├── 6 ├── .exclude-c9s ├── .exclude-rhel9 ├── test ├── README.md ├── root │ └── usr │ │ ├── bin │ │ ├── container-entrypoint │ │ ├── usage │ │ └── run-redis │ │ ├── share │ │ └── container-scripts │ │ │ └── redis │ │ │ ├── base.conf.template │ │ │ ├── password.conf.template │ │ │ ├── scl_enable │ │ │ ├── post-init.sh │ │ │ ├── validate-variables.sh │ │ │ ├── helpers.sh │ │ │ ├── common.sh │ │ │ └── README.md │ │ └── libexec │ │ └── container-setup ├── Dockerfile.rhel9 ├── Dockerfile.c9s └── Dockerfile.rhel8 ├── 7 ├── .exclude-rhel8 ├── test ├── README.md ├── root │ └── usr │ │ ├── bin │ │ ├── container-entrypoint │ │ ├── usage │ │ └── run-redis │ │ ├── share │ │ └── container-scripts │ │ │ └── redis │ │ │ ├── base.conf.template │ │ │ ├── password.conf.template │ │ │ ├── post-init.sh │ │ │ ├── validate-variables.sh │ │ │ ├── helpers.sh │ │ │ ├── common.sh │ │ │ └── README.md │ │ └── libexec │ │ └── container-setup ├── Dockerfile.fedora ├── Dockerfile.rhel8 ├── Dockerfile.rhel9 └── Dockerfile.c9s ├── test ├── __init__.py ├── examples ├── imagestreams ├── test-lib.sh ├── test-openshift.yaml ├── check_imagestreams.py ├── test-lib-openshift.sh ├── show_all_imagestreams.py ├── test-lib-remote-openshift.sh ├── redis-ephemeral-template.json ├── run-openshift-pytest ├── test_redis_latest_imagestreams.py ├── run-pytest ├── conftest.py ├── test_redis_imagestream_template.py ├── run-openshift-remote-cluster ├── test_redis_imagestream.py ├── test_redis_shared_helm_imagestreams.py ├── test_redis_shared_helm_template.py ├── test_redis_local_template.py ├── test-lib-redis.sh ├── test_container_basics.py ├── test_container_application.py └── run ├── .gitignore ├── .github ├── auto-merge.yml ├── dependabot.yml └── workflows │ ├── container-tests.yml │ ├── pr-metadata.yml │ ├── auto-merge.yml │ ├── build-and-push.yml │ └── auto-merge-on-demand.yml ├── .gitmodules ├── Makefile ├── imagestreams ├── imagestreams.yaml ├── redis-centos.json ├── redis-rhel.json └── redis-rhel-aarch64.json ├── LICENSE ├── README.md └── examples ├── redis-ephemeral-template.json └── redis-persistent-template.json /6/.exclude-c9s: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /6/.exclude-rhel9: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /6/test: -------------------------------------------------------------------------------- 1 | ../test/ -------------------------------------------------------------------------------- /7/.exclude-rhel8: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /7/test: -------------------------------------------------------------------------------- 1 | ../test/ -------------------------------------------------------------------------------- /test/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/examples: -------------------------------------------------------------------------------- 1 | ../examples -------------------------------------------------------------------------------- /test/imagestreams: -------------------------------------------------------------------------------- 1 | ../imagestreams -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .*image-id* 2 | help.1 3 | -------------------------------------------------------------------------------- /test/test-lib.sh: -------------------------------------------------------------------------------- 1 | ../common/test-lib.sh -------------------------------------------------------------------------------- /.github/auto-merge.yml: -------------------------------------------------------------------------------- 1 | target-branch: [] 2 | -------------------------------------------------------------------------------- /test/test-openshift.yaml: -------------------------------------------------------------------------------- 1 | ../common/test-openshift.yaml -------------------------------------------------------------------------------- /test/check_imagestreams.py: -------------------------------------------------------------------------------- 1 | ../common/check_imagestreams.py -------------------------------------------------------------------------------- /test/test-lib-openshift.sh: -------------------------------------------------------------------------------- 1 | ../common/test-lib-openshift.sh -------------------------------------------------------------------------------- /6/README.md: -------------------------------------------------------------------------------- 1 | root/usr/share/container-scripts/redis/README.md -------------------------------------------------------------------------------- /7/README.md: -------------------------------------------------------------------------------- 1 | root/usr/share/container-scripts/redis/README.md -------------------------------------------------------------------------------- /test/show_all_imagestreams.py: -------------------------------------------------------------------------------- 1 | ../common/show_all_imagestreams.py -------------------------------------------------------------------------------- /6/root/usr/bin/container-entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | exec "$@" 3 | -------------------------------------------------------------------------------- /7/root/usr/bin/container-entrypoint: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | exec "$@" 3 | -------------------------------------------------------------------------------- /test/test-lib-remote-openshift.sh: -------------------------------------------------------------------------------- 1 | ../common/test-lib-remote-openshift.sh -------------------------------------------------------------------------------- /test/redis-ephemeral-template.json: -------------------------------------------------------------------------------- 1 | ../examples/redis-ephemeral-template.json -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/base.conf.template: -------------------------------------------------------------------------------- 1 | dir ${REDIS_DATADIR} 2 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/base.conf.template: -------------------------------------------------------------------------------- 1 | dir ${REDIS_DATADIR} 2 | -------------------------------------------------------------------------------- /6/root/usr/bin/usage: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat /usr/share/container-scripts/redis/README.md 4 | 5 | -------------------------------------------------------------------------------- /7/root/usr/bin/usage: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat /usr/share/container-scripts/redis/README.md 4 | 5 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "common"] 2 | path = common 3 | url = https://github.com/sclorg/container-common-scripts.git 4 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/password.conf.template: -------------------------------------------------------------------------------- 1 | # password for the server 2 | requirepass "${REDIS_PASSWORD}" 3 | 4 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/password.conf.template: -------------------------------------------------------------------------------- 1 | # password for the server 2 | requirepass "${REDIS_PASSWORD}" 3 | 4 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/scl_enable: -------------------------------------------------------------------------------- 1 | # This will make scl collection binaries work out of box. 2 | unset BASH_ENV PROMPT_COMMAND ENV 3 | source scl_source enable ${ENABLED_COLLECTIONS} 4 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | version: 2 4 | updates: 5 | - package-ecosystem: gitsubmodule 6 | directory: / 7 | schedule: 8 | interval: weekly 9 | labels: 10 | - 'ready for review' 11 | - package-ecosystem: github-actions 12 | directory: / 13 | schedule: 14 | interval: monthly 15 | labels: 16 | - 'ready for review' 17 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # Variables are documented in common/build.sh. 2 | BASE_IMAGE_NAME = redis 3 | VERSIONS = 6 7 4 | OPENSHIFT_NAMESPACES = 5 | 6 | # HACK: Ensure that 'git pull' for old clones doesn't cause confusion. 7 | # New clones should use '--recursive'. 8 | .PHONY: $(shell test -f common/common.mk || echo >&2 'Please do "git submodule update --init" first.') 9 | 10 | include common/common.mk 11 | -------------------------------------------------------------------------------- /test/run-openshift-pytest: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # IMAGE_NAME specifies a name of the candidate image used for testing. 4 | # The image has to be available before this script is executed. 5 | # VERSION specifies the major version of the MariaDB in format of X.Y 6 | # OS specifies RHEL version (e.g. OS=rhel9) 7 | # 8 | 9 | THISDIR=$(dirname ${BASH_SOURCE[0]}) 10 | 11 | git show -s 12 | 13 | cd "${THISDIR}" && python3.12 -m pytest -s -rA --showlocals -vv test_redis_*.py 14 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/post-init.sh: -------------------------------------------------------------------------------- 1 | # This file serves for extending the container image, typically by changing 2 | # the configuration, loading some data etc. 3 | 4 | # Feel free to add content to this file or rewrite it at all. 5 | # You may also start redis server locally to load some data for example, 6 | # but do not forget to stop it after it, so it can be restarted after it. 7 | 8 | source "${CONTAINER_SCRIPTS_PATH}/common.sh" 9 | set -eu 10 | 11 | setup_bind_address 12 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/post-init.sh: -------------------------------------------------------------------------------- 1 | # This file serves for extending the container image, typically by changing 2 | # the configuration, loading some data etc. 3 | 4 | # Feel free to add content to this file or rewrite it at all. 5 | # You may also start redis server locally to load some data for example, 6 | # but do not forget to stop it after it, so it can be restarted after it. 7 | 8 | source "${CONTAINER_SCRIPTS_PATH}/common.sh" 9 | set -eu 10 | 11 | setup_bind_address 12 | -------------------------------------------------------------------------------- /test/test_redis_latest_imagestreams.py: -------------------------------------------------------------------------------- 1 | from container_ci_suite.imagestreams import ImageStreamChecker 2 | 3 | from conftest import VARS 4 | 5 | 6 | class TestLatestImagestreams: 7 | 8 | def setup_method(self): 9 | self.isc = ImageStreamChecker(working_dir=VARS.TEST_DIR.parent) 10 | 11 | def test_latest_imagestream(self): 12 | self.latest_version = self.isc.get_latest_version() 13 | assert self.latest_version 14 | self.isc.check_imagestreams(self.latest_version) 15 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/validate-variables.sh: -------------------------------------------------------------------------------- 1 | function usage() { 2 | [ $# == 1 ] && echo "error: $1" 3 | echo "You can specify the following environment variables:" 4 | echo " REDIS_PASSWORD (regex: '$redis_password_regex')" 5 | exit 1 6 | } 7 | 8 | function validate_variables() { 9 | # Check basic sanity of specified variables 10 | if [[ -v REDIS_PASSWORD ]]; then 11 | [[ "$REDIS_PASSWORD" =~ $redis_password_regex ]] || usage "Invalid password" 12 | fi 13 | } 14 | 15 | validate_variables 16 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/validate-variables.sh: -------------------------------------------------------------------------------- 1 | function usage() { 2 | [ $# == 1 ] && echo "error: $1" 3 | echo "You can specify the following environment variables:" 4 | echo " REDIS_PASSWORD (regex: '$redis_password_regex')" 5 | exit 1 6 | } 7 | 8 | function validate_variables() { 9 | # Check basic sanity of specified variables 10 | if [[ -v REDIS_PASSWORD ]]; then 11 | [[ "$REDIS_PASSWORD" =~ $redis_password_regex ]] || usage "Invalid password" 12 | fi 13 | } 14 | 15 | validate_variables 16 | -------------------------------------------------------------------------------- /.github/workflows/container-tests.yml: -------------------------------------------------------------------------------- 1 | on: 2 | issue_comment: 3 | types: 4 | - created 5 | jobs: 6 | check-readme: 7 | uses: "sclorg/ci-actions/.github/workflows/check-readme.yml@main" 8 | container-tests: 9 | needs: check-readme 10 | uses: "sclorg/ci-actions/.github/workflows/container-tests.yml@main" 11 | with: 12 | enabled-tests: '["container","container-pytest","openshift-4","openshift-pytest"]' 13 | versions: '[ "6", "7" ]' 14 | openshift-versions: '[ "6", "7" ]' 15 | secrets: inherit 16 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/helpers.sh: -------------------------------------------------------------------------------- 1 | function log_info { 2 | echo "---> `date +%T` $@" 3 | } 4 | 5 | function log_and_run { 6 | log_info "Running $@" 7 | "$@" 8 | } 9 | 10 | function log_volume_info { 11 | CONTAINER_DEBUG=${CONTAINER_DEBUG:-} 12 | if [[ "${CONTAINER_DEBUG,,}" != "true" ]]; then 13 | return 14 | fi 15 | 16 | log_info "Volume info for $@:" 17 | set +e 18 | log_and_run mount 19 | while [ $# -gt 0 ]; do 20 | log_and_run ls -alZ $1 21 | shift 22 | done 23 | set -e 24 | } 25 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/helpers.sh: -------------------------------------------------------------------------------- 1 | function log_info { 2 | echo "---> `date +%T` $@" 3 | } 4 | 5 | function log_and_run { 6 | log_info "Running $@" 7 | "$@" 8 | } 9 | 10 | function log_volume_info { 11 | CONTAINER_DEBUG=${CONTAINER_DEBUG:-} 12 | if [[ "${CONTAINER_DEBUG,,}" != "true" ]]; then 13 | return 14 | fi 15 | 16 | log_info "Volume info for $@:" 17 | set +e 18 | log_and_run mount 19 | while [ $# -gt 0 ]; do 20 | log_and_run ls -alZ $1 21 | shift 22 | done 23 | set -e 24 | } 25 | -------------------------------------------------------------------------------- /test/run-pytest: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # IMAGE_NAME specifies a name of the candidate image used for testing. 4 | # The image has to be available before this script is executed. 5 | # SINGLE_VERSION specifies the major version of httpd 6 | # OS specifies RHEL version (e.g. OS=rhel8) 7 | # 8 | 9 | THISDIR=$(dirname ${BASH_SOURCE[0]}) 10 | 11 | PYTHON_VERSION="3.12" 12 | if [[ ! -f "/usr/bin/python$PYTHON_VERSION" ]]; then 13 | PYTHON_VERSION="3.13" 14 | fi 15 | cd "${THISDIR}" && "python${PYTHON_VERSION}" -m pytest -s -rA --showlocals -vv test_container_*.py 16 | -------------------------------------------------------------------------------- /test/conftest.py: -------------------------------------------------------------------------------- 1 | import os 2 | import sys 3 | 4 | from pathlib import Path 5 | from collections import namedtuple 6 | 7 | from container_ci_suite.utils import check_variables 8 | 9 | if not check_variables(): 10 | sys.exit(1) 11 | 12 | TAGS = { 13 | "rhel8": "-el8", 14 | "rhel9": "-el9", 15 | "rhel10": "-el10", 16 | } 17 | 18 | Vars = namedtuple("Vars", ["OS", "VERSION", "IMAGE_NAME", "TEST_DIR", "TAG"]) 19 | VERSION = os.getenv("VERSION") 20 | OS = os.getenv("TARGET").lower() 21 | 22 | VARS = Vars( 23 | OS=OS, 24 | VERSION=VERSION, 25 | IMAGE_NAME=os.getenv("IMAGE_NAME"), 26 | TEST_DIR=Path(__file__).parent.absolute(), 27 | TAG=TAGS.get(OS), 28 | ) 29 | -------------------------------------------------------------------------------- /6/root/usr/libexec/container-setup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | source ${CONTAINER_SCRIPTS_PATH}/common.sh 4 | set -eu 5 | 6 | # setup directory for data 7 | chown -R redis:0 "${HOME}" "${REDIS_CONF}" 8 | restorecon -R "${HOME}" "${REDIS_CONF}" 9 | 10 | # Loosen permission bits for group to avoid problems running container with 11 | # arbitrary UID 12 | # When only specifying user, group is 0, that's why /var/lib/redis must have 13 | # owner redis.0; that allows to avoid a+rwx for this dir 14 | chmod 0770 "${HOME}" "${REDIS_DATADIR}" 15 | chmod 0660 "${REDIS_CONF}" 16 | 17 | # adjust config with changes we do every-time 18 | clear_config 19 | envsubst < ${CONTAINER_SCRIPTS_PATH}/base.conf.template >> "${REDIS_CONF}" 20 | -------------------------------------------------------------------------------- /7/root/usr/libexec/container-setup: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | source ${CONTAINER_SCRIPTS_PATH}/common.sh 4 | set -eu 5 | 6 | # setup directory for data 7 | chown -R redis:0 "${HOME}" "${REDIS_CONF}" 8 | restorecon -R "${HOME}" "${REDIS_CONF}" 9 | 10 | # Loosen permission bits for group to avoid problems running container with 11 | # arbitrary UID 12 | # When only specifying user, group is 0, that's why /var/lib/redis must have 13 | # owner redis.0; that allows to avoid a+rwx for this dir 14 | chmod 0770 "${HOME}" "${REDIS_DATADIR}" 15 | chmod 0660 "${REDIS_CONF}" 16 | 17 | # adjust config with changes we do every-time 18 | clear_config 19 | envsubst < ${CONTAINER_SCRIPTS_PATH}/base.conf.template >> "${REDIS_CONF}" 20 | -------------------------------------------------------------------------------- /.github/workflows/pr-metadata.yml: -------------------------------------------------------------------------------- 1 | name: Gather Pull Request Metadata 2 | on: 3 | pull_request: 4 | types: [ opened, reopened, synchronize ] 5 | branches: [ master ] 6 | 7 | permissions: 8 | contents: read 9 | 10 | jobs: 11 | gather-metadata: 12 | if: github.repository_owner == 'sclorg' 13 | runs-on: ubuntu-latest 14 | 15 | steps: 16 | - name: Repository checkout 17 | uses: actions/checkout@v6 18 | 19 | - id: Metadata 20 | name: Gather Pull Request Metadata 21 | uses: redhat-plumbers-in-action/gather-pull-request-metadata@v1 22 | 23 | - name: Upload artifact with gathered metadata 24 | uses: actions/upload-artifact@v5 25 | with: 26 | name: pr-metadata 27 | path: ${{ steps.Metadata.outputs.metadata-file }} 28 | -------------------------------------------------------------------------------- /imagestreams/imagestreams.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: redis 3 | pretty_name: Redis 4 | sample_repo: "" 5 | category: database 6 | description: >- 7 | Provides a Redis APP_VERSION database on DISTRO_NAME. For more information 8 | about using this database image, including OpenShift considerations, see 9 | https://github.com/sclorg/redis-container/tree/master/APP_VERSION/README.md. 10 | imagestream_files: 11 | - filename: redis-centos.json 12 | latest: "6-el9" 13 | distros: 14 | - name: CentOS Stream 9 15 | app_versions: [6, 7] 16 | 17 | - filename: redis-rhel.json 18 | latest: "6-el8" 19 | distros: 20 | - name: RHEL 8 21 | app_versions: [6] 22 | 23 | - name: RHEL 9 24 | app_versions: [6, 7] 25 | 26 | - filename: redis-rhel-aarch64.json 27 | latest: "6-el8" 28 | distros: 29 | - name: RHEL 8 30 | app_versions: [6] 31 | 32 | - name: RHEL 9 33 | app_versions: [6, 7] 34 | -------------------------------------------------------------------------------- /6/root/usr/bin/run-redis: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | export_vars=$(cgroup-limits); export $export_vars 4 | source ${CONTAINER_SCRIPTS_PATH}/common.sh 5 | set -eu 6 | 7 | [ -f ${CONTAINER_SCRIPTS_PATH}/validate-variables.sh ] && source ${CONTAINER_SCRIPTS_PATH}/validate-variables.sh 8 | 9 | # Process the Redis configuration files 10 | log_info 'Processing Redis configuration files ...' 11 | if [[ -v REDIS_PASSWORD ]]; then 12 | envsubst < ${CONTAINER_SCRIPTS_PATH}/password.conf.template >> "${REDIS_CONF}" 13 | else 14 | log_info 'WARNING: setting REDIS_PASSWORD is recommended' 15 | fi 16 | 17 | # Source post-init source if exists 18 | if [ -f ${CONTAINER_SCRIPTS_PATH}/post-init.sh ]; then 19 | log_info 'Sourcing post-init.sh ...' 20 | source ${CONTAINER_SCRIPTS_PATH}/post-init.sh 21 | fi 22 | 23 | # Restart the Redis server with public IP bindings 24 | unset_env_vars 25 | log_volume_info "${REDIS_DATADIR}" 26 | log_info 'Running final exec -- Only Redis logs after this point' 27 | exec ${REDIS_PREFIX}/bin/redis-server "${REDIS_CONF}" --daemonize no "$@" 2>&1 28 | -------------------------------------------------------------------------------- /7/root/usr/bin/run-redis: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | export_vars=$(cgroup-limits); export $export_vars 4 | source ${CONTAINER_SCRIPTS_PATH}/common.sh 5 | set -eu 6 | 7 | [ -f ${CONTAINER_SCRIPTS_PATH}/validate-variables.sh ] && source ${CONTAINER_SCRIPTS_PATH}/validate-variables.sh 8 | 9 | # Process the Redis configuration files 10 | log_info 'Processing Redis configuration files ...' 11 | if [[ -v REDIS_PASSWORD ]]; then 12 | envsubst < ${CONTAINER_SCRIPTS_PATH}/password.conf.template >> "${REDIS_CONF}" 13 | else 14 | log_info 'WARNING: setting REDIS_PASSWORD is recommended' 15 | fi 16 | 17 | # Source post-init source if exists 18 | if [ -f ${CONTAINER_SCRIPTS_PATH}/post-init.sh ]; then 19 | log_info 'Sourcing post-init.sh ...' 20 | source ${CONTAINER_SCRIPTS_PATH}/post-init.sh 21 | fi 22 | 23 | # Restart the Redis server with public IP bindings 24 | unset_env_vars 25 | log_volume_info "${REDIS_DATADIR}" 26 | log_info 'Running final exec -- Only Redis logs after this point' 27 | exec ${REDIS_PREFIX}/bin/redis-server "${REDIS_CONF}" --daemonize no "$@" 2>&1 28 | -------------------------------------------------------------------------------- /test/test_redis_imagestream_template.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | from container_ci_suite.openshift import OpenShiftAPI 4 | 5 | from conftest import VARS 6 | 7 | 8 | class TestRedisImagestreamTemplate: 9 | 10 | def setup_method(self): 11 | self.oc_api = OpenShiftAPI(pod_name_prefix="redis", version=VARS.VERSION) 12 | 13 | def teardown_method(self): 14 | self.oc_api.delete_project() 15 | 16 | @pytest.mark.parametrize( 17 | "template", 18 | [ 19 | "redis-ephemeral-template.json", 20 | "redis-persistent-template.json" 21 | ] 22 | ) 23 | def test_redis_imagestream_template(self, template): 24 | os_name = ''.join(i for i in VARS.OS if not i.isdigit()) 25 | assert self.oc_api.deploy_image_stream_template( 26 | imagestream_file=f"imagestreams/redis-{os_name}.json", 27 | template_file=f"examples/{template}", 28 | app_name=self.oc_api.pod_name_prefix 29 | ) 30 | assert self.oc_api.is_pod_running(pod_name_prefix=self.oc_api.pod_name_prefix) 31 | -------------------------------------------------------------------------------- /test/run-openshift-remote-cluster: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Test the Redis image in OpenShift (remote cluster) 4 | # 5 | # IMAGE_NAME specifies a name of the candidate image used for testing. 6 | # The image has to be available before this script is executed. 7 | # VERSION specifies the major version of the Redis in format of X.Y 8 | # OS specifies RHEL version (e.g. OS=rhel9) 9 | # 10 | 11 | THISDIR=$(dirname ${BASH_SOURCE[0]}) 12 | 13 | source ${THISDIR}/test-lib-redis.sh 14 | 15 | TEST_LIST="\ 16 | test_redis_integration 17 | test_redis_imagestream 18 | test_latest_imagestreams 19 | " 20 | 21 | trap ct_os_cleanup EXIT SIGINT 22 | 23 | ct_os_set_ocp4 || exit $OC_ERR 24 | 25 | ct_os_check_compulsory_vars || exit $OC_ERR 26 | 27 | ct_os_tag_image_for_cvp "redis" 28 | 29 | ct_os_check_login || exit $OC_ERR 30 | 31 | set -u 32 | 33 | # For testing on OpenShift 4 we use internal registry 34 | export CT_OCP4_TEST=true 35 | 36 | TEST_SUMMARY='' 37 | TEST_SET=${TESTS:-$TEST_LIST} ct_run_tests_from_testset "openshift-remote-cluster" 38 | 39 | # vim: set tabstop=2:shiftwidth=2:expandtab: 40 | 41 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2016 sclorg 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /test/test_redis_imagestream.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | from container_ci_suite.openshift import OpenShiftAPI 4 | 5 | from conftest import VARS 6 | 7 | 8 | class TestRedisImagestreamTemplate: 9 | 10 | def setup_method(self): 11 | self.oc_api = OpenShiftAPI(pod_name_prefix="redis", version=VARS.VERSION) 12 | 13 | def teardown_method(self): 14 | self.oc_api.delete_project() 15 | 16 | @pytest.mark.parametrize( 17 | "template", 18 | [ 19 | "redis-ephemeral-template.json", 20 | "redis-persistent-template.json" 21 | ] 22 | ) 23 | def test_redis_imagestream_template(self, template): 24 | os_name = ''.join(i for i in VARS.OS if not i.isdigit()) 25 | assert self.oc_api.deploy_image_stream_template( 26 | imagestream_file=f"imagestreams/redis-{os_name}.json", 27 | template_file=f"examples/{template}", 28 | app_name=self.oc_api.pod_name_prefix, 29 | openshift_args=[ 30 | f"REDIS_VERSION={VARS.VERSION}{VARS.TAG}" 31 | ] 32 | ) 33 | assert self.oc_api.is_pod_running(pod_name_prefix=self.oc_api.pod_name_prefix) 34 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/common.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | source ${CONTAINER_SCRIPTS_PATH}/helpers.sh 4 | 5 | # Data directory where Redis database files live. The data subdirectory is here 6 | # because .bashrc lives in /var/lib/redis/ and we don't want a 7 | # volume to override it. 8 | export REDIS_DATADIR=/var/lib/redis/data 9 | 10 | # Be paranoid and stricter than we should be. 11 | redis_password_regex='^[a-zA-Z0-9_~!@#$%^&*()-=<>,.?;:|]+$' 12 | 13 | # Make sure env variables don't propagate to redis process. 14 | function unset_env_vars() { 15 | log_info 'Cleaning up environment variable REDIS_PASSWORD ...' 16 | unset REDIS_PASSWORD 17 | } 18 | 19 | # Comment out settings that we'll set in container specifically 20 | function clear_config() { 21 | sed -e "s/^bind/#bind/" \ 22 | -e "s/^logfile/#logfile/" \ 23 | -e "s/^dir /#dir /" \ 24 | -e "/^protected-mode/s/yes/no/" \ 25 | -i "${REDIS_CONF}" 26 | } 27 | 28 | function setup_bind_address() { 29 | # Function sets bind 30 | if [[ -v BIND_ADDRESS ]]; then 31 | log_info "Configuring redis to listen on $BIND_ADDRESS only ..." 32 | echo "bind $BIND_ADDRESS" >> "${REDIS_CONF}" 33 | fi 34 | } 35 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/common.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | source ${CONTAINER_SCRIPTS_PATH}/helpers.sh 4 | 5 | # Data directory where Redis database files live. The data subdirectory is here 6 | # because .bashrc lives in /var/lib/redis/ and we don't want a 7 | # volume to override it. 8 | export REDIS_DATADIR=/var/lib/redis/data 9 | 10 | # Be paranoid and stricter than we should be. 11 | redis_password_regex='^[a-zA-Z0-9_~!@#$%^&*()-=<>,.?;:|]+$' 12 | 13 | # Make sure env variables don't propagate to redis process. 14 | function unset_env_vars() { 15 | log_info 'Cleaning up environment variable REDIS_PASSWORD ...' 16 | unset REDIS_PASSWORD 17 | } 18 | 19 | # Comment out settings that we'll set in container specifically 20 | function clear_config() { 21 | sed -e "s/^bind/#bind/" \ 22 | -e "s/^logfile/#logfile/" \ 23 | -e "s/^dir /#dir /" \ 24 | -e "/^protected-mode/s/yes/no/" \ 25 | -i "${REDIS_CONF}" 26 | } 27 | 28 | function setup_bind_address() { 29 | # Function sets bind 30 | if [ -v BIND_ADDRESS ]; then 31 | log_info "Configuring redis to listen on $BIND_ADDRESS only to ${REDIS_CONF}" 32 | echo "bind $BIND_ADDRESS" >> "${REDIS_CONF}" 33 | fi 34 | } 35 | -------------------------------------------------------------------------------- /.github/workflows/auto-merge.yml: -------------------------------------------------------------------------------- 1 | name: Auto Merge 2 | on: 3 | workflow_run: 4 | workflows: [ Gather Pull Request Metadata ] 5 | types: 6 | - completed 7 | 8 | permissions: 9 | contents: read 10 | 11 | jobs: 12 | download-metadata: 13 | if: > 14 | github.event.workflow_run.event == 'pull_request' && 15 | github.event.workflow_run.conclusion == 'success' 16 | runs-on: ubuntu-latest 17 | 18 | outputs: 19 | pr-metadata: ${{ steps.Artifact.outputs.pr-metadata-json }} 20 | 21 | steps: 22 | - id: Artifact 23 | name: Download Artifact 24 | uses: redhat-plumbers-in-action/download-artifact@v1 25 | with: 26 | name: pr-metadata 27 | 28 | auto-merge: 29 | needs: [ download-metadata ] 30 | runs-on: ubuntu-latest 31 | 32 | permissions: 33 | # required for merging PRs 34 | contents: write 35 | # required for PR comments and setting labels 36 | pull-requests: write 37 | 38 | steps: 39 | - name: Auto Merge wrapper 40 | uses: sclorg/auto-merge-wrapper@v1 41 | with: 42 | pr-metadata: ${{ needs.download-metadata.outputs.pr-metadata }} 43 | token: ${{ secrets.GITHUB_TOKEN }} 44 | -------------------------------------------------------------------------------- /test/test_redis_shared_helm_imagestreams.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | from container_ci_suite.helm import HelmChartsAPI 4 | 5 | from conftest import VARS 6 | 7 | 8 | class TestHelmRHELRedisImageStreams: 9 | 10 | def setup_method(self): 11 | package_name = "redhat-redis-imagestreams" 12 | self.hc_api = HelmChartsAPI( 13 | path=VARS.TEST_DIR, package_name=package_name, tarball_dir=VARS.TEST_DIR 14 | ) 15 | self.hc_api.clone_helm_chart_repo( 16 | repo_url="https://github.com/sclorg/helm-charts", repo_name="helm-charts", 17 | subdir="charts/redhat" 18 | ) 19 | 20 | def teardown_method(self): 21 | self.hc_api.delete_project() 22 | 23 | @pytest.mark.parametrize( 24 | "version,registry,expected", 25 | [ 26 | ("6-el8", "registry.redhat.io/rhel8/redis-6:latest", True), 27 | ("6-el9", "registry.redhat.io/rhel9/redis-6:latest", True), 28 | ("7-el9", "registry.redhat.io/rhel9/redis-7:latest", True), 29 | ("7-el8", "registry.redhat.io/rhel8/redis-7:latest", False), 30 | ], 31 | ) 32 | def test_package_imagestream(self, version, registry, expected): 33 | assert self.hc_api.helm_package() 34 | assert self.hc_api.helm_installation() 35 | assert self.hc_api.check_imagestreams(version=version, registry=registry) == expected 36 | -------------------------------------------------------------------------------- /test/test_redis_shared_helm_template.py: -------------------------------------------------------------------------------- 1 | from container_ci_suite.helm import HelmChartsAPI 2 | 3 | from conftest import VARS 4 | 5 | 6 | class TestHelmRedisPersistent: 7 | 8 | def setup_method(self): 9 | package_name = "redhat-redis-persistent" 10 | self.hc_api = HelmChartsAPI( 11 | path=VARS.TEST_DIR, 12 | package_name=package_name, 13 | tarball_dir=VARS.TEST_DIR, 14 | shared_cluster=True 15 | ) 16 | self.hc_api.clone_helm_chart_repo( 17 | repo_url="https://github.com/sclorg/helm-charts", repo_name="helm-charts", 18 | subdir="charts/redhat" 19 | ) 20 | 21 | def teardown_method(self): 22 | self.hc_api.delete_project() 23 | 24 | def test_package_persistent_by_helm_chart_test(self): 25 | self.hc_api.package_name = "redhat-redis-imagestreams" 26 | self.hc_api.helm_package() 27 | assert self.hc_api.helm_installation() 28 | self.hc_api.package_name = "redhat-redis-persistent" 29 | self.hc_api.helm_package() 30 | assert self.hc_api.helm_installation( 31 | values={ 32 | "redis_version": f"{VARS.VERSION}{VARS.TAG}", 33 | "namespace": self.hc_api.namespace 34 | } 35 | ) 36 | assert self.hc_api.is_pod_running(pod_name_prefix="redis") 37 | assert self.hc_api.test_helm_chart(expected_str=["PONG"]) 38 | -------------------------------------------------------------------------------- /test/test_redis_local_template.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | from container_ci_suite.openshift import OpenShiftAPI 4 | 5 | from conftest import VARS 6 | 7 | 8 | class TestRedisDeployTemplate: 9 | 10 | def setup_method(self): 11 | self.oc_api = OpenShiftAPI(pod_name_prefix="redis", version=VARS.VERSION) 12 | 13 | def teardown_method(self): 14 | self.oc_api.delete_project() 15 | 16 | @pytest.mark.parametrize( 17 | "template", 18 | [ 19 | "redis-ephemeral-template.json", 20 | "redis-persistent-template.json" 21 | ] 22 | ) 23 | def test_redist_template_inside_cluster(self, template): 24 | assert self.oc_api.deploy_template_with_image( 25 | image_name=VARS.IMAGE_NAME, 26 | template=f"examples/{template}", 27 | name_in_template="redis", 28 | openshift_args=[ 29 | f"REDIS_VERSION={VARS.VERSION}", 30 | f"DATABASE_SERVICE_NAME={self.oc_api.pod_name_prefix}", 31 | "REDIS_PASSWORD=testp" 32 | ] 33 | ) 34 | 35 | assert self.oc_api.is_pod_running(pod_name_prefix=self.oc_api.pod_name_prefix) 36 | assert self.oc_api.check_command_internal( 37 | image_name=f"registry.redhat.io/{VARS.OS}/redis-{VARS.VERSION}", 38 | service_name=self.oc_api.pod_name_prefix, 39 | cmd="timeout 15 redis-cli -h -a testp ping", 40 | expected_output="PONG" 41 | ) 42 | -------------------------------------------------------------------------------- /.github/workflows/build-and-push.yml: -------------------------------------------------------------------------------- 1 | name: Build and push images to Quay.io registry 2 | on: 3 | push: 4 | branches: 5 | - master 6 | schedule: 7 | - cron: '0 1 * * 3' 8 | 9 | jobs: 10 | build-and-push: 11 | if: github.repository_owner == 'sclorg' 12 | runs-on: ubuntu-latest 13 | strategy: 14 | fail-fast: false 15 | matrix: 16 | include: 17 | - dockerfile: "6/Dockerfile.c9s" 18 | registry_namespace: "sclorg" 19 | tag: "c9s" 20 | image_name: "redis-6-c9s" 21 | quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" 22 | quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" 23 | docker_context: "6" 24 | 25 | - dockerfile: "7/Dockerfile.fedora" 26 | registry_namespace: "fedora" 27 | tag: "fedora" 28 | quayio_username: "QUAY_IMAGE_FEDORA_BUILDER_USERNAME" 29 | quayio_token: "QUAY_IMAGE_FEDORA_BUILDER_TOKEN" 30 | image_name: "redis-7" 31 | docker_context: "7" 32 | 33 | - dockerfile: "7/Dockerfile.c9s" 34 | registry_namespace: "sclorg" 35 | tag: "c9s" 36 | image_name: "redis-7-c9s" 37 | quayio_username: "QUAY_IMAGE_SCLORG_BUILDER_USERNAME" 38 | quayio_token: "QUAY_IMAGE_SCLORG_BUILDER_TOKEN" 39 | docker_context: "7" 40 | 41 | steps: 42 | - name: Build and push to quay.io registry 43 | uses: sclorg/build-and-push-action@v4 44 | with: 45 | registry: "quay.io" 46 | registry_namespace: ${{ matrix.registry_namespace }} 47 | registry_username: ${{ secrets[matrix.quayio_username] }} 48 | registry_token: ${{ secrets[matrix.quayio_token] }} 49 | dockerfile: ${{ matrix.dockerfile }} 50 | docker_context: ${{ matrix.docker_context }} 51 | tag: ${{ matrix.tag }} 52 | image_name: ${{ matrix.image_name }} 53 | readme: "${{ matrix.docker_context }}/README.md" 54 | quay_application_token: ${{ secrets.QUAY_IMAGE_SCLORG_UPDATE_DESC }} 55 | -------------------------------------------------------------------------------- /test/test-lib-redis.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Functions for tests for the Redis image in OpenShift. 4 | # 5 | # IMAGE_NAME specifies a name of the candidate image used for testing. 6 | # The image has to be available before this script is executed. 7 | # 8 | 9 | THISDIR=$(dirname ${BASH_SOURCE[0]}) 10 | 11 | source "${THISDIR}/test-lib.sh" 12 | source "${THISDIR}/test-lib-openshift.sh" 13 | source "${THISDIR}/test-lib-remote-openshift.sh" 14 | 15 | function test_redis_integration() { 16 | local service_name=redis 17 | namespace_image="${OS}/redis-${VERSION}" 18 | TEMPLATES="redis-ephemeral-template.json 19 | redis-persistent-template.json" 20 | for template in $TEMPLATES; do 21 | ct_os_test_template_app_func "${IMAGE_NAME}" \ 22 | "${THISDIR}/examples/${template}" \ 23 | "${service_name}" \ 24 | "ct_os_check_cmd_internal 'registry.redhat.io/${namespace_image}' '${service_name}-testing' 'timeout 15 redis-cli -h -a testp ping' 'PONG'" \ 25 | "-p REDIS_VERSION=${VERSION} \ 26 | -p DATABASE_SERVICE_NAME="${service_name}-testing" \ 27 | -p REDIS_PASSWORD=testp" 28 | done 29 | } 30 | 31 | # Check the imagestream 32 | function test_redis_imagestream() { 33 | if [ "${VERSION}" == "7" ] && [ "${OS}" != "rhel9" ]; then 34 | echo "Skipping testing version. It is not available for RHEL 8." 35 | return 0 36 | fi 37 | tag="-el8" 38 | if [ "${OS}" == "rhel9" ]; then 39 | tag="-el9" 40 | fi 41 | TEMPLATES="redis-ephemeral-template.json 42 | redis-persistent-template.json" 43 | for template in $TEMPLATES; do 44 | ct_os_test_image_stream_template "${THISDIR}/imagestreams/redis-${OS//[0-9]/}.json" "${THISDIR}/examples/${template}" redis "-p REDIS_VERSION=${VERSION}${tag}" 45 | done 46 | } 47 | 48 | function test_latest_imagestreams() { 49 | info "Testing the latest version in imagestreams" 50 | # Switch to root directory of a container 51 | pushd "${THISDIR}/../.." >/dev/null 52 | ct_check_latest_imagestreams 53 | popd >/dev/null 54 | } 55 | 56 | # vim: set tabstop=2:shiftwidth=2:expandtab: 57 | -------------------------------------------------------------------------------- /.github/workflows/auto-merge-on-demand.yml: -------------------------------------------------------------------------------- 1 | name: Auto Merge On Demand 2 | on: 3 | issue_comment: 4 | types: 5 | - created 6 | workflow_dispatch: 7 | inputs: 8 | pr-number: 9 | description: 'Pull Request number/s ; when not provided, the workflow will run for all open PRs' 10 | required: true 11 | default: '0' 12 | 13 | permissions: 14 | contents: read 15 | 16 | jobs: 17 | # Get all open PRs 18 | gather-pull-requests: 19 | if: | 20 | github.repository_owner == 'sclorg' 21 | || (contains(github.event.comment.body, '/auto-merge') 22 | && contains(fromJson('["OWNER", "MEMBER"]'), github.event.comment.author_association)) 23 | runs-on: ubuntu-latest 24 | 25 | outputs: 26 | pr-numbers: ${{ steps.get-pr-numbers.outputs.result }} 27 | pr-numbers-manual: ${{ steps.parse-manual-input.outputs.result }} 28 | 29 | steps: 30 | - id: get-pr-numbers 31 | if: inputs.pr-number == '0' 32 | name: Get all open PRs 33 | uses: actions/github-script@v8 34 | with: 35 | # !FIXME: this is not working if there is more than 100 PRs opened 36 | script: | 37 | const { data: pullRequests } = await github.rest.pulls.list({ 38 | owner: context.repo.owner, 39 | repo: context.repo.repo, 40 | state: 'open', 41 | per_page: 100 42 | }); 43 | return pullRequests.map(pr => pr.number); 44 | 45 | - id: parse-manual-input 46 | if: inputs.pr-number != '0' 47 | name: Parse manual input 48 | run: | 49 | # shellcheck disable=SC2086 50 | echo "result="[ ${{ github.event.issue.number }} ]"" >> $GITHUB_OUTPUT 51 | shell: bash 52 | 53 | validate-pr: 54 | name: 'Validation of Pull Request #${{ matrix.pr-number }}' 55 | needs: [ gather-pull-requests ] 56 | runs-on: ubuntu-latest 57 | 58 | strategy: 59 | fail-fast: false 60 | matrix: 61 | pr-number: ${{ inputs.pr-number == 0 && fromJSON(needs.gather-pull-requests.outputs.pr-numbers) || fromJSON(needs.gather-pull-requests.outputs.pr-numbers-manual) }} 62 | 63 | permissions: 64 | # required for merging PRs 65 | contents: write 66 | # required for PR comments and setting labels 67 | pull-requests: write 68 | 69 | steps: 70 | - name: Auto Merge wrapper 71 | uses: sclorg/auto-merge-wrapper@v1 72 | with: 73 | pr-number: ${{ matrix.pr-number }} 74 | token: ${{ secrets.GITHUB_TOKEN }} 75 | -------------------------------------------------------------------------------- /imagestreams/redis-centos.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "ImageStream", 3 | "apiVersion": "image.openshift.io/v1", 4 | "metadata": { 5 | "name": "redis", 6 | "annotations": { 7 | "openshift.io/display-name": "Redis" 8 | } 9 | }, 10 | "spec": { 11 | "tags": [ 12 | { 13 | "name": "6-el9", 14 | "annotations": { 15 | "openshift.io/display-name": "Redis 6 (CentOS Stream 9)", 16 | "openshift.io/provider-display-name": "Red Hat, Inc.", 17 | "description": "Provides a Redis 6 database on CentOS Stream 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.", 18 | "iconClass": "icon-redis", 19 | "tags": "database,redis", 20 | "version": "6" 21 | }, 22 | "from": { 23 | "kind": "DockerImage", 24 | "name": "quay.io/sclorg/redis-6-c9s:latest" 25 | }, 26 | "referencePolicy": { 27 | "type": "Local" 28 | } 29 | }, 30 | { 31 | "name": "7-el9", 32 | "annotations": { 33 | "openshift.io/display-name": "Redis 7 (CentOS Stream 9)", 34 | "openshift.io/provider-display-name": "Red Hat, Inc.", 35 | "description": "Provides a Redis 7 database on CentOS Stream 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/7/README.md.", 36 | "iconClass": "icon-redis", 37 | "tags": "database,redis", 38 | "version": "7" 39 | }, 40 | "from": { 41 | "kind": "DockerImage", 42 | "name": "quay.io/sclorg/redis-7-c9s:latest" 43 | }, 44 | "referencePolicy": { 45 | "type": "Local" 46 | } 47 | }, 48 | { 49 | "name": "latest", 50 | "annotations": { 51 | "openshift.io/display-name": "Redis 6 (Latest)", 52 | "openshift.io/provider-display-name": "Red Hat, Inc.", 53 | "description": "Provides a Redis 6 database on CentOS Stream 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version available on OpenShift, including major version updates.\n", 54 | "iconClass": "icon-redis", 55 | "tags": "database,redis", 56 | "version": "6" 57 | }, 58 | "from": { 59 | "kind": "ImageStreamTag", 60 | "name": "6-el9" 61 | }, 62 | "referencePolicy": { 63 | "type": "Local" 64 | } 65 | } 66 | ] 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /imagestreams/redis-rhel.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "ImageStream", 3 | "apiVersion": "image.openshift.io/v1", 4 | "metadata": { 5 | "name": "redis", 6 | "annotations": { 7 | "openshift.io/display-name": "Redis" 8 | } 9 | }, 10 | "spec": { 11 | "tags": [ 12 | { 13 | "name": "6-el8", 14 | "annotations": { 15 | "openshift.io/display-name": "Redis 6 (RHEL 8)", 16 | "openshift.io/provider-display-name": "Red Hat, Inc.", 17 | "description": "Provides a Redis 6 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.", 18 | "iconClass": "icon-redis", 19 | "tags": "database,redis", 20 | "version": "6" 21 | }, 22 | "from": { 23 | "kind": "DockerImage", 24 | "name": "registry.redhat.io/rhel8/redis-6:latest" 25 | }, 26 | "referencePolicy": { 27 | "type": "Local" 28 | } 29 | }, 30 | { 31 | "name": "6-el9", 32 | "annotations": { 33 | "openshift.io/display-name": "Redis 6 (RHEL 9)", 34 | "openshift.io/provider-display-name": "Red Hat, Inc.", 35 | "description": "Provides a Redis 6 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.", 36 | "iconClass": "icon-redis", 37 | "tags": "database,redis", 38 | "version": "6" 39 | }, 40 | "from": { 41 | "kind": "DockerImage", 42 | "name": "registry.redhat.io/rhel9/redis-6:latest" 43 | }, 44 | "referencePolicy": { 45 | "type": "Local" 46 | } 47 | }, 48 | { 49 | "name": "7-el9", 50 | "annotations": { 51 | "openshift.io/display-name": "Redis 7 (RHEL 9)", 52 | "openshift.io/provider-display-name": "Red Hat, Inc.", 53 | "description": "Provides a Redis 7 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/7/README.md.", 54 | "iconClass": "icon-redis", 55 | "tags": "database,redis", 56 | "version": "7" 57 | }, 58 | "from": { 59 | "kind": "DockerImage", 60 | "name": "registry.redhat.io/rhel9/redis-7:latest" 61 | }, 62 | "referencePolicy": { 63 | "type": "Local" 64 | } 65 | }, 66 | { 67 | "name": "latest", 68 | "annotations": { 69 | "openshift.io/display-name": "Redis 6 (Latest)", 70 | "openshift.io/provider-display-name": "Red Hat, Inc.", 71 | "description": "Provides a Redis 6 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version available on OpenShift, including major version updates.\n", 72 | "iconClass": "icon-redis", 73 | "tags": "database,redis", 74 | "version": "6" 75 | }, 76 | "from": { 77 | "kind": "ImageStreamTag", 78 | "name": "6-el8" 79 | }, 80 | "referencePolicy": { 81 | "type": "Local" 82 | } 83 | } 84 | ] 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /imagestreams/redis-rhel-aarch64.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "ImageStream", 3 | "apiVersion": "image.openshift.io/v1", 4 | "metadata": { 5 | "name": "redis", 6 | "annotations": { 7 | "openshift.io/display-name": "Redis" 8 | } 9 | }, 10 | "spec": { 11 | "tags": [ 12 | { 13 | "name": "6-el8", 14 | "annotations": { 15 | "openshift.io/display-name": "Redis 6 (RHEL 8)", 16 | "openshift.io/provider-display-name": "Red Hat, Inc.", 17 | "description": "Provides a Redis 6 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.", 18 | "iconClass": "icon-redis", 19 | "tags": "database,redis", 20 | "version": "6" 21 | }, 22 | "from": { 23 | "kind": "DockerImage", 24 | "name": "registry.redhat.io/rhel8/redis-6:latest" 25 | }, 26 | "referencePolicy": { 27 | "type": "Local" 28 | } 29 | }, 30 | { 31 | "name": "6-el9", 32 | "annotations": { 33 | "openshift.io/display-name": "Redis 6 (RHEL 9)", 34 | "openshift.io/provider-display-name": "Red Hat, Inc.", 35 | "description": "Provides a Redis 6 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.", 36 | "iconClass": "icon-redis", 37 | "tags": "database,redis", 38 | "version": "6" 39 | }, 40 | "from": { 41 | "kind": "DockerImage", 42 | "name": "registry.redhat.io/rhel9/redis-6:latest" 43 | }, 44 | "referencePolicy": { 45 | "type": "Local" 46 | } 47 | }, 48 | { 49 | "name": "7-el9", 50 | "annotations": { 51 | "openshift.io/display-name": "Redis 7 (RHEL 9)", 52 | "openshift.io/provider-display-name": "Red Hat, Inc.", 53 | "description": "Provides a Redis 7 database on RHEL 9. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/7/README.md.", 54 | "iconClass": "icon-redis", 55 | "tags": "database,redis", 56 | "version": "7" 57 | }, 58 | "from": { 59 | "kind": "DockerImage", 60 | "name": "registry.redhat.io/rhel9/redis-7:latest" 61 | }, 62 | "referencePolicy": { 63 | "type": "Local" 64 | } 65 | }, 66 | { 67 | "name": "latest", 68 | "annotations": { 69 | "openshift.io/display-name": "Redis 6 (Latest)", 70 | "openshift.io/provider-display-name": "Red Hat, Inc.", 71 | "description": "Provides a Redis 6 database on RHEL 8. For more information about using this database image, including OpenShift considerations, see https://github.com/sclorg/redis-container/tree/master/6/README.md.\n\nWARNING: By selecting this tag, your application will automatically update to use the latest version available on OpenShift, including major version updates.\n", 72 | "iconClass": "icon-redis", 73 | "tags": "database,redis", 74 | "version": "6" 75 | }, 76 | "from": { 77 | "kind": "ImageStreamTag", 78 | "name": "6-el8" 79 | }, 80 | "referencePolicy": { 81 | "type": "Local" 82 | } 83 | } 84 | ] 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /7/Dockerfile.fedora: -------------------------------------------------------------------------------- 1 | FROM quay.io/fedora/s2i-core:38 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV NAME=redis \ 11 | VERSION=7 12 | 13 | ENV REDIS_VERSION=$VERSION \ 14 | HOME=/var/lib/redis 15 | 16 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 17 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 18 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 19 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 20 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 21 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 22 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 23 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 24 | 25 | LABEL summary="$SUMMARY" \ 26 | description="$DESCRIPTION" \ 27 | io.k8s.description="$SUMMARY" \ 28 | io.k8s.display-name="Redis 7" \ 29 | io.openshift.expose-services="6379:redis" \ 30 | io.openshift.tags="database,redis,redis7" \ 31 | com.redhat.component="$NAME" \ 32 | name="fedora/$NAME-$VERSION" \ 33 | version="$VERSION" \ 34 | usage="docker run -d --name redis_database -p 6379:6379 quay.io/fedora/$NAME-$VERSION" \ 35 | maintainer="SoftwareCollections.org " 36 | 37 | EXPOSE 6379 38 | 39 | # Create user for redis that has known UID 40 | # We need to do this before installing the RPMs which would create user with random UID 41 | # The UID is the one used by the default user from the parent layer (1001), 42 | # and since the user exists already, do not create a new one, but only rename 43 | # the existing 44 | # This image must forever use UID 1001 for redis user so our volumes are 45 | # safe in the future. This should *never* change, the last test is there 46 | # to make sure of that. 47 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 48 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 49 | # Install gettext for envsubst command 50 | dnf install -y yum-utils gettext policycoreutils && \ 51 | INSTALL_PKGS="redis" && \ 52 | dnf install -y --setopt=tsflags=nodocs --nogpgcheck $INSTALL_PKGS && \ 53 | rpm -V $INSTALL_PKGS && \ 54 | dnf clean all && \ 55 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 56 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 57 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 58 | 59 | # Get prefix path and path to scripts rather than hard-code them in scripts 60 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 61 | REDIS_PREFIX=/usr \ 62 | REDIS_CONF=/etc/redis/redis.conf 63 | 64 | COPY root / 65 | 66 | # this is needed due to issues with squash 67 | # when this directory gets rm'd by the container-setup 68 | # script. 69 | RUN /usr/libexec/container-setup 70 | 71 | VOLUME ["/var/lib/redis/data"] 72 | 73 | # Using a numeric value because of a comment in [1]: 74 | # If your S2I image does not include a USER declaration with a numeric user, 75 | # your builds will fail by default. 76 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 77 | USER 1001 78 | 79 | ENTRYPOINT ["container-entrypoint"] 80 | CMD ["run-redis"] 81 | -------------------------------------------------------------------------------- /6/Dockerfile.rhel9: -------------------------------------------------------------------------------- 1 | FROM ubi9/s2i-core:1 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=6 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="rhel9/redis-$REDIS_VERSION" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 rhel9/redis-$REDIS_VERSION" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | INSTALL_PKGS="policycoreutils redis" && \ 49 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 50 | rpm -V $INSTALL_PKGS && \ 51 | yum -y clean all --enablerepo='*' && \ 52 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 53 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 54 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 55 | 56 | # Get prefix path and path to scripts rather than hard-code them in scripts 57 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 58 | REDIS_PREFIX=/usr \ 59 | REDIS_CONF=/etc/redis/redis.conf 60 | 61 | COPY root / 62 | 63 | # this is needed due to issues with squash 64 | # when this directory gets rm'd by the container-setup 65 | # script. 66 | RUN /usr/libexec/container-setup 67 | 68 | VOLUME ["/var/lib/redis/data"] 69 | 70 | # Using a numeric value because of a comment in [1]: 71 | # If your S2I image does not include a USER declaration with a numeric user, 72 | # your builds will fail by default. 73 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 74 | USER 1001 75 | 76 | ENTRYPOINT ["container-entrypoint"] 77 | CMD ["run-redis"] 78 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Redis container image 2 | ===================== 3 | 4 | [![Build and push images to Quay.io registry](https://github.com/sclorg/redis-container/actions/workflows/build-and-push.yml/badge.svg)](https://github.com/sclorg/redis-container/actions/workflows/build-and-push.yml) 5 | 6 | This repository contains Dockerfiles for Redis container image. 7 | Users can choose between RHEL, Fedora and CentOS Stream based images. 8 | 9 | For more information about contributing, see 10 | [the Contribution Guidelines](https://github.com/sclorg/welcome/blob/master/contribution.md). 11 | For more information about concepts used in these container images, see the 12 | [Landing page](https://github.com/sclorg/welcome). 13 | 14 | 15 | Versions 16 | -------- 17 | Currently supported versions are visible in the following table, expand an entry to see its container registry address. 18 | 21 | ||CentOS Stream 9|Fedora|RHEL 8|RHEL 9| 22 | |:--|:--:|:--:|:--:|:--:| 23 | |6|||
`registry.redhat.io/rhel8/redis-6`
|| 24 | |7|
`quay.io/sclorg/redis-7-c9s`
|
`quay.io/fedora/redis-7`
||
`registry.redhat.io/rhel9/redis-7`
| 25 | 28 | 29 | Installation 30 | ------------ 31 | To build a Redis image, choose either the CentOS Stream or RHEL based image: 32 | * **RHEL based image** 33 | 34 | These images are available in the [Red Hat Container Catalog](https://catalog.redhat.com/en/search?searchType=containers). 35 | To download it run: 36 | 37 | ``` 38 | $ podman pull registry.access.redhat.com/rhel9/redis-7 39 | ``` 40 | 41 | To build a RHEL based Redis image, you need to run the build on a properly 42 | subscribed RHEL machine. 43 | 44 | ``` 45 | $ git clone --recursive https://github.com/sclorg/redis-container.git 46 | $ cd redis-container 47 | $ git submodule update --init 48 | $ make build TARGET=rhel9 VERSIONS=7 49 | ``` 50 | 51 | * **CentOS Stream based image** 52 | 53 | This image is available on quay.io. To download it run: 54 | 55 | ``` 56 | $ podman pull quay.io/sclorg/redis-7-c9s 57 | ``` 58 | 59 | To build a Redis image from scratch run: 60 | 61 | ``` 62 | $ git clone --recursive https://github.com/sclorg/redis-container.git 63 | $ cd redis-container 64 | $ git submodule update --init 65 | $ make build TARGET=c9s VERSIONS=7 66 | ``` 67 | 68 | Note: while the installation steps are calling `podman`, you can replace any such calls by `docker` with the same arguments. 69 | 70 | **Notice: By omitting the `VERSIONS` parameter, the build/test action will be performed 71 | on all provided versions of Redis.** 72 | 73 | 74 | Usage 75 | ----- 76 | 77 | For information about usage of Dockerfile for Redis 6, 78 | see [usage documentation](6). 79 | 80 | For information about usage of Dockerfile for Redis 7, 81 | see [usage documentation](7). 82 | 83 | Test 84 | ---- 85 | Users can choose between testing a Redis test application based on a RHEL or CentOS Stream image. 86 | 87 | * **RHEL based image** 88 | 89 | To test a RHEL8 based Redis image, you need to run the test on a properly 90 | subscribed RHEL machine. 91 | 92 | ``` 93 | $ cd redis-container 94 | $ git submodule update --init 95 | $ make test TARGET=rhel8 VERSIONS=6 96 | ``` 97 | 98 | * **CentOS Stream based image** 99 | 100 | ``` 101 | $ cd redis-container 102 | $ git submodule update --init 103 | $ make test TARGET=c9s VERSIONS=7 104 | ``` 105 | 106 | **Notice: By omitting the `VERSIONS` parameter, the build/test action will be performed 107 | on all provided versions of Redis.** 108 | -------------------------------------------------------------------------------- /6/Dockerfile.c9s: -------------------------------------------------------------------------------- 1 | FROM quay.io/sclorg/s2i-core-c9s:c9s 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=6 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="sclorg/redis-$REDIS_VERSION-c9s" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 quay.io/sclorg/redis-$REDIS_VERSION-c9s" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | INSTALL_PKGS="policycoreutils redis" && \ 49 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 50 | rpm -V $INSTALL_PKGS && \ 51 | yum -y clean all --enablerepo='*' && \ 52 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 53 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 54 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 55 | 56 | # Get prefix path and path to scripts rather than hard-code them in scripts 57 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 58 | REDIS_PREFIX=/usr \ 59 | REDIS_CONF=/etc/redis/redis.conf 60 | 61 | COPY root / 62 | 63 | # this is needed due to issues with squash 64 | # when this directory gets rm'd by the container-setup 65 | # script. 66 | RUN /usr/libexec/container-setup 67 | 68 | VOLUME ["/var/lib/redis/data"] 69 | 70 | # Using a numeric value because of a comment in [1]: 71 | # If your S2I image does not include a USER declaration with a numeric user, 72 | # your builds will fail by default. 73 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 74 | USER 1001 75 | 76 | ENTRYPOINT ["container-entrypoint"] 77 | CMD ["run-redis"] 78 | -------------------------------------------------------------------------------- /6/root/usr/share/container-scripts/redis/README.md: -------------------------------------------------------------------------------- 1 | Redis 6 in-memory data structure store container image 2 | ====================================================== 3 | 4 | This container image includes Redis 6 in-memory data structure store for OpenShift and general usage. 5 | Users can choose between RHEL, CentOS Stream and Fedora based images. 6 | The RHEL images are available in the [Red Hat Container Catalog](https://access.redhat.com/containers/), 7 | and the CentOS Stream images are available on [Quay.io](https://quay.io/organization/sclorg). 8 | The resulting image can be run using [podman](https://github.com/containers/libpod). 9 | 10 | Note: while the examples in this README are calling `podman`, you can replace any such calls by `docker` with the same arguments 11 | 12 | Description 13 | ----------- 14 | 15 | Redis 6 available as container, is an advanced key-value store. 16 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, 17 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; 18 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; 19 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding 20 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist 21 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log. 22 | 23 | 24 | Usage 25 | ----- 26 | 27 | For this, we will assume that you are using the `rhel9/redis-6` image. 28 | If you want to set only the mandatory environment variables and not store 29 | the database in a host directory, execute the following command: 30 | 31 | ``` 32 | $ podman run -d --name redis_database -p 6379:6379 rhel9/redis-6 33 | ``` 34 | 35 | This will create a container named `redis_database`. Port 6379 will be exposed and mapped 36 | to the host. 37 | 38 | If you want your database to be persistent across container executions, also add a 39 | `-v /host/db/path:/var/lib/redis/data:Z` argument. This will be the Redis data directory. 40 | 41 | For protecting Redis data by a password, pass `REDIS_PASSWORD` environment variable 42 | to the container like this: 43 | 44 | ``` 45 | $ podman run -d --name redis_database -e REDIS_PASSWORD=strongpassword rhel9/redis-6 46 | ``` 47 | 48 | **Warning: since Redis is pretty fast an outside user can try up to 49 | 150k passwords per second against a good box. This means that you should 50 | use a very strong password otherwise it will be very easy to break.** 51 | 52 | 53 | Environment variables and volumes 54 | ---------------------------------- 55 | 56 | **`REDIS_PASSWORD`** 57 | Password for the server access 58 | 59 | **`BIND_ADDRESS`** 60 | IP address for the server to listen on 61 | 62 | 63 | You can also set the following mount points by passing the `-v /host:/container:Z` flag to podman. 64 | 65 | **`/var/lib/redis/data`** 66 | Redis data directory 67 | 68 | 69 | **Notice: When mouting a directory from the host into the container, ensure that the mounted 70 | directory has the appropriate permissions and that the owner and group of the directory 71 | matches the user UID or name which is running inside the container.** 72 | 73 | 74 | Troubleshooting 75 | --------------- 76 | Redis logs into standard output, so the log is available in the container log. The log can be examined by running: 77 | 78 | podman logs 79 | 80 | 81 | See also 82 | -------- 83 | Dockerfile and other sources for this container image are available on 84 | https://github.com/sclorg/redis-container. 85 | In that repository you also can find another versions of Python environment Dockerfiles. 86 | Dockerfile for RHEL8 it's `Dockerfile.rhel8`, for RHEL9 it's `Dockerfile.rhel9`, 87 | and for CentOS Stream 9 it's `Dockerfile.c9s`. 88 | -------------------------------------------------------------------------------- /6/Dockerfile.rhel8: -------------------------------------------------------------------------------- 1 | FROM ubi8/s2i-core:1 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=6 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="rhel8/redis-$REDIS_VERSION" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 rhel8/redis-$REDIS_VERSION" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | yum -y module enable redis:$REDIS_VERSION && \ 49 | INSTALL_PKGS="policycoreutils redis" && \ 50 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 51 | rpm -V $INSTALL_PKGS && \ 52 | yum -y clean all --enablerepo='*' && \ 53 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 54 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 55 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 56 | 57 | # Get prefix path and path to scripts rather than hard-code them in scripts 58 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 59 | REDIS_PREFIX=/usr \ 60 | REDIS_CONF=/etc/redis.conf 61 | 62 | COPY root / 63 | 64 | # this is needed due to issues with squash 65 | # when this directory gets rm'd by the container-setup 66 | # script. 67 | RUN /usr/libexec/container-setup 68 | 69 | VOLUME ["/var/lib/redis/data"] 70 | 71 | # Using a numeric value because of a comment in [1]: 72 | # If your S2I image does not include a USER declaration with a numeric user, 73 | # your builds will fail by default. 74 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 75 | USER 1001 76 | 77 | ENTRYPOINT ["container-entrypoint"] 78 | CMD ["run-redis"] 79 | -------------------------------------------------------------------------------- /7/Dockerfile.rhel8: -------------------------------------------------------------------------------- 1 | FROM ubi8/s2i-core:1 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=7 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="rhel8/redis-$REDIS_VERSION" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 rhel8/redis-$REDIS_VERSION" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | yum -y module enable redis:$REDIS_VERSION && \ 49 | INSTALL_PKGS="policycoreutils redis" && \ 50 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 51 | rpm -V $INSTALL_PKGS && \ 52 | yum -y clean all --enablerepo='*' && \ 53 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 54 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 55 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 56 | 57 | # Get prefix path and path to scripts rather than hard-code them in scripts 58 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 59 | REDIS_PREFIX=/usr \ 60 | REDIS_CONF=/etc/redis.conf 61 | 62 | COPY root / 63 | 64 | # this is needed due to issues with squash 65 | # when this directory gets rm'd by the container-setup 66 | # script. 67 | RUN /usr/libexec/container-setup 68 | 69 | VOLUME ["/var/lib/redis/data"] 70 | 71 | # Using a numeric value because of a comment in [1]: 72 | # If your S2I image does not include a USER declaration with a numeric user, 73 | # your builds will fail by default. 74 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 75 | USER 1001 76 | 77 | ENTRYPOINT ["container-entrypoint"] 78 | CMD ["run-redis"] 79 | -------------------------------------------------------------------------------- /7/Dockerfile.rhel9: -------------------------------------------------------------------------------- 1 | FROM ubi9/s2i-core:1 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=7 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="rhel9/redis-$REDIS_VERSION" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 rhel9/redis-$REDIS_VERSION" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | yum -y module enable redis:$REDIS_VERSION && \ 49 | INSTALL_PKGS="policycoreutils redis" && \ 50 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 51 | rpm -V $INSTALL_PKGS && \ 52 | yum -y clean all --enablerepo='*' && \ 53 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 54 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 55 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 56 | 57 | # Get prefix path and path to scripts rather than hard-code them in scripts 58 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 59 | REDIS_PREFIX=/usr \ 60 | REDIS_CONF=/etc/redis/redis.conf 61 | 62 | COPY root / 63 | 64 | # this is needed due to issues with squash 65 | # when this directory gets rm'd by the container-setup 66 | # script. 67 | RUN /usr/libexec/container-setup 68 | 69 | VOLUME ["/var/lib/redis/data"] 70 | 71 | # Using a numeric value because of a comment in [1]: 72 | # If your S2I image does not include a USER declaration with a numeric user, 73 | # your builds will fail by default. 74 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 75 | USER 1001 76 | 77 | ENTRYPOINT ["container-entrypoint"] 78 | CMD ["run-redis"] 79 | -------------------------------------------------------------------------------- /7/Dockerfile.c9s: -------------------------------------------------------------------------------- 1 | FROM quay.io/sclorg/s2i-core-c9s:c9s 2 | 3 | # Redis image based on Software Collections packages 4 | # 5 | # Volumes: 6 | # * /var/lib/redis/data - Datastore for Redis 7 | # Environment: 8 | # * $REDIS_PASSWORD - Database password 9 | 10 | ENV REDIS_VERSION=7 \ 11 | HOME=/var/lib/redis 12 | 13 | ENV SUMMARY="Redis in-memory data structure store, used as database, cache and message broker" \ 14 | DESCRIPTION="Redis $REDIS_VERSION available as container, is an advanced key-value store. \ 15 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, \ 16 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; \ 17 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \ 18 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding \ 19 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist \ 20 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log." 21 | 22 | LABEL summary="$SUMMARY" \ 23 | description="$DESCRIPTION" \ 24 | io.k8s.description="$DESCRIPTION" \ 25 | io.k8s.display-name="Redis $REDIS_VERSION" \ 26 | io.openshift.expose-services="6379:redis" \ 27 | io.openshift.tags="database,redis,redis$REDIS_VERSION,redis-$REDIS_VERSION" \ 28 | com.redhat.component="redis-$REDIS_VERSION-container" \ 29 | name="sclorg/redis-$REDIS_VERSION-c9s" \ 30 | version="1" \ 31 | com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel" \ 32 | usage="podman run -d --name redis_database -p 6379:6379 quay.io/sclorg/redis-$REDIS_VERSION-c9s" \ 33 | maintainer="SoftwareCollections.org " 34 | 35 | EXPOSE 6379 36 | 37 | # Create user for redis that has known UID 38 | # We need to do this before installing the RPMs which would create user with random UID 39 | # The UID is the one used by the default user from the parent layer (1001), 40 | # and since the user exists already, do not create a new one, but only rename 41 | # the existing 42 | # This image must forever use UID 1001 for redis user so our volumes are 43 | # safe in the future. This should *never* change, the last test is there 44 | # to make sure of that. 45 | RUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \ 46 | usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \ 47 | # Install gettext for envsubst command 48 | yum -y module enable redis:$REDIS_VERSION && \ 49 | INSTALL_PKGS="policycoreutils redis" && \ 50 | yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \ 51 | rpm -V $INSTALL_PKGS && \ 52 | yum -y clean all --enablerepo='*' && \ 53 | redis-server --version | grep -qe "^Redis server v=$REDIS_VERSION\." && echo "Found VERSION $REDIS_VERSION" && \ 54 | mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \ 55 | [[ "$(id redis)" == "uid=1001(redis)"* ]] 56 | 57 | # Get prefix path and path to scripts rather than hard-code them in scripts 58 | ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \ 59 | REDIS_PREFIX=/usr \ 60 | REDIS_CONF=/etc/redis/redis.conf 61 | 62 | COPY root / 63 | 64 | # this is needed due to issues with squash 65 | # when this directory gets rm'd by the container-setup 66 | # script. 67 | RUN /usr/libexec/container-setup 68 | 69 | VOLUME ["/var/lib/redis/data"] 70 | 71 | # Using a numeric value because of a comment in [1]: 72 | # If your S2I image does not include a USER declaration with a numeric user, 73 | # your builds will fail by default. 74 | # [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images 75 | USER 1001 76 | 77 | ENTRYPOINT ["container-entrypoint"] 78 | CMD ["run-redis"] 79 | -------------------------------------------------------------------------------- /7/root/usr/share/container-scripts/redis/README.md: -------------------------------------------------------------------------------- 1 | Redis 7 in-memory data structure store container image 2 | ====================================================== 3 | 4 | This container image includes Redis 7 in-memory data structure store for OpenShift and general usage. 5 | Users can choose between RHEL, CentOS Stream, and Fedora based images. 6 | The RHEL images are available in the [Red Hat Container Catalog](https://access.redhat.com/containers/), 7 | the CentOS Stream images are available on [Quay.io](https://quay.io/organization/sclorg), 8 | and the Fedora images are available in [Fedora Registry](https://quay.io/organization/fedora). 9 | The resulting image can be run using [podman](https://github.com/containers/libpod). 10 | 11 | Note: while the examples in this README are calling `podman`, you can replace any such calls by `docker` with the same arguments 12 | 13 | Description 14 | ----------- 15 | 16 | Redis 7 available as container, is an advanced key-value store. 17 | It is often referred to as a data structure server since keys can contain strings, hashes, lists, 18 | sets and sorted sets. You can run atomic operations on these types, like appending to a string; 19 | incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; 20 | or getting the member with highest ranking in a sorted set. In order to achieve its outstanding 21 | performance, Redis works with an in-memory dataset. Depending on your use case, you can persist 22 | it either by dumping the dataset to disk every once in a while, or by appending each command to a log. 23 | 24 | 25 | Usage 26 | ----- 27 | 28 | For this, we will assume that you are using the `rhel9/redis-7` image. 29 | If you want to set only the mandatory environment variables and not store 30 | the database in a host directory, execute the following command: 31 | 32 | ``` 33 | $ podman run -d --name redis_database -p 6379:6379 rhel9/redis-7 34 | ``` 35 | 36 | This will create a container named `redis_database`. Port 6379 will be exposed and mapped 37 | to the host. 38 | 39 | If you want your database to be persistent across container executions, also add a 40 | `-v /host/db/path:/var/lib/redis/data:Z` argument. This will be the Redis data directory. 41 | 42 | For protecting Redis data by a password, pass `REDIS_PASSWORD` environment variable 43 | to the container like this: 44 | 45 | ``` 46 | $ podman run -d --name redis_database -e REDIS_PASSWORD=strongpassword rhel9/redis-7 47 | ``` 48 | 49 | **Warning: since Redis is pretty fast an outside user can try up to 50 | 150k passwords per second against a good box. This means that you should 51 | use a very strong password otherwise it will be very easy to break.** 52 | 53 | 54 | Environment variables and volumes 55 | ---------------------------------- 56 | 57 | **`REDIS_PASSWORD`** 58 | Password for the server access 59 | 60 | **`BIND_ADDRESS`** 61 | IP address for the server to listen on 62 | 63 | 64 | You can also set the following mount points by passing the `-v /host:/container:Z` flag to podman. 65 | 66 | **`/var/lib/redis/data`** 67 | Redis data directory 68 | 69 | 70 | **Notice: When mouting a directory from the host into the container, ensure that the mounted 71 | directory has the appropriate permissions and that the owner and group of the directory 72 | matches the user UID or name which is running inside the container.** 73 | 74 | 75 | Troubleshooting 76 | --------------- 77 | Redis logs into standard output, so the log is available in the container log. The log can be examined by running: 78 | 79 | podman logs 80 | 81 | 82 | See also 83 | -------- 84 | Dockerfile and other sources for this container image are available on 85 | https://github.com/sclorg/redis-container. 86 | In that repository you also can find another versions of Python environment Dockerfiles. 87 | Dockerfile for RHEL8 it's `Dockerfile.rhel8`, for RHEL9 it's `Dockerfile.rhel9`, 88 | for CentOS Stream 9 it's `Dockerfile.c9s` and the Fedora Dockerfile is called Dockerfile.fedora. 89 | -------------------------------------------------------------------------------- /test/test_container_basics.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | import subprocess 3 | import tempfile 4 | 5 | from container_ci_suite.container_lib import ContainerTestLib 6 | from container_ci_suite.utils import ContainerTestLibUtils 7 | from container_ci_suite.engines.podman_wrapper import PodmanCLIWrapper 8 | 9 | from conftest import VARS 10 | 11 | 12 | class TestRedisBasicsContainer: 13 | 14 | def setup_method(self): 15 | self.app = ContainerTestLib(image_name=VARS.IMAGE_NAME, s2i_image=True) 16 | 17 | def teardown_method(self): 18 | self.app.cleanup() 19 | 20 | def test_check_proper_version(self): 21 | """ 22 | Function checks if redis-server returns proper 23 | VERSION number 24 | """ 25 | assert VARS.VERSION in PodmanCLIWrapper.podman_run_command_and_remove( 26 | cid_file_name=VARS.IMAGE_NAME, 27 | cmd="redis-server --version" 28 | ) 29 | 30 | def test_invalid_combination(self): 31 | """ 32 | Function checks if running container with wrong PASSWORD 33 | with spaces in the REDIS_PASSWORD really fails 34 | It should fail. If it doesn't fail, 35 | """ 36 | with pytest.raises(subprocess.CalledProcessError): 37 | PodmanCLIWrapper.call_podman_command( 38 | cmd=f"run --rm -e REDIS_PASSWORD=\"pass with space\" {VARS.IMAGE_NAME}", 39 | return_output=False 40 | ) 41 | 42 | def test_run_change_password(self): 43 | """ 44 | Function checks if setting two different password 45 | works properly in the container. 46 | The datadir is shared and mounted to container 47 | """ 48 | data_dir = tempfile.mkdtemp(prefix="/tmp/redis-test_log_dir") 49 | ContainerTestLibUtils.commands_to_run( 50 | commands_to_run=[ 51 | f"mkdir -p {data_dir}/data", 52 | f"chown -R 1001:1001 {data_dir}", 53 | f"chcon -Rvt svirt_sandbox_file_t {data_dir}/" 54 | ] 55 | ) 56 | cid_file_name = "testapp1" 57 | # Create Redis container with persistent volume and set the initial password 58 | assert self.app.create_container( 59 | cid_file_name=cid_file_name, 60 | container_args=f"-e REDIS_PASSWORD=foo -v {data_dir}/data:/var/lib/redis/data:Z" 61 | ) 62 | cid1 = self.app.get_cid(cid_file_name=cid_file_name) 63 | cip1 = self.app.get_cip(cid_file_name=cid_file_name) 64 | assert cip1 65 | # The redis-cli command should response with 'PONG' 66 | redis_output = PodmanCLIWrapper.podman_run_command_and_remove( 67 | cid_file_name=VARS.IMAGE_NAME, 68 | cmd=f"redis-cli -h {cip1} -a foo ping", 69 | ).strip() 70 | assert "PONG" in redis_output, "Expected return value is 'PONG'" 71 | PodmanCLIWrapper.call_podman_command(f"stop {cid1} >/dev/null") 72 | 73 | cid_file_name = "testapp2" 74 | # Create Valkey container with persistent volume and set second initial password 75 | assert self.app.create_container( 76 | cid_file_name=cid_file_name, 77 | container_args=f"-e REDIS_PASSWORD=bar -v {data_dir}/data:/var/lib/redis/data:Z" 78 | ) 79 | cid2 = self.app.get_cid(cid_file_name=cid_file_name) 80 | cip2 = self.app.get_cip(cid_file_name=cid_file_name) 81 | assert cip2 82 | # The redis-cli command should responds with 'PONG' 83 | redis_output = PodmanCLIWrapper.podman_run_command_and_remove( 84 | cid_file_name=VARS.IMAGE_NAME, 85 | cmd=f"redis-cli -h {cip2} -a bar ping" 86 | ).strip() 87 | assert "PONG" in redis_output, "Expected return value is 'PONG'" 88 | # The old password should not work anymore 89 | assert PodmanCLIWrapper.podman_run_command_and_remove( 90 | cid_file_name=VARS.IMAGE_NAME, 91 | cmd=f"redis-cli -h {cip2} -a foo ping", 92 | return_output=False 93 | ) == 0, "The command with pass -a foo has to fail" 94 | PodmanCLIWrapper.call_podman_command(f"stop {cid2} >/dev/null") 95 | -------------------------------------------------------------------------------- /test/test_container_application.py: -------------------------------------------------------------------------------- 1 | import pytest 2 | 3 | from container_ci_suite.container_lib import ContainerTestLib 4 | from container_ci_suite.engines.podman_wrapper import PodmanCLIWrapper 5 | 6 | from conftest import VARS 7 | 8 | 9 | class TestRedisApplicationContainer: 10 | def setup_method(self): 11 | self.s2i_app = ContainerTestLib(image_name=VARS.IMAGE_NAME, s2i_image=True) 12 | 13 | def teardown_method(self): 14 | self.s2i_app.cleanup() 15 | 16 | @pytest.mark.parametrize( 17 | "password,test_name", 18 | [ 19 | ("pass", "no_root"), 20 | ("", "no_pass"), 21 | ("pass", "no_pass_altuid"), 22 | ("pass", "no_root_altuid"), 23 | ], 24 | ) 25 | def test_run_app_test(self, password, test_name): 26 | """ 27 | Test checks if valkey server works with different settings. 28 | Like 'No root' user with password, 'w/o password' 29 | and with different user and password 30 | """ 31 | container_arg = f"-e REDIS_PASSWORD={password}" if password else "" 32 | container_arg = ( 33 | f"{container_arg} -u 12345" 34 | if "altuid" in test_name 35 | else f"{container_arg} --user=100001" 36 | ) 37 | assert self.s2i_app.create_container( 38 | cid_file_name=test_name, container_args=container_arg 39 | ) 40 | # assert ContainerImage.wait_for_cid(cid_file_name=test_name) 41 | cid = self.s2i_app.get_cid(cid_file_name=test_name) 42 | assert cid 43 | cip = self.s2i_app.get_cip(cid_file_name=test_name) 44 | assert cip 45 | testing_password = f"-a {password}" if password else "" 46 | redis_cmd = f"redis-cli -h {cip} {testing_password}" 47 | # Test with redis-cli returns 'PONG' from the different container 48 | redis_output = PodmanCLIWrapper.podman_run_command_and_remove( 49 | cid_file_name=VARS.IMAGE_NAME, cmd=f"{redis_cmd} ping" 50 | ).strip() 51 | assert "PONG" in redis_output, f"The command {redis_cmd} should return PONG" 52 | # The password '_foo' has to fail. It was not initiated 53 | redis_output = PodmanCLIWrapper.podman_run_command_and_remove( 54 | cid_file_name=VARS.IMAGE_NAME, 55 | cmd=f"{redis_cmd}_foo ping", 56 | ignore_error=True, 57 | ) 58 | assert "PONG" not in redis_output, ( 59 | 'The command -e REDIS_PASSWORD="pass_foo" has to fail' 60 | ) 61 | # The redis-cli should return PONG from the running container 62 | redis_output = PodmanCLIWrapper.podman_exec_shell_command( 63 | cid_file_name=cid, cmd=f"{redis_cmd} ping" 64 | ) 65 | assert "PONG" in redis_output, "Local access FAILED" 66 | # The redis-cli set value 'a' to 1 67 | assert ( 68 | PodmanCLIWrapper.podman_exec_shell_command( 69 | cid_file_name=cid, cmd=f"{redis_cmd} set a 1", return_output=False 70 | ) 71 | == 0 72 | ) 73 | # The redis-cli set value 'b' to 2 74 | assert ( 75 | PodmanCLIWrapper.podman_exec_shell_command( 76 | cid_file_name=cid, cmd=f"{redis_cmd} set b 2", return_output=False 77 | ) 78 | == 0 79 | ) 80 | # Checks if value b is set to '2' 81 | redis_get_value = PodmanCLIWrapper.podman_exec_shell_command( 82 | cid_file_name=cid, cmd=f"{redis_cmd} get b 2>/dev/null" 83 | ).strip() 84 | assert int(redis_get_value) == 2 85 | 86 | @pytest.mark.parametrize( 87 | "bind_address", 88 | [ 89 | "", 90 | "-e BIND_ADDRESS=127.0.0.1", 91 | ], 92 | ) 93 | def test_bind_address(self, bind_address): 94 | """ 95 | Test checks if BIND_ADDRESS works properly. 96 | In case it is not set, then checks if redis-cli returns PONG. 97 | In case it is set, then checks if configuration file is really changed. 98 | """ 99 | cid_file_name = "bind_address" 100 | assert self.s2i_app.create_container( 101 | cid_file_name=cid_file_name, 102 | container_args=f"--user=100001 -e REDIS_PASSWORD=pass {bind_address}", 103 | ) 104 | cid = self.s2i_app.get_cid(cid_file_name=cid_file_name) 105 | assert cid 106 | cip = self.s2i_app.get_cip(cid_file_name=cid_file_name) 107 | assert cip 108 | assert ( 109 | PodmanCLIWrapper.podman_exec_shell_command( 110 | cid_file_name=cid, cmd="test -f ${REDIS_CONF}", return_output=False 111 | ) 112 | == 0 113 | ) 114 | if bind_address: 115 | assert ( 116 | PodmanCLIWrapper.podman_exec_shell_command( 117 | cid_file_name=cid, 118 | cmd='grep "^bind 127.0.0.1" ${REDIS_CONF}', 119 | return_output=False, 120 | ) 121 | == 0 122 | ) 123 | else: 124 | # Check that REDIS_CONF really does NOT contain 'bind 127.0.0.1' 125 | assert not PodmanCLIWrapper.podman_exec_shell_command( 126 | cid_file_name=cid, 127 | cmd='grep "^bind 127.0.0.1" ${REDIS_CONF}', 128 | return_output=False, 129 | ) 130 | # Checks if redis-cli returns PONG 131 | redis_return_value = PodmanCLIWrapper.podman_run_command_and_remove( 132 | cid_file_name=VARS.IMAGE_NAME, cmd=f"redis-cli -h {cip} -a pass ping" 133 | ).strip() 134 | assert "PONG" in redis_return_value, ( 135 | f"redis-cli -h {cip} -a pass ping has to return PONG" 136 | ) 137 | -------------------------------------------------------------------------------- /examples/redis-ephemeral-template.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Template", 3 | "apiVersion": "template.openshift.io/v1", 4 | "metadata": { 5 | "name": "redis-ephemeral", 6 | "annotations": { 7 | "openshift.io/display-name": "Redis (Ephemeral)", 8 | "description": "Redis in-memory data structure store, without persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/5.\n\nWARNING: Any data stored will be lost upon pod destruction. Only use this template for testing", 9 | "iconClass": "icon-redis", 10 | "tags": "database,redis", 11 | "openshift.io/long-description": "This template provides a standalone Redis server. The data is not stored on persistent storage, so any restart of the service will result in all data being lost.", 12 | "openshift.io/provider-display-name": "Red Hat, Inc.", 13 | "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/5", 14 | "openshift.io/support-url": "https://access.redhat.com" 15 | } 16 | }, 17 | "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/5.", 18 | "labels": { 19 | "template": "redis-ephemeral-template" 20 | }, 21 | "objects": [ 22 | { 23 | "kind": "Secret", 24 | "apiVersion": "v1", 25 | "metadata": { 26 | "name": "${DATABASE_SERVICE_NAME}", 27 | "annotations": { 28 | "template.openshift.io/expose-password": "{.data['database-password']}" 29 | } 30 | }, 31 | "stringData" : { 32 | "database-password" : "${REDIS_PASSWORD}" 33 | } 34 | }, 35 | { 36 | "kind": "Service", 37 | "apiVersion": "v1", 38 | "metadata": { 39 | "name": "${DATABASE_SERVICE_NAME}", 40 | "annotations": { 41 | "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}" 42 | } 43 | }, 44 | "spec": { 45 | "ports": [ 46 | { 47 | "name": "redis", 48 | "protocol": "TCP", 49 | "port": 6379, 50 | "targetPort": 6379, 51 | "nodePort": 0 52 | } 53 | ], 54 | "selector": { 55 | "name": "${DATABASE_SERVICE_NAME}" 56 | }, 57 | "type": "ClusterIP", 58 | "sessionAffinity": "None" 59 | }, 60 | "status": { 61 | "loadBalancer": {} 62 | } 63 | }, 64 | { 65 | "kind": "Deployment", 66 | "apiVersion": "apps/v1", 67 | "metadata": { 68 | "name": "${DATABASE_SERVICE_NAME}", 69 | "annotations": { 70 | "template.alpha.openshift.io/wait-for-ready": "true", 71 | "image.openshift.io/triggers": "[{\"from\":{\"kind\":\"ImageStreamTag\",\"name\":\"redis:${REDIS_VERSION}\"},\"fieldPath\": \"spec.template.spec.containers[0].image\"}]" 72 | } 73 | }, 74 | "spec": { 75 | "strategy": { 76 | "type": "Recreate" 77 | }, 78 | "replicas": 1, 79 | "selector": { 80 | "matchLabels": { 81 | "name": "${DATABASE_SERVICE_NAME}" 82 | } 83 | }, 84 | "template": { 85 | "metadata": { 86 | "labels": { 87 | "name": "${DATABASE_SERVICE_NAME}" 88 | } 89 | }, 90 | "spec": { 91 | "containers": [ 92 | { 93 | "name": "redis", 94 | "image": " ", 95 | "ports": [ 96 | { 97 | "containerPort": 6379, 98 | "protocol": "TCP" 99 | } 100 | ], 101 | "readinessProbe": { 102 | "timeoutSeconds": 1, 103 | "initialDelaySeconds": 5, 104 | "exec": { 105 | "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""] 106 | } 107 | }, 108 | "livenessProbe": { 109 | "timeoutSeconds": 1, 110 | "initialDelaySeconds": 30, 111 | "tcpSocket": { 112 | "port": 6379 113 | } 114 | }, 115 | "env": [ 116 | { 117 | "name": "REDIS_PASSWORD", 118 | "valueFrom": { 119 | "secretKeyRef" : { 120 | "name" : "${DATABASE_SERVICE_NAME}", 121 | "key" : "database-password" 122 | } 123 | } 124 | } 125 | ], 126 | "resources": { 127 | "limits": { 128 | "memory": "${MEMORY_LIMIT}" 129 | } 130 | }, 131 | "volumeMounts": [ 132 | { 133 | "name": "${DATABASE_SERVICE_NAME}-data", 134 | "mountPath": "/var/lib/redis/data" 135 | } 136 | ], 137 | "terminationMessagePath": "/dev/termination-log", 138 | "imagePullPolicy": "IfNotPresent", 139 | "capabilities": {}, 140 | "securityContext": { 141 | "capabilities": {}, 142 | "privileged": false 143 | } 144 | } 145 | ], 146 | "volumes": [ 147 | { 148 | "name": "${DATABASE_SERVICE_NAME}-data", 149 | "emptyDir": { 150 | "medium": "" 151 | } 152 | } 153 | ], 154 | "restartPolicy": "Always", 155 | "dnsPolicy": "ClusterFirst" 156 | } 157 | } 158 | }, 159 | "status": {} 160 | } 161 | ], 162 | "parameters": [ 163 | { 164 | "name": "MEMORY_LIMIT", 165 | "displayName": "Memory Limit", 166 | "description": "Maximum amount of memory the container can use.", 167 | "value": "512Mi", 168 | "required": true 169 | }, 170 | { 171 | "name": "NAMESPACE", 172 | "displayName": "Namespace", 173 | "description": "The OpenShift Namespace where the ImageStream resides.", 174 | "value": "openshift" 175 | }, 176 | { 177 | "name": "DATABASE_SERVICE_NAME", 178 | "displayName": "Database Service Name", 179 | "description": "The name of the OpenShift Service exposed for the database.", 180 | "value": "redis", 181 | "required": true 182 | }, 183 | { 184 | "name": "REDIS_PASSWORD", 185 | "displayName": "Redis Connection Password", 186 | "description": "Password for the Redis connection user.", 187 | "generate": "expression", 188 | "from": "[a-zA-Z0-9]{16}", 189 | "required": true 190 | }, 191 | { 192 | "name": "REDIS_VERSION", 193 | "displayName": "Version of Redis Image", 194 | "description": "Version of Redis image to be used (6-el8, 6-el9, 7-el8, 7-el9 or latest).", 195 | "value": "7-el9", 196 | "required": true 197 | } 198 | ] 199 | } 200 | -------------------------------------------------------------------------------- /examples/redis-persistent-template.json: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Template", 3 | "apiVersion": "template.openshift.io/v1", 4 | "metadata": { 5 | "name": "redis-persistent", 6 | "annotations": { 7 | "openshift.io/display-name": "Redis", 8 | "description": "Redis in-memory data structure store, with persistent storage. For more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/5.\n\nNOTE: You must have persistent volumes available in your cluster to use this template.", 9 | "iconClass": "icon-redis", 10 | "tags": "database,redis", 11 | "openshift.io/long-description": "This template provides a standalone Redis server. The data is stored on persistent storage.", 12 | "openshift.io/provider-display-name": "Red Hat, Inc.", 13 | "openshift.io/documentation-url": "https://github.com/sclorg/redis-container/tree/master/5", 14 | "openshift.io/support-url": "https://access.redhat.com" 15 | } 16 | }, 17 | "message": "The following service(s) have been created in your project: ${DATABASE_SERVICE_NAME}.\n\n Password: ${REDIS_PASSWORD}\n Connection URL: redis://${DATABASE_SERVICE_NAME}:6379/\n\nFor more information about using this template, including OpenShift considerations, see https://github.com/sclorg/redis-container/blob/master/5.", 18 | "labels": { 19 | "template": "redis-persistent-template" 20 | }, 21 | "objects": [ 22 | { 23 | "kind": "Secret", 24 | "apiVersion": "v1", 25 | "metadata": { 26 | "name": "${DATABASE_SERVICE_NAME}", 27 | "annotations": { 28 | "template.openshift.io/expose-password": "{.data['database-password']}" 29 | } 30 | }, 31 | "stringData" : { 32 | "database-password" : "${REDIS_PASSWORD}" 33 | } 34 | }, 35 | { 36 | "kind": "Service", 37 | "apiVersion": "v1", 38 | "metadata": { 39 | "name": "${DATABASE_SERVICE_NAME}", 40 | "annotations": { 41 | "template.openshift.io/expose-uri": "redis://{.spec.clusterIP}:{.spec.ports[?(.name==\"redis\")].port}" 42 | } 43 | }, 44 | "spec": { 45 | "ports": [ 46 | { 47 | "name": "redis", 48 | "protocol": "TCP", 49 | "port": 6379, 50 | "targetPort": 6379, 51 | "nodePort": 0 52 | } 53 | ], 54 | "selector": { 55 | "name": "${DATABASE_SERVICE_NAME}" 56 | }, 57 | "type": "ClusterIP", 58 | "sessionAffinity": "None" 59 | }, 60 | "status": { 61 | "loadBalancer": {} 62 | } 63 | }, 64 | { 65 | "kind": "PersistentVolumeClaim", 66 | "apiVersion": "v1", 67 | "metadata": { 68 | "name": "${DATABASE_SERVICE_NAME}" 69 | }, 70 | "spec": { 71 | "accessModes": [ 72 | "ReadWriteOnce" 73 | ], 74 | "resources": { 75 | "requests": { 76 | "storage": "${VOLUME_CAPACITY}" 77 | } 78 | } 79 | } 80 | }, 81 | { 82 | "kind": "Deployment", 83 | "apiVersion": "apps/v1", 84 | "metadata": { 85 | "name": "${DATABASE_SERVICE_NAME}", 86 | "annotations": { 87 | "template.alpha.openshift.io/wait-for-ready": "true", 88 | "image.openshift.io/triggers": "[{\"from\":{\"kind\":\"ImageStreamTag\",\"name\":\"redis:${REDIS_VERSION}\"},\"fieldPath\": \"spec.template.spec.containers[0].image\"}]" 89 | } 90 | }, 91 | "spec": { 92 | "strategy": { 93 | "type": "Recreate" 94 | }, 95 | "replicas": 1, 96 | "selector": { 97 | "matchLabels": { 98 | "name": "${DATABASE_SERVICE_NAME}" 99 | } 100 | }, 101 | "template": { 102 | "metadata": { 103 | "labels": { 104 | "name": "${DATABASE_SERVICE_NAME}" 105 | } 106 | }, 107 | "spec": { 108 | "containers": [ 109 | { 110 | "name": "redis", 111 | "image": " ", 112 | "ports": [ 113 | { 114 | "containerPort": 6379, 115 | "protocol": "TCP" 116 | } 117 | ], 118 | "readinessProbe": { 119 | "timeoutSeconds": 1, 120 | "initialDelaySeconds": 5, 121 | "exec": { 122 | "command": [ "/bin/sh", "-i", "-c", "test \"$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)\" == \"PONG\""] 123 | } 124 | }, 125 | "livenessProbe": { 126 | "timeoutSeconds": 1, 127 | "initialDelaySeconds": 30, 128 | "tcpSocket": { 129 | "port": 6379 130 | } 131 | }, 132 | "env": [ 133 | { 134 | "name": "REDIS_PASSWORD", 135 | "valueFrom": { 136 | "secretKeyRef" : { 137 | "name" : "${DATABASE_SERVICE_NAME}", 138 | "key" : "database-password" 139 | } 140 | } 141 | } 142 | ], 143 | "resources": { 144 | "limits": { 145 | "memory": "${MEMORY_LIMIT}" 146 | } 147 | }, 148 | "volumeMounts": [ 149 | { 150 | "name": "${DATABASE_SERVICE_NAME}-data", 151 | "mountPath": "/var/lib/redis/data" 152 | } 153 | ], 154 | "terminationMessagePath": "/dev/termination-log", 155 | "imagePullPolicy": "IfNotPresent", 156 | "capabilities": {}, 157 | "securityContext": { 158 | "capabilities": {}, 159 | "privileged": false 160 | } 161 | } 162 | ], 163 | "volumes": [ 164 | { 165 | "name": "${DATABASE_SERVICE_NAME}-data", 166 | "persistentVolumeClaim": { 167 | "claimName": "${DATABASE_SERVICE_NAME}" 168 | } 169 | } 170 | ], 171 | "restartPolicy": "Always", 172 | "dnsPolicy": "ClusterFirst" 173 | } 174 | } 175 | }, 176 | "status": {} 177 | } 178 | ], 179 | "parameters": [ 180 | { 181 | "name": "MEMORY_LIMIT", 182 | "displayName": "Memory Limit", 183 | "description": "Maximum amount of memory the container can use.", 184 | "value": "512Mi", 185 | "required": true 186 | }, 187 | { 188 | "name": "NAMESPACE", 189 | "displayName": "Namespace", 190 | "description": "The OpenShift Namespace where the ImageStream resides.", 191 | "value": "openshift" 192 | }, 193 | { 194 | "name": "DATABASE_SERVICE_NAME", 195 | "displayName": "Database Service Name", 196 | "description": "The name of the OpenShift Service exposed for the database.", 197 | "value": "redis", 198 | "required": true 199 | }, 200 | { 201 | "name": "REDIS_PASSWORD", 202 | "displayName": "Redis Connection Password", 203 | "description": "Password for the Redis connection user.", 204 | "generate": "expression", 205 | "from": "[a-zA-Z0-9]{16}", 206 | "required": true 207 | }, 208 | { 209 | "name": "VOLUME_CAPACITY", 210 | "displayName": "Volume Capacity", 211 | "description": "Volume space available for data, e.g. 512Mi, 2Gi.", 212 | "value": "1Gi", 213 | "required": true 214 | }, 215 | { 216 | "name": "REDIS_VERSION", 217 | "displayName": "Version of Redis Image", 218 | "description": "Version of Redis image to be used (6-el8, 6-el9, 7-el8, 7-el9 or latest).", 219 | "value": "7-el9", 220 | "required": true 221 | } 222 | ] 223 | } 224 | -------------------------------------------------------------------------------- /test/run: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Test the Redis image. 4 | # 5 | # IMAGE_NAME specifies the name of the candidate image used for testing. 6 | # The image has to be available before this script is executed. 7 | # 8 | 9 | set -o nounset 10 | shopt -s nullglob 11 | 12 | [ "${DEBUG:-0}" -eq 1 ] && set -x 13 | 14 | test -n "${IMAGE_NAME-}" || { echo 'make sure $IMAGE_NAME is defined' && false ;} 15 | test -n "${VERSION-}" || { echo 'make sure $VERSION is defined' && false; } 16 | test -n "${OS-}" || { echo 'make sure $OS is defined' && false; } 17 | 18 | TEST_LIST="\ 19 | run_container_creation_tests 20 | run_tests_no_root 21 | run_tests_no_pass 22 | run_tests_no_pass_altuid 23 | run_tests_no_root_altuid 24 | run_change_password_test 25 | run_doc_test 26 | run_bind_address_test 27 | run_no_bind_address_test 28 | " 29 | 30 | THISDIR=$(dirname ${BASH_SOURCE[0]}) 31 | source "${THISDIR}"/test-lib.sh 32 | 33 | function connection_works() { 34 | local container_ip="$1"; shift 35 | local password="$1"; shift 36 | if [ "$(redis_cmd "$container_ip" "$password" ping)" == "PONG" ] ; then 37 | return 0 38 | fi 39 | return 1 40 | } 41 | 42 | function redis_cmd() { 43 | local container_ip="$1"; shift 44 | local password="$1"; shift 45 | # if empty password is given, then no password will be specified 46 | docker run --rm "$IMAGE_NAME" redis-cli -h "$container_ip" ${password:+-a "$password"} "$@" 47 | } 48 | 49 | function test_connection() { 50 | local name=$1 ; shift 51 | local password=$1 ; shift 52 | local ip 53 | ip=$(ct_get_cip $name) 54 | echo " Testing Redis connection to $ip (password='${password:-}')..." 55 | local max_attempts=10 56 | local sleep_time=2 57 | local i 58 | for i in $(seq $max_attempts); do 59 | echo " Trying to connect..." 60 | if connection_works "$ip" "$password" ; then 61 | echo " Success!" 62 | echo 63 | return 0 64 | fi 65 | sleep $sleep_time 66 | done 67 | echo " Giving up: Failed to connect. Logs:" 68 | docker logs $(ct_get_cid $name) 69 | return 1 70 | } 71 | 72 | function test_redis() { 73 | local container_ip="$1" 74 | local password="$2" 75 | 76 | echo " Testing Redis (password='${password:-}')" 77 | redis_cmd "$container_ip" "$password" set a 1 >/dev/null 78 | ct_check_testcase_result $? 79 | redis_cmd "$container_ip" "$password" set b 2 >/dev/null 80 | ct_check_testcase_result $? 81 | test "$(redis_cmd "$container_ip" "$password" get b)" == '2' 82 | echo " Success!" 83 | echo 84 | } 85 | 86 | function create_container() { 87 | local name=$1 ; shift 88 | cidfile="$CID_FILE_DIR/$name" 89 | # create container with a cidfile in a directory for cleanup 90 | local container_id 91 | [ "${DEBUG:-0}" -eq 1 ] && echo "DEBUG: docker run ${DOCKER_ARGS:-} --cidfile \"$cidfile\" -d \"$@\" $IMAGE_NAME ${CONTAINER_ARGS:-}" >&2 92 | container_id="$(docker run ${DOCKER_ARGS:-} --cidfile "$cidfile" -d "$@" $IMAGE_NAME ${CONTAINER_ARGS:-})" 93 | [ "${DEBUG:-0}" -eq 1 ] && echo "Created container $container_id" 94 | [ x"$container_id" == "x" ] && return 1 || return 0 95 | } 96 | 97 | function run_change_password_test() { 98 | local tmpdir=$(mktemp -d) 99 | mkdir "${tmpdir}/data" && chmod -R a+rwx "${tmpdir}" 100 | 101 | # Create Redis container with persistent volume and set the initial password 102 | create_container "testpass1" -e REDIS_PASSWORD=foo \ 103 | -v ${tmpdir}:/var/lib/redis/data:Z 104 | ct_check_testcase_result $? 105 | test_connection testpass1 foo 106 | ct_check_testcase_result $? 107 | docker stop $(ct_get_cid testpass1) >/dev/null 108 | 109 | # Create second container with changed password 110 | create_container "testpass2" -e REDIS_PASSWORD=bar \ 111 | -v ${tmpdir}:/var/lib/redis/data:Z 112 | ct_check_testcase_result $? 113 | test_connection testpass2 bar 114 | ct_check_testcase_result $? 115 | # The old password should not work anymore 116 | container_ip="$(ct_get_cip testpass2)" 117 | ! connection_works "$container_ip" foo 118 | ct_check_testcase_result $? 119 | } 120 | 121 | function assert_login_access() { 122 | local container_ip=$1; shift 123 | local PASS=$1 ; shift 124 | local success=$1 ; shift 125 | 126 | if connection_works "$container_ip" "$PASS" ; then 127 | if $success ; then 128 | echo " Connection ($PASS) access granted as expected" 129 | return 0 130 | fi 131 | else 132 | if ! $success ; then 133 | echo " Connection ($PASS) access denied as expected" 134 | return 0 135 | fi 136 | fi 137 | echo " Connection ($PASS) login assertion failed" 138 | return 1 139 | } 140 | 141 | function assert_local_access() { 142 | local id="$1" ; shift 143 | docker exec $(ct_get_cid "$id") bash -c 'redis-cli ping' 144 | } 145 | 146 | 147 | function assert_bind_address() { 148 | local name="$1" 149 | local run_cmd="[ -f \${REDIS_CONF} ] && grep \"^bind 127.0.0.1\" \${REDIS_CONF}" 150 | 151 | echo "Checking if bind is set to 127.0.0.1 in redis.conf file." 152 | docker exec $(ct_get_cid "$name") /bin/bash -c "${run_cmd}" 153 | } 154 | 155 | function assert_no_bind_address() { 156 | local name="$1" 157 | local run_cmd="[ -f \${REDIS_CONF} ] && ! grep \"^bind 127.0.0.1\" \${REDIS_CONF}" 158 | 159 | echo "Checking if bind is not set in redis.conf file." 160 | docker exec $(ct_get_cid "$name") /bin/bash -c "${run_cmd}" 161 | } 162 | 163 | # Make sure the invocation of docker run fails. 164 | function assert_container_creation_fails() { 165 | 166 | # Time the docker run command. It should fail. If it doesn't fail, 167 | # redis will keep running so we kill it with SIGKILL to make sure 168 | # timeout returns a non-zero value. 169 | local ret=0 170 | timeout -s 9 --preserve-status 60s docker run --rm "$@" $IMAGE_NAME >/dev/null || ret=$? 171 | 172 | # Timeout will exit with a high number. 173 | if [ $ret -gt 10 ]; then 174 | return 1 175 | fi 176 | } 177 | 178 | function try_image_invalid_combinations() { 179 | assert_container_creation_fails -e REDIS_PASSWORD="pass with space" "$@" 180 | ct_check_testcase_result $? 181 | } 182 | 183 | function run_container_creation_tests() { 184 | local ret 185 | echo " Testing image entrypoint usage" 186 | try_image_invalid_combinations 187 | ret=$? 188 | if [ $ret -eq 0 ]; then 189 | echo " Success!" 190 | else 191 | echo " Failed!" 192 | fi 193 | echo 194 | return $ret 195 | } 196 | 197 | test_scl_usage() { 198 | local name="$1" 199 | local run_cmd="$2" 200 | local expected="$3" 201 | 202 | echo " Testing the image SCL enable" 203 | local out 204 | out=$(docker run --rm ${IMAGE_NAME} /bin/bash -c "${run_cmd}") 205 | if ! echo "${out}" | grep -q "${expected}"; then 206 | echo "ERROR[/bin/bash -c "${run_cmd}"] Expected '${expected}', got '${out}'" 207 | return 1 208 | fi 209 | out=$(docker exec $(ct_get_cid $name) /bin/bash -c "${run_cmd}" 2>&1) 210 | if ! echo "${out}" | grep -q "${expected}"; then 211 | echo "ERROR[exec /bin/bash -c "${run_cmd}"] Expected '${expected}', got '${out}'" 212 | return 1 213 | fi 214 | out=$(docker exec $(ct_get_cid $name) /bin/sh -ic "${run_cmd}" 2>&1) 215 | if ! echo "${out}" | grep -q "${expected}"; then 216 | echo "ERROR[exec /bin/sh -ic "${run_cmd}"] Expected '${expected}', got '${out}'" 217 | return 1 218 | fi 219 | } 220 | 221 | run_doc_test() { 222 | ct_doc_content_old 6379 "REDIS.*PASSWORD" volume 223 | return $? 224 | } 225 | 226 | function run_tests() { 227 | local name=$1 ; shift 228 | local ret 229 | envs=${PASS:+"-e REDIS_PASSWORD=$PASS"} 230 | PASS=${PASS:-} 231 | create_container $name $envs 232 | ret=$? 233 | ct_check_testcase_result $ret 234 | # Only check version on rhel/centos stream builds 235 | if [ "$OS" != "fedora" ]; then 236 | echo " Testing scl usage" 237 | test_scl_usage "$name" 'redis-server --version' "$VERSION" 238 | ct_check_testcase_result $? 239 | fi 240 | if [ "$name" == "bind_address_test" ]; then 241 | echo " Testing bind_address test" 242 | assert_bind_address "$name" 243 | ct_check_testcase_result $? 244 | # Quit test suite. redis container will not response. bind is set to localhost 245 | return 246 | fi 247 | if [ "$name" == "no_bind_address_test" ]; then 248 | echo " Testing no bind_address test" 249 | assert_no_bind_address "$name" 250 | ct_check_testcase_result $? 251 | fi 252 | test_connection "$name" "$PASS" 253 | ret=$? 254 | ct_check_testcase_result $ret 255 | echo " Testing login accesses" 256 | local container_ip 257 | container_ip=$(ct_get_cip $name) 258 | assert_login_access "$container_ip" "$PASS" true 259 | ret=$? 260 | ct_check_testcase_result $ret 261 | if [ -n "$PASS" ] ; then 262 | assert_login_access "$container_ip" "${PASS}_foo" false 263 | ct_check_testcase_result $? 264 | fi 265 | assert_local_access "$name" 266 | ret=$? 267 | ct_check_testcase_result $ret 268 | if [ $ret -ne 0 ]; then 269 | echo " Local access FAILED." 270 | else 271 | echo " Local access SUCCESS." 272 | fi 273 | echo 274 | test_redis "$container_ip" "$PASS" 275 | ct_check_testcase_result $? 276 | } 277 | 278 | function run_tests_no_root() { 279 | # Normal tests with password 280 | PASS=pass run_tests no_root 281 | } 282 | 283 | function run_tests_no_pass() { 284 | # Normal tests without password 285 | run_tests no_pass 286 | } 287 | 288 | function run_tests_no_pass_altuid() { 289 | # Test with arbitrary uid for the container without password 290 | DOCKER_ARGS="-u 12345" run_tests no_pass_altuid 291 | } 292 | 293 | function run_tests_no_root_altuid() { 294 | # Test with arbitrary uid for the container with password 295 | DOCKER_ARGS="-u 12345" PASS=pass run_tests no_root_altuid 296 | } 297 | 298 | function run_bind_address_test() { 299 | DOCKER_ARGS="-e BIND_ADDRESS=127.0.0.1" run_tests bind_address_test 300 | } 301 | 302 | function run_no_bind_address_test() { 303 | run_tests no_bind_address_test 304 | } 305 | 306 | ct_init 307 | 308 | TEST_SET=${TESTS:-$TEST_LIST} ct_run_tests_from_testset "redis_tests" 309 | # vim: set tabstop=2:shiftwidth=2:expandtab: 310 | --------------------------------------------------------------------------------