X-Git-Url: http://git.osdn.net/view?a=blobdiff_plain;f=cookbooks%2Fscrewdriver%2Frecipes%2Fdocker-compose.rb;h=1591b94f3605253a77c2093e7ef1bd713c654671;hb=fcebfbae9db1ce4a2c1cf5b3dc3fab32db8cfaa3;hp=29c85aabc791076ebc073ee3658d05e3c5e26e55;hpb=cd4e875701ea317a7d51e21b050117ae059164d8;p=metasearch%2Fgrid-chef-repo.git

diff --git a/cookbooks/screwdriver/recipes/docker-compose.rb b/cookbooks/screwdriver/recipes/docker-compose.rb
index 29c85aa..1591b94 100644
--- a/cookbooks/screwdriver/recipes/docker-compose.rb
+++ b/cookbooks/screwdriver/recipes/docker-compose.rb
@@ -2,7 +2,7 @@
 # Cookbook Name:: screwdriver
 # Recipe:: docker-compose
 #
-# Copyright 2017, whitestar
+# Copyright 2017-2018, whitestar
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -26,18 +26,6 @@ doc_url = 'https://hub.docker.com/r/screwdrivercd/screwdriver/'
 #include_recipe 'platform_utils::kernel_user_namespace'
 include_recipe 'docker-grid::compose'
 
-default_executor = {
-  'plugin' => 'docker',
-  'docker' => {
-    'options' => {
-      'docker' => {
-        'socketPath' => '/var/run/docker.sock',
-      },
-      'launchVersion' => 'stable',
-    },
-  },
-}
-
 app_dir = node['screwdriver']['docker-compose']['app_dir']
 bin_dir = node['screwdriver']['docker-compose']['bin_dir']
 config_dir = node['screwdriver']['docker-compose']['config_dir']
@@ -69,9 +57,8 @@ if File.exist?(api_config_file)
   api_config_local = YAML.load_file(api_config_file)
 end
 
-env_local = nil
+env_local = {}
 if File.exist?(env_file)
-  env_local = {}
   File.open(env_file) do |file|
     file.each_line do |line|
       env_local[$1] = $2 if line =~ /^([^=]*)=(.*)$/
@@ -101,6 +88,7 @@ force_override_config_srvs = node.force_override['screwdriver']['docker-compose'
 api_envs_org = config_srvs['api']['environment']
 api_envs = {}
 api_vols = config_srvs['api']['volumes'].to_a
+api_links = []
 
 api_port = '9001'  # default
 api_in_port = api_envs_org['PORT']
@@ -114,8 +102,6 @@ else
   }
 end
 
-override_api_config['executor'] = default_executor if override_api_config['executor'].empty?
-
 [
   'jwt_private_key_vault_item',
   'jwt_public_key_vault_item',
@@ -149,7 +135,7 @@ else
       jwt_private_key = api_config_local['auth']['jwtPrivateKey']
       jwt_public_key  = api_config_local['auth']['jwtPublicKey']
       log 'JWT key pair is preserved from the local config/api-local.yaml file.'
-    # if !env_local.nil? && !env_local['SECRET_JWT_PRIVATE_KEY'].nil? && !jwt_private_key_reset
+    # if !env_local['SECRET_JWT_PRIVATE_KEY'].nil? && !jwt_private_key_reset
     #   # 3. preserve it from the local .env file.
     #   # Note: Docker env file format does not support backslash escaped string yet.
     #   eval "jwt_private_key = %Q(#{env_local['SECRET_JWT_PRIVATE_KEY']})"
@@ -189,6 +175,13 @@ unless password_vault_item.empty?
   api_envs['SECRET_PASSWORD'] = '${SECRET_PASSWORD}'
 end
 
+hashing_password = nil
+# for backward compatibility
+hashing_password = env_local['SECRET_PASSWORD'] if env_local['SECRET_HASHING_PASSWORD'].nil? && !env_local['SECRET_PASSWORD'].nil?
+hashing_password_vault_item = node['screwdriver']['hashing_password_vault_item']
+hashing_password = get_vault_item_value(hashing_password_vault_item) unless hashing_password_vault_item.empty?
+api_envs['SECRET_HASHING_PASSWORD'] = '${SECRET_HASHING_PASSWORD}' unless hashing_password.nil?
+
 node['screwdriver']['api']['scms_vault_items'].each {|scm, props|
   props.each {|prop, vault_item|
     unless vault_item.empty?
@@ -222,21 +215,21 @@ end
 =end
 
 db_username = nil
-db_username = env_local['DB_USERNAME'] if !env_local.nil? && !env_local['DB_USERNAME'].nil?
+db_username = env_local['DB_USERNAME'] unless env_local['DB_USERNAME'].nil?
 db_username_vault_item = node['screwdriver']['db_username_vault_item']
 db_username = get_vault_item_value(db_username_vault_item) unless db_username_vault_item.empty?
 db_username = 'sd-admin' if db_username.nil?
 api_envs['DATASTORE_SEQUELIZE_USERNAME'] = '${DB_USERNAME}'
 
 db_password = nil
-db_password = env_local['DB_PASSWORD'] if !env_local.nil? && !env_local['DB_PASSWORD'].nil?
+db_password = env_local['DB_PASSWORD'] unless env_local['DB_PASSWORD'].nil?
 db_password_vault_item = node['screwdriver']['db_password_vault_item']
 db_password = get_vault_item_value(db_password_vault_item) unless db_password_vault_item.empty?
 db_password = SecureRandom.urlsafe_base64(32) if db_password.nil?
 api_envs['DATASTORE_SEQUELIZE_PASSWORD'] = '${DB_PASSWORD}'
 
 db_root_password = nil
-db_root_password = env_local['DB_ROOT_PASSWORD'] if !env_local.nil? && !env_local['DB_ROOT_PASSWORD'].nil?
+db_root_password = env_local['DB_ROOT_PASSWORD'] unless env_local['DB_ROOT_PASSWORD'].nil?
 db_root_password_vault_item = node['screwdriver']['db_root_password_vault_item']
 db_root_password = get_vault_item_value(db_root_password_vault_item) unless db_root_password_vault_item.empty?
 db_root_password = SecureRandom.urlsafe_base64(32) if db_root_password.nil?
@@ -247,7 +240,7 @@ when 'sqlite'
   api_vols.push("#{data_dir}:/sd-data:rw")
   api_envs['DATASTORE_SEQUELIZE_STORAGE'] = '/sd-data/storage.db'
 when 'mysql', 'postgres'
-  override_config_srvs['api']['links'] = ['db']
+  api_links.push('db')
   api_envs['DATASTORE_SEQUELIZE_HOST'] = 'db'
 end
 
@@ -289,6 +282,23 @@ if db_dialect != 'sqlite'
   end
 end
 
+# queue
+executor_queue_enabled = api_envs_org['EXECUTOR_QUEUE_ENABLED'] == 'true' ? true : false
+if executor_queue_enabled
+  queue_envs = {}
+  queue_vols = config_srvs['queue']['volumes'].to_a
+
+  api_links.push('queue')
+  api_envs['QUEUE_REDIS_HOST'] = 'queue'
+  # TODO: set up env. vars.
+  # QUEUE_REDIS_PORT
+  # QUEUE_REDIS_PASSWORD
+  # QUEUE_REDIS_TLS_ENABLED
+  # QUEUE_REDIS_DATABASE
+end
+
+override_config_srvs['api']['links'] = api_links unless api_links.empty?
+
 # ui
 #ui_envs_org = config_srvs['ui']['environment']
 ui_envs = {}
@@ -311,6 +321,7 @@ store_backend = node['screwdriver']['store']['backend']
 store_envs_org = config_srvs['store']['environment']
 store_envs = {}
 store_vols = config_srvs['store']['volumes'].to_a
+store_links = []
 
 store_port = '9002'  # default
 store_in_port = store_envs_org['PORT']
@@ -325,14 +336,14 @@ else
 end
 
 s3_access_key_id = nil
-s3_access_key_id = env_local['S3_ACCESS_KEY_ID'] if !env_local.nil? && !env_local['S3_ACCESS_KEY_ID'].nil?
+s3_access_key_id = env_local['S3_ACCESS_KEY_ID'] unless env_local['S3_ACCESS_KEY_ID'].nil?
 s3_access_key_id_vault_item = node['screwdriver']['s3_access_key_id_vault_item']
 s3_access_key_id = get_vault_item_value(s3_access_key_id_vault_item) unless s3_access_key_id_vault_item.empty?
 s3_access_key_id = SecureRandom.urlsafe_base64(16) if s3_access_key_id.nil?
 store_envs['S3_ACCESS_KEY_ID'] = '${S3_ACCESS_KEY_ID}'
 
 s3_access_key_secret = nil
-s3_access_key_secret = env_local['S3_ACCESS_KEY_SECRET'] if !env_local.nil? && !env_local['S3_ACCESS_KEY_SECRET'].nil?
+s3_access_key_secret = env_local['S3_ACCESS_KEY_SECRET'] unless env_local['S3_ACCESS_KEY_SECRET'].nil?
 s3_access_key_secret_vault_item = node['screwdriver']['s3_access_key_secret_vault_item']
 s3_access_key_secret = get_vault_item_value(s3_access_key_secret_vault_item) unless s3_access_key_secret_vault_item.empty?
 s3_access_key_secret = SecureRandom.urlsafe_base64(32) if s3_access_key_secret.nil?
@@ -340,7 +351,7 @@ store_envs['S3_ACCESS_KEY_SECRET'] = '${S3_ACCESS_KEY_SECRET}'
 
 # S3 compatible server
 if !store_backend.nil? && !store_backend.empty?
-  override_config_srvs['store']['links'] = ['screwdriver.s3']
+  store_links.push('screwdriver.s3')
   store_envs['STRATEGY'] = 's3'
   store_envs['S3_BUCKET'] = 'screwdriver'
 
@@ -381,6 +392,8 @@ if !store_backend.nil? && !store_backend.empty?
   end
 end
 
+override_config_srvs['store']['links'] = store_links unless store_links.empty?
+
 override_store_config['auth']['jwtPublicKey'] = jwt_public_key
 # Note: prevent Chef from logging JWT key attribute value. (=> template variables)
 # However Docker env file format does not support multi-line value and backslash escaped string yet.
@@ -520,24 +533,23 @@ end
   srv_vols.push("#{local_yaml_file}:/config/local.yaml:ro")
 }
 
-# merge environment hash
+# merge environment hash and reset volumes array.
 force_override_config_srvs['api']['environment'] = api_envs unless api_envs.empty?
-force_override_config_srvs['ui']['environment'] = ui_envs unless ui_envs.empty?
-force_override_config_srvs['store']['environment'] = store_envs unless store_envs.empty?
-if db_dialect != 'sqlite'
-  force_override_config_srvs['db']['environment'] = db_envs unless db_envs.empty?
-end
-if !store_backend.nil? && !store_backend.empty?
-  force_override_config_srvs['screwdriver.s3']['environment'] = s3_envs unless s3_envs.empty?
-end
-# reset vlumes array.
 override_config_srvs['api']['volumes'] = api_vols unless api_vols.empty?
+force_override_config_srvs['ui']['environment'] = ui_envs unless ui_envs.empty?
 override_config_srvs['ui']['volumes'] = ui_vols unless ui_vols.empty?
+force_override_config_srvs['store']['environment'] = store_envs unless store_envs.empty?
 override_config_srvs['store']['volumes'] = store_vols unless store_vols.empty?
 if db_dialect != 'sqlite'
+  force_override_config_srvs['db']['environment'] = db_envs unless db_envs.empty?
   override_config_srvs['db']['volumes'] = db_vols unless db_vols.empty?
 end
+if executor_queue_enabled
+  force_override_config_srvs['queue']['environment'] = queue_envs unless queue_envs.empty?
+  override_config_srvs['queue']['volumes'] = queue_vols unless queue_vols.empty?
+end
 if !store_backend.nil? && !store_backend.empty?
+  force_override_config_srvs['screwdriver.s3']['environment'] = s3_envs unless s3_envs.empty?
   override_config_srvs['screwdriver.s3']['volumes'] = s3_vols unless s3_vols.empty?
 end
 
@@ -552,6 +564,7 @@ template env_file do
     # secrets
     cookie_password: cookie_password,
     password: password,
+    hashing_password: hashing_password,
     db_username: db_username,
     db_password: db_password,
     db_root_password: db_root_password,