mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
Build using musl
This commit is contained in:
parent
c108921dcf
commit
b9c823e01a
31
.github/workflows/Dockerfile.ci.alpine
vendored
31
.github/workflows/Dockerfile.ci.alpine
vendored
@ -56,8 +56,35 @@ WORKDIR /app
|
|||||||
ENV UID=1000
|
ENV UID=1000
|
||||||
ENV GID=1000
|
ENV GID=1000
|
||||||
ENV USER=lldap
|
ENV USER=lldap
|
||||||
RUN echo http://mirror.math.princeton.edu/pub/alpinelinux/edge/testing/ >> /etc/apk/repositories && \
|
ENV GOSU_VERSION 1.14
|
||||||
apk add --no-cache tini ca-certificates bash gosu && \
|
# Fetch gosu from git
|
||||||
|
RUN set -eux; \
|
||||||
|
\
|
||||||
|
apk add --no-cache --virtual .gosu-deps \
|
||||||
|
ca-certificates \
|
||||||
|
dpkg \
|
||||||
|
gnupg \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
|
||||||
|
wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
|
||||||
|
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
|
||||||
|
\
|
||||||
|
# verify the signature
|
||||||
|
export GNUPGHOME="$(mktemp -d)"; \
|
||||||
|
gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
|
||||||
|
gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
|
||||||
|
command -v gpgconf && gpgconf --kill all || :; \
|
||||||
|
rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
|
||||||
|
\
|
||||||
|
# clean up fetch dependencies
|
||||||
|
apk del --no-network .gosu-deps; \
|
||||||
|
\
|
||||||
|
chmod +x /usr/local/bin/gosu; \
|
||||||
|
# verify that the binary works
|
||||||
|
gosu --version; \
|
||||||
|
gosu nobody true
|
||||||
|
RUN apk add --no-cache tini ca-certificates bash && \
|
||||||
addgroup -g $GID $USER && \
|
addgroup -g $GID $USER && \
|
||||||
adduser \
|
adduser \
|
||||||
--disabled-password \
|
--disabled-password \
|
||||||
|
69
.github/workflows/Dockerfile.ci.debian
vendored
Normal file
69
.github/workflows/Dockerfile.ci.debian
vendored
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
FROM debian:bullseye AS lldap
|
||||||
|
ARG DEBIAN_FRONTEND=noninteractive
|
||||||
|
ARG TARGETPLATFORM
|
||||||
|
RUN apt update && apt install -y wget
|
||||||
|
WORKDIR /dim
|
||||||
|
COPY bin/ bin/
|
||||||
|
COPY web/ web/
|
||||||
|
|
||||||
|
RUN mkdir -p target/
|
||||||
|
RUN mkdir -p /lldap/app
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ]; then \
|
||||||
|
mv bin/amd64-bin/lldap target/lldap && \
|
||||||
|
mv bin/amd64-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \
|
||||||
|
mv bin/aarch64-bin/lldap target/lldap && \
|
||||||
|
mv bin/aarch64-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/arm/v7" ]; then \
|
||||||
|
mv bin/armhf-bin/lldap target/lldap && \
|
||||||
|
mv bin/armhf-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
# Web and App dir
|
||||||
|
COPY docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
COPY lldap_config.docker_template.toml /lldap/
|
||||||
|
RUN cp target/lldap /lldap/ && \
|
||||||
|
cp target/migration-tool /lldap/ && \
|
||||||
|
cp -R web/index.html \
|
||||||
|
web/pkg \
|
||||||
|
web/static \
|
||||||
|
/lldap/app/
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& for file in $(cat /lldap/app/static/libraries.txt); do wget -P app/static "$file"; done \
|
||||||
|
&& for file in $(cat /lldap/app/static/fonts/fonts.txt); do wget -P app/static/fonts "$file"; done \
|
||||||
|
&& chmod a+r -R .
|
||||||
|
|
||||||
|
FROM debian:bullseye-slim
|
||||||
|
ENV UID=1000
|
||||||
|
ENV GID=1000
|
||||||
|
ENV USER=lldap
|
||||||
|
RUN apt update && \
|
||||||
|
apt install -y --no-install-recommends tini openssl ca-certificates gosu && \
|
||||||
|
apt clean && \
|
||||||
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
|
groupadd -g $GID $USER && useradd --system -m -g $USER --uid $UID $USER && \
|
||||||
|
mkdir -p /data && chown $USER:$USER /data
|
||||||
|
COPY --from=lldap --chown=$USER:$USER /lldap /app
|
||||||
|
COPY --from=lldap --chown=$USER:$USER /docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
VOLUME ["/data"]
|
||||||
|
WORKDIR /app
|
||||||
|
ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"]
|
||||||
|
CMD ["run", "--config-file", "/data/lldap_config.toml"]
|
93
.github/workflows/docker-build-static.yml
vendored
93
.github/workflows/docker-build-static.yml
vendored
@ -56,10 +56,11 @@ jobs:
|
|||||||
build-ui:
|
build-ui:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container:
|
||||||
image: rust:1.61
|
image: rust:1.62
|
||||||
env:
|
env:
|
||||||
CARGO_TERM_COLOR: always
|
CARGO_TERM_COLOR: always
|
||||||
RUSTFLAGS: -Ctarget-feature=-crt-static
|
RUSTFLAGS: -Ctarget-feature=+crt-static
|
||||||
|
#CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo
|
||||||
steps:
|
steps:
|
||||||
- name: install runtime
|
- name: install runtime
|
||||||
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev
|
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev
|
||||||
@ -82,11 +83,10 @@ jobs:
|
|||||||
lldap-ui-
|
lldap-ui-
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v2
|
||||||
# Prevent install error on existing cached
|
- name: install rollup nodejs and wasm-pack
|
||||||
- name: install cargo wasm
|
run: |
|
||||||
run: cargo install wasm-pack || true
|
npm install -g rollup
|
||||||
- name: install rollup nodejs
|
npm install -g wasm-pack
|
||||||
run: npm install -g rollup
|
|
||||||
- name: build frontend
|
- name: build frontend
|
||||||
run: ./app/build.sh
|
run: ./app/build.sh
|
||||||
- name: check path
|
- name: check path
|
||||||
@ -100,11 +100,11 @@ jobs:
|
|||||||
build-armhf:
|
build-armhf:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container:
|
||||||
image: rust:1.61
|
image: rust:1.62
|
||||||
env:
|
env:
|
||||||
CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc
|
CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc
|
||||||
CARGO_TERM_COLOR: always
|
CARGO_TERM_COLOR: always
|
||||||
RUSTFLAGS: -Ctarget-feature=+crt-static
|
RUSTFLAGS: -Ctarget-feature=-crt-static
|
||||||
CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo
|
CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo
|
||||||
steps:
|
steps:
|
||||||
- name: add armhf architecture
|
- name: add armhf architecture
|
||||||
@ -159,13 +159,9 @@ jobs:
|
|||||||
- name: add arm64 architecture
|
- name: add arm64 architecture
|
||||||
run: dpkg --add-architecture arm64
|
run: dpkg --add-architecture arm64
|
||||||
- name: install runtime
|
- name: install runtime
|
||||||
run: apt update && apt install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libc6-arm64-cross libc6-dev-arm64-cross tar
|
run: apt update && apt install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libc6-arm64-cross libc6-dev-arm64-cross tar wget
|
||||||
- name: smoke test
|
|
||||||
run: rustc --version
|
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v2
|
||||||
- name: add arm64 target
|
|
||||||
run: rustup target add aarch64-unknown-linux-gnu
|
|
||||||
- name: smoke test
|
- name: smoke test
|
||||||
run: rustc --version
|
run: rustc --version
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
@ -181,34 +177,32 @@ jobs:
|
|||||||
key: lldap-bin-aarch64-${{ hashFiles('**/Cargo.lock') }}
|
key: lldap-bin-aarch64-${{ hashFiles('**/Cargo.lock') }}
|
||||||
restore-keys: |
|
restore-keys: |
|
||||||
lldap-bin-aarch64-
|
lldap-bin-aarch64-
|
||||||
- name: compile aarch64
|
- name: build
|
||||||
run: cargo build --target=aarch64-unknown-linux-gnu --release -p lldap -p migration-tool
|
run: ./build-arm64.sh
|
||||||
- name: check path
|
- name: check path
|
||||||
run: ls -al target/aarch64-unknown-linux-gnu/release/
|
run: ls -al target/aarch64-unknown-linux-musl/release/
|
||||||
- name: upload aarch64 lldap artifacts
|
- name: upload aarch64 lldap artifacts
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: aarch64-lldap-bin
|
name: aarch64-lldap-bin
|
||||||
path: target/aarch64-unknown-linux-gnu/release/lldap
|
path: target/aarch64-unknown-linux-musl/release/lldap
|
||||||
- name: upload aarch64 migration-tool artifacts
|
- name: upload aarch64 migration-tool artifacts
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: aarch64-migration-tool-bin
|
name: aarch64-migration-tool-bin
|
||||||
path: target/aarch64-unknown-linux-gnu/release/migration-tool
|
path: target/aarch64-unknown-linux-musl/release/migration-tool
|
||||||
|
|
||||||
build-amd64:
|
build-amd64:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container:
|
||||||
image: rust:1.61
|
image: rust:1.62
|
||||||
env:
|
env:
|
||||||
CARGO_TERM_COLOR: always
|
CARGO_TERM_COLOR: always
|
||||||
RUSTFLAGS: -Ctarget-feature=+crt-static
|
RUSTFLAGS: -Ctarget-feature=+crt-static
|
||||||
CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo
|
CARGO_HOME: ${GITHUB_WORKSPACE}/.cargo
|
||||||
steps:
|
steps:
|
||||||
- name: install runtime
|
- name: install runtime
|
||||||
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev tar
|
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev tar wget musl-tools
|
||||||
- name: smoke test
|
|
||||||
run: rustc --version
|
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v2
|
||||||
- uses: actions/cache@v3
|
- uses: actions/cache@v3
|
||||||
@ -222,20 +216,20 @@ jobs:
|
|||||||
key: lldap-bin-amd64-${{ hashFiles('**/Cargo.lock') }}
|
key: lldap-bin-amd64-${{ hashFiles('**/Cargo.lock') }}
|
||||||
restore-keys: |
|
restore-keys: |
|
||||||
lldap-bin-amd64-
|
lldap-bin-amd64-
|
||||||
- name: compile amd64
|
- name: build
|
||||||
run: cargo build --target=x86_64-unknown-linux-gnu --release -p lldap -p migration-tool
|
run: ./build-amd64.sh
|
||||||
- name: check path
|
- name: check path
|
||||||
run: ls -al target/x86_64-unknown-linux-gnu/release/
|
run: ls -al target/x86_64-unknown-linux-musl/release/
|
||||||
- name: upload amd64 lldap artifacts
|
- name: upload amd64 lldap artifacts
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: amd64-lldap-bin
|
name: amd64-lldap-bin
|
||||||
path: target/x86_64-unknown-linux-gnu/release/lldap
|
path: target/x86_64-unknown-linux-musl/release/lldap
|
||||||
- name: upload amd64 migration-tool artifacts
|
- name: upload amd64 migration-tool artifacts
|
||||||
uses: actions/upload-artifact@v3
|
uses: actions/upload-artifact@v3
|
||||||
with:
|
with:
|
||||||
name: amd64-migration-tool-bin
|
name: amd64-migration-tool-bin
|
||||||
path: target/x86_64-unknown-linux-gnu/release/migration-tool
|
path: target/x86_64-unknown-linux-musl/release/migration-tool
|
||||||
|
|
||||||
|
|
||||||
build-docker-image:
|
build-docker-image:
|
||||||
@ -330,20 +324,51 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||||
|
|
||||||
- name: Build and push latest
|
######################
|
||||||
|
#### latest build ####
|
||||||
|
######################
|
||||||
|
- name: Build and push latest alpine
|
||||||
|
if: github.event_name != 'release'
|
||||||
|
uses: docker/build-push-action@v3
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
push: ${{ github.event_name != 'pull_request' }}
|
||||||
|
platforms: linux/amd64,linux/arm64
|
||||||
|
file: ./.github/workflows/Dockerfile.ci.alpine
|
||||||
|
tags: nitnelave/lldap:latest
|
||||||
|
cache-from: type=local,src=/tmp/.buildx-cache
|
||||||
|
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||||
|
|
||||||
|
- name: Build and push latest debian
|
||||||
if: github.event_name != 'release'
|
if: github.event_name != 'release'
|
||||||
uses: docker/build-push-action@v3
|
uses: docker/build-push-action@v3
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
push: ${{ github.event_name != 'pull_request' }}
|
push: ${{ github.event_name != 'pull_request' }}
|
||||||
platforms: linux/amd64,linux/arm64,linux/arm/v7
|
platforms: linux/amd64,linux/arm64,linux/arm/v7
|
||||||
|
file: ./.github/workflows/Dockerfile.ci.debian
|
||||||
|
tags: nitnelave/lldap:latest-debian
|
||||||
|
cache-from: type=local,src=/tmp/.buildx-cache
|
||||||
|
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||||
|
|
||||||
|
#######################
|
||||||
|
#### release build ####
|
||||||
|
#######################
|
||||||
|
- name: Build and push release alpine
|
||||||
|
if: github.event_name == 'release'
|
||||||
|
uses: docker/build-push-action@v3
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
platforms: linux/amd64,linux/arm64
|
||||||
|
push: true
|
||||||
|
# Tag as latest, stable, semver, major, major.minor and major.minor.patch.
|
||||||
file: ./.github/workflows/Dockerfile.ci.alpine
|
file: ./.github/workflows/Dockerfile.ci.alpine
|
||||||
tags: nitnelave/lldap:latest
|
tags: nitnelave/lldap:stable, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}
|
||||||
cache-from: type=local,src=/tmp/.buildx-cache
|
cache-from: type=local,src=/tmp/.buildx-cache
|
||||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||||
|
|
||||||
- name: Build and push release
|
- name: Build and push release debian
|
||||||
if: github.event_name == 'release'
|
if: github.event_name == 'release'
|
||||||
uses: docker/build-push-action@v3
|
uses: docker/build-push-action@v3
|
||||||
with:
|
with:
|
||||||
@ -351,8 +376,8 @@ jobs:
|
|||||||
platforms: linux/amd64,linux/arm64,linux/arm/v7
|
platforms: linux/amd64,linux/arm64,linux/arm/v7
|
||||||
push: true
|
push: true
|
||||||
# Tag as latest, stable, semver, major, major.minor and major.minor.patch.
|
# Tag as latest, stable, semver, major, major.minor and major.minor.patch.
|
||||||
file: ./.github/workflows/Dockerfile.ci
|
file: ./.github/workflows/Dockerfile.ci.debian
|
||||||
tags: nitnelave/lldap:stable, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}
|
tags: nitnelave/lldap:stable-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}-debian, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}-debian
|
||||||
cache-from: type=local,src=/tmp/.buildx-cache
|
cache-from: type=local,src=/tmp/.buildx-cache
|
||||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||||
|
|
||||||
|
10
build-amd64.sh
Executable file
10
build-amd64.sh
Executable file
@ -0,0 +1,10 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
wget -c https://musl.cc/x86_64-linux-musl-cross.tgz
|
||||||
|
tar zxf ./x86_64-linux-musl-cross.tgz -C /opt
|
||||||
|
rm ./x86_64-linux-musl-cross.tgz
|
||||||
|
export RUST_BACKTRACE=1
|
||||||
|
export CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER=x86_64-linux-musl-gcc
|
||||||
|
export RUSTFLAGS="-Ctarget-feature=+crt-static"
|
||||||
|
export PATH="/opt/x86_64-linux-musl-cross/:/opt/x86_64-linux-musl-cross/bin/:$PATH"
|
||||||
|
rustup target add x86_64-unknown-linux-musl
|
||||||
|
cargo build --target=x86_64-unknown-linux-musl --release -p lldap -p migration-tool
|
11
build-arm64.sh
Executable file
11
build-arm64.sh
Executable file
@ -0,0 +1,11 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
wget -c https://musl.cc/aarch64-linux-musl-cross.tgz
|
||||||
|
tar zxf ./aarch64-linux-musl-cross.tgz -C /opt
|
||||||
|
rm ./aarch64-linux-musl-cross.tgz
|
||||||
|
export RUST_BACKTRACE=1
|
||||||
|
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=aarch64-linux-gnu-gcc
|
||||||
|
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER=aarch64-linux-musl-gcc
|
||||||
|
export RUSTFLAGS="-Ctarget-feature=+crt-static"
|
||||||
|
export PATH="/opt/aarch64-linux-musl-cross/:/opt/aarch64-linux-musl-cross/bin/:$PATH"
|
||||||
|
rustup target add aarch64-unknown-linux-musl
|
||||||
|
cargo build --target=aarch64-unknown-linux-musl --release -p lldap -p migration-tool
|
Loading…
Reference in New Issue
Block a user