Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Init and minio #1662

Merged
merged 12 commits into from
Jun 2, 2022
Merged

Init and minio #1662

merged 12 commits into from
Jun 2, 2022

Conversation

ryanmelt
Copy link
Contributor

@ryanmelt ryanmelt commented Jun 1, 2022

Merge init containers and make minio into its own versioned container

@ryanmelt ryanmelt requested a review from a user June 1, 2022 02:54
@codecov
Copy link

codecov bot commented Jun 1, 2022
edited
Loading

Codecov Report

Merging #1662 (4da81ad) into master (272912f) will decrease coverage by 0.01%.
The diff coverage is n/a.

❗ Current head 4da81ad differs from pull request most recent head 6b2d83b. Consider uploading reports for the commit 6b2d83b to get more accurate results

@@            Coverage Diff             @@
##           master    #1662      +/-   ##
==========================================
- Coverage   77.89%   77.88%   -0.02%     
==========================================
  Files         234      232       -2     
  Lines       18183    18143      -40     
==========================================
- Hits        14163    14130      -33     
+ Misses       4020     4013       -7
Impacted Files Coverage Δ
config/routes.rb 100.00% <0.00%> (ø)
app/controllers/completed_script_controller.rb
app/models/completed_script.rb

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 272912f...6b2d83b. Read the comment docs.

jmthomas
jmthomas approved these changes Jun 1, 2022
View reviewed changes
cosmos-traefik/Dockerfile-dev Outdated
@@ -1,3 +1,8 @@
FROM traefik:2.4.13
FROM traefik:2.6.6
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change to 2.7.0 to match Dockerfile

cosmos-traefik/Dockerfile-dev-base Outdated
@@ -1,3 +1,8 @@
FROM traefik:2.4.13
FROM traefik:2.6.6
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change to 2.7.0 to match Dockerfile

cosmos-init/plugins/cosmosc2-tool-base/src/index-allow-http.ejs
@@ -0,0 +1,99 @@
<!DOCTYPE html>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where did this file come from?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a file you can optionally use in the traefik config to allow regular http

compose.yaml
# - "${PWD}/cosmos-traefik/traefik-ssl.yaml:/etc/traefik/traefik.yaml"
# - "${PWD}/cosmos-traefik/traefik-letsencrypt.yaml:/etc/traefik/traefik.yaml"
# - "${PWD}/cosmos-traefik/cert.key:/etc/traefik/cert.key"
# - "${PWD}/cosmos-traefik/cert.crt:/etc/traefik/cert.crt"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these just commented out examples for future users?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I'll be writing directions in cosmosc2-project to use each of these.

.github/workflows/playwright.yml Outdated
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
category: traefik
Copy link
Contributor

@jmthomas jmthomas Jun 1, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Merge master and get all my new container scan logic. I use a matrix to avoid duplication.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way you did it doesn't work unfortunately. Each "job" is a seperate virtual machine, so the local Docker images aren't available from the cosmos-build job to the playwright and scan jobs. It was always just using the "latest" from Docker Hub. Had to combine into one job.

compose.yaml
SSL_CERT_FILE: "/devel/cacert.pem"
CURL_CA_BUNDLE: "/devel/cacert.pem"
REQUESTS_CA_BUNDLE: "/devel/cacert.pem"
NODE_EXTRA_CA_CERTS: "/devel/cacert.pem"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why all the new CERT lines?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These make local SSL configurations work in each container if you just volume mount in the correct cacert.pem file.

@ryanmelt ryanmelt merged commit a3beac1 into master Jun 2, 2022
@ryanmelt ryanmelt deleted the init_and_minio branch June 2, 2022 03:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmthomas jmthomas jmthomas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ryanmelt @jmthomas