diff --git a/Dockerfile b/Dockerfile index 24ebdfb..bf8ec73 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,28 +1,32 @@ FROM debian:11 RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get update && apt-get upgrade -y && \ apt-get install -y \ cl-quicklisp \ default-libmysqlclient-dev \ git \ kubernetes-client -RUN mkdir -p /srv/phabricator /opt/forgerie RUN useradd -md /srv/forgerie -s /bin/bash forgerie +RUN mkdir -p /srv/phabricator /opt/forgerie /srv/forgerie/bin COPY docker/.sbclrc /srv/forgerie/.sbclrc +COPY docker/entrypoint.sh /srv/forgerie/bin/entrypoint.sh +COPY docker/ssh /srv/forgerie/.ssh RUN chown -R forgerie:forgerie /srv/forgerie /opt/forgerie USER forgerie WORKDIR /srv/forgerie # install quicklisp and pulls core dependencies for it to run properly RUN sbcl --no-sysinit --no-userinit --noprint \ --load /usr/share/common-lisp/source/quicklisp/quicklisp.lisp \ --eval '(quicklisp-quickstart:install :path "quicklisp")' \ --quit # to install and configure quicklisp COPY . /opt/forgerie ENV FORGERIE_PATH=/opt/forgerie/ # install quicklisp and pulls core dependencies for it to run properly RUN sbcl --quit + +ENTRYPOINT [ "/srv/forgerie/bin/entrypoint.sh" ] diff --git a/docker/.gitignore b/docker/.gitignore new file mode 100644 index 0000000..28581d6 --- /dev/null +++ b/docker/.gitignore @@ -0,0 +1 @@ +/ssh/id_ed25519* diff --git a/docker/README.md b/docker/README.md index 3e9c0c4..ae1dccf 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,19 +1,56 @@ # Build ``` $ name=forgerie $ docker build -t $name . ``` # Run script(s) Edit /docker/config.lisp according to your runtime requirements, then run: ``` -$ docker run -it $name \ - -v /path/to/clone/forgerie/docker:/opt/forgerie/config \ - $script +$ cd forgerie +$ docker run \ + -v $PWD/../forgerie:/opt/forgerie/ \ + -v $PWD/docker/ssh:/srv/forgerie/.ssh \ + -v /srv/phabricator:/srv/phabricator \ + -v ~/.kube:/srv/forgerie/.kube \ + -v /var/tmp/migrate-gitlab/forgerie:/tmp/forgerie \ + --name forgerie --net=host -it forgerie ``` -for script in /opt/forgerie/bin/{build-config-tmpl, run, postmortem} +# postmortem +After a crash, connect to the container with `docker exec` and execute +`/opt/forgerie/bin/postmortem`. +# ssh configuration + +An ssh key pair is required for git commands to push repositories to migrate to the +gitlab instance. So first generate the keypair, then report such configuration in the +forgerie `config.lisp` (to make the migration script aware of it). + +## Key generation + +From your machine from the top-level of this repository: +``` +ssh-keygen -t ed25519 -f ./docker/ssh/id_ed25519 -N "" +``` + +or from the container: +``` +ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519 -N "" +``` + + +## config.lisp + +We need the key to be loaded by the routine, so edit the `config.lisp` (copied out of +the template `config.lisp.tmpl`) with the following: + +``` +(with-open-file (file #P"/srv/forgerie/.ssh/id_ed25519.pub" :if-does-not-exist nil) + (when file + (setf forgerie-gitlab:*ssh-public-key* (read-line file nil nil)))) +``` +Note: `~` is `/srv/forgerie` in the docker context diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh new file mode 100755 index 0000000..83bdc74 --- /dev/null +++ b/docker/entrypoint.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +logpath="/tmp/forgerie/run-$(date +%Y%m%d-%H%M).log"; +echo "## Running migration logs in $logpath ##"; + +time /opt/forgerie/bin/run | tee $logpath diff --git a/docker/ssh/config b/docker/ssh/config new file mode 100644 index 0000000..fed5492 --- /dev/null +++ b/docker/ssh/config @@ -0,0 +1,6 @@ +Host gitlab-staging.swh.network + User git + IdentitiesOnly yes + IdentityFile ~/.ssh/id_ed25519 + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null