From 79af57d604ccc46b38594e8a79954452b0fed972 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 26 Apr 2024 11:11:11 -0400 Subject: [PATCH 01/13] build(image): add Containerfile for agent carrier container image --- .containerignore | 2 ++ src/main/container/Containerfile | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 .containerignore create mode 100644 src/main/container/Containerfile diff --git a/.containerignore b/.containerignore new file mode 100644 index 00000000..1ad99637 --- /dev/null +++ b/.containerignore @@ -0,0 +1,2 @@ +* +!target/*.jar diff --git a/src/main/container/Containerfile b/src/main/container/Containerfile new file mode 100644 index 00000000..7fed76bf --- /dev/null +++ b/src/main/container/Containerfile @@ -0,0 +1,2 @@ +FROM docker.io/library/busybox:latest +COPY target/cryostat-agent-*-shaded.jar /agent/ From a0f0d058a60014ca99a35afbf141755c546cf950 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 26 Apr 2024 11:16:01 -0400 Subject: [PATCH 02/13] build args --- src/main/container/Containerfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/main/container/Containerfile b/src/main/container/Containerfile index 7fed76bf..9900adb5 100644 --- a/src/main/container/Containerfile +++ b/src/main/container/Containerfile @@ -1,2 +1,4 @@ -FROM docker.io/library/busybox:latest -COPY target/cryostat-agent-*-shaded.jar /agent/ +ARG BASEIMAGE=docker.io/library/busybox:latest +FROM ${BASEIMAGE} +ARG OUTDIR=/agent +COPY target/cryostat-agent-*-shaded.jar ${OUTDIR}/ From ae7ca81d1d6788746dae72d55575455865ff4040 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 14:58:25 -0400 Subject: [PATCH 03/13] add CI job for carrier image --- .github/workflows/container-image.yml | 41 ++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 4 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index b3eaff05..fc2f768e 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -18,7 +18,8 @@ env: OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" CI_USER: redhat-java-monitoring+github_ci CI_REGISTRY: quay.io/redhat-java-monitoring - CI_IMG: quay.io/redhat-java-monitoring/quarkus-cryostat-agent + CARRIER_IMG: quay.io/cryostat/cryostat-agent-carrier + TEST_APP_IMG: quay.io/redhat-java-monitoring/quarkus-cryostat-agent jobs: build-agent: @@ -44,14 +45,46 @@ jobs: key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} - run: mvn -B -U clean install + build-carrier: + needs: [build-agent] + runs-on: ubuntu-latest + env: + agent-version: ${{ needs.build-agent.outputs.image-version }} + name: Build carrier image + steps: + - uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + - name: Get date tag + run: echo "DATE_TAG=$(date -uI)" >> "$GITHUB_ENV" + - name: Build container images and manifest + id: buildah-build + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.CARRIER_IMG }} + archs: amd64, arm64 + tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest + containerfiles: | + src/main/container/Containerfile + - name: Push to quay.io + id: push-to-quay + uses: redhat-actions/push-to-registry@v2 + with: + image: cryostat-agent-carrier + tags: ${{ steps.buildah-build.outputs.tags }} + registry: ${{ env.CI_REGISTRY }} + username: ${{ env.CI_USER }} + password: ${{ secrets.REPOSITORY_TOKEN }} + - name: Print image URL + run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" + build-quarkus-test-app: needs: [build-agent] runs-on: ubuntu-latest strategy: matrix: java: ['17'] - outputs: - quay-image: ${{ steps.quarkus-test-image.outputs.image }} env: agent-version: ${{ needs.build-agent.outputs.image-version }} name: Build Java ${{ matrix.java }} @@ -89,7 +122,7 @@ jobs: id: buildah-build uses: redhat-actions/buildah-build@v2 with: - image: ${{ env.CI_IMG }} + image: ${{ env.TEST_APP_IMG }} archs: amd64, arm64 tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest context: quarkus-agent From af964ad337a8ea81810ffaf6080964ee53cf9b94 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 15:01:14 -0400 Subject: [PATCH 04/13] fixup! add CI job for carrier image --- .github/workflows/container-image.yml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index fc2f768e..214f906d 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -16,10 +16,12 @@ on: env: OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key" OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" - CI_USER: redhat-java-monitoring+github_ci - CI_REGISTRY: quay.io/redhat-java-monitoring - CARRIER_IMG: quay.io/cryostat/cryostat-agent-carrier - TEST_APP_IMG: quay.io/redhat-java-monitoring/quarkus-cryostat-agent + CARRIER_CI_USER: cryostat+bot + CARRIER_CI_REGISTRY: quay.io/cryostat + CARRIER_CI_IMG: quay.io/cryostat/cryostat-agent-carrier + TEST_APP_CI_USER: redhat-java-monitoring+github_ci + TEST_APP_CI_REGISTRY: quay.io/redhat-java-monitoring + TEST_APP_CI_IMG: quay.io/redhat-java-monitoring/quarkus-cryostat-agent jobs: build-agent: @@ -62,7 +64,7 @@ jobs: id: buildah-build uses: redhat-actions/buildah-build@v2 with: - image: ${{ env.CARRIER_IMG }} + image: ${{ env.CARRIER_CI_IMG }} archs: amd64, arm64 tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest containerfiles: | @@ -73,8 +75,8 @@ jobs: with: image: cryostat-agent-carrier tags: ${{ steps.buildah-build.outputs.tags }} - registry: ${{ env.CI_REGISTRY }} - username: ${{ env.CI_USER }} + registry: ${{ env.CARRIER_CI_REGISTRY }} + username: ${{ env.CARRIER_CI_USER }} password: ${{ secrets.REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" @@ -122,7 +124,7 @@ jobs: id: buildah-build uses: redhat-actions/buildah-build@v2 with: - image: ${{ env.TEST_APP_IMG }} + image: ${{ env.TEST_APP_CI_IMG }} archs: amd64, arm64 tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest context: quarkus-agent @@ -134,8 +136,8 @@ jobs: with: image: quarkus-cryostat-agent tags: ${{ steps.buildah-build.outputs.tags }} - registry: ${{ env.CI_REGISTRY }} - username: ${{ env.CI_USER }} + registry: ${{ env.TEST_APP_CI_REGISTRY }} + username: ${{ env.TEST_APP_CI_USER }} password: ${{ secrets.REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" From 8ef4c846ca7e9ad746b6b78f71dc12f4fede310c Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 15:03:38 -0400 Subject: [PATCH 05/13] split token secrets --- .github/workflows/container-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index 214f906d..a1f94814 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -77,7 +77,7 @@ jobs: tags: ${{ steps.buildah-build.outputs.tags }} registry: ${{ env.CARRIER_CI_REGISTRY }} username: ${{ env.CARRIER_CI_USER }} - password: ${{ secrets.REPOSITORY_TOKEN }} + password: ${{ secrets.CARRIER_REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" @@ -138,6 +138,6 @@ jobs: tags: ${{ steps.buildah-build.outputs.tags }} registry: ${{ env.TEST_APP_CI_REGISTRY }} username: ${{ env.TEST_APP_CI_USER }} - password: ${{ secrets.REPOSITORY_TOKEN }} + password: ${{ secrets.TEST_APP_REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" From 00922b2f55352085a474c1f5898cc319152a58e0 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 15:10:39 -0400 Subject: [PATCH 06/13] build with JDK 11 --- .github/workflows/container-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index a1f94814..5050a29f 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -39,7 +39,7 @@ jobs: echo "agent-version=$(mvn -q -DforceStdout help:evaluate -Dexpression=project.version)" >> $GITHUB_OUTPUT - uses: actions/setup-java@v4 with: - java-version: '17' + java-version: '11' distribution: 'temurin' - uses: actions/cache@v4 with: From d9ce4b8da6f179fffc6083a0daa36ea4da3f66f3 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 15:10:59 -0400 Subject: [PATCH 07/13] (re)build Agent before building carrier image --- .github/workflows/container-image.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index 5050a29f..1acc3250 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -60,6 +60,15 @@ jobs: fetch-depth: 0 - name: Get date tag run: echo "DATE_TAG=$(date -uI)" >> "$GITHUB_ENV" + - uses: actions/setup-java@v4 + with: + java-version: '11' + distribution: 'temurin' + - uses: actions/cache@v4 + with: + path: ~/.m2 + key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} + - run: mvn -B -U clean install - name: Build container images and manifest id: buildah-build uses: redhat-actions/buildah-build@v2 From 02dfc4555946a69aac13717201cd5adce7bbe79b Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Tue, 9 Jul 2024 15:13:07 -0400 Subject: [PATCH 08/13] symlink JAR with versionless name --- src/main/container/Containerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/container/Containerfile b/src/main/container/Containerfile index 9900adb5..2c93323c 100644 --- a/src/main/container/Containerfile +++ b/src/main/container/Containerfile @@ -1,4 +1,5 @@ ARG BASEIMAGE=docker.io/library/busybox:latest FROM ${BASEIMAGE} -ARG OUTDIR=/agent +ARG OUTDIR=/cryostat/agent COPY target/cryostat-agent-*-shaded.jar ${OUTDIR}/ +RUN ln -s ${OUTDIR}/cryostat-agent-*-shaded.jar ${OUTDIR}/cryostat-agent-shaded.jar From 3d6cc770e81b422320c4c88d2db4fe53645217f7 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Wed, 10 Jul 2024 13:10:27 -0400 Subject: [PATCH 09/13] remove sample application --- .github/workflows/container-image.yml | 64 --------------------------- 1 file changed, 64 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index 1acc3250..49ca7351 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -19,9 +19,6 @@ env: CARRIER_CI_USER: cryostat+bot CARRIER_CI_REGISTRY: quay.io/cryostat CARRIER_CI_IMG: quay.io/cryostat/cryostat-agent-carrier - TEST_APP_CI_USER: redhat-java-monitoring+github_ci - TEST_APP_CI_REGISTRY: quay.io/redhat-java-monitoring - TEST_APP_CI_IMG: quay.io/redhat-java-monitoring/quarkus-cryostat-agent jobs: build-agent: @@ -89,64 +86,3 @@ jobs: password: ${{ secrets.CARRIER_REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" - - build-quarkus-test-app: - needs: [build-agent] - runs-on: ubuntu-latest - strategy: - matrix: - java: ['17'] - env: - agent-version: ${{ needs.build-agent.outputs.image-version }} - name: Build Java ${{ matrix.java }} - steps: - - uses: actions/checkout@v4 - with: - submodules: true - fetch-depth: 0 - - name: Get date tag - run: echo "DATE_TAG=$(date -uI)" >> "$GITHUB_ENV" - - uses: actions/cache@v4 - with: - path: ~/.m2 - key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} - restore-keys: | - ${{ runner.os }}-build- - ${{ runner.os }}- - - uses: actions/setup-java@v4 - with: - java-version: ${{ matrix.java }} - distribution: 'temurin' - cache: 'maven' - - uses: actions/checkout@v4 - with: - repository: ${{ github.repository_owner }}/test-applications - ref: main - submodules: true - fetch-depth: 0 - - name: Build application - working-directory: quarkus-agent - run: ./mvnw -B -U -Dio.cryostat.agent.version=${{ env.agent-version }} clean verify - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Build container images and manifest - id: buildah-build - uses: redhat-actions/buildah-build@v2 - with: - image: ${{ env.TEST_APP_CI_IMG }} - archs: amd64, arm64 - tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest - context: quarkus-agent - containerfiles: | - ./quarkus-agent/src/main/docker/Dockerfile.jvm - - name: Push to quay.io - id: push-to-quay - uses: redhat-actions/push-to-registry@v2 - with: - image: quarkus-cryostat-agent - tags: ${{ steps.buildah-build.outputs.tags }} - registry: ${{ env.TEST_APP_CI_REGISTRY }} - username: ${{ env.TEST_APP_CI_USER }} - password: ${{ secrets.TEST_APP_REPOSITORY_TOKEN }} - - name: Print image URL - run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" From 93909358daf43b7e1ff1c3bcf35b493b7624060e Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 12 Jul 2024 17:07:51 -0400 Subject: [PATCH 10/13] cleanup --- .github/workflows/container-image.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index 49ca7351..add96568 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -16,9 +16,9 @@ on: env: OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key" OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" - CARRIER_CI_USER: cryostat+bot - CARRIER_CI_REGISTRY: quay.io/cryostat - CARRIER_CI_IMG: quay.io/cryostat/cryostat-agent-carrier + CI_USER: cryostat+bot + CI_REGISTRY: quay.io/cryostat + CI_IMG: quay.io/cryostat/cryostat-agent-carrier jobs: build-agent: @@ -70,7 +70,7 @@ jobs: id: buildah-build uses: redhat-actions/buildah-build@v2 with: - image: ${{ env.CARRIER_CI_IMG }} + image: ${{ env.CI_IMG }} archs: amd64, arm64 tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest containerfiles: | @@ -81,8 +81,8 @@ jobs: with: image: cryostat-agent-carrier tags: ${{ steps.buildah-build.outputs.tags }} - registry: ${{ env.CARRIER_CI_REGISTRY }} - username: ${{ env.CARRIER_CI_USER }} - password: ${{ secrets.CARRIER_REPOSITORY_TOKEN }} + registry: ${{ env.CI_REGISTRY }} + username: ${{ env.CI_USER }} + password: ${{ secrets.REPOSITORY_TOKEN }} - name: Print image URL run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" From 7c0aac764aab3e0c0b059cb129f89be18b585777 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 12 Jul 2024 17:08:12 -0400 Subject: [PATCH 11/13] rename container --- .github/workflows/container-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index add96568..e8cf5bb7 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -18,7 +18,7 @@ env: OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04" CI_USER: cryostat+bot CI_REGISTRY: quay.io/cryostat - CI_IMG: quay.io/cryostat/cryostat-agent-carrier + CI_IMG: quay.io/cryostat/cryostat-agent-init jobs: build-agent: @@ -44,12 +44,12 @@ jobs: key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} - run: mvn -B -U clean install - build-carrier: + build-container: needs: [build-agent] runs-on: ubuntu-latest env: agent-version: ${{ needs.build-agent.outputs.image-version }} - name: Build carrier image + name: Build container image steps: - uses: actions/checkout@v4 with: @@ -79,7 +79,7 @@ jobs: id: push-to-quay uses: redhat-actions/push-to-registry@v2 with: - image: cryostat-agent-carrier + image: cryostat-agent-init tags: ${{ steps.buildah-build.outputs.tags }} registry: ${{ env.CI_REGISTRY }} username: ${{ env.CI_USER }} From 456f3a9a15031152bc9baa58fbce05e380cbc4c2 Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 12 Jul 2024 17:10:21 -0400 Subject: [PATCH 12/13] use UBI micro base image --- src/main/container/Containerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/container/Containerfile b/src/main/container/Containerfile index 2c93323c..96450495 100644 --- a/src/main/container/Containerfile +++ b/src/main/container/Containerfile @@ -1,4 +1,4 @@ -ARG BASEIMAGE=docker.io/library/busybox:latest +ARG BASEIMAGE=registry.access.redhat.com/ubi8-micro:8.10 FROM ${BASEIMAGE} ARG OUTDIR=/cryostat/agent COPY target/cryostat-agent-*-shaded.jar ${OUTDIR}/ From 324d5088f5055adf40aaafe8f4a24ed693f1d61b Mon Sep 17 00:00:00 2001 From: Andrew Azores Date: Fri, 12 Jul 2024 17:12:03 -0400 Subject: [PATCH 13/13] rename to Dockerfile, add Dependabot config --- .github/dependabot.yml | 9 +++++++++ .github/workflows/container-image.yml | 2 +- src/main/container/{Containerfile => Dockerfile} | 0 3 files changed, 10 insertions(+), 1 deletion(-) rename src/main/container/{Containerfile => Dockerfile} (100%) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bae1359a..3dcf7a35 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,3 +9,12 @@ updates: - "chore" - "safe-to-test" open-pull-requests-limit: 20 + + - package-ecosystem: "docker" + directory: "/src/main/container" + schedule: + interval: "weekly" + labels: + - "dependencies" + - "chore" + - "safe-to-test" diff --git a/.github/workflows/container-image.yml b/.github/workflows/container-image.yml index e8cf5bb7..301d1909 100644 --- a/.github/workflows/container-image.yml +++ b/.github/workflows/container-image.yml @@ -74,7 +74,7 @@ jobs: archs: amd64, arm64 tags: ${{ env.agent-version }} ${{env.DATE_TAG}} latest containerfiles: | - src/main/container/Containerfile + src/main/container/Dockerfile - name: Push to quay.io id: push-to-quay uses: redhat-actions/push-to-registry@v2 diff --git a/src/main/container/Containerfile b/src/main/container/Dockerfile similarity index 100% rename from src/main/container/Containerfile rename to src/main/container/Dockerfile