* Moving to debian-based docker image. Fixes #3972 * Fix cargo.toml format. * Try nightly rust for cargo_fmt. * Trying to fix cargo build. * Trying to fix cargo build 2. * Trying to fix federation tests. * Trying to fix federation tests 2. * Trying to fix federation tests 3. * Try to fix aarch 1. * Try to fix aarch 2. * Try to fix aarch 3. * Removing aarch * Adding tests back in. * Adding ca-certs, and debian non-root user * Commenting arm image building. * Fix platform on runner. * Version 0.19.0-beta.6
This commit is contained in:
parent
3a1be8c041
commit
645bf21d54
3 changed files with 91 additions and 103 deletions
|
@ -2,7 +2,7 @@
|
||||||
# See https://github.com/woodpecker-ci/woodpecker/issues/1677
|
# See https://github.com/woodpecker-ci/woodpecker/issues/1677
|
||||||
|
|
||||||
variables:
|
variables:
|
||||||
- &muslrust_image "clux/muslrust:1.70.0"
|
- &rust_image "rust:1.72.1"
|
||||||
- &slow_check_paths
|
- &slow_check_paths
|
||||||
- path:
|
- path:
|
||||||
# rust source code
|
# rust source code
|
||||||
|
@ -57,15 +57,13 @@ steps:
|
||||||
|
|
||||||
cargo_fmt:
|
cargo_fmt:
|
||||||
group: format
|
group: format
|
||||||
image: *muslrust_image
|
image: rustlang/rust:nightly
|
||||||
environment:
|
environment:
|
||||||
# store cargo data in repo folder so that it gets cached between steps
|
# store cargo data in repo folder so that it gets cached between steps
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
# need make existing toolchain available
|
# need make existing toolchain available
|
||||||
- cp -n ~/.cargo . -r
|
- cargo +nightly fmt -- --check
|
||||||
- rustup toolchain install nightly-2023-07-10 --no-self-update --profile minimal --component rustfmt
|
|
||||||
- cargo +nightly-2023-07-10 fmt -- --check
|
|
||||||
|
|
||||||
restore-cache:
|
restore-cache:
|
||||||
image: meltwater/drone-cache:v1
|
image: meltwater/drone-cache:v1
|
||||||
|
@ -93,7 +91,7 @@ steps:
|
||||||
|
|
||||||
# make sure api builds with default features (used by other crates relying on lemmy api)
|
# make sure api builds with default features (used by other crates relying on lemmy api)
|
||||||
check_api_common_default_features:
|
check_api_common_default_features:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
|
@ -101,7 +99,7 @@ steps:
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
lemmy_api_common_doesnt_depend_on_diesel:
|
lemmy_api_common_doesnt_depend_on_diesel:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
|
@ -109,7 +107,7 @@ steps:
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
lemmy_api_common_works_with_wasm:
|
lemmy_api_common_works_with_wasm:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
|
@ -118,7 +116,7 @@ steps:
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
check_defaults_hjson_updated:
|
check_defaults_hjson_updated:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
|
@ -149,7 +147,7 @@ steps:
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
cargo_clippy:
|
cargo_clippy:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
|
@ -173,17 +171,17 @@ steps:
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
cargo_build:
|
cargo_build:
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
CARGO_HOME: .cargo
|
CARGO_HOME: .cargo
|
||||||
commands:
|
commands:
|
||||||
- cargo build
|
- cargo build
|
||||||
- mv target/x86_64-unknown-linux-musl/debug/lemmy_server target/lemmy_server
|
- mv target/debug/lemmy_server target/lemmy_server
|
||||||
when: *slow_check_paths
|
when: *slow_check_paths
|
||||||
|
|
||||||
cargo_test:
|
cargo_test:
|
||||||
group: tests
|
group: tests
|
||||||
image: *muslrust_image
|
image: *rust_image
|
||||||
environment:
|
environment:
|
||||||
LEMMY_DATABASE_URL: postgres://lemmy:password@database:5432/lemmy
|
LEMMY_DATABASE_URL: postgres://lemmy:password@database:5432/lemmy
|
||||||
RUST_BACKTRACE: "1"
|
RUST_BACKTRACE: "1"
|
||||||
|
@ -195,12 +193,12 @@ steps:
|
||||||
|
|
||||||
run_federation_tests:
|
run_federation_tests:
|
||||||
group: tests
|
group: tests
|
||||||
image: node:alpine
|
image: node:20-bookworm-slim
|
||||||
environment:
|
environment:
|
||||||
LEMMY_DATABASE_URL: postgres://lemmy:password@database:5432
|
LEMMY_DATABASE_URL: postgres://lemmy:password@database:5432
|
||||||
DO_WRITE_HOSTS_FILE: "1"
|
DO_WRITE_HOSTS_FILE: "1"
|
||||||
commands:
|
commands:
|
||||||
- apk add bash curl postgresql-client
|
- apt update && apt install -y bash curl postgresql-client
|
||||||
- bash api_tests/prepare-drone-federation-test.sh
|
- bash api_tests/prepare-drone-federation-test.sh
|
||||||
- cd api_tests/
|
- cd api_tests/
|
||||||
- yarn
|
- yarn
|
||||||
|
@ -239,7 +237,9 @@ steps:
|
||||||
settings:
|
settings:
|
||||||
repo: dessalines/lemmy
|
repo: dessalines/lemmy
|
||||||
dockerfile: docker/Dockerfile
|
dockerfile: docker/Dockerfile
|
||||||
platforms: linux/amd64,linux/arm64
|
# TODO fix arm build: see: https://woodpecker.join-lemmy.org/repos/129/pipeline/2888/20
|
||||||
|
# platforms: linux/amd64,linux/arm64
|
||||||
|
platforms: linux/amd64
|
||||||
build_args:
|
build_args:
|
||||||
- RUST_RELEASE_MODE=release
|
- RUST_RELEASE_MODE=release
|
||||||
tag: ${CI_COMMIT_TAG}
|
tag: ${CI_COMMIT_TAG}
|
||||||
|
|
|
@ -23,6 +23,8 @@ doctest = false
|
||||||
[profile.release]
|
[profile.release]
|
||||||
debug = 0
|
debug = 0
|
||||||
lto = "thin"
|
lto = "thin"
|
||||||
|
strip = true # Automatically strip symbols from the binary.
|
||||||
|
opt-level = "z" # Optimize for size.
|
||||||
|
|
||||||
# This profile significantly speeds up build time. If debug info is needed you can comment the line
|
# This profile significantly speeds up build time. If debug info is needed you can comment the line
|
||||||
# out temporarily, but make sure to leave this in the main branch.
|
# out temporarily, but make sure to leave this in the main branch.
|
||||||
|
|
|
@ -1,54 +1,13 @@
|
||||||
#
|
ARG RUST_VERSION=1.72.1
|
||||||
# Docker multiarch image:
|
|
||||||
# We build the Lemmy binary for amd64 and arm64 in individual stages using the blackdex/rust-musl image (github.com/blackdex/rust-musl).
|
|
||||||
# This image uses musl-cross-make (github.com/richfelker/musl-cross-make) to build a musl cross compilation toolchain for the target
|
|
||||||
# architecture. It also includes pre-built static libraries such as libpq. These libraries can improve the compile time and eliminate
|
|
||||||
# the requirement for extra dependencies in the final image.
|
|
||||||
#
|
|
||||||
# During each build stage, we use the blackdex/rust-musl openssl 3 images and configure PQ_LIB_DIR=/usr/local/musl/pq15/lib to use
|
|
||||||
# libpq v15. We also ensure the installation of the Rust toolchain corresponding to the target architecture using:
|
|
||||||
# `rustup target add $TARGET-unknown-linux-musl`.
|
|
||||||
#
|
|
||||||
|
|
||||||
ARG RUST_VERSION=1.71.0
|
|
||||||
ARG ALPINE_VERSION=3.18
|
|
||||||
ARG CARGO_BUILD_FEATURES=default
|
ARG CARGO_BUILD_FEATURES=default
|
||||||
ARG RUST_RELEASE_MODE=debug
|
ARG RUST_RELEASE_MODE=debug
|
||||||
ARG UID=911
|
ARG AMD_BUILDER_IMAGE=rust:${RUST_VERSION}
|
||||||
ARG GID=911
|
ARG ARM_BUILDER_IMAGE=blackdex/rust-musl:aarch64-musl-stable-${RUST_VERSION}-openssl3
|
||||||
|
ARG AMD_RUNNER_IMAGE=debian:bookworm-slim
|
||||||
# AMD64 builder base
|
ARG ARM_RUNNER_IMAGE=alpine:3.18
|
||||||
FROM --platform=${BUILDPLATFORM} blackdex/rust-musl:x86_64-musl-stable-${RUST_VERSION}-openssl3 AS base-amd64
|
|
||||||
|
|
||||||
ENV DEBIAN_FRONTEND=noninteractive
|
|
||||||
ENV CARGO_HOME=/root/.cargo
|
|
||||||
ENV PQ_LIB_DIR=/usr/local/musl/pq15/lib
|
|
||||||
|
|
||||||
RUN apt update && apt install -y \
|
|
||||||
--no-install-recommends \
|
|
||||||
git
|
|
||||||
|
|
||||||
RUN mkdir -pv "${CARGO_HOME}" && \
|
|
||||||
rustup set profile minimal && \
|
|
||||||
rustup target add x86_64-unknown-linux-musl
|
|
||||||
|
|
||||||
# ARM64 builder base
|
|
||||||
FROM --platform=${BUILDPLATFORM} blackdex/rust-musl:aarch64-musl-stable-${RUST_VERSION}-openssl3 AS base-arm64
|
|
||||||
|
|
||||||
ENV DEBIAN_FRONTEND=noninteractive
|
|
||||||
ENV CARGO_HOME=/root/.cargo
|
|
||||||
ENV PQ_LIB_DIR=/usr/local/musl/pq15/lib
|
|
||||||
|
|
||||||
RUN apt update && apt install -y \
|
|
||||||
--no-install-recommends \
|
|
||||||
git
|
|
||||||
|
|
||||||
RUN mkdir -pv "${CARGO_HOME}" && \
|
|
||||||
rustup set profile minimal && \
|
|
||||||
rustup target add aarch64-unknown-linux-musl
|
|
||||||
|
|
||||||
# AMD64 builder
|
# AMD64 builder
|
||||||
FROM base-amd64 AS build-amd64
|
FROM --platform=${BUILDPLATFORM} ${AMD_BUILDER_IMAGE} AS build-amd64
|
||||||
|
|
||||||
ARG CARGO_BUILD_FEATURES
|
ARG CARGO_BUILD_FEATURES
|
||||||
ARG RUST_RELEASE_MODE
|
ARG RUST_RELEASE_MODE
|
||||||
|
@ -61,65 +20,92 @@ COPY . ./
|
||||||
RUN --mount=type=cache,target=/lemmy/target set -ex; \
|
RUN --mount=type=cache,target=/lemmy/target set -ex; \
|
||||||
if [ "${RUST_RELEASE_MODE}" = "debug" ]; then \
|
if [ "${RUST_RELEASE_MODE}" = "debug" ]; then \
|
||||||
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
||||||
cargo build --target=x86_64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}"; \
|
cargo build --features "${CARGO_BUILD_FEATURES}"; \
|
||||||
mv target/x86_64-unknown-linux-musl/debug/lemmy_server ./lemmy; \
|
mv target/debug/lemmy_server ./lemmy; \
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Release build
|
# Release build
|
||||||
RUN set -ex; \
|
RUN set -ex; \
|
||||||
if [ "${RUST_RELEASE_MODE}" = "release" ]; then \
|
if [ "${RUST_RELEASE_MODE}" = "release" ]; then \
|
||||||
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
||||||
cargo build --target=x86_64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}" --release; \
|
cargo build --features "${CARGO_BUILD_FEATURES}" --release; \
|
||||||
mv target/x86_64-unknown-linux-musl/release/lemmy_server ./lemmy; \
|
mv target/release/lemmy_server ./lemmy; \
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# ARM64 builder
|
# ARM64 builder
|
||||||
FROM base-arm64 AS build-arm64
|
# TODO currently broken
|
||||||
|
# FROM --platform=${BUILDPLATFORM} ${ARM_BUILDER_IMAGE} as build-arm64
|
||||||
|
|
||||||
ARG CARGO_BUILD_FEATURES
|
# ENV DEBIAN_FRONTEND=noninteractive
|
||||||
ARG RUST_RELEASE_MODE
|
# ENV CARGO_HOME=/root/.cargo
|
||||||
|
# ENV PQ_LIB_DIR=/usr/local/musl/pq15/lib
|
||||||
|
|
||||||
WORKDIR /lemmy
|
# RUN apt update && apt install -y \
|
||||||
|
# --no-install-recommends \
|
||||||
|
# git
|
||||||
|
|
||||||
COPY . ./
|
# RUN mkdir -pv "${CARGO_HOME}" && \
|
||||||
|
# rustup set profile minimal && \
|
||||||
|
# rustup target add aarch64-unknown-linux-musl
|
||||||
|
|
||||||
# Debug build
|
# ARG CARGO_BUILD_FEATURES
|
||||||
RUN --mount=type=cache,target=/lemmy/target set -ex; \
|
# ARG RUST_RELEASE_MODE
|
||||||
if [ "${RUST_RELEASE_MODE}" = "debug" ]; then \
|
|
||||||
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
|
||||||
cargo build --target=aarch64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}"; \
|
|
||||||
mv target/aarch64-unknown-linux-musl/debug/lemmy_server ./lemmy; \
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Release build
|
# WORKDIR /lemmy
|
||||||
RUN set -ex; \
|
|
||||||
if [ "${RUST_RELEASE_MODE}" = "release" ]; then \
|
|
||||||
echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
|
||||||
cargo build --target=aarch64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}" --release; \
|
|
||||||
mv target/aarch64-unknown-linux-musl/release/lemmy_server ./lemmy; \
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Get target binary
|
# COPY . ./
|
||||||
FROM build-${TARGETARCH} AS build
|
|
||||||
|
# # Debug build
|
||||||
|
# RUN --mount=type=cache,target=/lemmy/target set -ex; \
|
||||||
|
# if [ "${RUST_RELEASE_MODE}" = "debug" ]; then \
|
||||||
|
# echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
||||||
|
# cargo build --target=aarch64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}"; \
|
||||||
|
# mv target/aarch64-unknown-linux-musl/debug/lemmy_server ./lemmy; \
|
||||||
|
# fi
|
||||||
|
|
||||||
|
# # Release build
|
||||||
|
# RUN set -ex; \
|
||||||
|
# if [ "${RUST_RELEASE_MODE}" = "release" ]; then \
|
||||||
|
# echo "pub const VERSION: &str = \"$(git describe --tag)\";" > crates/utils/src/version.rs; \
|
||||||
|
# cargo build --target=aarch64-unknown-linux-musl --features "${CARGO_BUILD_FEATURES}" --release; \
|
||||||
|
# mv target/aarch64-unknown-linux-musl/release/lemmy_server ./lemmy; \
|
||||||
|
# fi
|
||||||
|
|
||||||
## Final image
|
## Final image
|
||||||
FROM alpine:${ALPINE_VERSION}
|
FROM ${AMD_RUNNER_IMAGE}
|
||||||
|
|
||||||
ARG UID
|
# Federation needs CA certificates
|
||||||
ARG GID
|
RUN apt update && apt install -y libssl-dev libpq-dev ca-certificates
|
||||||
|
|
||||||
RUN apk add --no-cache \
|
# Debian / Ubuntu non-root user creds
|
||||||
ca-certificates
|
ARG UNAME=lemmy
|
||||||
|
ARG UID=1000
|
||||||
COPY --from=build --chmod=0755 /lemmy/lemmy /usr/local/bin
|
ARG GID=1000
|
||||||
|
RUN groupadd -g $GID -o $UNAME
|
||||||
RUN addgroup -S -g ${GID} lemmy && \
|
RUN useradd -m -u $UID -g $GID -o -s /bin/bash $UNAME
|
||||||
adduser -S -H -D -G lemmy -u ${UID} -g "" -s /sbin/nologin lemmy
|
USER $UNAME
|
||||||
|
|
||||||
USER lemmy
|
|
||||||
|
|
||||||
CMD ["lemmy"]
|
|
||||||
|
|
||||||
|
COPY --from=build-amd64 /lemmy/lemmy ./
|
||||||
|
CMD ["./lemmy"]
|
||||||
EXPOSE 8536
|
EXPOSE 8536
|
||||||
|
STOPSIGNAL SIGTERM
|
||||||
|
|
||||||
|
## Arm Runner
|
||||||
|
# FROM --platform=${BUILDPLATFORM} ${ARM_RUNNER_IMAGE}
|
||||||
|
|
||||||
|
# ARG UNAME=lemmy
|
||||||
|
# ARG UID=1000
|
||||||
|
# ARG GID=1000
|
||||||
|
|
||||||
|
# RUN apk add --no-cache ca-certificates
|
||||||
|
|
||||||
|
# COPY --from=build-arm64 --chmod=0755 /lemmy/lemmy /usr/local/bin
|
||||||
|
|
||||||
|
# RUN addgroup -S -g ${GID} ${UNAME} && \
|
||||||
|
# adduser -S -H -D -G ${UNAME} -u ${UID} -g "" -s /sbin/nologin ${UNAME}
|
||||||
|
# USER $UNAME
|
||||||
|
|
||||||
|
# CMD ["lemmy"]
|
||||||
|
# EXPOSE 8536
|
||||||
|
# STOPSIGNAL SIGTERM
|
||||||
|
|
||||||
STOPSIGNAL SIGTERM
|
|
Loading…
Reference in a new issue