From 3a4d21b349d687c887d46b4b95e3e42da14231aa Mon Sep 17 00:00:00 2001 From: "Aode (lion)" Date: Mon, 20 Sep 2021 12:56:14 -0500 Subject: [PATCH] Version v0.3.0 --- docker/prod/Dockerfile | 41 +++++++++++++++++ docker/prod/Dockerfile.amd64 | 73 ----------------------------- docker/prod/Dockerfile.arm32v7 | 73 ----------------------------- docker/prod/Dockerfile.arm64v8 | 73 ----------------------------- docker/prod/build-image.sh | 37 +++++++++++++++ docker/prod/deploy.sh | 84 ++++++++++++++++++++++------------ docker/prod/docker-compose.yml | 19 ++++++++ docker/prod/manifest.sh | 34 +++++++------- 8 files changed, 169 insertions(+), 265 deletions(-) create mode 100644 docker/prod/Dockerfile delete mode 100644 docker/prod/Dockerfile.amd64 delete mode 100644 docker/prod/Dockerfile.arm32v7 delete mode 100644 docker/prod/Dockerfile.arm64v8 create mode 100755 docker/prod/build-image.sh create mode 100644 docker/prod/docker-compose.yml diff --git a/docker/prod/Dockerfile b/docker/prod/Dockerfile new file mode 100644 index 0000000..280aa95 --- /dev/null +++ b/docker/prod/Dockerfile @@ -0,0 +1,41 @@ +ARG REPO_ARCH=amd64 + +# cross-build environment +FROM asonix/rust-builder:$REPO_ARCH-latest AS builder + +ARG TAG=main +ARG BINARY=relay +ARG PROJECT=relay +ARG GIT_REPOSITORY=https://git.asonix.dog/asonix/$PROJECT + +ENV \ + BINARY=${BINARY} + +ADD \ + --chown=build:build \ + $GIT_REPOSITORY/archive/$TAG.tar.gz \ + /opt/build/repo.tar.gz + +RUN \ + tar zxf repo.tar.gz + +WORKDIR /opt/build/$PROJECT + +RUN \ + build + +# production environment +FROM asonix/rust-runner:$REPO_ARCH-latest + +ARG BINARY=relay + +ENV \ + BINARY=${BINARY} + +COPY \ + --from=builder \ + /opt/build/binary \ + /usr/bin/${BINARY} + +ENTRYPOINT ["/sbin/tini", "--"] +CMD /usr/bin/${BINARY} diff --git a/docker/prod/Dockerfile.amd64 b/docker/prod/Dockerfile.amd64 deleted file mode 100644 index 315bd75..0000000 --- a/docker/prod/Dockerfile.amd64 +++ /dev/null @@ -1,73 +0,0 @@ -FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder - -ARG UID=991 -ARG GID=991 - -ENV TOOLCHAIN=stable -ENV TARGET=x86_64-unknown-linux-musl -ENV TOOL=x86_64-linux-musl - -RUN \ - apt-get update && \ - apt-get upgrade -y - -RUN \ - addgroup --gid "${GID}" build && \ - adduser \ - --disabled-password \ - --gecos "" \ - --ingroup build \ - --uid "${UID}" \ - --home /opt/build \ - build - -ADD https://sh.rustup.rs /opt/build/rustup.sh - -RUN \ - chown -R build:build /opt/build - -USER build -WORKDIR /opt/build - -ENV PATH="$PATH:/opt/build/.cargo/bin" - -RUN \ - chmod +x rustup.sh && \ - ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \ - rustup target add $TARGET - -FROM amd64-builder as builder - -ARG TAG=master -ARG REPOSITORY=https://git.asonix.dog/asonix/relay -ARG BINARY=relay - -RUN \ - git clone -b $TAG $REPOSITORY repo - -WORKDIR /opt/build/repo - -RUN \ - cargo build --release --target $TARGET && \ - $TOOL-strip target/$TARGET/release/$BINARY - -FROM amd64/alpine:3.14 - -ARG UID=991 -ARG GID=991 -ARG BINARY=relay -ARG TARGET=x86_64-unknown-linux-musl - -RUN \ - apk add tini && \ - addgroup --gid $GID relay && \ - adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \ - chown -R relay:relay /opt/relay - -COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY - -EXPOSE 8080 -WORKDIR /opt/relay -USER relay -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["relay"] diff --git a/docker/prod/Dockerfile.arm32v7 b/docker/prod/Dockerfile.arm32v7 deleted file mode 100644 index 9c384df..0000000 --- a/docker/prod/Dockerfile.arm32v7 +++ /dev/null @@ -1,73 +0,0 @@ -FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder - -ARG UID=991 -ARG GID=991 - -ENV TOOLCHAIN=stable -ENV TARGET=arm-unknown-linux-musleabihf -ENV TOOL=arm-linux-musleabihf - -RUN \ - apt-get update && \ - apt-get upgrade -y - -RUN \ - addgroup --gid "${GID}" build && \ - adduser \ - --disabled-password \ - --gecos "" \ - --ingroup build \ - --uid "${UID}" \ - --home /opt/build \ - build - -ADD https://sh.rustup.rs /opt/build/rustup.sh - -RUN \ - chown -R build:build /opt/build - -USER build -WORKDIR /opt/build - -ENV PATH="$PATH:/opt/build/.cargo/bin" - -RUN \ - chmod +x rustup.sh && \ - ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \ - rustup target add $TARGET - -FROM arm32v7-builder as builder - -ARG TAG=master -ARG REPOSITORY=https://git.asonix.dog/asonix/relay -ARG BINARY=relay - -RUN \ - git clone -b $TAG $REPOSITORY repo - -WORKDIR /opt/build/repo - -RUN \ - cargo build --release --target $TARGET && \ - $TOOL-strip target/$TARGET/release/$BINARY - -FROM arm32v7/alpine:3.14 - -ARG UID=991 -ARG GID=991 -ARG BINARY=relay -ARG TARGET=arm-unknown-linux-musleabihf - -RUN \ - apk add tini && \ - addgroup --gid $GID relay && \ - adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \ - chown -R relay:relay /opt/relay - -COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY - -EXPOSE 8080 -WORKDIR /opt/relay -USER relay -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["relay"] diff --git a/docker/prod/Dockerfile.arm64v8 b/docker/prod/Dockerfile.arm64v8 deleted file mode 100644 index 17f0752..0000000 --- a/docker/prod/Dockerfile.arm64v8 +++ /dev/null @@ -1,73 +0,0 @@ -FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder - -ARG UID=991 -ARG GID=991 - -ENV TOOLCHAIN=stable -ENV TARGET=aarch64-unknown-linux-musl -ENV TOOL=aarch64-linux-musl - -RUN \ - apt-get update && \ - apt-get upgrade -y - -RUN \ - addgroup --gid "${GID}" build && \ - adduser \ - --disabled-password \ - --gecos "" \ - --ingroup build \ - --uid "${UID}" \ - --home /opt/build \ - build - -ADD https://sh.rustup.rs /opt/build/rustup.sh - -RUN \ - chown -R build:build /opt/build - -USER build -WORKDIR /opt/build - -ENV PATH="$PATH:/opt/build/.cargo/bin" - -RUN \ - chmod +x rustup.sh && \ - ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \ - rustup target add $TARGET - -FROM aarch64-builder as builder - -ARG TAG=master -ARG REPOSITORY=https://git.asonix.dog/asonix/relay -ARG BINARY=relay - -RUN \ - git clone -b $TAG $REPOSITORY repo - -WORKDIR /opt/build/repo - -RUN \ - cargo build --release --target $TARGET && \ - $TOOL-strip target/$TARGET/release/$BINARY - -FROM arm64v8/alpine:3.14 - -ARG UID=991 -ARG GID=991 -ARG BINARY=relay -ARG TARGET=aarch64-unknown-linux-musl - -RUN \ - apk add tini && \ - addgroup --gid $GID relay && \ - adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \ - chown -R relay:relay /opt/relay - -COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY - -EXPOSE 8080 -WORKDIR /opt/relay -USER relay -ENTRYPOINT ["/sbin/tini", "--"] -CMD ["relay"] diff --git a/docker/prod/build-image.sh b/docker/prod/build-image.sh new file mode 100755 index 0000000..2782f1e --- /dev/null +++ b/docker/prod/build-image.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +function require() { + if [ "$1" = "" ]; then + echo "input '$2' required" + print_help + exit 1 + fi +} + +function print_help() { + echo "deploy.sh" + echo "" + echo "Usage:" + echo " deploy.sh [repo] [tag] [arch]" + echo "" + echo "Args:" + echo " repo: The docker repository to publish the image" + echo " tag: The tag applied to the docker image" + echo " arch: The architecuture of the doker image" +} + +REPO=$1 +TAG=$2 +ARCH=$3 + +require "$REPO" repo +require "$TAG" tag +require "$ARCH" arch + +sudo docker build \ + --pull \ + --build-arg TAG=$TAG \ + --build-arg REPO_ARCH=$ARCH \ + -t $REPO:$ARCH-$TAG \ + -f Dockerfile \ + . diff --git a/docker/prod/deploy.sh b/docker/prod/deploy.sh index ea01e18..fcd7539 100755 --- a/docker/prod/deploy.sh +++ b/docker/prod/deploy.sh @@ -1,7 +1,5 @@ #!/usr/bin/env bash -TAG=$1 - function require() { if [ "$1" = "" ]; then echo "input '$2' required" @@ -11,51 +9,79 @@ function require() { } function print_help() { - echo "build.sh" + echo "deploy.sh" echo "" echo "Usage:" - echo " build.sh [tag]" + echo " deploy.sh [tag] [branch] [push]" echo "" echo "Args:" - echo " tag: The git tag to create and publish" + echo " tag: The git tag to be applied to the repository and docker build" + echo " branch: The git branch to use for tagging and publishing" + echo " push: Whether or not to push the image" + echo "" + echo "Examples:" + echo " ./deploy.sh v0.3.0-alpha.13 main true" + echo " ./deploy.sh v0.3.0-alpha.13-shell-out asonix/shell-out false" } function build_image() { - repo=$1 - tag=$2 - arch=$3 + tag=$1 + arch=$2 + push=$3 - sudo docker build \ - --pull \ - --build-arg TAG="${tag}" \ - -f "Dockerfile.${arch}" \ - -t "${repo}:${tag}-${arch}" \ - -t "${repo}:latest-${arch}" \ - . + ./build-image.sh asonix/relay $tag $arch - sudo docker push "${repo}:${tag}-${arch}" - sudo docker push "${repo}:latest-${arch}" + sudo docker tag asonix/relay:$arch-$tag asonix/relay:$arch-latest + + if [ "$push" == "true" ]; then + sudo docker push asonix/relay:$arch-$tag + sudo docker push asonix/relay:$arch-latest + fi } -require "$TAG" "tag" +# Creating the new tag +new_tag="$1" +branch="$2" +push=$3 -if ! sudo docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then - echo "docker is not configured to run on qemu-emulated architectures" +require "$new_tag" "tag" +require "$branch" "branch" +require "$push" "push" + +if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"' +then + echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo" sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes fi set -xe -git checkout main -git commit -m "Version $TAG" || true -git tag $TAG +git checkout $branch -git push origin $TAG +# Changing the docker-compose prod +sed -i "s/asonix\/relay:.*/asonix\/relay:$new_tag/" docker-compose.yml +git add ../prod/docker-compose.yml +# The commit +git commit -m"Version $new_tag" +git tag $new_tag + +# Push +git push origin $new_tag git push -build_image "asonix/relay" "$TAG" "arm64v8" -build_image "asonix/relay" "$TAG" "arm32v7" -build_image "asonix/relay" "$TAG" "amd64" +# Build for arm64v8, arm32v7 and amd64 +build_image $new_tag arm64v8 $push +build_image $new_tag arm32v7 $push +build_image $new_tag amd64 $push -./manifest.sh "asonix/relay" "$TAG" -./manifest.sh "asonix/relay" "latest" +# Build for other archs +# TODO + +if [ "$push" == "true" ]; then + ./manifest.sh relay $new_tag + ./manifest.sh relay latest + + # pushd ../../ + # cargo publish + # popd +fi diff --git a/docker/prod/docker-compose.yml b/docker/prod/docker-compose.yml new file mode 100644 index 0000000..86943c7 --- /dev/null +++ b/docker/prod/docker-compose.yml @@ -0,0 +1,19 @@ +version: '3.3' + +services: + relay: + image: asonix/relay:v0.3.0 + ports: + - "8079:8079" + restart: always + environment: + - HOSTNAME=relay.my.tld + - ADDR=0.0.0.0 + - PORT=8080 + - DEBUG=false + - RESTRICTED_MODE=false + - VALIDATE_SIGNATURES=true + - HTTPS=true + - DATABASE_URL=postgres://pg_user:pg_pass@pg_host:pg_port/pg_database + - PRETTY_LOG=false + - PUBLISH_BLOCKS=true diff --git a/docker/prod/manifest.sh b/docker/prod/manifest.sh index 7abe058..d426a97 100755 --- a/docker/prod/manifest.sh +++ b/docker/prod/manifest.sh @@ -11,33 +11,33 @@ function print_help() { echo "deploy.sh" echo "" echo "Usage:" - echo " manifest.sh [tag]" + echo " manifest.sh [repo] [tag]" echo "" echo "Args:" - echo " repo: The docker repository to push the manifest to" + echo " repo: The docker repository to update" echo " tag: The git tag to be applied to the image manifest" } -repo=$1 -tag=$2 +REPO=$1 +TAG=$2 -require "$repo" "repo" -require "$tag" "tag" +require "$REPO" "repo" +require "$TAG" "tag" set -xe -docker manifest create $repo:$tag \ - -a $repo:$tag-arm64v8 \ - -a $repo:$tag-arm32v7 \ - -a $repo:$tag-amd64 +sudo docker manifest create asonix/$REPO:$TAG \ + -a asonix/$REPO:arm64v8-$TAG \ + -a asonix/$REPO:arm32v7-$TAG \ + -a asonix/$REPO:amd64-$TAG -docker manifest annotate $repo:$tag \ - $repo:$tag-arm64v8 --os linux --arch arm64 --variant v8 +sudo docker manifest annotate asonix/$REPO:$TAG \ + asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8 -docker manifest annotate $repo:$tag \ - $repo:$tag-arm32v7 --os linux --arch arm --variant v7 +sudo docker manifest annotate asonix/$REPO:$TAG \ + asonix/$REPO:arm32v7-$TAG --os linux --arch arm --variant v7 -docker manifest annotate $repo:$tag \ - $repo:$tag-amd64 --os linux --arch amd64 +sudo docker manifest annotate asonix/$REPO:$TAG \ + asonix/$REPO:amd64-$TAG --os linux --arch amd64 -docker manifest push $repo:$tag --purge +sudo docker manifest push asonix/$REPO:$TAG --purge