add image build & test

.gitlab-ci.yml

@@ -3,6 +3,10 @@ stages:
   - package
   - security
   - upload
+  - image
+
+services:
+  - docker:19.03.12-dind
 
 .cljs-job: &cljs
   image: domaindrivenarchitecture/shadow-cljs
@@ -26,7 +30,7 @@ stages:
     - mkdir -p /root/.lein
     - echo "{:auth {:repository-auth {#\"clojars\" {:username \"${CLOJARS_USER}\" :password \"${CLOJARS_TOKEN_DOMAINDRIVENARCHITECTURE}\" }}}}" > ~/.lein/profiles.clj
 
-test-cljs:
+.test-cljs:
   <<: *cljs
   stage: build_and_test
   script:
@@ -48,7 +52,7 @@ test-schema:
     paths:
       - target/uberjar
 
-report-frontend:
+.report-frontend:
   <<: *cljs
   stage: package
   script:
@@ -58,7 +62,7 @@ report-frontend:
     paths:
       - target/frontend-build/build-report.html
 
-package-frontend:
+.package-frontend:
   <<: *cljs
   stage: package
   script:
@@ -119,3 +123,11 @@ release:
         --assets-link "{\"name\":\"c4k-jira.js\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jira/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jira.js\"}" \
         --assets-link "{\"name\":\"c4k-jira.js.sha256\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jira/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jira.js.sha256\"}" \
         --assets-link "{\"name\":\"c4k-jira.js.sha512\",\"url\":\"https://gitlab.com/domaindrivenarchitecture/c4k-jira/-/jobs/${CI_JOB_ID}/artifacts/file/target/frontend-build/c4k-jira.js.sha512\"}" \
+
+image-test-publish:
+  image: domaindrivenarchitecture/devops-build:latest
+  stage: image
+  rules:
+    - if: '$CI_COMMIT_TAG != null'
+  script:
+    - cd infrastructure/docker && pyb image test publish

image/Dockerfile

@@ -1,7 +0,0 @@
-FROM node:lts-slim
-
-RUN npm install -g jira
-RUN mkdir /app
-
-ENTRYPOINT ["jira"]
-CMD [ "/app/config.edn" ]

infrastrucure/docker/build.py

@@ -0,0 +1,51 @@
+from os import environ
+from pybuilder.core import task, init
+from ddadevops import *
+import logging
+
+name = 'c4k-jira'
+MODULE = 'docker'
+PROJECT_ROOT_PATH = '../..'
+
+class MyBuild(DevopsDockerBuild):
+    pass
+
+@init
+def initialize(project):
+    project.build_depends_on('ddadevops>=0.12.4')
+    stage = 'prod'
+    dockerhub_user = environ.get('DOCKERHUB_USER')
+    if not dockerhub_user:
+        dockerhub_user = gopass_field_from_path('meissa/web/docker.com', 'login')
+    dockerhub_password = environ.get('DOCKERHUB_PASSWORD')
+    if not dockerhub_password:
+        dockerhub_password = gopass_password_from_path('meissa/web/docker.com')
+    tag = environ.get('CI_COMMIT_TAG')
+    if not tag:
+        tag = get_tag_from_latest_commit()
+    config = create_devops_docker_build_config(
+        stage, PROJECT_ROOT_PATH, MODULE, dockerhub_user, dockerhub_password, docker_publish_tag=tag)
+    build = MyBuild(project, config)
+    build.initialize_build_dir()
+
+
+@task
+def image(project):
+    build = get_devops_build(project)
+    build.image()
+
+@task
+def drun(project):
+    build = get_devops_build(project)
+    build.drun()
+
+@task
+def publish(project):
+    build = get_devops_build(project)
+    build.dockerhub_login()
+    build.dockerhub_publish()
+
+@task
+def test(project):
+    build = get_devops_build(project)
+    build.test()

infrastrucure/docker/image/Dockerfile

@@ -0,0 +1,9 @@
+FROM ubuntu:20.04
+
+ENV JIRA_HOME="/var/jira" \
+    DOWNLOAD_URL="https://product-downloads.atlassian.com/software/jira/downloads" \
+    JIRA_RELEASE="8.8.0"
+ADD resources /tmp/resources
+RUN /tmp/resources/install.sh
+
+USER 901:901

infrastrucure/docker/image/resources/dbconfig.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<jira-database-config>
+  <name>defaultDS</name>
+  <delegator-name>default</delegator-name>
+  <database-type>postgres72</database-type>
+  <schema-name>public</schema-name>
+  <jdbc-datasource>
+    <url>jdbc:postgresql://postgresql-service:5432/jira</url>
+    <driver-class>org.postgresql.Driver</driver-class>
+    <username>$JIRA_DB_USER</username>
+    <password>$JIRA_DB_PASSWORD</password>
+    <pool-min-size>20</pool-min-size>
+    <pool-max-size>20</pool-max-size>
+    <pool-max-wait>30000</pool-max-wait>
+    <validation-query>select 1</validation-query>
+    <min-evictable-idle-time-millis>60000</min-evictable-idle-time-millis>
+    <time-between-eviction-runs-millis>300000</time-between-eviction-runs-millis>
+    <pool-max-idle>20</pool-max-idle>
+    <pool-remove-abandoned>true</pool-remove-abandoned>
+    <pool-remove-abandoned-timeout>300</pool-remove-abandoned-timeout>
+    <pool-test-on-borrow>false</pool-test-on-borrow>
+    <pool-test-while-idle>true</pool-test-while-idle>
+  </jdbc-datasource>
+</jira-database-config>

infrastrucure/docker/image/resources/entrypoint.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+xmlstarlet ed -L -u "/Server/Service/Connector[@proxyName='{subdomain}.{domain}.com']/@proxyName" \
+    -v "$1" /opt/atlassian-jira-software-standalone/conf/server.xml
+xmlstarlet ed -L -u "/jira-database-config/jdbc-datasource/username" \
+    -v "$2" /app/dbconfig.xml
+xmlstarlet ed -L -u "/jira-database-config/jdbc-datasource/password" \
+    -v "$3" /app/dbconfig.xml
+
+install -ojira -gjira -m660 /app/dbconfig.xml /var/jira/dbconfig.xml
+/opt/atlassian-jira-software-standalone/bin/setenv.sh run
+/opt/atlassian-jira-software-standalone/bin/start-jira.sh run

infrastrucure/docker/image/resources/install.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+function main() {
+
+    upgradeSystem
+    apt-get -qqy install curl openjdk-11-jre-headless xmlstarlet > /dev/null
+    
+    adduser --system --disabled-login --home ${JIRA_HOME} --uid 901 --group jira 
+
+    mkdir -p /app
+    
+    cd /tmp
+    curl --location ${DOWNLOAD_URL}/atlassian-jira-software-${JIRA_RELEASE}.tar.gz \
+        -o atlassian-jira-software-${JIRA_RELEASE}.tar.gz
+    tar -xvf atlassian-jira-software-${JIRA_RELEASE}.tar.gz -C /tmp/
+    mv /tmp/atlassian-jira-software-${JIRA_RELEASE}-standalone \
+        /opt/atlassian-jira-software-standalone
+    chown -R jira:jira /opt/atlassian-jira-software-standalone
+
+    install -ojira -gjira -m744 /tmp/resources/entrypoint.sh /app/entrypoint.sh
+    install -ojira -gjira -m744 /tmp/resources/setenv.sh /opt/atlassian-jira-software-standalone/bin/setenv.sh
+    install -ojira -gjira -m660 /tmp/resources/dbconfig.xml /app/dbconfig.xml
+    install -ojira -gjira -m660 /tmp/resources/server.xml /opt/atlassian-jira-software-standalone/conf/server.xml
+    install -ojira -gjira -m660 /tmp/resources/logging.properties /opt/atlassian-jira-software-standalone/conf/logging.properties
+
+    cleanupDocker
+}
+
+source /tmp/resources/install_functions.sh
+main

infrastrucure/docker/image/resources/logging.properties

@@ -0,0 +1,69 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+handlers = java.util.logging.ConsoleHandler
+
+.handlers = java.util.logging.ConsoleHandler
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+java.util.logging.ConsoleHandler.level = FINE
+java.util.logging.ConsoleHandler.formatter = org.apache.juli.OneLineFormatter
+java.util.logging.ConsoleHandler.encoding = UTF-8
+
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].level = INFO
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].handlers = 2localhost.org.apache.juli.AsyncFileHandler
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].level = INFO
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager].handlers = 3manager.org.apache.juli.AsyncFileHandler
+
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].level = INFO
+org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/host-manager].handlers = 4host-manager.org.apache.juli.AsyncFileHandler
+
+# For example, set the org.apache.catalina.util.LifecycleBase logger to log
+# each component that extends LifecycleBase changing state:
+#org.apache.catalina.util.LifecycleBase.level = FINE
+
+# To see debug messages in TldLocationsCache, uncomment the following line:
+#org.apache.jasper.compiler.TldLocationsCache.level = FINE
+
+# To see debug messages for HTTP/2 handling, uncomment the following line:
+#org.apache.coyote.http2.level = FINE
+
+# To see debug messages for WebSocket handling, uncomment the following line:
+#org.apache.tomcat.websocket.level = FINE
+# Suppress clearReferencesThreads and clearThreadLocalMap notifications on shutdown
+org.apache.catalina.loader.WebappClassLoader.level = OFF
+
+# Suppress some useless REST messages. See JRADEV-12212.
+com.sun.jersey.server.impl.application.WebApplicationImpl.level = WARNING
+com.atlassian.plugins.rest.doclet.level = WARNING
+com.sun.jersey.api.wadl.config.WadlGeneratorLoader.level = WARNING
+
+# Suppress log spam about the request body - https://jira.atlassian.com/browse/JRASERVER-30406
+com.sun.jersey.spi.container.servlet.WebComponent.level = SEVERE
+com.sun.jersey.spi.container.servlet.WebComponent.filterFormParameters.level = SEVERE
+
+# Suppress resources cache full warnings
+org.apache.catalina.webresources.Cache.level = OFF

infrastrucure/docker/image/resources/server.xml

@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<Server port="8005" shutdown="SHUTDOWN">
+    <Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
+    <!--Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/-->
+    <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
+    <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
+    <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
+
+    <Service name="Catalina">
+        <!--
+         ==============================================================================================================
+         DEFAULT - Direct connector with no proxy for unproxied access to Jira.
+
+         If using a http/https proxy, comment out this connector.
+         ==============================================================================================================
+        -->
+
+        <!-- Relaxing chars because of JRASERVER-67974 -->
+        <!--
+        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
+                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
+                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
+                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>
+        -->
+
+        <!--
+         ==============================================================================================================
+         HTTP - Proxying Jira via Apache or Nginx over HTTP
+
+         If you're proxying traffic to Jira over HTTP, uncomment the below connector and comment out the others.
+         Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.
+
+         See the following for more information:
+
+            Apache - https://confluence.atlassian.com/x/4xQLM
+            nginx  - https://confluence.atlassian.com/x/DAFmGQ
+         ==============================================================================================================
+        -->
+
+        <!--
+        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
+                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
+                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
+                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"
+                   proxyName="<subdomain>.<domain>.com" proxyPort="80"/>
+
+        -->
+        <!--
+         ==============================================================================================================
+         HTTPS - Proxying Jira via Apache or Nginx over HTTPS
+
+         If you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.
+         Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.
+
+         See the following for more information:
+
+            Apache - https://confluence.atlassian.com/x/PTT3MQ
+            nginx  - https://confluence.atlassian.com/x/DAFmGQ
+         ==============================================================================================================
+        -->
+        <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
+                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
+                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true"
+                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
+                   proxyName="{subdomain}.{domain}.com" proxyPort="443"/>
+
+        <!--
+         ==============================================================================================================
+         AJP - Proxying Jira via Apache over HTTP or HTTPS
+
+         If you're proxying traffic to Jira using the AJP protocol, uncomment the following connector line
+         See the following for more information:
+
+            Apache - https://confluence.atlassian.com/x/QiJ9MQ
+         ==============================================================================================================
+        -->
+
+        <!--
+        <Connector port="8009" URIEncoding="UTF-8" enableLookups="false" protocol="AJP/1.3"/>
+        -->
+
+        <Engine name="Catalina" defaultHost="localhost">
+            <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
+
+                <Context path="" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
+                    <Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"
+                              factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>
+                    <Manager pathname=""/>
+                    <JarScanner scanManifest="false"/>
+                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="120" />
+                </Context>
+
+            </Host>
+            <Valve className="org.apache.catalina.valves.AccessLogValve"
+                   pattern="%a %{jira.request.id}r %{jira.request.username}r %t &quot;%m %U%q %H&quot; %s %b %D &quot;%{Referer}i&quot; &quot;%{User-Agent}i&quot; &quot;%{jira.request.assession.id}r&quot;"/>
+        </Engine>
+    </Service>
+</Server>

infrastrucure/docker/image/resources/setenv.sh

@@ -0,0 +1,121 @@
+#
+# If the limit of files that Jira can open is too low, it will be set to this value.
+#
+MIN_NOFILES_LIMIT=16384
+
+#
+# One way to set the JIRA HOME path is here via this variable.  Simply uncomment it and set a valid path like /jira/home.  You can of course set it outside in the command terminal.  That will also work.
+#
+JIRA_HOME="/var/jira"
+
+#
+#  Occasionally Atlassian Support may recommend that you set some specific JVM arguments.  You can use this variable below to do that.
+#
+JVM_SUPPORT_RECOMMENDED_ARGS=""
+
+#
+#  You can use variable below to modify garbage collector settings.
+#  For Java 8 we recommend default settings
+#  For Java 11 and relatively small heaps we recommend: -XX:+UseParallelGC
+#  For Java 11 and larger heaps we recommend: -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent
+#
+JVM_GC_ARGS="-XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent"
+
+#
+# The following 2 settings control the minimum and maximum given to the JIRA Java virtual machine.  In larger JIRA instances, the maximum amount will need to be increased.
+#
+JVM_MINIMUM_MEMORY="4096m"
+JVM_MAXIMUM_MEMORY="4096m"
+
+#
+# The following setting configures the size of JVM code cache.  A high value of reserved size allows Jira to work with more installed apps.
+#
+JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=32m -XX:ReservedCodeCacheSize=512m'
+
+#
+# The following are the required arguments for Jira.
+#
+JVM_REQUIRED_ARGS='-Djava.awt.headless=true -Datlassian.standalone=JIRA -Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true -Dmail.mime.decodeparameters=true -Dorg.dom4j.factory=com.atlassian.core.xml.InterningDocumentFactory'
+
+# Uncomment this setting if you want to import data without notifications
+#
+#DISABLE_NOTIFICATIONS=" -Datlassian.mail.senddisabled=true -Datlassian.mail.fetchdisabled=true -Datlassian.mail.popdisabled=true"
+
+
+#-----------------------------------------------------------------------------------
+#
+# In general don't make changes below here
+#
+#-----------------------------------------------------------------------------------
+
+#-----------------------------------------------------------------------------------
+# Prevents the JVM from suppressing stack traces if a given type of exception
+# occurs frequently, which could make it harder for support to diagnose a problem.
+#-----------------------------------------------------------------------------------
+JVM_EXTRA_ARGS="-XX:-OmitStackTraceInFastThrow -Djava.locale.providers=COMPAT"
+
+CURRENT_NOFILES_LIMIT=$( ulimit -Hn )
+ulimit -Sn $CURRENT_NOFILES_LIMIT
+ulimit -n $(( CURRENT_NOFILES_LIMIT > MIN_NOFILES_LIMIT  ? CURRENT_NOFILES_LIMIT : MIN_NOFILES_LIMIT ))
+
+PRGDIR=`dirname "$0"`
+cat "${PRGDIR}"/jirabanner.txt
+
+JIRA_HOME_MINUSD=""
+if [ "$JIRA_HOME" != "" ]; then
+    echo $JIRA_HOME | grep -q " "
+    if [ $? -eq 0 ]; then
+	    echo ""
+	    echo "--------------------------------------------------------------------------------------------------------------------"
+		echo "   WARNING : You cannot have a JIRA_HOME environment variable set with spaces in it.  This variable is being ignored"
+	    echo "--------------------------------------------------------------------------------------------------------------------"
+    else
+		JIRA_HOME_MINUSD=-Djira.home=$JIRA_HOME
+    fi
+fi
+
+JAVA_OPTS="-Xms${JVM_MINIMUM_MEMORY} -Xmx${JVM_MAXIMUM_MEMORY} ${JVM_CODE_CACHE_ARGS} ${JAVA_OPTS} ${JVM_REQUIRED_ARGS} ${DISABLE_NOTIFICATIONS} ${JVM_SUPPORT_RECOMMENDED_ARGS} ${JVM_EXTRA_ARGS} ${JIRA_HOME_MINUSD} ${START_JIRA_JAVA_OPTS}"
+
+export JAVA_OPTS
+
+# DO NOT remove the following line
+# !INSTALLER SET JAVA_HOME
+
+echo ""
+echo "If you encounter issues starting or stopping Jira, please see the Troubleshooting guide at https://docs.atlassian.com/jira/jadm-docs-088/Troubleshooting+installation"
+echo ""
+if [ "$JIRA_HOME_MINUSD" != "" ]; then
+    echo "Using JIRA_HOME:       $JIRA_HOME"
+fi
+
+# set the location of the pid file
+if [ -z "$CATALINA_PID" ] ; then
+    if [ -n "$CATALINA_BASE" ] ; then
+        CATALINA_PID="$CATALINA_BASE"/work/catalina.pid
+    elif [ -n "$CATALINA_HOME" ] ; then
+        CATALINA_PID="$CATALINA_HOME"/work/catalina.pid
+    fi
+fi
+export CATALINA_PID
+
+if [ -z "$CATALINA_BASE" ]; then
+  if [ -z "$CATALINA_HOME" ]; then
+    LOGBASE=$PRGDIR
+    LOGTAIL=..
+  else
+    LOGBASE=$CATALINA_HOME
+    LOGTAIL=.
+  fi
+else
+  LOGBASE=$CATALINA_BASE
+  LOGTAIL=.
+fi
+
+PUSHED_DIR=`pwd`
+cd $LOGBASE
+cd $LOGTAIL
+LOGBASEABS=`pwd`
+cd $PUSHED_DIR
+
+echo ""
+echo "Server startup logs are located in $LOGBASEABS/logs/catalina.out"

infrastrucure/docker/image/resources/user.sh

@@ -0,0 +1,5 @@
+# START INSTALLER MAGIC ! DO NOT EDIT !
+JIRA_USER="jira" ##
+# END INSTALLER MAGIC ! DO NOT EDIT !
+
+export JIRA_USER

infrastrucure/docker/test/Dockerfile

@@ -0,0 +1,8 @@
+FROM c4k-jira
+
+RUN curl -L -o /tmp/serverspec.jar \
+    https://github.com/DomainDrivenArchitecture/dda-serverspec-crate/releases/download/1.3.4/dda-serverspec-standalone.jar
+
+COPY serverspec.edn /tmp/serverspec.edn
+
+RUN java -jar /tmp/serverspec.jar /tmp/serverspec.edn -v

infrastrucure/docker/test/serverspec.edn

@@ -0,0 +1,3 @@
+{:file [{:path "/app/entrypoint.sh"}
+        {:path "/var/jira"}
+        {:path "/opt/atlassian-jira-software-standalone"}]}