diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 4bf7948..b84c45c 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -19,7 +19,6 @@ jobs: permissions: contents: read packages: write - # steps: - name: Checkout repository uses: actions/checkout@v4 @@ -30,19 +29,13 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. - # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. - # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. - - name: Build and push Docker image - uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + - name: Build containers + shell: bash + run: | + set -ex + docker compose build + - name: Push containers + shell: bash + run: | + set -ex + docker compose push diff --git a/Dockerfile b/Dockerfile index cdd93be..6b2ccf7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,105 @@ # syntax=docker/dockerfile:1-labs -FROM busybox as unpack-cosmos -ADD --checksum=sha256:ce256ededf106748a09f13bf47ace9ef0e6f115d963353d3d63c21302c5f28f4 https://github.com/jart/cosmopolitan/releases/download/3.0.1/cosmos-3.0.1.zip /dl/ +FROM busybox as busybox + +# define a starting point "scratch" image that can run APEs +FROM scratch as cosmos-scratch +COPY --from=busybox /bin/uname /usr/bin/ +ADD --chmod=0755 --checksum=sha256:349f3f511c4eb70c4db52e2fb99a41d9b208c83c3ec682c057ebaf1fe5f9857b https://cosmo.zip/pub/cosmos/bin/assimilate-x86_64.elf /usr/bin/ +ADD --chmod=0755 --checksum=sha256:7b6f27e3997be53afc70717e0d7dea35eea799987224380bccc176b494996d0f https://cosmo.zip/pub/cosmos/bin/dash /bin/sh +RUN ["/usr/bin/assimilate-x86_64.elf", "-c", "/bin/sh"] +ADD --checksum=sha256:abf3b1bb7182935bf48d98dc143c51ee563d29a1fd2c3930ff5a8d8c8d823817 --chmod=0755 https://justine.lol/ape.elf /usr/bin/ape +ENV PATH=/bin:/usr/bin + +# download and unpack all the cosmos binaries +FROM cosmos-scratch as unpack-cosmos +ADD --chmod=0755 --checksum=sha256:48e33306662ff052b21bb84e4b03779d94127727758cfc43d1551ea05d44ee3d https://cosmo.zip/pub/cosmos/bin/unzip /usr/bin/ +RUN ["/usr/bin/assimilate-x86_64.elf", "-c", "/usr/bin/unzip"] +ADD --checksum=sha256:241dc90f3e92b22c9e08cfb5f6df2e920da258e3c461d9677f267ab7a6dff2fd https://cosmo.zip/pub/cosmos/zip/cosmos.zip /dl/ + +# list of binaries that must be assimilated and manifest for /bin as described in https://justine.lol/cosmos.txt (as of 2023-11-29) WORKDIR /opt/cosmos -RUN ["/bin/unzip", "/dl/cosmos-3.0.1.zip"] -RUN ["/bin/cp", "bin/dash", "bin/sh"] +RUN unzip /dl/cosmos.zip +WORKDIR /opt/cosmos/bin +RUN /usr/bin/assimilate-x86_64.elf -c dd \ + && /usr/bin/assimilate-x86_64.elf -c cp \ + && /usr/bin/assimilate-x86_64.elf -c mv \ + && /usr/bin/assimilate-x86_64.elf -c echo \ + && /usr/bin/assimilate-x86_64.elf -c uname \ + && /usr/bin/assimilate-x86_64.elf -c mkdir \ + && /usr/bin/assimilate-x86_64.elf -c chmod \ + && /usr/bin/assimilate-x86_64.elf -c gzip \ + && /usr/bin/assimilate-x86_64.elf -c printf \ + # assimilate these so the build works on github actions... + && /usr/bin/assimilate-x86_64.elf -c rmdir \ + && /usr/bin/assimilate-x86_64.elf -c ln \ + && /usr/bin/assimilate-x86_64.elf -c tar \ + && /usr/bin/assimilate-x86_64.elf -c unzip +RUN ./mv '[' bash cat chgrp chmod chown cksum cp date df echo false grep kill ln ls mkdir mknod mktemp mv nice printenv pwd rm rmdir sed sleep stat sync touch true uname /bin/ \ + && /bin/mv * /usr/bin/ +WORKDIR / +RUN rmdir /opt/cosmos/bin /opt/cosmos + +ENTRYPOINT ["/bin/sh", "-c", "exec \"$@\"", "sh"] +CMD ["/bin/bash"] -FROM busybox as unpack-cosmo -ADD --checksum=sha256:2872d2f06ef5fd13a206d3ba7a9ef29eb9bd8ebfe9600a35d5c55a88ffd112df https://github.com/jart/cosmopolitan/releases/download/3.0.1/cosmopolitan-3.0.1.tar.gz /dl/ -ADD --checksum=sha256:e222b38b53b999e3310a2e172a75992a28b1594af5c1e954c913fc54405c1135 https://github.com/jart/cosmopolitan/releases/download/3.0.1/cosmocc-0.0.16.zip /dl/ +# download and unpack the cosmo source code +FROM cosmos-scratch as unpack-cosmo +ADD --checksum=sha256:8d1058afcd6f32f5e7edb708c0a3014d544a4b17d35449be71fbfdd2a1eb39ba https://github.com/jart/cosmopolitan/releases/download/3.1.1/cosmopolitan-3.1.1.tar.gz /dl/ WORKDIR /opt/cosmo -RUN ["/bin/tar", "-xf", "/dl/cosmopolitan-3.0.1.tar.gz", "--strip-components=1"] -RUN ["/bin/unzip", "/dl/cosmocc-0.0.16.zip"] -WORKDIR /usr/bin -RUN ["/bin/ln", "-s", "/opt/cosmo/bin/cosmocc", "cc"] -RUN ["/bin/ln", "-s", "/opt/cosmo/bin/cosmocc", "gcc"] +COPY --from=unpack-cosmos /usr/bin/tar /usr/bin/gzip /usr/bin/ +RUN /usr/bin/tar --strip-components=1 -xf /dl/cosmopolitan-3.1.1.tar.gz -FROM busybox as busybox +# download and unpack the cosmocc toolchain +FROM cosmos-scratch as unpack-cosmocc +ADD --checksum=sha256:fa982741f52a2199194b9f06229729eb1eb220d065b0a65cca6dec3b36a9c7df https://github.com/jart/cosmopolitan/releases/download/3.1.1/cosmocc-3.1.1.zip /dl/ +WORKDIR /opt/cosmocc +COPY --from=unpack-cosmos /usr/bin/unzip /usr/bin/ +RUN /usr/bin/unzip /dl/cosmocc-3.1.1.zip -# Create the final image from scratch -FROM scratch -# We need sh and uname for cosmos at runtime. -COPY --from=busybox /bin/uname /bin/ -ADD --checksum=sha256:e67d07bb3010cad678c02fbc787c360340060467ebb39d681b58389df40fc904 --chmod=0755 https://justine.lol/dash /bin/sh -ADD --checksum=sha256:2789991dd41483961a753040ffc083c0c5ff24b84c09a02892e5c584a3f8effa --chmod=0755 https://justine.lol/ape.elf /usr/bin/ape +# an image that suppoers a single APE +FROM cosmos-scratch as ape +# can be /usr/bin/python /usr/bin/qjs /usr/bin/sqlite3 /usr/bin/lua +ARG COSMOS_EXE=/usr/bin/python +LABEL org.opencontainers.image.source https://github.com/ajbouh/cosmos +COPY --from=unpack-cosmos ${COSMOS_EXE} ${COSMOS_EXE} +ENV PATH=/bin:/usr/bin +ENV COSMOS_EXE="${COSMOS_EXE}" +ENTRYPOINT ["/bin/sh", "-c", "exec \"$@\"", "sh"] +CMD "${COSMOS_EXE}" +# define the final image in as few layers as possible +FROM cosmos-scratch as cosmos +LABEL org.opencontainers.image.source https://github.com/ajbouh/cosmos +COPY --from=unpack-cosmos /bin /bin +COPY --from=unpack-cosmos /usr/bin /usr/bin COPY --from=unpack-cosmo /opt/cosmo /opt/cosmo -COPY --from=unpack-cosmo /usr/bin/cc /usr/bin/gcc /usr/bin/ -COPY --from=unpack-cosmos /opt/cosmos /opt/cosmos +COPY --from=unpack-cosmocc /opt/cosmocc /opt/cosmocc +ENV PATH=/bin:/usr/bin:/opt/cosmocc/bin +RUN /bin/ln -s /opt/cosmocc/bin/cosmocc /usr/bin/cc \ + && /bin/ln -s /opt/cosmocc/bin/cosmocc /usr/bin/gcc +ENTRYPOINT ["/bin/sh", "-c", "exec \"$@\"", "sh"] +CMD ["/bin/bash"] -ENV PATH=/bin:/usr/bin:/opt/cosmo/bin:/opt/cosmos/bin -# RUN ["/opt/cosmo/bin/cosmocc", "--update"] +# FROM cosmos-scratch as python-pip-cli +# ARG COSMOS_EXE=/usr/bin/python +# ARG COSMOS_PIP_INSTALL="huggingface_hub[cli]" +# ARG COSMOS_PIP_BINSTUB="huggingface-cli" +# LABEL org.opencontainers.image.source https://github.com/ajbouh/cosmos +# COPY --from=unpack-cosmos ${COSMOS_EXE} ${COSMOS_EXE} +# ENV PATH=/bin:/usr/bin +# ENV COSMOS_EXE="${COSMOS_EXE}" +# ENV COSMOS_PIP_BINSTUB="${COSMOS_PIP_BINSTUB}" +# RUN python -m pip install --user --no-cache-dir ${COSMOS_PIP_INSTALL} +# ENTRYPOINT ["/bin/sh", "-c", "exec \"$@\"", "sh"] +# CMD "${COSMOS_EXE}" "/.local/bin/${COSMOS_PIP_BINSTUB}" -ENTRYPOINT ["/bin/sh", "-c"] -CMD ["/opt/cosmos/bin/bash"] -LABEL org.opencontainers.image.source https://github.com/ajbouh/cosmos +# COPY --from=unpack-cosmos /bin/ /bin/ +# COPY --from=unpack-cosmos /usr/bin/ /usr/bin/ +# CMD /bin/bash + +# FROM cosmos-scratch as mistral-7b-instruct-v0.1-Q4_K_M-main +# LABEL org.opencontainers.image.source https://github.com/ajbouh/cosmos +# COPY --chmod=0755 mistral-7b-instruct-v0.1-Q4_K_M-main.llamafile /usr/bin/mistral-7b-instruct-v0.1-Q4_K_M-main.llamafile +# ENV PATH=/bin:/usr/bin +# ENTRYPOINT ["/bin/sh", "-c", "exec \"$@\"", "sh", "/usr/bin/mistral-7b-instruct-v0.1-Q4_K_M-main.llamafile"] diff --git a/README.md b/README.md index e5e806b..13e531e 100644 --- a/README.md +++ b/README.md @@ -4,4 +4,8 @@ To build and start a shell for this container, you can use the docker command: ``` docker compose run --build --rm -it cosmos +docker compose run --build --rm -it python +docker compose run --build --rm -it lua +docker compose run --build --rm -it sqlite3 +docker compose run --build --rm -it qjs ``` diff --git a/docker-compose.yml b/docker-compose.yml index 5064463..3c9fec0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,35 @@ version: "3.0" services: cosmos: + image: ghcr.io/ajbouh/cosmos:3.1.1 build: dockerfile: Dockerfile + target: cosmos + python: + image: ghcr.io/ajbouh/cosmos:python-cosmo-3.1.1 + build: + dockerfile: Dockerfile + target: ape + args: + COSMOS_EXE: /usr/bin/python + lua: + image: ghcr.io/ajbouh/cosmos:lua-cosmo-3.1.1 + build: + dockerfile: Dockerfile + target: ape + args: + COSMOS_EXE: /usr/bin/lua + sqlite3: + image: ghcr.io/ajbouh/cosmos:sqlite3-cosmo-3.1.1 + build: + dockerfile: Dockerfile + target: ape + args: + COSMOS_EXE: /usr/bin/sqlite3 + qjs: + image: ghcr.io/ajbouh/cosmos:qjs-cosmo-3.1.1 + build: + dockerfile: Dockerfile + target: ape + args: + COSMOS_EXE: /usr/bin/qjs