Merge ~bryce/ubuntu-docker-images/+git/bind9:initial-implementation into ~ubuntu-docker-images/ubuntu-docker-images/+git/bind9:main

Thanks for the MP, Bryce.

I found some spots that need fixing/adjustments, so I'm leaving comments where applicable. I haven't tested the microk8s service; will do that later.

As for your comment regarding running the unit tests using locally-built images, you can use the DOCKER_IMAGE variable to do that:

# DOCKER_IMAGE=test/bind9 sh bind9_test.sh

Thanks for the review, I've made the changes as suggested.
It looks like a lot of the containers use ports in the 3xxxx range so am using 30053 for the external port.

I noticed the link to the example files was also incorrect (yay cargo culting) and have updated it to point at where the example config will be.

I've also updated the copyright holder in the license, but let me know if it should be done differently.

Thanks, Bryce.

Re. the copyright holder, I think that's the right thing to do but IANAL. I'll talk to Valentin, because some of our other images have the same problem. Meanwhile, could you please remove the LICENSE file from the commit? I'm not even sure if we want to license this work using BSD-3-Clause or if we'll use another license...

As for the other changes, they look good now modulo a few nits. I wasn't able to build the Impish version of the image, but I did build the Hirsute one and it looks fine. Looking forward to running the unit tests for it.

+1, LGTM.

On Thu, Sep 09, 2021 at 08:10:25PM -0000, Sergio Durigan Junior wrote:
> Review: Approve
>
> Thanks, Bryce.
>
> Re. the copyright holder, I think that's the right thing to do but IANAL. I'll talk to Valentin, because some of our other images have the same problem. Meanwhile, could you please remove the LICENSE file from the commit? I'm not even sure if we want to license this work using BSD-3-Clause or if we'll use another license...
>

Sure. Looks like this was just inherited from deriving off memcached.
Looking at some of the other OCI files, looks like this generally is
just the license of the packaged software itself. For bind9 that
appears to be MPLv2.0. In some cases where the OCI image derives from a
pre-existing docker image's git repo that might make sense but leaves
inconsistency across the packages.

It'll be good to get Valentin's direction, this isn't something I'd be
comfortable deciding either. But having a policy established would be
of value going forward.

> As for the other changes, they look good now modulo a few nits. I wasn't able to build the Impish version of the image, but I did build the Hirsute one and it looks fine. Looking forward to running the unit tests for it.
>
> +1, LGTM.

Thanks. I've added the suggested changes and will land to the main
repo.

Bryce

> Diff comments:
>
> > diff --git a/Dockerfile b/Dockerfile
> > new file mode 100644
> > index 0000000..1d001d6
> > --- /dev/null
> > +++ b/Dockerfile
> > @@ -0,0 +1,30 @@
> > +FROM ubuntu:impish
> > +
> > +ENV TZ UTC
> > +ENV BIND_USER bind
>
> No need for BIND_USER here.
>
> > +
> > +RUN set -eux; \
> > +# installation
> > + apt-get update; \
> > + DEBIAN_FRONTEND=noninteractive apt-get full-upgrade -y; \
> > + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
> > + bind9 \
> > + bind9-utils \
> > + tzdata \
> > + ; \
> > + DEBIAN_FRONTEND=noninteractive apt-get remove --purge --auto-remove -y; \
> > + rm -rf /var/lib/apt/lists/*; \
> > +# smoke test
> > + named -v; \
> > +# create manifest
> > + mkdir -p /usr/share/rocks; \
> > + (echo "# os-release" && cat /etc/os-release && echo "# dpkg-query" && dpkg-query -f '${db:Status-Abbrev},${binary:Package},${Version},${source:Package},${Source:Version}\n' -W) > /usr/share/rocks/dpkg.query
> > +
> > +USER bind
> > +VOLUME ["/var/cache/bind", "/var/lib/bind"]
> > +
> > +EXPOSE 53
> > +
> > +COPY docker-entrypoint.sh /usr/local/bin/
> > +ENTRYPOINT ["docker-entrypoint.sh"]
> > +CMD docker-entrypoint.sh
>
> You don't need the CMD statement here.
>
> > diff --git a/data/bind9.yaml b/data/bind9.yaml
> > new file mode 100644
> > index 0000000..45b6dfc
> > --- /dev/null
> > +++ b/data/bind9.yaml
> > @@ -0,0 +1,34 @@
> > +application: Bind9
> > +main: true
> > +repo: bind9
> > +description: >
> > + BIND 9 provides software for Domain Name System (DNS) management including both defining domain names authoritatively for a given DNS zone, and recursively resolving domain names to their IP addresses.
> > + In addition to BIND 9's DNS server itself, `named`, this container also includes tools for performing DNS queries and dynamic updates.
> > + Read more on the [BIND 9 webs...