Skip to content

first part of changes for OpenShift compatibility #757

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 3, 2024
Merged

first part of changes for OpenShift compatibility #757

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c1785b5
first part of changes for OpenShift compatibility
sseide Mar 15, 2024
190f715
supervisord and docker changes for OpenShift compatibility
sseide Apr 22, 2024
13ead68
Merge branch 'dev' into openshift-compatibility
sseide Apr 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions deploy/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ RUN chmod +x /lowcoder/api-service/*.sh
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-api-service --target lowcoder-ce-api-service .
##
FROM eclipse-temurin:17-jammy as lowcoder-ce-api-service
FROM eclipse-temurin:17-jammy AS lowcoder-ce-api-service
LABEL maintainer="lowcoder"

RUN apt-get update && apt-get install -y --no-install-recommends gosu \
Expand All @@ -51,7 +51,7 @@ CMD [ "sh" , "/lowcoder/api-service/entrypoint.sh" ]
##
## Build lowcoder node service
##
FROM ubuntu:jammy as build-node-service
FROM ubuntu:jammy AS build-node-service

RUN apt update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y curl ca-certificates build-essential gnupg

Expand Down Expand Up @@ -82,7 +82,7 @@ RUN chmod +x /lowcoder/node-service/*.sh
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-node-service --target lowcoder-ce-node-service .
##
FROM ubuntu:jammy as lowcoder-ce-node-service
FROM ubuntu:jammy AS lowcoder-ce-node-service
LABEL maintainer="lowcoder"

RUN apt update && DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y curl ca-certificates gnupg
Expand Down Expand Up @@ -133,7 +133,7 @@ RUN yarn build
## To create a separate image out of it, build it with:
## DOCKER_BUILDKIT=1 docker build -f deploy/docker/Dockerfile -t lowcoderorg/lowcoder-ce-frontend --target lowcoder-ce-frontend .
##
FROM nginx:1.25.1 as lowcoder-ce-frontend
FROM nginx:1.25.1 AS lowcoder-ce-frontend
LABEL maintainer="lowcoder"

# Change default nginx user into lowcoder user and remove default nginx config
Expand Down Expand Up @@ -198,7 +198,9 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install --no-instal
openjdk-17-jdk-headless \
&& npm install -g yarn \
&& rm -rf /var/cache/apt/lists \
&& mkdir -p /lowcoder/assets
&& mkdir -p /lowcoder/assets \
&& apt-get clean \
&& rm -rf /tmp/*

# Add lowcoder api-service
COPY --chown=lowcoder:lowcoder --from=lowcoder-ce-api-service /lowcoder/api-service /lowcoder/api-service
Expand Down
21 changes: 15 additions & 6 deletions deploy/docker/all-in-one/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,19 @@ export USER_ID=${LOWCODER_PUID:=9001}
export GROUP_ID=${LOWCODER_PGID:=9001}

# Update ID of lowcoder user if required
if [ ! `id --user lowcoder` -eq ${USER_ID} ]; then
if [ ! "$(id --user lowcoder)" -eq ${USER_ID} ]; then
usermod --uid ${USER_ID} lowcoder
echo "ID for lowcoder user changed to: ${USER_ID}"
fi;

# Update ID of lowcoder group if required
if [ ! `id --group lowcoder` -eq ${GROUP_ID} ]; then
if [ ! "$(id --group lowcoder)" -eq ${GROUP_ID} ]; then
groupmod --gid ${GROUP_ID} lowcoder
echo "ID for lowcoder group changed to: ${GROUP_ID}"
fi;

# Update host on which mongo is supposed to listen
# If LOWCODER_MONGODB_EXPOSED is true, it will isten on all interfaces
# If LOWCODER_MONGODB_EXPOSED is true, it will listen on all interfaces
if [ "${LOWCODER_MONGODB_EXPOSED}" = "true" ]; then
export MONGO_LISTEN_HOST="0.0.0.0"
else
Expand All @@ -38,8 +38,10 @@ mkdir -p ${LOGS}/redis \
${DATA}/mongodb \
${CERT}

# Update owner of logs and data
chown -R ${USER_ID}:${GROUP_ID} /lowcoder-stacks/ /lowcoder/etc
# Update owner of logs and data - do not try if not running as root (OpenShift)
if [ "$(id -u)" -eq 0 ]; then
chown -R "${USER_ID}:${GROUP_ID}" /lowcoder-stacks/ /lowcoder/etc
fi

# Enable services
SUPERVISOR_AVAILABLE="/lowcoder/etc/supervisord/conf-available"
Expand Down Expand Up @@ -73,8 +75,15 @@ fi;

# Enable frontend if configured to run
if [ "${LOWCODER_FRONTEND_ENABLED:=true}" = "true" ]; then
ln ${SUPERVISOR_AVAILABLE}/20-frontend.conf ${SUPERVISOR_ENABLED}/20-frontend.conf
ln ${SUPERVISOR_AVAILABLE}/20-frontend.conf ${SUPERVISOR_ENABLED}/20-frontend.conf
fi;

# disable user directive if image is running non-root (Openshift)
if [ "$(id -u)" -ne 0 ]; then
for i in "${SUPERVISOR_ENABLED}"/*.conf; do
sed -Ei 's/^\s*user=.*$//' "$i"
done
fi

# Handle CMD command
"$@"
17 changes: 11 additions & 6 deletions deploy/docker/api-service/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,8 @@ export GROUP_ID="${LOWCODER_PGID:=9001}"
echo "Initializing api-service..."
/lowcoder/api-service/init.sh

if [ -z $JAVA_HOME ]; then
JAVA_HOME=`dirname $(dirname $(readlink -f $(which javac)))`
if [ -z "$JAVA_HOME" ]; then
JAVA_HOME=$(dirname "$(dirname "$(readlink -f "$(which javac)")")")
fi;
APP_JAR="${APP_JAR:=/lowcoder/api-service/server.jar}"
JAVA_OPTS="${JAVA_OPTS:=}"
Expand All @@ -19,15 +19,20 @@ CONTEXT_PATH=${CONTEXT_PATH:=/}

echo
echo "Running lowcoder api-server with:"
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
echo " base path: ${CONTEXT_PATH}"

if [ "$(id -u)" -eq 0 ]; then
# only use su if its possible, suppress for containers running non-root
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
GOSU="gosu ${USER_ID}:${GROUP_ID}"
fi
echo
${JAVA_HOME}/bin/java -version
"${JAVA_HOME}/bin/java" -version
echo

cd /lowcoder/api-service
exec gosu ${USER_ID}:${GROUP_ID} ${JAVA_HOME}/bin/java \
exec $GOSU "${JAVA_HOME}/bin/java" \
-Djava.security.egd=file:/dev/./urandom \
-Dhttps.protocols=TLSv1.1,TLSv1.2 \
-Dlog4j2.formatMsgNoLookups=true \
Expand Down
11 changes: 7 additions & 4 deletions deploy/docker/node-service/entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,12 @@ cd /lowcoder/node-service/app
echo
echo "Running Lowcoder node-service with:"
echo " API service host: ${API_HOST}"
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
if [ "$(id -u)" -eq 0 ]; then
# only use su if its possible, suppress for containers running non-root
echo " user id: ${USER_ID}"
echo " group id: ${GROUP_ID}"
GOSU="gosu ${USER_ID}:${GROUP_ID}"
fi
echo

exec gosu ${USER_ID}:${GROUP_ID} yarn start

exec $GOSU yarn start