mirror of
https://git.asonix.dog/asonix/relay.git
synced 2024-11-13 13:11:01 +00:00
Version v0.3.0
This commit is contained in:
parent
a53c8a0a63
commit
3a4d21b349
8 changed files with 169 additions and 265 deletions
41
docker/prod/Dockerfile
Normal file
41
docker/prod/Dockerfile
Normal file
|
@ -0,0 +1,41 @@
|
|||
ARG REPO_ARCH=amd64
|
||||
|
||||
# cross-build environment
|
||||
FROM asonix/rust-builder:$REPO_ARCH-latest AS builder
|
||||
|
||||
ARG TAG=main
|
||||
ARG BINARY=relay
|
||||
ARG PROJECT=relay
|
||||
ARG GIT_REPOSITORY=https://git.asonix.dog/asonix/$PROJECT
|
||||
|
||||
ENV \
|
||||
BINARY=${BINARY}
|
||||
|
||||
ADD \
|
||||
--chown=build:build \
|
||||
$GIT_REPOSITORY/archive/$TAG.tar.gz \
|
||||
/opt/build/repo.tar.gz
|
||||
|
||||
RUN \
|
||||
tar zxf repo.tar.gz
|
||||
|
||||
WORKDIR /opt/build/$PROJECT
|
||||
|
||||
RUN \
|
||||
build
|
||||
|
||||
# production environment
|
||||
FROM asonix/rust-runner:$REPO_ARCH-latest
|
||||
|
||||
ARG BINARY=relay
|
||||
|
||||
ENV \
|
||||
BINARY=${BINARY}
|
||||
|
||||
COPY \
|
||||
--from=builder \
|
||||
/opt/build/binary \
|
||||
/usr/bin/${BINARY}
|
||||
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD /usr/bin/${BINARY}
|
|
@ -1,73 +0,0 @@
|
|||
FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=x86_64-unknown-linux-musl
|
||||
ENV TOOL=x86_64-linux-musl
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="$PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM amd64-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM amd64/alpine:3.14
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
ARG TARGET=x86_64-unknown-linux-musl
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
|
@ -1,73 +0,0 @@
|
|||
FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=arm-unknown-linux-musleabihf
|
||||
ENV TOOL=arm-linux-musleabihf
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="$PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM arm32v7-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM arm32v7/alpine:3.14
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
ARG TARGET=arm-unknown-linux-musleabihf
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
|
@ -1,73 +0,0 @@
|
|||
FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=aarch64-unknown-linux-musl
|
||||
ENV TOOL=aarch64-linux-musl
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="$PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM aarch64-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM arm64v8/alpine:3.14
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
ARG TARGET=aarch64-unknown-linux-musl
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
37
docker/prod/build-image.sh
Executable file
37
docker/prod/build-image.sh
Executable file
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function print_help() {
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " deploy.sh [repo] [tag] [arch]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " repo: The docker repository to publish the image"
|
||||
echo " tag: The tag applied to the docker image"
|
||||
echo " arch: The architecuture of the doker image"
|
||||
}
|
||||
|
||||
REPO=$1
|
||||
TAG=$2
|
||||
ARCH=$3
|
||||
|
||||
require "$REPO" repo
|
||||
require "$TAG" tag
|
||||
require "$ARCH" arch
|
||||
|
||||
sudo docker build \
|
||||
--pull \
|
||||
--build-arg TAG=$TAG \
|
||||
--build-arg REPO_ARCH=$ARCH \
|
||||
-t $REPO:$ARCH-$TAG \
|
||||
-f Dockerfile \
|
||||
.
|
|
@ -1,7 +1,5 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
TAG=$1
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
|
@ -11,51 +9,79 @@ function require() {
|
|||
}
|
||||
|
||||
function print_help() {
|
||||
echo "build.sh"
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " build.sh [tag]"
|
||||
echo " deploy.sh [tag] [branch] [push]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " tag: The git tag to create and publish"
|
||||
echo " tag: The git tag to be applied to the repository and docker build"
|
||||
echo " branch: The git branch to use for tagging and publishing"
|
||||
echo " push: Whether or not to push the image"
|
||||
echo ""
|
||||
echo "Examples:"
|
||||
echo " ./deploy.sh v0.3.0-alpha.13 main true"
|
||||
echo " ./deploy.sh v0.3.0-alpha.13-shell-out asonix/shell-out false"
|
||||
}
|
||||
|
||||
function build_image() {
|
||||
repo=$1
|
||||
tag=$2
|
||||
arch=$3
|
||||
tag=$1
|
||||
arch=$2
|
||||
push=$3
|
||||
|
||||
sudo docker build \
|
||||
--pull \
|
||||
--build-arg TAG="${tag}" \
|
||||
-f "Dockerfile.${arch}" \
|
||||
-t "${repo}:${tag}-${arch}" \
|
||||
-t "${repo}:latest-${arch}" \
|
||||
.
|
||||
./build-image.sh asonix/relay $tag $arch
|
||||
|
||||
sudo docker push "${repo}:${tag}-${arch}"
|
||||
sudo docker push "${repo}:latest-${arch}"
|
||||
sudo docker tag asonix/relay:$arch-$tag asonix/relay:$arch-latest
|
||||
|
||||
if [ "$push" == "true" ]; then
|
||||
sudo docker push asonix/relay:$arch-$tag
|
||||
sudo docker push asonix/relay:$arch-latest
|
||||
fi
|
||||
}
|
||||
|
||||
require "$TAG" "tag"
|
||||
# Creating the new tag
|
||||
new_tag="$1"
|
||||
branch="$2"
|
||||
push=$3
|
||||
|
||||
if ! sudo docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
|
||||
echo "docker is not configured to run on qemu-emulated architectures"
|
||||
require "$new_tag" "tag"
|
||||
require "$branch" "branch"
|
||||
require "$push" "push"
|
||||
|
||||
if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"'
|
||||
then
|
||||
echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
|
||||
sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
fi
|
||||
|
||||
set -xe
|
||||
|
||||
git checkout main
|
||||
git commit -m "Version $TAG" || true
|
||||
git tag $TAG
|
||||
git checkout $branch
|
||||
|
||||
git push origin $TAG
|
||||
# Changing the docker-compose prod
|
||||
sed -i "s/asonix\/relay:.*/asonix\/relay:$new_tag/" docker-compose.yml
|
||||
git add ../prod/docker-compose.yml
|
||||
# The commit
|
||||
git commit -m"Version $new_tag"
|
||||
git tag $new_tag
|
||||
|
||||
# Push
|
||||
git push origin $new_tag
|
||||
git push
|
||||
|
||||
build_image "asonix/relay" "$TAG" "arm64v8"
|
||||
build_image "asonix/relay" "$TAG" "arm32v7"
|
||||
build_image "asonix/relay" "$TAG" "amd64"
|
||||
# Build for arm64v8, arm32v7 and amd64
|
||||
build_image $new_tag arm64v8 $push
|
||||
build_image $new_tag arm32v7 $push
|
||||
build_image $new_tag amd64 $push
|
||||
|
||||
./manifest.sh "asonix/relay" "$TAG"
|
||||
./manifest.sh "asonix/relay" "latest"
|
||||
# Build for other archs
|
||||
# TODO
|
||||
|
||||
if [ "$push" == "true" ]; then
|
||||
./manifest.sh relay $new_tag
|
||||
./manifest.sh relay latest
|
||||
|
||||
# pushd ../../
|
||||
# cargo publish
|
||||
# popd
|
||||
fi
|
||||
|
|
19
docker/prod/docker-compose.yml
Normal file
19
docker/prod/docker-compose.yml
Normal file
|
@ -0,0 +1,19 @@
|
|||
version: '3.3'
|
||||
|
||||
services:
|
||||
relay:
|
||||
image: asonix/relay:v0.3.0
|
||||
ports:
|
||||
- "8079:8079"
|
||||
restart: always
|
||||
environment:
|
||||
- HOSTNAME=relay.my.tld
|
||||
- ADDR=0.0.0.0
|
||||
- PORT=8080
|
||||
- DEBUG=false
|
||||
- RESTRICTED_MODE=false
|
||||
- VALIDATE_SIGNATURES=true
|
||||
- HTTPS=true
|
||||
- DATABASE_URL=postgres://pg_user:pg_pass@pg_host:pg_port/pg_database
|
||||
- PRETTY_LOG=false
|
||||
- PUBLISH_BLOCKS=true
|
|
@ -11,33 +11,33 @@ function print_help() {
|
|||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " manifest.sh [tag]"
|
||||
echo " manifest.sh [repo] [tag]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " repo: The docker repository to push the manifest to"
|
||||
echo " repo: The docker repository to update"
|
||||
echo " tag: The git tag to be applied to the image manifest"
|
||||
}
|
||||
|
||||
repo=$1
|
||||
tag=$2
|
||||
REPO=$1
|
||||
TAG=$2
|
||||
|
||||
require "$repo" "repo"
|
||||
require "$tag" "tag"
|
||||
require "$REPO" "repo"
|
||||
require "$TAG" "tag"
|
||||
|
||||
set -xe
|
||||
|
||||
docker manifest create $repo:$tag \
|
||||
-a $repo:$tag-arm64v8 \
|
||||
-a $repo:$tag-arm32v7 \
|
||||
-a $repo:$tag-amd64
|
||||
sudo docker manifest create asonix/$REPO:$TAG \
|
||||
-a asonix/$REPO:arm64v8-$TAG \
|
||||
-a asonix/$REPO:arm32v7-$TAG \
|
||||
-a asonix/$REPO:amd64-$TAG
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:$tag-arm64v8 --os linux --arch arm64 --variant v8
|
||||
sudo docker manifest annotate asonix/$REPO:$TAG \
|
||||
asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:$tag-arm32v7 --os linux --arch arm --variant v7
|
||||
sudo docker manifest annotate asonix/$REPO:$TAG \
|
||||
asonix/$REPO:arm32v7-$TAG --os linux --arch arm --variant v7
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:$tag-amd64 --os linux --arch amd64
|
||||
sudo docker manifest annotate asonix/$REPO:$TAG \
|
||||
asonix/$REPO:amd64-$TAG --os linux --arch amd64
|
||||
|
||||
docker manifest push $repo:$tag --purge
|
||||
sudo docker manifest push asonix/$REPO:$TAG --purge
|
||||
|
|
Loading…
Reference in a new issue