From a28f5551483e21aa63b3e6d00ed0dcc9500e994b Mon Sep 17 00:00:00 2001
From: Mike Aizatsky <aizatsky@google.com>
Date: Wed, 20 Jul 2016 14:58:10 -0700
Subject: [PATCH] initial infrastructure checkin

---
 infra/images/base-clang/Dockerfile            | 42 ++++++++++++++
 infra/images/base-clang/env                   | 35 ++++++++++++
 infra/images/base-fuzzer/Dockerfile           | 33 +++++++++++
 infra/images/base/Dockerfile                  | 21 +++++++
 infra/jenkins-cluster/Dockerfile              | 18 ++++++
 infra/jenkins-cluster/jenkins-master.yaml     | 57 +++++++++++++++++++
 .../jenkins-cluster/service-jenkins-http.yaml | 11 ++++
 .../service-jenkins-master.yaml               | 15 +++++
 infra/jenkins-cluster/start_cluster.sh        | 47 +++++++++++++++
 9 files changed, 279 insertions(+)
 create mode 100644 infra/images/base-clang/Dockerfile
 create mode 100644 infra/images/base-clang/env
 create mode 100644 infra/images/base-fuzzer/Dockerfile
 create mode 100644 infra/images/base/Dockerfile
 create mode 100644 infra/jenkins-cluster/Dockerfile
 create mode 100644 infra/jenkins-cluster/jenkins-master.yaml
 create mode 100644 infra/jenkins-cluster/service-jenkins-http.yaml
 create mode 100644 infra/jenkins-cluster/service-jenkins-master.yaml
 create mode 100755 infra/jenkins-cluster/start_cluster.sh

diff --git a/infra/images/base-clang/Dockerfile b/infra/images/base-clang/Dockerfile
new file mode 100644
index 000000000..603f87711
--- /dev/null
+++ b/infra/images/base-clang/Dockerfile
@@ -0,0 +1,42 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM libfuzzer/base
+
+MAINTAINER mike.aizatsky@gmail.com
+
+RUN apt-get install -y build-essential make cmake ninja-build git python2.7
+
+# Checkout & build llvm+clang+deps
+#
+RUN mkdir /src /work
+RUN cd /src && git clone --depth 1 http://llvm.org/git/llvm.git
+RUN cd /src/llvm/tools && git clone --depth 1 http://llvm.org/git/clang.git
+RUN cd /src/llvm/projects && git clone --depth 1 http://llvm.org/git/compiler-rt.git
+RUN cd /src/llvm/projects && git clone --depth 1 http://llvm.org/git/libcxx.git
+RUN cd /src/llvm/projects && git clone --depth 1 http://llvm.org/git/libcxxabi.git
+RUN cd /src/llvm/projects && git clone --depth 1 http://llvm.org/git/lld.git
+RUN mkdir -p /work/llvm && cd /work/llvm \
+    && cmake -G "Ninja" -DCMAKE_BUILD_TYPE=Release -DLIBCXX_ENABLE_SHARED=OFF  -DLIBCXX_ENABLE_STATIC_ABI_LIBRARY=ON /src/llvm \
+    && ninja
+#RUN ln -s /work/llvm/bin/lld /work/llvm/bin/ld
+
+RUN apt-get remove --purge -y cmake ninja-build python2.7 build-essential
+RUN apt-get autoremove -y
+
+ENV PATH="/work/llvm/bin:$PATH"
+
+COPY env /work/llvm
diff --git a/infra/images/base-clang/env b/infra/images/base-clang/env
new file mode 100644
index 000000000..9561b08b1
--- /dev/null
+++ b/infra/images/base-clang/env
@@ -0,0 +1,35 @@
+#!/bin/bash
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+set -e -x
+
+export WORKSPACE="/workspace"
+export CC="/work/llvm/bin/clang"
+export CXX="/work/llvm/bin/clang++"
+export CCC="/work/llvm/bin/clang++"
+
+pushd $PWD > /dev/null
+echo -n "Compiling libFuzzer..."
+cd /work/libfuzzer
+cp /src/llvm/lib/Fuzzer/*.h .
+$CXX -g -std=c++11 -stdlib=libc++ $sanitizer_flags -c /src/llvm/lib/Fuzzer/*.cpp -I.
+echo "Done."
+popd > /dev/null
+
+export CFLAGS="-g $sanitizer_flags $cov_flags"
+export LIBCXX_FLAGS="-stdlib=libc++"
+export CXXFLAGS="$CFLAGS $LIBCXX_FLAGS "
diff --git a/infra/images/base-fuzzer/Dockerfile b/infra/images/base-fuzzer/Dockerfile
new file mode 100644
index 000000000..a20c9cc96
--- /dev/null
+++ b/infra/images/base-fuzzer/Dockerfile
@@ -0,0 +1,33 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM libfuzzer/base-clang
+
+MAINTAINER aizatsky@google.com
+
+RUN mkdir /workspace
+WORKDIR /workspace
+VOLUME /workspace
+
+RUN mkdir -p /work/libfuzzer
+
+ENV sanitizer_flags="-fsanitize=address"
+ENV cov_flags="-fsanitize-coverage=edge,indirect-calls,8bit-counters"
+
+ENV ASAN_OPTIONS="symbolize=1"
+
+RUN mkdir /out
+VOLUME /out
diff --git a/infra/images/base/Dockerfile b/infra/images/base/Dockerfile
new file mode 100644
index 000000000..f7b6fb03c
--- /dev/null
+++ b/infra/images/base/Dockerfile
@@ -0,0 +1,21 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+# Base image for all other images.
+
+FROM ubuntu:16.04
+MAINTAINER mike.aizatsky@gmail.com
+RUN apt-get update && apt-get upgrade -y
diff --git a/infra/jenkins-cluster/Dockerfile b/infra/jenkins-cluster/Dockerfile
new file mode 100644
index 000000000..685613a75
--- /dev/null
+++ b/infra/jenkins-cluster/Dockerfile
@@ -0,0 +1,18 @@
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+FROM jenkins
+USER root
diff --git a/infra/jenkins-cluster/jenkins-master.yaml b/infra/jenkins-cluster/jenkins-master.yaml
new file mode 100644
index 000000000..f56a9cc80
--- /dev/null
+++ b/infra/jenkins-cluster/jenkins-master.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1alpha1
+kind: PetSet
+metadata:
+  name: jenkins-master
+
+spec:
+  serviceName: "jenkins-master"
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: jenkins-master
+      annotations:
+        pod.alpha.kubernetes.io/initialized: "true"
+    spec:
+      terminationGracePeriodSeconds: 0
+      containers:
+      - name: jenkins-master
+        image: gcr.io/meta-iterator-105109/jenkins
+        env:
+          - name: KUB_POD_NAME
+            valueFrom:
+              fieldRef:
+                fieldPath: metadata.name
+          - name: KUB_POD_IP
+            valueFrom:
+              fieldRef:
+                fieldPath: status.podIP
+          - name: JAVA_OPTS
+            value: "-Duser.timezone=America/Los_Angeles"
+        ports:
+        - containerPort: 8080
+        - containerPort: 50000
+        volumeMounts:
+        - name: jenkins-work
+          mountPath: "/var/jenkins_home"
+        livenessProbe:
+          httpGet:
+            path: "/login"
+            port: 8080
+          initialDelaySeconds: 60
+          timeoutSeconds: 15
+        resources:
+          requests:
+            memory: "4Gi"
+        securityContext:
+          privileged: true
+  volumeClaimTemplates:
+  - metadata:
+      name: jenkins-work
+      annotations:
+        volume.alpha.kubernetes.io/storage-class: anything
+    spec:
+      accessModes: [ "ReadWriteOnce" ]
+      resources:
+        requests:
+          storage: 250Gi
diff --git a/infra/jenkins-cluster/service-jenkins-http.yaml b/infra/jenkins-cluster/service-jenkins-http.yaml
new file mode 100644
index 000000000..7814f6a36
--- /dev/null
+++ b/infra/jenkins-cluster/service-jenkins-http.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jenkins-http
+spec:
+  type: LoadBalancer
+  selector:
+    app: jenkins-master
+  ports:
+  - port: 80
+    targetPort: 8080
diff --git a/infra/jenkins-cluster/service-jenkins-master.yaml b/infra/jenkins-cluster/service-jenkins-master.yaml
new file mode 100644
index 000000000..a9815ddc5
--- /dev/null
+++ b/infra/jenkins-cluster/service-jenkins-master.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jenkins-master
+  labels:
+    app: jenkins-master
+spec:
+  type: NodePort
+  selector:
+    app: jenkins-master
+  ports:
+  - port: 50000
+    targetPort: 50000
+    nodePort: 31001
+    protocol: TCP
diff --git a/infra/jenkins-cluster/start_cluster.sh b/infra/jenkins-cluster/start_cluster.sh
new file mode 100755
index 000000000..d9b63ab9e
--- /dev/null
+++ b/infra/jenkins-cluster/start_cluster.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+# Copyright 2016 Google Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+################################################################################
+
+set -x
+
+PROJECT="gcr.io/meta-iterator-105109"
+DIR=$(dirname $0)
+
+docker build --pull -t $PROJECT/jenkins $DIR/
+gcloud docker push $PROJECT/jenkins
+
+# delete jenkins-master if it exists before starting
+kubectl get petset jenkins-master
+if [ $? -eq 0 ]
+then
+  kubectl delete -f $DIR/jenkins-master.yaml
+fi
+kubectl create -f $DIR/jenkins-master.yaml
+
+# do not restart services to keep IP addresses stable.
+kubectl get service jenkins-http
+if [ $? -ne 0 ]
+then
+  kubectl create -f $DIR/service-jenkins-http.yaml
+fi
+kubectl get service jenkins-master
+if [ $? -ne 0 ]
+then
+  kubectl create -f $DIR/service-jenkins-master.yaml
+fi
+
+kubectl describe petset jenkins-master
+kubectl describe service jenkins-http