From ac6169db7b90e950156a87d9784308429ce3bee2 Mon Sep 17 00:00:00 2001 From: Dan K <dk14142@gmail.com> Date: Sun, 04 Aug 2019 14:26:17 +0200 Subject: [PATCH] feat: add initial Nexus3 files --- nexus3/uid_entrypoint | 6 + nexus3/probes/readiness.sh | 13 ++ nexus3/etc/training.repo | 54 ++++++++++ nexus3/probes/liveness.sh | 13 ++ nexus3/Dockerfile | 106 +++++++++++++++++++++ nexus3/licenses/LICENSE | 10 ++ nexus3/help.1 | 75 +++++++++++++++ 7 files changed, 277 insertions(+), 0 deletions(-) diff --git a/nexus3/Dockerfile b/nexus3/Dockerfile new file mode 100644 index 0000000..0493f34 --- /dev/null +++ b/nexus3/Dockerfile @@ -0,0 +1,106 @@ +# Copyright (c) 2016-present Sonatype, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM registry.access.redhat.com/rhel7:7.6 +MAINTAINER Red Hat Training + + +# Atomic Labels +LABEL name="Nexus Repository Manager" \ + vendor="Sonatype" \ + version="3.6.0-02" \ + release="3.6.0" \ + url="https://sonatype.com" \ + summary="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + run="docker run -d --name NAME \ + -p 8081:8081 \ + IMAGE" \ + stop="docker stop NAME" + +# OpenShift Labels +LABEL io.k8s.description="The Nexus Repository Manager server \ + with universal support for popular component formats." \ + io.k8s.display-name="Nexus Repository Manager" \ + io.openshift.expose-services="8081:8081" \ +io.openshift.tags="Sonatype,Nexus,Repository Manager" + +LABEL com.sonatype.license="Apache License, Version 2.0" + +COPY help.1 uid_entrypoint / + +COPY licenses /licenses + + +RUN rpm --rebuilddb && \ + yum install -y \ + curl tar createrepo java-1.8.0-openjdk-devel \ + && yum clean all + + +# Install Nexus +ENV SONATYPE_DIR=/opt/sonatype +ENV NEXUS_DATA=/nexus-data \ + NEXUS_HOME=${SONATYPE_DIR}/nexus \ + NEXUS_VERSION=3.6.0-02 \ + SONATYPE_WORK=${SONATYPE_DIR}/sonatype-work \ + NEXUS_CONTEXT='' \ + USER_NAME=nexus \ + USER_UID=200 + +# Install Nexus and Configure Nexus Runtime Environment +RUN mkdir -p ${NEXUS_HOME} && \ + curl --fail --silent --location --retry 3 \ + http://content.example.com/ocp3.6/x86_64/installers/nexus-${NEXUS_VERSION}-unix.tar.gz \ + | gunzip \ + | tar x -C ${NEXUS_HOME} --strip-components=1 nexus-${NEXUS_VERSION} && \ + chown -R root:root ${NEXUS_HOME} && \ + \ + sed \ + -e '/^nexus-context/ s:$:${NEXUS_CONTEXT}:' \ + -i ${NEXUS_HOME}/etc/nexus-default.properties && \ + \ + useradd -l -u ${USER_UID} -r -g 0 -m -d ${NEXUS_DATA} -s /sbin/no-login \ + -c "${USER_NAME} application user" ${USER_NAME} && \ + mkdir -p ${NEXUS_DATA}/etc ${NEXUS_DATA}/log ${NEXUS_DATA}/tmp ${SONATYPE_WORK} && \ + ln -s ${NEXUS_DATA} ${SONATYPE_WORK}/nexus3 && \ + chown -R ${USER_NAME}:0 ${NEXUS_DATA} && \ + chmod -R g+rw ${NEXUS_DATA} /etc/passwd && \ + chmod ug+x /uid_entrypoint && \ + find ${NEXUS_DATA} -type d -exec chmod g+x {} + + +VOLUME ${NEXUS_DATA} + +#Configure probes scripts +COPY probes/liveness.sh /usr/local/bin/liveness.sh +COPY probes/readiness.sh /usr/local/bin/readiness.sh + +RUN chmod 775 /usr/local/bin/liveness.sh && \ + chmod 775 /usr/local/bin/readiness.sh + +# arbitrary uid recognition at runtime - for OpenShift deployments +RUN sed "s@${USER_NAME}:x:${USER_UID}:@${USER_NAME}:x:\${USER_ID}:@g" /etc/passwd > /etc/passwd.template + +# Supply non variable to USER command ${USER_NAME} +USER 200 +WORKDIR ${NEXUS_HOME} + +ENV JAVA_MAX_MEM=1200m \ + JAVA_MIN_MEM=1200m + +EXPOSE 8081 + +ENTRYPOINT [ "/uid_entrypoint" ] +CMD ["bin/nexus", "run"] + diff --git a/nexus3/etc/training.repo b/nexus3/etc/training.repo new file mode 100644 index 0000000..18e48ef --- /dev/null +++ b/nexus3/etc/training.repo @@ -0,0 +1,54 @@ +[rhel-7-dvd] +baseurl = http://content.example.com/rhel7.6/x86_64/dvd +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL DVD + +[rhel-server-rhscl-7-rpms] +baseurl = http://content.example.com/ocp4.0/x86_64/rhelrhscl +enabled = true +gpgcheck = false +name = Remote classroom copy of RHSCL + +[rhel-7-server-datapath-rpms] +baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-fast-datapath-rpms +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Datapath Packages + +[rhel-7-server-ansible-26] +baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-ansible-2.6-rpms +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Ansible Packages + +[rhel-7-server-extras-rpms] +baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-extras-rpms +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Extra Packages + +[rhel-7-server-common-rpms] +baseurl = http://content.example.com/ocp4.0/x86_64/rheladditional/rhel-7-server-rh-common-rpms +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Common Packages + +[rhel-7-server-supplementary] +baseurl = http://content.example.com/ocp4.0/x86_64/rhelsupplementary +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Supplementary Packages + +[rhel-7-server-optional-rpms] +baseurl = http://content.example.com/ocp4.0/x86_64/rhelopt +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Optional Packages + +[rhel-7-server-updates] +baseurl = http://content.example.com/ocp4.0/x86_64/rhelupdates +enabled = true +gpgcheck = false +name = Remote classroom copy of RHEL 7.6 Updates + diff --git a/nexus3/help.1 b/nexus3/help.1 new file mode 100644 index 0000000..b74db88 --- /dev/null +++ b/nexus3/help.1 @@ -0,0 +1,75 @@ +.PP +% +.BR NEXUS (1) +Container Image Pages +% Sonatype +% November 21, 2016 +.TH NAME +.PP +nexus \- Nexus Repository Manager container image +.SH DESCRIPTION +.PP +The nexus image provides a containerized packaging of the Nexus Repository Manager. +Nexus Repository Manager is a repository manager with universal support for popular component formats including Maven, Docker, NuGet, npm, PyPi, Bower and more. +.PP +The nexus image is designed to be run by the atomic command with one of these options: +.PP +\fB\fCrun\fR +.PP +Starts the installed container with selected privileges to the host. +.PP +\fB\fCstop\fR +.PP +Stops the installed container +.PP +The container itself consists of: + \- Linux base image + \- Oracle Java JDK + \- Nexus Repository Manager + \- Atomic help file +.PP +Files added to the container during docker build include: /help.1. +.SH USAGE +.PP +To use the nexus container, you can run the atomic command with run, stop, or uninstall options: +.PP +To run the nexus container: +.IP +atomic run nexus +.PP +To stop the nexus container (after it is installed), run: +.IP +atomic stop nexus +.SH LABELS +.PP +The nexus container includes the following LABEL settings: +.PP +That atomic command runs the docker command set in this label: +.PP +\fB\fCRUN=\fR +.IP +LABEL RUN='docker run \-d \-p 8081:8081 \-\-name ${NAME} ${IMAGE}' +.IP +The contents of the RUN label tells an \fB\fCatomic run nexus\fR command to open port 8081 & set the name of the container. +.PP +\fB\fCSTOP=\fR +.IP +LABEL STOP='docker stop ${NAME}' +.PP +\fB\fCName=\fR +.PP +The registry location and name of the image. For example, Name="Nexus Repository Manager". +.PP +\fB\fCVersion=\fR +.PP +The Nexus Repository Manager version from which the container was built. For example, Version="3.0.2\-02". +.PP +When the atomic command runs the nexus container, it reads the command line associated with the selected option +from a LABEL set within the Docker container itself. It then runs that command. The following sections detail +each option and associated LABEL: +.SH SECURITY IMPLICATIONS +.PP +\fB\fC\-d\fR +.PP +Runs continuously as a daemon process in the background + diff --git a/nexus3/licenses/LICENSE b/nexus3/licenses/LICENSE new file mode 100644 index 0000000..6ddf595 --- /dev/null +++ b/nexus3/licenses/LICENSE @@ -0,0 +1,10 @@ +Sonatype Nexus (TM) Open Source Version +Copyright (c) 2008-present Sonatype, Inc. +All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. + +This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, +which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. + +Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks +of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the +Eclipse Foundation. All other trademarks are the property of their respective owners. diff --git a/nexus3/probes/liveness.sh b/nexus3/probes/liveness.sh new file mode 100644 index 0000000..8ae9cf5 --- /dev/null +++ b/nexus3/probes/liveness.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +curl -siu admin:admin123 http://localhost:8081/service/metrics/healthcheck | grep healthy | grep true +RESPONSE=$? + +if [ "$RESPONSE" = "0" ] ; then + echo "******** liveness is Alive ********" + exit 0; +else + echo "******** liveness is Dead ********" + exit 1; +fi + diff --git a/nexus3/probes/readiness.sh b/nexus3/probes/readiness.sh new file mode 100644 index 0000000..cd59e66 --- /dev/null +++ b/nexus3/probes/readiness.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +curl -siu admin:admin123 http://localhost:8081/service/metrics/ping | grep pong +RESPONSE=$? + +if [ "$RESPONSE" = "0" ] ; then + echo "******** readiness is Alive ********" + exit 0; +else + echo "******** readiness is Dead ********" + exit 1; +fi + diff --git a/nexus3/uid_entrypoint b/nexus3/uid_entrypoint new file mode 100644 index 0000000..02c2913 --- /dev/null +++ b/nexus3/uid_entrypoint @@ -0,0 +1,6 @@ +#!/bin/sh +USER_ID=$(id -u) +if [ ${USER_UID} != ${USER_ID} ]; then + sed "s@${USER_NAME}:x:\${USER_ID}:@${USER_NAME}:x:${USER_ID}:@g" /etc/passwd.template > /etc/passwd +fi +exec "$@" -- Gitblit v1.9.3