-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2944663
commit 963b521
Showing
12 changed files
with
585 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
|
||
# dockerfile for running the .NET application using Oracle Linux 8 image | ||
FROM container-registry.oracle.com/os/oraclelinux:8 | ||
|
||
# install asp.net core runtime and its dependencies | ||
RUN dnf install -y aspnetcore-runtime-6.0 && \ | ||
rm -rf /var/cache/dnf | ||
|
||
# create a user so to avoid deploying the application in root directory | ||
RUN useradd -U -d /home/appuser appuser && \ | ||
mkdir /opt/dotnetapp && \ | ||
mkdir /opt/dotnetapp/apm && \ | ||
chown appuser:appuser /opt/dotnetapp /opt/dotnetapp/apm | ||
|
||
# switch the user and create a working directory | ||
USER appuser | ||
WORKDIR /opt/dotnetapp | ||
|
||
# copy application, certificate and wallet folder to working directory | ||
COPY --chown=appuser:appuser servercert.pfx /https/servercert.pfx | ||
COPY --chown=appuser:appuser /dotnetapp . | ||
COPY --chown=appuser:appuser wallet ./wallet | ||
|
||
# set environment variables for running the application on HTTPS port | ||
ENV DOTNET_RUNNING_IN_CONTAINER=true | ||
ENV ASPNETCORE_URLS="https://+:${exposed_port}" | ||
ENV ASPNETCORE_Kestrel__Certificates__Default__Password=${keystore_password} | ||
ENV ASPNETCORE_Kestrel__Certificates__Default__Path=/https/servercert.pfx | ||
|
||
# copy apm installer files to working directory | ||
COPY --chown=appuser:appuser /apm ./apm | ||
|
||
# set environment variables for apm | ||
ENV COR_ENABLE_PROFILING=1 | ||
ENV COR_PROFILER="{918728DD-259F-4A6A-AC2B-B85E1B658318}" | ||
ENV COR_PROFILER_PATH_64=/opt/dotnetapp/apm/tracer-home/win-x64/OpenTelemetry.AutoInstrumentation.Native.dll | ||
ENV COR_PROFILER_PATH_32=/opt/dotnetapp/apm/tracer-home/win-x86/OpenTelemetry.AutoInstrumentation.Native.dll | ||
ENV CORECLR_ENABLE_PROFILING=1 | ||
ENV CORECLR_PROFILER="{918728DD-259F-4A6A-AC2B-B85E1B658318}" | ||
ENV CORECLR_PROFILER_PATH_64=/opt/dotnetapp/apm/tracer-home/win-x64/OpenTelemetry.AutoInstrumentation.Native.dll | ||
ENV CORECLR_PROFILER_PATH_32=/opt/dotnetapp/apm/tracer-home/win-x86/OpenTelemetry.AutoInstrumentation.Native.dll | ||
ENV DOTNET_ADDITIONAL_DEPS=/opt/dotnetapp/apm/tracer-home/AdditionalDeps | ||
ENV DOTNET_SHARED_STORE=/opt/dotnetapp/apm/tracer-home/store | ||
ENV DOTNET_STARTUP_HOOKS=/opt/dotnetapp/apm/tracer-home/net/OpenTelemetry.AutoInstrumentation.StartupHook.dll | ||
ENV OTEL_DOTNET_AUTO_HOME=/apm/tracer-home | ||
ENV OTEL_DOTNET_AUTO_INTEGRATIONS_FILE=/opt/dotnetapp/apm/tracer-home/integrations.json | ||
ENV OTEL_DOTNET_AUTO_TRACES_ADDITIONAL_SOURCES="OpenTelemetry.ODP" | ||
ENV OTEL_SERVICE_NAME="${application_name}" | ||
ENV OTEL_LOGS_EXPORTER="none" | ||
ENV OTEL_DOTNET_AUTO_EXCLUDE_PROCESSES="dotnet.exe,dotnet" | ||
ENV OTEL_EXPORTER_OTLP_ENDPOINT="${endpoint}/20200101/opentelemetry" | ||
ENV OTEL_EXPORTER_OTLP_HEADERS="Authorization=dataKey ${private_data_key}" | ||
ENV ENABLE_BACKGROUND_ODP=true | ||
ENV ENABLE_CONNECTION_ODP=true | ||
|
||
EXPOSE ${exposed_port} | ||
|
||
# set the entrypoint of the container to run the application | ||
ENTRYPOINT ["dotnet", "${dll_name}" ${program_arguments}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
# This workflow will build and push a .Net application to OCI based on an artifact | ||
version: 0.1 | ||
component: build | ||
timeoutInSeconds: 10000 | ||
shell: bash | ||
env: | ||
vaultVariables: | ||
OCI_TOKEN : "${oci_token}" | ||
DB_USER_PASSWORD : "${db_user_password}" | ||
WALLET_PASSWORD : "${wallet_password}" | ||
inputArtifacts: | ||
- name: dotnetapp | ||
type: GENERIC_ARTIFACT | ||
artifactId: $${artifactId} | ||
registryId: ${registryId} | ||
path: ${artifact_path} | ||
version: $${artifact_version} | ||
location: $${OCI_WORKSPACE_DIR}/${config_repo_name}/${fileName} | ||
steps: | ||
- type: Command | ||
name: Unzip wallet | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
unzip wallet.zip -d wallet | ||
- type: Command | ||
name: Download oraclepki and add username and password to wallet | ||
timeoutInSeconds: 300 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
curl -o oraclepki.jar "https://repo1.maven.org/maven2/com/oracle/database/security/oraclepki/23.2.0.0/oraclepki-23.2.0.0.jar" -L | ||
echo -e '#/bin/sh\njava -cp oraclepki.jar oracle.security.pki.OracleSecretStoreTextUI -wrl wallet -createCredential "${db_connection_url}" "${db_username}" "'$${DB_USER_PASSWORD}'" <<EOF\n'$${WALLET_PASSWORD}'\nEOF' >> add-credential-wallet.sh | ||
sh add-credential-wallet.sh | ||
- type: Command | ||
name: Unzip dotnet app | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
unzip ${fileName} | ||
cp -r ${artifact_location} dotnetapp | ||
- type: Command | ||
name: Get dotnet apm agent | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
curl -o apm-dotnet-agent-installer-0.6.0.136.zip -L https://objectstorage.us-phoenix-1.oraclecloud.com/p/Q9f_7e-AG4Gwl0rI7ILNFzKmtI0-zIjNu8lWFcf5Gh5o53vGnNVuEc8hnWG5_WZw/n/oracleonpremjava/b/bucket-apm-installer/o/apm-dotnet-agent-installerapm-dotnet-agent-installer-0.6.0.136.zip | ||
unzip apm-dotnet-agent-installer-0.6.0.136.zip -d apm | ||
- type: Command | ||
name: Build Docker image | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
docker build . --file Dockerfile --tag ${image_remote_tag}:${image_tag}-$${artifact_version} --tag ${image_latest_tag} | ||
- type: Command | ||
name: Login to repo | ||
timeoutInSeconds: 900 | ||
failImmediatelyOnError: true | ||
command: | | ||
echo $${OCI_TOKEN} | docker login ${container_registry_repo} --username ${login} --password-stdin | ||
- type: Command | ||
name: Push image | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
docker push ${image_remote_tag} --all-tags |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
# This workflow will build and push a .Net application to OCI when a commit is | ||
# pushed to your default branch. | ||
version: 0.1 | ||
component: build | ||
timeoutInSeconds: 3600 | ||
shell: bash | ||
env: | ||
variables: | ||
JAVA_HOME : "/usr/java/latest" | ||
vaultVariables: | ||
OCI_TOKEN : "${oci_token}" | ||
DB_USER_PASSWORD : "${db_user_password}" | ||
WALLET_PASSWORD : "${wallet_password}" | ||
steps: | ||
- type: Command | ||
name: Install DotNet SDK | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
rpm -Uvh https://packages.microsoft.com/config/centos/7/packages-microsoft-prod.rpm | ||
yum install -y dotnet-sdk-6.0 | ||
onFailure: | ||
- type: Command | ||
command: | | ||
echo $JAVA_HOME | ||
timeoutInSeconds: 400 | ||
- type: Command | ||
name: Build application | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${repo_name} | ||
${build_command} | ||
onFailure: | ||
- type: Command | ||
command: | | ||
pwd | ||
timeoutInSeconds: 400 | ||
- type: Command | ||
name: Create config files | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
unzip wallet.zip -d wallet | ||
- type: Command | ||
name: Download oraclepki and add username and password to wallet | ||
timeoutInSeconds: 300 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
curl -o oraclepki.jar "https://repo1.maven.org/maven2/com/oracle/database/security/oraclepki/23.2.0.0/oraclepki-23.2.0.0.jar" -L | ||
echo -e '#/bin/sh\njava -cp oraclepki.jar oracle.security.pki.OracleSecretStoreTextUI -wrl wallet -createCredential "${db_connection_url}" "${db_username}" "'$${DB_USER_PASSWORD}'" <<EOF\n'$${WALLET_PASSWORD}'\nEOF' >> add-credential-wallet.sh | ||
sh add-credential-wallet.sh | ||
- type: Command | ||
name: Copy DotNet App | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
cp -r $${OCI_WORKSPACE_DIR}/${repo_name}/${artifact_location} dotnetapp | ||
- type: Command | ||
name: Get dotnet apm agent | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
curl -o apm-dotnet-agent-installer-0.6.0.136.zip -L https://objectstorage.us-phoenix-1.oraclecloud.com/p/Q9f_7e-AG4Gwl0rI7ILNFzKmtI0-zIjNu8lWFcf5Gh5o53vGnNVuEc8hnWG5_WZw/n/oracleonpremjava/b/bucket-apm-installer/o/apm-dotnet-agent-installerapm-dotnet-agent-installer-0.6.0.136.zip | ||
unzip apm-dotnet-agent-installer-0.6.0.136.zip -d apm | ||
- type: Command | ||
name: Build Docker image | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
cd $${OCI_WORKSPACE_DIR}/${repo_name} | ||
export commit=$(git rev-list --all --max-count=1 --abbrev-commit) | ||
cd $${OCI_WORKSPACE_DIR}/${config_repo_name} | ||
docker build . --file Dockerfile --tag ${image_remote_tag}:${image_tag}-$commit --tag ${image_latest_tag} | ||
- type: Command | ||
name: Login to repo | ||
timeoutInSeconds: 900 | ||
failImmediatelyOnError: true | ||
command: | | ||
echo $${OCI_TOKEN} | docker login ${container_registry_repo} --username ${login} --password-stdin | ||
- type: Command | ||
name: Push image | ||
timeoutInSeconds: 600 | ||
failImmediatelyOnError: true | ||
command: | | ||
docker push ${image_remote_tag} --all-tags |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
|
||
resource "null_resource" "language_specific_files" { | ||
|
||
depends_on = [ | ||
null_resource.create_config_repo | ||
] | ||
|
||
# copy certificate | ||
provisioner "local-exec" { | ||
command = "cp server.p12 ./${local.config_repo_name}/servercert.pfx" | ||
on_failure = fail | ||
working_dir = "${path.module}" | ||
} | ||
|
||
# add certificate to git | ||
provisioner "local-exec" { | ||
command = "git add ./servercert.pfx" | ||
on_failure = fail | ||
working_dir = "${path.module}/${local.config_repo_name}" | ||
} | ||
count = (local.use-image ? 0 : 1) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
|
||
# dockerfile used to create image | ||
data "template_file" "dockerfile" { | ||
template = file("${path.module}/Dockerfile-dotnet.template") | ||
vars = { | ||
namespace = "${local.namespace}" | ||
bucket_name = "${local.bucket_name}" | ||
keystore_password = random_password.keystore_password.result | ||
application_name = var.application_name | ||
private_data_key = data.oci_apm_data_keys.private_key.data_keys[0].value | ||
endpoint = oci_apm_apm_domain.app_apm_domain.data_upload_endpoint | ||
program_arguments = (var.program_arguments != null && var.program_arguments != "" ? format(", \"%s\" ", replace(trimspace(var.program_arguments), " ", "\", \"")): "") | ||
exposed_port = var.exposed_port | ||
dll_name = local.dll_name | ||
} | ||
} | ||
|
||
# build spec file | ||
data "template_file" "oci_build_config" { | ||
depends_on = [ | ||
oci_vault_secret.auth_token_secret | ||
] | ||
template = "${(local.use-repository ? file("${path.module}/build-repo.yaml.template") : file("${path.module}/build-artifact.yaml.template"))}" | ||
vars = { | ||
image_remote_tag = "${local.image-remote-tag}" | ||
image_latest_tag = "${local.image-latest-tag}" | ||
image_tag = "${local.image-name}" | ||
container_registry_repo = "${local.container-registry-repo}" | ||
login = local.login_container | ||
build_command = var.build_command | ||
artifact_location = local.output_path | ||
artifact_path = (local.use-artifact ? data.oci_artifacts_generic_artifact.app_artifact[0].artifact_path : "") | ||
artifact_version = (local.use-artifact ? data.oci_artifacts_generic_artifact.app_artifact[0].version : "") | ||
oci_token = local.auth_token_secret | ||
repo_name = (local.use-repository ? data.oci_devops_repository.devops_repository[0].name : "") | ||
config_repo_name = local.config_repo_name | ||
artifactId = (local.use-artifact ? var.artifact_id : "") | ||
registryId = (local.use-artifact ? var.registry_id : "") | ||
fileName = "app.zip" | ||
db_username = local.username | ||
db_connection_url = local.escaped_connection_url | ||
db_user_password = oci_vault_secret.db_user_password.id | ||
wallet_password = oci_vault_secret.db_wallet_password.id | ||
} | ||
} | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
|
||
## .NET specific variables and locals | ||
locals { | ||
# Get output folder path and dll name | ||
output_path = "${dirname(var.artifact_location)}/" | ||
dll_name = basename(var.artifact_location) | ||
# path to the wallet | ||
wallet_path = "/opt/dotnetapp/wallet" | ||
|
||
driver_connection_url = ( | ||
var.use_existing_database | ||
? "${replace(data.oci_database_autonomous_database.autonomous_database.connection_strings[0].profiles[local.conn_url_index].value, "description= ", "description=")}" | ||
: "${replace(oci_database_autonomous_database.database[0].connection_strings[0].profiles[local.conn_url_index].value, "description= ", "description=")}" | ||
) | ||
# Connection URL environment variable | ||
connection_url_env = "ENV ${var.connection_url_env}=${local.escaped_connection_url}" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Copyright (c) 2023, Oracle and/or its affiliates. | ||
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. | ||
|
||
- use_connection_url_env | ||
- connection_url_env | ||
- use_tns_admin_env | ||
- tns_admin_env | ||
- use_username_env | ||
- username_env | ||
- use_password_env | ||
- password_env | ||
- title: "Other parameters" | ||
variables: | ||
- other_environment_variables | ||
- program_arguments | ||
- title: "Application configuration - SSL communication between backends and load balancer" | ||
variables: | ||
- cert_pem | ||
- private_key_pem | ||
- ca_pem |
Oops, something went wrong.