Loading .gitlab-ci.yml +14 −18 Original line number Diff line number Diff line Loading @@ -15,8 +15,8 @@ variables: # Sets up authentication with the configured registry, which defaults to Docker Hub .dind: services: - docker:19.03-dind image: docker:19.03 - docker:26.0.0-dind image: docker:26.0.0 variables: DOCKER_HOST: tcp://docker:2375 DOCKER_TLS_CERTDIR: "" Loading Loading @@ -62,7 +62,7 @@ variables: # If building master, also tag latest - test "$CI_COMMIT_REF_NAME" == "master" && docker tag "$REPOSITORY:$CI_COMMIT_SHORT_SHA" "$REPOSITORY:latest" # Push all tags - docker push $REPOSITORY - docker push --all-tags $REPOSITORY only: # Only run build jobs for branches in the repo, not MRs refs: Loading Loading @@ -130,12 +130,15 @@ build:opa: CONTEXT_DIR: $CI_PROJECT_DIR/images/opa needs: ["build:base"] build:search-builder: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search-builder needs: ["build:jdk"] # Ironically, search-builder no longer builds due to an Ivy issue. # Later Ivy versions resolve that issue, but wont build search. # For now, we'll rely on already-built versions of the search app. # build:search-builder: # extends: .docker-build # stage: build-3 # variables: # CONTEXT_DIR: $CI_PROJECT_DIR/images/search-builder # needs: ["build:jdk"] build:solr: extends: .docker-build Loading Loading @@ -165,19 +168,12 @@ build:python-build: CONTEXT_DIR: $CI_PROJECT_DIR/images/python-build needs: ["build:conda"] build:django: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/django needs: ["build:conda"] build:search: extends: .docker-build stage: build-4 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search needs: ["build:search-builder", "build:tomcat"] needs: ["build:tomcat"] build:thredds: extends: .docker-build Loading @@ -191,4 +187,4 @@ build:auth-service: stage: build-4 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/auth-service needs: ["build:python-build", "build:django"] needs: ["build:python-build", "build:conda"] deploy/ansible/group_vars/data.yml +11 −0 Original line number Diff line number Diff line Loading @@ -30,6 +30,17 @@ data_datasets: path: esg_cordex location: /data/cordex # An S3 location for a dataset can be specified using `s3Location` instead of `location` in the yaml config. # We don't currently support adding security parameters for accessing secured S3 buckets. data_datasets: - name: CMIP6 path: esg_cmip6 s3Location: host: example.com port: 443 bucket: bucket_name dataPath: path/to/files # https://github.com/ESGF/esgf-docker/blob/master/docs/deploy-ansible.md#configuring-the-available-datasets Loading deploy/ansible/roles/data/tasks/fileserver_install.yml +15 −4 Original line number Diff line number Diff line Loading @@ -32,10 +32,21 @@ src: /dev/stderr force: yes - name: Make the access log pipe command: mkfifo /esg/logs/fileserver/access.log args: creates: /esg/logs/fileserver/access.log - name: Get stats of a file stat: path: /esg/logs/fileserver/access.log register: log_file - name: Delete log pipe from previous playbook versions file: path: /esg/logs/fileserver/access.log state: absent when: log_file.stat.isfifo - name: Ensure access log file exists file: path: /esg/logs/fileserver/access.log state: touch - name: Transfer ownership of logs to security context user file: Loading deploy/ansible/roles/data/tasks/logstash_install.yml +8 −0 Original line number Diff line number Diff line --- - name: Ensure logrotate is installed command: dnf install -y logrotate - name: Install the logrotate configuration file template: src: esg.logrotate.j2 dest: /etc/logrotate.d/esg - name: Create Docker network docker_network: name: esgf Loading deploy/ansible/roles/data/tasks/thredds_install.yml +15 −4 Original line number Diff line number Diff line Loading @@ -52,10 +52,21 @@ - cache.log - localhost.log - name: Make the access log pipe command: mkfifo /esg/logs/thredds/localhost_access_log.txt args: creates: /esg/logs/thredds/localhost_access_log.txt - name: Get stats of a file stat: path: /esg/logs/thredds/localhost_access_log.txt register: log_file - name: Delete log pipe from previous playbook versions file: path: /esg/logs/thredds/localhost_access_log.txt state: absent when: log_file.stat.isfifo - name: Ensure access log file exists file: path: /esg/logs/thredds/localhost_access_log.txt state: touch - name: Transfer ownership of logs to security context user file: Loading Loading
.gitlab-ci.yml +14 −18 Original line number Diff line number Diff line Loading @@ -15,8 +15,8 @@ variables: # Sets up authentication with the configured registry, which defaults to Docker Hub .dind: services: - docker:19.03-dind image: docker:19.03 - docker:26.0.0-dind image: docker:26.0.0 variables: DOCKER_HOST: tcp://docker:2375 DOCKER_TLS_CERTDIR: "" Loading Loading @@ -62,7 +62,7 @@ variables: # If building master, also tag latest - test "$CI_COMMIT_REF_NAME" == "master" && docker tag "$REPOSITORY:$CI_COMMIT_SHORT_SHA" "$REPOSITORY:latest" # Push all tags - docker push $REPOSITORY - docker push --all-tags $REPOSITORY only: # Only run build jobs for branches in the repo, not MRs refs: Loading Loading @@ -130,12 +130,15 @@ build:opa: CONTEXT_DIR: $CI_PROJECT_DIR/images/opa needs: ["build:base"] build:search-builder: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search-builder needs: ["build:jdk"] # Ironically, search-builder no longer builds due to an Ivy issue. # Later Ivy versions resolve that issue, but wont build search. # For now, we'll rely on already-built versions of the search app. # build:search-builder: # extends: .docker-build # stage: build-3 # variables: # CONTEXT_DIR: $CI_PROJECT_DIR/images/search-builder # needs: ["build:jdk"] build:solr: extends: .docker-build Loading Loading @@ -165,19 +168,12 @@ build:python-build: CONTEXT_DIR: $CI_PROJECT_DIR/images/python-build needs: ["build:conda"] build:django: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/django needs: ["build:conda"] build:search: extends: .docker-build stage: build-4 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search needs: ["build:search-builder", "build:tomcat"] needs: ["build:tomcat"] build:thredds: extends: .docker-build Loading @@ -191,4 +187,4 @@ build:auth-service: stage: build-4 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/auth-service needs: ["build:python-build", "build:django"] needs: ["build:python-build", "build:conda"]
deploy/ansible/group_vars/data.yml +11 −0 Original line number Diff line number Diff line Loading @@ -30,6 +30,17 @@ data_datasets: path: esg_cordex location: /data/cordex # An S3 location for a dataset can be specified using `s3Location` instead of `location` in the yaml config. # We don't currently support adding security parameters for accessing secured S3 buckets. data_datasets: - name: CMIP6 path: esg_cmip6 s3Location: host: example.com port: 443 bucket: bucket_name dataPath: path/to/files # https://github.com/ESGF/esgf-docker/blob/master/docs/deploy-ansible.md#configuring-the-available-datasets Loading
deploy/ansible/roles/data/tasks/fileserver_install.yml +15 −4 Original line number Diff line number Diff line Loading @@ -32,10 +32,21 @@ src: /dev/stderr force: yes - name: Make the access log pipe command: mkfifo /esg/logs/fileserver/access.log args: creates: /esg/logs/fileserver/access.log - name: Get stats of a file stat: path: /esg/logs/fileserver/access.log register: log_file - name: Delete log pipe from previous playbook versions file: path: /esg/logs/fileserver/access.log state: absent when: log_file.stat.isfifo - name: Ensure access log file exists file: path: /esg/logs/fileserver/access.log state: touch - name: Transfer ownership of logs to security context user file: Loading
deploy/ansible/roles/data/tasks/logstash_install.yml +8 −0 Original line number Diff line number Diff line --- - name: Ensure logrotate is installed command: dnf install -y logrotate - name: Install the logrotate configuration file template: src: esg.logrotate.j2 dest: /etc/logrotate.d/esg - name: Create Docker network docker_network: name: esgf Loading
deploy/ansible/roles/data/tasks/thredds_install.yml +15 −4 Original line number Diff line number Diff line Loading @@ -52,10 +52,21 @@ - cache.log - localhost.log - name: Make the access log pipe command: mkfifo /esg/logs/thredds/localhost_access_log.txt args: creates: /esg/logs/thredds/localhost_access_log.txt - name: Get stats of a file stat: path: /esg/logs/thredds/localhost_access_log.txt register: log_file - name: Delete log pipe from previous playbook versions file: path: /esg/logs/thredds/localhost_access_log.txt state: absent when: log_file.stat.isfifo - name: Ensure access log file exists file: path: /esg/logs/thredds/localhost_access_log.txt state: touch - name: Transfer ownership of logs to security context user file: Loading
