canonical · aznashwan · Jul 10, 2024
@@ -0,0 +1,3 @@
+# ROCK specs for harbor-jobservice.
+
+Aims to be compatible with `docker.io/goharbor/harbor-jobservice`.
@@ -0,0 +1,127 @@
+# Copyright 2024 Canonical Ltd.
+# See LICENSE file for licensing details.
+
+# Rockcraft definition for Harbor jobservice image:
+# docker.io/goharbor/harbor-jobservice:v2.10.2
+
+name: harbor-jobservice
+summary: Rock containing Harbor Jobservice component.
+description: |
+  Packages the Jobservice of Harbor.
+license: Apache-2.0
+
+version: "2.10.2"
+
+# NOTE(aznashwan): the base for the jobservice image is VMware's Photon,
+# but rockcraft only currently supports bare/ubuntu-based bases.
+base: [email protected]
+build-base: [email protected]
+platforms:
+  amd64:
+  arm64:
+
+
+services:
+  harbor_jobservice:
+    startup: enabled
+    override: replace
+
+    # NOTE(aznashwan) set entrypoint.sh for compatibility with upstream image.
+    # All it does is run `./make/photon/common/install_cert.sh` and exec `harbor_jobservice`.
+    # https://github.com/goharbor/harbor/blob/v2.10.2/make/photon/jobservice/Dockerfile#L24
+    command: /harbor/entrypoint.sh
+
+    user: harbor
+    group: harbor
+    working-dir: /harbor
+
+    # TODO(aznashwan): original Docker image includes Healthcheck should/can we also?
+    # https://github.com/goharbor/harbor/blob/v2.10.2/make/photon/jobservice/Dockerfile#L22
+
+
+parts:
+  create-harbor-user:
+    plugin: nil
+    overlay-script: |
+      groupadd -R $CRAFT_OVERLAY -r -g 10000 harbor
+      useradd -R $CRAFT_OVERLAY \
+        --no-log-init -r -m -g 10000 -u 10000 harbor
+
+  build-deps:
+    plugin: nil
+    build-snaps:
+      # https://github.com/goharbor/harbor/blob/v2.10.2/Makefile#L143
+      - go/1.21/stable
+    build-packages:
+      - make
+
+  # Sourced from:
+  # https://github.com/goharbor/harbor/blob/v2.10.2/make/photon/jobservice/Dockerfile.base
+  # https://github.com/goharbor/harbor/blob/v2.10.2/make/photon/jobservice/Dockerfile
+  image-prep:
+    after: [create-harbor-user]
+    plugin: nil
+
+    source-type: git
+    source: https://github.com/goharbor/harbor
+    source-tag: v2.10.2
+    source-depth: 1
+
+    stage-packages:
+      # https://github.com/goharbor/harbor/blob/v2.10.2/make/photon/jobservice/Dockerfile.base#L3
+      - tzdata
+
+    override-build: |
+      set -eux
+      cd $CRAFT_PART_SRC
+
+      # Copy over auxiliary files:
+      OUTDIR="$CRAFT_PART_INSTALL/harbor"
+      mkdir -p "$OUTDIR"
+
+      cp ./make/photon/common/install_cert.sh "$OUTDIR/"
+      cp ./make/photon/jobservice/entrypoint.sh "$OUTDIR/"
+
+      mkdir -p "$CRAFT_PART_INSTALL/etc/pki/tls/certs"
+      chown -R 10000:10000 "$CRAFT_PART_INSTALL/etc/pki/tls/certs"
+      chown -R 10000:10000 "$OUTDIR/"
+      chmod u+x "$OUTDIR/entrypoint.sh"
+      chmod u+x "$OUTDIR/install_cert.sh"
+
+  # Sourced from: https://github.com/goharbor/harbor/blob/v2.10.2/Makefile#L347
+  build-harbor-jobservice:
+    after: [create-harbor-user, build-deps, image-prep]
+    # NOTE(aznashwan): Harbor's Makefile relies on building through Docker,
+    # so we have to run the build commands manually:
+    plugin: go
+
+    source-type: git
+    source: https://github.com/goharbor/harbor
+    source-tag: v2.10.2
+    source-depth: 1
+    source-subdir: src
+
+    build-environment:
+      - CGO_ENABLED: 0
+      - GOARCH: $CRAFT_ARCH_BUILD_FOR
+
+    override-build: |
+      set -eux
+
+      # Deduce ldflags:
+      GIT_TAG="v2.10.2"
+      GIT_COMMIT_ID=`git -C "$CRAFT_PART_SRC" log --pretty=tformat:"%h" -n1`
+
+      # Build binary:
+      cd "$CRAFT_PART_SRC/src/jobservice"
+      go build \
+        -ldflags="-w -s -X github.com/goharbor/harbor/src/pkg/version.GitCommit=$GIT_COMMIT_ID -X github.com/goharbor/harbor/src/pkg/version.ReleaseVersion=$GIT_TAG" \
+        -o "$CRAFT_PART_BUILD/harbor_jobservice"
+
+      # Copy over binary and set appropriate permissions:
+      mkdir -p $CRAFT_PART_INSTALL/harbor
+      cp $CRAFT_PART_BUILD/harbor_jobservice $CRAFT_PART_INSTALL/harbor
+
+      chown 10000:10000 "$CRAFT_PART_INSTALL/harbor/harbor_jobservice"
+      chmod u+x "$CRAFT_PART_INSTALL/harbor/harbor_jobservice"
+
@@ -0,0 +1,87 @@
+# Copyright 2024 Canonical Ltd.
+# See LICENSE file for licensing details.
+
+import logging
+import random
+import pytest
+import string
+import subprocess
+import sys
+
+from charmed_kubeflow_chisme.rock import CheckRock
+
+logger: logging.Logger = logging.getLogger(__name__)
+
+logger.addHandler(logging.FileHandler(f"{__name__}.log"))
+logger.addHandler(logging.StreamHandler(sys.stdout))
+
+
+ORIGINAL_IMAGE = "docker.io/goharbor/harbor-jobservice"
+
+@pytest.fixture()
+def rock_test_env(tmpdir):
+    """Yields a temporary directory and random docker container name, then cleans them up after."""
+    container_name = "".join(
+        [str(i) for i in random.choices(string.ascii_lowercase, k=8)]
+    )
+    yield tmpdir, container_name
+
+    try:
+        subprocess.run(["docker", "rm", container_name])
+    except Exception:
+        pass
+    # tmpdir fixture we use here should clean up the other files for us
+
+
+def _list_files_in_image_dir(
+        image: str, container_name: str, root_dir: str="/") -> list[str]:
+    """Lists all regular file paths under the given dir in the given image."""
+    cmd = [
+        "docker",
+        "run",
+        "--rm",
+        "--name",
+        container_name,
+        image,
+        "find",
+        root_dir,
+        "-type",
+        "f"
+    ]
+
+    proc = subprocess.run(cmd, capture_output=True)
+    return [l.decode('utf8').strip() for l in proc.stdout.splitlines()]
+
+
+@pytest.mark.abort_on_fail
+def test_rock(rock_test_env):
+    """Test rock."""
+    _, container_name = rock_test_env
+    check_rock = CheckRock("rockcraft.yaml")
+    rock_image = check_rock.get_name()
+    rock_version = check_rock.get_version()
+    LOCAL_ROCK_IMAGE = f"{rock_image}:{rock_version}"
+    ORIGINAL_ROCK_IMAGE = f"{ORIGINAL_IMAGE}:{rock_version}"
+
+    dir_to_check = "/harbor"
+
+    original_image_files = _list_files_in_image_dir(
+        ORIGINAL_ROCK_IMAGE, f"{container_name}-original",
+        root_dir=dir_to_check)
+    local_rock_files = _list_files_in_image_dir(
+        LOCAL_ROCK_IMAGE, container_name, root_dir=dir_to_check)
+
+    rock_fileset = set(local_rock_files)
+    original_fileset = set(original_image_files)
+
+    original_extra_files = original_fileset - rock_fileset
+    if original_extra_files:
+        pytest.fail(
+            f"Missing some files from the original image: "
+            f"{original_extra_files}")
+
+    rock_extra_files = rock_fileset - original_fileset
+    if rock_extra_files:
+        pytest.fail(
+            f"Rock has extra files not present in original image: "
+            f"{rock_extra_files}")
@@ -0,0 +1,47 @@
+# Copyright 2024 Canonical Ltd.
+# See LICENSE file for licensing details.
+
+[tox]
+skipsdist = True
+skip_missing_interpreters = True
+envlist = pack, export-to-docker, sanity
+
+[testenv]
+setenv =
+    PYTHONPATH={toxinidir}
+    PYTHONBREAKPOINT=ipdb.set_trace
+
+[testenv:pack]
+passenv = *
+allowlist_externals =
+    rockcraft
+commands =
+    rockcraft pack -v
+
+[testenv:export-to-docker]
+passenv = *
+allowlist_externals =
+    bash
+    skopeo
+    yq
+commands =
+    # export already packed rock to docker
+    bash -c 'NAME="$(yq -r .name rockcraft.yaml)" && \
+             VERSION="$(yq -r .version rockcraft.yaml)" && \
+             ARCH="$(yq -r ".platforms | keys | .[0]" rockcraft.yaml)" && \
+             ROCK="$\{NAME\}_$\{VERSION\}_$\{ARCH\}.rock" && \
+             DOCKER_IMAGE=$NAME:$VERSION && \\
+             echo "Exporting $ROCK to docker as $DOCKER_IMAGE" && \
+             rockcraft.skopeo --insecure-policy copy \
+                oci-archive:$ROCK docker-daemon:$DOCKER_IMAGE'
+
+[testenv:sanity]
+passenv = *
+deps =
+    pytest
+    charmed-kubeflow-chisme
+allowlist_externals =
+    echo
+commands =
+    # run rock tests
+    pytest -v --tb native --show-capture=all --log-cli-level=INFO {posargs} {toxinidir}/tests
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# ROCK specs for harbor-jobservice.

		Aims to be compatible with `docker.io/goharbor/harbor-jobservice`.