[Bps-public-commit] docker-rt-base branch buster created. 8c39059223991db08baf0e9cc78607abda4d7a33

BPS Git Server git at git.bestpractical.com
Fri Dec 17 13:38:06 UTC 2021


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "docker-rt-base".

The branch, buster has been created
        at  8c39059223991db08baf0e9cc78607abda4d7a33 (commit)

- Log -----------------------------------------------------------------
commit 8c39059223991db08baf0e9cc78607abda4d7a33
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 21:22:09 2021 -0500

    Make the default CMD print an autobundle
    
    As discussed in the README, this is primarily just to give you a simple
    report of installed module versions that you can use to compare
    different builds. While it is not the most useful thing you can do with
    this image, I think it's the most useful thing we can do as a default
    command. Other tasks like running RT tests require additional setup like
    injecting source code into the container somehow, etc.

diff --git a/Dockerfile b/Dockerfile
index 9216aa8..31c34ac 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -74,4 +74,4 @@ RUN cd /tmp \
   | xargs -d\\n --exit --verbose cpm install --global --no-prebuilt --test --with-all --show-build-log-on-failure \
  && rm -rf cpanfile ~/.perl-cpm
 
-CMD tail -f /dev/null
+CMD cpan -a </dev/null >/dev/null && cat ~/.cpan/Bundle/Snapshot_*.pm
diff --git a/README b/README
index 1a3e54c..aca812c 100644
--- a/README
+++ b/README
@@ -62,6 +62,13 @@ most of its databases and optional features. If you wanted to run RT in
 Docker in production, you would probably prefer to be more selective about
 what you install, and build a slimmer image.
 
+When you run this container, by default it prints a list all the Perl
+modules it contains, along with their versions, in the CPAN "autobundle"
+format. This is primarily intended to provide an easy way to compare the
+main differences in built images over time. You could also use it to deploy
+the exact same set of modules on a different distribution or architecture if
+needed.
+
 Thanks to Christian Loos (GitHub:@cloos) for publishing RT docker examples.
 
 Instructions for updating: https://docs.docker.com/docker-hub/repos/
commit e0510fb90d856adbd2b006e6cbc77ef346baeb33
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 19:57:13 2021 -0500

    Upgrade to buster

diff --git a/Dockerfile b/Dockerfile
index 935e4da..9216aa8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:stretch-slim
+FROM debian:buster-slim
 
 LABEL maintainer="Best Practical Solutions <contact at bestpractical.com>"
 
@@ -16,6 +16,7 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     ca-certificates \
     curl \
     git \
+    gnupg \
     graphviz \
     # The Perl getaddrinfo tests rely on /etc/services, provided by netbase.
     netbase \
@@ -31,12 +32,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     libz-dev \
 && rm -rf /var/lib/apt/lists/*
 
-# Install from backports to get newer gpg
-RUN echo 'deb http://deb.debian.org/debian stretch-backports main' > /etc/apt/sources.list.d/backports.list
-RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backports install -y --no-install-recommends \
-    gnupg \
-&& rm -rf /var/lib/apt/lists/*
-
 RUN cd /usr/local/src \
  && curl --fail --location "https://www.cpan.org/src/5.0/perl-$PERL_VERSION.tar.gz" \
   | tar -xz \
commit 8c3756bb3ff076a4a0ed280e5eb0df1191254bad
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 19:52:41 2021 -0500

    Build Perl from source and use it
    
    This gets us a few things:
    
    * It lets us test different Perl versions from the same base
      Dockerfile.
    
    * It lets us package and ship /opt/perl from the built image as a
      deployment strategy. The result will include Perl itself and all of
      RT's base dependencies.
    
    With this change, the IPC::Run special case is no longer necessary, so
    remove it.

diff --git a/Dockerfile b/Dockerfile
index a1b37eb..935e4da 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,6 +4,9 @@ LABEL maintainer="Best Practical Solutions <contact at bestpractical.com>"
 
 ARG CPANFILE=https://raw.githubusercontent.com/bestpractical/rt/stable/etc/cpanfile
 ARG CPM=https://git.io/cpm
+ARG PERL_VERSION=5.32.1
+ARG PERL_CONFIGURE="-des"
+ARG PERL_PREFIX="/opt/perl-$PERL_VERSION"
 
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
     apache2 \
@@ -14,7 +17,8 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     curl \
     git \
     graphviz \
-    perl-doc \
+    # The Perl getaddrinfo tests rely on /etc/services, provided by netbase.
+    netbase \
     w3m \
     # RT core dependencies
     libapache2-mod-fcgid \
@@ -33,12 +37,36 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backport
     gnupg \
 && rm -rf /var/lib/apt/lists/*
 
-RUN curl --fail --location --compressed -o /usr/local/bin/cpm "$CPM" \
- && chmod a+rx /usr/local/bin/cpm
+RUN cd /usr/local/src \
+ && curl --fail --location "https://www.cpan.org/src/5.0/perl-$PERL_VERSION.tar.gz" \
+  | tar -xz \
+ && cd "perl-$PERL_VERSION" \
+ # termios.t tests that tcdrain, tcflow, tcflush, and tcsendbreak all return
+ # ENOTTY on a regular file.
+ # The underlying ioctls are not implemented on podman 3.0
+ # (probably runc/libcontainer) and return ENOSYS instead.
+ # This sed simply deletes those tests as a hacky workaround for now,
+ # since returning ENOSYS is legitimate.
+ && sed -i '/^is(tc/ , /^$/ d' ext/POSIX/t/termios.t \
+ && ./Configure -Dprefix="$PERL_PREFIX" $PERL_CONFIGURE \
+ # The Net::Ping tests assume they can construct arbitrary packets when $< is 0.
+ # This assumption is false when tests are running in a user namespace
+ # (e.g., podman) or otherwise without the CAP_NET_RAW capability.
+ # See <https://rt.cpan.org/Ticket/Display.html?id=139820>.
+ # Run tests as nobody to force $< to be nonzero.
+ && chown -R nobody: . \
+ # The command: su -s /bin/sh -c "…" nobody
+ # is just the sudo-less version of: sudo -u nobody …
+ && su -s /bin/sh -c "make test" nobody \
+ && make install \
+ && cd /opt \
+ && ln -s "$PERL_PREFIX" perl \
+ && rm -rf "/usr/local/src/perl-$PERL_VERSION"
 
-# A lot of tests rely on a newer IPC::Run and can fail if it's not upgraded
-# beforehand. Install it first to prevent trouble later.
-RUN cpm install --global --no-prebuilt --test --with-all --show-build-log-on-failure IPC::Run && rm -rf ~/.perl-cpm
+ENV PATH="/opt/perl/bin:$PATH"
+
+RUN curl --fail --location --compressed -o /opt/perl/bin/cpm "$CPM" \
+ && chmod a+rx /opt/perl/bin/cpm
 
 RUN cd /tmp \
  && curl --fail --location --compressed -o cpanfile "$CPANFILE" \
diff --git a/README b/README
index 0ed9c76..1a3e54c 100644
--- a/README
+++ b/README
@@ -3,6 +3,8 @@ This repo defines a base Docker image to use for testing Request Tracker
 
 * installs required C libraries and build tools from a distribution
 
+* builds Perl from source and runs its tests
+
 * installs cpm and uses it to install most of RT's dependencies, and run their tests
 
 After you build this image, you can use it to:
@@ -14,9 +16,10 @@ After you build this image, you can use it to:
   distribution and architecture, to save build time while maintaining
   confidence that it has all passed testing
 
-To help you tailor the image to RT version you're targeting, you can pass
-build arguments to control what is built inside of it. The available
-arguments are:
+To help you tailor the image to versions of Perl and RT you're targeting,
+and any future deployments you plan to do from that, you can pass build
+arguments to control what is built inside of it. The available arguments
+are:
 
 * CPANFILE: The URL to RT's cpanfile. The Dockerfile runs cpm to install
   most of the modules named in this file, with some additional parsing to
@@ -28,6 +31,30 @@ arguments are:
 * CPM: The URL to the single-file script download published by cpm. You
   should only need to set this if cpm moves or if you can't access GitHub.
 
+* PERL_VERSION: The version of Perl that is built, tested, and installed in
+  the image, written in the same format used in the source releases, like
+  `5.34.0`. The default is a release that was recently stable last time we
+  updated the Dockerfile.
+
+* PERL_CONFIGURE: A string of options passed the Perl's configure script
+  during the build process. The default is `-des`, which gets you a default
+  build without any interaction. You could change this to set specific
+  defines, turn on experimental features, etc.
+
+  Don't specify `-Dprefix` here. For that, use:
+
+* PERL_PREFIX: The full path where Perl will be installed inside the
+  container. Default is `/opt/perl-$PERL_VERSION`. You could change this is
+  if you wanted to use a different path for deployments out of the image.
+
+For routine builds, the only argument you're expected to set is
+PERL_VERSION, which you should set to a recent release.
+
+If you specifically want to test older or development versions of Perl
+and/or RT, you can do that by setting PERL_VERSION and CPANFILE,
+respectively. Testing development versions of Perl may require setting
+PERL_CONFIGURE as well.
+
 Because it is oriented towards testing and broader deployment, this Docker
 image contains a relatively "maximal" set of dependencies. It installs all
 of the modules required to support RT's tests, development features, and
commit d4a02c158a8e75e1ab375f612074da059c5e475b
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 18:37:20 2021 -0500

    Install all Perl dependencies from CPAN
    
    This does a few things for us:
    
    * It removes the need to maintain a separate list of dependencies
      by hand.
    
    * It lets us test with modules that are more recent than the
      distribution provides.
    
    * It makes it easy to include dependencies for different RT
      configurations, so the built image is usable for a wider variety
      of tests.
    
    Implementing this with cpm helps speed up the build.

diff --git a/Dockerfile b/Dockerfile
index 89a21c3..a1b37eb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,115 +2,29 @@ FROM debian:stretch-slim
 
 LABEL maintainer="Best Practical Solutions <contact at bestpractical.com>"
 
+ARG CPANFILE=https://raw.githubusercontent.com/bestpractical/rt/stable/etc/cpanfile
+ARG CPM=https://git.io/cpm
+
 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
     apache2 \
-    cpanminus \
+    autoconf \
+    build-essential \
+    # curl needs CA certificates to verify the authenticity of downloads.
+    ca-certificates \
     curl \
     git \
-    # RT core dependencies
-    libapache2-mod-fcgid \
-    libapache-session-perl \
-    libbusiness-hours-perl \
-    libcgi-emulate-psgi-perl \
-    libcgi-psgi-perl \
-    libconvert-color-perl \
-    libcrypt-eksblowfish-perl \
-    libcrypt-ssleay-perl \
-    libcrypt-x509-perl \
-    libcss-minifier-xs-perl \
-    libcss-squish-perl \
-    libdata-guid-perl \
-    libdata-ical-perl \
-    libdata-page-pageset-perl \
-    libdata-page-perl \
-    libdate-extract-perl \
-    libdate-manip-perl \
-    libdatetime-format-natural-perl \
-    libdbd-sqlite3-perl \
-    libdevel-globaldestruction-perl \
-    libemail-address-list-perl \
-    libemail-address-perl \
-    libencode-perl \
-    libfcgi-perl \
-    libfcgi-procmanager-perl \
-    libfile-sharedir-install-perl \
-    libfile-sharedir-perl \
-    libgd-graph-perl \
-    libgraphviz-perl \
-    libhtml-formattext-withlinks-andtables-perl \
-    libhtml-formattext-withlinks-perl \
-    libhtml-mason-perl  \
-    libhtml-mason-psgihandler-perl \
-    libhtml-quoted-perl \
-    libhtml-rewriteattributes-perl \
-    libhtml-scrubber-perl  \
-    libipc-run3-perl \
-    libipc-signal-perl \
-    libjavascript-minifier-xs-perl \
-    libjson-perl \
-    liblocale-maketext-fuzzy-perl \
-    liblocale-maketext-lexicon-perl \
-    liblog-dispatch-perl \
-    libmailtools-perl \
-    libmime-tools-perl \
-    libmime-types-perl \
-    libmodule-refresh-perl \
-    libmodule-signature-perl \
-    libmodule-versions-report-perl \
-    libnet-cidr-perl \
-    libnet-ip-perl \
-    libparallel-forkmanager-perl \
-    libplack-perl \
-    libregexp-common-net-cidr-perl \
-    libregexp-common-perl \
-    libregexp-ipv6-perl \
-    librole-basic-perl \
-    libscope-upper-perl \
-    libserver-starter-perl \
-    libsymbol-global-name-perl \
-    libterm-readkey-perl  \
-    libtext-password-pronounceable-perl \
-    libtext-quoted-perl \
-    libtext-template-perl \
-    libtext-wikiformat-perl  \
-    libtext-wrapper-perl \
-    libtime-modules-perl \
-    libtree-simple-perl  \
-    libuniversal-require-perl \
-    libxml-rss-perl \
+    graphviz \
     perl-doc \
-    starlet \
     w3m \
-    # RT developer dependencies
-    libemail-abstract-perl \
-    libfile-which-perl \
-    liblocale-po-perl \
-    liblog-dispatch-perl-perl \
-    libmojolicious-perl \
-    libperlio-eol-perl \
-    libplack-middleware-test-stashwarnings-perl \
-    libset-tiny-perl \
-    libstring-shellquote-perl \
-    libtest-deep-perl \
-    libtest-email-perl \
-    libtest-expect-perl \
-    libtest-longstring-perl \
-    libtest-mocktime-perl \
-    libtest-nowarnings-perl \
-    libtest-pod-perl \
-    libtest-warn-perl \
-    libtest-www-mechanize-perl \
-    libtest-www-mechanize-psgi-perl \
-    libwww-mechanize-perl \
-    libxml-simple-perl \
-    autoconf \
-    libnet-ldap-server-test-perl \
-    libencode-hanextra-perl \
-    build-essential \
-    libhtml-formatexternal-perl \
-    libtext-worddiff-perl \
-    libdbd-mysql-perl \
+    # RT core dependencies
+    libapache2-mod-fcgid \
+    libexpat-dev \
+    libgd-dev \
+    libmariadb-dev \
+    libmariadb-dev-compat \
     libpq-dev \
+    libssl-dev \
+    libz-dev \
 && rm -rf /var/lib/apt/lists/*
 
 # Install from backports to get newer gpg
@@ -119,33 +33,22 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backport
     gnupg \
 && rm -rf /var/lib/apt/lists/*
 
-RUN cpanm \
-  # RT dependencies
-  # Install Module::Install first because after perl 5.26 "." fails to find
-  # it in inc for older modules.
-  Module::Install \
-  Email::Address \
-  Email::Address::List \
-  Mozilla::CA \
-  Encode::Detect::Detector \
-  HTML::Gumbo \
-  GnuPG::Interface \
-  Module::Path \
-  Moose \
-  MooseX::NonMoose \
-  MooseX::Role::Parameterized \
-  Path::Dispatcher \
-  Web::Machine \
-  capitalization \
-  DBIx::SearchBuilder \
-  Parallel::ForkManager \
-  # DBD::Pg version 3.15 fails tests when run as root. There is a merged fix
-  # in github, but it is not yet released. Assuming it is released in 3.16,
-  # it shouldn't be an issue after that. Until then, this can be installed
-  # by passing --notest to cpanm for DBD::Pg.
-  DBD::Pg \
-  # RT extension development dependencies
-  ExtUtils::MakeMaker \
-&& rm -rf /root/.cpanm
+RUN curl --fail --location --compressed -o /usr/local/bin/cpm "$CPM" \
+ && chmod a+rx /usr/local/bin/cpm
+
+# A lot of tests rely on a newer IPC::Run and can fail if it's not upgraded
+# beforehand. Install it first to prevent trouble later.
+RUN cpm install --global --no-prebuilt --test --with-all --show-build-log-on-failure IPC::Run && rm -rf ~/.perl-cpm
+
+RUN cd /tmp \
+ && curl --fail --location --compressed -o cpanfile "$CPANFILE" \
+ # 1. Find all the features named in RT's cpanfile.
+ # 2. Filter out the ones named in the regexp test against $2.
+ # 3. Print corresponding `--feature=name` options for cpm.
+ # 4. Run cpm with those options, along with a baseline set,
+ #    to test and install all dependencies needed to run RT's tests.
+ && awk '($1 == "feature" && $2 !~ /(modperl1|oracle)/) { print "--feature=" substr($2, 2, length($2) - 2) }' cpanfile \
+  | xargs -d\\n --exit --verbose cpm install --global --no-prebuilt --test --with-all --show-build-log-on-failure \
+ && rm -rf cpanfile ~/.perl-cpm
 
 CMD tail -f /dev/null
diff --git a/README b/README
index 17d486f..0ed9c76 100644
--- a/README
+++ b/README
@@ -1,8 +1,39 @@
-This repo defines a base docker image to use for testing Request Tracker (RT).
+This repo defines a base Docker image to use for testing Request Tracker
+(RT) and its dependencies. It:
 
-It is intended only for testing but might be used as a base example for
-other deployments of RT with docker. Since it is used for testing, it
-includes development dependencies that are not needed for production RT deployments.
+* installs required C libraries and build tools from a distribution
+
+* installs cpm and uses it to install most of RT's dependencies, and run their tests
+
+After you build this image, you can use it to:
+
+* run the test suite for RT and its extensions (the Dockerfile and
+  GitHub Actions in the RT repository provides examples of this)
+
+* deploy the stack of dependencies to other hosts running the same
+  distribution and architecture, to save build time while maintaining
+  confidence that it has all passed testing
+
+To help you tailor the image to RT version you're targeting, you can pass
+build arguments to control what is built inside of it. The available
+arguments are:
+
+* CPANFILE: The URL to RT's cpanfile. The Dockerfile runs cpm to install
+  most of the modules named in this file, with some additional parsing to
+  select most optional features. The default is to use the cpanfile from the
+  current stable RT release available on GitHub. You can use a different URL
+  to use the cpanfile from a different RT version (e.g., replace `stable` in
+  the default URL with a different tag name).
+
+* CPM: The URL to the single-file script download published by cpm. You
+  should only need to set this if cpm moves or if you can't access GitHub.
+
+Because it is oriented towards testing and broader deployment, this Docker
+image contains a relatively "maximal" set of dependencies. It installs all
+of the modules required to support RT's tests, development features, and
+most of its databases and optional features. If you wanted to run RT in
+Docker in production, you would probably prefer to be more selective about
+what you install, and build a slimmer image.
 
 Thanks to Christian Loos (GitHub:@cloos) for publishing RT docker examples.
 
commit ac7ad14cceda11dce008f3ce69adb5200543f55d
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 16:59:36 2021 -0500

    Remove extraneous GnuPG steps
    
    The first install is redundant with the install from backports
    later. Running `gpg --version` is functionally a debug print that we no
    longer need.

diff --git a/Dockerfile b/Dockerfile
index bc3f70a..89a21c3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     apache2 \
     cpanminus \
     curl \
-    gnupg \
     git \
     # RT core dependencies
     libapache2-mod-fcgid \
@@ -120,8 +119,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -t stretch-backport
     gnupg \
 && rm -rf /var/lib/apt/lists/*
 
-RUN gpg --version
-
 RUN cpanm \
   # RT dependencies
   # Install Module::Install first because after perl 5.26 "." fails to find
commit d7cd891ad4e178d51917bc4b778664f03bf1eff2
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 16:50:33 2021 -0500

    Remove libgumbo1
    
    HTML::Gumbo depends on Alien::LibGumbo anyway, so this is redundant.

diff --git a/Dockerfile b/Dockerfile
index 122e2ae..bc3f70a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -107,7 +107,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     autoconf \
     libnet-ldap-server-test-perl \
     libencode-hanextra-perl \
-    libgumbo1 \
     build-essential \
     libhtml-formatexternal-perl \
     libtext-worddiff-perl \
commit 8b06d89d45d379a4c716063743a76a8898d35165
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 16:50:05 2021 -0500

    Remove vim
    
    There is no need for an interactive editor in a Docker image intended
    for batch processing.

diff --git a/Dockerfile b/Dockerfile
index 8e4d9e9..122e2ae 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     cpanminus \
     curl \
     gnupg \
-    vim \
     git \
     # RT core dependencies
     libapache2-mod-fcgid \
commit 90331565a8913a8844cae53ed0f592ea870c5091
Author: Brett Smith <brett at bestpractical.com>
Date:   Thu Dec 16 16:49:32 2021 -0500

    Remove redundant Debian packages
    
    Installing build-essential pulls in all these packages. We don't need to
    specify them again.

diff --git a/Dockerfile b/Dockerfile
index 5ab8119..8e4d9e9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     apache2 \
     cpanminus \
     curl \
-    gcc \
     gnupg \
     vim \
     git \
@@ -14,7 +13,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     libapache2-mod-fcgid \
     libapache-session-perl \
     libbusiness-hours-perl \
-    libc-dev \
     libcgi-emulate-psgi-perl \
     libcgi-psgi-perl \
     libconvert-color-perl \
@@ -82,7 +80,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-ins
     libtree-simple-perl  \
     libuniversal-require-perl \
     libxml-rss-perl \
-    make \
     perl-doc \
     starlet \
     w3m \
-----------------------------------------------------------------------


hooks/post-receive
-- 
docker-rt-base


More information about the Bps-public-commit mailing list