Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create docker base image for dd-library-php #2448

Merged
merged 10 commits into from
Jan 15, 2024
Merged

Create docker base image for dd-library-php #2448

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
960f83d
Create docker base image for dd-library-php
robertomonteromiguel Jan 3, 2024
f53d9bc
format
robertomonteromiguel Jan 4, 2024
78bc763
generate arm images
robertomonteromiguel Jan 10, 2024
d3deb5c
fix
robertomonteromiguel Jan 10, 2024
52a99ac
Only x86
robertomonteromiguel Jan 10, 2024
08d315e
fix script
robertomonteromiguel Jan 10, 2024
2042558
fix script...again..
robertomonteromiguel Jan 10, 2024
73a55ce
remove unused code
robertomonteromiguel Jan 10, 2024
a580f84
fix circle system-tests
robertomonteromiguel Jan 10, 2024
3477be8
Merge branch 'master' into robertomonteromiguel/php-library-base-image
robertomonteromiguel Jan 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .circleci/continue_config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3053,7 +3053,7 @@ jobs:
name: Copy .tar.gz file to system test binaries folder
command: |
ls -la build/packages
installable_bundle=$(find build/packages -maxdepth 1 -name 'datadog-php-tracer-*.x86_64.tar.gz' -o -name 'dd-library-php-*-x86_64-linux-gnu.tar.gz' | xargs)
installable_bundle=$(find build/packages -maxdepth 1 -name 'dd-library-php-*-x86_64-linux-gnu.tar.gz' | xargs)
echo using $installable_bundle
cp $installable_bundle build/packages/datadog-setup.php system-tests/binaries/
- run:
Expand Down
17 changes: 11 additions & 6 deletions .gitlab-ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,10 +70,15 @@ tracer-base-image:
stage: deploy
script:
- echo $GH_TOKEN|docker login ghcr.io/datadog -u uploader --password-stdin
- ./tooling/ci/download-binary-php.sh dev
- docker build -t ghcr.io/datadog/dd-trace-php/dd-trace-php:latest_snapshot -f ./tooling/ci/Dockerfile .
- docker push ghcr.io/datadog/dd-trace-php/dd-trace-php:latest_snapshot

#Dev X86
- rm -rf ./tooling/ci/binaries
- ./tooling/ci/download-binary-php.sh dev
- docker buildx build --load --progress=plain --platform linux/amd64 -f ./tooling/ci/Dockerfile -t ghcr.io/datadog/dd-trace-php/dd-library-php:latest_snapshot .
- docker push ghcr.io/datadog/dd-trace-php/dd-library-php:latest_snapshot

#Prod X86
- rm -rf ./tooling/ci/binaries
- ./tooling/ci/download-binary-php.sh prod
- docker build -t ghcr.io/datadog/dd-trace-php/dd-trace-php:latest -f ./tooling/ci/Dockerfile .
- docker push ghcr.io/datadog/dd-trace-php/dd-trace-php:latest
- ./tooling/ci/download-binary-php.sh prod
- docker buildx build --load --progress=plain --platform linux/amd64 -f ./tooling/ci/Dockerfile -t ghcr.io/datadog/dd-trace-php/dd-library-php:latest .
- docker push ghcr.io/datadog/dd-trace-php/dd-library-php:latest
10 changes: 4 additions & 6 deletions tooling/ci/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,13 @@ FROM datadog/dd-appsec-php-ci:php-7.0-release AS php_agent_debug
RUN apt-get update && apt-get install -y jq
COPY ./tooling/ci/ddtrace-info.sh ./tooling/ci/binaries* /binaries/
RUN /binaries/ddtrace-info.sh
RUN php -d error_reporting='' -r 'echo phpversion("ddtrace");' > /binaries/LIBRARY_VERSION
RUN touch -c -a -m -d @0 /binaries/*

FROM scratch as collect
COPY --from=php_agent_debug /binaries/datadog-php-tracer.x86_64.tar.gz /datadog-php-tracer.x86_64.tar.gz
COPY --from=php_agent_debug /binaries/dd-appsec-php-amd64.tar.gz /dd-appsec-php-amd64.tar.gz
COPY --from=php_agent_debug /binaries/dd-library-php-*-gnu.tar.gz /
COPY --from=php_agent_debug /binaries/datadog-setup.php /datadog-setup.php
COPY --from=php_agent_debug /binaries/LIBRARY_VERSION /LIBRARY_VERSION
COPY --from=php_agent_debug /binaries/LIBDDWAF_VERSION /LIBDDWAF_VERSION
COPY --from=php_agent_debug /binaries/APPSEC_EVENT_RULES_VERSION /APPSEC_EVENT_RULES_VERSION
COPY --from=php_agent_debug /binaries/PHP_APPSEC_VERSION /PHP_APPSEC_VERSION

FROM scratch
COPY --from=collect /* /
COPY --from=collect /* /
33 changes: 12 additions & 21 deletions tooling/ci/ddtrace-info.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,19 @@
#!/bin/bash
set -eu

echo "Loading install script"
curl -Lf -o /tmp/dd-library-php-setup.php \
https://raw.githubusercontent.com/DataDog/dd-appsec-php/installer/dd-library-php-setup.php
PKG=$(find /binaries -maxdepth 1 -name 'dd-library-php-*-gnu.tar.gz')
SETUP=/binaries/datadog-setup.php

cd /binaries
if [ "$PKG" != "" ] && [ ! -f "$SETUP" ]; then
echo "local install failed: package located in /binaries but datadog-setup.php not present, please include it."
exit 1
fi

INSTALLER_ARGS=(--tracer-file /binaries/datadog-php-tracer*.tar.gz --appsec-file /binaries/dd-appsec-php-*.tar.gz)
if [ "$PKG" == "" ]; then
unset PKG
fi

PHP_INI_SCAN_DIR="/etc/php" php /tmp/dd-library-php-setup.php \
"${INSTALLER_ARGS[@]}"\
--php-bin all
export PHP_INI_SCAN_DIR="/etc/php"

export DD_APPSEC_ENABLED=1

php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'echo phpversion("ddtrace");' > \
./LIBRARY_VERSION

php -d error_reporting='' -d extension=ddtrace.so -d extension=ddappsec.so -r 'echo phpversion("ddappsec");' > \
./PHP_APPSEC_VERSION

touch LIBDDWAF_VERSION

appsec_version=$(<./PHP_APPSEC_VERSION)
rule_file="/opt/datadog/dd-library/appsec-${appsec_version}/etc/dd-appsec/recommended.json"
jq -r '.metadata.rules_version // "1.2.5"' "${rule_file}" > APPSEC_EVENT_RULES_VERSION
echo "Installing php package ${PKG-"{default}"} with setup script $SETUP"
php $SETUP --php-bin=all ${PKG+"--file=$PKG"}
9 changes: 5 additions & 4 deletions tooling/ci/download-binary-php.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
VERSION=${1:-'dev'}
PLATFORM=${2:-'x86_64'}

echo "Load $VERSION binary "

Expand All @@ -9,11 +10,11 @@ cd tooling/ci/binaries
source /download-binary-tracer.sh

if [ $VERSION = 'dev' ]; then
get_circleci_artifact "gh/DataDog/dd-trace-php" "build_packages" "package extension" "datadog-php-tracer-.*.x86_64.tar.gz" "datadog-php-tracer.x86_64.tar.gz"
get_github_action_artifact "DataDog/dd-appsec-php" "package.yml" "master" "dd-appsec-php-*-amd64.tar.gz" "dd-appsec-php-amd64.tar.gz"
get_circleci_artifact "gh/DataDog/dd-trace-php" "build_packages" "package extension" "dd-library-php-.*-$PLATFORM-linux-gnu.tar.gz" "dd-library-php-$PLATFORM-linux-gnu.tar.gz"
get_circleci_artifact "gh/DataDog/dd-trace-php" "build_packages" "package extension" "datadog-setup.php" "datadog-setup.php"
elif [ $VERSION = 'prod' ]; then
get_github_release_asset "DataDog/dd-trace-php" "datadog-php-tracer-.*.x86_64.tar.gz" "datadog-php-tracer.x86_64.tar.gz"
get_github_release_asset "DataDog/dd-appsec-php" "dd-appsec-php-.*-amd64.tar.gz" "dd-appsec-php-amd64.tar.gz"
get_github_release_asset "DataDog/dd-trace-php" "dd-library-php-.*-$PLATFORM-linux-gnu.tar.gz" "dd-library-php-$$PLATFORM-linux-gnu.tar.gz"
get_github_release_asset "DataDog/dd-trace-php" "datadog-setup.php" "datadog-setup.php"
else
echo "Don't know how to load version $VERSION for $TARGET"
fi
Loading