From d1bc2c36fdb0a69c28aeb9222efb27e59855a161 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9=20=22decko=22=20de=20Brito?= Date: Tue, 19 Sep 2023 16:24:58 -0300 Subject: [PATCH] Split up some responsabilities from the entrypoint to a service container. Closes #544 --- images/assets/pulp-api | 40 +-------------- images/assets/pulp-content | 3 +- images/assets/pulp-worker | 3 +- images/assets/set_init_password.sh | 20 ++++++++ images/assets/wait_on_database_migrations.sh | 2 +- images/assets/wait_on_migrations.py | 31 ++++++++++++ images/compose/compose.yml | 49 ++++++++++++++++++- images/pulp-minimal/stable/Containerfile.core | 12 ++++- 8 files changed, 116 insertions(+), 44 deletions(-) create mode 100644 images/assets/set_init_password.sh create mode 100755 images/assets/wait_on_migrations.py diff --git a/images/assets/pulp-api b/images/assets/pulp-api index 655d4ea5..1b1a3e92 100755 --- a/images/assets/pulp-api +++ b/images/assets/pulp-api @@ -1,44 +1,8 @@ #!/bin/bash -x -mkdir -p /var/lib/pulp/media \ - /var/lib/pulp/assets \ - /var/lib/pulp/tmp - /usr/bin/wait_on_postgres.py - -# Get list of installed plugins via pip -# Assumes they are all named like "pulp-file" -> "file", with no 2nd dash. -# (Was previously needed when we ran `pulpcore-manager makemigrations`) -# PLUGINS=$(pip list | awk -F '[[:space:]]+|[-]' '/pulp-/{printf $2 " " }') - -/usr/local/bin/pulpcore-manager migrate --noinput - -set +x - -if [ -n "${PULP_SIGNING_KEY_FINGERPRINT}" ]; then - /usr/local/bin/pulpcore-manager add-signing-service "${COLLECTION_SIGNING_SERVICE}" /var/lib/pulp/scripts/collection_sign.sh "${PULP_SIGNING_KEY_FINGERPRINT}" - /usr/local/bin/pulpcore-manager add-signing-service "${CONTAINER_SIGNING_SERVICE}" /var/lib/pulp/scripts/container_sign.sh "${PULP_SIGNING_KEY_FINGERPRINT}" --class container:ManifestSigningService -fi - -if [[ -n "$PULP_DEFAULT_ADMIN_PASSWORD" ]] -then - PASSWORD_SET=$(/usr/local/bin/pulpcore-manager shell -c "from django.contrib.auth import get_user_model; print(get_user_model().objects.filter(username=\"admin\").exists())") - if [ "$PASSWORD_SET" = "False" ] - then - /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_DEFAULT_ADMIN_PASSWORD}" - fi -else - ADMIN_PASSWORD_FILE=/etc/pulp/pulp-admin-password - if [[ -f "$ADMIN_PASSWORD_FILE" ]]; then - echo "pulp admin can be initialized." - PULP_ADMIN_PASSWORD=$(cat $ADMIN_PASSWORD_FILE) - fi - - if [ -n "${PULP_ADMIN_PASSWORD}" ]; then - /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_ADMIN_PASSWORD}" - fi -fi -set -x +# /usr/bin/wait_on_migrations.py +/usr/bin/wait_on_database_migrations.sh if which pulpcore-api then diff --git a/images/assets/pulp-content b/images/assets/pulp-content index 12550287..52620f1d 100755 --- a/images/assets/pulp-content +++ b/images/assets/pulp-content @@ -1,6 +1,7 @@ -#!/bin/bash -x +#!/bin/bash /usr/bin/wait_on_postgres.py +# /usr/bin/wait_on_migrations.py /usr/bin/wait_on_database_migrations.sh if which pulpcore-content diff --git a/images/assets/pulp-worker b/images/assets/pulp-worker index f63e33b2..aa757705 100755 --- a/images/assets/pulp-worker +++ b/images/assets/pulp-worker @@ -1,6 +1,7 @@ -#!/bin/bash -x +#!/bin/bash /usr/bin/wait_on_postgres.py +# /usr/bin/wait_on_migrations.py /usr/bin/wait_on_database_migrations.sh export PATH=/usr/local/bin:/usr/bin/ diff --git a/images/assets/set_init_password.sh b/images/assets/set_init_password.sh new file mode 100644 index 00000000..f18c66a2 --- /dev/null +++ b/images/assets/set_init_password.sh @@ -0,0 +1,20 @@ +if [[ -n "$PULP_DEFAULT_ADMIN_PASSWORD" ]] +then + PASSWORD_SET=$(/usr/local/bin/pulpcore-manager shell -c "from django.contrib.auth import get_user_model; print(get_user_model().objects.filter(username=\"admin\").exists())") + if [ "$PASSWORD_SET" = "False" ] + then + /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_DEFAULT_ADMIN_PASSWORD}" + fi +else + ADMIN_PASSWORD_FILE=/etc/pulp/pulp-admin-password + if [[ -f "$ADMIN_PASSWORD_FILE" ]]; then + echo "pulp admin can be initialized." + PULP_ADMIN_PASSWORD=$(cat $ADMIN_PASSWORD_FILE) + fi + + if [ -n "${PULP_ADMIN_PASSWORD}" ]; then + /usr/local/bin/pulpcore-manager reset-admin-password --password "${PULP_ADMIN_PASSWORD}" + fi +fi +set -x + diff --git a/images/assets/wait_on_database_migrations.sh b/images/assets/wait_on_database_migrations.sh index fa653386..20ba5ff9 100755 --- a/images/assets/wait_on_database_migrations.sh +++ b/images/assets/wait_on_database_migrations.sh @@ -16,5 +16,5 @@ while true; do # which is probably because the database is not "up enough" to continue yet. echo "Waiting for migration, last exit code $exit_code" fi - sleep 5 + sleep 30 done diff --git a/images/assets/wait_on_migrations.py b/images/assets/wait_on_migrations.py new file mode 100755 index 00000000..0ff31f42 --- /dev/null +++ b/images/assets/wait_on_migrations.py @@ -0,0 +1,31 @@ +#!/usr/bin/env python3 + +import sys +import time +from django.core.exceptions import AppRegistryNotReady +from django.db import connection +from django.db.migrations.executor import MigrationExecutor + + +def is_database_synced(): + connection.prepare_database() + executor = MigrationExecutor(connection) + targets = executor.loader.graph.leaf_nodes() + return not executor.migration_plan(targets) + + +if __name__ == "__main__": + + print("Waiting for migrations to be done...") + for _ in range(100): + try: + print("Migrations not done yet") + if is_database_synced(): + break + time.sleep(3) + except AppRegistryNotReady: + print("AppRegistryNotReady") + time.sleep(3) + + print("Migrations applied.") + sys.exit(0) diff --git a/images/compose/compose.yml b/images/compose/compose.yml index 6eace6d6..d42eee95 100644 --- a/images/compose/compose.yml +++ b/images/compose/compose.yml @@ -20,6 +20,43 @@ services: timeout: 5s retries: 5 + migration_service: + image: "pulp/pulp-minimal:latest" + depends_on: + postgres: + condition: service_healthy + command: > + sh -c "pulpcore-manager migrate --noinput" + volumes: + - "./assets/settings.py:/etc/pulp/settings.py:z" + - "./assets/certs:/etc/pulp/certs:z" + - "pulp:/var/lib/pulp" + + signing_key_service: + image: "pulp/pulp-minimal:latest" + command: > + sh -c "if [ -n "${PULP_SIGNING_KEY_FINGERPRINT}" ]; then + /usr/local/bin/pulpcore-manager add-signing-service "${COLLECTION_SIGNING_SERVICE}" /var/lib/pulp/scripts/collection_sign.sh "${PULP_SIGNING_KEY_FINGERPRINT}" \ + /usr/local/bin/pulpcore-manager add-signing-service "${CONTAINER_SIGNING_SERVICE}" /var/lib/pulp/scripts/container_sign.sh "${PULP_SIGNING_KEY_FINGERPRINT}" --class container:ManifestSigningService \ + fi" + depends_on: + migration_service: + condition: service_completed_successfully + volumes: + - "./assets/settings.py:/etc/pulp/settings.py:z" + - "./assets/certs:/etc/pulp/certs:z" + - "pulp:/var/lib/pulp" + + admin_password_service: + image: "pulp/pulp-minimal:latest" + command: set_init_password.sh + environment: + PULP_DEFAULT_ADMIN_PASSWORD: password + volumes: + - "./assets/settings.py:/etc/pulp/settings.py:z" + - "./assets/certs:/etc/pulp/certs:z" + - "pulp:/var/lib/pulp" + redis: image: "docker.io/library/redis:latest" volumes: @@ -36,7 +73,9 @@ services: command: ['/usr/bin/nginx.sh'] depends_on: pulp_api: + condition: service_healthy pulp_content: + condition: service_healthy ports: - "8080:8080" hostname: pulp @@ -56,14 +95,16 @@ services: condition: service_healthy postgres: condition: service_healthy + migration_service: + condition: service_completed_successfully + signing_key_service: + condition: service_completed_successfully hostname: pulp-api user: pulp volumes: - "./assets/settings.py:/etc/pulp/settings.py:z" - "./assets/certs:/etc/pulp/certs:z" - "pulp:/var/lib/pulp" - environment: - PULP_DEFAULT_ADMIN_PASSWORD: password restart: always healthcheck: test: [ "CMD-SHELL", "readyz.py /pulp/api/v3/status/" ] @@ -81,6 +122,8 @@ services: condition: service_healthy postgres: condition: service_healthy + migration_service: + condition: service_completed_successfully hostname: pulp-content user: pulp volumes: @@ -104,6 +147,8 @@ services: condition: service_healthy postgres: condition: service_healthy + migration_service: + condition: service_completed_successfully user: pulp volumes: - "./assets/settings.py:/etc/pulp/settings.py:z" diff --git a/images/pulp-minimal/stable/Containerfile.core b/images/pulp-minimal/stable/Containerfile.core index 8adf72d7..c9684cb4 100644 --- a/images/pulp-minimal/stable/Containerfile.core +++ b/images/pulp-minimal/stable/Containerfile.core @@ -27,7 +27,17 @@ RUN pip3 install --upgrade \ # Prevent pip-installed /usr/local/bin/pulp-content from getting run instead of # our /usr/bin/pulp-content script. -RUN rm -f /usr/local/bin/pulp-content +# RUN rm -r /usr/local/bin/pulp-content + +COPY images/assets/readyz.py /usr/bin/readyz.py +COPY images/assets/route_paths.py /usr/bin/route_paths.py +COPY images/assets/wait_on_postgres.py /usr/bin/wait_on_postgres.py +COPY images/assets/wait_on_migrations.py /usr/bin/wait_on_migrations.py +COPY images/assets/wait_on_database_migrations.sh /usr/bin/wait_on_database_migrations.sh +COPY images/assets/set_init_password.sh /usr/bin/set_init_password.sh +COPY images/assets/pulp-api /usr/bin/pulp-api +COPY images/assets/pulp-content /usr/bin/pulp-content +COPY images/assets/pulp-worker /usr/bin/pulp-worker USER pulp:pulp RUN PULP_STATIC_ROOT=/var/lib/operator/static/ PULP_CONTENT_ORIGIN=localhost \