mirror of
https://github.com/semaphoreui/semaphore.git
synced 2024-11-24 22:06:43 +01:00
76 lines
2.9 KiB
Markdown
76 lines
2.9 KiB
Markdown
|
# Docker Deployments
|
||
|
|
||
|
Production images for each tag, latest and the development branch will be pushed to [docker hub](https://hub.docker.com/r/castawaylabs/semaphore).
|
||
|
To build images locally see the contexts included here and use the `d` and `dc` tasks in the root Taskfile.yml to help with building and running.
|
||
|
|
||
|
## Contexts
|
||
|
|
||
|
### Prod
|
||
|
|
||
|
To build a production image you should run
|
||
|
|
||
|
context=prod task docker:build
|
||
|
|
||
|
this will create an image called `castawaylabs/semaphore:latest` which will be compiled from the currently checked out code
|
||
|
|
||
|
This image is run as non root user 1001 (for PaaS systems such as openshift) and is build on alpine with added glibc.
|
||
|
With ansible etc... installed in the container it is ~283MiB in size.
|
||
|
|
||
|
You will need to provide environmental variables so that the configuration can be built correctly for your environment.
|
||
|
See `docker-compose.yml` for an example, or look at `../common/entrypoint` to see which variables are available
|
||
|
|
||
|
If you want to bulid an image with a custom tag you can optionally pass a tag to the command
|
||
|
|
||
|
context=prod tag=mybranch task docker:build
|
||
|
|
||
|
#### Example Configuration
|
||
|
|
||
|
To run Semaphore in a simple production-like docker configuration run the following command:
|
||
|
|
||
|
task dc:prod
|
||
|
|
||
|
You can then access Semaphore directly from the url http://localhost:8081/
|
||
|
|
||
|
#### SSL Termination Using Nginx
|
||
|
|
||
|
Generate a cert, ca cert, and key file and place into `prod/proxy/cert/` with
|
||
|
these names:
|
||
|
|
||
|
* `cert.pem`
|
||
|
* `privkey.pem`
|
||
|
* `fullchain.pem`
|
||
|
|
||
|
(I've used letsencrypt generated certs with success.)
|
||
|
|
||
|
Run `task dc:prod` and your Semaphore instance will then be at the url
|
||
|
https://localhost:8443
|
||
|
|
||
|
If you do not add certificates the container will create self-signed certs instead
|
||
|
|
||
|
## Dev
|
||
|
|
||
|
To start a development start you could run
|
||
|
```
|
||
|
context=dev task dc:up
|
||
|
```
|
||
|
The development stack will run `task watch` by default and `dc:up` will volume link the application in to the container.
|
||
|
Without `dc:up` the application will run the version of the application which existed at image build time.
|
||
|
|
||
|
The development container is based on [micro-golang](https://github.com/twhiston/micro-golang)'s test base image
|
||
|
which contains the go toolchain and glibc in alpine.
|
||
|
|
||
|
Because the test image links your local volume it expects that you have run `task deps` and `task compile` locally
|
||
|
as necessary to make the application usable.
|
||
|
|
||
|
## Convenience Functions
|
||
|
|
||
|
### dc:dev
|
||
|
|
||
|
`dc:dev` rebuilds the development images and runs a development stack, with the semaphore root as a volume link
|
||
|
This allows you to work inside the container with live code. The container has all the tools you need to build and test semaphore
|
||
|
|
||
|
### dc:prod
|
||
|
|
||
|
`dc:prod` rebuilds the production example images and starts the production-like stack.
|
||
|
This will compile the application for the currently checked out code but will not leave build tools or source in the container.
|
||
|
Therefore file changes will result in needing a rebuild.
|