Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't use the new CDash docker images without TLS #2179

Open
marc-legendre opened this issue Apr 29, 2024 · 2 comments
Open

Can't use the new CDash docker images without TLS #2179

marc-legendre opened this issue Apr 29, 2024 · 2 comments
Labels
bug report

Comments

@marc-legendre
Copy link

Hi there,

The recent release notes for CDash look excellent, and we'd love to test the latest version! However, I am struggling to upgrade from CDash 3.1.0.

We run CDash with docker, and we use the kitware/cdash images available on DockerHub. We run the container on AWS, on a VM in a private network, behind a public load balancer which serves as the TLS endpoint. Therefore, we don't need or want CDash to handle TLS.

This was possible with CDash 3.1.0, but I can't achieve the same with CDash 3.2.0 or 3.3.0. Am I missing something?

There seems to be a way via DEVELOPMENT_BUILD, but I don't like the look of it 😅

Additional Information

For what it's worth, our systemd unit file to run CDash 3.1.0 looks like this:

cdash.service 
[Unit]
Description=CDash

[Service]
TimeoutStartSec=0
Restart=always
RestartSec=120
StartLimitInterval=5
StartLimitBurst=10
ExecStartPre=-/usr/bin/docker kill cdash
ExecStartPre=-/usr/bin/docker rm cdash
ExecStart=/usr/bin/docker run--rm --name cdash \
                    -e CDASH_ROOT_ADMIN_PASS=... \
                    -e DB_HOST='{{ __database_url__[env] }}' \
                    -e DB_DATABASE{{ database_name }} \
                    -e DB_USERNAME={{ database_user }} \
                    -e DB_PASSWORD={{ __vault__.database_password }} \
                    -e AUTOREMOVE_BUILDS=true \
                    -e DEFAULT_PROJECT="..." \
                    -e GITLAB_ENABLE=true \
                    -e GITLAB_CLIENT_ID={{ __gitlab_app_id__[env] }} \
                    -e GITLAB_CLIENT_SECRET={{ __gitlab_secret_id__[env] }} \
                    -e APP_URL={{ __cdash_url__[env] }} \
                    -e MAIL_FROM_ADDRESS=... \
                    -e MAIL_REPLY_ADDRESS=... \
                    -e MAIL_USERNAME=... \
                    -e MAIL_PASSWORD={{ __vault__.cdash_mail_password }} \
                    -e MAIL_HOST=... \
                    -e MAIL_PORT=... \
                    -e TOKEN_DURATION=157680000 \
                    -e TZ=Europe/Paris \
                    -e APP_ENV=production \
                    --net=host \
                    kitware/cdash:{{ cdash_version }}
ExecStop=/usr/bin/docker stop cdash

[Install]
WantedBy=multi-user.target
@williamjallen
Copy link
Collaborator

The exact situation you describe is a known pain point that we're working to address. The changes related to that are currently scheduled for CDash 3.5, which we hope to release sometime in July. As a temporary workaround, you could modify the conf files to use port 80 instead of 443, and get rid of any SSL certificate stuff. You could alternatively use the development image and set APP_ENV to production.

@marc-legendre
Copy link
Author

Ok, thank you for your reply, and for the ideas :-)

@williamjallen williamjallen mentioned this issue May 29, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marc-legendre @williamjallen