feat(imagebuilder): imagebuilder v3

Author: duanhongyi

.drone/drone.yml

@@ -0,0 +1,168 @@
+kind: pipeline
+type: docker
+name: linux-amd64
+
+platform:
+  arch: amd64
+  os: linux
+
+steps:
+- name: test
+  image: docker.io/drycc/go-dev
+  pull: if-not-exists
+  privileged: true
+  commands:
+  - make docker-build test
+  environment:
+    VERSION: ${DRONE_TAG:-latest}-linux-amd64
+    DEV_REGISTRY: ${DEV_REGISTRY:-docker.io}
+    DRYCC_REGISTRY: ${DRYCC_REGISTRY:-docker.io}
+  when:
+    event:
+    - push
+    - tag
+    - pull_request
+  volumes:
+  - name: image_registries
+    path: /etc/containers/registries.conf
+
+- name: publish
+  image: docker.io/drycc/go-dev
+  pull: if-not-exists
+  privileged: true
+  commands:
+  - echo $DOCKER_PASSWORD | docker login --username $DOCKER_USERNAME --password-stdin
+  - make docker-build docker-immutable-push
+  environment:
+    VERSION: ${DRONE_TAG:-latest}-linux-amd64
+    DEV_REGISTRY:
+      from_secret: dev_registry
+    DRYCC_REGISTRY:
+      from_secret: drycc_registry
+    DOCKER_USERNAME:
+      from_secret: docker_username
+    DOCKER_PASSWORD:
+      from_secret: docker_password
+  when:
+    event:
+    - push
+    - tag
+  volumes:
+  - name: image_registries
+    path: /etc/containers/registries.conf
+
+trigger:
+  event:
+  - push
+  - tag
+  - pull_request
+
+volumes:
+- name: image_registries
+  host:
+    path: /etc/containers/registries.conf
+
+---
+kind: pipeline
+type: docker
+name: linux-arm64
+
+platform:
+  arch: arm64
+  os: linux
+
+steps:
+- name: publish
+  image: docker.io/drycc/go-dev
+  pull: if-not-exists
+  privileged: true
+  commands:
+  - echo $DOCKER_PASSWORD | docker login --username $DOCKER_USERNAME --password-stdin
+  - make docker-build docker-immutable-push
+  environment:
+    VERSION: ${DRONE_TAG:-latest}-linux-arm64
+    DEV_REGISTRY:
+      from_secret: dev_registry
+    DRYCC_REGISTRY:
+      from_secret: drycc_registry
+    DOCKER_USERNAME:
+      from_secret: docker_username
+    DOCKER_PASSWORD:
+      from_secret: docker_password
+  volumes:
+  - name: image_registries
+    path: /etc/containers/registries.conf
+
+trigger:
+  event:
+  - push
+  - tag
+
+volumes:
+- name: image_registries
+  host:
+    path: /etc/containers/registries.conf
+
+---
+kind: pipeline
+type: docker
+name: manifest
+
+steps:
+- name: generate manifest
+  image: docker.io/library/alpine
+  pull: if-not-exists
+  commands:
+  - sed -i "s/docker.io/$${DRYCC_REGISTRY}/g" .drone/manifest.tmpl
+  environment:
+    DRYCC_REGISTRY:
+      from_secret: drycc_registry
+
+- name: publish
+  image: plugins/manifest
+  settings:
+    spec: .drone/manifest.tmpl
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+  environment:
+    DEV_REGISTRY:
+      from_secret: dev_registry
+    DRYCC_REGISTRY:
+      from_secret: drycc_registry
+
+trigger:
+  event:
+  - push
+  - tag
+
+depends_on:
+- linux-amd64
+- linux-arm64
+
+---
+kind: pipeline
+type: docker
+name: chart
+
+steps:
+- name: generate chart
+  image: docker.io/drycc/python-dev
+  commands:
+  - IMAGE_TAG=$([ ! -z $DRONE_TAG ] && echo ${DRONE_TAG:1} || echo \"canary\")
+  - sed -i "s/image_tag:\ \"canary\"/image_tag:\ $IMAGE_TAG/g" charts/buildparker/values.yaml
+  - helm package charts/buildparker --version ${DRONE_TAG:-v1.0.0}
+  - curl -u $CHARTMUSEUM_USERNAME:$CHARTMUSEUM_PASSWORD -F chart=@buildparker-${DRONE_TAG:-v1.0.0}.tgz "$CHARTMUSEUM_API/api/$([ -z $DRONE_TAG ] && echo testing |echo stable)/charts"
+  environment:
+    CHARTMUSEUM_USERNAME:
+      from_secret: chartmuseum_username
+    CHARTMUSEUM_PASSWORD:
+      from_secret: chartmuseum_password
+    CHARTMUSEUM_API:
+      from_secret: chartmuseum_api
+
+trigger:
+  event:
+  - push
+  - tag

.drone/manifest.tmpl

@@ -0,0 +1,19 @@
+
+image: docker.io/drycc/buildparker:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}canary{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+{{/if}}
+manifests:
+  -
+    image: docker.io/drycc/buildparker:{{#if build.tag}}{{build.tag}}-{{else}}latest-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: docker.io/drycc/buildparker:{{#if build.tag}}{{build.tag}}-{{else}}latest-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      os: linux

CONTRIBUTING.md

@@ -0,0 +1,4 @@
+# Contributing to Drycc
+
+This project is part of Drycc. You can find the latest contribution
+guidelines [in our documentation](https://drycc.com/docs/workflow/contributing/overview/).

DCO

@@ -0,0 +1,36 @@
+Developer Certificate of Origin
+Version 1.1
+
+Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+
+
+Developer's Certificate of Origin 1.1
+
+By making a contribution to this project, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the open source license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate open source
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same open source license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the open source license(s) involved.

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) Drycc team. All rights reserved.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

MAINTAINERS.md

@@ -0,0 +1,4 @@
+# Drycc Maintainers
+
+This project is part of Drycc. The official maintainers documentation is
+located.

Makefile

@@ -0,0 +1,72 @@
+SHORT_NAME ?= imagebuilder
+DRYCC_REGISTRY ?= ${DEV_REGISTRY}
+PLATFORM ?= linux/amd64,linux/arm64
+
+export GO15VENDOREXPERIMENT=1
+
+# Note that Minio currently uses CGO.
+
+LDFLAGS := "-s -X main.version=${VERSION}"
+IMAGE_PREFIX ?= drycc
+BINDIR := ./rootfs/bin
+
+include versioning.mk
+
+SHELL_SCRIPTS = $(wildcard _scripts/*.sh) \
+				rootfs/usr/local/bin/* \
+				rootfs/pack/*
+
+# The following variables describe the containerized development environment
+# and other build options
+DEV_ENV_IMAGE := ${DEV_REGISTRY}/drycc/go-dev
+DEV_ENV_WORK_DIR := /go/src/${REPO_PATH}
+DEV_ENV_CMD := docker run --rm -v ${CURDIR}:${DEV_ENV_WORK_DIR} -w ${DEV_ENV_WORK_DIR} ${DEV_ENV_IMAGE}
+DEV_ENV_CMD_INT := docker run -it --rm -v ${CURDIR}:${DEV_ENV_WORK_DIR} -w ${DEV_ENV_WORK_DIR} ${DEV_ENV_IMAGE}
+
+all: build docker-build docker-push
+
+bootstrap:
+	@echo Nothing to do.
+
+build:
+	@echo Nothing to do.
+
+docker-build:
+	docker build ${DOCKER_BUILD_FLAGS} -t ${IMAGE} -f rootfs/Dockerfile rootfs
+	docker tag ${IMAGE} ${MUTABLE_IMAGE}
+
+docker-buildx:
+	docker buildx build --platform ${PLATFORM} ${DOCKER_BUILD_FLAGS} -t ${IMAGE} -f rootfs/Dockerfile rootfs --push
+
+deploy: docker-build docker-push
+
+kube-pod: kube-service
+	kubectl create -f ${POD}
+
+kube-secrets:
+	- kubectl create -f ${SEC}
+
+secrets:
+	perl -pi -e "s|access-key-id: .+|access-key-id: ${key}|g" ${SEC}
+	perl -pi -e "s|access-secret-key: .+|access-secret-key: ${secret}|g" ${SEC}
+	echo ${key} ${secret}
+
+kube-service: kube-secrets
+	- kubectl create -f ${SVC}
+
+kube-clean:
+	- kubectl delete rc drycc-${SHORT_NAME}-rc
+
+test: test-style test-unit test-functional
+
+test-style:
+	${DEV_ENV_CMD} shellcheck $(SHELL_SCRIPTS)
+
+test-unit:
+	docker run --entrypoint /usr/bin/env ${IMAGE} python3 -m unittest procfile
+
+test-functional:
+	@echo "Implement functional tests in _tests directory"
+
+.PHONY: all bootstrap build docker-build docker-push deploy kube-pod kube-secrets \
+	secrets kube-service kube-clean test

README.md

@@ -0,0 +1,30 @@
+# Drycc imagebuilder v3
+[![Build Status](https://drone.drycc.cc/api/badges/drycc/imagebuilder/status.svg)](https://drone.drycc.cc/drycc/imagebuilder)
+
+Drycc (pronounced DAY-iss) Workflow is an open source Platform as a Service (PaaS) that adds a developer-friendly layer to any [Kubernetes](http://kubernetes.io) cluster, making it easy to deploy and manage applications on your own servers.
+
+For more information about the Drycc Workflow, please visit the main project page at https://github.com/drycc/workflow.
+
+We welcome your input! If you have feedback, please [submit an issue][issues]. If you'd like to participate in development, please read the "Development" section below and [submit a pull request][prs].
+
+# About
+
+The imagebuilder downloads a git archive ([gzip](http://www.gzip.org/)ped [tar](https://www.gnu.org/software/tar/)ball) from a specified [S3 API compatible server][s3-api], compiles a [slug](https://devcenter.heroku.com/articles/slug-compiler) and uploads it to a specified S3 API compatible server.
+
+This component is usually launched by the [Drycc Builder](https://github.com/drycc/builder) and used inside the Drycc [PaaS](https://en.wikipedia.org/wiki/Platform_as_a_service), but it is flexible enough to be used as a pod inside any Kubernetes cluster.
+
+Please see https://github.com/drycc/builder/blob/master/README.md for a more detailed description of how `imagebuilder` interacts with `builder`.
+
+# Development
+
+The Drycc project welcomes contributions from all developers. The high level process for development matches many other open source projects. See below for an outline.
+
+* Fork this repository
+* Make your changes
+* [Submit a pull request][prs] (PR) to this repository with your changes, and unit tests whenever possible.
+  * If your PR fixes any [issues][issues], make sure you write Fixes #1234 in your PR description (where #1234 is the number of the issue you're closing)
+* The Drycc core contributors will review your code. After each of them sign off on your code, they'll label your PR with LGTM1 and LGTM2 (respectively). Once that happens, the contributors will merge it
+
+[issues]: https://github.com/drycc/imagebuilder/issues
+[prs]: https://github.com/drycc/imagebuilder/pulls
+[s3-api]: http://docs.aws.amazon.com/AmazonS3/latest/API/APIRest.html

_docs/README.md

@@ -0,0 +1 @@
+# drycc-imagebuilder on Kubernetes

_docs/users.json

@@ -0,0 +1,15 @@
+{
+	"Version": "0.0.1",
+	"Users": {
+		"admin": {
+			"name": "admin",
+			"accessKeyId": "admin",
+			"secretAccessKey": "pdG8Rpw0h8QtxybHsMHlkJtzJzZ2sC7b2cFBEgn+"
+		},
+		"user": {
+			"name": "user",
+			"accessKeyId": "8TZRY2JRWMPT6UMXR6I5",
+			"secretAccessKey": "gbstrOvotMMcg2sMfGUhA5a6Et/EI5ALtIHsobYk"
+		}
+	}
+}