From 00471432c45e215081020b0fac54a27f4bcbf565 Mon Sep 17 00:00:00 2001
From: Ian Lewis <ianmlewis@gmail.com>
Date: Fri, 18 Oct 2019 01:37:17 -0400
Subject: Update to Go 1.12 runtime.

Update to the Go 1.12 runtime.
- The login option in app.yaml is no longer supported. Check the
  X-Appengine-Cron http header instead.
- Add a 'stage' make target that allows you to easily stage a change.
---
 Makefile | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index 818a2de5e..45c115ed9 100644
--- a/Makefile
+++ b/Makefile
@@ -14,7 +14,7 @@ APP_TARGET = $(patsubst cmd/gvisor-website/%,public/%,$(APP_SOURCE))
 default: website
 .PHONY: default
 
-website: all-upstream app public/static
+website: all-upstream app static-production
 .PHONY: website
 
 app: $(APP_TARGET)
@@ -44,8 +44,13 @@ content/docs/community/sigs: upstream/community $(wildcard upstream/community/si
 $(APP_TARGET): public $(APP_SOURCE)
 	cp -a cmd/gvisor-website/$(patsubst public/%,%,$@) public/
 
-public/static: compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')
+static-production: compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')
 	HUGO_ENV="production" $(HUGO)
+.PHONY: static-production
+
+static-staging: compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')                           
+	$(HUGO) -b  "https://staging-$(shell git branch | grep \* | cut -d ' ' -f2)-dot-gvisor-website.appspot.com"
+.PHONY: static-staging
 
 node_modules: package.json package-lock.json
 	# Use npm ci because npm install will update the package-lock.json.
@@ -77,10 +82,17 @@ server: website
 .PHONY: server
 
 # Deploy the website to App Engine.
-deploy: $(APP_TARGET)
+deploy: website
 	cd public && $(GCLOUD) app deploy
 .PHONY: deploy
 
+# Stage the website to App Engine at a version based on the git branch name.
+stage: all-upstream app static-staging
+	# Disallow indexing staged content.
+	printf "User-agent: *\nDisallow: /" > public/static/robots.txt
+	cd public && $(GCLOUD) app deploy -v staging-$(shell git branch | grep \* | cut -d ' ' -f2) --no-promote
+.PHONY: stage
+
 # CI related Commmands
 ##############################################################################
 
-- 
cgit v1.2.3


From eef069778b020e02d36c546ce9c92894254a75aa Mon Sep 17 00:00:00 2001
From: Ian Lewis <ianlewis@google.com>
Date: Thu, 5 Dec 2019 20:54:13 -0500
Subject: Build runsc in Docker container

This removes the build dependency on Bazel.
---
 Makefile | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index 45c115ed9..cb48b4ae2 100644
--- a/Makefile
+++ b/Makefile
@@ -58,7 +58,17 @@ node_modules: package.json package-lock.json
 	$(NPM) ci
 
 upstream/gvisor/bazel-bin/runsc/linux_amd64_pure_stripped/runsc: upstream-gvisor
-	cd upstream/gvisor && bazel build runsc
+	mkdir -p /tmp/gvisor-website/build_output
+	docker run \
+	  -v $(PWD)/upstream/gvisor:/workspace \
+	  -v /tmp/gvisor-website/build_output:/tmp/gvisor-website/build_output \
+	  -w /workspace \
+	  --entrypoint 'sh' \
+	  l.gcr.io/google/bazel \
+	  -c '\
+		groupadd --gid $(shell id -g) $(shell id -gn) && \
+		useradd --uid $(shell id -u) --gid $(shell id -g) -ms /bin/bash $(USER) && \
+		su $(USER) -c "bazel --output_user_root=/tmp/gvisor-website/build_output build //runsc"'
 
 bin/generate-syscall-docs: $(GEN_SOURCE)
 	mkdir -p bin/
-- 
cgit v1.2.3


From 89ac3bdc31d85412a9ce2073e96313588f6fb636 Mon Sep 17 00:00:00 2001
From: Ian Lewis <ianlewis@google.com>
Date: Thu, 5 Dec 2019 20:55:19 -0500
Subject: Run npm in Docker image.

This partially removes the build dependency on node.js.
---
 Makefile | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index cb48b4ae2..886a5f9b4 100644
--- a/Makefile
+++ b/Makefile
@@ -1,7 +1,6 @@
 HUGO := hugo
 HUGO_VERSION := 0.53
 HTMLPROOFER_VERSION := 3.10.2
-NPM := npm
 GCLOUD := gcloud
 GCP_PROJECT := gvisor-website
 
@@ -55,7 +54,14 @@ static-staging: compatibility-docs node_modules config.toml $(shell find archety
 node_modules: package.json package-lock.json
 	# Use npm ci because npm install will update the package-lock.json.
 	# See: https://github.com/npm/npm/issues/18286
-	$(NPM) ci
+	docker run \
+	  -e USER="$(shell id -u)" \
+	  -e HOME="/tmp" \
+	  -u="$(shell id -u):$(shell id -g)" \
+	  -v $(PWD):/workspace \
+	  -w /workspace \
+	  --entrypoint 'npm' \
+	  node ci
 
 upstream/gvisor/bazel-bin/runsc/linux_amd64_pure_stripped/runsc: upstream-gvisor
 	mkdir -p /tmp/gvisor-website/build_output
-- 
cgit v1.2.3


From 6e5080f5dc3527b2382bd2a91f7d5eace4793b17 Mon Sep 17 00:00:00 2001
From: Ian Lewis <ianlewis@google.com>
Date: Fri, 6 Dec 2019 08:37:19 -0500
Subject: Use hugo Docker image in Makefile

Removes the local dependency on hugo for building.
---
 Makefile                           | 51 ++++++++++++++++++++++++++++----------
 cloudbuild/html-proofer/Dockerfile |  2 +-
 2 files changed, 39 insertions(+), 14 deletions(-)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index 886a5f9b4..8aa490ab1 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,3 @@
-HUGO := hugo
 HUGO_VERSION := 0.53
 HTMLPROOFER_VERSION := 3.10.2
 GCLOUD := gcloud
@@ -43,12 +42,29 @@ content/docs/community/sigs: upstream/community $(wildcard upstream/community/si
 $(APP_TARGET): public $(APP_SOURCE)
 	cp -a cmd/gvisor-website/$(patsubst public/%,%,$@) public/
 
-static-production: compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')
-	HUGO_ENV="production" $(HUGO)
+static-production: hugo-docker-image compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')
+	docker run \
+	  -e HUGO_ENV="production" \
+	  -e USER="$(shell id -u)" \
+	  -e HOME="/tmp" \
+	  -u="$(shell id -u):$(shell id -g)" \
+	  -v $(PWD):/workspace \
+	  -w /workspace \
+	  gcr.io/gvisor-website/hugo:$(HUGO_VERSION) \
+	  hugo
 .PHONY: static-production
 
-static-staging: compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')                           
-	$(HUGO) -b  "https://staging-$(shell git branch | grep \* | cut -d ' ' -f2)-dot-gvisor-website.appspot.com"
+static-staging: hugo-docker-image compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')                           
+	docker run \
+	  -e HUGO_ENV="production" \
+	  -e USER="$(shell id -u)" \
+	  -e HOME="/tmp" \
+	  -u="$(shell id -u):$(shell id -g)" \
+	  -v $(PWD):/workspace \
+	  -w /workspace \
+	  gcr.io/gvisor-website/hugo:$(HUGO_VERSION) \
+	  hugo \
+	    -b "https://staging-$(shell git branch | grep \* | cut -d ' ' -f2)-dot-gvisor-website.appspot.com"
 .PHONY: static-staging
 
 node_modules: package.json package-lock.json
@@ -84,13 +100,24 @@ compatibility-docs: bin/generate-syscall-docs upstream/gvisor/bazel-bin/runsc/li
 	./upstream/gvisor/bazel-bin/runsc/linux_amd64_pure_stripped/runsc help syscalls -o json | ./bin/generate-syscall-docs -out ./content/docs/user_guide/compatibility/
 .PHONY: compatibility-docs
 
-check: website
-	docker run -v $(shell pwd)/public:/public gcr.io/gvisor-website/html-proofer:3.10.2 htmlproofer --disable-external --check-html public/static
+check: htmlproofer-docker-image website
+	docker run -v $(shell pwd)/public:/public gcr.io/gvisor-website/html-proofer:$(HTMLPROOFER_VERSION) htmlproofer --disable-external --check-html public/static
 .PHONY: check
 
 # Run a local content development server. Redirects will not be supported.
-devserver: all-upstream compatibility-docs
-	$(HUGO) server -FD --port 8080
+devserver: hugo-docker-image all-upstream compatibility-docs
+	docker run \
+	  -e USER="$(shell id -u)" \
+	  -e HOME="/tmp" \
+	  -u="$(shell id -u):$(shell id -g)" \
+	  -v $(PWD):/workspace \
+	  -w /workspace \
+	  -p 8080:8080 \
+	  gcr.io/gvisor-website/hugo:$(HUGO_VERSION) \
+	  hugo server \
+		-FD \
+		--bind 0.0.0.0 \
+		--port 8080
 .PHONY: server
 
 server: website
@@ -116,16 +143,14 @@ stage: all-upstream app static-staging
 cloud-build:
 	gcloud builds submit --config cloudbuild.yaml .
 
-# Build and push the hugo Docker image used by Cloud Build.
+# Build the hugo Docker image.
 hugo-docker-image:
 	docker build --build-arg HUGO_VERSION=$(HUGO_VERSION) -t gcr.io/gvisor-website/hugo:$(HUGO_VERSION) cloudbuild/hugo/
-	docker push gcr.io/gvisor-website/hugo:$(HUGO_VERSION)
 .PHONY: hugo-docker-image
 
-# Build and push the html-proofer image used by Cloud Build.
+# Build the html-proofer image used by Cloud Build.
 htmlproofer-docker-image:
 	docker build --build-arg HTMLPROOFER_VERSION=$(HTMLPROOFER_VERSION) -t gcr.io/gvisor-website/html-proofer:$(HTMLPROOFER_VERSION) cloudbuild/html-proofer/
-	docker push gcr.io/gvisor-website/html-proofer:$(HTMLPROOFER_VERSION)
 .PHONY: htmlproofer-docker-image
 
 clean:
diff --git a/cloudbuild/html-proofer/Dockerfile b/cloudbuild/html-proofer/Dockerfile
index fee64111f..1f692c7df 100644
--- a/cloudbuild/html-proofer/Dockerfile
+++ b/cloudbuild/html-proofer/Dockerfile
@@ -13,7 +13,7 @@ RUN set -x \
             libcurl \
             libxml2-dev \
             libxslt-dev \
-            openssh
+            openssh \
         && gem install \
             html-proofer:${HTMLPROOFER_VERSION} \
             nokogiri:1.10.1 \
-- 
cgit v1.2.3


From 2274c9929a0feff9dab29b72a8f0395077e15ad8 Mon Sep 17 00:00:00 2001
From: Ian Lewis <ianlewis@google.com>
Date: Fri, 6 Dec 2019 09:05:46 -0500
Subject: Add --rm to docker run commands.

---
 Makefile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'Makefile')

diff --git a/Makefile b/Makefile
index 8aa490ab1..2c54efa60 100644
--- a/Makefile
+++ b/Makefile
@@ -44,6 +44,7 @@ $(APP_TARGET): public $(APP_SOURCE)
 
 static-production: hugo-docker-image compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')
 	docker run \
+	  --rm \
 	  -e HUGO_ENV="production" \
 	  -e USER="$(shell id -u)" \
 	  -e HOME="/tmp" \
@@ -56,6 +57,7 @@ static-production: hugo-docker-image compatibility-docs node_modules config.toml
 
 static-staging: hugo-docker-image compatibility-docs node_modules config.toml $(shell find archetypes assets content themes -type f | sed 's/ /\\ /g')                           
 	docker run \
+	  --rm \
 	  -e HUGO_ENV="production" \
 	  -e USER="$(shell id -u)" \
 	  -e HOME="/tmp" \
@@ -71,6 +73,7 @@ node_modules: package.json package-lock.json
 	# Use npm ci because npm install will update the package-lock.json.
 	# See: https://github.com/npm/npm/issues/18286
 	docker run \
+	  --rm \
 	  -e USER="$(shell id -u)" \
 	  -e HOME="/tmp" \
 	  -u="$(shell id -u):$(shell id -g)" \
@@ -82,6 +85,7 @@ node_modules: package.json package-lock.json
 upstream/gvisor/bazel-bin/runsc/linux_amd64_pure_stripped/runsc: upstream-gvisor
 	mkdir -p /tmp/gvisor-website/build_output
 	docker run \
+	  --rm \
 	  -v $(PWD)/upstream/gvisor:/workspace \
 	  -v /tmp/gvisor-website/build_output:/tmp/gvisor-website/build_output \
 	  -w /workspace \
@@ -107,6 +111,7 @@ check: htmlproofer-docker-image website
 # Run a local content development server. Redirects will not be supported.
 devserver: hugo-docker-image all-upstream compatibility-docs
 	docker run \
+	  --rm \
 	  -e USER="$(shell id -u)" \
 	  -e HOME="/tmp" \
 	  -u="$(shell id -u):$(shell id -g)" \
@@ -124,11 +129,6 @@ server: website
 	cd public/ && go run main.go --custom-domain localhost
 .PHONY: server
 
-# Deploy the website to App Engine.
-deploy: website
-	cd public && $(GCLOUD) app deploy
-.PHONY: deploy
-
 # Stage the website to App Engine at a version based on the git branch name.
 stage: all-upstream app static-staging
 	# Disallow indexing staged content.
-- 
cgit v1.2.3