Version v0.1.0-r103

Dockerfile.arm64v8

@@ -1,30 +0,0 @@
-FROM arm64v8/alpine:3.11.3 AS build
-
-COPY relay /relay
-
-RUN \
- apk add binutils && \
- strip /relay
-
-FROM arm64v8/alpine:3.11.3
-
-ARG UID=991
-ARG GID=991
-
-RUN \
- apk add tini && \
- echo "Etc/UTC" > /etc/localtime && \
- mkdir -p /opt/relay && \
- addgroup --gid $GID relay && \
- adduser -D -u $UID -G relay -h /opt/relay relay && \
- echo "relay:`head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256`" | chpasswd && \
- chown -R relay:relay /opt/relay
-
-COPY --from=build /relay /usr/bin/relay
-
-USER relay
-
-EXPOSE 8080
-
-ENTRYPOINT ["/sbin/tini", "--"]
-CMD ["relay"]

build.sh

@@ -1,80 +0,0 @@
-#!/usr/bin/env bash
-
-BUILD_DATE=$(date)
-VERSION=$1
-MIGRATIONS=$2
-
-function require() {
-    if [ "$1" = "" ]; then
-        echo "input '$2' required"
-        print_help
-        exit 1
-    fi
-}
-
-function print_help() {
-    echo "build.sh"
-    echo ""
-    echo "Usage:"
-    echo "      build.sh [version] [migrations]"
-    echo ""
-    echo "Args:"
-    echo "      version: The version of the current container"
-    echo "      migrations: (optional) Whether to build the migrations container as well"
-}
-
-require "$VERSION" "version"
-
-if ! docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
-    echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
-    sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
-fi
-
-if ! which cross; then
-    cargo intall cross
-fi
-
-set -xe
-
-cross build \
-    --target aarch64-unknown-linux-musl \
-    --release
-
-mkdir -p artifacts
-rm -rf artifacts/relay
-cp ./target/aarch64-unknown-linux-musl/release/relay artifacts/relay
-
-docker build \
-    --pull \
-    --no-cache \
-    --build-arg BUILD_DATE="${BUILD_DATE}" \
-    --build-arg TAG="${TAG}" \
-    -f Dockerfile.arm64v8 \
-    -t "asonix/relay:${VERSION}-arm64v8" \
-    -t "asonix/relay:latest-arm64v8" \
-    -t "asonix/relay:latest" \
-    ./artifacts
-
-docker push "asonix/relay:${VERSION}-arm64v8"
-docker push "asonix/relay:latest-arm64v8"
-docker push "asonix/relay:latest"
-
-if [ "${MIGRATIONS}" = "migrations" ]; then
-    rm -rf artifacts/migrations
-    cp -r ./migrations artifacts/migrations
-
-    docker build \
-        --pull \
-        --no-cache \
-        --build-arg BUILD_DATE="${BUILD_DATE}" \
-        --build-arg TAG="${TAG}" \
-        -f Dockerfile.migrations.arm64v8 \
-        -t "asonix/relay-migrations:${VERSION}-arm64v8" \
-        -t "asonix/relay-migrations:latest-arm64v8" \
-        -t "asonix/relay-migrations:latest" \
-        ./artifacts
-
-    docker push "asonix/relay-migrations:${VERSION}-arm64v8"
-    docker push "asonix/relay-migrations:latest-arm64v8"
-    docker push "asonix/relay-migrations:latest"
-fi

docker/prod/Dockerfile.amd64

@@ -0,0 +1,72 @@
+FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder
+
+ARG UID=991
+ARG GID=991
+
+ENV TOOLCHAIN=stable
+ENV TARGET=x86_64-unknown-linux-musl
+ENV TOOL=x86_64-linux-musl
+
+RUN \
+ apt-get update && \
+ apt-get upgrade -y
+
+RUN \
+ addgroup --gid "${GID}" build && \
+ adduser \
+    --disabled-password \
+    --gecos "" \
+    --ingroup build \
+    --uid "${UID}" \
+    --home /opt/build \
+    build
+
+ADD https://sh.rustup.rs /opt/build/rustup.sh
+
+RUN \
+ chown -R build:build /opt/build
+
+USER build
+WORKDIR /opt/build
+
+ENV PATH="$PATH:/opt/build/.cargo/bin"
+
+RUN \
+ chmod +x rustup.sh && \
+ ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
+ rustup target add $TARGET
+
+FROM amd64-builder as builder
+
+ARG TAG=master
+ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
+ARG BINARY=relay
+
+RUN \
+ git clone -b $TAG $REPOSITORY repo
+
+WORKDIR /opt/build/repo
+
+RUN \
+ cargo build --release --target $TARGET && \
+ $TOOL-strip target/$TARGET/release/$BINARY
+
+FROM amd64/alpine:3.12
+
+ARG UID=991
+ARG GID=991
+ARG BINARY=relay
+
+RUN \
+ apk add tini && \
+ addgroup --gid $GID relay && \
+ adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
+ chown -R relay:relay /opt/relay
+
+COPY --from=build /relay /usr/bin/relay
+
+EXPOSE 8080
+WORKDIR /opt/relay
+USER relay
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD ["relay"]

docker/prod/Dockerfile.arm32v7

@@ -0,0 +1,72 @@
+FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder
+
+ARG UID=991
+ARG GID=991
+
+ENV TOOLCHAIN=stable
+ENV TARGET=arm-unknown-linux-musleabihf
+ENV TOOL=arm-linux-musleabihf
+
+RUN \
+ apt-get update && \
+ apt-get upgrade -y
+
+RUN \
+ addgroup --gid "${GID}" build && \
+ adduser \
+    --disabled-password \
+    --gecos "" \
+    --ingroup build \
+    --uid "${UID}" \
+    --home /opt/build \
+    build
+
+ADD https://sh.rustup.rs /opt/build/rustup.sh
+
+RUN \
+ chown -R build:build /opt/build
+
+USER build
+WORKDIR /opt/build
+
+ENV PATH="$PATH:/opt/build/.cargo/bin"
+
+RUN \
+ chmod +x rustup.sh && \
+ ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
+ rustup target add $TARGET
+
+FROM arm32v7-builder as builder
+
+ARG TAG=master
+ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
+ARG BINARY=relay
+
+RUN \
+ git clone -b $TAG $REPOSITORY repo
+
+WORKDIR /opt/build/repo
+
+RUN \
+ cargo build --release --target $TARGET && \
+ $TOOL-strip target/$TARGET/release/$BINARY
+
+FROM arm32v7/alpine:3.12
+
+ARG UID=991
+ARG GID=991
+ARG BINARY=relay
+
+RUN \
+ apk add tini && \
+ addgroup --gid $GID relay && \
+ adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
+ chown -R relay:relay /opt/relay
+
+COPY --from=build /relay /usr/bin/relay
+
+EXPOSE 8080
+WORKDIR /opt/relay
+USER relay
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD ["relay"]

docker/prod/Dockerfile.arm64v8

@@ -0,0 +1,72 @@
+FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder
+
+ARG UID=991
+ARG GID=991
+
+ENV TOOLCHAIN=stable
+ENV TARGET=aarch64-unknown-linux-musl
+ENV TOOL=aarch64-linux-musl
+
+RUN \
+ apt-get update && \
+ apt-get upgrade -y
+
+RUN \
+ addgroup --gid "${GID}" build && \
+ adduser \
+    --disabled-password \
+    --gecos "" \
+    --ingroup build \
+    --uid "${UID}" \
+    --home /opt/build \
+    build
+
+ADD https://sh.rustup.rs /opt/build/rustup.sh
+
+RUN \
+ chown -R build:build /opt/build
+
+USER build
+WORKDIR /opt/build
+
+ENV PATH="PATH:/opt/build/.cargo/bin"
+
+RUN \
+ chmod +x rustup.sh && \
+ ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
+ rustup target add $TARGET
+
+FROM aarch64-builder as builder
+
+ARG TAG=master
+ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
+ARG BINARY=relay
+
+RUN \
+ git clone -b $TAG $REPOSITORY repo
+
+WORKDIR /opt/build/repo
+
+RUN \
+ cargo build --release --target $TARGET && \
+ $TOOL-strip target/$TARGET/release/$BINARY
+
+FROM arm64v8/alpine:3.12
+
+ARG UID=991
+ARG GID=991
+ARG BINARY=relay
+
+RUN \
+ apk add tini && \
+ addgroup --gid $GID relay && \
+ adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
+ chown -R relay:relay /opt/relay
+
+COPY --from=build /relay /usr/bin/relay
+
+EXPOSE 8080
+WORKDIR /opt/relay
+USER relay
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD ["relay"]

docker/prod/deploy.sh

@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+
+TAG=$1
+MIGRATIONS=$2
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+
+function print_help() {
+    echo "build.sh"
+    echo ""
+    echo "Usage:"
+    echo "      build.sh [tag] [migrations]"
+    echo ""
+    echo "Args:"
+    echo "      tag: The git tag to create and publish"
+    echo "      migrations: (optional) Whether to build the migrations container as well"
+}
+
+function build_image() {
+    repo=$1
+    tag=$2
+    arch=$3
+
+    docker build \
+        --pull \
+        --build-arg TAG="${tag}" \
+        -f "Dockerfile.${arch}" \
+        -t "${repo}:${tag}-${arch}" \
+        -t "${repo}:latest-${arch}" \
+        ./artifacts
+
+    docker push "${repo}:${tag}-arm64v8"
+    docker push "${repo}:latest-arm64v8"
+}
+
+require "$TAG" "tag"
+
+if ! docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
+    echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
+    sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+fi
+
+set -xe
+
+git checkout master
+git commit -m "Version $TAG"
+git tag $TAG
+
+git push origin $TAG
+git push
+
+build_image "asonix/relay" "$TAG" "arm64v8"
+build_image "asonix/relay" "$TAG" "arm32v7"
+build_image "asonix/relay" "$TAG" "amd64"
+
+./manifest.sh "asonix/relay" "$TAG"
+./manifest.sh "asonix/relay" "latest"
+
+if [ "${MIGRATIONS}" = "migrations" ]; then
+    build_image "asonix/relay-migrations" "$TAG" arm64v8
+    build_image "asonix/relay-migrations" "$TAG" arm32v7
+    build_image "asonix/relay-migrations" "$TAG" amd64
+
+    ./manifest.sh "asonix/relay-migrations" "$TAG"
+    ./manifest.sh "asonix/relay-migrations" "latest"
+fi

docker/prod/manifest.sh

@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+function print_help() {
+    echo "deploy.sh"
+    echo ""
+    echo "Usage:"
+    echo "	manifest.sh [tag]"
+    echo ""
+    echo "Args:"
+    echo "	repo: The docker repository to push the manifest to"
+    echo "	tag: The git tag to be applied to the image manifest"
+}
+
+repo=$2
+tag=$2
+
+require "$repo" "repo"
+require "$tag" "tag"
+
+set -xe
+
+docker manifest create $repo:$tag \
+    -a $repo:arm64v8-$tag \
+    -a $repo:arm32v7-$tag \
+    -a $repo:amd64-$tag
+
+docker manifest annotate $repo:$tag \
+    $repo:arm64v8-$tag --os linux --arch arm64 --variant v8
+
+docker manifest annotate $repo:$tag \
+    $repo:arm32v7-$tag --os linux --arch arm --variant v7
+
+docker manifest annotate $repo:$tag \
+    $repo:amd64-$tag --os linux --arch amd64
+
+docker manifest push $repo:$tag --purge