diff --git a/.travis.yml b/.travis.yml index a4b0cecc..0118a67f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,6 +20,7 @@ branches: - master - main - /^(.*-test-deploy)$/ + - hr/HYRAX-1964-use-dockerized-bes notifications: email: @@ -68,9 +69,9 @@ install: stages: - name: BUILD_AND_TEST - if: branch = master OR branch = main OR branch =~ ^(.*-test-deploy)$ + if: branch = master OR branch = main OR branch =~ ^(.*-test-deploy)$ OR branch = "hr/HYRAX-1964-use-dockerized-bes" - name: BUILD - if: branch = master OR branch = main OR branch =~ ^(.*-test-deploy)$ + if: branch = master OR branch = main OR branch =~ ^(.*-test-deploy)$ OR branch = "hr/HYRAX-1964-use-dockerized-bes" - name: TEST_DEPLOYED_IMAGE if: ((branch = master or branch = main) and (type != pull_request)) or (branch =~ ^(.*-test-deploy)$) - name: disabled diff --git a/el8-build-recipe b/el8-build-recipe index 953f60d9..13d069aa 100644 --- a/el8-build-recipe +++ b/el8-build-recipe @@ -1,6 +1,6 @@ TARGET_OS: el8 TOMCAT_MAJOR_VERSION: 9 libdap4-3.21.1-390 2026-03-04T03:14:01+0000 -bes-3.21.1-1093 2026-03-04T13:22:30+0000 -olfs-1.18.15-718 2026-03-04T13:35:59+0000 -hyrax-1.17.1-718 2026-03-04T13:35:59+0000 +bes-3.21.1-1101 2026-03-05T17:25:18+0000 +olfs-1.18.15-731 2026-03-05T17:37:19+0000 +hyrax-1.17.1-731 2026-03-05T17:37:19+0000 diff --git a/el8-builds/besd/Dockerfile b/el8-builds/besd/Dockerfile index 836c732b..59e5e73b 100644 --- a/el8-builds/besd/Dockerfile +++ b/el8-builds/besd/Dockerfile @@ -23,7 +23,7 @@ RUN if [ -z "$BES_CORE_IMAGE_TAG" ]; then \ fi # User defined and created in the `bes_core` image -ENV BES_USER ${USER:-"bes_user"} +ENV BES_USER="${USER:-"bes_user"}" ARG RELEASE_DATE ENV RELEASE_DATE ${RELEASE_DATE:-"unknown"} @@ -81,8 +81,8 @@ RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ && chkconfig --add besd \ && ldconfig \ && chkconfig --list | grep besd \ - && echo "whoami: "`whoami` \ - && echo "besdaemon is here: "`which besdaemon` + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" # Adapted from bes/spec.all_static.in in RPM creation. # The four *.pem substitutions may be unnecessary, as those *.pem files may be @@ -103,7 +103,7 @@ RUN sed -i.dist \ && touch "/var/log/bes/bes.log" \ && sudo chown -R $BES_USER:$BES_USER "/var/log/bes/" -RUN echo "besdaemon is here: "`which besdaemon` +RUN echo "besdaemon is here: $(which besdaemon)" COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh diff --git a/el8-builds/build-el8 b/el8-builds/build-el8 index f3c50a66..42001cfc 100755 --- a/el8-builds/build-el8 +++ b/el8-builds/build-el8 @@ -693,6 +693,7 @@ function build_hyrax_docker() { --build-arg LIBDAP_VERSION \ --build-arg BES_VERSION \ --build-arg OLFS_VERSION \ + --build-arg BES_CORE_IMAGE_TAG \ --tag "${BUILD_VERSION_TAG}" \ --tag "${SNAPSHOT_IMAGE_TAG}" \ ${docker_name} diff --git a/el8-builds/hyrax/Dockerfile b/el8-builds/hyrax/Dockerfile index 8b176b91..be648d7c 100644 --- a/el8-builds/hyrax/Dockerfile +++ b/el8-builds/hyrax/Dockerfile @@ -25,7 +25,7 @@ RUN if test -n "$BES_CORE_IMAGE_TAG"; then \ fi # User defined and created in the `bes_core` image -ENV BES_USER ${USER:-"bes_user"} +ENV BES_USER="${USER:-"bes_user"}" ENV ARCH="x86_64" ENV java_version="java-17-openjdk" @@ -186,8 +186,8 @@ RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ && chkconfig --add besd \ && ldconfig \ && chkconfig --list | grep besd \ - && echo "whoami: "`whoami` \ - && echo "besdaemon is here: "`which besdaemon` + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" # Adapted from bes/spec.all_static.in in RPM creation. # The four *.pem substitutions may be unnecessary, as those *.pem files may be diff --git a/el8-builds/ngap/Dockerfile b/el8-builds/ngap/Dockerfile index d3aa32e2..81653891 100644 --- a/el8-builds/ngap/Dockerfile +++ b/el8-builds/ngap/Dockerfile @@ -23,7 +23,7 @@ RUN if [ -z "$BES_CORE_IMAGE_TAG" ]; then \ fi # User defined and created in the `bes_core` image -ENV BES_USER ${USER:-"bes_user"} +ENV BES_USER="${USER:-"bes_user"}" ENV ARCH="x86_64" ENV java_version="java-17-openjdk" @@ -167,8 +167,8 @@ RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ && chkconfig --add besd \ && ldconfig \ && chkconfig --list | grep besd \ - && echo "whoami: "`whoami` \ - && echo "besdaemon is here: "`which besdaemon` + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" # Adapted from bes/spec.all_static.in in RPM creation. # The four *.pem substitutions may be unnecessary, as those *.pem files may be diff --git a/el8-builds/ngap/entrypoint.sh b/el8-builds/ngap/entrypoint.sh index 68a2adcb..07c1340c 100755 --- a/el8-builds/ngap/entrypoint.sh +++ b/el8-builds/ngap/entrypoint.sh @@ -14,7 +14,8 @@ if [[ "$LOG_KEY_PREFIX" != *"-" ]]; then fi # Set in docker image. -# BES_USER initially defined upstream in docker image base `bes_core` as $USER +# BES_USER initially defined upstream in docker image base `bes_core` as $USER, +# updated to $BES_USER in ngap/Dockerfile export PREFIX=${PREFIX:-"/root/install"} export BES_USER=${BES_USER:-"bes_user"} diff --git a/el9-build-recipe b/el9-build-recipe index 6d2f3853..f3351da5 100644 --- a/el9-build-recipe +++ b/el9-build-recipe @@ -1,6 +1,6 @@ TARGET_OS: el9 TOMCAT_MAJOR_VERSION: 11 libdap4-3.21.1-390 2026-03-04T03:14:01+0000 -bes-3.21.1-1093 2026-03-04T13:22:30+0000 -olfs-1.18.15-719 2026-03-04T13:48:11+0000 -hyrax-1.17.1-719 2026-03-04T13:48:11+0000 +bes-3.21.1-1101 2026-03-05T17:25:18+0000 +olfs-1.18.15-732 2026-03-05T18:13:42+0000 +hyrax-1.17.1-732 2026-03-05T18:13:42+0000 diff --git a/el9-builds/besd/Dockerfile b/el9-builds/besd/Dockerfile index 30a61730..b8ca58e2 100644 --- a/el9-builds/besd/Dockerfile +++ b/el9-builds/besd/Dockerfile @@ -14,7 +14,18 @@ # # Set one or more individual labels # -FROM rockylinux:9 +ARG BES_CORE_IMAGE_TAG +FROM ${BES_CORE_IMAGE_TAG:-"rockylinux:9"} + +ARG BES_CORE_IMAGE_TAG +RUN if [ -z "$BES_CORE_IMAGE_TAG" ]; then \ + echo "Error: Non-empty BES_CORE_IMAGE_TAG must be specified. Exiting."; \ + exit 1; \ + fi + +# User defined and created in the `bes_core` image +ENV BES_USER="${USER:-"bes_user"}" + ENV HR="###############################################################################################################" ENV HR2="-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --" ENV TARGET_OS="el9" @@ -25,7 +36,7 @@ RUN echo "# BEGIN - besd docker build" # rocky9 comes with python 3.9 by default, and replacing it seems problematic at best. RUN echo "# Python Version: $(python3 --version)" -ENV dnf_runtime_packages="which unzip procps bc" +ENV dnf_runtime_packages="which unzip procps bc chkconfig" RUN echo "# dnf_runtime_packages: $dnf_runtime_packages" ENV dnf_developer_tools_packages="emacs vim awscli jq gdb valgrind" @@ -35,24 +46,26 @@ ARG RELEASE_DATE ENV RELEASE_DATE="${RELEASE_DATE:-$(date +%s)}" RUN echo "RELEASE_DATE: $RELEASE_DATE" +# Fail if requested LIBDAP_VERSION or BES_VERSION do not match installations in base image ARG LIBDAP_VERSION ENV LIBDAP_VERSION=${LIBDAP_VERSION:-"snapshot-$TARGET_OS"} -RUN echo "LIBDAP_VERSION: $LIBDAP_VERSION" - -ARG LIBDAP_RPM -ENV LIBDAP_RPM=${LIBDAP_RPM:-"libdap-$LIBDAP_VERSION.$TARGET_OS.x86_64.rpm"} -RUN echo "LIBDAP_RPM: $LIBDAP_RPM" -COPY "$LIBDAP_RPM" "/$LIBDAP_RPM" +RUN LIBDAP_VERSION_FOUND=$(cat libdap_VERSION); \ + if [ "${LIBDAP_VERSION_FOUND}" == "${LIBDAP_VERSION:-missing}" ]; then \ + echo "LIBDAP_VERSION: ${LIBDAP_VERSION}"; \ + else \ + echo "Error: Expected LIBDAP_VERSION `${LIBDAP_VERSION}`, found version `${LIBDAP_VERSION_FOUND}`. Exiting."; \ + exit 1; \ + fi ARG BES_VERSION ENV BES_VERSION=${BES_VERSION:-"snapshot-$TARGET_OS"} -RUN echo "BES_VERSION: $BES_VERSION" - -ARG BES_RPM -ENV BES_RPM=${BES_RPM:-"bes-$BES_VERSION.static.$TARGET_OS.x86_64.rpm"} -RUN echo "BES_RPM: $BES_RPM" -COPY "$BES_RPM" "/$BES_RPM" - +RUN BES_VERSION_FOUND=$(cat bes_VERSION); \ + if [ "${BES_VERSION_FOUND}" == "${BES_VERSION:-missing}" ]; then \ + echo "BES_VERSION: ${BES_VERSION}"; \ + else \ + echo "Error: Expected BES_VERSION \"${BES_VERSION}\", found version \"${BES_VERSION_FOUND}\". Exiting."; \ + exit 1; \ + fi LABEL vendor="OPeNDAP Incorporated" LABEL org.opendap.besdaemon.version="$BES_VERSION" @@ -61,6 +74,7 @@ LABEL org.opendap.hyrax.version.is-production="false" LABEL org.opencontainers.image.authors="support@opendap.org" USER root +WORKDIR / ###################################################################### # Update the OS and create a handy executable shell scipt to simplify @@ -71,38 +85,45 @@ RUN set -e \ && dnf install -y $dnf_runtime_packages \ && echo "#!/bin/bash" > /install-dev-tools \ && echo "dnf install -y $dnf_developer_tools_packages" > /install-dev-tools \ - && chmod 755 /install-dev-tools + && chmod 755 /install-dev-tools \ + && dnf clean all -################################################################ -# Install the libdap rpm -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the libdap rpm: $LIBDAP_RPM" >&2 \ - && ls -l ./libdap* \ - && dnf -y install ./libdap-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$LIBDAP_RPM" \ - && dnf clean all \ - && echo "# libdap4 is installed." >&2 \ - && echo "$HR" >&2 - -################################################################ -# Install the the BES -# besd, besdaemon, beslistener, besctl, besstandalone, bescmdline -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the BES rpm: $BES_RPM" >&2 \ - && ls -l ./bes* \ - && dnf -y install ./bes-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$BES_RPM" \ - && dnf clean all \ - && echo "# besdaemon is here: $(which besdaemon)" >&2 \ - && echo "# besdaemon -v: '$(besdaemon -v)'" >&2 \ - && echo "$HR" >&2 +###################################################################### +# Set up BES +# +# BES is already installed on the base image, but +# we need to do some additional configuration (to match what was +# previously handled by bes RPM installation) + +# Add besd service to start at boot +RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ + && chkconfig --add besd \ + && ldconfig \ + && chkconfig --list | grep besd \ + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" + +# Adapted from bes/spec.all_static.in in RPM creation. +# The four *.pem substitutions may be unnecessary, as those *.pem files may be +# vestigial substitutions for a build process past. +RUN sed -i.dist \ + -e 's:=.*/bes.log:=/var/log/bes/bes.log:' \ + -e 's:=.*/lib/bes:='"$PREFIX"'/lib/bes:' \ + -e 's:=.*/share/bes:='"$PREFIX"'/share/bes:' \ + -e 's:=.*/share/hyrax:='"$PREFIX"'/share/hyrax:' \ + -e 's:=/full/path/to/serverside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/serverside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=/full/path/to/clientside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/clientside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=user_name:='"$BES_USER"':' \ + -e 's:=group_name:='"$BES_USER"':' \ + $PREFIX/etc/bes/bes.conf \ + && mkdir -p "/var/log/bes/" \ + && touch "/var/log/bes/bes.log" \ + && sudo chown -R $BES_USER:$BES_USER "/var/log/bes/" + +RUN echo "besdaemon is here: $(which besdaemon)" COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh @@ -111,10 +132,5 @@ ENTRYPOINT ["/entrypoint.sh"] EXPOSE 10022 EXPOSE 11002 -# can't use USER with entrypoint that needs root -# use gosu or, as done, enable bes user write so the entrypoint doe snot need root -RUN chown -R bes /etc/bes -USER root - CMD ["-"] diff --git a/el9-builds/besd/entrypoint.sh b/el9-builds/besd/entrypoint.sh index 8dbc4289..4f2d36f6 100755 --- a/el9-builds/besd/entrypoint.sh +++ b/el9-builds/besd/entrypoint.sh @@ -112,11 +112,11 @@ fi # if [ "$SERVER_HELP_EMAIL" != "not_set" ]; then loggy "Setting Admin Contact To: $SERVER_HELP_EMAIL" - sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" /etc/bes/bes.conf + sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" $PREFIX/etc/bes/bes.conf fi if [ "$FOLLOW_SYMLINKS" != "not_set" ]; then loggy "Setting BES FollowSymLinks to YES." - sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" /etc/bes/bes.conf + sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" $PREFIX/etc/bes/bes.conf fi #------------------------------------------------------------------------------- @@ -128,16 +128,16 @@ bes_gid="$(id -g bes)" echo "bes_gid: $bes_gid" # Start the BES daemon process -# /usr/bin/besdaemon -i /usr -c /etc/bes/bes.conf -r /var/run/bes.pid +# /usr/bin/besdaemon -i /usr -c $PREFIX/etc/bes/bes.conf -r /var/run/bes.pid loggy "Calling 'besctl start'" -/usr/bin/besctl start +$PREFIX/usr/bin/besctl start status=$? if [ $status -ne 0 ]; then loggy "ERROR: Failed to start BES: $status" exit $status fi -besd_pid="$(ps aux | grep /usr/bin/besdaemon | grep -v grep | awk '{print $2;}' - )" +besd_pid="$(ps aux | grep $PREFIX/usr/bin/besdaemon | grep -v grep | awk '{print $2;}' - )" loggy "The besdaemon is UP! pid: $besd_pid" start_time= start_time="$(date "+%s")" diff --git a/el9-builds/build-el9 b/el9-builds/build-el9 index 70fd92b9..39fe98e0 100755 --- a/el9-builds/build-el9 +++ b/el9-builds/build-el9 @@ -83,6 +83,7 @@ function read_build_recipe() { # export APR_VERSION export OS_SNAPSHOT_IMAGE_TAG export OS_BUILD_VERSION_TAG + export BES_CORE_IMAGE_TAG export TEST_DEPLOYMENT @@ -96,6 +97,7 @@ function read_build_recipe() { #APR_VERSION="1.7.6-1" #APR_VERSION=${APR_VERSION:-$(echo "${build_recipe}" | grep apr | sed "s/apr-//g" | awk '{print $1;}')} TEST_DEPLOYMENT="${TEST_DEPLOYMENT:-"$(get_test_deployment_tag "$build_recipe_file")"}" + BES_CORE_IMAGE_TAG="opendap/bes_core:$BES_VERSION-$TARGET_OS" if test "$DOCKER_NAME" == "ngap" then @@ -138,6 +140,7 @@ function show_version(){ loggy "$prolog TEST_DEPLOYMENT: $TEST_DEPLOYMENT" loggy "$prolog LIBDAP_VERSION: $LIBDAP_VERSION" loggy "$prolog BES_VERSION: $BES_VERSION" + loggy "$prolog BES_CORE_IMAGE_TAG: $BES_CORE_IMAGE_TAG" loggy "$prolog OLFS_VERSION: $OLFS_VERSION" loggy "$prolog HYRAX_VERSION: $HYRAX_VERSION" loggy "$prolog DOCKER_NAME: $DOCKER_NAME" @@ -494,72 +497,6 @@ function s3_pull(){ loggy "$prolog END" } -################################################################################ -# -# s3_get_besd_distro() - Get the rpm and war files need for a Hyrax installation -# from the identified S3 bucket. -# $1 - The AWS S3 bucket from which to pull the Hyrax components -# $2 - The directory into which to place the Hyrax components. -# $3 - The linux architecture (aka el7, el8, etc.) -# $4 - The libap version number ##.##.##-## -# $5 - The bes version number ##.##.##-## -# $6 - A debug flag, if present (i.e. not empty string) then the devel and -# debuginfo rpm files for libdap and bes will be retrieved as well. -# -function s3_get_besd_distro() { - local prolog="s3_get_besd_distro() -" - loggy "${HR2}" - loggy "$prolog BEGIN" - local s3_bucket="${1}" - loggy "$prolog s3_bucket: ${s3_bucket}" - local target_dir="${2}" - loggy "$prolog target_dir: ${target_dir}" - local larch="${3}" - loggy "$prolog linux_architecture: ${larch}" - local libdap_version="${4}" - loggy "$prolog libdap_version: ${libdap_version}" - local bes_version="${5}" - loggy "$prolog bes_version: ${bes_version}" - local debug="${6}" - loggy "$prolog debug: ${debug}" - - set -e - - loggy "$prolog Cleaning up..." - rm -fv "${target_dir}/*.rpm" - - loggy "" - s3_pull "${s3_bucket}" \ - "libdap-${libdap_version}.${larch}.x86_64.rpm" \ - "${target_dir}" - - if test -n "${debug}"; then # Only get the debug libs when invoked in debug mode - s3_pull "${s3_bucket}" \ - "libdap-devel-${libdap_version}.${larch}.x86_64.rpm" \ - "${target_dir}" - s3_pull "${s3_bucket}" \ - "libdap-debuginfo-${libdap_version}.${larch}.x86_64.rpm" \ - "${target_dir}" - fi - - s3_pull "${s3_bucket}" \ - "bes-${bes_version}.static.${larch}.x86_64.rpm" \ - "${target_dir}" - - if test -n "${debug}"; then # Only get the debug libs when invoked in debug mode - s3_pull "${s3_bucket}" \ - "bes-devel-${bes_version}.static.${larch}.x86_64.rpm" \ - "${target_dir}" - s3_pull "${s3_bucket}" \ - "bes-debuginfo-${bes_version}.static.${larch}.x86_64.rpm" \ - "${target_dir}" - fi - - set +e - loggy "" - return 0 -} - ################################################################################ # # s3_get_apache_apr_distro() - Get the rpm and war files need for a Hyrax installation @@ -927,6 +864,7 @@ function build_hyrax_docker() { --build-arg LIBDAP_VERSION \ --build-arg BES_VERSION \ --build-arg OLFS_VERSION \ + --build-arg BES_CORE_IMAGE_TAG \ --tag "${OS_BUILD_VERSION_TAG}" \ --tag "${OS_SNAPSHOT_IMAGE_TAG}" \ ${docker_name} @@ -1034,13 +972,6 @@ function build_hyrax() { "${DOCKER_NAME}" \ "${TOMCAT_VERSION}" 2>&1 | tee -a "${log_file}" - s3_get_besd_distro \ - "${S3_BUILD_BUCKET}" \ - "${DOCKER_NAME}" \ - "$TARGET_OS" \ - "${LIBDAP_VERSION}" \ - "${BES_VERSION}" $debug 2>&1 | tee -a "${log_file}" - s3_get_olfs_distro \ "${S3_BUILD_BUCKET}" \ "${DOCKER_NAME}" \ @@ -1095,13 +1026,6 @@ function build_ngap() { "${DOCKER_NAME}" \ "${tomcat_version}" 2>&1 | tee -a "${log_file}" - s3_get_besd_distro \ - "${S3_BUILD_BUCKET}" \ - "${DOCKER_NAME}" \ - "el8" \ - "${LIBDAP_VERSION}" \ - "${BES_VERSION}" 2>&1 | tee -a "${log_file}" - get_ngap_olfs_distro \ "${S3_BUILD_BUCKET}" \ "${DOCKER_NAME}" \ @@ -1189,13 +1113,6 @@ function build_besd() { export DOCKER_NAME="besd" show_version 2>&1 | tee "${log_file}" - s3_get_besd_distro \ - "${S3_BUILD_BUCKET}" \ - "${DOCKER_NAME}" \ - "$TARGET_OS" \ - "${LIBDAP_VERSION}" \ - "${BES_VERSION}" 2>&1 | tee -a "${log_file}" - build_besd_docker 2>&1 | tee -a "${log_file}" # cleanup_build_files "${DOCKER_NAME}" 2>&1 | tee -a "${log_file}" } @@ -1331,13 +1248,6 @@ function travis_hyrax() { show_version get_tomcat_distro "${DOCKER_NAME}" "${TOMCAT_VERSION}" - s3_get_besd_distro \ - "${S3_BUILD_BUCKET}" \ - "${DOCKER_NAME}" \ - "$TARGET_OS" \ - "${LIBDAP_VERSION}" \ - "${BES_VERSION}" \ - "$ADD_DEBUG" 2>&1 s3_get_olfs_distro \ "${S3_BUILD_BUCKET}" \ "${DOCKER_NAME}" \ diff --git a/el9-builds/build-hyrax-ngap.sh b/el9-builds/build-hyrax-ngap.sh index 8d94e55d..6e4f5f42 100755 --- a/el9-builds/build-hyrax-ngap.sh +++ b/el9-builds/build-hyrax-ngap.sh @@ -45,15 +45,7 @@ loggy "APACHE_APR_VERSION: $APACHE_APR_VERSION" show_version # get_tomcat_distro "$DOCKER_NAME" "$TOMCAT_VERSION" -# -s3_get_besd_distro \ - "$S3_BUILD_BUCKET" \ - "$DOCKER_DIR" \ - "$TARGET_OS" \ - "$LIBDAP_VERSION" \ - "$BES_VERSION" "$ADD_DEBUG_RPMS" -# s3_get_apache_apr_distro \ "$S3_BUILD_BUCKET" \ "$DOCKER_DIR" \ @@ -81,6 +73,7 @@ docker build \ --build-arg LIBDAP_VERSION \ --build-arg BES_VERSION \ --build-arg OLFS_VERSION \ + --build-arg BES_CORE_IMAGE_TAG \ --build-arg OPENSSL_VERSION \ --tag "${OS_SNAPSHOT_IMAGE_TAG}" \ --tag "${OS_BUILD_VERSION_TAG}" \ diff --git a/el9-builds/hyrax/Dockerfile b/el9-builds/hyrax/Dockerfile index f01ab730..63027cdb 100644 --- a/el9-builds/hyrax/Dockerfile +++ b/el9-builds/hyrax/Dockerfile @@ -13,7 +13,20 @@ # it for debugging stuff. # # Set one or more individual labels -FROM rockylinux:9 +ARG BES_CORE_IMAGE_TAG +FROM ${BES_CORE_IMAGE_TAG:-rockylinux:9} + +ARG BES_CORE_IMAGE_TAG +RUN if test -n "$BES_CORE_IMAGE_TAG"; then \ + echo "BES_CORE_IMAGE_TAG appears to be set: '$BES_CORE_IMAGE_TAG'" ;\ + else \ + echo "Error: Non-empty BES_CORE_IMAGE_TAG must be specified. Exiting."; \ + exit 1; \ + fi + +# User defined and created in the `bes_core` image +ENV BES_USER="${USER:-"bes_user"}" + ENV HR="###############################################################################################################" ENV HR2="-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --" ENV TARGET_OS="el9" @@ -31,7 +44,7 @@ RUN echo "# Python Version: $(python3 --version)" # procps - so we can use 'ps' to track the bes and tomcat processes. # bc - is used by the cleanup_files.sh script to compute time stuff for # orphaned files. -ENV dnf_runtime_packages="which unzip procps bc" +ENV dnf_runtime_packages="which unzip procps bc chkconfig" RUN echo "# dnf_runtime_packages: $dnf_runtime_packages" # Stuff we need to build the hyrax_regression_tests @@ -58,25 +71,26 @@ ARG HYRAX_VERSION ENV HYRAX_VERSION=${HYRAX_VERSION:-"snapshot-$TARGET_OS"} RUN echo "# HYRAX_VERSION: $HYRAX_VERSION" +# Fail if requested LIBDAP_VERSION or BES_VERSION do not match installations in base image ARG LIBDAP_VERSION ENV LIBDAP_VERSION=${LIBDAP_VERSION:-"snapshot-$TARGET_OS"} -RUN echo "# LIBDAP_VERSION: $LIBDAP_VERSION" - -ARG LIBDAP_RPM -ENV LIBDAP_RPM=${LIBDAP_RPM:-"libdap-$LIBDAP_VERSION.$TARGET_OS.x86_64.rpm"} -RUN echo "# LIBDAP_RPM: $LIBDAP_RPM" -COPY "$LIBDAP_RPM" libdap-devel-* libdap-debuginfo-* / -RUN ls -l /libdap-* >&2 +RUN LIBDAP_VERSION_FOUND=$(cat libdap_VERSION); \ + if [ "${LIBDAP_VERSION_FOUND}" == "${LIBDAP_VERSION:-missing}" ]; then \ + echo "LIBDAP_VERSION: ${LIBDAP_VERSION}"; \ + else \ + echo "Error: Expected LIBDAP_VERSION `${LIBDAP_VERSION}`, found version `${LIBDAP_VERSION_FOUND}`. Exiting."; \ + exit 1; \ + fi ARG BES_VERSION ENV BES_VERSION=${BES_VERSION:-"snapshot-$TARGET_OS"} -RUN echo "# BES_VERSION: $BES_VERSION" - -ARG BES_RPM -ENV BES_RPM=${BES_RPM:-"bes-$BES_VERSION.static.$TARGET_OS.x86_64.rpm"} -RUN echo "# BES_RPM: $BES_RPM" -COPY "$BES_RPM" bes-devel-* bes-debuginfo-* / -RUN ls -l /bes-* >&2 +RUN BES_VERSION_FOUND=$(cat bes_VERSION); \ + if [ "${BES_VERSION_FOUND}" == "${BES_VERSION:-missing}" ]; then \ + echo "BES_VERSION: ${BES_VERSION}"; \ + else \ + echo "Error: Expected BES_VERSION \"${BES_VERSION}\", found version \"${BES_VERSION_FOUND}\". Exiting."; \ + exit 1; \ + fi ARG OLFS_VERSION ENV OLFS_VERSION=${OLFS_VERSION:-"snapshot-$TARGET_OS"} @@ -103,6 +117,7 @@ LABEL org.opendap.hyrax.version.is-production="false" LABEL org.opencontainers.image.authors="support@opendap.org" USER root +WORKDIR / # # The --build-arg USE_NCWMS can be set to "true" in order to @@ -138,7 +153,7 @@ RUN set -e \ && dnf update -y \ && echo "#!/bin/bash" > /install-dev-tools \ && echo "dnf install -y $dnf_developer_tools_packages" > /install-dev-tools \ - && chmod 755 /install-dev-tools + && chmod 755 /install-dev-tools \ ###################################################################### # Rocky9 comes with built in curl-minimal. For our puposes we want @@ -146,13 +161,13 @@ RUN set -e \ # The '--allowerasing' parameter enables dnf to erase curl-minimal # and then install the full package. # -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ && echo "# Installing cURL for developers (not minimal cURL)" >&2 \ && dnf install -y curl curl-devel --allowerasing \ && echo "# cURL version: $(curl --version)" >&2 \ - && dnf clean all \ - && echo "$HR" >&2 + # && dnf clean all \ + && echo "$HR" >&2 \ ###################################################################### # We want java ac ertain way ($java_version) and @@ -164,7 +179,7 @@ RUN set -e \ # update-alternatives --list # - We're using the one we wanted: # echo "# java version: $( java -version 2>&1 )" -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ && echo "# It's Java Time Witches!" >&2 \ && echo "# Installing $java_version" >&2 \ @@ -175,10 +190,10 @@ RUN set -e \ && echo "# Enabled $java_version" >&2 \ && echo "# java version: $( java -version 2>&1 )" \ && update-alternatives --list \ - && dnf clean all \ - && echo "$HR" >&2 + # && dnf clean all \ + && echo "$HR" >&2 \ -RUN set -e \ +# RUN set -e \ && dnf install -y $dnf_runtime_packages $dnf_regression_test_packages \ && dnf clean all # @@ -186,34 +201,38 @@ RUN set -e \ # ################################################################ -# Install the libdap rpm -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the libdap rpm: $LIBDAP_RPM" >&2 \ - && ls -l ./libdap* \ - && dnf -y install ./libdap-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$LIBDAP_RPM" \ - && dnf clean all \ - && echo "# libdap4 is installed." >&2 \ - && echo "$HR" >&2 - -################################################################ -# Install the the BES -# besd, besdaemon, beslistener, besctl, besstandalone, bescmdline -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the BES rpm: $BES_RPM" >&2 \ - && ls -l ./bes* \ - && dnf -y install ./bes-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$BES_RPM" \ - && dnf clean all \ - && echo "# besdaemon is here: $(which besdaemon)" >&2 \ - && echo "# besdaemon -v: '$(besdaemon -v)'" >&2 \ - && echo "$HR" >&2 +# Set up BES +# +# BES is already installed on the base image, but +# we need to do some additional configuration (to match what was +# previously handled by bes RPM installation) + +# Add besd service to start at boot +RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ + && chkconfig --add besd \ + && ldconfig \ + && chkconfig --list | grep besd \ + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" + +# Adapted from bes/spec.all_static.in in RPM creation. +# The four *.pem substitutions may be unnecessary, as those *.pem files may be +# vestigial substitutions for a build process past. +RUN sed -i.dist \ + -e 's:=.*/bes.log:=/var/log/bes/bes.log:' \ + -e 's:=.*/lib/bes:='"$PREFIX"'/lib/bes:' \ + -e 's:=.*/share/bes:='"$PREFIX"'/share/bes:' \ + -e 's:=.*/share/hyrax:='"$PREFIX"'/share/hyrax:' \ + -e 's:=/full/path/to/serverside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/serverside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=/full/path/to/clientside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/clientside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=user_name:='"$BES_USER"':' \ + -e 's:=group_name:='"$BES_USER"':' \ + $PREFIX/etc/bes/bes.conf \ + && mkdir -p "/var/log/bes/" \ + && touch "/var/log/bes/bes.log" \ + && sudo chown -R $BES_USER:$BES_USER "/var/log/bes/" ################################################################ # Install and Setup Tomcat @@ -288,12 +307,6 @@ RUN set -e \ && chown -R tomcat:tomcat "$CATALINA_HOME/webapps/$DEPLOYMENT_CONTEXT/WEB-INF/conf/logs" \ && chmod 700 "$CATALINA_HOME/webapps/$DEPLOYMENT_CONTEXT/WEB-INF/conf/logs" -################################################################ -# Clean up the Hyrax distribution binaries. -# -# -################################################################ - ################################################################ # retrieve and install the ncWMS web application # - - - - - - - - - - - - - - - - - - - - - @@ -350,7 +363,7 @@ RUN set -e \ && echo "# Retrieving, and building hyrax regression tests." \ && echo "# h_r_t will be in: $TEST_INSTALL_DIR" \ && mkdir -p "$TEST_INSTALL_DIR" \ - && git clone -v https://github.com/opendap/hyrax_regression_tests "$TEST_INSTALL_DIR" \ + && git clone --depth 1 -v https://github.com/opendap/hyrax_regression_tests "$TEST_INSTALL_DIR" \ && cd "$TEST_INSTALL_DIR" \ && autoreconf -vif \ && ./configure @@ -386,9 +399,6 @@ EXPOSE 8443 EXPOSE 10022 EXPOSE 11002 -# can't use USER with entrypoint that needs root -# use gosu or, as done, enable bes user write so the entrypoint does not need root -RUN chown -R bes /etc/bes USER root CMD ["-"] diff --git a/el9-builds/hyrax/entrypoint.sh b/el9-builds/hyrax/entrypoint.sh index 97d1a1f3..7b85dfb4 100755 --- a/el9-builds/hyrax/entrypoint.sh +++ b/el9-builds/hyrax/entrypoint.sh @@ -139,11 +139,11 @@ fi # if test "$SERVER_HELP_EMAIL" != "not_set" ; then loggy "Setting Admin Contact To: $SERVER_HELP_EMAIL" - sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" "/etc/bes/bes.conf" + sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" "$PREFIX/etc/bes/bes.conf" fi if test "$FOLLOW_SYMLINKS" != "not_set" ; then loggy "Setting BES FollowSymLinks to YES." - sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" "/etc/bes/bes.conf" + sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" "$PREFIX/etc/bes/bes.conf" fi loggy "JAVA VERSION: $( java -version 2>&1 )" @@ -170,22 +170,23 @@ loggy "PythonVersion (again): $( python3 --version 2>&1 )" #------------------------------------------------------------------------------- # We use 'echo' in the following because downstream code is expecting this # output to be a key value pair, so none of that loggy() stuff -bes_uid="$(id -u bes)" +bes_username="$BES_USER" +bes_uid="$(id -u ${bes_username})" echo "bes_uid: $bes_uid" -bes_gid="$(id -g bes)" +bes_gid="$(id -g ${bes_username})" echo "bes_gid: $bes_gid" #------------------------------------------------------------------------------- # Start the BES daemon process -# /usr/bin/besdaemon -i /usr -c /etc/bes/bes.conf -r /var/run/bes.pid (old way) +# /usr/bin/besdaemon -i /usr -c $PREFIX/etc/bes/bes.conf -r /var/run/bes.pid (old way) loggy "Launching besd..." -/usr/bin/besctl start +$PREFIX/bin/besctl start status=$? if test $status -ne 0 ; then loggy "ERROR: Failed to start BES: $status" exit $status fi -besd_pid="$(ps aux | grep "/usr/bin/besdaemon" | grep -v grep | awk '{print $2;}' - )" +besd_pid="$(ps aux | grep "$PREFIX/bin/besdaemon" | grep -v grep | awk '{print $2;}' - )" loggy "The besd is UP! [pid: $besd_pid]" #------------------------------------------------------------------------------- diff --git a/el9-builds/ngap/Dockerfile b/el9-builds/ngap/Dockerfile index 0db2b8cb..9beb0f36 100644 --- a/el9-builds/ngap/Dockerfile +++ b/el9-builds/ngap/Dockerfile @@ -13,7 +13,18 @@ # it for debugging stuff. # # Set one or more individual labels -FROM rockylinux:9 +ARG BES_CORE_IMAGE_TAG +FROM ${BES_CORE_IMAGE_TAG:-"rockylinux:9"} + +ARG BES_CORE_IMAGE_TAG +RUN if [ -z "$BES_CORE_IMAGE_TAG" ]; then \ + echo "Error: Non-empty BES_CORE_IMAGE_TAG must be specified. Exiting."; \ + exit 1; \ + fi + +# User defined and created in the `bes_core` image +ENV BES_USER="${USER:-"bes_user"}" + LABEL org.opencontainers.image.authors="support@opendap.org" USER root ENV DEBUG_BUILD="" @@ -29,7 +40,7 @@ ENV java_version="java-21-openjdk" # 'awscli' is used by entrypoint.sh # 'ps' (aka procps) is used by besctl and entrypoint.sh # 'bc' is used entrypoint.sh and cleanup_files.sh -ENV dnf_runtime_packages="which unzip jq procps bc" +ENV dnf_runtime_packages="which unzip jq procps bc chkconfig" RUN echo "# dnf_runtime_packages: $dnf_runtime_packages" @@ -81,25 +92,26 @@ ARG HYRAX_VERSION ENV HYRAX_VERSION=${HYRAX_VERSION:-"snapshot-$TARGET_OS"} RUN echo "# HYRAX_VERSION: ${HYRAX_VERSION}" +# Fail if requested LIBDAP_VERSION or BES_VERSION do not match installations in base image ARG LIBDAP_VERSION ENV LIBDAP_VERSION="${LIBDAP_VERSION:-"snapshot"}" -RUN echo "# LIBDAP_VERSION: $LIBDAP_VERSION" - -ARG LIBDAP_RPM -ENV LIBDAP_RPM="${LIBDAP_RPM:-"libdap-$LIBDAP_VERSION.$TARGET_OS.x86_64.rpm"}" -RUN echo "# LIBDAP_RPM: $LIBDAP_RPM" -COPY ${LIBDAP_RPM} libdap-devel-* libdap-debuginfo-* / -RUN ls -l /libdap-* >&2 +RUN LIBDAP_VERSION_FOUND=$(cat libdap_VERSION); \ + if [ "${LIBDAP_VERSION_FOUND}" == "${LIBDAP_VERSION:-missing}" ]; then \ + echo "LIBDAP Version: ${LIBDAP_VERSION}"; \ + else \ + echo "Error: Expected LIBDAP_VERSION `${LIBDAP_VERSION}`, found version `${LIBDAP_VERSION_FOUND}`. Exiting."; \ + exit 1; \ + fi ARG BES_VERSION ENV BES_VERSION="${BES_VERSION:-"snapshot-$TARGET_OS"}" -RUN echo "# BES_VERSION: $BES_VERSION" - -ARG BES_RPM -ENV BES_RPM="${BES_RPM:-"bes-$BES_VERSION.static.$TARGET_OS.x86_64.rpm"}" -RUN echo "# BES_RPM: $BES_RPM" -COPY "$BES_RPM" bes-devel-* bes-debuginfo-* / -RUN ls -l /bes-* >&2 +RUN BES_VERSION_FOUND=$(cat bes_VERSION); \ + if [ "${BES_VERSION_FOUND}" == "${BES_VERSION:-missing}" ]; then \ + echo "BES Version: ${BES_VERSION}"; \ + else \ + echo "Error: Expected BES_VERSION \"${BES_VERSION}\", found version \"${BES_VERSION_FOUND}\". Exiting."; \ + exit 1; \ + fi ARG OLFS_VERSION ENV OLFS_VERSION="${OLFS_VERSION:-"unknown"}" @@ -138,6 +150,7 @@ LABEL org.opendap.hyrax.version.is-production="false" LABEL org.opencontainers.image.authors="support@opendap.org" USER root +WORKDIR / ###################################################################### # Update the OS and create a handy executable shell scipt to simplify @@ -147,8 +160,7 @@ RUN set -e \ && dnf update -y \ && echo "#!/bin/bash" > /install-dev-tools \ && echo "dnf install -y $dnf_developer_tools_packages" > /install-dev-tools \ - && chmod 755 /install-dev-tools - + && chmod 755 /install-dev-tools \ ###################################################################### # Rocky9 comes with built in curl-minimal. For our puposes we want @@ -156,13 +168,13 @@ RUN set -e \ # The '--allowerasing' parameter enables dnf to erase curl-minimal # and then install the full package. # -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ && echo "# Installing cURL for developers (not minimal cURL)" >&2 \ && dnf install -y curl curl-devel --allowerasing \ && echo "# cURL version: $(curl --version)" >&2 \ - && dnf clean all \ - && echo "$HR" >&2 + # && dnf clean all \ + && echo "$HR" >&2 \ ###################################################################### # We want java ac ertain way ($java_version) and @@ -174,7 +186,7 @@ RUN set -e \ # update-alternatives --list # - We're using the one we wanted: # echo "# java version: $( java -version 2>&1 )" -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ && echo "# It's Java Time Witches!" >&2 \ && echo "# Installing $java_version" >&2 \ @@ -185,8 +197,8 @@ RUN set -e \ && echo "# Enabled $java_version" >&2 \ && echo "# java version: $( java -version 2>&1 )" \ && update-alternatives --list \ - && dnf clean all \ - && echo "$HR" >&2 + # && dnf clean all \ + && echo "$HR" >&2 \ ###################################################################### # This Dockerfile brings in the Tomcat Native APR by using the one @@ -196,7 +208,7 @@ RUN set -e \ # We also enable the CodeReady Builder repo so we can get the # libtirpc-devel package. # -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ # The CRB (CodeReady Builder) repository has to be enabled to get the libtirpc-devel package. && echo "# Installing 'dnf-plugins-core', enabling CRB (CodeReady Builder) repository and installing 'Development Tools'" >&2 \ @@ -208,16 +220,16 @@ RUN set -e \ ###################################################################### # Install our runtime and build time packages. # -RUN set -e \ +# RUN set -e \ && echo "$HR2" >&2 \ && echo "# Installing NGAP package lists..." >&2 \ && dnf install -y $dnf_runtime_packages $dnf_build_the_things_packages \ - && dnf clean all \ - && echo "$HR" >&2 + # && dnf clean all \ + && echo "$HR" >&2 \ ###################################################################### # The follow is a sanity check so that we can see what we got. -RUN set -e \ +# RUN set -e \ && echo "$HR" >&2 \ && if test -n "$DEBUG_BUILD"; then \ echo "# Sanity checking installed packages..." >&2 \ @@ -246,37 +258,39 @@ RUN set -e \ else echo "# Skipping Sanity Checks." >&2 ; fi \ && echo "$HR" >&2 - ################################################################ -# Install the libdap rpm -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the libdap rpm: $LIBDAP_RPM" >&2 \ - && ls -l ./libdap* \ - && dnf -y install ./libdap-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$LIBDAP_RPM" \ - && dnf clean all \ - && echo "# libdap4 is installed." >&2 \ - && echo "$HR" >&2 - -################################################################ -# Install the the BES -# besd, besdaemon, beslistener, besctl, besstandalone, bescmdline -# - - - - - - - - - - - - - - - - - - - - - -RUN set -e \ - && echo "$HR" >&2 \ - && echo "# Installing the BES rpm: $BES_RPM" >&2 \ - && ls -l ./bes* \ - && dnf -y install ./bes-*.rpm \ - && echo "# The 'dnf install' command exited with status: $?" >&2 \ - && rm -f "./$BES_RPM" \ - && dnf clean all \ - && echo "# besdaemon is here: $(which besdaemon)" >&2 \ - && echo "# besdaemon -v: '$(besdaemon -v)'" >&2 \ - && echo "$HR" >&2 - +# Set up BES +# +# BES is already installed on the base image, but +# we need to do some additional configuration (to match what was +# previously handled by bes RPM installation) + +# Add besd service to start at boot +RUN cp ${PREFIX}/etc/rc.d/init.d/besd /etc/rc.d/init.d/besd \ + && chkconfig --add besd \ + && ldconfig \ + && chkconfig --list | grep besd \ + && echo "whoami: $(whoami)" \ + && echo "besdaemon is here: $(which besdaemon)" + +# Adapted from bes/spec.all_static.in in RPM creation. +# The four *.pem substitutions may be unnecessary, as those *.pem files may be +# vestigial substitutions for a build process past. +RUN sed -i.dist \ + -e 's:=.*/bes.log:=/var/log/bes/bes.log:' \ + -e 's:=.*/lib/bes:='"$PREFIX"'/lib/bes:' \ + -e 's:=.*/share/bes:='"$PREFIX"'/share/bes:' \ + -e 's:=.*/share/hyrax:='"$PREFIX"'/share/hyrax:' \ + -e 's:=/full/path/to/serverside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/serverside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=/full/path/to/clientside/certificate/file.pem:=/etc/pki/bes/cacerts/file.pem:' \ + -e 's:=/full/path/to/clientside/key/file.pem:=/etc/pki/bes/public/file.pem:' \ + -e 's:=user_name:='"$BES_USER"':' \ + -e 's:=group_name:='"$BES_USER"':' \ + $PREFIX/etc/bes/bes.conf \ + && mkdir -p "/var/log/bes/" \ + && touch "/var/log/bes/bes.log" \ + && sudo chown -R $BES_USER:$BES_USER "/var/log/bes/" ################################################################ # Install the Apache-Portable-Runtime (Apache APR) @@ -292,6 +306,7 @@ RUN set -e \ && dnf clean all \ && echo "Apache APR is installed." >&2 \ && echo "$HR" >&2 + ################################################################ # Install and Setup Tomcat # @@ -451,7 +466,7 @@ RUN set -e \ && echo "Retrieving, and building hyrax regression tests." >&2 \ && echo "h_r_t will be in: $TEST_INSTALL_DIR" >&2 \ && mkdir -p "$TEST_INSTALL_DIR" \ - && git clone -v "https://github.com/opendap/hyrax_regression_tests" "$TEST_INSTALL_DIR" \ + && git clone --depth 1 -v "https://github.com/opendap/hyrax_regression_tests" "$TEST_INSTALL_DIR" \ && cd "$TEST_INSTALL_DIR" \ && git status >&2 \ && autoreconf -vif >&2 \ @@ -478,10 +493,4 @@ EXPOSE 8443 EXPOSE 10022 EXPOSE 11002 -# can't use USER with entrypoint that needs root -# use gosu or, as done, enable bes user write so the entrypoint does not need root -RUN set -e && chown -R bes /etc/bes -USER root - CMD ["-"] - diff --git a/el9-builds/ngap/entrypoint.sh b/el9-builds/ngap/entrypoint.sh index 407f33e3..557e4c8d 100755 --- a/el9-builds/ngap/entrypoint.sh +++ b/el9-builds/ngap/entrypoint.sh @@ -12,6 +12,13 @@ export LOG_KEY_PREFIX="${LOG_KEY_PREFIX:-"hyrax-"}" if [[ "$LOG_KEY_PREFIX" != *"-" ]]; then LOG_KEY_PREFIX="$LOG_KEY_PREFIX-" fi + +# Set in docker image. +# BES_USER initially defined upstream in docker image base `bes_core` as $USER, +# updated to $BES_USER in ngap/Dockerfile +export PREFIX="${PREFIX:-/root/install}" +export BES_USER="${BES_USER:-bes_user}" + ########################################################################## # # Functions @@ -208,10 +215,12 @@ export NGAP_CERTIFICATE_KEY_FILE="/usr/share/tomcat/conf/NGAP-CA-certificate.key startup_log "NGAP_CERTIFICATE_KEY_FILE: $NGAP_CERTIFICATE_KEY_FILE" ################################################################################ +# NETRC_FILE is at the top level /etc/bes instead of $PREFIX/etc/... +# because that's where bamboo expects it to be export NETRC_FILE="/etc/bes/ngap_netrc" startup_log "NETRC_FILE: $NETRC_FILE" -export BES_SITE_CONF_FILE="/etc/bes/site.conf" +export BES_SITE_CONF_FILE="$PREFIX/etc/bes/site.conf" startup_log "BES_SITE_CONF_FILE: $BES_SITE_CONF_FILE" export BES_LOG_FILE="/var/log/bes/bes.log" @@ -232,11 +241,12 @@ startup_log "FOLLOW_SYMLINKS: $FOLLOW_SYMLINKS" # if test -n "$HOST" && test -n "$USERNAME" && test -n "$PASSWORD"; then startup_log "Updating netrc file: $NETRC_FILE" + mkdir -p "$(dirname "${NETRC_FILE}")" # machine is a domain name or an ip address, not a URL. echo "machine $HOST" | sed -e "s_https:__g" -e "s_http:__g" -e "s+/++g" >> "$NETRC_FILE" echo " login $USERNAME" >> "$NETRC_FILE" echo " password $PASSWORD" >> "$NETRC_FILE" - chown bes:bes "$NETRC_FILE" + chown $BES_USER:$BES_USER "$NETRC_FILE" chmod 400 "$NETRC_FILE" startup_log "$(ls -l "$NETRC_FILE")" # startup_log "$( cat "$NETRC_FILE" )" @@ -469,28 +479,29 @@ fi # if test "$SERVER_HELP_EMAIL" != "not_set"; then startup_log "Setting Admin Contact To: $SERVER_HELP_EMAIL" - sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" /etc/bes/bes.conf + sed -i "s/admin.email.address@your.domain.name/$SERVER_HELP_EMAIL/" $PREFIX/etc/bes/bes.conf fi if test "$FOLLOW_SYMLINKS" != "not_set"; then startup_log "Setting BES FollowSymLinks to YES." - sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" /etc/bes/bes.conf + sed -i "s/^BES.Catalog.catalog.FollowSymLinks=No/BES.Catalog.catalog.FollowSymLinks=Yes/" $PREFIX/etc/bes/bes.conf fi ################################################################################ #------------------------------------------------------------------------------- # Start the BES daemon process -# /usr/bin/besdaemon -i /usr -c /etc/bes/bes.conf -r /var/run/bes.pid -bes_uid="$(id -u bes)" -bes_gid="$(id -g bes)" +# /usr/bin/besdaemon -i /usr -c $PREFIX/etc/bes/bes.conf -r /var/run/bes.pid +bes_username="$BES_USER" +bes_uid="$(id -u ${bes_username})" +bes_gid="$(id -g ${bes_username})" startup_log "Launching besd [uid: $bes_uid gid: $bes_gid]" -/usr/bin/besctl start > ./besctl.log 2>&1 # dropped debug control -d "/dev/null,timing" - ndp 10/12/2023 +$PREFIX/bin/besctl start > ./besctl.log 2>&1 # dropped debug control -d "/dev/null,timing" - ndp 10/12/2023 status=$? startup_log "$(cat ./besctl.log)" if test $status -ne 0; then error_log "ERROR: Failed to start BES: $status" #exit $status fi -besd_pid="$(ps aux | grep /usr/bin/besdaemon | grep -v grep | awk '{print $2;}' -)" +besd_pid="$(ps aux | grep $PREFIX/bin/besdaemon | grep -v grep | awk '{print $2;}' -)" startup_log "The besd is UP! [pid: $besd_pid]" #------------------------------------------------------------------------------- diff --git a/travis-build-recipe b/travis-build-recipe index 953f60d9..f3351da5 100644 --- a/travis-build-recipe +++ b/travis-build-recipe @@ -1,6 +1,6 @@ -TARGET_OS: el8 -TOMCAT_MAJOR_VERSION: 9 +TARGET_OS: el9 +TOMCAT_MAJOR_VERSION: 11 libdap4-3.21.1-390 2026-03-04T03:14:01+0000 -bes-3.21.1-1093 2026-03-04T13:22:30+0000 -olfs-1.18.15-718 2026-03-04T13:35:59+0000 -hyrax-1.17.1-718 2026-03-04T13:35:59+0000 +bes-3.21.1-1101 2026-03-05T17:25:18+0000 +olfs-1.18.15-732 2026-03-05T18:13:42+0000 +hyrax-1.17.1-732 2026-03-05T18:13:42+0000