From d376810761f0d6740b2694392fac0e1b3892dff5 Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 16:21:01 +0000 Subject: [PATCH 01/14] add simplifications from ioc-adsimdetector work --- template/.devcontainer/devcontainer.json | 34 ++++++++-------- template/.devcontainer/initializeCommand | 15 +++++--- template/.devcontainer/postCreateCommand | 2 +- template/.gitignore | 3 +- template/README.md.jinja | 13 +++---- template/build | 10 ++++- template/opi/auto-generated/.placeholder | 0 template/opi/phoebus-launch.sh | 49 ++++++++++++++++++++++++ template/opi/settings.ini | 2 + template/tests/run-tests.sh | 3 +- 10 files changed, 95 insertions(+), 36 deletions(-) delete mode 100644 template/opi/auto-generated/.placeholder create mode 100755 template/opi/phoebus-launch.sh create mode 100644 template/opi/settings.ini diff --git a/template/.devcontainer/devcontainer.json b/template/.devcontainer/devcontainer.json index c369aa0..cb296a4 100644 --- a/template/.devcontainer/devcontainer.json +++ b/template/.devcontainer/devcontainer.json @@ -15,18 +15,17 @@ "remoteEnv": { // provides a name for epics-containers to use in bash prompt etc. "EC_PROJECT": "${localWorkspaceFolderBasename}", - "EPICS_CA_AUTO_ADDR_LIST": "NO", - "EPICS_CA_ADDR_LIST": "127.0.0.1" + "IOC_NAME": "DEV_TEST_IOC" }, "features": { - // add quality of life features for developers including git config integration - "ghcr.io/devcontainers/features/common-utils:2": { - // don't upgrade to make this similar to the runtime container - "upgradePackages": false - } + // add in eternal history and other bash features + "ghcr.io/diamondlightsource/devcontainer-features/bash-config:1.0.0": {} }, - // IMPORTANT for this devcontainer to work with docker EC_REMOTE_USER must be - // set to your user name. You will run with full sudo rights. + // outside of the container setup + "initializeCommand": "bash .devcontainer/initializeCommand ${devcontainerId}", + // IMPORTANT for this devcontainer to work with docker rootful + // EC_REMOTE_USER must be set to your user name. You will run with full + // sudo rights. // For podman it should be left blank. You will run as root but host mounts // will be owned by your user id. "remoteUser": "${localEnv:EC_REMOTE_USER}", @@ -35,25 +34,28 @@ // Add the IDs of extensions you want installed when the container is created. "extensions": [ "ms-python.vscode-pylance", - "tamasfe.even-better-toml", "redhat.vscode-yaml", - "ryanluker.vscode-coverage-gutters", "epicsdeb.vscode-epics", "charliermarsh.ruff" ] } }, - // You can place any outside of the container before-launch commands here - "initializeCommand": "bash .devcontainer/initializeCommand ${devcontainerId}", // One time global setup commands inside the container "postCreateCommand": "bash .devcontainer/postCreateCommand ${devcontainerId}", "runArgs": [ - // IMPORTANT: this network must exist before the container is created - // source compose/environment.sh to create it before first use - "--network=channel_access_devcontainer", // Make sure SELinux does not disable write access to host filesystems like tmp "--security-opt=label=disable" ], + "appPort": [ + // Expose Channel Access on the hosts loopback interface + // NOTE: change the first port number to run more than one devcontainer + // on the same host. + // + // To access two devcontainers from the host for example: + // EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" + "127.0.0.1:5064:5064/udp", + "127.0.0.1:5064-5065:5064-5065" + ], // Mount the parent of the project folder so we can access peer projects "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind", // mount in other useful files from the host diff --git a/template/.devcontainer/initializeCommand b/template/.devcontainer/initializeCommand index 5cd42cd..36799f0 100644 --- a/template/.devcontainer/initializeCommand +++ b/template/.devcontainer/initializeCommand @@ -3,11 +3,14 @@ # custom initialization goes here - runs outside of the dev container # just before the container is launched but after the container is created -FOLDER=$(dirname $(readlink -f $0)) +echo "initializeCommand for devcontainerID ${1}" +set -xe -echo "devcontainerID ${1}" +# make the config folder for the shared bash-config feature +mkdir -p ${HOME}/.config/bash-config +# make a folder for auto-generated opi screens +mkdir -p ./opi/auto-generated + +# ensure local container users can access X11 server +xhost +SI:localuser:$(id -un) -# make sure the shared network is created -# TODO this would be better done with compose but compose and podman -# in devcontainers is not currently stable. -source $FOLDER/../compose/environment.sh diff --git a/template/.devcontainer/postCreateCommand b/template/.devcontainer/postCreateCommand index ac30849..9347e45 100644 --- a/template/.devcontainer/postCreateCommand +++ b/template/.devcontainer/postCreateCommand @@ -23,7 +23,7 @@ echo 'source <(ibek --show-completion bash)' >> $HOME/.bashrc echo 'source <(ibek --show-completion zsh)' >> $HOME/.zshrc # pick theme and RPS1 with no unicode chars to avoid completion corruption in zsh -sed -i $HOME/.zshrc -e 's/ZSH_THEME="devcontainers"/ZSH_THEME="dst"/' -e '/^RPS1=/d' +sed -i $HOME/.zshrc -e 's/^ZSH_THEME.*$/ZSH_THEME="dst"/' -e '/^RPS1=/d' # override the response PS - this shows the last exit code in red only # echo "RPS1=$'%(?..%{\C-[[01;31m%}%? %{\C-[[00m%})'" >> $HOME/.zshrc diff --git a/template/.gitignore b/template/.gitignore index ed6e374..f69488d 100644 --- a/template/.gitignore +++ b/template/.gitignore @@ -14,8 +14,7 @@ ibek # config folder is a container mount at /epics/ioc/config ioc/config # the opi folder is also mounted into the container at /epics/ioc/opi -opi/auto-generated/* -!opi/auto-generated/.placeholder +opi/auto-generated # podman may leave this around in aborted builds .build.swp diff --git a/template/README.md.jinja b/template/README.md.jinja index b12eaa4..426f5a3 100644 --- a/template/README.md.jinja +++ b/template/README.md.jinja @@ -1,4 +1,4 @@ -# Generic IOC Template Repository {{name}} +# Generic IOC {{name}} ## Description {{description}} @@ -21,14 +21,11 @@ copier update -a --trust . This repository includes a developer container configuration for Visual Studio Code. This allows you to run the Generic IOC locally and debug it. See https://epics-containers.github.io/main/tutorials/dev_container.html. -### IMPORTANT: First Time Preparation +## Channel Access -The devcontainer uses a docker network that it can share with a ca-gateway in order that your PVs are accessible from your host machine. We arrange to create this network once and as long as you don't delete it or reset docker it will be available for all your devcontainers going forward. - -To create the network run the following commands: +The developer container exposes channel access ports on the loopback interface. If you have channel access clients running on the host machine, you can connect to the IOC by setting the `EPICS_CA_ADDR_LIST` environment variable as follows: ```bash -cd ioc-adsimdetector -source ./compose/environment.sh +export EPICS_CA_ADDR_LIST=127.0.0.1 +caget IOCNAME:PVNAME ``` - diff --git a/template/build b/template/build index 95ab316..0e6b1c8 100755 --- a/template/build +++ b/template/build @@ -20,8 +20,14 @@ fi cd $(dirname ${0}) -# use docker if available else use podman -if ! docker version &>/dev/null; then docker=podman; else docker=docker; fi +# make sure the ioc binaries and config symlink are cleaned up +git clean -fdx ioc + +if podman version &> /dev/null && [[ -z $USE_DOCKER ]] + then docker=podman + else docker=docker +fi + if $docker buildx version &>/dev/null; then buildx=buildx; load=--load ; fi if [[ $DOCKER_BUILDKIT == "0" ]]; then buildx=; load=; fi diff --git a/template/opi/auto-generated/.placeholder b/template/opi/auto-generated/.placeholder deleted file mode 100644 index e69de29..0000000 diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh new file mode 100755 index 0000000..98a7cf9 --- /dev/null +++ b/template/opi/phoebus-launch.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +# A launcher for the phoebus to view the generated OPIs + +thisdir=$(realpath $(dirname $0)) +workspace=$(realpath ${thisdir}/..) + +settings=" +-resource ${workspace}/opi/auto-generated/index.bob +-settings ${workspace}/opi/settings.ini +" + +if which phoebus.sh &>/dev/null ; then + echo "Using phoebus.sh from PATH" + set -x + phoebus.sh ${settings} "${@}" + +elif module load phoebus 2>/dev/null; then + echo "Using phoebus module" + set -x + phoebus.sh ${settings} "${@}" + +else + echo "No local phoebus install found, using a container" + + if podman version &> /dev/null && [[ -z $USE_DOCKER ]] ; + then docker=podman + else docker=docker + fi + echo "Using $docker as container runtime" + + # ensure local container users can access X11 server + xhost +SI:localuser:$(id -un) + + # settings for container launch + x11="-e DISPLAY --net host" + args=$"--rm -it --security-opt=label=none" + mounts="-v=/tmp:/tmp -v=${workspace}:/workspace" + image="ghcr.io/epics-containers/ec-phoebus:latest" + + settings=" + -settings /workspace/opi/settings.ini + -resource /workspace/opi/auto-generated/index.bob + " + + set -x + $docker run ${mounts} ${args} ${x11} ${image} ${settings} "${@}" + +fi diff --git a/template/opi/settings.ini b/template/opi/settings.ini new file mode 100644 index 0000000..a8fb091 --- /dev/null +++ b/template/opi/settings.ini @@ -0,0 +1,2 @@ +# point at local host for channel access +org.phoebus.pv.ca/addr_list=127.0.0.1 diff --git a/template/tests/run-tests.sh b/template/tests/run-tests.sh index 3aad907..310edd1 100755 --- a/template/tests/run-tests.sh +++ b/template/tests/run-tests.sh @@ -23,7 +23,8 @@ export TAG=${TAG:-ec_test} if [[ ${TAG} == "ec_test" ]] ; then TARGET=runtime ./build; fi # try out a test ibek config IOC instance with the generic IOC -result=$($docker run --rm -v ${THIS}/config:${CONF} ${TAG} /epics/ioc/start.sh 2>&1) +opts="--rm --security-opt=label=disable -v ${THIS}/config:${CONF}" +result=$($docker run ${opts} ${TAG} /epics/ioc/start.sh 2>&1) # check that the IOC output expected results if echo "${result}" | grep -i error; then From 32127341fb9c6df709539ebeb75e2c0658d1b68f Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 17:49:02 +0000 Subject: [PATCH 02/14] remove compose --- template/compose/compose.yaml | 11 ---- template/compose/environment.sh | 57 ------------------- template/compose/services/gateway/compose.yml | 54 ------------------ .../compose/services/gateway/config/access | 6 -- .../compose/services/gateway/config/pvlist | 7 --- template/compose/services/phoebus/compose.yml | 34 ----------- .../services/phoebus/config/settings.ini | 4 -- 7 files changed, 173 deletions(-) delete mode 100644 template/compose/compose.yaml delete mode 100644 template/compose/environment.sh delete mode 100644 template/compose/services/gateway/compose.yml delete mode 100644 template/compose/services/gateway/config/access delete mode 100644 template/compose/services/gateway/config/pvlist delete mode 100644 template/compose/services/phoebus/compose.yml delete mode 100644 template/compose/services/phoebus/config/settings.ini diff --git a/template/compose/compose.yaml b/template/compose/compose.yaml deleted file mode 100644 index 2aacfd1..0000000 --- a/template/compose/compose.yaml +++ /dev/null @@ -1,11 +0,0 @@ -# This docker compose definition stands up a ca-gateway and phoebus instance. -# This enables interactive testing to the IOC developer container -# -# To lauch these services:- -# source ./environment.sh -# docker compose up -d -# - -include: - - services/gateway/compose.yml - - services/phoebus/compose.yml diff --git a/template/compose/environment.sh b/template/compose/environment.sh deleted file mode 100644 index 5dec6b6..0000000 --- a/template/compose/environment.sh +++ /dev/null @@ -1,57 +0,0 @@ -#! /bin/bash - -# Setup environment variables required to launch the services described in this -# repo. A standard install of docker compose and permission to run docker -# are the only other requirements (membership of the docker group). -# -# docker compose may be backed by podman or docker container engines, see -# https://epics-containers.github.io/main/tutorials/setup_workstation.html. - - -# This script must be sourced -if [ "$0" = "$BASH_SOURCE" ]; then - echo "ERROR: Please source this script (source ./environment.sh)" - exit 1 -fi - -# if there is a docker-compose module then load it -if [[ $(module avail docker-compose 2>/dev/null) != "" ]] ; then - module load docker-compose -fi - -function check_docker { - # return 0 if docker is detected, or 1 otherwise, - # cope with the possibility that podman is aliased to docker - if [[ $(docker version) =~ "Docker" ]]&> /dev/null; then - return 0 - fi - return 1 -} - -if check_docker; then - USER_ID=$(id -u); USER_GID=$(id -g) - docker="docker" -else - USER_ID=0; USER_GID=0 - alias docker=podman - docker="podman" -fi - -# make sure we have a network to share beteen the devcontainer and gateway container -if ! $docker network inspect channel_access_devcontainer &>/dev/null ; then - $docker network create --subnet="170.21.0.0/16" channel_access_devcontainer -fi - -# ensure local container users can access X11 server -xhost +SI:localuser:$(id -un) - -# Set up the environment for compose ########################################### - -# set user id for the phoebus container for easy X11 forwarding. -export UIDGID=$USER_ID:$USER_GID -# choose test profile for docker compose -export COMPOSE_PROFILES=test -# for test profile our ca-gateway publishes PVS on the loopback interface -export EPICS_CA_ADDR_LIST=127.0.0.1 -# make a short alias for docker-compose for convenience -alias dc='docker compose' diff --git a/template/compose/services/gateway/compose.yml b/template/compose/services/gateway/compose.yml deleted file mode 100644 index dcd2f3e..0000000 --- a/template/compose/services/gateway/compose.yml +++ /dev/null @@ -1,54 +0,0 @@ -# ca gateway for exposing container network PVs to the host's loopback interface - -services: - - # ca-gateway for test / dev ################################################## - - ca-gateway: &ca-gateway - - container_name: ca-gateway - - image: ghcr.io/epics-containers/docker-ca-gateway:2.1.3ec1 - - expose: - - 5064-5065/udp - - 5064-5065 - - ports: - # bind to localhost to isolate channel access to this host only - - 127.0.0.1:5064:5064/udp - - 127.0.0.1:5064-5065:5064-5065 - - restart: unless-stopped - - networks: - channel_access_devcontainer: - - configs: - - source: ca-gateway_config - target: /config - - command: -cip 170.21.255.255 -pvlist /config/pvlist -access /config/access -log /dev/stdout -debug 1 - - profiles: - - test - - dev - - # debugging version of gateway container ##################################### - ca-gateway-debug: - - <<: *ca-gateway - - # this image is not distroless and has network tools installed - image: ghcr.io/epics-containers/docker-ca-gateway-debug:2.1.3ec1 - - profiles: - - debug - -configs: - ca-gateway_config: - file: ./config - -networks: - channel_access_devcontainer: - external: true \ No newline at end of file diff --git a/template/compose/services/gateway/config/access b/template/compose/services/gateway/config/access deleted file mode 100644 index f69d0e8..0000000 --- a/template/compose/services/gateway/config/access +++ /dev/null @@ -1,6 +0,0 @@ -# See /EPICS/extensions/src/gateway/GATEWAY.access for more detailed example - -ASG(DEFAULT) { - RULE(1,READ) - RULE(1,WRITE) -} diff --git a/template/compose/services/gateway/config/pvlist b/template/compose/services/gateway/config/pvlist deleted file mode 100644 index 209c98b..0000000 --- a/template/compose/services/gateway/config/pvlist +++ /dev/null @@ -1,7 +0,0 @@ -# See /EPICS/extensions/src/gateway/GATEWAY.pvlist for more detailed example - -EVALUATION ORDER ALLOW, DENY - -[0-9].* ALLOW -[a-z].* ALLOW -[A-Z].* ALLOW diff --git a/template/compose/services/phoebus/compose.yml b/template/compose/services/phoebus/compose.yml deleted file mode 100644 index 0f759d7..0000000 --- a/template/compose/services/phoebus/compose.yml +++ /dev/null @@ -1,34 +0,0 @@ -# for development and testing it is useful to bring up phoebus instanced to -# interact with the local IOCs PVs. - -services: - phoebus: - container_name: phoebus - image: ghcr.io/epics-containers/ec-phoebus:4.7.3ec2 - environment: - DISPLAY: $DISPLAY - tty: true - # pick a server port for phoebus so it does not reconnect to existing phoebus - command: phoebus-product/phoebus.sh -settings /config/settings.ini -resource /opi/auto-generated/index.bob -server 7010 - volumes: - - /tmp/.X11-unix:/tmp/.X11-unix - - ~/.Xauthority:/root/.Xauthority - - ../../../opi:/opi - - ../../../..:/workspaces - - # for X11 to work we need to run as the same UID as the host - # IMPORTANT: set UIDGID to your host user:group e.g. 1000:1000 - # BUT: always to 0:0 if you are using podman - user: ${UIDGID} - - # network host with a gateway for CA is the most reliable way to - # get X11 forwarding to work - even with ssh->container. - network_mode: host - - configs: - - source: phoebus_config - target: /config - -configs: - phoebus_config: - file: ./config diff --git a/template/compose/services/phoebus/config/settings.ini b/template/compose/services/phoebus/config/settings.ini deleted file mode 100644 index c4d462b..0000000 --- a/template/compose/services/phoebus/config/settings.ini +++ /dev/null @@ -1,4 +0,0 @@ -# using localhost for channel access to isolate it to the host for development - -# TODO restore this once we have PVA gateway and IOCS running in the CNI -org.phoebus.pv.ca/addr_list=127.0.0.1 From c21e58a424cf3319d9273ce0bcc0e56e17fa4040 Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 20:27:05 +0000 Subject: [PATCH 03/14] normalise docker/podman check on run-tests.sh --- template/tests/run-tests.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/template/tests/run-tests.sh b/template/tests/run-tests.sh index 310edd1..b7a7b69 100755 --- a/template/tests/run-tests.sh +++ b/template/tests/run-tests.sh @@ -13,8 +13,10 @@ CONF=/epics/ioc/config # log commands and stop on errorsr set -ex -# use docker if available else use podman -if docker version &>/dev/null; then docker=docker; else docker=podman; fi +if podman version &> /dev/null && [[ -z $USE_DOCKER ]] + then docker=podman + else docker=docker +fi cd ${ROOT} From 648ed0819caedd85716545230c97abaa359b6a5d Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 20:53:40 +0000 Subject: [PATCH 04/14] qualify local tag for test build --- template/tests/run-tests.sh | 4 ++-- .../workflows/build.yml.jinja | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/template/tests/run-tests.sh b/template/tests/run-tests.sh index b7a7b69..1d230f7 100755 --- a/template/tests/run-tests.sh +++ b/template/tests/run-tests.sh @@ -21,8 +21,8 @@ fi cd ${ROOT} # if a tag was passed in this implies it was already built -export TAG=${TAG:-ec_test} -if [[ ${TAG} == "ec_test" ]] ; then TARGET=runtime ./build; fi +export TAG=${TAG:-localhost/ec_test} +if [[ ${TAG} == "localhost/ec_test" ]] ; then TARGET=runtime ./build; fi # try out a test ibek config IOC instance with the generic IOC opts="--rm --security-opt=label=disable -v ${THIS}/config:${CONF}" diff --git a/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja b/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja index d7a45d2..925fba4 100644 --- a/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja +++ b/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja @@ -69,7 +69,7 @@ jobs: - name: Test image # can't test non native without some hardware to run on if: ${{ matrix.epics-target == 'linux-x86_64' }} - run: tests/run-tests.sh ci_test + run: tests/run-tests.sh - name: Push developer image if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} From c27fd8d315d35068d5c93832deeba15c6221ec2d Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 21:03:59 +0000 Subject: [PATCH 05/14] switch back to defaulting to docker (for CI cache) --- template/build | 15 ++++++--------- template/opi/phoebus-launch.sh | 7 ++++--- template/tests/run-tests.sh | 7 ++++--- 3 files changed, 14 insertions(+), 15 deletions(-) diff --git a/template/build b/template/build index 0e6b1c8..f346b75 100755 --- a/template/build +++ b/template/build @@ -23,19 +23,16 @@ cd $(dirname ${0}) # make sure the ioc binaries and config symlink are cleaned up git clean -fdx ioc -if podman version &> /dev/null && [[ -z $USE_DOCKER ]] - then docker=podman - else docker=docker +# prefer docker but use podman if USE_PODMAN is set +if docker version &> /dev/null && [[ -z $USE_PODMAN ]] + then docker=docker + else docker=podman fi -if $docker buildx version &>/dev/null; then buildx=buildx; load=--load ; fi -if [[ $DOCKER_BUILDKIT == "0" ]]; then buildx=; load=; fi - # make sure new repos get their submodule ibek-support if [ ! -d ibek-support/_global ] ; then git submodule update --init ; fi # build and developer images set -x -$docker $buildx build -t ${TAG} "${@}" $load \ - --build-arg IMAGE_EXT=$IMAGE_EXT \ - $runtime --target $TARGET . +$docker build -t ${TAG} "${@}" --build-arg IMAGE_EXT=$IMAGE_EXT \ + --target $TARGET . diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh index 98a7cf9..175bc0f 100755 --- a/template/opi/phoebus-launch.sh +++ b/template/opi/phoebus-launch.sh @@ -23,9 +23,10 @@ elif module load phoebus 2>/dev/null; then else echo "No local phoebus install found, using a container" - if podman version &> /dev/null && [[ -z $USE_DOCKER ]] ; - then docker=podman - else docker=docker + # prefer docker but use podman if USE_PODMAN is set + if docker version &> /dev/null && [[ -z $USE_PODMAN ]] + then docker=docker + else docker=podman fi echo "Using $docker as container runtime" diff --git a/template/tests/run-tests.sh b/template/tests/run-tests.sh index 1d230f7..3585d98 100755 --- a/template/tests/run-tests.sh +++ b/template/tests/run-tests.sh @@ -13,9 +13,10 @@ CONF=/epics/ioc/config # log commands and stop on errorsr set -ex -if podman version &> /dev/null && [[ -z $USE_DOCKER ]] - then docker=podman - else docker=docker +# prefer docker but use podman if USE_PODMAN is set +if docker version &> /dev/null && [[ -z $USE_PODMAN ]] + then docker=docker + else docker=podman fi cd ${ROOT} From d8e73f7b3b5c2ca9aa854c016a514103226f13b1 Mon Sep 17 00:00:00 2001 From: giles knap Date: Fri, 29 Nov 2024 21:58:03 +0000 Subject: [PATCH 06/14] fix cache for runtest.sh in CI --- template/build | 2 +- template/tests/run-tests.sh | 6 ++---- .../workflows/build.yml.jinja | 2 +- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/template/build b/template/build index f346b75..db0cb88 100755 --- a/template/build +++ b/template/build @@ -32,7 +32,7 @@ fi # make sure new repos get their submodule ibek-support if [ ! -d ibek-support/_global ] ; then git submodule update --init ; fi -# build and developer images +# build runtime or developer image set -x $docker build -t ${TAG} "${@}" --build-arg IMAGE_EXT=$IMAGE_EXT \ --target $TARGET . diff --git a/template/tests/run-tests.sh b/template/tests/run-tests.sh index 3585d98..7be4f65 100755 --- a/template/tests/run-tests.sh +++ b/template/tests/run-tests.sh @@ -22,8 +22,8 @@ fi cd ${ROOT} # if a tag was passed in this implies it was already built -export TAG=${TAG:-localhost/ec_test} -if [[ ${TAG} == "localhost/ec_test" ]] ; then TARGET=runtime ./build; fi +export TAG=${TAG:-ec_test} +if [[ ${TAG} == "ec_test" ]] ; then TARGET=runtime ./build; fi # try out a test ibek config IOC instance with the generic IOC opts="--rm --security-opt=label=disable -v ${THIS}/config:${CONF}" @@ -40,5 +40,3 @@ fi echo "Tests passed!" - - diff --git a/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja b/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja index 925fba4..d7a45d2 100644 --- a/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja +++ b/template/{% if git_platform == 'github.com' %}.github{% endif %}/workflows/build.yml.jinja @@ -69,7 +69,7 @@ jobs: - name: Test image # can't test non native without some hardware to run on if: ${{ matrix.epics-target == 'linux-x86_64' }} - run: tests/run-tests.sh + run: tests/run-tests.sh ci_test - name: Push developer image if: ${{ github.event_name == 'push' && github.ref_type == 'tag' }} From 3158597c315f4cd0ef133617a221298690bbb492 Mon Sep 17 00:00:00 2001 From: giles knap Date: Sat, 30 Nov 2024 16:58:05 +0000 Subject: [PATCH 07/14] add pvacess support --- template/.devcontainer/devcontainer.json | 5 ++++- template/opi/phoebus-launch.sh | 8 ++++---- template/opi/settings.ini | 1 + 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/template/.devcontainer/devcontainer.json b/template/.devcontainer/devcontainer.json index cb296a4..b6edf43 100644 --- a/template/.devcontainer/devcontainer.json +++ b/template/.devcontainer/devcontainer.json @@ -54,7 +54,10 @@ // To access two devcontainers from the host for example: // EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" "127.0.0.1:5064:5064/udp", - "127.0.0.1:5064-5065:5064-5065" + "127.0.0.1:5064-5065:5064-5065", + // "127.0.0.1:5076:5076/udp", PVA UDP does not work into container network + // expose pva name server access via TCP + "5075-5076:5075-5076" ], // Mount the parent of the project folder so we can access peer projects "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind", diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh index 175bc0f..1bcddcd 100755 --- a/template/opi/phoebus-launch.sh +++ b/template/opi/phoebus-launch.sh @@ -25,8 +25,8 @@ else # prefer docker but use podman if USE_PODMAN is set if docker version &> /dev/null && [[ -z $USE_PODMAN ]] - then docker=docker - else docker=podman + then docker=docker; UIDGID=$(id -u):$(id -g) + else docker=podman; UIDGID=0:0 fi echo "Using $docker as container runtime" @@ -35,8 +35,8 @@ else # settings for container launch x11="-e DISPLAY --net host" - args=$"--rm -it --security-opt=label=none" - mounts="-v=/tmp:/tmp -v=${workspace}:/workspace" + args="--rm -it --security-opt=label=none --user ${UIDGID}" + mounts="-v=/tmp:/tmp -v=${workspace}:/workspace -v=${workspace}/..:/workspaces" image="ghcr.io/epics-containers/ec-phoebus:latest" settings=" diff --git a/template/opi/settings.ini b/template/opi/settings.ini index a8fb091..ced0639 100644 --- a/template/opi/settings.ini +++ b/template/opi/settings.ini @@ -1,2 +1,3 @@ # point at local host for channel access org.phoebus.pv.ca/addr_list=127.0.0.1 +org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1 From fe2fc2198145d80e2594e62ca8828f06a9a7388b Mon Sep 17 00:00:00 2001 From: giles knap Date: Sat, 30 Nov 2024 17:01:39 +0000 Subject: [PATCH 08/14] try to avoid cache blow between ./build and devcontainer --- template/build | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/template/build b/template/build index db0cb88..f02a6a7 100755 --- a/template/build +++ b/template/build @@ -35,4 +35,6 @@ if [ ! -d ibek-support/_global ] ; then git submodule update --init ; fi # build runtime or developer image set -x $docker build -t ${TAG} "${@}" --build-arg IMAGE_EXT=$IMAGE_EXT \ - --target $TARGET . + --build-arg BUILDKIT_INLINE_CACHE=1 \ + --build-arg EPICS_TARGET_ARCH=$T_A \ + --load --target $TARGET . From ebe56ceba79e1cfec097aaaa6087dbaa5037f5ed Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Mon, 2 Dec 2024 08:38:08 +0000 Subject: [PATCH 09/14] use environment for CA/PVA ports --- template/.devcontainer/.env | 3 +++ template/.devcontainer/devcontainer.json | 21 +++++++++++---------- template/opi/phoebus-launch.sh | 12 ++++++++++-- template/opi/settings.ini | 8 ++++++++ 4 files changed, 32 insertions(+), 12 deletions(-) create mode 100644 template/.devcontainer/.env diff --git a/template/.devcontainer/.env b/template/.devcontainer/.env new file mode 100644 index 0000000..bbb52d3 --- /dev/null +++ b/template/.devcontainer/.env @@ -0,0 +1,3 @@ +EPICS_CA_SERVER_PORT=5064 +EPICS_CA_REPEATER_PORT=5065 +EPICS_PVA_SERVER_PORT=5075 diff --git a/template/.devcontainer/devcontainer.json b/template/.devcontainer/devcontainer.json index b6edf43..7b002d7 100644 --- a/template/.devcontainer/devcontainer.json +++ b/template/.devcontainer/devcontainer.json @@ -47,17 +47,18 @@ "--security-opt=label=disable" ], "appPort": [ - // Expose Channel Access on the hosts loopback interface - // NOTE: change the first port number to run more than one devcontainer - // on the same host. + // Expose Channel Access ports on the host's loopback interface + // Note: update the environment variables in .devcontainer/.env to + // change the ports when running multiple devcontainers simultaneously, + // then use e.g. EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" + // for clients to connect to multiple devcontainers' PVs. // - // To access two devcontainers from the host for example: - // EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" - "127.0.0.1:5064:5064/udp", - "127.0.0.1:5064-5065:5064-5065", - // "127.0.0.1:5076:5076/udp", PVA UDP does not work into container network - // expose pva name server access via TCP - "5075-5076:5075-5076" + "127.0.0.1:${remoteEnv:EPICS_CA_SERVER_PORT}:${remoteEnv:EPICS_CA_SERVER_PORT}/udp", + "127.0.0.1:${remoteEnv:EPICS_CA_SERVER_PORT}:${remoteEnv:EPICS_CA_SERVER_PORT}", + "127.0.0.1:${remoteEnv:EPICS_CA_REPEATER_PORT}:${remoteEnv:EPICS_CA_REPEATER_PORT}", + // + // Expose the PVA name server port on all host interfaces + "${remoteEnv:EPICS_PVA_SERVER_PORT}:${remoteEnv:EPICS_PVA_SERVER_PORT}" ], // Mount the parent of the project folder so we can access peer projects "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind", diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh index 1bcddcd..c1e4060 100755 --- a/template/opi/phoebus-launch.sh +++ b/template/opi/phoebus-launch.sh @@ -5,9 +5,17 @@ thisdir=$(realpath $(dirname $0)) workspace=$(realpath ${thisdir}/..) +# update settings.ini with CA and PVA ports +source ${workspace}/.devcontainer/.env +cat ${workspace}/opi/settings.ini | + sed -r \ + -e "s|5064|${EPICS_CA_SERVER_PORT}|" \ + -e "s|5075|${EPICS_PVA_SERVER_PORT}|" \ + -e "s|5065|${EPICS_CA_REPEATER_PORT}|" > /tmp/settings.ini + settings=" -resource ${workspace}/opi/auto-generated/index.bob --settings ${workspace}/opi/settings.ini +-settings /tmp/settings.ini " if which phoebus.sh &>/dev/null ; then @@ -40,8 +48,8 @@ else image="ghcr.io/epics-containers/ec-phoebus:latest" settings=" - -settings /workspace/opi/settings.ini -resource /workspace/opi/auto-generated/index.bob + -settings /tmp/settings.ini " set -x diff --git a/template/opi/settings.ini b/template/opi/settings.ini index ced0639..abd3c00 100644 --- a/template/opi/settings.ini +++ b/template/opi/settings.ini @@ -1,3 +1,11 @@ +# NOTE: port numbers are defaults only +# this script to be processed with sed to replace port numbers +# see phoebus-launch.sh + # point at local host for channel access org.phoebus.pv.ca/addr_list=127.0.0.1 +org.phoebus.pv.ca/server_port=5064 +org.phoebus.pv.ca/repeater_port=5065 +# point at local host for pvAccess name server org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1 +org.phoebus.pv.pva/server_port=5075 From 19b91c2f94361ace7aac0d4f607f47e15a44f9e8 Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Mon, 2 Dec 2024 09:57:19 +0000 Subject: [PATCH 10/14] restore Port defaults in devcontainer.json --- template/.devcontainer/.env | 3 --- template/.devcontainer/devcontainer.json | 15 ++++++++------- template/opi/phoebus-launch.sh | 7 +++---- 3 files changed, 11 insertions(+), 14 deletions(-) delete mode 100644 template/.devcontainer/.env diff --git a/template/.devcontainer/.env b/template/.devcontainer/.env deleted file mode 100644 index bbb52d3..0000000 --- a/template/.devcontainer/.env +++ /dev/null @@ -1,3 +0,0 @@ -EPICS_CA_SERVER_PORT=5064 -EPICS_CA_REPEATER_PORT=5065 -EPICS_PVA_SERVER_PORT=5075 diff --git a/template/.devcontainer/devcontainer.json b/template/.devcontainer/devcontainer.json index 7b002d7..a858b4a 100644 --- a/template/.devcontainer/devcontainer.json +++ b/template/.devcontainer/devcontainer.json @@ -48,17 +48,18 @@ ], "appPort": [ // Expose Channel Access ports on the host's loopback interface - // Note: update the environment variables in .devcontainer/.env to - // change the ports when running multiple devcontainers simultaneously, - // then use e.g. EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" + // Note: set all three environment variables below to unique values + // in order to a second devcontainer on the same host. + // + // Then use e.g. EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" // for clients to connect to multiple devcontainers' PVs. // - "127.0.0.1:${remoteEnv:EPICS_CA_SERVER_PORT}:${remoteEnv:EPICS_CA_SERVER_PORT}/udp", - "127.0.0.1:${remoteEnv:EPICS_CA_SERVER_PORT}:${remoteEnv:EPICS_CA_SERVER_PORT}", - "127.0.0.1:${remoteEnv:EPICS_CA_REPEATER_PORT}:${remoteEnv:EPICS_CA_REPEATER_PORT}", + "127.0.0.1:${localEnv:EPICS_CA_SERVER_PORT:5064}:${localEnv:EPICS_CA_SERVER_PORT:5064}/udp", + "127.0.0.1:${localEnv:EPICS_CA_SERVER_PORT:5064}:${localEnv:EPICS_CA_SERVER_PORT:5064}", + "127.0.0.1:${localEnv:EPICS_CA_REPEATER_PORT:5065}:${localEnv:EPICS_CA_REPEATER_PORT:5065}", // // Expose the PVA name server port on all host interfaces - "${remoteEnv:EPICS_PVA_SERVER_PORT}:${remoteEnv:EPICS_PVA_SERVER_PORT}" + "${localEnv:EPICS_PVA_SERVER_PORT:5075}:${localEnv:EPICS_PVA_SERVER_PORT:5075}" ], // Mount the parent of the project folder so we can access peer projects "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind", diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh index c1e4060..97ef778 100755 --- a/template/opi/phoebus-launch.sh +++ b/template/opi/phoebus-launch.sh @@ -6,12 +6,11 @@ thisdir=$(realpath $(dirname $0)) workspace=$(realpath ${thisdir}/..) # update settings.ini with CA and PVA ports -source ${workspace}/.devcontainer/.env cat ${workspace}/opi/settings.ini | sed -r \ - -e "s|5064|${EPICS_CA_SERVER_PORT}|" \ - -e "s|5075|${EPICS_PVA_SERVER_PORT}|" \ - -e "s|5065|${EPICS_CA_REPEATER_PORT}|" > /tmp/settings.ini + -e "s|5064|${EPICS_CA_SERVER_PORT:-5064}|" \ + -e "s|5075|${EPICS_PVA_SERVER_PORT:-5075}|" \ + -e "s|5065|${EPICS_CA_REPEATER_PORT:-5065}|" > /tmp/settings.ini settings=" -resource ${workspace}/opi/auto-generated/index.bob From 0a8d68c1d7406a63fecbf272a36c63e1151cd7e4 Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Mon, 2 Dec 2024 10:17:41 +0000 Subject: [PATCH 11/14] prefer podman for phoebus launch --- template/opi/phoebus-launch.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/template/opi/phoebus-launch.sh b/template/opi/phoebus-launch.sh index 97ef778..3341945 100755 --- a/template/opi/phoebus-launch.sh +++ b/template/opi/phoebus-launch.sh @@ -30,10 +30,10 @@ elif module load phoebus 2>/dev/null; then else echo "No local phoebus install found, using a container" - # prefer docker but use podman if USE_PODMAN is set - if docker version &> /dev/null && [[ -z $USE_PODMAN ]] - then docker=docker; UIDGID=$(id -u):$(id -g) - else docker=podman; UIDGID=0:0 + # prefer podman but use docker if USE_DOCKER is set + if podman version &> /dev/null && [[ -z $USE_DOCKER ]] + then docker=podman; UIDGID=0:0 + else docker=docker; UIDGID=$(id -u):$(id -g) fi echo "Using $docker as container runtime" From d9d97065822354e6661b8732a4d3fb8bc7d8f543 Mon Sep 17 00:00:00 2001 From: giles knap Date: Wed, 4 Dec 2024 10:50:49 +0000 Subject: [PATCH 12/14] remove appPort - use vscode auto ports instead --- template/.devcontainer/devcontainer.json | 15 --------------- template/opi/settings.ini | 5 +++-- 2 files changed, 3 insertions(+), 17 deletions(-) diff --git a/template/.devcontainer/devcontainer.json b/template/.devcontainer/devcontainer.json index a858b4a..ad36638 100644 --- a/template/.devcontainer/devcontainer.json +++ b/template/.devcontainer/devcontainer.json @@ -46,21 +46,6 @@ // Make sure SELinux does not disable write access to host filesystems like tmp "--security-opt=label=disable" ], - "appPort": [ - // Expose Channel Access ports on the host's loopback interface - // Note: set all three environment variables below to unique values - // in order to a second devcontainer on the same host. - // - // Then use e.g. EPICS_CA_ADDR_LIST="127.0.0.1:5064 127.0.0.1:6064" - // for clients to connect to multiple devcontainers' PVs. - // - "127.0.0.1:${localEnv:EPICS_CA_SERVER_PORT:5064}:${localEnv:EPICS_CA_SERVER_PORT:5064}/udp", - "127.0.0.1:${localEnv:EPICS_CA_SERVER_PORT:5064}:${localEnv:EPICS_CA_SERVER_PORT:5064}", - "127.0.0.1:${localEnv:EPICS_CA_REPEATER_PORT:5065}:${localEnv:EPICS_CA_REPEATER_PORT:5065}", - // - // Expose the PVA name server port on all host interfaces - "${localEnv:EPICS_PVA_SERVER_PORT:5075}:${localEnv:EPICS_PVA_SERVER_PORT:5075}" - ], // Mount the parent of the project folder so we can access peer projects "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind", // mount in other useful files from the host diff --git a/template/opi/settings.ini b/template/opi/settings.ini index abd3c00..ebd8d49 100644 --- a/template/opi/settings.ini +++ b/template/opi/settings.ini @@ -6,6 +6,7 @@ org.phoebus.pv.ca/addr_list=127.0.0.1 org.phoebus.pv.ca/server_port=5064 org.phoebus.pv.ca/repeater_port=5065 +org.phoebus.pv.ca/name_servers=127.0.0.1:5064 # point at local host for pvAccess name server -org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1 -org.phoebus.pv.pva/server_port=5075 +org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1:5064 +org.phoebus.pv.pva/server_port=5075 \ No newline at end of file From 63e508eea0f7df782dfd2dd1cc74179e55d64144 Mon Sep 17 00:00:00 2001 From: giles knap Date: Wed, 4 Dec 2024 11:06:59 +0000 Subject: [PATCH 13/14] update README with port forward info --- template/README.md.jinja | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/template/README.md.jinja b/template/README.md.jinja index 426f5a3..cd2783b 100644 --- a/template/README.md.jinja +++ b/template/README.md.jinja @@ -23,9 +23,9 @@ This repository includes a developer container configuration for Visual Studio C ## Channel Access -The developer container exposes channel access ports on the loopback interface. If you have channel access clients running on the host machine, you can connect to the IOC by setting the `EPICS_CA_ADDR_LIST` environment variable as follows: +The vscode developer container auto forwards the channel access ports on the loopback interface. If you have channel access clients running on the host machine, you can connect to the IOC by setting the `EPICS_CA_NAME_SERVERS` environment variable as follows: ```bash -export EPICS_CA_ADDR_LIST=127.0.0.1 +export EPICS_CA_NAME_SERVERS=127.0.0.1:5064 caget IOCNAME:PVNAME ``` From 6a7ce4ed771fb5589e2f05631921a3d192ea4b7f Mon Sep 17 00:00:00 2001 From: Giles Knap Date: Fri, 6 Dec 2024 07:58:36 +0000 Subject: [PATCH 14/14] fix pva nameserver port --- template/opi/settings.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/template/opi/settings.ini b/template/opi/settings.ini index ebd8d49..b180c26 100644 --- a/template/opi/settings.ini +++ b/template/opi/settings.ini @@ -8,5 +8,5 @@ org.phoebus.pv.ca/server_port=5064 org.phoebus.pv.ca/repeater_port=5065 org.phoebus.pv.ca/name_servers=127.0.0.1:5064 # point at local host for pvAccess name server -org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1:5064 +org.phoebus.pv.pva/epics_pva_name_servers=127.0.0.1:5075 org.phoebus.pv.pva/server_port=5075 \ No newline at end of file