hdonnay/claircore-quay.sh

## claircore-quay.sh
#!/bin/sh
set -e
: ${pod:=quay-all}
: ${GO_VERSION:=1.13.5}
: ${CONFIG_APP_PASSWORD:=test}
dir="$(mktemp -d)"
envfile="${dir}/env"
cat > "${envfile}" <<.
CONNECTION_STRING=host=localhost user=claircore dbname=claircore sslmode=disable
LOG_LEVEL=debug
SCAN_LOCK_RETRY=1
LAYER_SCAN_CONCURRENCY=10
.
cat >&2 <<.
Using the prefix "${pod}" for any volumes created.
These are kept between runs, and can be cleaned up later with:
	podman volume ls |
		awk '\$2~/${pod}/{print \$2}' |
		xargs podman volume rm
.
go mod vendor
podid="$(podman pod create \
	--publish 8080 --publish 9081 --publish 9080 --publish 8443
)"
trap 'rm -rf "$dir"
echo stopping and cleaning up pod >&2
podman pod stop -t 10 "$podid" >/dev/null
podman pod rm "$podid" >/dev/null
' EXIT

if ! podman volume inspect "${pod}-database-data" >/dev/null 2>&1; then
	echo postgres volume: "$(podman volume create --label app=postgres "${pod}-database-data")"
	need_db_init=1
fi
db="$(podman create --pod "${podid}" --name postgres \
	--env POSTGRES_INITDB_ARGS="--no-sync" \
	--health-cmd "pg_isready -U postgres -d postgres" \
	--volume "${pod}-database-data:/var/lib/postgresql/data" \
	docker.io/library/postgres:11)"
echo postgres: "$db"

podman volume inspect "${pod}-redis-data" >/dev/null 2>&1 ||
	echo redis volume: "$(podman volume create --label app=redis "${pod}-redis-data")"
echo redis: "$(podman create --pod "${podid}" --name redis \
	--volume "${pod}-redis-data:/data" \
	docker.io/library/redis:alpine)"

timeout 30s podman pod start "${podid}" >/dev/null
until podman healthcheck run "${db}" >/dev/null 2>&1; do sleep 2; done

test -n "$need_db_init" && podman exec -i --user postgres "${db}" psql -f - <<'.'
\set ECHO all
\set ON_ERROR_STOP on
CREATE ROLE claircore WITH LOGIN PASSWORD 'claircore';
CREATE DATABASE claircore WITH OWNER claircore;
CREATE ROLE quay WITH LOGIN PASSWORD 'quay';
CREATE DATABASE quay WITH OWNER quay;
\c quay
CREATE EXTENSION IF NOT EXISTS pg_trgm;
.


if ! podman volume inspect "${pod}-quay-config" >/dev/null 2>&1; then
	echo config volume: "$(podman volume create --label app=quay "${pod}-quay-config")"

	cfgapp="$(podman run -d --pod "${podid}" \
		quay.io/projectquay/quay:lando config "${CONFIG_APP_PASSWORD}"
	)"
	cat >&2 <<.
Use the config app at https://localhost:8443

When done, copy the config.yaml file into $dir
	% tar -xzC $dir config.yaml < ~/Downloads/quay-config.tar.gz

Then press enter:
.
	read _discard

	podman stop -t 10 "$cfgapp" >/dev/null && podman rm -v "$cfgapp" >/dev/null
	podman run --pod "${podid}" --rm -i \
		--volume "${pod}-quay-config":/conf \
		docker.io/library/busybox tee /conf/config.yaml >/dev/null < "${dir}/config.yaml"
else
	cat >&2 <<.
${pod}-quay-config volume exists, skipping running config app
.
fi

podman volume inspect "${pod}-quay-storage" >/dev/null 2>&1 ||
	echo storage volume: "$(podman volume create --label app=quay "${pod}-quay-storage")"
echo quay: "$(podman create --pod "${podid}" --name quay \
	--volume "${pod}-quay-config":/conf/stack \
	--volume "${pod}-quay-storage":/datastorage \
	quay.io/projectquay/quay:lando)"

for i in libindexhttp:9080 libvulnhttp:9081; do
	n="$(echo $i | cut -d : -f 1)"
	p="$(echo $i | cut -d : -f 2)"
	echo "${n}:" "$(podman create --pod "${podid}" --name "$n" \
		--env-file "${envfile}" \
		--env HTTP_LISTEN_ADDR="0.0.0.0:${p}" \
		--expose "${p}" \
		--volume "$(git rev-parse --show-toplevel)/:/src/claircore/:z" \
		--workdir "/src/claircore/cmd/${n}" \
		"quay.io/claircore/golang:${GO_VERSION}" \
		go run -mod vendor .)"
done

podman pod start "$podid" >/dev/null

cat >&2 <<.
Everything should be up shortly: http://localhost:8080/

Hit enter to stop everything and spin down.
.
read _discard
	#!/bin/sh
	set -e
	: ${pod:=quay-all}
	: ${GO_VERSION:=1.13.5}
	: ${CONFIG_APP_PASSWORD:=test}
	dir="$(mktemp -d)"
	envfile="${dir}/env"
	cat > "${envfile}" <<.
	CONNECTION_STRING=host=localhost user=claircore dbname=claircore sslmode=disable
	LOG_LEVEL=debug
	SCAN_LOCK_RETRY=1
	LAYER_SCAN_CONCURRENCY=10
	.
	cat >&2 <<.
	Using the prefix "${pod}" for any volumes created.
	These are kept between runs, and can be cleaned up later with:
	podman volume ls \|
	awk '\$2~/${pod}/{print \$2}' \|
	xargs podman volume rm
	.
	go mod vendor
	podid="$(podman pod create \
	--publish 8080 --publish 9081 --publish 9080 --publish 8443
	)"
	trap 'rm -rf "$dir"
	echo stopping and cleaning up pod >&2
	podman pod stop -t 10 "$podid" >/dev/null
	podman pod rm "$podid" >/dev/null
	' EXIT

	if ! podman volume inspect "${pod}-database-data" >/dev/null 2>&1; then
	echo postgres volume: "$(podman volume create --label app=postgres "${pod}-database-data")"
	need_db_init=1
	fi
	db="$(podman create --pod "${podid}" --name postgres \
	--env POSTGRES_INITDB_ARGS="--no-sync" \
	--health-cmd "pg_isready -U postgres -d postgres" \
	--volume "${pod}-database-data:/var/lib/postgresql/data" \
	docker.io/library/postgres:11)"
	echo postgres: "$db"

	podman volume inspect "${pod}-redis-data" >/dev/null 2>&1 \|\|
	echo redis volume: "$(podman volume create --label app=redis "${pod}-redis-data")"
	echo redis: "$(podman create --pod "${podid}" --name redis \
	--volume "${pod}-redis-data:/data" \
	docker.io/library/redis:alpine)"

	timeout 30s podman pod start "${podid}" >/dev/null
	until podman healthcheck run "${db}" >/dev/null 2>&1; do sleep 2; done

	test -n "$need_db_init" && podman exec -i --user postgres "${db}" psql -f - <<'.'
	\set ECHO all
	\set ON_ERROR_STOP on
	CREATE ROLE claircore WITH LOGIN PASSWORD 'claircore';
	CREATE DATABASE claircore WITH OWNER claircore;
	CREATE ROLE quay WITH LOGIN PASSWORD 'quay';
	CREATE DATABASE quay WITH OWNER quay;
	\c quay
	CREATE EXTENSION IF NOT EXISTS pg_trgm;
	.


	if ! podman volume inspect "${pod}-quay-config" >/dev/null 2>&1; then
	echo config volume: "$(podman volume create --label app=quay "${pod}-quay-config")"

	cfgapp="$(podman run -d --pod "${podid}" \
	quay.io/projectquay/quay:lando config "${CONFIG_APP_PASSWORD}"
	)"
	cat >&2 <<.
	Use the config app at https://localhost:8443

	When done, copy the config.yaml file into $dir
	% tar -xzC $dir config.yaml < ~/Downloads/quay-config.tar.gz

	Then press enter:
	.
	read _discard

	podman stop -t 10 "$cfgapp" >/dev/null && podman rm -v "$cfgapp" >/dev/null
	podman run --pod "${podid}" --rm -i \
	--volume "${pod}-quay-config":/conf \
	docker.io/library/busybox tee /conf/config.yaml >/dev/null < "${dir}/config.yaml"
	else
	cat >&2 <<.
	${pod}-quay-config volume exists, skipping running config app
	.
	fi

	podman volume inspect "${pod}-quay-storage" >/dev/null 2>&1 \|\|
	echo storage volume: "$(podman volume create --label app=quay "${pod}-quay-storage")"
	echo quay: "$(podman create --pod "${podid}" --name quay \
	--volume "${pod}-quay-config":/conf/stack \
	--volume "${pod}-quay-storage":/datastorage \
	quay.io/projectquay/quay:lando)"

	for i in libindexhttp:9080 libvulnhttp:9081; do
	n="$(echo $i \| cut -d : -f 1)"
	p="$(echo $i \| cut -d : -f 2)"
	echo "${n}:" "$(podman create --pod "${podid}" --name "$n" \
	--env-file "${envfile}" \
	--env HTTP_LISTEN_ADDR="0.0.0.0:${p}" \
	--expose "${p}" \
	--volume "$(git rev-parse --show-toplevel)/:/src/claircore/:z" \
	--workdir "/src/claircore/cmd/${n}" \
	"quay.io/claircore/golang:${GO_VERSION}" \
	go run -mod vendor .)"
	done

	podman pod start "$podid" >/dev/null

	cat >&2 <<.
	Everything should be up shortly: http://localhost:8080/

	Hit enter to stop everything and spin down.
	.
	read _discard