Skip to content

Commit

Permalink
fix: improve docker set up
Browse files Browse the repository at this point in the history
  • Loading branch information
aeneasr committed Jan 11, 2025
1 parent b2f202c commit 9378b07
Show file tree
Hide file tree
Showing 8 changed files with 59 additions and 173 deletions.
3 changes: 2 additions & 1 deletion .docker/Dockerfile-alpine
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ HEREDOC

COPY hydra /usr/bin/hydra

USER ory

ENTRYPOINT ["hydra"]
CMD ["serve", "all"]
USER ory
88 changes: 0 additions & 88 deletions .docker/Dockerfile-hsm

This file was deleted.

41 changes: 0 additions & 41 deletions .docker/Dockerfile-scratch

This file was deleted.

36 changes: 0 additions & 36 deletions .docker/Dockerfile-sqlite

This file was deleted.

36 changes: 36 additions & 0 deletions .docker/Dockerfile-test-hsm
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# This file is only used for testing the HSM feature of Hydra. It is not used in production nor is it being
# distributed.
FROM golang:1.22-alpine3.21 AS builder

RUN apk -U --no-cache --upgrade --latest add build-base git gcc bash

WORKDIR /go/src/github.com/ory/hydra
RUN mkdir -p ./internal/httpclient

COPY go.mod go.sum ./
COPY internal/httpclient/go.* ./internal/httpclient

ENV CGO_ENABLED 1

RUN go mod download

COPY . .

FROM builder as build-hydra

ENV HSM_ENABLED=true
ENV HSM_LIBRARY=/usr/lib/softhsm/libsofthsm2.so
ENV HSM_TOKEN_LABEL=hydra
ENV HSM_PIN=1234
ENV UPDATE_SNAPSHOTS=true

RUN apt-get -y install softhsm opensc
RUN pkcs11-tool --module "$HSM_LIBRARY" --slot 0 --init-token --so-pin 0000 --init-pin --pin "$HSM_PIN" --label "$HSM_TOKEN_LABEL"

FROM builder as test-hsm

RUN go test -p 1 -failfast -short -tags=sqlite,hsm ./...

FROM builder AS test-refresh-hsm

RUN go test -p 1 -failfast -short -tags=sqlite,hsm,refresh ./...
6 changes: 3 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ test-resetdb: node_modules
# Build local docker images
.PHONY: docker
docker:
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-build -t oryd/hydra:${IMAGE_TAG}-sqlite .
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-build -t oryd/hydra:${IMAGE_TAG} .

.PHONY: e2e
e2e: node_modules test-resetdb
Expand All @@ -88,12 +88,12 @@ quicktest:

.PHONY: quicktest-hsm
quicktest-hsm:
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-hsm --target test-hsm -t oryd/hydra:${IMAGE_TAG} --target test-hsm .
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-test-hsm --target test-hsm -t oryd/hydra:${IMAGE_TAG} --target test-hsm .

.PHONY: test-refresh
test-refresh:
UPDATE_SNAPSHOTS=true go test -failfast -short -tags sqlite,sqlite_omit_load_extension ./...
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-hsm --target test-refresh-hsm -t oryd/hydra:${IMAGE_TAG} --target test-refresh-hsm .
DOCKER_BUILDKIT=1 DOCKER_CONTENT_TRUST=1 docker build --progress=plain -f .docker/Dockerfile-test-hsm --target test-refresh-hsm -t oryd/hydra:${IMAGE_TAG} --target test-refresh-hsm .

authors: # updates the AUTHORS file
curl https://raw.githubusercontent.com/ory/ci/master/authors/authors.sh | env PRODUCT="Ory Hydra" bash
Expand Down
12 changes: 8 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -609,7 +609,7 @@ that your company deserves a spot here, reach out to
</picture>
</td>
<td><a href="https://pinniped.dev/">pinniped.dev</a></td>
</tr>
</tr>
<tr>
<td>Adopter *</td>
<td>Pvotal</td>
Expand Down Expand Up @@ -835,7 +835,9 @@ make quicktest

# regular tests
make test
test-resetdb

# updates all snapshots
make test-refresh

# end-to-end tests
make e2e
Expand Down Expand Up @@ -977,10 +979,12 @@ If you wish to check your code changes against any of the docker-compose
quickstart files, run:

```shell script
make docker
docker compose -f quickstart.yml up # ....
docker compose -f quickstart.yml up --build # ....
```

Warning, this will override your local image tag with the latest build and can
lead to unexpected or confusing behavior.

#### Add a new migration

1. `mkdir persistence/sql/src/YYYYMMDD000001_migration_name/`
Expand Down
10 changes: 10 additions & 0 deletions quickstart.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@
services:
hydra:
image: oryd/hydra:v2.2.0
build:
context: .
dockerfile: .docker/Dockerfile-build
ports:
- "4444:4444" # Public port
- "4445:4445" # Admin port
Expand All @@ -25,18 +28,25 @@ services:
- type: bind
source: ./contrib/quickstart/5-min
target: /etc/config/hydra
pull_policy: missing
environment:
- DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true
restart: unless-stopped
user: 500:500
depends_on:
- hydra-migrate
networks:
- intranet
hydra-migrate:
image: oryd/hydra:v2.2.0
build:
context: .
dockerfile: .docker/Dockerfile-build
environment:
- DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true
command: migrate -c /etc/config/hydra/hydra.yml sql -e --yes
user: 500:500
pull_policy: missing
volumes:
- type: volume
source: hydra-sqlite
Expand Down

0 comments on commit 9378b07

Please sign in to comment.