feat: dynamicvirtualenv image #2218
Conversation
| # dynamic ve | ||
| cp cert.pem ../../tools/build_virtual_environment/dynamic_ve_base/contents/atsign/root/certs/cert.pem | ||
| cp privkey.pem ../../tools/build_virtual_environment/dynamic_ve_base/contents/atsign/root/certs/privkey.pem | ||
| cp fullchain.pem ../../tools/build_virtual_environment/dynamic_ve_base/contents/atsign/root/certs/fullchain.pem | ||
| cp ../../tools/build_virtual_environment/dynamic_ve_base/contents/atsign/root/certs/*.pem \ | ||
| ../../tools/build_virtual_environment/dynamic_ve_base/contents/atsign/secondary/base/certs/ | ||
|
|
There was a problem hiding this comment.
Also add vip.ve.atsign.zone certs to dynamic_ve image
| strategy: | ||
| matrix: | ||
| include: | ||
| - dir: "ve_base" | ||
| name: "vebase" | ||
| - dir: "dynamic_ve_base" | ||
| name: "dynamicvebase" |
There was a problem hiding this comment.
Using a matrix for ve_base on scheduled workflow
| @@ -0,0 +1,108 @@ | |||
| name: dynamic_vip_rebuild | |||
There was a problem hiding this comment.
separate dynamic vip build because this one is workflow dispatch, so we don't want it to be a matrix with vip_rebuild.
| while read -r line; do | ||
| echo "line: $line" | ||
| ./createConf $line # intentional word splitting | ||
| done <"$config_file" |
There was a problem hiding this comment.
instead of making several inline calls to ./createConf, we read the mounted config file and call createConf for each one.
|
Other than the removed files that are specific to the demo data, if there isn't a comment on the file changes tab, then I've not changed anything (it's a direct copy of the original ve). The only exception is an update to some comments in the Dockerfiles in ea51a93 Edit to this comment, see: #2218 (comment) |
|
Setting to draft, needs more work |
XavierChanth
force-pushed
the
dynamic_ve
branch
from
11c4d21 to
97c8e62
Compare
|
More changes introduced 97c8e62 To fix the lifecycle of setting up the atServers, which can no longer be done during build time, but must be done before starting supervisord. |
| @@ -0,0 +1,11 @@ | |||
| FROM atsigncompany/dynamicvirtualenv:canary | |||
There was a problem hiding this comment.
Do we expect to have canaries for this, or has this just been copied over?
There was a problem hiding this comment.
copied over, I can remove it
| @@ -0,0 +1,32 @@ | |||
| FROM dart:3.6.1@sha256:a071f0322c7c80469842f7c8258de51d1946ba9b79d09bb8fc4dc969487a68ca AS buildimage | |||
There was a problem hiding this comment.
Need to update hash, but also need to add this Dockerfile to Dependabot config
| dart pub update ; \ | ||
| dart compile exe bin/main.dart -o root ; | ||
| # Disabled for dynamic_ve_base | ||
| # cd /app/tools/build_virtual_environment/install_PKAM_Keys ; \ |
There was a problem hiding this comment.
Could we avoid a lot of duplication by having a Dockerfile like this as the new VE base (for both variants) and then have another base image that we build on top of that with this stuff as an extra layer?
There was a problem hiding this comment.
Sure, I can do that. I've put this PR as an item in the next sprint for me to make these changes. For now, this is enough to continue onwards with the demo I'm working on.
- What I did
Why: I need hundreds of atServers that can be setup portably for a demo.
Created a version of virtualenv called dynamicvirtualenv that allows you to mount a config file for the atServers.
The file needs to be mounted at
/mnt/setup/atservers.example file format:
The other main difference to this image is that I've removed the pkamLoad service and the install_PKAM_keys binary since that depends on demo data. All of the pkam keys must be manually setup, but can be easily automated in a simple script (which I plan to develop as part of my demo first).
- How I did it
- How to verify it
- Description for the changelog
feat: dynamicvirtualenv image