Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker / build refactor & update Nginx #69

Merged
merged 5 commits into from
Jun 8, 2022
Merged

Docker / build refactor & update Nginx #69

merged 5 commits into from
Jun 8, 2022

Conversation

TimUnderhay
Copy link
Contributor

It's been a while, TeslaGov! Glad to see this project is still kicking. I had a need to revisit it and found that the build / Docker end of things was in need of a serious facelift. Please see the description below.

  • Build with latest nginx version (1.21.6)
  • Image builder now multi-stage
  • Image builder uses debian:bullseye-slim to build module (same as official nginx image's base)
  • Use nginx official image as final image base
  • Now using sed to modify OOTB nginx.conf to load the module.
  • Moved test-runner customisations into separate compose test stack
  • Updated Makefile to use docker compose for tests.

@TimUnderhay
Build with latest nginx version (1.21.6)
123fc04 
Image builder now multi-stage
Image builder uses debian:bullseye-slim to build module (same as official nginx image's base)
Use nginx official image as final image base
Now using sed to modify OOTB nginx.conf to load the module.
Moved test-runner customisations into separate compose test stack
Updated Makefile to use docker compose for tests.
JoshMcCullough
JoshMcCullough requested changes May 20, 2022
View reviewed changes
Copy link
Contributor

@JoshMcCullough JoshMcCullough left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this! Looks great.

I pulled the branch and rebuilt the images, and ran make, which resulted in this:

make[1]: Entering directory '/home/josh/Projects/teslagov/ngx-http-auth-jwt-module-bin'
docker run --rm --name "jwt-nginx-cont" -d -p 8000:8000 teslagov/jwt-nginx
9fb46434e2f04880c6557f0279e0c08cc155df404e4b6e2db77d196506cbc103
docker cp jwt-nginx-cont:/usr/lib64/nginx/modules/ngx_http_auth_jwt_module.so .
docker cp jwt-nginx-cont:/usr/local/lib/libjansson.so.4.13.0 .
Error: No such container:path: jwt-nginx-cont:/usr/local/lib/libjansson.so.4.13.0
make[1]: *** [Makefile:42: start-nginx] Error 1
make[1]: Leaving directory '/home/josh/Projects/teslagov/ngx-http-auth-jwt-module-bin'
make: *** [Makefile:15: all] Error 2

Can you take a look?

@JoshMcCullough
Copy link
Contributor

@KensingtonTech note that I updated the Makefile to allow for overriding the NGINX version, e.g.:

NGINX_VERSION=1.16.1 make rebuild-nginx

This is important because we don't always run on the latest NGINX. So you'll want to rebase your branch. Commit: 148987d

BTW I think we can consolidate the build-nginx and rebuild-nginx tasks at some point as well.

@TimUnderhay
Make org name, image name, compose project name, and nginx configurab…
6261f3e 
…le via env vars.

Clean up dangling stage images during build.
@TimUnderhay
Copy link
Contributor Author

@JoshMcCullough I pushed another commit that makes DOCKER_ORG_NAME, DOCKER_IMAGE_NAME, and NGINX_VERSION configurable via env vars.

@JoshMcCullough
Copy link
Contributor

I'm seeing some errors when running: NGINX_VERSION=1.16.1 make rebuild-nginx

checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional dynamic modules
adding module in ../ngx-http-auth-jwt-module
 + ngx_http_auth_jwt_module was configured
checking for PCRE library ... not found
checking for PCRE library in /usr/local/ ... not found
checking for PCRE library in /usr/include/pcre/ ... not found
checking for PCRE library in /usr/pkg/ ... not found
checking for PCRE library in /opt/local/ ... not found

./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.

The command '/bin/sh -c set -x  && curl -O http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz        && tar -xzf nginx-$NGINX_VERSION.tar.gz    && rm nginx-$NGINX_VERSION.tar.gz       && ln -sf nginx-$NGINX_VERSION nginx    && cd /root/dl/nginx    && ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module      && make modules' returned a non-zero code: 1
make: *** [Makefile:36: rebuild-nginx] Error 1

@TimUnderhay
Bumped default version to 1.22.0.
3dd759f 
Fix for v1.16.1.
Test runner runs correct nginx version.
@TimUnderhay
Copy link
Contributor Author

I'm seeing some errors when running: NGINX_VERSION=1.16.1 make rebuild-nginx

checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional dynamic modules
adding module in ../ngx-http-auth-jwt-module
 + ngx_http_auth_jwt_module was configured
checking for PCRE library ... not found
checking for PCRE library in /usr/local/ ... not found
checking for PCRE library in /usr/include/pcre/ ... not found
checking for PCRE library in /usr/pkg/ ... not found
checking for PCRE library in /opt/local/ ... not found

./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.

The command '/bin/sh -c set -x  && curl -O http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz        && tar -xzf nginx-$NGINX_VERSION.tar.gz    && rm nginx-$NGINX_VERSION.tar.gz       && ln -sf nginx-$NGINX_VERSION nginx    && cd /root/dl/nginx    && ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module      && make modules' returned a non-zero code: 1
make: *** [Makefile:36: rebuild-nginx] Error 1

@JoshMcCullough apologies for the lull. The issue with 1.16.1 has been addressed, as well as an issue where the test runner was always using the latest version.

@JoshMcCullough
Copy link
Contributor

Looks good, thanks!

@JoshMcCullough JoshMcCullough merged commit e959c0c into TeslaGov:master Jun 8, 2022
@TimUnderhay
Copy link
Contributor Author

@JoshMcCullough I hope you don’t mind, but I’ve taken the liberty of publishing the image to Docker hub (https://hub.docker.com/r/kensingtontech/nginx-jwt). I’ve made sure to add your 1.16.1 in there, as well.

@JoshMcCullough
Copy link
Contributor

Nice! We really should be better about this sort of thing, and should publish boundaries, images, etc. Thanks for contributing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoshMcCullough JoshMcCullough JoshMcCullough requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@TimUnderhay @JoshMcCullough