mirror of
https://git.asonix.dog/asonix/relay.git
synced 2024-12-23 03:36:30 +00:00
Version v0.1.0-r103
This commit is contained in:
parent
a5518aa3f2
commit
aaa54d26cc
8 changed files with 331 additions and 110 deletions
|
@ -1,30 +0,0 @@
|
|||
FROM arm64v8/alpine:3.11.3 AS build
|
||||
|
||||
COPY relay /relay
|
||||
|
||||
RUN \
|
||||
apk add binutils && \
|
||||
strip /relay
|
||||
|
||||
FROM arm64v8/alpine:3.11.3
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
echo "Etc/UTC" > /etc/localtime && \
|
||||
mkdir -p /opt/relay && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -u $UID -G relay -h /opt/relay relay && \
|
||||
echo "relay:`head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256`" | chpasswd && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=build /relay /usr/bin/relay
|
||||
|
||||
USER relay
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
80
build.sh
80
build.sh
|
@ -1,80 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
BUILD_DATE=$(date)
|
||||
VERSION=$1
|
||||
MIGRATIONS=$2
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function print_help() {
|
||||
echo "build.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " build.sh [version] [migrations]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " version: The version of the current container"
|
||||
echo " migrations: (optional) Whether to build the migrations container as well"
|
||||
}
|
||||
|
||||
require "$VERSION" "version"
|
||||
|
||||
if ! docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
|
||||
echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
|
||||
sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
fi
|
||||
|
||||
if ! which cross; then
|
||||
cargo intall cross
|
||||
fi
|
||||
|
||||
set -xe
|
||||
|
||||
cross build \
|
||||
--target aarch64-unknown-linux-musl \
|
||||
--release
|
||||
|
||||
mkdir -p artifacts
|
||||
rm -rf artifacts/relay
|
||||
cp ./target/aarch64-unknown-linux-musl/release/relay artifacts/relay
|
||||
|
||||
docker build \
|
||||
--pull \
|
||||
--no-cache \
|
||||
--build-arg BUILD_DATE="${BUILD_DATE}" \
|
||||
--build-arg TAG="${TAG}" \
|
||||
-f Dockerfile.arm64v8 \
|
||||
-t "asonix/relay:${VERSION}-arm64v8" \
|
||||
-t "asonix/relay:latest-arm64v8" \
|
||||
-t "asonix/relay:latest" \
|
||||
./artifacts
|
||||
|
||||
docker push "asonix/relay:${VERSION}-arm64v8"
|
||||
docker push "asonix/relay:latest-arm64v8"
|
||||
docker push "asonix/relay:latest"
|
||||
|
||||
if [ "${MIGRATIONS}" = "migrations" ]; then
|
||||
rm -rf artifacts/migrations
|
||||
cp -r ./migrations artifacts/migrations
|
||||
|
||||
docker build \
|
||||
--pull \
|
||||
--no-cache \
|
||||
--build-arg BUILD_DATE="${BUILD_DATE}" \
|
||||
--build-arg TAG="${TAG}" \
|
||||
-f Dockerfile.migrations.arm64v8 \
|
||||
-t "asonix/relay-migrations:${VERSION}-arm64v8" \
|
||||
-t "asonix/relay-migrations:latest-arm64v8" \
|
||||
-t "asonix/relay-migrations:latest" \
|
||||
./artifacts
|
||||
|
||||
docker push "asonix/relay-migrations:${VERSION}-arm64v8"
|
||||
docker push "asonix/relay-migrations:latest-arm64v8"
|
||||
docker push "asonix/relay-migrations:latest"
|
||||
fi
|
72
docker/prod/Dockerfile.amd64
Normal file
72
docker/prod/Dockerfile.amd64
Normal file
|
@ -0,0 +1,72 @@
|
|||
FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=x86_64-unknown-linux-musl
|
||||
ENV TOOL=x86_64-linux-musl
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="$PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM amd64-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM amd64/alpine:3.12
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=build /relay /usr/bin/relay
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
72
docker/prod/Dockerfile.arm32v7
Normal file
72
docker/prod/Dockerfile.arm32v7
Normal file
|
@ -0,0 +1,72 @@
|
|||
FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=arm-unknown-linux-musleabihf
|
||||
ENV TOOL=arm-linux-musleabihf
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="$PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM arm32v7-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM arm32v7/alpine:3.12
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=build /relay /usr/bin/relay
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
72
docker/prod/Dockerfile.arm64v8
Normal file
72
docker/prod/Dockerfile.arm64v8
Normal file
|
@ -0,0 +1,72 @@
|
|||
FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
|
||||
ENV TOOLCHAIN=stable
|
||||
ENV TARGET=aarch64-unknown-linux-musl
|
||||
ENV TOOL=aarch64-linux-musl
|
||||
|
||||
RUN \
|
||||
apt-get update && \
|
||||
apt-get upgrade -y
|
||||
|
||||
RUN \
|
||||
addgroup --gid "${GID}" build && \
|
||||
adduser \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup build \
|
||||
--uid "${UID}" \
|
||||
--home /opt/build \
|
||||
build
|
||||
|
||||
ADD https://sh.rustup.rs /opt/build/rustup.sh
|
||||
|
||||
RUN \
|
||||
chown -R build:build /opt/build
|
||||
|
||||
USER build
|
||||
WORKDIR /opt/build
|
||||
|
||||
ENV PATH="PATH:/opt/build/.cargo/bin"
|
||||
|
||||
RUN \
|
||||
chmod +x rustup.sh && \
|
||||
./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
|
||||
rustup target add $TARGET
|
||||
|
||||
FROM aarch64-builder as builder
|
||||
|
||||
ARG TAG=master
|
||||
ARG REPOSITORY=https://git.asonix.dog/asonix/ap-relay
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
git clone -b $TAG $REPOSITORY repo
|
||||
|
||||
WORKDIR /opt/build/repo
|
||||
|
||||
RUN \
|
||||
cargo build --release --target $TARGET && \
|
||||
$TOOL-strip target/$TARGET/release/$BINARY
|
||||
|
||||
FROM arm64v8/alpine:3.12
|
||||
|
||||
ARG UID=991
|
||||
ARG GID=991
|
||||
ARG BINARY=relay
|
||||
|
||||
RUN \
|
||||
apk add tini && \
|
||||
addgroup --gid $GID relay && \
|
||||
adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
|
||||
chown -R relay:relay /opt/relay
|
||||
|
||||
COPY --from=build /relay /usr/bin/relay
|
||||
|
||||
EXPOSE 8080
|
||||
WORKDIR /opt/relay
|
||||
USER relay
|
||||
ENTRYPOINT ["/sbin/tini", "--"]
|
||||
CMD ["relay"]
|
72
docker/prod/deploy.sh
Executable file
72
docker/prod/deploy.sh
Executable file
|
@ -0,0 +1,72 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
TAG=$1
|
||||
MIGRATIONS=$2
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function print_help() {
|
||||
echo "build.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " build.sh [tag] [migrations]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " tag: The git tag to create and publish"
|
||||
echo " migrations: (optional) Whether to build the migrations container as well"
|
||||
}
|
||||
|
||||
function build_image() {
|
||||
repo=$1
|
||||
tag=$2
|
||||
arch=$3
|
||||
|
||||
docker build \
|
||||
--pull \
|
||||
--build-arg TAG="${tag}" \
|
||||
-f "Dockerfile.${arch}" \
|
||||
-t "${repo}:${tag}-${arch}" \
|
||||
-t "${repo}:latest-${arch}" \
|
||||
./artifacts
|
||||
|
||||
docker push "${repo}:${tag}-arm64v8"
|
||||
docker push "${repo}:latest-arm64v8"
|
||||
}
|
||||
|
||||
require "$TAG" "tag"
|
||||
|
||||
if ! docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
|
||||
echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
|
||||
sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
|
||||
fi
|
||||
|
||||
set -xe
|
||||
|
||||
git checkout master
|
||||
git commit -m "Version $TAG"
|
||||
git tag $TAG
|
||||
|
||||
git push origin $TAG
|
||||
git push
|
||||
|
||||
build_image "asonix/relay" "$TAG" "arm64v8"
|
||||
build_image "asonix/relay" "$TAG" "arm32v7"
|
||||
build_image "asonix/relay" "$TAG" "amd64"
|
||||
|
||||
./manifest.sh "asonix/relay" "$TAG"
|
||||
./manifest.sh "asonix/relay" "latest"
|
||||
|
||||
if [ "${MIGRATIONS}" = "migrations" ]; then
|
||||
build_image "asonix/relay-migrations" "$TAG" arm64v8
|
||||
build_image "asonix/relay-migrations" "$TAG" arm32v7
|
||||
build_image "asonix/relay-migrations" "$TAG" amd64
|
||||
|
||||
./manifest.sh "asonix/relay-migrations" "$TAG"
|
||||
./manifest.sh "asonix/relay-migrations" "latest"
|
||||
fi
|
43
docker/prod/manifest.sh
Executable file
43
docker/prod/manifest.sh
Executable file
|
@ -0,0 +1,43 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
function require() {
|
||||
if [ "$1" = "" ]; then
|
||||
echo "input '$2' required"
|
||||
print_help
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
function print_help() {
|
||||
echo "deploy.sh"
|
||||
echo ""
|
||||
echo "Usage:"
|
||||
echo " manifest.sh [tag]"
|
||||
echo ""
|
||||
echo "Args:"
|
||||
echo " repo: The docker repository to push the manifest to"
|
||||
echo " tag: The git tag to be applied to the image manifest"
|
||||
}
|
||||
|
||||
repo=$2
|
||||
tag=$2
|
||||
|
||||
require "$repo" "repo"
|
||||
require "$tag" "tag"
|
||||
|
||||
set -xe
|
||||
|
||||
docker manifest create $repo:$tag \
|
||||
-a $repo:arm64v8-$tag \
|
||||
-a $repo:arm32v7-$tag \
|
||||
-a $repo:amd64-$tag
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:arm64v8-$tag --os linux --arch arm64 --variant v8
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:arm32v7-$tag --os linux --arch arm --variant v7
|
||||
|
||||
docker manifest annotate $repo:$tag \
|
||||
$repo:amd64-$tag --os linux --arch amd64
|
||||
|
||||
docker manifest push $repo:$tag --purge
|
Loading…
Reference in a new issue