{"id":20314614,"url":"https://github.com/release-engineering/koji-dojo","last_synced_at":"2025-04-11T17:20:45.672Z","repository":{"id":39499070,"uuid":"48203968","full_name":"release-engineering/koji-dojo","owner":"release-engineering","description":"Docker images for testing services that need to talk to Koji.","archived":false,"fork":false,"pushed_at":"2018-10-25T22:10:46.000Z","size":110,"stargazers_count":27,"open_issues_count":2,"forks_count":22,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-04-06T23:46:56.162Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/release-engineering.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-12-17T23:35:13.000Z","updated_at":"2025-01-16T15:45:49.000Z","dependencies_parsed_at":"2022-08-26T15:55:02.214Z","dependency_job_id":null,"html_url":"https://github.com/release-engineering/koji-dojo","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/release-engineering%2Fkoji-dojo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/release-engineering%2Fkoji-dojo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/release-engineering%2Fkoji-dojo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/release-engineering%2Fkoji-dojo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/release-engineering","download_url":"https://codeload.github.com/release-engineering/koji-dojo/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248447609,"owners_count":21105140,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-14T18:16:04.260Z","updated_at":"2025-04-11T17:20:45.643Z","avatar_url":"https://github.com/release-engineering.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Koji Dojo\n\nKoji dojo is a suite of Docker images that are designed to enable automated testing for applications that need to integrate with Koji.\n\n## Images\n\nCurrently, there are three images:\n\n* `hub/` - This is a simplistic build of the Koji hub service, configured to enable SSL authentication. It is based on the CentOS 7 Docker image\n* `client/` - This is a minimal CentOS 7 image that mounts volumes from the hub container and installs the Koji client RPM from it. It will also link and configure scripts for each of the users generated in the hub setup.\n* `builder/` - This is a simplistic build of the Koji builder service connected to hub. It is based on the CentOS 7 Docker image\n\n## Docker Maintenance Scripts\n\n* `build-all.sh` - Runs `docker build ...` for building the images in this repository\n* `*/docker-scripts/build.sh` - Runs `docker build ...` for just the given image (hub, client, etc.)\n* `*/docker-scripts/run.sh` - Starts any containers needed to support the given image, then starts a new container for the given image itself, monitoring system in/out. When you use CTL-C to escape the container, the supporting containers are stopped and removed as well.\n* `*/docker-scripts/start.sh` - Starts supporting container and a new container for the given image. Each container is started in daemon mode.\n* `*/docker-scripts/stop.sh` - Stops and removes the container for the given image and any supporting containers.\n\n## Docker Compose\n\n* Build all images: `docker-compose build`\n* Start all containers: `docker-compose up` (Use -d for detached mode)\n* Stop and remove all containers: `docker-compose down`\n\n* koji-hub's IP address must be added to local /etc/hosts such as:\n    `172.17.0.3   koji-hub`\n\n## Hub Image Notes\n\nWhen the hub initializes, it checks out Koji sources from Git, builds them, and installs the koji-hub* RPMs. The sources are cloned into `/opt/koji`, which is exposed as a Docker volume. This enables the `client` image to install the client RPM that was built in conjunction with the hub RPMs.\n\nThe Koji hub image generates three users on initialization:\n\n* kojiadmin\n* testadmin\n* testuser\n\nThe Koji hub image generates one host on initialization:\n\n* kojibuilder\n\nThe PKCS#12 SSL certificates for these each use the password 'mypassword'. The certificates, CA cert files, and a basic Koji configuration file is stored for each user under `/opt/koji-clients/\u003cuser\u003e`. Along with these, a basic JSON file is stored for each user that gives the URL and SSL file references in a way that's easy to use for non-Koji clients. The `/opt/koji-clients` directory is exposed as a volume in the Docker container, so it can be mounted in other containers via the `--volumes-from` Docker run option.\n\nUser accounts and source build aside, this hub image also exposes the `/opt/koji-clients` and `/var/log` directories via HTTP. This enables an application's tests to use simple HTTP to retrieve the generated SSL certificates, and to download the relevant log files for the webserver and Koji hub in case a test fails.\n\nYou can also use the hub container from your localhost by using a manual volume mount from the localhost directory structure into the hub container:\n\n```\ndocker run -d --name=koji=hub -v /opt/koji-clients:/opt/koji-clients docker.io/buildchimp/koji-hub\n```\n\nNow, if you have the Koji client RPM installed locally, you can start using the hub container by simply using one of the generated configs:\n\n```\nkoji -c /opt/koji-clients/testuser/config hello\n```\n\n```\nkoji -c /opt/koji-clients/testuser/config list-tags\n```\n\n\n## Client Image Notes\n\nThe client container mounts all exposed volumes from the hub. During initialization, it installs the Koji client RPM in `/opt/koji/noarch` (built by the hub during its own initialization), then uses the SSL configurations under `/opt/koji-clients` to generate `/root/.koji/config` with headings like `koji-testuser`. Next it symlinks `/usr/local/koji` to corresponding script names (eg. `koji-testuser`) under `/root/bin`.\n\nFinally, the client container sets up SSH host keys and starts the SSHd daemon. It prints the IP address and port for this SSHd instance to the docker log.\n\n## Web Browser Certificates\n\nCertificates for the various accounts created during hub container\ninitialization can be found at `/opt/koji-clients`.\n\nInstall the corresponding cert in your browser to enable logins.\nIn Chrome, for example, this can be done via UI or via the command line\nby using pk12util:\n\n`pk12util -d sql:$HOME/.pki/nssdb -i /opt/koji-clients/testuser/client_browser_cert.p12 -W mypassword`\n\n## Builder notes\n\nTo use builder please use builder/docker-scripts/build-all.sh to build hub image instead of hub/docker-scripts/build.sh (please see comments inside the script for explanation)\n\nTo start koji-db, koji-hub and koji-builder at once use builder/docker-scripts/run-all.sh\n\nTo start only koji-builder use builder/docker-scripts/run.sh\n\n\nExample of builder bootstrap:\n\n~~~~\n# build builder\n./builder/docker-scripts/build.sh\n\n# start builder (includes start of koji-db and koji-hub)\n# please note koji hub will be started using different options tham specified in ./hub/docker-scripts/run.sh\n# because additional volume /opt/koji-files is mapped to be shared with builder\n./builder/docker-scripts/run.sh\n\n# create alias for to allow use local koji installation\n# optionally you can use koji-client container\nalias kojitest=\"koji -c /opt/koji-clients/kojiadmin/config\"\n\n# verify koji is running\nkojitest hello\n\n# show cert info\npk12util -d sql:$HOME/.pki/nssdb -l /opt/koji-clients/kojiadmin/client_browser_cert.p12 -W mypassword\n# show certificates\ncertutil -d sql:$HOME/.pki/nssdb -L\n\n# delete\ncertutil -d sql:$HOME/.pki/nssdb -D -n \"kojiadmin - IT\"\ncertutil -d sql:$HOME/.pki/nssdb -D -n \"koji-hub - IT\"\n\n# import admin certificate\npk12util -d sql:$HOME/.pki/nssdb -i /opt/koji-clients/kojiadmin/client_browser_cert.p12 -W mypassword\n\n# https://chromium.googlesource.com/chromium/src/+/master/docs/linux_cert_management.md\n\n# open koji-hub in browser and login with certificate\n# hit CTRL+R to reload in case of deleting of existing certificate to login with new one\ngoogle-chrome https://172.17.0.3/koji/login \u0026\n\n# noarch because of maven repo for maven build\nkojitest add-tag destination-tag --maven-support --include-all --arches=\"noarch\"\n\n# arch x86_64 because of rpm repo used to create build environment\nkojitest add-tag build-tag --maven-support --include-all --arches=\"x86_64\"\n\n# create build target\nkojitest add-target build-target build-tag destination-tag\n\n# create build group \"maven-build\"\nkojitest add-group build-tag maven-build\n\n# populate the \"maven-build\" group with packages that will be installed into the build environment (buildroot)\nkojitest add-group-pkg build-tag maven-build bash coreutils git java-1.8.0-openjdk-devel maven3 shadow-utils\n\n# add external repo to download rpms into build environment (buildroot)\nkojitest add-external-repo -t build-tag buil-external-repo http://myorg.com/rpm-repo/\\$arch/\n# or\n# import packages ...\n\n\n# example of importing external archives\n# resolve imported dependency (all artifacts for given gav)\nmvn org.apache.maven.plugins:maven-dependency-plugin:2.7:get -DrepoUrl=http://central.maven.org/maven2/ -Dartifact=org.apache.maven.plugins:maven-enforcer-plugin:1.4:pom\nmvn org.apache.maven.plugins:maven-dependency-plugin:2.7:get -DrepoUrl=http://central.maven.org/maven2/ -Dartifact=org.apache.maven.plugins:maven-enforcer-plugin:1.4:jar\nmvn org.apache.maven.plugins:maven-dependency-plugin:2.7:get -DrepoUrl=http://central.maven.org/maven2/ -Dartifact=org.apache.maven.plugins:maven-enforcer-plugin:1.4:jar:javadoc\nmvn org.apache.maven.plugins:maven-dependency-plugin:2.7:get -DrepoUrl=http://central.maven.org/maven2/ -Dartifact=org.apache.maven.plugins:maven-enforcer-plugin:1.4:jar:sources\n\n# import maven artifacts of imported package\nkojitest import-archive --create-build --type maven --type-info ~/.m2/repository/org/apache/maven/plugins/maven-enforcer-plugin/1.4/maven-enforcer-plugin-1.4.pom org.apache.maven.plugins-maven-enforcer-plugin-1.4-1 ~/.m2/repository/org/apache/maven/plugins/maven-enforcer-plugin/1.4/maven-enforcer-plugin-1.4.jar ~/.m2/repository/org/apache/maven/plugins/maven-enforcer-plugin/1.4/maven-enforcer-plugin-1.4-javadoc.jar ~/.m2/repository/org/apache/maven/plugins/maven-enforcer-plugin/1.4/maven-enforcer-plugin-1.4.pom ~/.m2/repository/org/apache/maven/plugins/maven-enforcer-plugin/1.4/maven-enforcer-plugin-1.4-sources.jar\n\n# add package\nkojitest add-pkg --owner kojiadmin build-tag org.apache.maven.plugins-maven-enforcer-plugin\n\n# tag package build\nkojitest tag-pkg build-tag org.apache.maven.plugins-maven-enforcer-plugin-1.4-1\n\n\n# make sure followin list is not empty othewise maven repo is not generated\nkojitest list-tagged --inherit build-tag\n\n# repo regen\nkojitest regen-repo build-tag\n\n# verify maven repo was generated - maven repo root should be displayed\ngoogle-chrome https://172.17.0.3/kojifiles/repos/build-tag/latest/maven/ \u0026\n\n# add package\nkojitest add-pkg --owner=kojiadmin destination-tag myproject\n# submit maven build\nkojitest maven-build build-target https://www.github.com/myorg/myproject\n\n~~~~\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frelease-engineering%2Fkoji-dojo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frelease-engineering%2Fkoji-dojo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frelease-engineering%2Fkoji-dojo/lists"}