building db container for photon..."
|
@echo "building db container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_DB)/$(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_DB)/$(DOCKERFILENAME_DB) -t $(DOCKERIMAGENAME_DB):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_portal:
|
_build_portal:
|
||||||
@echo "building portal container for photon..."
|
@echo "building portal container for photon..."
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg npm_registry=$(NPM_REGISTRY) -f $(DOCKERFILEPATH_PORTAL)/$(DOCKERFILENAME_PORTAL) -t $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) .
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) --build-arg npm_registry=$(NPM_REGISTRY) -f $(DOCKERFILEPATH_PORTAL)/$(DOCKERFILENAME_PORTAL) -t $(DOCKERIMAGENAME_PORTAL):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_core:
|
_build_core:
|
||||||
@echo "building core container for photon..."
|
@echo "building core container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_CORE)/$(DOCKERFILENAME_CORE) -t $(DOCKERIMAGENAME_CORE):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_CORE)/$(DOCKERFILENAME_CORE) -t $(DOCKERIMAGENAME_CORE):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_jobservice:
|
_build_jobservice:
|
||||||
@echo "building jobservice container for photon..."
|
@echo "building jobservice container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_JOBSERVICE)/$(DOCKERFILENAME_JOBSERVICE) -t $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_JOBSERVICE)/$(DOCKERFILENAME_JOBSERVICE) -t $(DOCKERIMAGENAME_JOBSERVICE):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_log:
|
_build_log:
|
||||||
@echo "building log container for photon..."
|
@echo "building log container for photon..."
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_LOG)/$(DOCKERFILENAME_LOG) -t $(DOCKERIMAGENAME_LOG):$(VERSIONTAG) .
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_LOG)/$(DOCKERFILENAME_LOG) -t $(DOCKERIMAGENAME_LOG):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_clair:
|
_build_clair:
|
||||||
@if [ "$(CLAIRFLAG)" = "true" ] ; then \
|
@if [ "$(CLAIRFLAG)" = "true" ] ; then \
|
||||||
if [ "$(BUILDBIN)" != "true" ] ; then \
|
if [ "$(BUILDBIN)" != "true" ] ; then \
|
||||||
rm -rf $(DOCKERFILEPATH_CLAIR)/binary && mkdir -p $(DOCKERFILEPATH_CLAIR)/binary && \
|
rm -rf $(DOCKERFILEPATH_CLAIR)/binary && mkdir -p $(DOCKERFILEPATH_CLAIR)/binary && \
|
||||||
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/clair/release2.0-$(CLAIRVERSION)/clair, $(DOCKERFILEPATH_CLAIR)/binary/clair); \
|
$(call _get_binary, $(CLAIRURL), $(DOCKERFILEPATH_CLAIR)/binary/clair); \
|
||||||
else \
|
else \
|
||||||
cd $(DOCKERFILEPATH_CLAIR) && $(DOCKERFILEPATH_CLAIR)/builder $(CLAIRVERSION) && cd - ; \
|
cd $(DOCKERFILEPATH_CLAIR) && $(DOCKERFILEPATH_CLAIR)/builder $(CLAIRVERSION) && cd - ; \
|
||||||
fi ; \
|
fi ; \
|
||||||
echo "building clair container for photon..." ; \
|
echo "building clair container for photon..." ; \
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_CLAIR)/$(DOCKERFILENAME_CLAIR) -t $(DOCKERIMAGENAME_CLAIR):$(VERSIONTAG) . ; \
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_CLAIR)/$(DOCKERFILENAME_CLAIR) -t $(DOCKERIMAGENAME_CLAIR):$(VERSIONTAG) . ; \
|
||||||
rm -rf $(DOCKERFILEPATH_CLAIR)/binary; \
|
rm -rf $(DOCKERFILEPATH_CLAIR)/binary; \
|
||||||
echo "Done." ; \
|
echo "Done." ; \
|
||||||
fi
|
fi
|
||||||
@ -158,6 +157,7 @@ _build_clair_adapter:
|
|||||||
fi ; \
|
fi ; \
|
||||||
echo "Building Clair adapter container for photon..." ; \
|
echo "Building Clair adapter container for photon..." ; \
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) \
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) \
|
||||||
|
--build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) \
|
||||||
-f $(DOCKERFILEPATH_CLAIR_ADAPTER)/$(DOCKERFILENAME_CLAIR_ADAPTER) \
|
-f $(DOCKERFILEPATH_CLAIR_ADAPTER)/$(DOCKERFILENAME_CLAIR_ADAPTER) \
|
||||||
-t $(DOCKERIMAGENAME_CLAIR_ADAPTER):$(VERSIONTAG) . ; \
|
-t $(DOCKERIMAGENAME_CLAIR_ADAPTER):$(VERSIONTAG) . ; \
|
||||||
rm -rf $(DOCKERFILEPATH_CLAIR_ADAPTER)/binary; \
|
rm -rf $(DOCKERFILEPATH_CLAIR_ADAPTER)/binary; \
|
||||||
@ -178,6 +178,7 @@ _build_trivy_adapter:
|
|||||||
fi ; \
|
fi ; \
|
||||||
echo "Building Trivy adapter container for photon..." ; \
|
echo "Building Trivy adapter container for photon..." ; \
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) \
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) \
|
||||||
|
--build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) \
|
||||||
--build-arg trivy_version=$(TRIVYVERSION) \
|
--build-arg trivy_version=$(TRIVYVERSION) \
|
||||||
-f $(DOCKERFILEPATH_TRIVY_ADAPTER)/$(DOCKERFILENAME_TRIVY_ADAPTER) \
|
-f $(DOCKERFILEPATH_TRIVY_ADAPTER)/$(DOCKERFILENAME_TRIVY_ADAPTER) \
|
||||||
-t $(DOCKERIMAGENAME_TRIVY_ADAPTER):$(VERSIONTAG) . ; \
|
-t $(DOCKERIMAGENAME_TRIVY_ADAPTER):$(VERSIONTAG) . ; \
|
||||||
@ -189,33 +190,33 @@ _build_chart_server:
|
|||||||
@if [ "$(CHARTFLAG)" = "true" ] ; then \
|
@if [ "$(CHARTFLAG)" = "true" ] ; then \
|
||||||
if [ "$(BUILDBIN)" != "true" ] ; then \
|
if [ "$(BUILDBIN)" != "true" ] ; then \
|
||||||
rm -rf $(DOCKERFILEPATH_CHART_SERVER)/binary && mkdir -p $(DOCKERFILEPATH_CHART_SERVER)/binary && \
|
rm -rf $(DOCKERFILEPATH_CHART_SERVER)/binary && mkdir -p $(DOCKERFILEPATH_CHART_SERVER)/binary && \
|
||||||
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/chartmuseum/release-$(CHARTMUSEUMVERSION)/chartm, $(DOCKERFILEPATH_CHART_SERVER)/binary/chartm); \
|
$(call _get_binary, $(CHARTURL), $(DOCKERFILEPATH_CHART_SERVER)/binary/chartm); \
|
||||||
else \
|
else \
|
||||||
cd $(DOCKERFILEPATH_CHART_SERVER) && $(DOCKERFILEPATH_CHART_SERVER)/builder $(GOBUILDIMAGE) $(CHART_SERVER_CODE_BASE) $(CHARTMUSEUMVERSION) $(CHART_SERVER_MAIN_PATH) $(CHART_SERVER_BIN_NAME) && cd - ; \
|
cd $(DOCKERFILEPATH_CHART_SERVER) && $(DOCKERFILEPATH_CHART_SERVER)/builder $(GOBUILDIMAGE) $(CHART_SERVER_CODE_BASE) $(CHARTMUSEUMVERSION) $(CHART_SERVER_MAIN_PATH) $(CHART_SERVER_BIN_NAME) && cd - ; \
|
||||||
fi ; \
|
fi ; \
|
||||||
echo "building chartmuseum container for photon..." ; \
|
echo "building chartmuseum container for photon..." ; \
|
||||||
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_CHART_SERVER)/$(DOCKERFILENAME_CHART_SERVER) -t $(DOCKERIMAGENAME_CHART_SERVER):$(VERSIONTAG) . ; \
|
$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_CHART_SERVER)/$(DOCKERFILENAME_CHART_SERVER) -t $(DOCKERIMAGENAME_CHART_SERVER):$(VERSIONTAG) . ; \
|
||||||
rm -rf $(DOCKERFILEPATH_CHART_SERVER)/binary; \
|
rm -rf $(DOCKERFILEPATH_CHART_SERVER)/binary; \
|
||||||
echo "Done." ; \
|
echo "Done." ; \
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_build_nginx:
|
_build_nginx:
|
||||||
@echo "building nginx container for photon..."
|
@echo "building nginx container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_NGINX)/$(DOCKERFILENAME_NGINX) -t $(DOCKERIMAGENAME_NGINX):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_NGINX)/$(DOCKERFILENAME_NGINX) -t $(DOCKERIMAGENAME_NGINX):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_notary:
|
_build_notary:
|
||||||
@if [ "$(NOTARYFLAG)" = "true" ] ; then \
|
@if [ "$(NOTARYFLAG)" = "true" ] ; then \
|
||||||
if [ "$(BUILDBIN)" != "true" ] ; then \
|
if [ "$(BUILDBIN)" != "true" ] ; then \
|
||||||
rm -rf $(DOCKERFILEPATH_NOTARY)/binary && mkdir -p $(DOCKERFILEPATH_NOTARY)/binary && \
|
rm -rf $(DOCKERFILEPATH_NOTARY)/binary && mkdir -p $(DOCKERFILEPATH_NOTARY)/binary && \
|
||||||
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/notary/release-$(NOTARYVERSION)/binary-bundle.tgz, $(DOCKERFILEPATH_NOTARY)/binary-bundle.tgz); \
|
$(call _get_binary, $(NORARYURL), $(DOCKERFILEPATH_NOTARY)/binary-bundle.tgz); \
|
||||||
cd $(DOCKERFILEPATH_NOTARY) && tar -zvxf binary-bundle.tgz && cd - ; \
|
cd $(DOCKERFILEPATH_NOTARY) && tar -zvxf binary-bundle.tgz && cd - ; \
|
||||||
else \
|
else \
|
||||||
cd $(DOCKERFILEPATH_NOTARY) && $(DOCKERFILEPATH_NOTARY)/builder $(NOTARYVERSION) $(NOTARYMIGRATEVERSION) && cd - ; \
|
cd $(DOCKERFILEPATH_NOTARY) && $(DOCKERFILEPATH_NOTARY)/builder $(NOTARYVERSION) $(NOTARYMIGRATEVERSION) && cd - ; \
|
||||||
fi ; \
|
fi ; \
|
||||||
echo "building notary container for photon..."; \
|
echo "building notary container for photon..."; \
|
||||||
chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-signer && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_NOTARYSIGNER)/$(DOCKERFILENAME_NOTARYSIGNER) -t $(DOCKERIMAGENAME_NOTARYSIGNER):$(VERSIONTAG) . ; \
|
chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-signer && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_NOTARYSIGNER)/$(DOCKERFILENAME_NOTARYSIGNER) -t $(DOCKERIMAGENAME_NOTARYSIGNER):$(VERSIONTAG) . ; \
|
||||||
chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-server && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_NOTARYSERVER)/$(DOCKERFILENAME_NOTARYSERVER) -t $(DOCKERIMAGENAME_NOTARYSERVER):$(VERSIONTAG) . ; \
|
chmod 655 $(DOCKERFILEPATH_NOTARY)/binary/notary-server && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_NOTARYSERVER)/$(DOCKERFILENAME_NOTARYSERVER) -t $(DOCKERIMAGENAME_NOTARYSERVER):$(VERSIONTAG) . ; \
|
||||||
rm -rf $(DOCKERFILEPATH_NOTARY)/binary; \
|
rm -rf $(DOCKERFILEPATH_NOTARY)/binary; \
|
||||||
echo "Done."; \
|
echo "Done."; \
|
||||||
fi
|
fi
|
||||||
@ -223,31 +224,33 @@ _build_notary:
|
|||||||
_build_registry:
|
_build_registry:
|
||||||
@if [ "$(BUILDBIN)" != "true" ] ; then \
|
@if [ "$(BUILDBIN)" != "true" ] ; then \
|
||||||
rm -rf $(DOCKERFILEPATH_REG)/binary && mkdir -p $(DOCKERFILEPATH_REG)/binary && \
|
rm -rf $(DOCKERFILEPATH_REG)/binary && mkdir -p $(DOCKERFILEPATH_REG)/binary && \
|
||||||
$(call _get_binary, https://storage.googleapis.com/harbor-builds/bin/registry/release-$(REGISTRYVERSION)/registry, $(DOCKERFILEPATH_REG)/binary/registry); \
|
$(call _get_binary, $(REGISTRYURL), $(DOCKERFILEPATH_REG)/binary/registry); \
|
||||||
else \
|
else \
|
||||||
cd $(DOCKERFILEPATH_REG) && $(DOCKERFILEPATH_REG)/builder $(REGISTRY_SRC_TAG) && cd - ; \
|
cd $(DOCKERFILEPATH_REG) && $(DOCKERFILEPATH_REG)/builder $(REGISTRY_SRC_TAG) && cd - ; \
|
||||||
fi
|
fi
|
||||||
@echo "building registry container for photon..."
|
@echo "building registry container for photon..."
|
||||||
@chmod 655 $(DOCKERFILEPATH_REG)/binary/registry && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_REG)/$(DOCKERFILENAME_REG) -t $(DOCKERIMAGENAME_REG):$(VERSIONTAG) .
|
@chmod 655 $(DOCKERFILEPATH_REG)/binary/registry && $(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_REG)/$(DOCKERFILENAME_REG) -t $(DOCKERIMAGENAME_REG):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_registryctl:
|
_build_registryctl:
|
||||||
@echo "building registry controller for photon..."
|
@echo "building registry controller for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_REGISTRYCTL)/$(DOCKERFILENAME_REGISTRYCTL) -t $(DOCKERIMAGENAME_REGISTRYCTL):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_REGISTRYCTL)/$(DOCKERFILENAME_REGISTRYCTL) -t $(DOCKERIMAGENAME_REGISTRYCTL):$(VERSIONTAG) .
|
||||||
@rm -rf $(DOCKERFILEPATH_REG)/binary
|
@rm -rf $(DOCKERFILEPATH_REG)/binary
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
_build_redis:
|
_build_redis:
|
||||||
@echo "building redis container for photon..."
|
@echo "building redis container for photon..."
|
||||||
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) -f $(DOCKERFILEPATH_REDIS)/$(DOCKERFILENAME_REDIS) -t $(DOCKERIMAGENAME_REDIS):$(VERSIONTAG) .
|
@$(DOCKERBUILD) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_REDIS)/$(DOCKERFILENAME_REDIS) -t $(DOCKERIMAGENAME_REDIS):$(VERSIONTAG) .
|
||||||
@echo "Done."
|
@echo "Done."
|
||||||
|
|
||||||
define _extract_archive
|
define _extract_archive
|
||||||
$(WGET) --timeout 30 --no-check-certificate -O- $1 | tar xvz -C $2
|
echo "download $1";\
|
||||||
|
$(CURL) --connect-timeout 30 -f -k -L $1 | tar xvz -C $2 || exit 1
|
||||||
endef
|
endef
|
||||||
|
|
||||||
define _get_binary
|
define _get_binary
|
||||||
$(WGET) --timeout 30 --no-check-certificate $1 -O $2 || exit 1
|
echo "download $1";\
|
||||||
|
$(CURL) --connect-timeout 30 -f -k -L $1 -o $2 || exit 1
|
||||||
endef
|
endef
|
||||||
|
|
||||||
build: _build_prepare _build_db _build_portal _build_core _build_jobservice _build_log _build_nginx _build_registry _build_registryctl _build_notary _build_clair _build_clair_adapter _build_trivy_adapter _build_redis _build_chart_server
|
build: _build_prepare _build_db _build_portal _build_core _build_jobservice _build_log _build_nginx _build_registry _build_registryctl _build_notary _build_clair _build_clair_adapter _build_trivy_adapter _build_redis _build_chart_server
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-chartserver-base:$harbor_base_image_version
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-chartserver-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/chartserver/binary/chartm /home/chart/
|
COPY ./make/photon/chartserver/binary/chartm /home/chart/
|
||||||
COPY ./make/photon/chartserver/docker-entrypoint.sh /home/chart/
|
COPY ./make/photon/chartserver/docker-entrypoint.sh /home/chart/
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-clair-adapter-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-clair-adapter-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/common/install_cert.sh /home/clair-adapter
|
COPY ./make/photon/common/install_cert.sh /home/clair-adapter
|
||||||
COPY ./make/photon/clair-adapter/entrypoint.sh /home/clair-adapter
|
COPY ./make/photon/clair-adapter/entrypoint.sh /home/clair-adapter
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-clair-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-clair-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/clair/binary/clair /home/clair/
|
COPY ./make/photon/clair/binary/clair /home/clair/
|
||||||
COPY ./make/photon/clair/docker-entrypoint.sh /home/clair/
|
COPY ./make/photon/clair/docker-entrypoint.sh /home/clair/
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-core-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-core-base:${harbor_base_image_version}
|
||||||
|
|
||||||
HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080/api/v2.0/ping || curl -k --fail -s https://127.0.0.1:8443/api/v2.0/ping || exit 1
|
HEALTHCHECK CMD curl --fail -s http://127.0.0.1:8080/api/v2.0/ping || curl -k --fail -s https://127.0.0.1:8443/api/v2.0/ping || exit 1
|
||||||
COPY ./make/photon/common/install_cert.sh /harbor/
|
COPY ./make/photon/common/install_cert.sh /harbor/
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-db-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-db-base:${harbor_base_image_version}
|
||||||
|
|
||||||
VOLUME /var/lib/postgresql/data
|
VOLUME /var/lib/postgresql/data
|
||||||
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-jobservice-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-jobservice-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/common/install_cert.sh /harbor/
|
COPY ./make/photon/common/install_cert.sh /harbor/
|
||||||
COPY ./make/photon/jobservice/entrypoint.sh /harbor/
|
COPY ./make/photon/jobservice/entrypoint.sh /harbor/
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-log-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-log-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/log/rsyslog.conf /etc/rsyslog.conf
|
COPY ./make/photon/log/rsyslog.conf /etc/rsyslog.conf
|
||||||
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-nginx-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-nginx-base:${harbor_base_image_version}
|
||||||
|
|
||||||
VOLUME /var/cache/nginx /var/log/nginx /run
|
VOLUME /var/cache/nginx /var/log/nginx /run
|
||||||
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-notary-server-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-notary-server-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/notary/migrate-patch /bin/migrate-patch
|
COPY ./make/photon/notary/migrate-patch /bin/migrate-patch
|
||||||
COPY ./make/photon/notary/binary/notary-server /bin/notary-server
|
COPY ./make/photon/notary/binary/notary-server /bin/notary-server
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-notary-signer-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-notary-signer-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/notary/migrate-patch /bin/migrate-patch
|
COPY ./make/photon/notary/migrate-patch /bin/migrate-patch
|
||||||
COPY ./make/photon/notary/binary/notary-signer /bin/notary-signer
|
COPY ./make/photon/notary/binary/notary-signer /bin/notary-signer
|
||||||
|
@ -1,4 +1,5 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
|
ARG harbor_base_namespace
|
||||||
FROM node:10.15.0 as nodeportal
|
FROM node:10.15.0 as nodeportal
|
||||||
|
|
||||||
WORKDIR /build_dir
|
WORKDIR /build_dir
|
||||||
@ -24,7 +25,7 @@ ENV NPM_CONFIG_REGISTRY=${npm_registry}
|
|||||||
RUN npm install --unsafe-perm
|
RUN npm install --unsafe-perm
|
||||||
RUN node --max_old_space_size=2048 'node_modules/@angular/cli/bin/ng' build --prod
|
RUN node --max_old_space_size=2048 'node_modules/@angular/cli/bin/ng' build --prod
|
||||||
|
|
||||||
FROM goharbor/harbor-portal-base:${harbor_base_image_version}
|
FROM ${harbor_base_namespace}/harbor-portal-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY --from=nodeportal /build_dir/dist /usr/share/nginx/html
|
COPY --from=nodeportal /build_dir/dist /usr/share/nginx/html
|
||||||
COPY --from=nodeportal /build_dir/swagger.yaml /usr/share/nginx/html
|
COPY --from=nodeportal /build_dir/swagger.yaml /usr/share/nginx/html
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-prepare-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-prepare-base:${harbor_base_image_version}
|
||||||
|
|
||||||
ENV LANG en_US.UTF-8
|
ENV LANG en_US.UTF-8
|
||||||
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-redis-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-redis-base:${harbor_base_image_version}
|
||||||
|
|
||||||
VOLUME /var/lib/redis
|
VOLUME /var/lib/redis
|
||||||
WORKDIR /var/lib/redis
|
WORKDIR /var/lib/redis
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-registry-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-registry-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/common/install_cert.sh /home/harbor
|
COPY ./make/photon/common/install_cert.sh /home/harbor
|
||||||
COPY ./make/photon/registry/entrypoint.sh /home/harbor
|
COPY ./make/photon/registry/entrypoint.sh /home/harbor
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-registryctl-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-registryctl-base:${harbor_base_image_version}
|
||||||
|
|
||||||
COPY ./make/photon/common/install_cert.sh /home/harbor
|
COPY ./make/photon/common/install_cert.sh /home/harbor
|
||||||
COPY ./make/photon/registry/binary/registry /usr/bin
|
COPY ./make/photon/registry/binary/registry /usr/bin
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ARG harbor_base_image_version
|
ARG harbor_base_image_version
|
||||||
FROM goharbor/harbor-trivy-adapter-base:${harbor_base_image_version}
|
ARG harbor_base_namespace
|
||||||
|
FROM ${harbor_base_namespace}/harbor-trivy-adapter-base:${harbor_base_image_version}
|
||||||
|
|
||||||
ARG trivy_version
|
ARG trivy_version
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@ sudo rm -rf /data/*
|
|||||||
sudo -E env "PATH=$PATH" make go_check
|
sudo -E env "PATH=$PATH" make go_check
|
||||||
sudo ./tests/hostcfg.sh
|
sudo ./tests/hostcfg.sh
|
||||||
sudo ./tests/generateCerts.sh
|
sudo ./tests/generateCerts.sh
|
||||||
sudo make -f make/photon/Makefile _build_db _build_registry _build_prepare -e VERSIONTAG=dev -e REGISTRYVERSION=${REG_VERSION} -e BASEIMAGETAG=dev
|
sudo make build -e BUILDTARGET="_build_db _build_registry _build_prepare"
|
||||||
docker run --rm -v /:/hostfs:z goharbor/prepare:dev gencert -p /etc/harbor/tls/internal
|
docker run --rm -v /:/hostfs:z goharbor/prepare:dev gencert -p /etc/harbor/tls/internal
|
||||||
sudo MAKEPATH=$(pwd)/make ./make/prepare
|
sudo MAKEPATH=$(pwd)/make ./make/prepare
|
||||||
sudo mkdir -p "/data/redis"
|
sudo mkdir -p "/data/redis"
|
||||||
|
Loading…
Reference in New Issue
Block a user