adds Minio support.

[metasearch/grid-chef-repo.git] / cookbooks / screwdriver / recipes / docker-compose.rb

diff --git a/cookbooks/screwdriver/recipes/docker-compose.rb b/cookbooks/screwdriver/recipes/docker-compose.rb
index f926763..5a0b0e5 100644 (file)
--- a/cookbooks/screwdriver/recipes/docker-compose.rb
+++ b/cookbooks/screwdriver/recipes/docker-compose.rb
@@ -259,17 +259,17 @@ if db_dialect != 'sqlite'
   when 'mysql'
     mysql_data_dir = "#{data_dir}/mysql"
     resources(directory: mysql_data_dir) rescue directory mysql_data_dir do
-      owner 'root'
-      group 'root'
+      owner 999
+      group 'docker'
       mode '0755'
       recursive true
     end
 
+    db_vols.push("#{mysql_data_dir}:/var/lib/mysql:rw")
     db_envs['MYSQL_DATABASE'] = api_envs_org['DATASTORE_SEQUELIZE_DATABASE']
     db_envs['MYSQL_USER'] = '${DB_USERNAME}' unless db_username.nil?
     db_envs['MYSQL_PASSWORD'] = '${DB_PASSWORD}' unless db_password.nil?
     db_envs['MYSQL_ROOT_PASSWORD'] = '${DB_ROOT_PASSWORD}' unless db_root_password.nil?
-    db_vols.push("#{mysql_data_dir}:/var/lib/mysql:rw")
   when 'postgres'
     pg_data_dir = "#{data_dir}/postgres"
     resources(directory: pg_data_dir) rescue directory pg_data_dir do
@@ -279,11 +279,11 @@ if db_dialect != 'sqlite'
       recursive true
     end
 
+    db_vols.push("#{pg_data_dir}:/database:rw")
     db_envs['POSTGRES_DB'] = api_envs_org['DATASTORE_SEQUELIZE_DATABASE']
     db_envs['POSTGRES_USER'] = '${DB_USERNAME}' unless db_username.nil?
     db_envs['POSTGRES_PASSWORD'] = '${DB_PASSWORD}' unless db_password.nil?
     db_envs['PGDATA'] = '/database'
-    db_vols.push("#{pg_data_dir}:/database:rw")
   end
 end
 
@@ -305,6 +305,7 @@ else
 end
 
 # store
+store_backend = node['screwdriver']['store']['backend']
 store_envs_org = config_srvs['store']['environment']
 store_envs = {}
 store_vols = config_srvs['store']['volumes'].to_a
@@ -321,6 +322,63 @@ else
   }
 end
 
+s3_access_key_id = nil
+s3_access_key_id_vault_item = node['screwdriver']['s3_access_key_id_vault_item']
+unless s3_access_key_id_vault_item.empty?
+  s3_access_key_id = get_vault_item_value(s3_access_key_id_vault_item)
+  store_envs['S3_ACCESS_KEY_ID'] = '${S3_ACCESS_KEY_ID}'
+end
+
+s3_access_key_secret = nil
+s3_access_key_secret_vault_item = node['screwdriver']['s3_access_key_secret_vault_item']
+unless s3_access_key_secret_vault_item.empty?
+  s3_access_key_secret = get_vault_item_value(s3_access_key_secret_vault_item)
+  store_envs['S3_ACCESS_KEY_SECRET'] = '${S3_ACCESS_KEY_SECRET}'
+end
+
+# S3 compatible server
+if !store_backend.nil? && !store_backend.empty?
+  override_config_srvs['store']['links'] = ['screwdriver.s3']
+  store_envs['STRATEGY'] = 's3'
+  store_envs['S3_BUCKET'] = 'screwdriver'
+
+  #s3_envs_org = config_srvs['screwdriver.s3']['environment']
+  s3_envs = {}
+  s3_vols = config_srvs['screwdriver.s3']['volumes'].to_a
+
+  s3_port = '9010'  # default
+  s3_in_port = '9000'
+  ports = config_srvs['screwdriver.s3']['ports']
+
+  case store_backend
+  when 'minio'
+    store_envs['S3_REGION'] = 'us-east-1'
+    store_envs['S3_ENDPOINT'] = "http://s3:#{s3_in_port}/screwdriver"  # for path style
+    store_envs['S3_SIG_VER'] = 'v4'
+
+    if ports.empty?
+      override_config_srvs['screwdriver.s3']['ports'] = ["#{s3_port}:#{s3_in_port}"]
+    else
+      ports.each {|port|
+        elms = port.split(':')
+        s3_port = (elms.size == 2 ? elms[0] : elms[1]) if elms.last == s3_in_port
+      }
+    end
+
+    minio_data_dir = "#{data_dir}/minio"
+    resources(directory: minio_data_dir) rescue directory minio_data_dir do
+      owner 'root'
+      group 'root'
+      mode '0755'
+      recursive true
+    end
+
+    s3_vols.push("#{minio_data_dir}:/export:rw")
+    s3_envs['MINIO_ACCESS_KEY'] = '${S3_ACCESS_KEY_ID}' unless s3_access_key_id.nil?
+    s3_envs['MINIO_SECRET_KEY'] = '${S3_ACCESS_KEY_SECRET}' unless s3_access_key_secret.nil?
+  end
+end
+
 override_store_config['auth']['jwtPublicKey'] = jwt_public_key
 # Note: prevent Chef from logging JWT key attribute value. (=> template variables)
 # However Docker env file format does not support multi-line value and backslash escaped string yet.
@@ -467,6 +525,9 @@ force_override_config_srvs['store']['environment'] = store_envs unless store_env
 if db_dialect != 'sqlite'
   force_override_config_srvs['db']['environment'] = db_envs unless db_envs.empty?
 end
+if !store_backend.nil? && !store_backend.empty?
+  force_override_config_srvs['screwdriver.s3']['environment'] = s3_envs unless s3_envs.empty?
+end
 # reset vlumes array.
 override_config_srvs['api']['volumes'] = api_vols unless api_vols.empty?
 override_config_srvs['ui']['volumes'] = ui_vols unless ui_vols.empty?
@@ -474,6 +535,9 @@ override_config_srvs['store']['volumes'] = store_vols unless store_vols.empty?
 if db_dialect != 'sqlite'
   override_config_srvs['db']['volumes'] = db_vols unless db_vols.empty?
 end
+if !store_backend.nil? && !store_backend.empty?
+  override_config_srvs['screwdriver.s3']['volumes'] = s3_vols unless s3_vols.empty?
+end
 
 template env_file do
   source 'opt/docker-compose/app/screwdriver/.env'
@@ -489,6 +553,8 @@ template env_file do
     db_username: db_username,
     db_password: db_password,
     db_root_password: db_root_password,
+    s3_access_key_id: s3_access_key_id,
+    s3_access_key_secret: s3_access_key_secret,
     # **DEPRECATED!!**
     # JWT keys setting -> /config/local.yaml
     #jwt_private_key: jwt_private_key,