-
Notifications
You must be signed in to change notification settings - Fork 6
SECURITY-36 Mongo3.6/Mongo7 Matrix #484
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
d8a1407
8034faa
9b2c98f
51bd1c4
8f8864f
5d45916
ec06b0e
525344f
8fb34ed
da61226
3393a4d
edbf507
23f0093
46acf64
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| name: Build EE2 Docker Image | ||
|
|
||
| on: | ||
| pull_request | ||
|
|
||
| jobs: | ||
| docker: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - | ||
| name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 | ||
| - | ||
| name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@v3 | ||
| - | ||
| name: Build and push | ||
| uses: docker/build-push-action@v6 | ||
| with: | ||
| push: false | ||
| tags: ee2/test:test | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,57 +2,58 @@ version: "3.1" | |
|
|
||
| services: | ||
|
|
||
| # For Local Dev | ||
| # Requires a ` docker build . -t execution_engine2:test ` | ||
| # Requires a ` make database ` | ||
| ee2: | ||
| image: execution_engine2:test | ||
| command: | ||
| - "-poll" | ||
| - "-template" | ||
| - "/kb/module/build/templates/condor_config.templ:/etc/condor/condor_config" | ||
| - "-template" | ||
| - "/kb/module/test/deploy.cfg:/kb/module/deploy.cfg" | ||
| - "-timeout" | ||
| - "120s" | ||
| - "-wait" | ||
| - "tcp://mongodb:27017" | ||
| - "-stdout" | ||
| - "/kb/deployment/jettybase/logs/request.log" | ||
| - "./scripts/entrypoint.sh" | ||
| entrypoint: [ "dockerize" ] | ||
| depends_on: ["mongodb","condor"] | ||
| environment: | ||
| - POOL_PASSWORD=weakpassword | ||
| env_file: test/deploy.cfg | ||
| volumes: | ||
| - ./:/ee2 | ||
|
|
||
| ee2_with_ssh: | ||
| image: execution_engine2:test | ||
| command: | ||
| - "-poll" | ||
| - "-template" | ||
| - "/kb/module/build/templates/condor_config.templ:/etc/condor/condor_config" | ||
| - "-template" | ||
| - "/kb/module/build/templates/deploy.docker.cfg.templ:/kb/module/deploy.cfg" | ||
| - "-timeout" | ||
| - "120s" | ||
| - "-wait" | ||
| - "tcp://mongodb:27017" | ||
| - "-stdout" | ||
| - "/kb/deployment/jettybase/logs/request.log" | ||
| - "./scripts/entrypoint.sh" | ||
| entrypoint: [ "dockerize" ] | ||
| depends_on: ["mongodb","condor"] | ||
| environment: | ||
| - POOL_PASSWORD=weakpassword | ||
| - LOCAL_DEV=1 | ||
| - KB_DEPLOYMENT_CONFIG=/kb/module/deploy.cfg | ||
| env_file: test/deploy.cfg | ||
| ports: ["23:22","5678:5678"] | ||
| volumes: | ||
| - ./:/ee2 | ||
| - /Users:/Users | ||
| # ee2: | ||
| # image: execution_engine2:test | ||
| # command: | ||
| # - "-poll" | ||
| # - "-template" | ||
| # - "/kb/module/build/templates/condor_config.templ:/etc/condor/condor_config" | ||
| # - "-template" | ||
| # - "/kb/module/test/deploy.cfg:/kb/module/deploy.cfg" | ||
| # - "-timeout" | ||
| # - "120s" | ||
| # - "-wait" | ||
| # - "tcp://mongodb:27017" | ||
| # - "-stdout" | ||
| # - "/kb/deployment/jettybase/logs/request.log" | ||
| # - "./scripts/entrypoint.sh" | ||
| # entrypoint: [ "dockerize" ] | ||
| # depends_on: ["mongodb","condor"] | ||
| # environment: | ||
| # - POOL_PASSWORD=weakpassword | ||
| # env_file: test/deploy.cfg | ||
| # volumes: | ||
| # - ./:/ee2 | ||
| # | ||
| # ee2_with_ssh: | ||
| # image: execution_engine2:test | ||
| # command: | ||
| # - "-poll" | ||
| # - "-template" | ||
| # - "/kb/module/build/templates/condor_config.templ:/etc/condor/condor_config" | ||
| # - "-template" | ||
| # - "/kb/module/build/templates/deploy.docker.cfg.templ:/kb/module/deploy.cfg" | ||
| # - "-timeout" | ||
| # - "120s" | ||
| # - "-wait" | ||
| # - "tcp://mongodb:27017" | ||
| # - "-stdout" | ||
| # - "/kb/deployment/jettybase/logs/request.log" | ||
| # - "./scripts/entrypoint.sh" | ||
| # entrypoint: [ "dockerize" ] | ||
| # depends_on: ["mongodb","condor"] | ||
| # environment: | ||
| # - POOL_PASSWORD=weakpassword | ||
| # - LOCAL_DEV=1 | ||
| # - KB_DEPLOYMENT_CONFIG=/kb/module/deploy.cfg | ||
| # env_file: test/deploy.cfg | ||
| # ports: ["23:22","5678:5678"] | ||
| # volumes: | ||
| # - ./:/ee2 | ||
| # - /Users:/Users | ||
|
|
||
|
|
||
|
|
||
|
|
@@ -146,13 +147,15 @@ services: | |
| ZOOKEEPER_SYNC_LIMIT: 2docker-compose rm | ||
| ZOOKEEPER_SERVERS: zookeeper:12888:13888 | ||
|
|
||
|
|
||
| mongodb: | ||
| image: mongo:7.0 | ||
| image: mongo:${MONGO_VERSION:-7.0} # Use 7.0 as the default if MONGO_VERSION is not set | ||
| environment: | ||
| # provide your credentials here | ||
| - MONGO_INITDB_ROOT_USERNAME=travis | ||
| - MONGO_INITDB_ROOT_PASSWORD=travis | ||
| - MONGO_INITDB_DATABASE=ee2 | ||
| ports: ["27018:27017","27017:27017"] | ||
| ports: | ||
| - "27018:27017" | ||
| - "27017:27017" | ||
| volumes: | ||
| - "./test/dockerfiles/mongo/docker-entrypoint-initdb.d/:/docker-entrypoint-initdb.d/" | ||
| - ${INIT_PATH:-./test/dockerfiles/mongo/docker-entrypoint-initdb.d-7.0/}:/docker-entrypoint-initdb.d/ | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. INIT_PATH got mapped from the host machine into the container. Where are the files inside docker-entrypoint-initdb.d used?
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This allows you to use the docker-compose both locally and in github actions. In github actions, we set the INIT_PATH in the action. These files are used by mongo to create the proper users for testing.
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 👍 |
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| print("Adding travis username to ee2 database for mongo 7.0") | ||
| db = db.getSiblingDB('ee2') | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We don't need this line
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Correct, it causes the init script to fail on mongo7
Collaborator
Author
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Otherwise, I would be able to use the same script for mongo 3.6 and mongo 7, but I cannot. That's the whole point of using 2 different scripts.
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 👍 |
||
| db.createUser( | ||
| { | ||
| user: "travis", | ||
| pwd: "travis", | ||
| roles: [ | ||
| { | ||
| role: "dbOwner", | ||
| db: "ee2" | ||
| } | ||
| ] | ||
| } | ||
| ); | ||
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I copied this directly from https://github.com/docker/build-push-action
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍