mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
docker: Create a multiarch CI/CD pipeline
This commit is contained in:
parent
a512b1844a
commit
e39e141d6c
68
.github/workflows/Dockerfile.ci
vendored
Normal file
68
.github/workflows/Dockerfile.ci
vendored
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
FROM debian:bullseye AS lldap
|
||||||
|
ARG DEBIAN_FRONTEND=noninteractive
|
||||||
|
ARG TARGETPLATFORM
|
||||||
|
RUN apt update && apt install -y wget
|
||||||
|
WORKDIR /dim
|
||||||
|
COPY bin/ bin/
|
||||||
|
COPY web/ web/
|
||||||
|
|
||||||
|
RUN mkdir -p target/
|
||||||
|
RUN mkdir -p /lldap/app
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ]; then \
|
||||||
|
mv bin/amd64-bin/lldap target/lldap && \
|
||||||
|
mv bin/amd64-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ]; then \
|
||||||
|
mv bin/aarch64-bin/lldap target/lldap && \
|
||||||
|
mv bin/aarch64-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
RUN if [ "${TARGETPLATFORM}" = "linux/arm/v7" ]; then \
|
||||||
|
mv bin/armhf-bin/lldap target/lldap && \
|
||||||
|
mv bin/armhf-bin/migration-tool target/migration-tool && \
|
||||||
|
chmod +x target/lldap && \
|
||||||
|
chmod +x target/migration-tool && \
|
||||||
|
ls -la target/ . && \
|
||||||
|
pwd \
|
||||||
|
; fi
|
||||||
|
|
||||||
|
# Web and App dir
|
||||||
|
COPY docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
COPY lldap_config.docker_template.toml /lldap/
|
||||||
|
RUN cp target/lldap /lldap/ && \
|
||||||
|
cp target/migration-tool /lldap/ && \
|
||||||
|
cp -R web/index.html \
|
||||||
|
web/pkg \
|
||||||
|
web/static \
|
||||||
|
/lldap/app/
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& for file in $(cat /lldap/app/static/libraries.txt); do wget -P app/static "$file"; done \
|
||||||
|
&& for file in $(cat /lldap/app/static/fonts/fonts.txt); do wget -P app/static/fonts "$file"; done \
|
||||||
|
&& chmod a+r -R .
|
||||||
|
|
||||||
|
FROM debian:bullseye
|
||||||
|
ENV UID=1000
|
||||||
|
ENV GID=1000
|
||||||
|
ENV USER=lldap
|
||||||
|
RUN apt update && \
|
||||||
|
apt install -y --no-install-recommends tini && \
|
||||||
|
apt clean && \
|
||||||
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
|
groupadd -g $GID $USER && useradd --system -m -g $USER --uid $UID $USER
|
||||||
|
COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /lldap /app
|
||||||
|
COPY --from=lldap --chown=$CONTAINERUSER:$CONTAINERUSER /docker-entrypoint.sh /docker-entrypoint.sh
|
||||||
|
WORKDIR /app
|
||||||
|
USER $CONTAINERUSER
|
||||||
|
ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"]
|
||||||
|
CMD ["run", "--config-file", "/data/lldap_config.toml"]
|
310
.github/workflows/docker-build.yml
vendored
Normal file
310
.github/workflows/docker-build.yml
vendored
Normal file
@ -0,0 +1,310 @@
|
|||||||
|
name: Docker
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- 'main'
|
||||||
|
release:
|
||||||
|
types:
|
||||||
|
- 'published'
|
||||||
|
pull_request:
|
||||||
|
branches:
|
||||||
|
- 'main'
|
||||||
|
workflow_dispatch:
|
||||||
|
inputs:
|
||||||
|
msg:
|
||||||
|
description: "Set message"
|
||||||
|
default: "Manual trigger"
|
||||||
|
|
||||||
|
env:
|
||||||
|
CARGO_TERM_COLOR: always
|
||||||
|
|
||||||
|
# In total 5 jobs, all of the jobs are containerized
|
||||||
|
# ---
|
||||||
|
|
||||||
|
# build-ui , create/compile the web
|
||||||
|
## Use rustlang/rust:nighlty image
|
||||||
|
### Install nodejs from nodesource repo
|
||||||
|
### install wasm
|
||||||
|
### install rollup
|
||||||
|
### run app/build.sh
|
||||||
|
### upload artifacts
|
||||||
|
|
||||||
|
# builds-armhf, build-aarch64, build-amd64 create binary for respective arch
|
||||||
|
## Use rustlang/rust:nightly image
|
||||||
|
### Add non native architecture dpkg --add-architecture XXX
|
||||||
|
### Install dev tool gcc g++, etc per respective arch
|
||||||
|
### Cargo build
|
||||||
|
### Upload artifacts
|
||||||
|
|
||||||
|
## the CARGO_ env
|
||||||
|
#CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc
|
||||||
|
#OPENSSL_INCLUDE_DIR: "/usr/include/openssl/"
|
||||||
|
#OPENSSL_LIB_DIR: "/usr/lib/arm-linux-gnueabihf/"
|
||||||
|
# This will determine which architecture lib will be used.
|
||||||
|
|
||||||
|
# build-ui,builds-armhf, build-aarch64, build-amd64 will upload artifacts will be used next job
|
||||||
|
# build-docker-image job will fetch artifacts and run Dockerfile.ci then push the image.
|
||||||
|
|
||||||
|
# On current https://hub.docker.com/_/rust
|
||||||
|
# 1-bullseye, 1.61-bullseye, 1.61.0-bullseye, bullseye, 1, 1.61, 1.61.0, latest
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build-ui:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: rust:1.61
|
||||||
|
env:
|
||||||
|
CARGO_TERM_COLOR: always
|
||||||
|
RUSTFLAGS: -Ctarget-feature=-crt-static
|
||||||
|
steps:
|
||||||
|
- name: install runtime
|
||||||
|
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev libssl-dev
|
||||||
|
- name: setup node repo LTS
|
||||||
|
run: curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
|
||||||
|
- name: install nodejs
|
||||||
|
run: apt install -y nodejs && npm -g install npm
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: install cargo wasm
|
||||||
|
run: cargo install wasm-pack
|
||||||
|
- name: install rollup nodejs
|
||||||
|
run: npm install -g rollup
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: build frontend
|
||||||
|
run: ./app/build.sh
|
||||||
|
- name: check path
|
||||||
|
run: ls -al app/
|
||||||
|
- name: upload ui artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: ui
|
||||||
|
path: app/
|
||||||
|
|
||||||
|
build-armhf:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: rust:1.61
|
||||||
|
env:
|
||||||
|
CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER: arm-linux-gnueabihf-gcc
|
||||||
|
OPENSSL_INCLUDE_DIR: "/usr/include/openssl/"
|
||||||
|
OPENSSL_LIB_DIR: "/usr/lib/arm-linux-gnueabihf/"
|
||||||
|
CARGO_TERM_COLOR: always
|
||||||
|
RUSTFLAGS: -Ctarget-feature=-crt-static
|
||||||
|
steps:
|
||||||
|
- name: add armhf architecture
|
||||||
|
run: dpkg --add-architecture armhf
|
||||||
|
- name: install runtime
|
||||||
|
run: apt update && apt install -y gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf libc6-armhf-cross libc6-dev-armhf-cross libssl-dev:armhf
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: add armhf target
|
||||||
|
run: rustup target add armv7-unknown-linux-gnueabihf
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: compile armhf
|
||||||
|
run: cargo build --target=armv7-unknown-linux-gnueabihf --release -p lldap -p migration-tool
|
||||||
|
- name: check path
|
||||||
|
run: ls -al target/release
|
||||||
|
- name: upload armhf artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: armhf-lldap-bin
|
||||||
|
path: target/armv7-unknown-linux-gnueabihf/release/lldap
|
||||||
|
- name: upload armhf artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: armhf-migration-tool-bin
|
||||||
|
path: target/armv7-unknown-linux-gnueabihf/release/migration-tool
|
||||||
|
|
||||||
|
|
||||||
|
build-aarch64:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: rust:1.61
|
||||||
|
env:
|
||||||
|
CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-gcc
|
||||||
|
OPENSSL_INCLUDE_DIR: "/usr/include/openssl/"
|
||||||
|
OPENSSL_LIB_DIR: "/usr/lib/aarch64-linux-gnu/"
|
||||||
|
CARGO_TERM_COLOR: always
|
||||||
|
RUSTFLAGS: -Ctarget-feature=-crt-static
|
||||||
|
steps:
|
||||||
|
- name: add arm64 architecture
|
||||||
|
run: dpkg --add-architecture arm64
|
||||||
|
- name: install runtime
|
||||||
|
run: apt update && apt install -y gcc-aarch64-linux-gnu g++-aarch64-linux-gnu libc6-arm64-cross libc6-dev-arm64-cross libssl-dev:arm64
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: add arm64 target
|
||||||
|
run: rustup target add aarch64-unknown-linux-gnu
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: compile aarch64
|
||||||
|
run: cargo build --target=aarch64-unknown-linux-gnu --release -p lldap -p migration-tool
|
||||||
|
- name: check path
|
||||||
|
run: ls -al target/aarch64-unknown-linux-gnu/release/
|
||||||
|
- name: upload aarch64 artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: aarch64-lldap-bin
|
||||||
|
path: target/aarch64-unknown-linux-gnu/release/lldap
|
||||||
|
- name: upload aarch64 artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: aarch64-migration-tool-bin
|
||||||
|
path: target/aarch64-unknown-linux-gnu/release/migration-tool
|
||||||
|
|
||||||
|
build-amd64:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: rust:1.61
|
||||||
|
env:
|
||||||
|
CARGO_TERM_COLOR: always
|
||||||
|
RUSTFLAGS: -Ctarget-feature=-crt-static
|
||||||
|
steps:
|
||||||
|
- name: install runtime
|
||||||
|
run: apt update && apt install -y gcc-x86-64-linux-gnu g++-x86-64-linux-gnu libc6-dev libssl-dev
|
||||||
|
- name: set default nightly
|
||||||
|
run: rustup default nightly
|
||||||
|
- name: smoke test
|
||||||
|
run: rustc --version
|
||||||
|
- name: Checkout repository
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: compile amd64
|
||||||
|
run: cargo build --target=x86_64-unknown-linux-gnu --release -p lldap -p migration-tool
|
||||||
|
- name: check path
|
||||||
|
run: ls -al target/x86_64-unknown-linux-gnu/release/
|
||||||
|
- name: upload amd64 lldap artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: amd64-lldap-bin
|
||||||
|
path: target/x86_64-unknown-linux-gnu/release/lldap
|
||||||
|
- name: upload amd64 migration-tool artifacts
|
||||||
|
uses: actions/upload-artifact@v3
|
||||||
|
with:
|
||||||
|
name: amd64-migration-tool-bin
|
||||||
|
path: target/x86_64-unknown-linux-gnu/release/migration-tool
|
||||||
|
|
||||||
|
|
||||||
|
build-docker-image:
|
||||||
|
needs: [build-ui,build-armhf,build-aarch64,build-amd64]
|
||||||
|
name: Build Docker image
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
packages: write
|
||||||
|
steps:
|
||||||
|
- name: fetch repo
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Download armhf lldap artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: armhf-lldap-bin
|
||||||
|
path: bin/armhf-bin
|
||||||
|
- name: Download armhf migration-tool artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: armhf-migration-tool-bin
|
||||||
|
path: bin/armhf-bin
|
||||||
|
|
||||||
|
- name: Download aarch64 lldap artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: aarch64-lldap-bin
|
||||||
|
path: bin/aarch64-bin
|
||||||
|
- name: Download aarch64 migration-tool artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: aarch64-migration-tool-bin
|
||||||
|
path: bin/aarch64-bin
|
||||||
|
|
||||||
|
- name: Download amd64 lldap artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: amd64-lldap-bin
|
||||||
|
path: bin/amd64-bin
|
||||||
|
- name: Download amd64 migration-tool artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: amd64-migration-tool-bin
|
||||||
|
path: bin/amd64-bin
|
||||||
|
|
||||||
|
- name: check bin path
|
||||||
|
run: ls -al bin/
|
||||||
|
|
||||||
|
- name: Download llap ui artifacts
|
||||||
|
uses: actions/download-artifact@v3
|
||||||
|
with:
|
||||||
|
name: ui
|
||||||
|
path: web
|
||||||
|
|
||||||
|
- name: setup qemu
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- uses: docker/setup-buildx-action@v2
|
||||||
|
|
||||||
|
- name: Docker meta
|
||||||
|
id: meta
|
||||||
|
uses: docker/metadata-action@v4
|
||||||
|
with:
|
||||||
|
# list of Docker images to use as base name for tags
|
||||||
|
images: |
|
||||||
|
nitnelave/lldap
|
||||||
|
# generate Docker tags based on the following events/attributes
|
||||||
|
tags: |
|
||||||
|
type=ref,event=branch
|
||||||
|
type=ref,event=pr
|
||||||
|
type=semver,pattern={{version}}
|
||||||
|
type=semver,pattern={{major}}.{{minor}}
|
||||||
|
type=semver,pattern={{major}}
|
||||||
|
type=sha
|
||||||
|
|
||||||
|
- name: parse tag
|
||||||
|
uses: gacts/github-slug@v1
|
||||||
|
id: slug
|
||||||
|
|
||||||
|
- name: Login to Docker Hub
|
||||||
|
if: github.event_name != 'pull_request'
|
||||||
|
uses: docker/login-action@v1
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||||
|
|
||||||
|
- name: Build and push
|
||||||
|
if: github.event_name == 'release'
|
||||||
|
uses: docker/build-push-action@v3
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
push: true
|
||||||
|
platforms: linux/amd64,linux/arm64,linux/arm/v7
|
||||||
|
# Tag as latest, stable, semver, major, major.minor and major.minor.patch.
|
||||||
|
tags: nitnelave/lldap:latest, nitnelave/lldap:stable, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}
|
||||||
|
cache-from: type=gha
|
||||||
|
cache-to: type=gha,mode=max
|
||||||
|
|
||||||
|
|
||||||
|
- name: Update repo description
|
||||||
|
if: github.event_name != 'pull_request'
|
||||||
|
uses: peter-evans/dockerhub-description@v3
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
|
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
||||||
|
repository: nitnelave/lldap
|
||||||
|
|
84
.github/workflows/docker.yml
vendored
84
.github/workflows/docker.yml
vendored
@ -1,84 +0,0 @@
|
|||||||
name: docker
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- 'main'
|
|
||||||
release:
|
|
||||||
types:
|
|
||||||
- 'published'
|
|
||||||
pull_request:
|
|
||||||
branches:
|
|
||||||
- 'main'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
docker:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
steps:
|
|
||||||
-
|
|
||||||
name: Checkout
|
|
||||||
uses: actions/checkout@v3
|
|
||||||
-
|
|
||||||
name: Docker meta
|
|
||||||
id: meta
|
|
||||||
uses: docker/metadata-action@v4
|
|
||||||
with:
|
|
||||||
# list of Docker images to use as base name for tags
|
|
||||||
images: |
|
|
||||||
nitnelave/lldap
|
|
||||||
# generate Docker tags based on the following events/attributes
|
|
||||||
tags: |
|
|
||||||
type=ref,event=branch
|
|
||||||
type=ref,event=pr
|
|
||||||
type=semver,pattern={{version}}
|
|
||||||
type=semver,pattern={{major}}.{{minor}}
|
|
||||||
type=semver,pattern={{major}}
|
|
||||||
type=sha
|
|
||||||
-
|
|
||||||
name: Set up Docker Buildx
|
|
||||||
uses: docker/setup-buildx-action@v2
|
|
||||||
-
|
|
||||||
name: Login to DockerHub
|
|
||||||
if: github.event_name != 'pull_request'
|
|
||||||
uses: docker/login-action@v2
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
||||||
|
|
||||||
# Parse the tag into semver.
|
|
||||||
- uses: gacts/github-slug@v1
|
|
||||||
id: slug
|
|
||||||
|
|
||||||
-
|
|
||||||
name: Build and push
|
|
||||||
if: github.event_name != 'release'
|
|
||||||
uses: docker/build-push-action@v3
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: ${{ github.event_name != 'pull_request' }}
|
|
||||||
platforms: linux/amd64
|
|
||||||
tags: nitnelave/lldap:latest
|
|
||||||
cache-from: type=gha
|
|
||||||
cache-to: type=gha,mode=max
|
|
||||||
|
|
||||||
-
|
|
||||||
name: Build and push
|
|
||||||
if: github.event_name == 'release'
|
|
||||||
uses: docker/build-push-action@v3
|
|
||||||
with:
|
|
||||||
context: .
|
|
||||||
push: true
|
|
||||||
platforms: linux/amd64
|
|
||||||
# Tag as latest, stable, semver, major, major.minor and major.minor.patch.
|
|
||||||
tags: nitnelave/lldap:latest, nitnelave/lldap:stable, nitnelave/lldap:v${{ steps.slug.outputs.version-semantic }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}, nitnelave/lldap:v${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}.${{ steps.slug.outputs.version-patch }}
|
|
||||||
cache-from: type=gha
|
|
||||||
cache-to: type=gha,mode=max
|
|
||||||
|
|
||||||
-
|
|
||||||
name: Update repo description
|
|
||||||
if: github.event_name != 'pull_request'
|
|
||||||
uses: peter-evans/dockerhub-description@v3
|
|
||||||
with:
|
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
||||||
password: ${{ secrets.DOCKERHUB_PASSWORD }}
|
|
||||||
repository: nitnelave/lldap
|
|
Loading…
Reference in New Issue
Block a user