Version v0.3.0

This commit is contained in:
Aode (lion) 2021-09-20 12:56:14 -05:00
parent a53c8a0a63
commit 3a4d21b349
8 changed files with 169 additions and 265 deletions

41
docker/prod/Dockerfile Normal file
View file

@ -0,0 +1,41 @@
ARG REPO_ARCH=amd64
# cross-build environment
FROM asonix/rust-builder:$REPO_ARCH-latest AS builder
ARG TAG=main
ARG BINARY=relay
ARG PROJECT=relay
ARG GIT_REPOSITORY=https://git.asonix.dog/asonix/$PROJECT
ENV \
BINARY=${BINARY}
ADD \
--chown=build:build \
$GIT_REPOSITORY/archive/$TAG.tar.gz \
/opt/build/repo.tar.gz
RUN \
tar zxf repo.tar.gz
WORKDIR /opt/build/$PROJECT
RUN \
build
# production environment
FROM asonix/rust-runner:$REPO_ARCH-latest
ARG BINARY=relay
ENV \
BINARY=${BINARY}
COPY \
--from=builder \
/opt/build/binary \
/usr/bin/${BINARY}
ENTRYPOINT ["/sbin/tini", "--"]
CMD /usr/bin/${BINARY}

View file

@ -1,73 +0,0 @@
FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder
ARG UID=991
ARG GID=991
ENV TOOLCHAIN=stable
ENV TARGET=x86_64-unknown-linux-musl
ENV TOOL=x86_64-linux-musl
RUN \
apt-get update && \
apt-get upgrade -y
RUN \
addgroup --gid "${GID}" build && \
adduser \
--disabled-password \
--gecos "" \
--ingroup build \
--uid "${UID}" \
--home /opt/build \
build
ADD https://sh.rustup.rs /opt/build/rustup.sh
RUN \
chown -R build:build /opt/build
USER build
WORKDIR /opt/build
ENV PATH="$PATH:/opt/build/.cargo/bin"
RUN \
chmod +x rustup.sh && \
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
rustup target add $TARGET
FROM amd64-builder as builder
ARG TAG=master
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
ARG BINARY=relay
RUN \
git clone -b $TAG $REPOSITORY repo
WORKDIR /opt/build/repo
RUN \
cargo build --release --target $TARGET && \
$TOOL-strip target/$TARGET/release/$BINARY
FROM amd64/alpine:3.14
ARG UID=991
ARG GID=991
ARG BINARY=relay
ARG TARGET=x86_64-unknown-linux-musl
RUN \
apk add tini && \
addgroup --gid $GID relay && \
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
chown -R relay:relay /opt/relay
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
EXPOSE 8080
WORKDIR /opt/relay
USER relay
ENTRYPOINT ["/sbin/tini", "--"]
CMD ["relay"]

View file

@ -1,73 +0,0 @@
FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder
ARG UID=991
ARG GID=991
ENV TOOLCHAIN=stable
ENV TARGET=arm-unknown-linux-musleabihf
ENV TOOL=arm-linux-musleabihf
RUN \
apt-get update && \
apt-get upgrade -y
RUN \
addgroup --gid "${GID}" build && \
adduser \
--disabled-password \
--gecos "" \
--ingroup build \
--uid "${UID}" \
--home /opt/build \
build
ADD https://sh.rustup.rs /opt/build/rustup.sh
RUN \
chown -R build:build /opt/build
USER build
WORKDIR /opt/build
ENV PATH="$PATH:/opt/build/.cargo/bin"
RUN \
chmod +x rustup.sh && \
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
rustup target add $TARGET
FROM arm32v7-builder as builder
ARG TAG=master
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
ARG BINARY=relay
RUN \
git clone -b $TAG $REPOSITORY repo
WORKDIR /opt/build/repo
RUN \
cargo build --release --target $TARGET && \
$TOOL-strip target/$TARGET/release/$BINARY
FROM arm32v7/alpine:3.14
ARG UID=991
ARG GID=991
ARG BINARY=relay
ARG TARGET=arm-unknown-linux-musleabihf
RUN \
apk add tini && \
addgroup --gid $GID relay && \
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
chown -R relay:relay /opt/relay
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
EXPOSE 8080
WORKDIR /opt/relay
USER relay
ENTRYPOINT ["/sbin/tini", "--"]
CMD ["relay"]

View file

@ -1,73 +0,0 @@
FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder
ARG UID=991
ARG GID=991
ENV TOOLCHAIN=stable
ENV TARGET=aarch64-unknown-linux-musl
ENV TOOL=aarch64-linux-musl
RUN \
apt-get update && \
apt-get upgrade -y
RUN \
addgroup --gid "${GID}" build && \
adduser \
--disabled-password \
--gecos "" \
--ingroup build \
--uid "${UID}" \
--home /opt/build \
build
ADD https://sh.rustup.rs /opt/build/rustup.sh
RUN \
chown -R build:build /opt/build
USER build
WORKDIR /opt/build
ENV PATH="$PATH:/opt/build/.cargo/bin"
RUN \
chmod +x rustup.sh && \
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
rustup target add $TARGET
FROM aarch64-builder as builder
ARG TAG=master
ARG REPOSITORY=https://git.asonix.dog/asonix/relay
ARG BINARY=relay
RUN \
git clone -b $TAG $REPOSITORY repo
WORKDIR /opt/build/repo
RUN \
cargo build --release --target $TARGET && \
$TOOL-strip target/$TARGET/release/$BINARY
FROM arm64v8/alpine:3.14
ARG UID=991
ARG GID=991
ARG BINARY=relay
ARG TARGET=aarch64-unknown-linux-musl
RUN \
apk add tini && \
addgroup --gid $GID relay && \
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
chown -R relay:relay /opt/relay
COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
EXPOSE 8080
WORKDIR /opt/relay
USER relay
ENTRYPOINT ["/sbin/tini", "--"]
CMD ["relay"]

37
docker/prod/build-image.sh Executable file
View file

@ -0,0 +1,37 @@
#!/usr/bin/env bash
function require() {
if [ "$1" = "" ]; then
echo "input '$2' required"
print_help
exit 1
fi
}
function print_help() {
echo "deploy.sh"
echo ""
echo "Usage:"
echo " deploy.sh [repo] [tag] [arch]"
echo ""
echo "Args:"
echo " repo: The docker repository to publish the image"
echo " tag: The tag applied to the docker image"
echo " arch: The architecuture of the doker image"
}
REPO=$1
TAG=$2
ARCH=$3
require "$REPO" repo
require "$TAG" tag
require "$ARCH" arch
sudo docker build \
--pull \
--build-arg TAG=$TAG \
--build-arg REPO_ARCH=$ARCH \
-t $REPO:$ARCH-$TAG \
-f Dockerfile \
.

View file

@ -1,7 +1,5 @@
#!/usr/bin/env bash
TAG=$1
function require() {
if [ "$1" = "" ]; then
echo "input '$2' required"
@ -11,51 +9,79 @@ function require() {
}
function print_help() {
echo "build.sh"
echo "deploy.sh"
echo ""
echo "Usage:"
echo " build.sh [tag]"
echo " deploy.sh [tag] [branch] [push]"
echo ""
echo "Args:"
echo " tag: The git tag to create and publish"
echo " tag: The git tag to be applied to the repository and docker build"
echo " branch: The git branch to use for tagging and publishing"
echo " push: Whether or not to push the image"
echo ""
echo "Examples:"
echo " ./deploy.sh v0.3.0-alpha.13 main true"
echo " ./deploy.sh v0.3.0-alpha.13-shell-out asonix/shell-out false"
}
function build_image() {
repo=$1
tag=$2
arch=$3
tag=$1
arch=$2
push=$3
sudo docker build \
--pull \
--build-arg TAG="${tag}" \
-f "Dockerfile.${arch}" \
-t "${repo}:${tag}-${arch}" \
-t "${repo}:latest-${arch}" \
.
./build-image.sh asonix/relay $tag $arch
sudo docker push "${repo}:${tag}-${arch}"
sudo docker push "${repo}:latest-${arch}"
sudo docker tag asonix/relay:$arch-$tag asonix/relay:$arch-latest
if [ "$push" == "true" ]; then
sudo docker push asonix/relay:$arch-$tag
sudo docker push asonix/relay:$arch-latest
fi
}
require "$TAG" "tag"
# Creating the new tag
new_tag="$1"
branch="$2"
push=$3
if ! sudo docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
echo "docker is not configured to run on qemu-emulated architectures"
require "$new_tag" "tag"
require "$branch" "branch"
require "$push" "push"
if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"'
then
echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
fi
set -xe
git checkout main
git commit -m "Version $TAG" || true
git tag $TAG
git checkout $branch
git push origin $TAG
# Changing the docker-compose prod
sed -i "s/asonix\/relay:.*/asonix\/relay:$new_tag/" docker-compose.yml
git add ../prod/docker-compose.yml
# The commit
git commit -m"Version $new_tag"
git tag $new_tag
# Push
git push origin $new_tag
git push
build_image "asonix/relay" "$TAG" "arm64v8"
build_image "asonix/relay" "$TAG" "arm32v7"
build_image "asonix/relay" "$TAG" "amd64"
# Build for arm64v8, arm32v7 and amd64
build_image $new_tag arm64v8 $push
build_image $new_tag arm32v7 $push
build_image $new_tag amd64 $push
./manifest.sh "asonix/relay" "$TAG"
./manifest.sh "asonix/relay" "latest"
# Build for other archs
# TODO
if [ "$push" == "true" ]; then
./manifest.sh relay $new_tag
./manifest.sh relay latest
# pushd ../../
# cargo publish
# popd
fi

View file

@ -0,0 +1,19 @@
version: '3.3'
services:
relay:
image: asonix/relay:v0.3.0
ports:
- "8079:8079"
restart: always
environment:
- HOSTNAME=relay.my.tld
- ADDR=0.0.0.0
- PORT=8080
- DEBUG=false
- RESTRICTED_MODE=false
- VALIDATE_SIGNATURES=true
- HTTPS=true
- DATABASE_URL=postgres://pg_user:pg_pass@pg_host:pg_port/pg_database
- PRETTY_LOG=false
- PUBLISH_BLOCKS=true

View file

@ -11,33 +11,33 @@ function print_help() {
echo "deploy.sh"
echo ""
echo "Usage:"
echo " manifest.sh [tag]"
echo " manifest.sh [repo] [tag]"
echo ""
echo "Args:"
echo " repo: The docker repository to push the manifest to"
echo " repo: The docker repository to update"
echo " tag: The git tag to be applied to the image manifest"
}
repo=$1
tag=$2
REPO=$1
TAG=$2
require "$repo" "repo"
require "$tag" "tag"
require "$REPO" "repo"
require "$TAG" "tag"
set -xe
docker manifest create $repo:$tag \
-a $repo:$tag-arm64v8 \
-a $repo:$tag-arm32v7 \
-a $repo:$tag-amd64
sudo docker manifest create asonix/$REPO:$TAG \
-a asonix/$REPO:arm64v8-$TAG \
-a asonix/$REPO:arm32v7-$TAG \
-a asonix/$REPO:amd64-$TAG
docker manifest annotate $repo:$tag \
$repo:$tag-arm64v8 --os linux --arch arm64 --variant v8
sudo docker manifest annotate asonix/$REPO:$TAG \
asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8
docker manifest annotate $repo:$tag \
$repo:$tag-arm32v7 --os linux --arch arm --variant v7
sudo docker manifest annotate asonix/$REPO:$TAG \
asonix/$REPO:arm32v7-$TAG --os linux --arch arm --variant v7
docker manifest annotate $repo:$tag \
$repo:$tag-amd64 --os linux --arch amd64
sudo docker manifest annotate asonix/$REPO:$TAG \
asonix/$REPO:amd64-$TAG --os linux --arch amd64
docker manifest push $repo:$tag --purge
sudo docker manifest push asonix/$REPO:$TAG --purge