DiamondLightSource · rtuck99 · Sep 18, 2024 · Sep 18, 2024 · DominicOram · Sep 20, 2024
diff --git a/Dockerfile.release b/Dockerfile.release
@@ -31,7 +31,7 @@ RUN git restore .
 
 # Regenerate _version.py with the correct version - this should run quickly since we already have our dependencies
 RUN rm src/mx_bluesky/_version.py
-RUN pip install --no-cache-dir --no-compile -e .
+RUN pip install --no-cache-dir --no-compile --no-deps -e .
 
 ENTRYPOINT /app/hyperion/utility_scripts/docker/entrypoint.sh
 

diff --git a/helmchart/templates/deployment.yaml b/helmchart/templates/deployment.yaml
@@ -57,7 +57,46 @@ spec:
  path: "{{ .Values.hyperion.dataDir }}"
  containers:
  - name: hyperion
- image: {{ .Values.hyperion.imageRepository}}/hyperion:{{ .Values.hyperion.appVersion }}
+ image: {{ .Values.hyperion.imageRepository}}/mx-bluesky:{{ .Values.hyperion.appVersion }}
+ securityContext:
+ capabilities:
+ # Required for hostNetwork 
+ drop:
+ - AUDIT_WRITE
+ - CHOWN
+ - DAC_OVERRIDE
+ - FOWNER
+ - FSETID
+ - KILL
+ - MKNOD
+ - NET_BIND_SERVICE
+ - NET_RAW
+ - SETFCAP
+ - SETGID
+ - SETPCAP
+ - SETUID
+ - SYS_CHROOT
+ - AUDIT_CONTROL
+ - BLOCK_SUSPEND
+ - DAC_READ_SEARCH
+ - IPC_LOCK
+ - IPC_OWNER
+ - LEASE
+ - LINUX_IMMUTABLE
+ - MAC_ADMIN
+ - MAC_OVERRIDE
+ - SYS_ADMIN
+ - SYS_BOOT
+ - SYS_MODULE
+ - SYS_NICE
+ - SYS_PACCT
+ - SYS_MODULE
+ - SYS_PTRACE
+ - SYS_RESOURCE
+ - SYS_TIME
+ - SYS_TTY_CONFIG
+ - SYSLOG
+ - WAKE_ALARM 
  resources:
  limits:
  cpu: "1"
@@ -111,3 +150,4 @@ spec:
  name: logs
  - mountPath: "/dls/{{ .Values.hyperion.beamline }}/data"
  name: data
+ hostNetwork: true
diff --git a/helmchart/values.yaml b/helmchart/values.yaml
@@ -8,7 +8,7 @@ hyperion:
  supplementalGroups: []
  beamline: i03
  dev: false
- logDir: "/dls_sw/i03/logs/bluesky"
+ logDir: "/dls_sw/i03/logs/bluesky/hyperion-k8s"
  dataDir: "/dls/i03/data"
  # These should be overridden at install time
  projectDir: SET_ON_INSTALL

diff --git a/utility_scripts/build_docker_image.sh b/utility_scripts/build_docker_image.sh
@@ -30,7 +30,7 @@ for option in "$@"; do
 done
 
 PROJECTDIR=`dirname $0`/..
-PROJECT=hyperion
+IMAGE=mx-bluesky
 
 if ! git diff --cached --quiet; then
  echo "Cannot build image from unclean workspace"
@@ -40,15 +40,15 @@ fi
 
 if [[ $BUILD == 1 ]]; then
  echo "Building initial image"
- LATEST_TAG=$PROJECT:latest
+ LATEST_TAG=$IMAGE:latest
  TMPDIR=/tmp podman build \
  -f $PROJECTDIR/Dockerfile.release \
  --tag $LATEST_TAG \
  $PROJECTDIR
  # Now extract the version from the built image and then rebuild with the label
  IMAGE_VERSION=$(podman run --rm --entrypoint=hyperion $LATEST_TAG -c "--version" | \
  sed -e 's/[^a-zA-Z0-9 ._-]/_/g')
- TAG=$PROJECT:$IMAGE_VERSION
+ TAG=$IMAGE:$IMAGE_VERSION
  echo "Labelling image with version $IMAGE_VERSION, tagging with tags $TAG $LATEST_TAG"
  TMPDIR=/tmp podman build \
  -f $PROJECTDIR/Dockerfile.release \
@@ -64,7 +64,7 @@ if [[ $PUSH == 1 ]]; then
  echo "Not logged in to ghcr.io"
  exit 1
  fi
- echo "Pushing to ghcr.io/$NAMESPACE/$PROJECT:latest ..."
- podman push $PROJECT:latest docker://ghcr.io/$NAMESPACE/$PROJECT:latest
- podman push $PROJECT:latest docker://ghcr.io/$NAMESPACE/$PROJECT:$IMAGE_VERSION
+ echo "Pushing to ghcr.io/$NAMESPACE/$IMAGE:latest ..."
+ podman push $IMAGE:latest docker://ghcr.io/$NAMESPACE/$IMAGE:latest
+ podman push $IMAGE:latest docker://ghcr.io/$NAMESPACE/$IMAGE:$IMAGE_VERSION
 fi
diff --git a/utility_scripts/deploy/deploy_hyperion_to_k8s.sh b/utility_scripts/deploy/deploy_hyperion_to_k8s.sh
@@ -103,7 +103,7 @@ else
  cd $NEW_PROJECTDIR
  PROJECTDIR=$NEW_PROJECTDIR
  HYPERION_BASENAME=$(basename $HYPERION_BASE)
- CHECKED_OUT_VERSION=${HYPERION_BASENAME#mx_bluesky_v}
+ CHECKED_OUT_VERSION=${HYPERION_BASENAME#mx_bluesky_}
 fi
 
 

diff --git a/utility_scripts/docker/i03-compose.yml b/utility_scripts/docker/i03-compose.yml
@@ -1,7 +1,7 @@
 name: i03-hyperion
 services:
  hyperion-common:
- image: localhost/hyperion
+ image: localhost/mx-bluesky
  pull_policy: never
  expose:
  - "5005"