From 479a51963032cf3d68678f361e1a5179a6b322fa Mon Sep 17 00:00:00 2001 From: Manuel de Brito Fontes Date: Thu, 5 Jul 2018 23:23:27 -0400 Subject: [PATCH] Use docker to build go binaries --- .gitignore | 2 + .travis.yml | 27 +---- Makefile | 112 ++++++++---------- build/Dockerfile | 33 ++++++ build/build.sh | 53 +++++++++ build/cover.sh | 35 ++++++ hack/build-dev-env.sh => build/dev-env.sh | 27 +++-- build/e2e-tests.sh | 66 +++++++++++ build/go-in-docker.sh | 79 ++++++++++++ .../lua/test/up.sh => build/static-check.sh | 24 ++-- build/test-lua.sh | 21 ++++ build/test.sh | 27 +++++ rootfs/Dockerfile | 6 +- test/e2e/up.sh | 6 +- 14 files changed, 411 insertions(+), 107 deletions(-) create mode 100644 build/Dockerfile create mode 100755 build/build.sh create mode 100755 build/cover.sh rename hack/build-dev-env.sh => build/dev-env.sh (63%) create mode 100755 build/e2e-tests.sh create mode 100755 build/go-in-docker.sh rename rootfs/etc/nginx/lua/test/up.sh => build/static-check.sh (66%) create mode 100755 build/test-lua.sh create mode 100755 build/test.sh diff --git a/.gitignore b/.gitignore index 63dd8f140..feaadb183 100644 --- a/.gitignore +++ b/.gitignore @@ -39,3 +39,5 @@ site # temporal github pages gh-pages + +test/binaries \ No newline at end of file diff --git a/.travis.yml b/.travis.yml index 22b67b01f..c42cd10ae 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,23 +5,13 @@ sudo: required services: - docker -language: go - -addons: - apt: - packages: - - luarocks +language: generic notifications: email: on_failure: always on_success: never -go: - - 1.10.3 - -go_import_path: k8s.io/ingress-nginx - # New secure variables can be added using travis encrypt -r kubernetes/ingress-nginx --add K=V env: global: @@ -38,18 +28,8 @@ jobs: include: - stage: Static Check script: - - sudo luarocks install luacheck - - make luacheck - - | - go get -d golang.org/x/lint/golint - cd $GOPATH/src/golang.org/x/tools - git checkout release-branch.go1.10 - go install golang.org/x/lint/golint - cd - - - make verify-all + - make static-check - stage: Lua Unit Test - before_script: - - rootfs/etc/nginx/lua/test/up.sh script: - make lua-test - stage: Coverage @@ -60,9 +40,8 @@ jobs: - make cover - stage: e2e before_script: - - go get github.com/onsi/ginkgo/ginkgo - test/e2e/up.sh - - make dev-env + - SKIP_MINIKUBE_START=true make dev-env script: - make e2e-test # split builds to avoid job timeouts diff --git a/Makefile b/Makefile index 47debdc59..992fb7a93 100644 --- a/Makefile +++ b/Makefile @@ -15,22 +15,18 @@ .PHONY: all all: all-container -BUILDTAGS= - # Use the 0.0 tag for testing, it shouldn't clobber any release builds -TAG?=0.16.2 -REGISTRY?=quay.io/kubernetes-ingress-controller -GOOS?=linux -DOCKER?=docker -SED_I?=sed -i +TAG ?= 0.16.2 +REGISTRY ?= quay.io/kubernetes-ingress-controller +DOCKER ?= docker +SED_I ?= sed -i GOHOSTOS ?= $(shell go env GOHOSTOS) # e2e settings # Allow limiting the scope of the e2e tests. By default run everything -FOCUS?=.* +FOCUS ?= .* # number of parallel test -E2E_NODES?=3 - +E2E_NODES ?= 3 ifeq ($(GOHOSTOS),darwin) SED_I=sed -i '' @@ -38,11 +34,11 @@ endif REPO_INFO=$(shell git config --get remote.origin.url) -ifndef COMMIT - COMMIT := git-$(shell git rev-parse --short HEAD) +ifndef GIT_COMMIT + GIT_COMMIT := git-$(shell git rev-parse --short HEAD) endif -PKG=k8s.io/ingress-nginx +PKG = k8s.io/ingress-nginx ARCH ?= $(shell go env GOARCH) GOARCH = ${ARCH} @@ -50,9 +46,9 @@ DUMB_ARCH = ${ARCH} ALL_ARCH = amd64 arm arm64 ppc64le s390x -QEMUVERSION=v2.12.0 +QEMUVERSION = v2.12.0 -BUSTED_ARGS=-v --pattern=_test +BUSTED_ARGS =-v --pattern=_test IMGNAME = nginx-ingress-controller IMAGE = $(REGISTRY)/$(IMGNAME) @@ -67,7 +63,7 @@ ifeq ($(ARCH),arm) DUMB_ARCH=armhf endif ifeq ($(ARCH),arm64) - QEMUARCH=aarch64 + QEMUARCH=aarch64 endif ifeq ($(ARCH),ppc64le) QEMUARCH=ppc64le @@ -75,11 +71,19 @@ ifeq ($(ARCH),ppc64le) DUMB_ARCH=ppc64el endif ifeq ($(ARCH),s390x) - QEMUARCH=s390x + QEMUARCH=s390x endif TEMP_DIR := $(shell mktemp -d) +DEF_VARS:=ARCH=$(ARCH) \ + TAG=$(TAG) \ + PKG=$(PKG) \ + GOARCH=$(GOARCH) \ + GIT_COMMIT=$(GIT_COMMIT) \ + REPO_INFO=$(REPO_INFO) \ + PWD=$(PWD) + DOCKERFILE := $(TEMP_DIR)/rootfs/Dockerfile .PHONY: image-info @@ -119,7 +123,7 @@ else $(SED_I) "s/CROSS_BUILD_//g" $(DOCKERFILE) endif - $(DOCKER) build -t $(MULTI_ARCH_IMG):$(TAG) $(TEMP_DIR)/rootfs + $(DOCKER) build --no-cache --pull -t $(MULTI_ARCH_IMG):$(TAG) $(TEMP_DIR)/rootfs ifeq ($(ARCH), amd64) # This is for maintaining backward compatibility @@ -147,72 +151,60 @@ clean: .PHONY: build build: clean - CGO_ENABLED=0 GOOS=${GOOS} GOARCH=${GOARCH} go build -a -installsuffix cgo \ - -ldflags "-s -w -X ${PKG}/version.RELEASE=${TAG} -X ${PKG}/version.COMMIT=${COMMIT} -X ${PKG}/version.REPO=${REPO_INFO}" \ - -o ${TEMP_DIR}/rootfs/nginx-ingress-controller ${PKG}/cmd/nginx + @$(DEF_VARS) \ + build/go-in-docker.sh build/build.sh -.PHONY: verify-all -verify-all: - @./hack/verify-all.sh + mkdir -p $(TEMP_DIR)/rootfs + cp bin/$(ARCH)/nginx-ingress-controller $(TEMP_DIR)/rootfs/nginx-ingress-controller + +.PHONY: static-check +static-check: + @$(DEF_VARS) \ + build/go-in-docker.sh build/static-check.sh .PHONY: test test: - @go test -v -race -tags "$(BUILDTAGS) cgo" $(shell go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e') + @$(DEF_VARS) \ + DOCKER_OPTS="--net=host" \ + build/go-in-docker.sh build/test.sh .PHONY: lua-test lua-test: - @busted $(BUSTED_ARGS) ./rootfs/etc/nginx/lua/test; + @$(DEF_VARS) \ + BUSTED_ARGS="$(BUSTED_ARGS)" \ + build/go-in-docker.sh build/test-lua.sh .PHONY: e2e-test e2e-test: - @ginkgo version || go get -u github.com/onsi/ginkgo/ginkgo - @ginkgo build ./test/e2e - @KUBECONFIG=${HOME}/.kube/config ginkgo \ - -randomizeSuites \ - -randomizeAllSpecs \ - -flakeAttempts=2 \ - --focus=$(FOCUS) \ - -p \ - -trace \ - -nodes=$(E2E_NODES) \ - ./test/e2e/e2e.test + @$(DEF_VARS) \ + FOCUS=$(FOCUS) \ + E2E_NODES=$(E2E_NODES) \ + DOCKER_OPTS="--net=host" \ + build/go-in-docker.sh build/e2e-tests.sh .PHONY: cover cover: - @rm -rf coverage.txt - @for d in `go list ./... | grep -v vendor | grep -v '/test/e2e' | grep -v 'images/grpc-fortune-teller'`; do \ - t=$$(date +%s); \ - go test -coverprofile=cover.out -covermode=atomic $$d || exit 1; \ - echo "Coverage test $$d took $$(($$(date +%s)-t)) seconds"; \ - if [ -f cover.out ]; then \ - cat cover.out >> coverage.txt; \ - rm cover.out; \ - fi; \ - done - @echo "Uploading coverage results..." + @$(DEF_VARS) \ + DOCKER_OPTS="--net=host" \ + build/go-in-docker.sh build/cover.sh + + echo "Uploading coverage results..." @curl -s https://codecov.io/bash | bash .PHONY: vet vet: @go vet $(shell go list ${PKG}/... | grep -v vendor) -.PHONY: luacheck -luacheck: - luacheck -q ./rootfs/etc/nginx/lua/ - .PHONY: release release: all-container all-push echo "done" -.PHONY: docker-build -docker-build: all-container - -.PHONY: docker-push -docker-push: all-push - .PHONY: check_dead_links check_dead_links: - docker run -t -v $$PWD:/tmp aledbf/awesome_bot:0.1 --allow-dupe --allow-redirect $(shell find $$PWD -mindepth 1 -name "*.md" -printf '%P\n' | grep -v vendor | grep -v Changelog.md) + docker run -t \ + -v $$PWD:/tmp aledbf/awesome_bot:0.1 \ + --allow-dupe \ + --allow-redirect $(shell find $$PWD -mindepth 1 -name "*.md" -printf '%P\n' | grep -v vendor | grep -v Changelog.md) .PHONY: dep-ensure dep-ensure: @@ -223,7 +215,7 @@ dep-ensure: .PHONY: dev-env dev-env: - @./hack/build-dev-env.sh + @build/dev-env.sh .PHONY: live-docs live-docs: diff --git a/build/Dockerfile b/build/Dockerfile new file mode 100644 index 000000000..14a8edca0 --- /dev/null +++ b/build/Dockerfile @@ -0,0 +1,33 @@ +# Copyright 2018 The Kubernetes Authors. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM golang:1.10.3-stretch + +RUN apt update \ + && apt install -y --no-install-recommends \ + luarocks \ + && apt-get clean -y \ + && rm -rf \ + /var/cache/debconf/* \ + /var/lib/apt/lists/* \ + /var/log/* \ + /tmp/* \ + /var/tmp/* + +RUN luarocks install luacheck \ + && luarocks install busted 2.0.rc12 \ + && luarocks install lua-cjson 2.1.0-1 + +RUN go get github.com/onsi/ginkgo/ginkgo \ + && go get golang.org/x/lint/golint diff --git a/build/build.sh b/build/build.sh new file mode 100755 index 000000000..abae9f303 --- /dev/null +++ b/build/build.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi +if [ -z "${ARCH}" ]; then + echo "ARCH must be set" + exit 1 +fi +if [ -z "${GIT_COMMIT}" ]; then + echo "GIT_COMMIT must be set" + exit 1 +fi +if [ -z "${REPO_INFO}" ]; then + echo "REPO_INFO must be set" + exit 1 +fi +if [ -z "${TAG}" ]; then + echo "TAG must be set" + exit 1 +fi +if [ -z "${TAG}" ]; then + echo "TAG must be set" + exit 1 +fi + +export CGO_ENABLED=0 + +go build -a -installsuffix cgo \ + -ldflags "-s -w \ + -X ${PKG}/version.RELEASE=${TAG} \ + -X ${PKG}/version.COMMIT=${GIT_COMMIT} \ + -X ${PKG}/version.REPO=${REPO_INFO}" \ + -o bin/${ARCH}/nginx-ingress-controller ${PKG}/cmd/nginx diff --git a/build/cover.sh b/build/cover.sh new file mode 100755 index 000000000..dc3536d68 --- /dev/null +++ b/build/cover.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi + +rm -rf coverage.txt +for d in `go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e' | grep -v images`; do + t=$(date +%s); + go test -coverprofile=cover.out -covermode=atomic $d || exit 1; + echo "Coverage test $d took $(($(date +%s)-$t)) seconds"; + if [ -f cover.out ]; then + cat cover.out >> coverage.txt; + rm cover.out; + fi; +done diff --git a/hack/build-dev-env.sh b/build/dev-env.sh similarity index 63% rename from hack/build-dev-env.sh rename to build/dev-env.sh index 6d0913d2b..924024d61 100755 --- a/hack/build-dev-env.sh +++ b/build/dev-env.sh @@ -14,17 +14,30 @@ # See the License for the specific language governing permissions and # limitations under the License. -: "${NAMESPACE:=ingress-nginx}" +set -o errexit +set -o nounset +set -o pipefail + +SKIP_MINIKUBE_START=${SKIP_MINIKUBE_START:-} +NAMESPACE="${NAMESPACE:-ingress-nginx}" echo "NAMESPACE is set to ${NAMESPACE}" -test $(minikube status | grep Running | wc -l) -eq 2 && $(minikube status | grep -q 'Correctly Configured') || minikube start -eval $(minikube docker-env) - export TAG=dev -export REGISTRY=ingress-controller +export ARCH=amd64 +export REGISTRY=${REGISTRY:-ingress-controller} + +DEV_IMAGE=${REGISTRY}/nginx-ingress-controller:${TAG} echo "[dev-env] building container" -ARCH=amd64 make build container +make build container + +if [ -z "${SKIP_MINIKUBE_START}" ]; then + test $(minikube status | grep Running | wc -l) -eq 2 && $(minikube status | grep -q 'Correctly Configured') || minikube start \ + --extra-config=kubelet.sync-frequency=1s \ + --extra-config=apiserver.authorization-mode=RBAC +fi + +docker save "${DEV_IMAGE}" | (eval $(minikube docker-env) && docker load) || true echo "[dev-env] installing kubectl" kubectl version || brew install kubectl @@ -38,4 +51,4 @@ kubectl set image \ deployments \ --namespace ingress-nginx \ --selector app=ingress-nginx \ - nginx-ingress-controller=${REGISTRY}/nginx-ingress-controller:${TAG} + nginx-ingress-controller=${DEV_IMAGE} diff --git a/build/e2e-tests.sh b/build/e2e-tests.sh new file mode 100755 index 000000000..204de95ab --- /dev/null +++ b/build/e2e-tests.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi +if [ -z "${FOCUS}" ]; then + echo "FOCUS must be set" + exit 1 +fi +if [ -z "${E2E_NODES}" ]; then + echo "E2E_NODES must be set" + exit 1 +fi + +SCRIPT_ROOT=$(dirname ${BASH_SOURCE})/.. + +mkdir -p ${SCRIPT_ROOT}/test/binaries + +TEST_BINARIES=$( cd "${SCRIPT_ROOT}/test/binaries" ; pwd -P ) + +export PATH=${TEST_BINARIES}:$PATH + +if ! [ -x "$(command -v kubectl)" ]; then + echo "downloading kubectl..." + curl -sSLo ${TEST_BINARIES}/kubectl \ + https://storage.googleapis.com/kubernetes-release/release/v1.11.0/bin/linux/amd64/kubectl + chmod +x ${TEST_BINARIES}/kubectl +fi + +if ! [ -x "$(command -v minikube)" ]; then + echo "downloading minikube..." + curl -sSLo ${TEST_BINARIES}/minikube \ + https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 + chmod +x ${TEST_BINARIES}/minikube +fi + +ginkgo build ./test/e2e + +ginkgo \ + -randomizeSuites \ + -randomizeAllSpecs \ + -flakeAttempts=2 \ + --focus=${FOCUS} \ + -p \ + -trace \ + -nodes=${E2E_NODES} \ + test/e2e/e2e.test diff --git a/build/go-in-docker.sh b/build/go-in-docker.sh new file mode 100755 index 000000000..904ea6430 --- /dev/null +++ b/build/go-in-docker.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi +if [ -z "${ARCH}" ]; then + echo "ARCH must be set" + exit 1 +fi +if [ -z "${GIT_COMMIT}" ]; then + echo "GIT_COMMIT must be set" + exit 1 +fi +if [ -z "${REPO_INFO}" ]; then + echo "REPO_INFO must be set" + exit 1 +fi +if [ -z "${TAG}" ]; then + echo "TAG must be set" + exit 1 +fi +if [ -z "${HOME}" ]; then + echo "HOME must be set" + exit 1 +fi + +DOCKER_OPTS=${DOCKER_OPTS:-""} + +docker build -t ingress-nginx:build build + +FLAGS=$@ + +tee .env << EOF +PKG=${PKG:-""} +ARCH=${ARCH:-""} +GIT_COMMIT=${GIT_COMMIT:-""} +E2E_NODES=${E2E_NODES:-3} +FOCUS=${FOCUS:-.*} +TAG=${TAG:-"0.0"} +HOME=${HOME:-/root} +KUBECONFIG=${HOME}/.kube/config +GOARCH=${GOARCH} +PWD=${PWD} +BUSTED_ARGS=${BUSTED_ARGS:-""} +REPO_INFO=${REPO_INFO:-local} +EOF + +docker run \ + --tty \ + --rm \ + ${DOCKER_OPTS} \ + -v ${HOME}/.kube:/${HOME}/.kube \ + -v ${HOME}/.minikube:${HOME}/.minikube \ + -v ${PWD}:/go/src/${PKG} \ + -v ${PWD}/bin/${ARCH}:/go/bin/linux_${ARCH} \ + -w /go/src/${PKG} \ + --env-file .env \ + ingress-nginx:build ${FLAGS} + +rm .env diff --git a/rootfs/etc/nginx/lua/test/up.sh b/build/static-check.sh similarity index 66% rename from rootfs/etc/nginx/lua/test/up.sh rename to build/static-check.sh index 642a54693..1d9159401 100755 --- a/rootfs/etc/nginx/lua/test/up.sh +++ b/build/static-check.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # Copyright 2018 The Kubernetes Authors. # @@ -14,17 +14,15 @@ # See the License for the specific language governing permissions and # limitations under the License. -install() -{ - package="$1" - version="$2" +set -o errexit +set -o nounset +set -o pipefail - if luarocks list --porcelain $package $version | grep -q "installed"; then - echo $package already installed, skipping ; - else - sudo luarocks install $package $version; - fi -} +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi -install busted 2.0.rc12 -install lua-cjson 2.1.0-1 +hack/verify-all.sh + +luacheck -q rootfs/etc/nginx/lua/ diff --git a/build/test-lua.sh b/build/test-lua.sh new file mode 100755 index 000000000..acd739566 --- /dev/null +++ b/build/test-lua.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +busted ${BUSTED_ARGS} ./rootfs/etc/nginx/lua/test; diff --git a/build/test.sh b/build/test.sh new file mode 100755 index 000000000..b206a5e30 --- /dev/null +++ b/build/test.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${PKG}" ]; then + echo "PKG must be set" + exit 1 +fi + +go test -v -race -tags "cgo" \ + $(go list ${PKG}/... | grep -v vendor | grep -v '/test/e2e' | grep -v images | grep -v "docs/examples") diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile index 812215278..8944db61f 100644 --- a/rootfs/Dockerfile +++ b/rootfs/Dockerfile @@ -25,8 +25,6 @@ RUN clean-install \ COPY . / -RUN setcap cap_net_bind_service=+ep /nginx-ingress-controller - # Create symlinks to redirect nginx logs to stdout and stderr docker log collector # This only works if nginx is started with CMD or ENTRYPOINT # Required because clean-install removes /var/log content @@ -50,8 +48,12 @@ RUN mkdir -p /var/log/nginx \ && chown www-data.www-data /etc/nginx/nginx.conf \ && chown www-data.www-data /etc/nginx/opentracing.json +RUN setcap cap_net_bind_service=+ep /nginx-ingress-controller \ + && setcap -v cap_net_bind_service=+ep /nginx-ingress-controller + USER www-data ENTRYPOINT ["/usr/bin/dumb-init"] CMD ["/nginx-ingress-controller"] + diff --git a/test/e2e/up.sh b/test/e2e/up.sh index 86e460b99..e1a5b806a 100755 --- a/test/e2e/up.sh +++ b/test/e2e/up.sh @@ -36,11 +36,15 @@ touch $HOME/.kube/config export KUBECONFIG=$HOME/.kube/config +# workaround to avoid breaking the execution +set +o errexit +set +o pipefail + # --vm-driver=none, use host docker (avoid docker-in-docker) # --bootstrapper=localkube, works around https://github.com/kubernetes/minikube/issues/2704 sudo -E minikube start \ - --bootstrapper=localkube \ --vm-driver=none \ + --bootstrapper=localkube \ --kubernetes-version=$KUBERNETES_VERSION \ --extra-config=kubelet.sync-frequency=1s \ --extra-config=apiserver.authorization-mode=RBAC