From 94a90140691efd570405c3650e5bcae710252945 Mon Sep 17 00:00:00 2001 From: Abhishek Choudhary Date: Wed, 27 Sep 2023 16:10:23 +0545 Subject: [PATCH 1/4] fix(ci): docker image scanning (#509) --- .github/workflows/apisix_dev_push_docker_hub.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/apisix_dev_push_docker_hub.yaml b/.github/workflows/apisix_dev_push_docker_hub.yaml index 08a9c572..10f86f1f 100644 --- a/.github/workflows/apisix_dev_push_docker_hub.yaml +++ b/.github/workflows/apisix_dev_push_docker_hub.yaml @@ -70,5 +70,6 @@ jobs: - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master with: - image-ref: 'apache/apisix:${{ APISIX_DOCKER_TAG }}' + image-ref: 'apache/apisix:${{ env.APISIX_DOCKER_TAG }}' severity: 'CRITICAL,HIGH' + exit-code: 1 From d0cc61ae6cdfc3c63dfddbad4a29d665e33dbffc Mon Sep 17 00:00:00 2001 From: Sn0rt Date: Thu, 28 Sep 2023 10:35:44 +0800 Subject: [PATCH 2/4] docs: update README.md (#486) Signed-off-by: Sn0rt --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 42903994..2a8284f4 100644 --- a/README.md +++ b/README.md @@ -155,7 +155,7 @@ The response indicates that apisix is running successfully: If you want to modify the default configuration of APISIX, you can use the following command to enter the APISIX container and modify the configuration file `./conf/config.yaml`, which will take effect after reloading APISIX. For details, please refer to `./conf/config-default.yaml`. -``` +```shell docker exec -it apache-apisix bash ``` @@ -165,7 +165,7 @@ For more information, you can refer to the [APISIX Website](https://apisix.apach If you change your custom configuration, you can reload APISIX (without downtime) by issuing. -``` +```shell docker exec -it apache-apisix apisix reload ``` This will run the `apisix reload` command in your container. From bd073cfe9eead85cb12b8fa54d40304b3d097db9 Mon Sep 17 00:00:00 2001 From: Abhishek Choudhary Date: Thu, 28 Sep 2023 08:27:47 +0545 Subject: [PATCH 3/4] chore: remove etcdctl (#505) --- all-in-one/apisix-dashboard/Dockerfile | 1 - all-in-one/apisix/Dockerfile | 3 ++- centos/Dockerfile | 3 ++- dashboard/Dockerfile.alpine | 3 ++- dashboard/Dockerfile.centos | 3 ++- debian/Dockerfile | 1 + redhat/Dockerfile | 3 ++- 7 files changed, 11 insertions(+), 6 deletions(-) diff --git a/all-in-one/apisix-dashboard/Dockerfile b/all-in-one/apisix-dashboard/Dockerfile index a25a359b..c8badcbc 100644 --- a/all-in-one/apisix-dashboard/Dockerfile +++ b/all-in-one/apisix-dashboard/Dockerfile @@ -53,7 +53,6 @@ RUN set -x \ && mv /usr/local/apisix/deps/share/lua/5.1/apisix /usr/local/apisix \ && apk del .builddeps build-base make unzip - # Build etcd FROM alpine:3.13 AS etcd-stage diff --git a/all-in-one/apisix/Dockerfile b/all-in-one/apisix/Dockerfile index db0e2be2..5de9d0d7 100644 --- a/all-in-one/apisix/Dockerfile +++ b/all-in-one/apisix/Dockerfile @@ -31,7 +31,8 @@ USER root RUN wget https://github.com/etcd-io/etcd/releases/download/${ETCD_VERSION}/etcd-${ETCD_VERSION}-linux-amd64.tar.gz \ && tar -zxvf etcd-${ETCD_VERSION}-linux-amd64.tar.gz \ - && mv etcd-${ETCD_VERSION}-linux-amd64/* /usr/bin/ + && mv etcd-${ETCD_VERSION}-linux-amd64/* /usr/bin/ \ + && rm /usr/local/openresty/bin/etcdctl WORKDIR /usr/local/apisix diff --git a/centos/Dockerfile b/centos/Dockerfile index 3d5c616f..e8784247 100644 --- a/centos/Dockerfile +++ b/centos/Dockerfile @@ -31,7 +31,8 @@ ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/ # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /usr/local/apisix/logs/access.log \ - && ln -sf /dev/stderr /usr/local/apisix/logs/error.log + && ln -sf /dev/stderr /usr/local/apisix/logs/error.log \ + && rm /usr/local/openresty/bin/etcdctl EXPOSE 9080 9443 diff --git a/dashboard/Dockerfile.alpine b/dashboard/Dockerfile.alpine index b04d1ba3..2a220559 100644 --- a/dashboard/Dockerfile.alpine +++ b/dashboard/Dockerfile.alpine @@ -24,7 +24,8 @@ RUN set -x \ && apk add --no-cache --virtual .builddeps git \ && git clone https://github.com/apache/apisix-dashboard.git -b ${APISIX_DASHBOARD_TAG} /usr/local/apisix-dashboard \ && cd /usr/local/apisix-dashboard && git clean -Xdf \ - && rm -f ./.githash && git log --pretty=format:"%h" -1 > ./.githash + && rm -f ./.githash && git log --pretty=format:"%h" -1 > ./.githash \ + && rm /usr/local/openresty/bin/etcdctl FROM --platform=$BUILDPLATFORM golang:1.19 as api-builder diff --git a/dashboard/Dockerfile.centos b/dashboard/Dockerfile.centos index 24d14635..a3710ef2 100644 --- a/dashboard/Dockerfile.centos +++ b/dashboard/Dockerfile.centos @@ -24,7 +24,8 @@ RUN set -x \ && apk add --no-cache --virtual .builddeps git \ && git clone https://github.com/apache/apisix-dashboard.git -b ${APISIX_DASHBOARD_TAG} /usr/local/apisix-dashboard \ && cd /usr/local/apisix-dashboard && git clean -Xdf \ - && rm -f ./.githash && git log --pretty=format:"%h" -1 > ./.githash + && rm -f ./.githash && git log --pretty=format:"%h" -1 > ./.githash \ + && rm /usr/local/openresty/bin/etcdctl FROM --platform=$BUILDPLATFORM golang:1.19 as api-builder diff --git a/debian/Dockerfile b/debian/Dockerfile index 67b7c061..21397de2 100644 --- a/debian/Dockerfile +++ b/debian/Dockerfile @@ -41,6 +41,7 @@ RUN set -ex; \ && apt install -y apisix=${APISIX_VERSION}-0 \ && apt-get purge -y --auto-remove \ && rm -f /etc/apt/sources.list.d/openresty.list /etc/apt/sources.list.d/apisix.list \ + && rm /usr/local/openresty/bin/etcdctl \ && openresty -V \ && apisix version diff --git a/redhat/Dockerfile b/redhat/Dockerfile index a8b5c79d..8645ca40 100644 --- a/redhat/Dockerfile +++ b/redhat/Dockerfile @@ -33,7 +33,8 @@ ENV PATH=$PATH:/usr/local/openresty/luajit/bin:/usr/local/openresty/nginx/sbin:/ # forward request and error logs to docker log collector RUN ln -sf /dev/stdout /usr/local/apisix/logs/access.log \ - && ln -sf /dev/stderr /usr/local/apisix/logs/error.log + && ln -sf /dev/stderr /usr/local/apisix/logs/error.log \ + && rm /usr/local/openresty/bin/etcdctl EXPOSE 9080 9443 From e0ac41ca7d83b3632bfd42cc697e3fd6eec40903 Mon Sep 17 00:00:00 2001 From: kamly <121368588@qq.com> Date: Thu, 28 Sep 2023 13:43:52 +0800 Subject: [PATCH 4/4] fix: use sed replace yq (#508) --- .../workflows/apisix-docker-example-test-standalone.yaml | 2 +- centos/docker-entrypoint.sh | 9 ++++----- debian-dev/docker-entrypoint.sh | 9 ++++----- debian/docker-entrypoint.sh | 9 ++++----- redhat/docker-entrypoint.sh | 9 ++++----- 5 files changed, 17 insertions(+), 21 deletions(-) diff --git a/.github/workflows/apisix-docker-example-test-standalone.yaml b/.github/workflows/apisix-docker-example-test-standalone.yaml index 78b0ea7c..f9823c93 100644 --- a/.github/workflows/apisix-docker-example-test-standalone.yaml +++ b/.github/workflows/apisix-docker-example-test-standalone.yaml @@ -60,7 +60,7 @@ jobs: - name: Test APISIX run: | - sleep 50 #startup time maybe a little longer as the yq binary is downloaded for use at runtime + sleep 30 result_code=`curl -I -m 10 -o /dev/null -s -w %{http_code} http://127.0.0.1:9080/get` if [[ $result_code -ne 200 ]];then diff --git a/centos/docker-entrypoint.sh b/centos/docker-entrypoint.sh index cf5bd32b..93565ef6 100755 --- a/centos/docker-entrypoint.sh +++ b/centos/docker-entrypoint.sh @@ -31,11 +31,10 @@ deployment: config_provider: yaml _EOC_ else - wget -qO /usr/local/apisix/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 \ - && chmod a+x /usr/local/apisix/yq - /usr/local/apisix/yq -i '.deployment.role = "data_plane"' ${PREFIX}/conf/config.yaml - /usr/local/apisix/yq -i '.deployment.role_data_plane.config_provider = "yaml"' ${PREFIX}/conf/config.yaml - rm /usr/local/apisix/yq + # updating config.yaml for standalone mode + sed -i 's/role: traditional/role: data_plane/' ${PREFIX}/conf/config.yaml + sed -i 's/role_traditional:/role_data_plane:/' ${PREFIX}/conf/config.yaml + sed -i 's/config_provider: etcd/config_provider: yaml/' ${PREFIX}/conf/config.yaml fi if [ ! -f "${PREFIX}/conf/apisix.yaml" ]; then diff --git a/debian-dev/docker-entrypoint.sh b/debian-dev/docker-entrypoint.sh index 70ae4487..b9d54c44 100755 --- a/debian-dev/docker-entrypoint.sh +++ b/debian-dev/docker-entrypoint.sh @@ -31,11 +31,10 @@ deployment: config_provider: yaml _EOC_ else - wget -qO /usr/local/apisix/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 \ - && chmod a+x /usr/local/apisix/yq - /usr/local/apisix/yq -i '.deployment.role = "data_plane"' ${PREFIX}/conf/config.yaml - /usr/local/apisix/yq -i '.deployment.role_data_plane.config_provider = "yaml"' ${PREFIX}/conf/config.yaml - rm /usr/local/apisix/yq + # updating config.yaml for standalone mode + sed -i 's/role: traditional/role: data_plane/' ${PREFIX}/conf/config.yaml + sed -i 's/role_traditional:/role_data_plane:/' ${PREFIX}/conf/config.yaml + sed -i 's/config_provider: etcd/config_provider: yaml/' ${PREFIX}/conf/config.yaml fi if [ ! -f "${PREFIX}/conf/apisix.yaml" ]; then diff --git a/debian/docker-entrypoint.sh b/debian/docker-entrypoint.sh index cf5bd32b..93565ef6 100755 --- a/debian/docker-entrypoint.sh +++ b/debian/docker-entrypoint.sh @@ -31,11 +31,10 @@ deployment: config_provider: yaml _EOC_ else - wget -qO /usr/local/apisix/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 \ - && chmod a+x /usr/local/apisix/yq - /usr/local/apisix/yq -i '.deployment.role = "data_plane"' ${PREFIX}/conf/config.yaml - /usr/local/apisix/yq -i '.deployment.role_data_plane.config_provider = "yaml"' ${PREFIX}/conf/config.yaml - rm /usr/local/apisix/yq + # updating config.yaml for standalone mode + sed -i 's/role: traditional/role: data_plane/' ${PREFIX}/conf/config.yaml + sed -i 's/role_traditional:/role_data_plane:/' ${PREFIX}/conf/config.yaml + sed -i 's/config_provider: etcd/config_provider: yaml/' ${PREFIX}/conf/config.yaml fi if [ ! -f "${PREFIX}/conf/apisix.yaml" ]; then diff --git a/redhat/docker-entrypoint.sh b/redhat/docker-entrypoint.sh index cf5bd32b..93565ef6 100755 --- a/redhat/docker-entrypoint.sh +++ b/redhat/docker-entrypoint.sh @@ -31,11 +31,10 @@ deployment: config_provider: yaml _EOC_ else - wget -qO /usr/local/apisix/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 \ - && chmod a+x /usr/local/apisix/yq - /usr/local/apisix/yq -i '.deployment.role = "data_plane"' ${PREFIX}/conf/config.yaml - /usr/local/apisix/yq -i '.deployment.role_data_plane.config_provider = "yaml"' ${PREFIX}/conf/config.yaml - rm /usr/local/apisix/yq + # updating config.yaml for standalone mode + sed -i 's/role: traditional/role: data_plane/' ${PREFIX}/conf/config.yaml + sed -i 's/role_traditional:/role_data_plane:/' ${PREFIX}/conf/config.yaml + sed -i 's/config_provider: etcd/config_provider: yaml/' ${PREFIX}/conf/config.yaml fi if [ ! -f "${PREFIX}/conf/apisix.yaml" ]; then