[Skip-Ci] Update Docker image, cron job, tests

It seems, timeout sends signals that do not stop the server process.
Set the signal to SIGKILL - which also kills the function.sh process.
Thus moved the last function to entrypoint.sh
This commit is contained in:
erik 2022-09-28 14:32:41 +02:00
parent bcad22b067
commit 46f0c72c3e
8 changed files with 39 additions and 30 deletions

View file

@ -3,10 +3,8 @@ FROM clojure:lein
# Prepare Entrypoint Script # Prepare Entrypoint Script
ADD resources /tmp ADD resources /tmp
ENV BUILDDIR="website" ENV SOURCEDIR="/etc/websitesource"
ENV BUILDDIR="/etc/website"
ENV WEBSITEROOT="/var/www/html/website/" ENV WEBSITEROOT="/var/www/html/website/"
RUN /tmp/install.sh RUN /tmp/install.sh
#RUN /tmp/entrypoint.sh
# ToDo: lein not working on clojure image?

View file

@ -1,14 +1,20 @@
#!/bin/bash #!/bin/bash
mkdir $BUILDDIR
mkdir $SOURCEDIR
source /usr/local/bin/functions.sh source /usr/local/bin/functions.sh
function main() { function move-website-files-to-target() {
get-and-unzip-website-data (cd $BUILDDIR; dir=$(ls); cd $dir; rsync -ru --exclude-from "/etc/exclude.pattern" --delete resources/public/* $WEBSITEROOT;)
build-and-extract-website
move-website-files-to-target
} }
main echo "Downloading website"
get-and-unzip-website-data
echo "Building website"
build-and-extract-website
echo "Moving files"
move-website-files-to-target
while true; do while true; do
sleep 1m sleep 1m

View file

@ -1,17 +1,12 @@
#!/bin/bash #!/bin/bash
function get-and-unzip-website-data() { function get-and-unzip-website-data() {
curl -H "Authorization: token $AUTHTOKEN" -O $GITREPOURL # GITREPURL = https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/main.zip filename="website.zip"
mkdir $BUILDDIR curl -H "Authorization: token $AUTHTOKEN" -o $SOURCEDIR/$filename $GITREPOURL # GITREPURL = https://your.gitea.host/api/v1/repos/<owner>/<repo>/archive/main.zip
unzip main.zip -D $BUILDDIR unzip $SOURCEDIR/$filename -d $BUILDDIR
} }
function build-and-extract-website() { function build-and-extract-website() {
(cd $BUILDDIR; lein ring war; websiteartifactname=$(ls | grep -o *.war); unzip target/$websiteartifactname "WEB-INF/classes/public/*") (cd $BUILDDIR; dir=$(ls); cd $dir; timeout -s SIGKILL 35s lein ring server-headless;)
} # websiteartifactname=$(ls target/ | grep -Eo "*.+\.war"); unzip target/$websiteartifactname
# set variables from environment
# read write zugriff sicherstellen
function move-website-files-to-target() {
rsync -ru --exclude-from "/etc/exclude.pattern" --delete WEB-INF/classes/public/* $TARGETDIR
} }

View file

@ -28,7 +28,7 @@
(def config? (s/keys :req-un [::fqdn] (def config? (s/keys :req-un [::fqdn]
:opt-un [::issuer])) :opt-un [::issuer]))
(def auth? (s/keys :req-un [::token ::url])) (def auth? (s/keys :req-un [::authtoken ::gitrepourl]))
(def vol? (s/keys :req-un [::volume-total-storage-size (def vol? (s/keys :req-un [::volume-total-storage-size
::number-of-websites])) ::number-of-websites]))
@ -125,14 +125,16 @@
(let [{:keys [fqdn]} config] (let [{:keys [fqdn]} config]
(-> (->
(yaml/load-as-edn "website/website-build-cron.yaml") (yaml/load-as-edn "website/website-build-cron.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))))) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-website-build-deployment pred/map-or-seq? (defn-spec generate-website-build-deployment pred/map-or-seq?
[config config?] [config config?]
(let [{:keys [fqdn]} config] (let [{:keys [fqdn]} config]
(-> (->
(yaml/load-as-edn "website/website-build-deployment.yaml") (yaml/load-as-edn "website/website-build-deployment.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))))) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-website-build-secret pred/map-or-seq? (defn-spec generate-website-build-secret pred/map-or-seq?
[auth auth?] [auth auth?]

View file

@ -44,7 +44,7 @@ spec:
emptyDir: {} emptyDir: {}
- name: website-content-volume - name: website-content-volume
persistentVolumeClaim: persistentVolumeClaim:
claimName: NAME-content-pvc claimName: NAME-content-volume
- name: website-cert - name: website-cert
secret: secret:
secretName: NAME-cert secretName: NAME-cert

View file

@ -5,7 +5,7 @@ metadata:
labels: labels:
app.kubernetes.part-of: website # correct name? app.kubernetes.part-of: website # correct name?
spec: spec:
schedule: "10 23 * * *" schedule: "1,7,14,21,28,35,42,49,54,59 * * * *"
successfulJobsHistoryLimit: 1 successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 1 failedJobsHistoryLimit: 1
jobTemplate: jobTemplate:
@ -17,6 +17,9 @@ spec:
name: NAME-build-app name: NAME-build-app
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"] command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
envFrom: envFrom:
- secretRef: - secretRef:
name: NAME-secret name: NAME-secret
@ -26,5 +29,5 @@ spec:
volumes: volumes:
- name: content-volume - name: content-volume
persistentVolumeClaim: persistentVolumeClaim:
claimName: NAME-content-pvc claimName: NAME-content-volume
restartPolicy: OnFailure restartPolicy: OnFailure

View file

@ -21,6 +21,9 @@ spec:
name: NAME-build-app name: NAME-build-app
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["/entrypoint.sh"] command: ["/entrypoint.sh"]
env:
- name: HOSTADRESS
value: FQDN
envFrom: envFrom:
- secretRef: - secretRef:
name: NAME-secret name: NAME-secret
@ -30,4 +33,4 @@ spec:
volumes: volumes:
- name: content-volume - name: content-volume
persistentVolumeClaim: persistentVolumeClaim:
claimName: NAME-content-pvc claimName: NAME-content-volume

View file

@ -74,7 +74,7 @@
{:key "website.conf", :path "conf.d/website.conf"} {:key "website.conf", :path "conf.d/website.conf"}
{:key "mime.types", :path "mime.types"}]}} {:key "mime.types", :path "mime.types"}]}}
{:name "log", :emptyDir {}} {:name "log", :emptyDir {}}
{:name "website-content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}} {:name "website-content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}
{:name "website-cert", {:name "website-cert",
:secret :secret
{:secretName "test-de-cert", :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}} {:secretName "test-de-cert", :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}}
@ -94,7 +94,7 @@
:kind "CronJob", :kind "CronJob",
:metadata {:name "test-de-build-cron", :labels {:app.kubernetes.part-of "website"}}, :metadata {:name "test-de-build-cron", :labels {:app.kubernetes.part-of "website"}},
:spec :spec
{:schedule "10 23 * * *", {:schedule "1,7,14,21,28,35,42,49,54,59 * * * *",
:successfulJobsHistoryLimit 1, :successfulJobsHistoryLimit 1,
:failedJobsHistoryLimit 1, :failedJobsHistoryLimit 1,
:jobTemplate :jobTemplate
@ -106,9 +106,10 @@
:name "test-de-build-app", :name "test-de-build-app",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"], :command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:envFrom [{:secretRef {:name "test-de-secret"}}], :envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}}], :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}],
:restartPolicy "OnFailure"}}}}}} :restartPolicy "OnFailure"}}}}}}
(cut/generate-website-build-cron {:fqdn "test.de"})))) (cut/generate-website-build-cron {:fqdn "test.de"}))))
@ -129,9 +130,10 @@
:name "test-de-build-app", :name "test-de-build-app",
:imagePullPolicy "IfNotPresent", :imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"], :command ["/entrypoint.sh"],
:env [{:name "HOSTADRESS", :value "test.de"}],
:envFrom [{:secretRef {:name "test-de-secret"}}], :envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}], :volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}}]}}}} :volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-volume"}}]}}}}
(cut/generate-website-build-deployment {:fqdn "test.de"})))) (cut/generate-website-build-deployment {:fqdn "test.de"}))))
(deftest should-generate-website-build-secret (deftest should-generate-website-build-secret