Skip to content

Commit

Permalink
dev: container work
Browse files Browse the repository at this point in the history
overhaul dockerfile
update container workflow
  • Loading branch information
da2ce7 committed Aug 25, 2023
1 parent f399ae4 commit a75a96a
Show file tree
Hide file tree
Showing 5 changed files with 209 additions and 111 deletions.
40 changes: 40 additions & 0 deletions .github/workflows/container.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Container (Docker)

on:
push:
pull_request:

env:
CARGO_TERM_COLOR: always

jobs:
test:
name: Test
runs-on: ubuntu-latest

steps:
- id: checkout
name: Checkout Repository
uses: actions/checkout@v3

- id: setup
name: Setup Toolchain
uses: docker/setup-buildx-action@v2

- id: build
name: Build
uses: docker/build-push-action@v4
with:
push: false
load: true
tags: torrust-tracker:local
cache-from: type=gha
cache-to: type=gha,mode=max

- id: inspect
name: Inspect
run: docker image inspect torrust-tracker:local

- id: compose
name: Compose
run: docker compose build
26 changes: 0 additions & 26 deletions .github/workflows/test_docker.yml

This file was deleted.

224 changes: 145 additions & 79 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,80 +1,146 @@
FROM clux/muslrust:stable AS chef
WORKDIR /app
RUN cargo install cargo-chef


FROM chef AS planner
WORKDIR /app
COPY . .
RUN cargo chef prepare --recipe-path recipe.json


FROM chef as development
WORKDIR /app
ARG UID=1000
ARG RUN_AS_USER=appuser
ARG TRACKER_UDP_PORT=6969
ARG TRACKER_HTTP_PORT=7070
ARG TRACKER_API_PORT=1212
# Add the app user for development
ENV USER=appuser
ENV UID=$UID
RUN adduser --uid "${UID}" "${USER}"
# Build dependencies
COPY --from=planner /app/recipe.json recipe.json
RUN cargo chef cook --recipe-path recipe.json
# Build the application
COPY . .
RUN cargo build --bin torrust-tracker
USER $RUN_AS_USER:$RUN_AS_USER
EXPOSE $TRACKER_UDP_PORT/udp
EXPOSE $TRACKER_HTTP_PORT/tcp
EXPOSE $TRACKER_API_PORT/tcp
CMD ["cargo", "run"]


FROM chef AS builder
WORKDIR /app
ARG UID=1000
# Add the app user for production
ENV USER=appuser
ENV UID=$UID
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
"${USER}"
# Build dependencies
COPY --from=planner /app/recipe.json recipe.json
RUN cargo chef cook --release --target x86_64-unknown-linux-musl --recipe-path recipe.json
# Build the application
COPY . .
RUN cargo build --release --target x86_64-unknown-linux-musl --bin torrust-tracker
# Strip the binary
# More info: https://github.com/LukeMathWalker/cargo-chef/issues/149
RUN strip /app/target/x86_64-unknown-linux-musl/release/torrust-tracker


FROM alpine:latest
WORKDIR /app
ARG RUN_AS_USER=appuser
ARG TRACKER_UDP_PORT=6969
ARG TRACKER_HTTP_PORT=7070
ARG TRACKER_API_PORT=1212
RUN apk --no-cache add ca-certificates
# syntax=docker/dockerfile:latest

# Torrust Tracker

## Builder Image
FROM rust:latest as chef
WORKDIR /tmp
RUN curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
RUN cargo binstall --no-confirm cargo-chef cargo-nextest


## Tester Image
FROM rust:slim as tester
WORKDIR /tmp
### (fixme) https://github.com/cargo-bins/cargo-binstall/issues/1252
RUN apt-get update; apt-get install -y curl; apt-get autoclean
RUN curl -L --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | bash
RUN cargo binstall --no-confirm cargo-nextest


## Chef Prepare (look at project and see wat we need)
FROM chef AS recipe
WORKDIR /build/src
COPY . /build/src
RUN cargo chef prepare --recipe-path /build/recipe.json


## Cook (debug)
FROM chef AS dependencies_debug
WORKDIR /build/src
COPY --from=recipe /build/recipe.json /build/recipe.json
RUN cargo chef cook --tests --benches --examples --workspace --all-targets --all-features --recipe-path /build/recipe.json
RUN cargo nextest archive --tests --benches --examples --workspace --all-targets --all-features --archive-file /build/temp.tar.zst ; rm /build/temp.tar.zst

## Cook (release)
FROM chef AS dependencies
WORKDIR /build/src
COPY --from=recipe /build/recipe.json /build/recipe.json
RUN cargo chef cook --tests --benches --examples --workspace --all-targets --all-features --recipe-path /build/recipe.json --release
RUN cargo nextest archive --tests --benches --examples --workspace --all-targets --all-features --archive-file /build/temp.tar.zst --release ; rm /build/temp.tar.zst


## Build Archive (debug)
FROM dependencies_debug AS build_debug
WORKDIR /build/src
COPY . /build/src
RUN cargo nextest archive --tests --benches --examples --workspace --all-targets --all-features --archive-file /build/torrust-tracker-debug.tar.zst

## Build Archive (release)
FROM dependencies AS build
WORKDIR /build/src
COPY . /build/src
RUN cargo nextest archive --tests --benches --examples --workspace --all-targets --all-features --archive-file /build/torrust-tracker.tar.zst --release


# Extract and Test (debug)
FROM tester as test_debug
WORKDIR /test
COPY . /test/src
COPY --from=build_debug \
/build/torrust-tracker-debug.tar.zst \
/test/torrust-tracker-debug.tar.zst
RUN mkdir -p /test/test
RUN cargo nextest run --workspace-remap /test/src/ --extract-to /test/src/ --no-run --archive-file /test/torrust-tracker-debug.tar.zst
RUN cargo nextest run --workspace-remap /test/src/ --target-dir-remap /test/src/target/ --cargo-metadata /test/src/target/nextest/cargo-metadata.json --binaries-metadata /test/src/target/nextest/binaries-metadata.json

RUN mkdir -p /app/bin/; cp -l /test/src/target/debug/torrust-tracker /app/bin/torrust-tracker
RUN mkdir /app/lib/; cp -l $(realpath $(ldd /app/bin/torrust-tracker | grep "libz\.so\.1" | awk '{print $3}')) /app/lib/libz.so.1

RUN chown -R root:root /app
RUN chmod -R u=rw,go=r,a+X /app
RUN chmod -R a+x /app/bin

# Extract and Test (release)
FROM tester as test
WORKDIR /test
COPY . /test/src
COPY --from=build \
/build/torrust-tracker.tar.zst \
/test/torrust-tracker.tar.zst
RUN cargo nextest run --workspace-remap /test/src/ --extract-to /test/src/ --no-run --archive-file /test/torrust-tracker.tar.zst
RUN cargo nextest run --workspace-remap /test/src/ --target-dir-remap /test/src/target/ --cargo-metadata /test/src/target/nextest/cargo-metadata.json --binaries-metadata /test/src/target/nextest/binaries-metadata.json

RUN mkdir -p /app/bin/; cp -l /test/src/target/release/torrust-tracker /app/bin/torrust-tracker
RUN mkdir /app/lib/; cp -l $(realpath $(ldd /app/bin/torrust-tracker | grep "libz\.so\.1" | awk '{print $3}')) /app/lib/libz.so.1

RUN chown -R root:root /app
RUN chmod -R u=rw,go=r,a+X /app
RUN chmod -R a+x /app/bin


## Torrust-Tracker (debug)
FROM gcr.io/distroless/cc:debug as tracker_debug

RUN ["/busybox/cp", "-sp", "/busybox/sh", "/bin/sh"]
ENV ENV=/etc/profile

ARG USER_ID=1000
ARG USER_NAME=appuser
ARG UDP_PORT=6969
ARG HTTP_PORT=7070
ARG API_PORT=1212

ENV USER_ID=${USER_ID}
ENV USER_NAME=${USER_NAME}
ENV UDP_PORT=${UDP_PORT}
ENV HTTP_PORT=${HTTP_PORT}
ENV API_PORT=${API_PORT}
ENV TZ=Etc/UTC

EXPOSE ${UDP_PORT}/udp
EXPOSE ${HTTP_PORT}/tcp
EXPOSE ${API_PORT}/tcp

COPY --from=test_debug /app/ /usr/

RUN printf "\n in debug mode \n \n run 'exec /usr/bin/torrust-tracker' (debug build) to start tracker \n \n" > /etc/motd
RUN echo '[ ! -z "$TERM" -a -r /etc/motd ] && cat /etc/motd' >> /etc/profile

WORKDIR /home/${USER_NAME}
RUN adduser --disabled-password --uid "${USER_ID}" "${USER_NAME}"
USER "${USER_NAME}":"${USER_NAME}"

RUN env

## Torrust-Tracker (release) (default)
FROM gcr.io/distroless/cc:nonroot as tracker
COPY --from=gcr.io/distroless/cc:debug /busybox/wget /usr/bin/wget
COPY --from=test /app/ /usr/

ARG UDP_PORT=6969
ARG HTTP_PORT=7070
ARG API_PORT=1212

ENV UDP_PORT=${UDP_PORT}
ENV HTTP_PORT=${HTTP_PORT}
ENV API_PORT=${API_PORT}
ENV TZ=Etc/UTC
ENV RUN_AS_USER=$RUN_AS_USER
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /etc/group /etc/group
COPY --from=builder --chown=$RUN_AS_USER \
/app/target/x86_64-unknown-linux-musl/release/torrust-tracker \
/app/torrust-tracker
RUN chown -R $RUN_AS_USER:$RUN_AS_USER /app
USER $RUN_AS_USER:$RUN_AS_USER
EXPOSE $TRACKER_UDP_PORT/udp
EXPOSE $TRACKER_HTTP_PORT/tcp
EXPOSE $TRACKER_API_PORT/tcp
ENTRYPOINT ["/app/torrust-tracker"]

EXPOSE ${UDP_PORT}/udp
EXPOSE ${HTTP_PORT}/tcp
EXPOSE ${API_PORT}/tcp

# HEALTHCHECK ["/usr/bin/wget", "--no-verbose", "--tries=1", "--spider", "localhost:${API_PORT}/version"]

CMD ["/usr/bin/torrust-tracker"]
14 changes: 14 additions & 0 deletions cSpell.json
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
{
"words": [
"adduser",
"alekitto",
"appuser",
"Arvid",
"autoclean",
"AUTOINCREMENT",
"automock",
"Avicora",
Expand All @@ -12,6 +14,7 @@
"bencoded",
"beps",
"binascii",
"binstall",
"Bitflu",
"bools",
"bufs",
Expand All @@ -26,11 +29,13 @@
"codegen",
"completei",
"connectionless",
"distroless",
"dockerhub",
"downloadedi",
"dtolnay",
"filesd",
"Freebox",
"gecos",
"Grcov",
"hasher",
"hexlify",
Expand All @@ -49,6 +54,7 @@
"leechers",
"libsqlite",
"libtorrent",
"libz",
"Lphant",
"metainfo",
"middlewares",
Expand All @@ -59,14 +65,18 @@
"nanos",
"nextest",
"nocapture",
"nologin",
"nonroot",
"Norberg",
"numwant",
"oneshot",
"ostr",
"Pando",
"proot",
"proto",
"Quickstart",
"Rasterbar",
"realpath",
"reannounce",
"repr",
"reqwest",
Expand All @@ -88,6 +98,7 @@
"Swiftbit",
"taiki",
"thiserror",
"tlsv",
"Torrentstorm",
"torrust",
"torrustracker",
Expand All @@ -106,5 +117,8 @@
"Xunlei",
"xxxxxxxxxxxxxxxxxxxxd",
"yyyyyyyyyyyyyyyyyyyyd"
],
"enableFiletypes": [
"dockerfile"
]
}
Loading

0 comments on commit a75a96a

Please sign in to comment.