Skip to content

Commit 78eca9c

Browse files
dubrslkisakova
dubrsl
and
kisakova
authored
OPI-1278 Don't use root user for nginx and php-fpm in docker instances (#36535)
- Update vagrantfiles - Update jenkins as code images - Add github multibranch private job - Logging only console - Add blackfire probe - Add routing and translation dump- - Fix behat screenshot path --------- Co-authored-by: Kateryna Isakova <[email protected]>
1 parent 1752fab commit 78eca9c

File tree

3 files changed

+190
-366
lines changed

3 files changed

+190
-366
lines changed

.gitattributes

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
/.env-* text eol=lf

Jenkinsfile

Lines changed: 79 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,7 @@
11
pipeline {
22
environment {
3-
ORO_BASELINE_VERSION = '5.1-latest'
4-
ORO_BEHAT_OPTIONS = '--skip-isolators'
5-
ORO_BEHAT_TAGS = '@e2esmokeci'
3+
ORO_BASELINE_VERSION = 'master-latest'
4+
ORO_BEHAT_OPTIONS = '--skip-isolators --tags=@e2esmokeci'
65
}
76
agent {
87
node {
@@ -34,11 +33,15 @@ pipeline {
3433
}
3534
defaultVariables = readProperties(interpolate: true, file: "$WORKSPACE/.build/docker-compose/.env")
3635
readProperties(interpolate: true, defaults: defaultVariables + [ORO_IMAGE_TAG: env.BUILD_TAG], file: "$WORKSPACE/.env-build").each {key, value -> env[key] = value }
37-
dockerLabels = ['--label "org.opencontainers.image.title=commerce-crm application"', '--label "org.opencontainers.image.description=commerce-crm application"', '--label "org.opencontainers.image.authors=ORO Inc."', '--label "org.opencontainers.image.vendor=ORO Inc."', "--label \"org.opencontainers.image.revision=${GIT_COMMIT}\"", "--label \"org.opencontainers.image.source=${env.GIT_URL}\"", "--label \"org.opencontainers.image.created=${env.BUILD_TIMESTAMP}\"", "--label \"com.oroinc.orocloud.reference=${env.GIT_BRANCH}\"", '--label "com.oroinc.orocloud.composer=dev.json"']
36+
dockerLabels = ['--label "org.opencontainers.image.title=OroCommerce Application"', '--label "org.opencontainers.image.description=OroCommerce Application"', '--label "org.opencontainers.image.authors=ORO Inc."', '--label "org.opencontainers.image.vendor=ORO Inc."', "--label \"org.opencontainers.image.revision=${GIT_COMMIT}\"","--label \"org.opencontainers.image.source=${env.GIT_URL}\"", "--label \"org.opencontainers.image.created=${env.BUILD_TIMESTAMP}\"", "--label \"com.oroinc.orocloud.reference=${env.GIT_BRANCH}\"", '--label "com.oroinc.orocloud.composer=composer.json"']
37+
if (env.TAG_NAME) { dockerLabels.add("--label \"org.opencontainers.image.version=${env.TAG_NAME}\"") }
38+
3839
sh '''
3940
printenv | sort
4041
rm -rf $WORKSPACE/../$BUILD_TAG ||:
4142
cp -rf $WORKSPACE $WORKSPACE/../$BUILD_TAG
43+
docker builder use default
44+
docker builder ls
4245
'''
4346
}
4447
}
@@ -54,7 +57,9 @@ pipeline {
5457
}
5558
stage('Build:prod:image') {
5659
steps {
57-
sh "docker buildx build --pull --load --rm ${dockerLabels.join(' ')} --build-arg ORO_BASELINE_VERSION -t \${ORO_IMAGE,,}:$ORO_IMAGE_TAG -f '.build/docker/Dockerfile' . "
60+
sh """
61+
docker buildx build --pull --load --rm ${dockerLabels.join(' ')} --build-arg ORO_BASELINE_VERSION -t \${ORO_IMAGE,,}:$ORO_IMAGE_TAG -f ".build/docker/Dockerfile" .
62+
"""
5863
}
5964
}
6065
stage('Build:prod:install:de') {
@@ -70,7 +75,7 @@ pipeline {
7075
rm -rf .build/docker/private_storage
7176
docker cp prod_${EXECUTOR_NUMBER}-install-1:/var/www/oro/public/media/ .build/docker/public_storage
7277
docker cp prod_${EXECUTOR_NUMBER}-install-1:/var/www/oro/var/data/ .build/docker/private_storage
73-
ORO_IMAGE_INIT=${ORO_IMAGE_INIT,,}-de DB_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' prod_${EXECUTOR_NUMBER}-db-1) docker compose -p prod_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml up --build --quiet-pull --exit-code-from backup backup
78+
ORO_IMAGE_INIT=${ORO_IMAGE_INIT,,}-de DB_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' prod_${EXECUTOR_NUMBER}-db-1) docker compose -p prod_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml build backup
7479
'''
7580
}
7681
}
@@ -87,7 +92,7 @@ pipeline {
8792
rm -rf .build/docker/private_storage
8893
docker cp prod_${EXECUTOR_NUMBER}-install-1:/var/www/oro/public/media/ .build/docker/public_storage
8994
docker cp prod_${EXECUTOR_NUMBER}-install-1:/var/www/oro/var/data/ .build/docker/private_storage
90-
ORO_IMAGE_INIT=${ORO_IMAGE_INIT,,}-fr DB_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' prod_${EXECUTOR_NUMBER}-db-1) docker compose -p prod_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml up --build --quiet-pull --exit-code-from backup backup
95+
ORO_IMAGE_INIT=${ORO_IMAGE_INIT,,}-fr DB_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' prod_${EXECUTOR_NUMBER}-db-1) docker compose -p prod_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml build backup
9196
'''
9297
}
9398
}
@@ -129,7 +134,9 @@ pipeline {
129134
stage('Build:test:image') {
130135
steps {
131136
dir("$WORKSPACE/../$BUILD_TAG") {
132-
sh "docker buildx build --pull --load --rm ${dockerLabels.join(' ')} --build-arg ORO_BASELINE_VERSION -t \${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG -f '.build/docker/Dockerfile-test' . "
137+
sh """
138+
docker buildx build --pull --load --rm ${dockerLabels.join(' ')} --label "com.oroinc.orocloud.image_type=test" --build-arg ORO_BASELINE_VERSION -t \${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG -f ".build/docker/Dockerfile-test" .
139+
"""
133140
}
134141
}
135142
}
@@ -149,18 +156,18 @@ pipeline {
149156
}
150157
}
151158
}
152-
// stage('Build:test:functional') {
153-
// environment {
154-
// ORO_FUNCTIONAL_ARGS = ' '
155-
// }
156-
// steps {
157-
// dir("$WORKSPACE/../$BUILD_TAG") {
158-
// sh '''
159-
// docker compose -p test_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml up --quiet-pull --exit-code-from functional functional
160-
// '''
161-
// }
162-
// }
163-
// }
159+
stage('Build:test:functional') {
160+
environment {
161+
ORO_FUNCTIONAL_ARGS = ' src'
162+
}
163+
steps {
164+
dir("$WORKSPACE/../$BUILD_TAG") {
165+
sh '''
166+
docker compose -p test_${EXECUTOR_NUMBER} --project-directory .build/docker-compose -f .build/docker-compose/compose-orocommerce-application.yaml up --quiet-pull --exit-code-from functional functional
167+
'''
168+
}
169+
}
170+
}
164171
}
165172
}
166173
}
@@ -175,30 +182,60 @@ pipeline {
175182
// '''
176183
// }
177184
// }
178-
stage('Push') {
179-
// environment {
180-
// KEY_FILE = credentials('jenkins_oro-product-development_iam_gserviceaccount_com')
181-
// configuration = 'oro-product-development'
182-
// credentials = "--configuration ${configuration}"
183-
// }
185+
stage('Push Cloud release tag') {
186+
environment {
187+
ORO_CLOUD_DOCKER_PROJECT = 'harborio.oro.cloud'
188+
ORO_CLOUD_DOCKER_PROJECT_FOLDER = 'public-dev-ci'
189+
ORO_REGISTRY_CREDS = credentials('harborio.oro.cloud')
190+
}
184191
steps {
185-
// gcloud config configurations list | grep ^${configuration} -q || gcloud config configurations create ${configuration}
186-
// gcloud config configurations activate ${configuration}
187-
// gcloud -q ${credentials} auth activate-service-account --key-file "$KEY_FILE" --project ${configuration}
188-
// gcloud ${credentials} auth configure-docker
189-
// set -x
190192
sh '''
193+
echo $ORO_REGISTRY_CREDS_PSW | docker login -u $ORO_REGISTRY_CREDS_USR --password-stdin $ORO_CLOUD_DOCKER_PROJECT
194+
docker image tag ${ORO_IMAGE,,}:$ORO_IMAGE_TAG $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application:${TAG_NAME,,}
195+
docker image tag ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init:${TAG_NAME,,}
196+
docker image tag ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init-fr:${TAG_NAME,,}
197+
docker image tag ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init-de:${TAG_NAME,,}
198+
docker image push $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application:${TAG_NAME,,}
199+
docker image push $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init:${TAG_NAME,,}
200+
docker image push $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init-fr:${TAG_NAME,,}
201+
docker image push $ORO_CLOUD_DOCKER_PROJECT/$ORO_CLOUD_DOCKER_PROJECT_FOLDER/orocommerce-application-init-de:${TAG_NAME,,}
202+
'''
203+
}
204+
when {
205+
buildingTag()
206+
}
207+
}
208+
stage('Push to CI') {
209+
environment {
210+
KEY_FILE = credentials('jenkins_oro-product-development_iam_gserviceaccount_com')
211+
configuration = 'oro-product-development'
212+
credentials = "--configuration ${configuration}"
213+
}
214+
steps {
215+
sh '''
216+
gcloud config configurations list | grep ^${configuration} -q || gcloud config configurations create ${configuration}
217+
gcloud config configurations activate ${configuration}
218+
gcloud -q ${credentials} auth activate-service-account --key-file "$KEY_FILE" --project ${configuration}
219+
gcloud ${credentials} auth configure-docker
220+
set -x
191221
docker image ls ${ORO_IMAGE}*
222+
docker image push ${ORO_IMAGE,,}:$ORO_IMAGE_TAG
223+
docker image push ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG
224+
docker image push ${ORO_IMAGE_INIT,,}-fr:$ORO_IMAGE_TAG
225+
docker image push ${ORO_IMAGE_INIT,,}-de:$ORO_IMAGE_TAG
226+
docker image push ${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG
227+
docker image push ${ORO_IMAGE_INIT_TEST,,}:$ORO_IMAGE_TAG
228+
docker image rm -f ${ORO_IMAGE,,}:$ORO_IMAGE_TAG ||:
229+
docker image rm -f ${ORO_IMAGE,,}-fr:$ORO_IMAGE_TAG ||:
230+
docker image rm -f ${ORO_IMAGE,,}-de:$ORO_IMAGE_TAG ||:
231+
docker image rm -f ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG ||:
232+
docker image rm -f ${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG ||:
233+
docker image rm -f ${ORO_IMAGE_INIT_TEST,,}:$ORO_IMAGE_TAG ||:
234+
docker image prune -f
192235
'''
193-
// docker image push ${ORO_IMAGE,,}:$ORO_IMAGE_TAG
194-
// docker image push ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG
195-
// docker image push ${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG
196-
// docker image push ${ORO_IMAGE_INIT_TEST,,}:$ORO_IMAGE_TAG
197-
// docker image rm -f ${ORO_IMAGE,,}:$ORO_IMAGE_TAG ||:
198-
// docker image rm -f ${ORO_IMAGE_INIT,,}:$ORO_IMAGE_TAG ||:
199-
// docker image rm -f ${ORO_IMAGE_TEST,,}:$ORO_IMAGE_TAG ||:
200-
// docker image rm -f ${ORO_IMAGE_INIT_TEST,,}:$ORO_IMAGE_TAG ||:
201-
// docker image prune -f
236+
}
237+
when {
238+
environment name: 'PUSH_TO', value: 'us.gcr.io/oro-product-development'
202239
}
203240
}
204241
}
@@ -227,9 +264,9 @@ pipeline {
227264
script {
228265
def issuesList = []
229266
discoverReferenceBuild referenceJob: env.JOB_NAME
230-
// issuesList.add(scanForIssues([blameDisabled: true, forensicsDisabled: true, tool: pmdParser(name: 'PHP MD', pattern: 'logs/**/static_analysis/phpmd*.xml')]))
231-
issuesList.add(scanForIssues([blameDisabled: true, forensicsDisabled: true, tool: phpCodeSniffer(name: 'PHP Code Sniffer', pattern: 'logs/**/static_analysis/phpcs*.xml')]))
232267
issuesList.add(scanForIssues([blameDisabled: true, forensicsDisabled: true, tool: checkStyle(name: 'PHP CS Fixer', pattern: 'logs/**/static_analysis/php-cs-fixer*.xml')]))
268+
issuesList.add(scanForIssues([blameDisabled: true, forensicsDisabled: true, tool: phpCodeSniffer(name: 'PHP Code Sniffer', pattern: 'logs/**/static_analysis/phpcs*.xml')]))
269+
issuesList.add(scanForIssues([blameDisabled: true, forensicsDisabled: true, tool: pmdParser(name: 'PHP MD', pattern: 'logs/**/static_analysis/phpmd*.xml')]))
233270
publishIssues issues: issuesList, skipPublishingChecks: true
234271
}
235272
}

0 commit comments

Comments
 (0)