dash/contrib/containers/deploy/Dockerfile.GitHubActions.Release

FROM ubuntu:jammy
LABEL maintainer="Dash Developers <dev@dash.org>"
LABEL description="Dockerised DashCore"

ARG USER_ID
ARG GROUP_ID
ARG TAG
ARG GITHUB_REPOSITORY

ENV HOME /home/dash

# add user with specified (or default) user/group ids
ENV USER_ID ${USER_ID:-1000}
ENV GROUP_ID ${GROUP_ID:-1000}
RUN groupadd -g ${GROUP_ID} dash && \
    useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash  && \
    mkdir /home/dash/.dashcore && \
    chown ${USER_ID}:${GROUP_ID} -R /home/dash

RUN apt-get update && \
    apt-get -y install --no-install-recommends \
    wget \
    ca-certificates \
    && rm -rf /var/lib/apt/lists/*

RUN echo "https://github.com/${GITHUB_REPOSITORY}/releases/download/v${TAG}/dashcore-${TAG}-$arch.tar.gz"

RUN mach=$(uname -m) \
      && case $mach in aarch64) arch="aarch64-linux-gnu"; ;; x86_64) arch="x86_64-linux-gnu"; ;;  *) echo "ERROR: Machine type $mach not supported."; ;; esac \
      && wget https://github.com/${GITHUB_REPOSITORY}/releases/download/v${TAG}/dashcore-${TAG}-$arch.tar.gz -P /tmp \
      && tar -xvf /tmp/dashcore-*.tar.gz -C /tmp/ \
      && find /tmp/dashcore*/bin -type f ! -name 'dash-qt' -exec cp {} /usr/local/bin \; \
      && rm -rf /tmp/dashcore* \
      && chmod a+x /usr/local/bin/*

RUN apt-get update && \
    apt list --installed && \
    apt-get -y purge \
    wget \
    ca-certificates \
    && apt-get -y autoremove \
    && rm -rf /var/lib/apt/lists/*

USER dash

VOLUME ["/home/dash"]

COPY docker-entrypoint.sh /docker-entrypoint.sh
ENTRYPOINT ["/docker-entrypoint.sh"]

EXPOSE 9998 9999 19998 19999

WORKDIR /home/dash
Merge #6160: feat: add sbom and provenance in release for dockerhub; use jammy; apt remove as possible 9178e8a75f7f8846ef40f8f5af53462269b2d4ac feat: add smob and provenance in release for dockerhub; use jammy; apt remove as possible (pasta) Pull request description: ## Issue being fixed or feature implemented Docker provenance refers to the origin and history of Docker images, including how they were built, modified, and by whom. An SBOM (Software Bill of Materials) is a detailed list of all components in a software application, providing transparency about libraries, dependencies, and versions used, which is crucial for security and compliance. ## What was done? Add SBOM and provenance to docker build; this may allow some level of validation that GitHub actions is actually doing what it says it is. See this for more information https://docs.docker.com/build/ci/github-actions/attestations/ ## How Has This Been Tested? Building with buildx with sbom and provenance flags locally ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ ACKs for top commit: UdjinM6: utACK 9178e8a75f7f8846ef40f8f5af53462269b2d4ac Tree-SHA512: 6e3f35a0b30f002e2d5d80d6dd18ee554a1c15c62c1d4cbe1185f38977f55a199998515cf5bb9a027670f068f3d56ef33faa062d8c4122a886375d00afe6bf2f 2024-08-01 16:15:50 +02:00			`FROM ubuntu:jammy`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`LABEL maintainer="Dash Developers <dev@dash.org>"`
			`LABEL description="Dockerised DashCore"`

			`ARG USER_ID`
			`ARG GROUP_ID`
			`ARG TAG`
fix: pass `GITHUB_REPOSITORY` into `Dockerfile.GitHubActions.Release` (#5724) ## Issue being fixed or feature implemented Should hopefully fix https://github.com/dashpay/dash-dev-branches/actions/runs/6939402277/job/18876687119 #5716 follow-up ## What was done? `$GITHUB_REPOSITORY` is not available inside docker, pass it inside ## How Has This Been Tested? ## Breaking Changes n/a ## Checklist: - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-11-24 18:23:10 +01:00			`ARG GITHUB_REPOSITORY`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
docker: fix gitian support, optimize container layer count and improve script consistency (#4983) * contrib: set the working directory to /src/dash to allow for cloning gitian dependencies * contrib: place the home directory inside /home instead of root * contrib: add notes about sharing ccache across the network * contrib: chown based on the (u/g)id env vars instead of the associated username * contrib: reduce layer count by reducing run invocations * contrib: develop container cleanup and maintenance - add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies - reorder packages in alphabetical order - correct documentation - create and add user to the docker group to satisfy Gitian's needs - reduce the number of RUN calls to reduce layer count 2022-08-22 21:42:36 +02:00			`ENV HOME /home/dash`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`# add user with specified (or default) user/group ids`
			`ENV USER_ID ${USER_ID:-1000}`
			`ENV GROUP_ID ${GROUP_ID:-1000}`
			`RUN groupadd -g ${GROUP_ID} dash && \`
docker: fix gitian support, optimize container layer count and improve script consistency (#4983) * contrib: set the working directory to /src/dash to allow for cloning gitian dependencies * contrib: place the home directory inside /home instead of root * contrib: add notes about sharing ccache across the network * contrib: chown based on the (u/g)id env vars instead of the associated username * contrib: reduce layer count by reducing run invocations * contrib: develop container cleanup and maintenance - add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies - reorder packages in alphabetical order - correct documentation - create and add user to the docker group to satisfy Gitian's needs - reduce the number of RUN calls to reduce layer count 2022-08-22 21:42:36 +02:00			`useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash && \`
			`mkdir /home/dash/.dashcore && \`
			`chown ${USER_ID}:${GROUP_ID} -R /home/dash`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
			`RUN apt-get update && \`
			`apt-get -y install --no-install-recommends \`
			`wget \`
			`ca-certificates \`
			`&& rm -rf /var/lib/apt/lists/*`

fix: use proper GitHub.repository and add an echo for testing (#5757) ## Issue being fixed or feature implemented ## What was done? Add an echo ## How Has This Been Tested? ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [ ] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-12-06 19:24:12 +01:00			`RUN echo "https://github.com/${GITHUB_REPOSITORY}/releases/download/v${TAG}/dashcore-${TAG}-$arch.tar.gz"`

Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`RUN mach=$(uname -m) \`
Drop arm-linux-gnueabihf from releases 2021-12-03 22:51:20 +01:00			`&& case $mach in aarch64) arch="aarch64-linux-gnu"; ;; x86_64) arch="x86_64-linux-gnu"; ;; *) echo "ERROR: Machine type $mach not supported."; ;; esac \`
ci: change Dockerfile.GitHubActions.Release to use local repo and not always dashpay/dash (#5716) ## Issue being fixed or feature implemented In order to provide nightly builds over at dash-dev-branches we need to be able to run this automation with other REPOs ## What was done? Make it repo specific. ## How Has This Been Tested? Hasn't yet ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-11-21 05:15:07 +01:00			`&& wget https://github.com/${GITHUB_REPOSITORY}/releases/download/v${TAG}/dashcore-${TAG}-$arch.tar.gz -P /tmp \`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`&& tar -xvf /tmp/dashcore-*.tar.gz -C /tmp/ \`
chore: do not include dash-qt in the docker images (#5775) ## Issue being fixed or feature implemented Remove dash-qt from docker images; save ~41MB ## What was done? ## How Has This Been Tested? Hasn't ## Breaking Changes I guess in theory someone could've been relying on dash-qt from docker 🤷 ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [ ] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ 2023-12-22 04:59:01 +01:00			`&& find /tmp/dashcore*/bin -type f ! -name 'dash-qt' -exec cp {} /usr/local/bin \; \`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`&& rm -rf /tmp/dashcore* \`
			`&& chmod a+x /usr/local/bin/*`

Merge #6160: feat: add sbom and provenance in release for dockerhub; use jammy; apt remove as possible 9178e8a75f7f8846ef40f8f5af53462269b2d4ac feat: add smob and provenance in release for dockerhub; use jammy; apt remove as possible (pasta) Pull request description: ## Issue being fixed or feature implemented Docker provenance refers to the origin and history of Docker images, including how they were built, modified, and by whom. An SBOM (Software Bill of Materials) is a detailed list of all components in a software application, providing transparency about libraries, dependencies, and versions used, which is crucial for security and compliance. ## What was done? Add SBOM and provenance to docker build; this may allow some level of validation that GitHub actions is actually doing what it says it is. See this for more information https://docs.docker.com/build/ci/github-actions/attestations/ ## How Has This Been Tested? Building with buildx with sbom and provenance flags locally ## Breaking Changes None ## Checklist: _Go over all the following points, and put an `x` in all the boxes that apply._ - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_ ACKs for top commit: UdjinM6: utACK 9178e8a75f7f8846ef40f8f5af53462269b2d4ac Tree-SHA512: 6e3f35a0b30f002e2d5d80d6dd18ee554a1c15c62c1d4cbe1185f38977f55a199998515cf5bb9a027670f068f3d56ef33faa062d8c4122a886375d00afe6bf2f 2024-08-01 16:15:50 +02:00			`RUN apt-get update && \`
			`apt list --installed && \`
			`apt-get -y purge \`
			`wget \`
			`ca-certificates \`
			`&& apt-get -y autoremove \`
			`&& rm -rf /var/lib/apt/lists/*`

Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`USER dash`

docker: fix gitian support, optimize container layer count and improve script consistency (#4983) * contrib: set the working directory to /src/dash to allow for cloning gitian dependencies * contrib: place the home directory inside /home instead of root * contrib: add notes about sharing ccache across the network * contrib: chown based on the (u/g)id env vars instead of the associated username * contrib: reduce layer count by reducing run invocations * contrib: develop container cleanup and maintenance - add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies - reorder packages in alphabetical order - correct documentation - create and add user to the docker group to satisfy Gitian's needs - reduce the number of RUN calls to reduce layer count 2022-08-22 21:42:36 +02:00			`VOLUME ["/home/dash"]`
Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00
ci: fix docker context (#4816) 2022-04-28 18:35:50 +02:00			`COPY docker-entrypoint.sh /docker-entrypoint.sh`
feat: add tor entrypoint script for use in dashmate (#4182) * feat: add entrypoint for tor features in dashmate * fix: use spaces consistently for indendation * fix: output blank line after info * fix: ensure script is executable * fix: keep linter happy 2021-06-02 19:54:57 +02:00			`ENTRYPOINT ["/docker-entrypoint.sh"]`

Docker release CI (#4051) * feat:add github actions * add release tag * multi-arch download * remove erroneous add command * install wget properly * parse tag * no multi-arch for now * show vars * more debug * show uname * install certs * manually mutate tag * fix syntax * use env * remove debug * try docker meta * try semver with v * multi-arch * remove v * use tag-match * match group 1 * prepare for dashpay repo * optimize dockerfile * remove unnecessary space Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> * Update .github/workflows/release_docker_hub.yml Co-authored-by: UdjinM6 <UdjinM6@users.noreply.github.com> 2021-03-24 11:11:50 +01:00			`EXPOSE 9998 9999 19998 19999`

docker: fix gitian support, optimize container layer count and improve script consistency (#4983) * contrib: set the working directory to /src/dash to allow for cloning gitian dependencies * contrib: place the home directory inside /home instead of root * contrib: add notes about sharing ccache across the network * contrib: chown based on the (u/g)id env vars instead of the associated username * contrib: reduce layer count by reducing run invocations * contrib: develop container cleanup and maintenance - add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies - reorder packages in alphabetical order - correct documentation - create and add user to the docker group to satisfy Gitian's needs - reduce the number of RUN calls to reduce layer count 2022-08-22 21:42:36 +02:00			`WORKDIR /home/dash`