Makefile: use podman play for podman env

Signed-off-by: Hank Donnay <hdonnay@redhat.com>
quay · May 1, 2020 · 373f1cd · 373f1cd
1 parent b5d84c0
commit 373f1cd
Show file tree

Hide file tree

Showing 3 changed files with 107 additions and 50 deletions.
diff --git a/Makefile b/Makefile
@@ -78,59 +78,17 @@ libindexhttp-restart:
 libvulnhttp-restart:
 	$(docker-compose) up -d --force-recreate libvulnhttp
 
+etc/podman.yaml: etc/podman.yaml.in
+	m4 -D_ROOT=$$(git rev-parse --show-toplevel) <$< >$@
+
 .PHONY: podman-dev-up
-podman-dev-up:
-	podman pod create\
-		--publish 5434\
-		--publish 8080\
-		--publish 8081\
-		--name claircore-dev
-	podman create\
-		--pod claircore-dev\
-		--name claircore-database\
-		--env POSTGRES_USER=claircore\
-		--env POSTGRES_DB=claircore\
-		--env POSTGRES_INITDB_ARGS="--no-sync"\
-		--env POSTGRES_HOST_AUTH_METHOD=trust\
-		--env PGPORT=5434\
-		--expose 5434\
-		--health-cmd "pg_isready -U claircore -d claircore"\
-		postgres:11
-	podman pod start claircore-dev
-	until podman healthcheck run claircore-database; do sleep 2; done
-	go mod vendor
-	podman create\
-		--pod claircore-dev\
-		--name libindexhttp\
-		--env HTTP_LISTEN_ADDR="0.0.0.0:8080"\
-		--env CONNECTION_STRING="host=localhost port=5434 user=claircore dbname=claircore sslmode=disable"\
-		--env SCAN_LOCK_RETRY=1\
-		--env LAYER_SCAN_CONCURRENCY=10\
-		--env LOG_LEVEL="debug"\
-		--expose 8080\
-		--volume $$(git rev-parse --show-toplevel)/:/src/claircore/:z\
-		quay.io/claircore/golang:$(GO_VERSION)\
-		bash -c 'cd /src/claircore/cmd/libindexhttp; exec go run -mod vendor .'
-	podman create\
-		--pod claircore-dev\
-		--name libvulnhttp\
-		--env HTTP_LISTEN_ADDR="0.0.0.0:8081"\
-		--env CONNECTION_STRING="host=localhost port=5434 user=claircore dbname=claircore sslmode=disable"\
-		--env LOG_LEVEL="debug"\
-		--expose 8081\
-		--volume $$(git rev-parse --show-toplevel)/:/src/claircore/:z\
-		quay.io/claircore/golang:$(GO_VERSION)\
-		bash -c 'cd /src/claircore/cmd/libvulnhttp; exec go run -mod vendor .'
-	podman pod start claircore-dev
-
-# TODO(hank) When the latest podman lands with 'generate systemd' support for
-# pods, use it here.
+podman-dev-up: etc/podman.yaml
+	podman play kube $<
 
 .PHONY: podman-dev-down
-podman-dev-down:
-	podman pod stop -t 10 claircore-dev
-	true $(foreach c,claircore-database libindexhttp libvulnhttp,&& podman rm -v $c)
-	podman pod rm claircore-dev
+podman-dev-down: etc/podman.yaml
+	podman pod stop -t 10 $$(awk '/^  name:/{print $$NF}' <$<)
+	podman pod rm $$(awk '/^  name:/{print $$NF}' <$<)
 
 GO_VERSION ?= 1.13.5
 GO_CHECKSUM ?= 512103d7ad296467814a6e3f635631bd35574cab3369a97a323c9a585ccaa569

diff --git a/etc/.gitignore b/etc/.gitignore
@@ -0,0 +1 @@
+podman.yaml
diff --git a/etc/podman.yaml.in b/etc/podman.yaml.in
@@ -0,0 +1,98 @@
+# Generation of Kubernetes YAML is still under development!
+#
+# Save the output of this file and use kubectl create -f to import
+# it into Kubernetes.
+#
+# Created with podman-1.8.2
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    app: claircore-dev
+  name: claircore-dev
+spec:
+  containers:
+    - command: ['go', 'run', '-mod=vendor', '.']
+      env:
+        - name: HTTP_LISTEN_ADDR
+          value: 0.0.0.0:8081
+        - name: CONNECTION_STRING
+          value: >-
+            host=localhost
+            port=5434
+            user=claircore
+            dbname=claircore
+            sslmode=disable
+        - name: LOG_LEVEL
+          value: debug
+      image: quay.io/claircore/golang:1.13.5
+      name: libvulnhttp
+      restartPolicy: OnFailure
+      ports:
+        - containerPort: 8081
+          hostPort: 8081
+          protocol: TCP
+      securityContext:
+        allowPrivilegeEscalation: true
+      volumeMounts:
+        - mountPath: /src/claircore
+          name: reporoot
+      workingDir: /src/claircore/cmd/libvulnhttp
+    - command: ['go', 'run', '-mod=vendor', '.']
+      env:
+        - name: LOG_LEVEL
+          value: debug
+        - name: HTTP_LISTEN_ADDR
+          value: 0.0.0.0:8080
+        - name: LAYER_SCAN_CONCURRENCY
+          value: "10"
+        - name: CONNECTION_STRING
+          value: >-
+            host=localhost
+            port=5434
+            user=claircore
+            dbname=claircore
+            sslmode=disable
+        - name: SCAN_LOCK_RETRY
+          value: "1"
+      image: quay.io/claircore/golang:1.13.5
+      name: libindexhttp
+      restartPolicy: OnFailure
+      ports:
+        - containerPort: 8080
+          hostPort: 8080
+          protocol: TCP
+      securityContext:
+        allowPrivilegeEscalation: true
+      volumeMounts:
+        - mountPath: /src/claircore
+          name: reporoot
+      workingDir: /src/claircore/cmd/libindexhttp
+    - command: ['postgres']
+      env:
+        - name: POSTGRES_INITDB_ARGS
+          value: --no-sync
+        - name: POSTGRES_HOST_AUTH_METHOD
+          value: trust
+        - name: PGPORT
+          value: "5434"
+        - name: POSTGRES_USER
+          value: claircore
+        - name: POSTGRES_DB
+          value: claircore
+      image: docker.io/library/postgres:11
+      name: claircore-database
+      restartPolicy: OnFailure
+      ports:
+        - containerPort: 5434
+          hostPort: 5434
+          protocol: TCP
+      securityContext:
+        allowPrivilegeEscalation: true
+      workingDir: /
+  volumes:
+    - hostPath:
+        path: _ROOT
+        type: Directory
+      name: reporoot