when 'mysql'
mysql_data_dir = "#{data_dir}/mysql"
resources(directory: mysql_data_dir) rescue directory mysql_data_dir do
- owner 'root'
- group 'root'
+ owner 999
+ group 'docker'
mode '0755'
recursive true
end
+ db_vols.push("#{mysql_data_dir}:/var/lib/mysql:rw")
db_envs['MYSQL_DATABASE'] = api_envs_org['DATASTORE_SEQUELIZE_DATABASE']
db_envs['MYSQL_USER'] = '${DB_USERNAME}' unless db_username.nil?
db_envs['MYSQL_PASSWORD'] = '${DB_PASSWORD}' unless db_password.nil?
db_envs['MYSQL_ROOT_PASSWORD'] = '${DB_ROOT_PASSWORD}' unless db_root_password.nil?
- db_vols.push("#{mysql_data_dir}:/var/lib/mysql:rw")
when 'postgres'
pg_data_dir = "#{data_dir}/postgres"
resources(directory: pg_data_dir) rescue directory pg_data_dir do
recursive true
end
+ db_vols.push("#{pg_data_dir}:/database:rw")
db_envs['POSTGRES_DB'] = api_envs_org['DATASTORE_SEQUELIZE_DATABASE']
db_envs['POSTGRES_USER'] = '${DB_USERNAME}' unless db_username.nil?
db_envs['POSTGRES_PASSWORD'] = '${DB_PASSWORD}' unless db_password.nil?
db_envs['PGDATA'] = '/database'
- db_vols.push("#{pg_data_dir}:/database:rw")
end
end
end
# store
+store_backend = node['screwdriver']['store']['backend']
store_envs_org = config_srvs['store']['environment']
store_envs = {}
store_vols = config_srvs['store']['volumes'].to_a
}
end
+s3_access_key_id = nil
+s3_access_key_id_vault_item = node['screwdriver']['s3_access_key_id_vault_item']
+unless s3_access_key_id_vault_item.empty?
+ s3_access_key_id = get_vault_item_value(s3_access_key_id_vault_item)
+ store_envs['S3_ACCESS_KEY_ID'] = '${S3_ACCESS_KEY_ID}'
+end
+
+s3_access_key_secret = nil
+s3_access_key_secret_vault_item = node['screwdriver']['s3_access_key_secret_vault_item']
+unless s3_access_key_secret_vault_item.empty?
+ s3_access_key_secret = get_vault_item_value(s3_access_key_secret_vault_item)
+ store_envs['S3_ACCESS_KEY_SECRET'] = '${S3_ACCESS_KEY_SECRET}'
+end
+
+# S3 compatible server
+if !store_backend.nil? && !store_backend.empty?
+ override_config_srvs['store']['links'] = ['screwdriver.s3']
+ store_envs['STRATEGY'] = 's3'
+ store_envs['S3_BUCKET'] = 'screwdriver'
+
+ #s3_envs_org = config_srvs['screwdriver.s3']['environment']
+ s3_envs = {}
+ s3_vols = config_srvs['screwdriver.s3']['volumes'].to_a
+
+ s3_port = '9010' # default
+ s3_in_port = '9000'
+ ports = config_srvs['screwdriver.s3']['ports']
+
+ case store_backend
+ when 'minio'
+ store_envs['S3_REGION'] = 'us-east-1'
+ store_envs['S3_ENDPOINT'] = "http://s3:#{s3_in_port}/screwdriver" # for path style
+ store_envs['S3_SIG_VER'] = 'v4'
+
+ if ports.empty?
+ override_config_srvs['screwdriver.s3']['ports'] = ["#{s3_port}:#{s3_in_port}"]
+ else
+ ports.each {|port|
+ elms = port.split(':')
+ s3_port = (elms.size == 2 ? elms[0] : elms[1]) if elms.last == s3_in_port
+ }
+ end
+
+ minio_data_dir = "#{data_dir}/minio"
+ resources(directory: minio_data_dir) rescue directory minio_data_dir do
+ owner 'root'
+ group 'root'
+ mode '0755'
+ recursive true
+ end
+
+ s3_vols.push("#{minio_data_dir}:/export:rw")
+ s3_envs['MINIO_ACCESS_KEY'] = '${S3_ACCESS_KEY_ID}' unless s3_access_key_id.nil?
+ s3_envs['MINIO_SECRET_KEY'] = '${S3_ACCESS_KEY_SECRET}' unless s3_access_key_secret.nil?
+ end
+end
+
override_store_config['auth']['jwtPublicKey'] = jwt_public_key
# Note: prevent Chef from logging JWT key attribute value. (=> template variables)
# However Docker env file format does not support multi-line value and backslash escaped string yet.
if db_dialect != 'sqlite'
force_override_config_srvs['db']['environment'] = db_envs unless db_envs.empty?
end
+if !store_backend.nil? && !store_backend.empty?
+ force_override_config_srvs['screwdriver.s3']['environment'] = s3_envs unless s3_envs.empty?
+end
# reset vlumes array.
override_config_srvs['api']['volumes'] = api_vols unless api_vols.empty?
override_config_srvs['ui']['volumes'] = ui_vols unless ui_vols.empty?
if db_dialect != 'sqlite'
override_config_srvs['db']['volumes'] = db_vols unless db_vols.empty?
end
+if !store_backend.nil? && !store_backend.empty?
+ override_config_srvs['screwdriver.s3']['volumes'] = s3_vols unless s3_vols.empty?
+end
template env_file do
source 'opt/docker-compose/app/screwdriver/.env'
db_username: db_username,
db_password: db_password,
db_root_password: db_root_password,
+ s3_access_key_id: s3_access_key_id,
+ s3_access_key_secret: s3_access_key_secret,
# **DEPRECATED!!**
# JWT keys setting -> /config/local.yaml
#jwt_private_key: jwt_private_key,