From bf2ea54e34ca6e4f1d14e7d9a880b559ce7b41e1 Mon Sep 17 00:00:00 2001 From: Willian Braga da Silva Date: Tue, 28 Oct 2025 19:11:27 +0100 Subject: [PATCH 1/2] chore(scripts): fix script and supports podman MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Most fixes are related to executing the run-lgtm.sh script, but I also changed the build scripts and Docker file. The "container" directory and additional directories required by Grafana, Loki, and Prometheus were not present. The "container" directory is now part of the ".gitignore" file, meaning that if a newcomer downloads this repository and attempts to run the "run-lgtm.sh" script, it won't work. We will create these directories if they don't exist. The second issue comes with the container runtime. I am a Fedora Workstation user, and because of that, it contains some interesting paradigms when running containers. By default, Fedora uses Podman as its container runtime. I didn't switch to Docker for personal reasons. I added some changes related to the Dockerfile to include the image's full address, defaulting to docker.io. I could have used Red Hat's mirror suggested by Podman (registry.access.redhat.com). However, Red Hat has a rate limit on its own registry. Red Hat also publishes its UBI images to Docker Hub. Docker Hub is the most well-known Docker Registry, and some people pay for a Docker license, so they don't get rate-limited. It's a reasonable choice to use Docker Hub. This prevents Podman from prompting the user to select a registry when building the image. Finally, to address a minor issue with Bind Mounts. I added the "z" flag as a mount option, which allows users with SELinux enabled to allow container images to manipulate files on the host machine. SELinux comes enabled by default on Fedora Workstation. Otherwise, the bind mount works but prevents the running container from writing data, resulting in "access denied". The "z" flag won´t be an issue on non-Red Hat systems. I tested this flag on Debian 11 with KVM. --- README.md | 4 ++++ build-lgtm.sh | 13 +++++++++++- docker/Dockerfile | 6 +++--- run-lgtm.cmd | 10 ++++++++- run-lgtm.ps1 | 31 +++++++++++++++++++++------ run-lgtm.sh | 47 +++++++++++++++++++++++++++++++++++------ scripts/super-linter.sh | 20 +++++++++++++++--- 7 files changed, 110 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 7c0ba7d2..d08f9362 100644 --- a/README.md +++ b/README.md @@ -129,6 +129,10 @@ docker build . -t grafana/otel-lgtm mise build-lgtm ``` +> [!TIP] +> If you built your image locally, you can use the `run-lgtm` scripts with +> the parameters `latest true` to run your local image. + ## Build and run the example app > [!TIP] diff --git a/build-lgtm.sh b/build-lgtm.sh index 62548b25..03134bdb 100755 --- a/build-lgtm.sh +++ b/build-lgtm.sh @@ -1,5 +1,16 @@ #!/bin/bash +set -euo pipefail + RELEASE=${1:-latest} -docker buildx build -f docker/Dockerfile docker --tag grafana/otel-lgtm:"${RELEASE}" +if command -v docker >/dev/null 2>&1; then + RUNTIME=docker +elif command -v podman >/dev/null 2>&1; then + RUNTIME=podman +else + echo "Unable to find a suitable container runtime such as Docker or Podman. Exiting." + exit 1 +fi + +$RUNTIME buildx build -f docker/Dockerfile docker --tag grafana/otel-lgtm:"${RELEASE}" diff --git a/docker/Dockerfile b/docker/Dockerfile index 9cad805a..8cac081f 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -12,7 +12,7 @@ ARG PYROSCOPE_VERSION=v1.15.0 ARG OPENTELEMETRY_COLLECTOR_VERSION=v0.138.0 # hadolint global ignore=DL3059 -FROM redhat/ubi9:9.6-1760340943@sha256:dec374e05cc13ebbc0975c9f521f3db6942d27f8ccdf06b180160490eef8bdbc AS builder +FROM docker.io/redhat/ubi9:9.6-1760340943@sha256:dec374e05cc13ebbc0975c9f521f3db6942d27f8ccdf06b180160490eef8bdbc AS builder RUN mkdir /otel-lgtm @@ -57,7 +57,7 @@ COPY download-grafana.sh \ ./ # TARGETARCH is automatically detected and set by the Docker daemon during the build process. If the build starts -# on an amd64 architecture, than the TARGETARCH will be set to `amd64`. +# on an amd64 architecture, then the TARGETARCH will be set to `amd64`. # More details on the variables can be found here: https://docs.docker.com/desktop/extensions-sdk/extensions/multi-arch/ ARG TARGETARCH ENV TARGETARCH=${TARGETARCH} @@ -84,7 +84,7 @@ RUN ./download-otelcol.sh $OPENTELEMETRY_COLLECTOR_VERSION COPY grafana-datasources.yaml /otel-lgtm/grafana/conf/provisioning/datasources/ COPY grafana-dashboards.yaml /otel-lgtm/grafana/conf/provisioning/dashboards/ -FROM redhat/ubi9-micro:9.6-1760515026@sha256:aff810919642215e15c993b9bbc110dbcc446608730ad24499dafd9df7a8f8f4 +FROM docker.io/redhat/ubi9-micro:9.6-1760515026@sha256:aff810919642215e15c993b9bbc110dbcc446608730ad24499dafd9df7a8f8f4 RUN mkdir /otel-lgtm WORKDIR /otel-lgtm diff --git a/run-lgtm.cmd b/run-lgtm.cmd index e432f681..36848fce 100644 --- a/run-lgtm.cmd +++ b/run-lgtm.cmd @@ -1,4 +1,12 @@ @echo off -powershell -ExecutionPolicy ByPass -NoProfile -Command "& '%~dp0\run-lgtm.ps1'" +set "releasetag=%~1" +set "local=%~2" + +if "%releasetag%"=="" set "releasetag=latest" +if "%localimg%"=="" set "localimg=0" +if "%localimg%"=="false" set "localimg=0" +if "%localimg%"=="true" set "localimg=1" + +powershell -ExecutionPolicy ByPass -NoProfile -Command "& '%~dp0\run-lgtm.ps1' -ReleaseTag '%releasetag%' -UseLocalImage %localimg%" exit /b %ERRORLEVEL% diff --git a/run-lgtm.ps1 b/run-lgtm.ps1 index b6698b98..899aca8a 100644 --- a/run-lgtm.ps1 +++ b/run-lgtm.ps1 @@ -1,8 +1,11 @@ -$release_tag = "latest" +param ( + [Parameter(Mandatory = $false, Position = 0)] [string] $ReleaseTag = "latest", + [Parameter(Mandatory = $false, Position = 1)] [boolean] $UseLocalImage = $false +) $supportedContainerRuntime = 'podman', 'docker' $containers = 'grafana', 'prometheus', 'loki' -$image = "docker.io/grafana/otel-lgtm:$release_tag" +$image = "docker.io/grafana/otel-lgtm:${ReleaseTag}" # prefilled pwd var to avoid repeted calls in build string.moved to top init section or logic $path = (Get-Location).Path @@ -12,7 +15,7 @@ $containerCommand = $supportedContainerRuntime | ForEach-Object { } | Select-Object -first 1 if ($null -eq $containerCommand) { - Write-Error "Please install Podman or docker" + Write-Error "Unable to find a suitable container runtime such as Docker or Podman. Exiting." return } @@ -20,10 +23,25 @@ $containers | ForEach-Object { $null = New-Item -ItemType Directory -Path "$path/container/$_" -Force } -& $containerCommand pull $image +if (-Not (Test-Path -Path ".env")) { + New-Item -ItemType File -Path ".env" -Force | Out-Null +} + +if ($UseLocalImage) { + if ($containerCommand -eq 'podman') { + $image = "localhost/grafana/otel-lgtm:${ReleaseTag}" + } + else { + $image = "grafana/otel-lgtm:${ReleaseTag}" + } +} +else { + $image = "docker.io/grafana/otel-lgtm:${ReleaseTag}" + & $containerCommand image pull $image +} $runCommand = @( - 'run' + 'container', 'run' '--name', 'lgtm', '-p', '3000:3000' '-p', '4317:4317' @@ -34,7 +52,8 @@ $runCommand = @( '-v', "${path}/container/prometheus:/data/prometheus" '-v', "${path}/container/loki:/data/loki" '-e', "GF_PATHS_DATA=/data/grafana" - $image + '--env-file', '.env' + ${image} ) & $containerCommand @runCommand diff --git a/run-lgtm.sh b/run-lgtm.sh index 26aec451..5a55debe 100755 --- a/run-lgtm.sh +++ b/run-lgtm.sh @@ -1,21 +1,54 @@ #!/bin/bash +set -euo pipefail + RELEASE=${1:-latest} +LOCAL_VOLUME=${PWD}/container +# Only set this to "true" if you built the image with the 'build-lgtm.sh' script +USE_LOCAL_IMAGE=${2:-false} + +for dir in grafana prometheus loki; do + test -d "${LOCAL_VOLUME}"/${dir} || mkdir -p "${LOCAL_VOLUME}"/${dir} +done + +test -f .env || touch .env -docker pull docker.io/grafana/otel-lgtm:"${RELEASE}" +if command -v docker >/dev/null 2>&1; then + RUNTIME=docker + MOUNT_OPTS=rw +elif command -v podman >/dev/null 2>&1; then + RUNTIME=podman + # Fedora, by default, runs with SELinux on. We require the "z" option for bind mounts. + # See: https://docs.docker.com/engine/storage/bind-mounts/#configure-the-selinux-label + # See: https://docs.podman.io/en/stable/markdown/podman-run.1.html section "Labeling Volume Mounts" + MOUNT_OPTS="rw,z" +else + echo "Unable to find a suitable container runtime such as Docker or Podman. Exiting." + exit 1 +fi -touch .env +if [ "$USE_LOCAL_IMAGE" = true ]; then + if [ "$RUNTIME" = "podman" ]; then + # Default address when building with Podman. + IMAGE="localhost/grafana/otel-lgtm:latest" + else + IMAGE="grafana/otel-lgtm:latest" + fi +else + IMAGE="docker.io/grafana/otel-lgtm:${RELEASE}" + $RUNTIME image pull "$IMAGE" +fi -docker run \ +$RUNTIME container run \ --name lgtm \ -p 3000:3000 \ -p 4317:4317 \ -p 4318:4318 \ --rm \ -ti \ - -v "$PWD"/container/grafana:/data/grafana \ - -v "$PWD"/container/prometheus:/data/prometheus \ - -v "$PWD"/container/loki:/data/loki \ + -v "${LOCAL_VOLUME}"/grafana:/data/grafana:"${MOUNT_OPTS}" \ + -v "${LOCAL_VOLUME}"/prometheus:/data/prometheus:"${MOUNT_OPTS}" \ + -v "${LOCAL_VOLUME}"/loki:/data/loki:"${MOUNT_OPTS}" \ -e GF_PATHS_DATA=/data/grafana \ --env-file .env \ - docker.io/grafana/otel-lgtm:"${RELEASE}" + "$IMAGE" diff --git a/scripts/super-linter.sh b/scripts/super-linter.sh index 57c48274..e109694a 100755 --- a/scripts/super-linter.sh +++ b/scripts/super-linter.sh @@ -4,13 +4,27 @@ set -euo pipefail pushd "$(dirname "$0")/.." -docker pull ghcr.io/super-linter/super-linter:latest +if command -v docker >/dev/null 2>&1; then + RUNTIME=docker + MOUNT_OPTS=rw +elif command -v podman >/dev/null 2>&1; then + RUNTIME=podman + # Fedora, by default, runs with SELinux on. We require the "z" option for bind mounts. + # See: https://docs.docker.com/engine/storage/bind-mounts/#configure-the-selinux-label + # See: https://docs.podman.io/en/stable/markdown/podman-run.1.html section "Labeling Volume Mounts" + MOUNT_OPTS="rw,z" +else + echo "Unable to find a suitable container runtime such as Docker or Podman. Exiting." + exit 1 +fi -docker run --rm \ +$RUNTIME image pull ghcr.io/super-linter/super-linter:latest + +$RUNTIME container run --rm \ -e RUN_LOCAL=true \ -e DEFAULT_BRANCH=main \ --env-file ".github/super-linter.env" \ - -v "$(pwd)":/tmp/lint \ + -v "$(pwd)":/tmp/lint:"${MOUNT_OPTS}" \ ghcr.io/super-linter/super-linter:latest popd From db0651db9a3085d030c44393034538a327cd8e39 Mon Sep 17 00:00:00 2001 From: Willian Braga da Silva Date: Mon, 3 Nov 2025 14:24:09 +0100 Subject: [PATCH 2/2] Update run-lgtm.ps1 Co-authored-by: Martin Costello Signed-off-by: Willian Braga da Silva --- run-lgtm.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run-lgtm.ps1 b/run-lgtm.ps1 index 899aca8a..53c70af0 100644 --- a/run-lgtm.ps1 +++ b/run-lgtm.ps1 @@ -30,7 +30,7 @@ if (-Not (Test-Path -Path ".env")) { if ($UseLocalImage) { if ($containerCommand -eq 'podman') { $image = "localhost/grafana/otel-lgtm:${ReleaseTag}" - } + } else { $image = "grafana/otel-lgtm:${ReleaseTag}" }