Version v0.3.0

2021-09-20 12:56:14 -05:00 · 2021-09-20 12:56:14 -05:00 · 3a4d21b349
commit 3a4d21b349
parent a53c8a0a63
8 changed files with 169 additions and 265 deletions
--- a/docker/prod/Dockerfile
+++ b/docker/prod/Dockerfile
@ -0,0 +1,41 @@
+ARG REPO_ARCH=amd64
+
+# cross-build environment
+FROM asonix/rust-builder:$REPO_ARCH-latest AS builder
+
+ARG TAG=main
+ARG BINARY=relay
+ARG PROJECT=relay
+ARG GIT_REPOSITORY=https://git.asonix.dog/asonix/$PROJECT
+
+ENV \
+ BINARY=${BINARY}
+
+ADD \
+ --chown=build:build \
+ $GIT_REPOSITORY/archive/$TAG.tar.gz \
+ /opt/build/repo.tar.gz
+
+RUN \
+ tar zxf repo.tar.gz
+
+WORKDIR /opt/build/$PROJECT
+
+RUN \
+ build
+
+# production environment
+FROM asonix/rust-runner:$REPO_ARCH-latest
+
+ARG BINARY=relay
+
+ENV \
+ BINARY=${BINARY}
+
+COPY \
+ --from=builder \
+ /opt/build/binary \
+ /usr/bin/${BINARY}
+
+ENTRYPOINT ["/sbin/tini", "--"]
+CMD /usr/bin/${BINARY}
--- a/docker/prod/Dockerfile.amd64
+++ b/docker/prod/Dockerfile.amd64
@ -1,73 +0,0 @@
-FROM rustembedded/cross:x86_64-unknown-linux-musl AS amd64-builder
-
-ARG UID=991
-ARG GID=991
-
-ENV TOOLCHAIN=stable
-ENV TARGET=x86_64-unknown-linux-musl
-ENV TOOL=x86_64-linux-musl
-
-RUN \
- apt-get update && \
- apt-get upgrade -y
-
-RUN \
- addgroup --gid "${GID}" build && \
- adduser \
-    --disabled-password \
-    --gecos "" \
-    --ingroup build \
-    --uid "${UID}" \
-    --home /opt/build \
-    build
-
-ADD https://sh.rustup.rs /opt/build/rustup.sh
-
-RUN \
- chown -R build:build /opt/build
-
-USER build
-WORKDIR /opt/build
-
-ENV PATH="$PATH:/opt/build/.cargo/bin"
-
-RUN \
- chmod +x rustup.sh && \
- ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
- rustup target add $TARGET
-
-FROM amd64-builder as builder
-
-ARG TAG=master
-ARG REPOSITORY=https://git.asonix.dog/asonix/relay
-ARG BINARY=relay
-
-RUN \
- git clone -b $TAG $REPOSITORY repo
-
-WORKDIR /opt/build/repo
-
-RUN \
- cargo build --release --target $TARGET && \
- $TOOL-strip target/$TARGET/release/$BINARY
-
-FROM amd64/alpine:3.14
-
-ARG UID=991
-ARG GID=991
-ARG BINARY=relay
-ARG TARGET=x86_64-unknown-linux-musl
-
-RUN \
- apk add tini && \
- addgroup --gid $GID relay && \
- adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
- chown -R relay:relay /opt/relay
-
-COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
-
-EXPOSE 8080
-WORKDIR /opt/relay
-USER relay
-ENTRYPOINT ["/sbin/tini", "--"]
-CMD ["relay"]
--- a/docker/prod/Dockerfile.arm32v7
+++ b/docker/prod/Dockerfile.arm32v7
@ -1,73 +0,0 @@
-FROM rustembedded/cross:arm-unknown-linux-musleabihf AS arm32v7-builder
-
-ARG UID=991
-ARG GID=991
-
-ENV TOOLCHAIN=stable
-ENV TARGET=arm-unknown-linux-musleabihf
-ENV TOOL=arm-linux-musleabihf
-
-RUN \
- apt-get update && \
- apt-get upgrade -y
-
-RUN \
- addgroup --gid "${GID}" build && \
- adduser \
-    --disabled-password \
-    --gecos "" \
-    --ingroup build \
-    --uid "${UID}" \
-    --home /opt/build \
-    build
-
-ADD https://sh.rustup.rs /opt/build/rustup.sh
-
-RUN \
- chown -R build:build /opt/build
-
-USER build
-WORKDIR /opt/build
-
-ENV PATH="$PATH:/opt/build/.cargo/bin"
-
-RUN \
- chmod +x rustup.sh && \
- ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
- rustup target add $TARGET
-
-FROM arm32v7-builder as builder
-
-ARG TAG=master
-ARG REPOSITORY=https://git.asonix.dog/asonix/relay
-ARG BINARY=relay
-
-RUN \
- git clone -b $TAG $REPOSITORY repo
-
-WORKDIR /opt/build/repo
-
-RUN \
- cargo build --release --target $TARGET && \
- $TOOL-strip target/$TARGET/release/$BINARY
-
-FROM arm32v7/alpine:3.14
-
-ARG UID=991
-ARG GID=991
-ARG BINARY=relay
-ARG TARGET=arm-unknown-linux-musleabihf
-
-RUN \
- apk add tini && \
- addgroup --gid $GID relay && \
- adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
- chown -R relay:relay /opt/relay
-
-COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
-
-EXPOSE 8080
-WORKDIR /opt/relay
-USER relay
-ENTRYPOINT ["/sbin/tini", "--"]
-CMD ["relay"]
--- a/docker/prod/Dockerfile.arm64v8
+++ b/docker/prod/Dockerfile.arm64v8
@ -1,73 +0,0 @@
-FROM rustembedded/cross:aarch64-unknown-linux-musl AS aarch64-builder
-
-ARG UID=991
-ARG GID=991
-
-ENV TOOLCHAIN=stable
-ENV TARGET=aarch64-unknown-linux-musl
-ENV TOOL=aarch64-linux-musl
-
-RUN \
- apt-get update && \
- apt-get upgrade -y
-
-RUN \
- addgroup --gid "${GID}" build && \
- adduser \
-    --disabled-password \
-    --gecos "" \
-    --ingroup build \
-    --uid "${UID}" \
-    --home /opt/build \
-    build
-
-ADD https://sh.rustup.rs /opt/build/rustup.sh
-
-RUN \
- chown -R build:build /opt/build
-
-USER build
-WORKDIR /opt/build
-
-ENV PATH="$PATH:/opt/build/.cargo/bin"
-
-RUN \
- chmod +x rustup.sh && \
- ./rustup.sh --default-toolchain $TOOLCHAIN --profile minimal -y && \
- rustup target add $TARGET
-
-FROM aarch64-builder as builder
-
-ARG TAG=master
-ARG REPOSITORY=https://git.asonix.dog/asonix/relay
-ARG BINARY=relay
-
-RUN \
- git clone -b $TAG $REPOSITORY repo
-
-WORKDIR /opt/build/repo
-
-RUN \
- cargo build --release --target $TARGET && \
- $TOOL-strip target/$TARGET/release/$BINARY
-
-FROM arm64v8/alpine:3.14
-
-ARG UID=991
-ARG GID=991
-ARG BINARY=relay
-ARG TARGET=aarch64-unknown-linux-musl
-
-RUN \
- apk add tini && \
- addgroup --gid $GID relay && \
- adduser -D -G relay -u $UID -g "" -h /opt/relay relay && \
- chown -R relay:relay /opt/relay
-
-COPY --from=builder /opt/build/repo/target/$TARGET/release/$BINARY /usr/bin/$BINARY
-
-EXPOSE 8080
-WORKDIR /opt/relay
-USER relay
-ENTRYPOINT ["/sbin/tini", "--"]
-CMD ["relay"]
--- a/docker/prod/build-image.sh
+++ b/docker/prod/build-image.sh
@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+
+function require() {
+    if [ "$1" = "" ]; then
+        echo "input '$2' required"
+        print_help
+        exit 1
+    fi
+}
+
+function print_help() {
+    echo "deploy.sh"
+    echo ""
+    echo "Usage:"
+    echo "	deploy.sh [repo] [tag] [arch]"
+    echo ""
+    echo "Args:"
+    echo "	repo: The docker repository to publish the image"
+    echo "	tag: The tag applied to the docker image"
+    echo "	arch: The architecuture of the doker image"
+}
+
+REPO=$1
+TAG=$2
+ARCH=$3
+
+require "$REPO" repo
+require "$TAG" tag
+require "$ARCH" arch
+
+sudo docker build \
+    --pull \
+    --build-arg TAG=$TAG \
+    --build-arg REPO_ARCH=$ARCH \
+    -t $REPO:$ARCH-$TAG \
+    -f Dockerfile \
+    .
--- a/docker/prod/deploy.sh
+++ b/docker/prod/deploy.sh
@ -1,7 +1,5 @@
 #!/usr/bin/env bash

-TAG=$1
-
 function require() {
    if [ "$1" = "" ]; then
        echo "input '$2' required"
@ -11,51 +9,79 @@ function require() {
 }

 function print_help() {
-    echo "build.sh"
+    echo "deploy.sh"
    echo ""
    echo "Usage:"
-    echo "      build.sh [tag]"
+    echo "	deploy.sh [tag] [branch] [push]"
    echo ""
    echo "Args:"
-    echo "      tag: The git tag to create and publish"
+    echo "	tag: The git tag to be applied to the repository and docker build"
+    echo "	branch: The git branch to use for tagging and publishing"
+    echo "	push: Whether or not to push the image"
+    echo ""
+    echo "Examples:"
+    echo "	./deploy.sh v0.3.0-alpha.13 main true"
+    echo "	./deploy.sh v0.3.0-alpha.13-shell-out asonix/shell-out false"
 }

 function build_image() {
-    repo=$1
-    tag=$2
-    arch=$3
+    tag=$1
+    arch=$2
+    push=$3

-    sudo docker build \
-        --pull \
-        --build-arg TAG="${tag}" \
-        -f "Dockerfile.${arch}" \
-        -t "${repo}:${tag}-${arch}" \
-        -t "${repo}:latest-${arch}" \
-        .
+    ./build-image.sh asonix/relay $tag $arch

-    sudo docker push "${repo}:${tag}-${arch}"
-    sudo docker push "${repo}:latest-${arch}"
+    sudo docker tag asonix/relay:$arch-$tag asonix/relay:$arch-latest
+
+    if [ "$push" == "true" ]; then
+        sudo docker push asonix/relay:$arch-$tag
+        sudo docker push asonix/relay:$arch-latest
+    fi
 }

-require "$TAG" "tag"
+# Creating the new tag
+new_tag="$1"
+branch="$2"
+push=$3

-if ! sudo docker run --rm -it arm64v8/ubuntu:19.10 /bin/bash -c 'echo "docker is configured correctly"'; then
-    echo "docker is not configured to run on qemu-emulated architectures"
+require "$new_tag" "tag"
+require "$branch" "branch"
+require "$push" "push"
+
+if ! sudo docker run --rm -it arm64v8/alpine:3.11 /bin/sh -c 'echo "docker is configured correctly"'
+then
+    echo "docker is not configured to run on qemu-emulated architectures, fixing will require sudo"
    sudo docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
 fi

 set -xe

-git checkout main
-git commit -m "Version $TAG" || true
-git tag $TAG
+git checkout $branch

-git push origin $TAG
+# Changing the docker-compose prod
+sed -i "s/asonix\/relay:.*/asonix\/relay:$new_tag/" docker-compose.yml
+git add ../prod/docker-compose.yml
+# The commit
+git commit -m"Version $new_tag"
+git tag $new_tag
+
+# Push
+git push origin $new_tag
 git push

-build_image "asonix/relay" "$TAG" "arm64v8"
-build_image "asonix/relay" "$TAG" "arm32v7"
-build_image "asonix/relay" "$TAG" "amd64"
+# Build for arm64v8, arm32v7 and amd64
+build_image $new_tag arm64v8 $push
+build_image $new_tag arm32v7 $push
+build_image $new_tag amd64 $push

-./manifest.sh "asonix/relay" "$TAG"
-./manifest.sh "asonix/relay" "latest"
+# Build for other archs
+# TODO
+
+if [ "$push" == "true" ]; then
+    ./manifest.sh relay $new_tag
+    ./manifest.sh relay latest
+
+    # pushd ../../
+    # cargo publish
+    # popd
+fi
--- a/docker/prod/docker-compose.yml
+++ b/docker/prod/docker-compose.yml
@ -0,0 +1,19 @@
+version: '3.3'
+
+services:
+  relay:
+    image: asonix/relay:v0.3.0
+    ports:
+      - "8079:8079"
+    restart: always
+    environment:
+      - HOSTNAME=relay.my.tld
+      - ADDR=0.0.0.0
+      - PORT=8080
+      - DEBUG=false
+      - RESTRICTED_MODE=false
+      - VALIDATE_SIGNATURES=true
+      - HTTPS=true
+      - DATABASE_URL=postgres://pg_user:pg_pass@pg_host:pg_port/pg_database
+      - PRETTY_LOG=false
+      - PUBLISH_BLOCKS=true
--- a/docker/prod/manifest.sh
+++ b/docker/prod/manifest.sh
@ -11,33 +11,33 @@ function print_help() {
    echo "deploy.sh"
    echo ""
    echo "Usage:"
-    echo "	manifest.sh [tag]"
+    echo "	manifest.sh [repo] [tag]"
    echo ""
    echo "Args:"
-    echo "	repo: The docker repository to push the manifest to"
+    echo "	repo: The docker repository to update"
    echo "	tag: The git tag to be applied to the image manifest"
 }

-repo=$1
-tag=$2
+REPO=$1
+TAG=$2

-require "$repo" "repo"
-require "$tag" "tag"
+require "$REPO" "repo"
+require "$TAG" "tag"

 set -xe

-docker manifest create $repo:$tag \
-    -a $repo:$tag-arm64v8 \
-    -a $repo:$tag-arm32v7 \
-    -a $repo:$tag-amd64
+sudo docker manifest create asonix/$REPO:$TAG \
+    -a asonix/$REPO:arm64v8-$TAG \
+    -a asonix/$REPO:arm32v7-$TAG \
+    -a asonix/$REPO:amd64-$TAG

-docker manifest annotate $repo:$tag \
-    $repo:$tag-arm64v8 --os linux --arch arm64 --variant v8
+sudo docker manifest annotate asonix/$REPO:$TAG \
+    asonix/$REPO:arm64v8-$TAG --os linux --arch arm64 --variant v8

-docker manifest annotate $repo:$tag \
-    $repo:$tag-arm32v7 --os linux --arch arm --variant v7
+sudo docker manifest annotate asonix/$REPO:$TAG \
+    asonix/$REPO:arm32v7-$TAG --os linux --arch arm --variant v7

-docker manifest annotate $repo:$tag \
-    $repo:$tag-amd64 --os linux --arch amd64
+sudo docker manifest annotate asonix/$REPO:$TAG \
+    asonix/$REPO:amd64-$TAG --os linux --arch amd64

-docker manifest push $repo:$tag --purge
+sudo docker manifest push asonix/$REPO:$TAG --purge