chore: add alpine based docker images (#39)

.github/workflows/cron.yml

@@ -6,9 +6,16 @@ on:
     # rebuild latest regulary - to resolve CVEs in base images
     - cron: "0 10 * * *"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   build:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        flavor: ['debian', 'alpine']
     steps:
       - uses: actions/checkout@v4
         with:
@@ -31,14 +38,23 @@ jobs:
           # list of Docker images to use as base name for tags
           images: |
             ghcr.io/${{ github.repository }}
+          # add flavor to set latest to false and add those with raw values instead
+          flavor: |
+            latest=false
+            prefix=
+            suffix=
           # generate Docker tags based on the following events/attributes
           tags: |
             type=schedule
-            type=raw,value=latest,enable={{is_default_branch}}
-            type=semver,pattern={{version}},value=${{ steps.checkout.outputs.tag }}
-            type=semver,pattern={{major}}.{{minor}},value=${{ steps.checkout.outputs.tag }}
-            type=semver,pattern={{major}},value=${{ steps.checkout.outputs.tag }}
-    
+            type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.flavor == 'debian'}}
+            type=raw,value=latest-${{matrix.flavor}},enable=${{github.ref == 'refs/heads/main'}}
+            type=semver,pattern={{version}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{major}}.{{minor}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{major}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{version}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
+            type=semver,pattern={{major}}.{{minor}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
+            type=semver,pattern={{major}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
 
@@ -58,7 +74,7 @@ jobs:
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
-          file: Containerfile
-          platforms: linux/amd64,linux/arm64/v8,linux/arm/v7
+          file: Containerfile.${{ matrix.flavor }}
+          platforms: linux/amd64,linux/arm64/v8${{ matrix.platform == 'debian' && ',linux/arm/v7' || '' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}

.github/workflows/release.yml

@@ -6,9 +6,16 @@ on:
     tags:
       - "[0-9]+.[0-9]+.[0-9]+"
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
 jobs:
   build:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        flavor: ['debian', 'alpine']
     steps:
       - uses: actions/checkout@v4
         with:
@@ -23,13 +30,22 @@ jobs:
           # list of Docker images to use as base name for tags
           images: |
             ghcr.io/${{ github.repository }}
+          # add flavor to set latest to false and add those with raw values instead
+          flavor: |
+            latest=false
+            prefix=
+            suffix=
           # generate Docker tags based on the following events/attributes
           tags: |
             type=schedule
-            type=raw,value=latest,enable={{is_default_branch}}
-            type=semver,pattern={{version}},value=${{ steps.checkout.outputs.tag }}
-            type=semver,pattern={{major}}.{{minor}},value=${{ steps.checkout.outputs.tag }}
-            type=semver,pattern={{major}},value=${{ steps.checkout.outputs.tag }}
+            type=raw,value=latest,enable=${{github.ref == 'refs/heads/main' && matrix.flavor == 'debian'}}
+            type=raw,value=latest-${{matrix.flavor}},enable=${{github.ref == 'refs/heads/main'}}
+            type=semver,pattern={{version}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{major}}.{{minor}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{major}},value=${{ steps.checkout.outputs.tag }},enable=${{matrix.flavor == 'debian'}}
+            type=semver,pattern={{version}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
+            type=semver,pattern={{major}}.{{minor}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
+            type=semver,pattern={{major}}-${{matrix.flavor}},value=${{ steps.checkout.outputs.tag }}
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -62,15 +78,16 @@ jobs:
         with:
           context: .
           push: true
-          file: Containerfile
-          platforms: linux/amd64,linux/arm64/v8,linux/arm/v7
+          file: Containerfile.${{ matrix.flavor }}
+          platforms: linux/amd64,linux/arm64/v8${{ matrix.platform == 'debian' && ',linux/arm/v7' || '' }}
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           outputs: |
             type=local,dest=out
             type=docker
 
       - name: Copy artifacts
+        if: ${{ matrix.flavor == 'debian' }}
         run: |
           for k in $(ls out/); do
             ARCH=$(basename $k)
@@ -81,7 +98,8 @@ jobs:
           done
 
       - name: Archive artifact
-        uses: actions/upload-artifact@v2
+        if: ${{ matrix.flavor == 'debian' }}
+        uses: actions/upload-artifact@v4
         with:
           name: artifacts
           path: |

Containerfile.alpine

@@ -0,0 +1,28 @@
+FROM rust:alpine AS builder
+WORKDIR app
+
+RUN apk add --no-cache musl-dev openssl-dev openssl-libs-static sqlite-dev sqlite-static
+
+# First build dependencies, this should cache a dependency layer which
+# only needs to be refreshed when Cargo.(lock|toml) is updated
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked
+RUN rm ./src/main.rs && rmdir ./src
+
+COPY . .
+RUN cargo build --release --locked --bin mollysocket
+
+
+FROM alpine:3 AS runtime
+WORKDIR app
+
+ENV MOLLY_HOST=127.0.0.1
+ENV MOLLY_PORT=8020
+
+RUN apk add --no-cache ca-certificates 
+
+COPY --from=builder /app/target/release/mollysocket /usr/local/bin/
+HEALTHCHECK --interval=1m --timeout=3s \
+    CMD wget -q --tries=1 "http://$MOLLY_HOST:$MOLLY_PORT/" -O - | grep '"mollysocket":{"version":'
+ENTRYPOINT ["/usr/local/bin/mollysocket"]

Containerfile.debian

@@ -0,0 +1,28 @@
+FROM docker.io/rust:bookworm AS builder
+WORKDIR app
+
+# First build dependencies, this should cache a dependency layer which
+# only needs to be refreshed when Cargo.(lock|toml) is updated
+COPY Cargo.lock Cargo.toml ./
+RUN mkdir src && echo "fn main() { panic!(\"why am i running?\") }" > src/main.rs
+RUN cargo build --release --locked
+RUN rm ./src/main.rs && rmdir ./src
+
+COPY . .
+RUN cargo build --release --locked --bin mollysocket
+
+
+FROM docker.io/debian:bookworm-slim AS runtime
+WORKDIR app
+
+ENV MOLLY_HOST=127.0.0.1
+ENV MOLLY_PORT=8020
+
+RUN apt update && \
+    apt install -y wget libssl3 libsqlite3-0 ca-certificates && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /app/target/release/mollysocket /usr/local/bin/
+HEALTHCHECK --interval=1m --timeout=3s \
+    CMD wget -q --tries=1 "http://$MOLLY_HOST:$MOLLY_PORT/" -O - | grep '"mollysocket":{"version":'
+ENTRYPOINT ["/usr/local/bin/mollysocket"]