Skip to content

DS-3556 Docker desktop to podman #1048

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ajmu1 merged 11 commits into from
May 9, 2025
Merged

DS-3556 Docker desktop to podman #1048

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
239df8b
Enabling use of podman
ajmu1 Apr 2, 2025
884fed2
Enabling use of podman
ajmu1 Apr 3, 2025
1bda427
Enabling use of podman
ajmu1 Apr 8, 2025
95a867e
Enabling use podman in build-and-push target
ajmu1 Apr 9, 2025
6fae70c
Enabling use of docker for podman instead of docker
ajmu1 Apr 9, 2025
167a061
Running make targets using podman
ajmu1 Apr 10, 2025
db064e8
Enabling podman for make targets
ajmu1 Apr 15, 2025
a3975cd
All the targets required to run locally are podman enabled
ajmu1 Apr 25, 2025
d6203ef
Making output flag dynamic to handle podman and docker
ajmu1 Apr 28, 2025
ba4ff16
Changes to enable setting of container manager via enviroment variable
mabe13 May 8, 2025
8617f8c
Removing commented code
ajmu1 May 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ include $(abspath $(PROJECT_DIR)/build/automation/init.mk)
setup: project-config # Set up project
make tester-build

container-check: # Check the container management tool - can be set with: "export DOCKER_CMD=`which podman`" or "export DOCKER_CMD=`which docker`"
echo $(DOCKER_CMD)

build: # Build lambdas
for IMAGE_NAME in $$(echo $(PROJECT_LAMBDAS_LIST) | tr "," "\n"); do
make -s build-lambda GENERIC_IMAGE_NAME=lambda NAME=$$IMAGE_NAME
Expand Down Expand Up @@ -499,7 +502,7 @@ docker-run-tester: ### Run python container - mandatory: CMD; optional: SH=true,
mkdir -p $(TMP_DIR)/.python/pip/{cache,packages}
lib_volume_mount=$$(([ $(BUILD_ID) -eq 0 ] || [ "$(LIB_VOLUME_MOUNT)" == true ]) && echo "--volume $(TMP_DIR)/.python/pip/cache:/tmp/.cache/pip --volume $(TMP_DIR)/.python/pip/packages:/tmp/.packages" ||:)
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo tester-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand Down Expand Up @@ -556,3 +559,4 @@ python-run-ruff-fixes: # Auto fixes ruff warnings
.SILENT: docker-run-ruff \
commit-date-hash-tag \
performance-test-results \
container-check \
69 changes: 37 additions & 32 deletions build/automation/lib/docker.mk
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ DOCKER_LIB_DIR = $(LIB_DIR)/docker
DOCKER_LIB_DIR_REL = $(shell echo $(DOCKER_LIB_DIR) | sed "s;$(PROJECT_DIR);;g")
DOCKER_LIB_IMAGE_DIR = $(LIB_DIR)/docker/image
DOCKER_LIB_IMAGE_DIR_REL = $(shell echo $(DOCKER_LIB_IMAGE_DIR) | sed "s;$(PROJECT_DIR);;g")
DOCKER_NETWORK = $(PROJECT_GROUP_SHORT)/$(PROJECT_NAME_SHORT)/$(BUILD_ID)
# DOCKER_NETWORK = $(PROJECT_GROUP_SHORT)/$(PROJECT_NAME_SHORT)/$(BUILD_ID)
DOCKER_NETWORK = $(PROJECT_GROUP_SHORT)_$(PROJECT_NAME_SHORT)_$(BUILD_ID)
DOCKER_REGISTRY = $(AWS_ECR)/$(PROJECT_GROUP_SHORT)/$(PROJECT_NAME_SHORT)
DOCKER_LIBRARY_REGISTRY = nhsd

Expand Down Expand Up @@ -43,6 +44,10 @@ DOCKER_LIBRARY_TOOLS_VERSION = $(shell cat $(DOCKER_LIB_IMAGE_DIR)/tools/VERSION
COMPOSE_HTTP_TIMEOUT := $(or $(COMPOSE_HTTP_TIMEOUT), 6000)
DOCKER_CLIENT_TIMEOUT := $(or $(DOCKER_CLIENT_TIMEOUT), 6000)

DOCKER_CMD := $(or $(DOCKER_CMD), $(shell command -v docker >/dev/null 2>&1 && echo docker || echo podman))
IS_PODMAN := $(shell [[ "$(DOCKER_CMD)" == *podman ]] && echo true || echo false)
OUTPUT_OPTION := $(if $(filter false,$(IS_PODMAN)),--output type=docker)

# ==============================================================================

docker-create-from-template: ### Create Docker image from template - mandatory: NAME,TEMPLATE=[library template image name]
Expand All @@ -65,7 +70,7 @@ docker-create-from-template: ### Create Docker image from template - mandatory:
# ==============================================================================

docker-config: ### Configure Docker networking
docker network create $(DOCKER_NETWORK) 2> /dev/null ||:
$(DOCKER_CMD) network create $(DOCKER_NETWORK) 2> /dev/null ||:

docker-build docker-image: ### Build Docker image - mandatory: NAME; optional: VERSION,FROM_CACHE=true,BUILD_OPTS=[build options],EXAMPLE=true
reg=$$(make _docker-get-reg)
Expand Down Expand Up @@ -99,7 +104,7 @@ docker-build docker-image: ### Build Docker image - mandatory: NAME; optional: V
export IMAGE=$$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example)
export VERSION=$$(make docker-image-get-version)
make -s file-replace-variables FILE=$$dir/Dockerfile.effective
docker buildx build --rm \
$(DOCKER_CMD) buildx build --rm \
--build-arg IMAGE=$$IMAGE \
--build-arg VERSION=$$VERSION \
--build-arg BUILD_ID=$(BUILD_ID) \
Expand All @@ -108,7 +113,7 @@ docker-build docker-image: ### Build Docker image - mandatory: NAME; optional: V
--build-arg BUILD_BRANCH=$(BUILD_BRANCH) \
--build-arg BUILD_COMMIT_HASH=$(BUILD_COMMIT_HASH) \
--build-arg BUILD_COMMIT_DATE=$(BUILD_COMMIT_DATE) \
--output type=docker \
$(OUTPUT_OPTION) \
--label name=$$IMAGE \
--label version=$$VERSION \
--label build-id=$(BUILD_ID) \
Expand All @@ -122,12 +127,12 @@ docker-build docker-image: ### Build Docker image - mandatory: NAME; optional: V
--tag $$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example):$$(make docker-image-get-version) \
$$dir
# Tag
docker tag \
$(DOCKER_CMD) tag \
$$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example):$$(make docker-image-get-version) \
$$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example):latest
docker rmi --force $$(docker images | grep "<none>" | awk '{ print $$3 }') 2> /dev/null ||:
$(DOCKER_CMD) rmi --force $$($(DOCKER_CMD) images | grep "<none>" | awk '{ print $$3 }') 2> /dev/null ||:
make docker-image-keep-latest-only NAME=$(NAME)
docker image inspect $$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example):latest --format='{{.Size}}'
$(DOCKER_CMD) image inspect $$reg/$(NAME)$(shell [ -n "$(EXAMPLE)" ] && echo -example):latest --format='{{.Size}}'

docker-test: ### Test image - mandatory: NAME; optional: ARGS,CMD,GOSS_OPTS,EXAMPLE=true
dir=$$(make _docker-get-dir)
Expand All @@ -143,9 +148,9 @@ docker-test: ### Test image - mandatory: NAME; optional: ARGS,CMD,GOSS_OPTS,EXAM

docker-login: ### Log into the Docker registry - optional: DOCKER_USERNAME,DOCKER_PASSWORD
if [ -n "$(DOCKER_USERNAME)" ] && [ -n "$$(make _docker-get-login-password)" ]; then
make _docker-get-login-password | docker login --username "$(DOCKER_USERNAME)" --password-stdin
make _docker-get-login-password | $(DOCKER_CMD) login --username "$(DOCKER_USERNAME)" --password-stdin
else
make aws-ecr-get-login-password | docker login --username AWS --password-stdin $(AWS_ECR)
make aws-ecr-get-login-password | $(DOCKER_CMD) login --username AWS --password-stdin $(AWS_ECR)
fi

docker-create-repository: ### Create Docker repository to store an image - mandatory: NAME; optional: POLICY_FILE=[policy file]
Expand All @@ -155,11 +160,11 @@ docker-push: ### Push Docker image - mandatory: NAME; optional: VERSION|TAG
make docker-login
reg=$$(make _docker-get-reg)
if [ -n "$(or $(VERSION), $(TAG))" ]; then
docker push $$reg/$(NAME):$(or $(VERSION), $(TAG))
$(DOCKER_CMD) push $$reg/$(NAME):$(or $(VERSION), $(TAG))
else
docker push $$reg/$(NAME):$$(make docker-image-get-version)
$(DOCKER_CMD) push $$reg/$(NAME):$$(make docker-image-get-version)
fi
docker push $$reg/$(NAME):latest 2> /dev/null ||:
$(DOCKER_CMD) push $$reg/$(NAME):latest 2> /dev/null ||:

docker-push-for-production: ### Push Docker image - mandatory: NAME; optional: VERSION|TAG
make docker-login
Expand All @@ -174,23 +179,23 @@ docker-pull: ### Pull Docker image - mandatory: NAME,DIGEST|VERSION|TAG
[ $$(make _docker-is-lib-image) == false ] && make docker-login
reg=$$(make _docker-get-reg)
if [ -n "$(DIGEST)" ]; then
docker pull $$reg/$(NAME)@$(DIGEST) ||:
$(DOCKER_CMD) pull $$reg/$(NAME)@$(DIGEST) ||:
else
docker pull $$reg/$(NAME):$(or $(VERSION), $(TAG)) ||:
$(DOCKER_CMD) pull $$reg/$(NAME):$(or $(VERSION), $(TAG)) ||:
fi

docker-tag: ### Tag latest or provide arguments - mandatory: NAME,VERSION|TAG|[SOURCE,TARGET]|[DIGEST,VERSION|TAG]
reg=$$(make _docker-get-reg)
if [ -n "$(DIGEST)" ] && [ -n "$(TAG)" ]; then
docker tag \
$(DOCKER_CMD) tag \
$$reg/$(NAME)@$(DIGEST) \
$$reg/$(NAME):$(or $(VERSION), $(TAG))
elif [ -n "$(SOURCE)" ] && [ -n "$(TARGET)" ]; then
docker tag \
$(DOCKER_CMD) tag \
$$reg/$(NAME):$(SOURCE) \
$$reg/$(NAME):$(TARGET)
elif [ -n "$(or $(VERSION), $(TAG))" ]; then
docker tag \
$(DOCKER_CMD) tag \
$$reg/$(NAME):latest \
$$reg/$(NAME):$(or $(VERSION), $(TAG))
fi
Expand Down Expand Up @@ -280,25 +285,25 @@ docker-image-set-version: ### Set effective Docker image version - mandatory: NA
docker-image-pull-or-build: ### Pull or build image - mandatory: NAME; optional VERSION|TAG=[defaults to 'latest'],LATEST=true
version=$(or $(or $(VERSION), $(TAG)), latest)
image=$(DOCKER_LIBRARY_REGISTRY)/$(NAME):$$version
if [ -z "$$(docker images --filter=reference="$$image" --quiet)" ]; then
if [ -z "$$($(DOCKER_CMD) images --filter=reference="$$image" --quiet)" ]; then
make docker-pull NAME=$(NAME) VERSION=$$version ||:
fi
if [ -z "$$(docker images --filter=reference="$$image" --quiet)" ]; then
if [ -z "$$($(DOCKER_CMD) images --filter=reference="$$image" --quiet)" ]; then
make docker-build NAME=$(NAME) || ( \
echo "ERROR: No image $$image found"; \
exit 1 \
)
fi
if [ -n "$$(docker images --filter=reference="$$image" --quiet)" ]; then
if [ -n "$$($(DOCKER_CMD) images --filter=reference="$$image" --quiet)" ]; then
[[ "$(LATEST)" =~ ^(true|yes|y|on|1|TRUE|YES|Y|ON)$$ ]] && \
make docker-tag NAME=$(NAME) SOURCE=$$version TARGET=latest ||:
fi

docker-image-keep-latest-only: ### Remove other images than latest - mandatory: NAME
reg=$$(make _docker-get-reg)
docker rmi --force $$( \
docker images --filter=reference="$$reg/$(NAME):*" --quiet | \
grep -v $$(docker images --filter=reference="$$reg/$(NAME):latest" --quiet) \
$(DOCKER_CMD) rmi --force $$( \
$(DOCKER_CMD) images --filter=reference="$$reg/$(NAME):*" --quiet | \
grep -v $$($(DOCKER_CMD) images --filter=reference="$$reg/$(NAME):latest" --quiet) \
) 2> /dev/null ||:

docker-image-start: ### Start container - mandatory: NAME; optional: CMD,DIR,ARGS=[Docker args],VARS_FILE=[Makefile vars file],EXAMPLE=true
Expand Down Expand Up @@ -364,7 +369,7 @@ docker-run: ### Run specified image - mandatory: IMAGE; optional: CMD,SH=true,DI
make docker-config > /dev/null 2>&1
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo $$(echo '$(IMAGE)' | md5sum | cut -c1-7)-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
if [[ ! "$(SH)" =~ ^(true|yes|y|on|1|TRUE|YES|Y|ON)$$ ]]; then
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand Down Expand Up @@ -425,7 +430,7 @@ docker-run-editorconfig: ### Run editorconfig container - optional: DIR=[working
make docker-config > /dev/null 2>&1
image=$$([ -n "$(IMAGE)" ] && echo $(IMAGE) || echo mstruebing/editorconfig-checker:$(DOCKER_EDITORCONFIG_CHECKER_VERSION))
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo editorconfig-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--volume $$([ -n "$(DIR)" ] && echo $(abspath $(DIR)) || echo $(PWD)):/check \
Expand Down Expand Up @@ -531,7 +536,7 @@ docker-run-python: ### Run python container - mandatory: CMD; optional: SH=true,
image=$$([ -n "$(IMAGE)" ] && echo $(IMAGE) || echo python:$(DOCKER_PYTHON_VERSION))
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo python-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
if [[ ! "$(SH)" =~ ^(true|yes|y|on|1|TRUE|YES|Y|ON)$$ ]]; then
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand All @@ -549,7 +554,7 @@ docker-run-python: ### Run python container - mandatory: CMD; optional: SH=true,
$$image \
$(CMD)
else
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand Down Expand Up @@ -594,7 +599,7 @@ docker-run-terraform: ### Run terraform container - mandatory: CMD; optional: DI
make docker-config > /dev/null 2>&1
image=$$([ -n "$(IMAGE)" ] && echo $(IMAGE) || echo hashicorp/terraform:$(DOCKER_TERRAFORM_VERSION))
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo terraform-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand All @@ -613,7 +618,7 @@ docker-run-terraform-tfsec: ### Run terraform tfsec container - optional: DIR,AR
make docker-config > /dev/null 2>&1
image=$$([ -n "$(IMAGE)" ] && echo $(IMAGE) || echo aquasec/tfsec:$(DOCKER_TERRAFORM_TFSEC_VERSION))
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo tfsec-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand All @@ -632,7 +637,7 @@ docker-run-checkov: ### Run checkov container - optional: DIR,ARGS=[Docker args]
make docker-config > /dev/null 2>&1
image=$$([ -n "$(IMAGE)" ] && echo $(IMAGE) || echo bridgecrew/checkov:$(DOCKER_CHECKOV_VERSION))
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo tfsec-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand Down Expand Up @@ -714,7 +719,7 @@ docker-run-tools: ### Run tools (Python) container - mandatory: CMD; optional: S
container=$$([ -n "$(CONTAINER)" ] && echo $(CONTAINER) || echo tools-$(BUILD_COMMIT_HASH)-$(BUILD_ID)-$$(date --date=$$(date -u +"%Y-%m-%dT%H:%M:%S%z") -u +"%Y%m%d%H%M%S" 2> /dev/null)-$$(make secret-random LENGTH=8))
make docker-image-pull-or-build NAME=tools VERSION=$(DOCKER_LIBRARY_TOOLS_VERSION) >&2
if [[ ! "$(SH)" =~ ^(true|yes|y|on|1|TRUE|YES|Y|ON)$$ ]]; then
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand All @@ -737,7 +742,7 @@ docker-run-tools: ### Run tools (Python) container - mandatory: CMD; optional: S
$$image \
$(CMD)
else
docker run --interactive $(_TTY) --rm \
$(DOCKER_CMD) run --interactive $(_TTY) --rm \
--name $$container \
--user $$(id -u):$$(id -g) \
--env-file <(make _list-variables PATTERN="^(AWS|TX|TEXAS|NHSD|TERRAFORM)") \
Expand Down
Loading