mirror of
https://github.com/dashpay/dash.git
synced 2024-12-24 19:42:46 +01:00
docker: fix gitian support, optimize container layer count and improve script consistency (#4983)
* contrib: set the working directory to /src/dash to allow for cloning gitian dependencies * contrib: place the home directory inside /home instead of root * contrib: add notes about sharing ccache across the network * contrib: chown based on the (u/g)id env vars instead of the associated username * contrib: reduce layer count by reducing run invocations * contrib: develop container cleanup and maintenance - add apt-cacher-ng, gpg, lsb-release, screen as a package dependencies - reorder packages in alphabetical order - correct documentation - create and add user to the docker group to satisfy Gitian's needs - reduce the number of RUN calls to reduce layer count
This commit is contained in:
parent
5a7f6a7133
commit
6699b0228f
@ -53,7 +53,7 @@ ARG GROUP_ID=1000
|
||||
ENV USER_ID ${USER_ID}
|
||||
ENV GROUP_ID ${GROUP_ID}
|
||||
RUN groupadd -g ${GROUP_ID} dash
|
||||
RUN useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /dash dash
|
||||
RUN useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash
|
||||
|
||||
# Packages needed for all target builds
|
||||
RUN apt-get update && apt-get install $APT_ARGS \
|
||||
@ -101,14 +101,16 @@ RUN \
|
||||
update-alternatives --set x86_64-w64-mingw32-g++ /usr/bin/x86_64-w64-mingw32-g++-posix; \
|
||||
exit 0
|
||||
|
||||
RUN mkdir /dash-src && \
|
||||
RUN \
|
||||
mkdir -p /src/dash && \
|
||||
mkdir -p /cache/ccache && \
|
||||
mkdir /cache/depends && \
|
||||
mkdir /cache/sdk-sources && \
|
||||
chown $USER_ID:$GROUP_ID /dash-src && \
|
||||
chown $USER_ID:$GROUP_ID /cache && \
|
||||
chown $USER_ID:$GROUP_ID /cache -R
|
||||
chown ${USER_ID}:${GROUP_ID} /src && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /src && \
|
||||
chown ${USER_ID}:${GROUP_ID} /cache && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /cache
|
||||
|
||||
WORKDIR /dash-src
|
||||
WORKDIR /src/dash
|
||||
|
||||
USER dash
|
||||
|
@ -5,15 +5,15 @@ LABEL description="Dockerised DashCore, built from Travis"
|
||||
ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
|
||||
ENV HOME /dash
|
||||
ENV HOME /home/dash
|
||||
|
||||
# add user with specified (or default) user/group ids
|
||||
ENV USER_ID ${USER_ID:-1000}
|
||||
ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
RUN groupadd -g ${GROUP_ID} dash
|
||||
RUN useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /dash dash
|
||||
RUN mkdir /dash/.dashcore
|
||||
RUN chown dash:dash -R /dash
|
||||
RUN groupadd -g ${GROUP_ID} dash && \
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash && \
|
||||
mkdir /home/dash/.dashcore && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /home/dash
|
||||
|
||||
COPY bin/* /usr/local/bin/
|
||||
|
||||
@ -21,8 +21,8 @@ RUN chmod a+x /usr/local/bin/*
|
||||
|
||||
USER dash
|
||||
|
||||
VOLUME ["/dash"]
|
||||
VOLUME ["/home/dash"]
|
||||
|
||||
EXPOSE 9998 9999 19998 19999
|
||||
|
||||
WORKDIR /dash
|
||||
WORKDIR /home/dash
|
||||
|
@ -16,7 +16,7 @@ RUN apt-get update && \
|
||||
wget \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
WORKDIR /dash
|
||||
WORKDIR /home/dash
|
||||
|
||||
COPY . .
|
||||
|
||||
@ -38,8 +38,8 @@ RUN make -j`nproc | awk '{x=$1/2; print x}'` && make install
|
||||
|
||||
RUN mkdir built-target && \
|
||||
case "$TARGETPLATFORM" in \
|
||||
"linux/arm64") cp depends/arm-linux-gnueabihf/bin/dash* /dash/built-target ;; \
|
||||
"linux/amd64") cp depends/x86_64-pc-linux-gnu/bin/dash* /dash/built-target ;; \
|
||||
"linux/arm64") cp depends/arm-linux-gnueabihf/bin/dash* /home/dash/built-target ;; \
|
||||
"linux/amd64") cp depends/x86_64-pc-linux-gnu/bin/dash* /home/dash/built-target ;; \
|
||||
esac
|
||||
|
||||
FROM ubuntu:focal
|
||||
@ -50,15 +50,15 @@ ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
ARG TAG
|
||||
|
||||
ENV HOME /dash
|
||||
ENV HOME /home/dash
|
||||
|
||||
# add user with specified (or default) user/group ids
|
||||
ENV USER_ID ${USER_ID:-1000}
|
||||
ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
RUN groupadd -g ${GROUP_ID} dash && \
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /dash dash && \
|
||||
mkdir /dash/.dashcore && \
|
||||
chown dash:dash -R /dash
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash && \
|
||||
mkdir /home/dash/.dashcore && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /home/dash
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get -y install --no-install-recommends \
|
||||
@ -66,15 +66,15 @@ RUN apt-get update && \
|
||||
ca-certificates \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY --from=builder /dash/built-target/dash* /usr/local/bin
|
||||
COPY --from=builder /home/dash/built-target/dash* /usr/local/bin
|
||||
|
||||
USER dash
|
||||
|
||||
VOLUME ["/dash"]
|
||||
VOLUME ["/home/dash"]
|
||||
|
||||
COPY docker/docker-entrypoint.sh /docker-entrypoint.sh
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
|
||||
EXPOSE 9998 9999 19998 19999
|
||||
|
||||
WORKDIR /dash
|
||||
WORKDIR /home/dash
|
||||
|
@ -7,15 +7,15 @@ ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
ARG BRANCH
|
||||
|
||||
ENV HOME /dash
|
||||
ENV HOME /home/dash
|
||||
|
||||
# add user with specified (or default) user/group ids
|
||||
ENV USER_ID ${USER_ID:-1000}
|
||||
ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
RUN groupadd -g ${GROUP_ID} dash && \
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /dash dash && \
|
||||
mkdir /dash/.dashcore && \
|
||||
chown dash:dash -R /dash
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash && \
|
||||
mkdir /home/dash/.dashcore && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /home/dash
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get -y install --no-install-recommends \
|
||||
@ -23,23 +23,23 @@ RUN apt-get update && \
|
||||
ca-certificates \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY dashcore-binaries/${BRANCH}/dashcore* /dash
|
||||
COPY dashcore-binaries/${BRANCH}/dashcore* /home/dash
|
||||
|
||||
RUN mach=$(uname -m) \
|
||||
&& case $mach in aarch64) arch="aarch64-linux-gnu"; ;; x86_64) arch="x86_64-linux-gnu"; ;; *) echo "ERROR: Machine type $mach not supported."; ;; esac \
|
||||
&& cd /dash \
|
||||
&& cd /home/dash \
|
||||
&& tar xvzf dashcore*$arch.tar.gz \
|
||||
&& echo $(ls -1 /dash) \
|
||||
&& echo $(ls -1 /home/dash) \
|
||||
&& cp dashcore-*/bin/* /usr/local/bin \
|
||||
&& rm -rf dash*
|
||||
|
||||
USER dash
|
||||
|
||||
VOLUME ["/dash"]
|
||||
VOLUME ["/home/dash"]
|
||||
|
||||
COPY dash/contrib/containers/deploy/docker-entrypoint.sh /docker-entrypoint.sh
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
|
||||
EXPOSE 9998 9999 19998 19999
|
||||
|
||||
WORKDIR /dash
|
||||
WORKDIR /home/dash
|
||||
|
@ -6,15 +6,15 @@ ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
ARG TAG
|
||||
|
||||
ENV HOME /dash
|
||||
ENV HOME /home/dash
|
||||
|
||||
# add user with specified (or default) user/group ids
|
||||
ENV USER_ID ${USER_ID:-1000}
|
||||
ENV GROUP_ID ${GROUP_ID:-1000}
|
||||
RUN groupadd -g ${GROUP_ID} dash && \
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /dash dash && \
|
||||
mkdir /dash/.dashcore && \
|
||||
chown dash:dash -R /dash
|
||||
useradd -u ${USER_ID} -g dash -s /bin/bash -m -d /home/dash dash && \
|
||||
mkdir /home/dash/.dashcore && \
|
||||
chown ${USER_ID}:${GROUP_ID} -R /home/dash
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get -y install --no-install-recommends \
|
||||
@ -32,11 +32,11 @@ RUN mach=$(uname -m) \
|
||||
|
||||
USER dash
|
||||
|
||||
VOLUME ["/dash"]
|
||||
VOLUME ["/home/dash"]
|
||||
|
||||
COPY docker-entrypoint.sh /docker-entrypoint.sh
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
|
||||
EXPOSE 9998 9999 19998 19999
|
||||
|
||||
WORKDIR /dash
|
||||
WORKDIR /home/dash
|
||||
|
@ -8,19 +8,34 @@ INCLUDE+ ci/Dockerfile
|
||||
# just started configuring this image, give us root access
|
||||
USER root
|
||||
|
||||
# Make development environment more standalone
|
||||
RUN apt-get update && \
|
||||
apt-get install $APT_ARGS \
|
||||
apt-cacher-ng \
|
||||
gdb \
|
||||
gpg \
|
||||
lsb-release \
|
||||
nano \
|
||||
openssh-client \
|
||||
screen \
|
||||
sudo \
|
||||
zsh \
|
||||
&& \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Discourage root access, this is an interactive instance
|
||||
#
|
||||
# Sometimes these commands are run repetitively _after_ the non-sudo
|
||||
# user was introduced and therefore these commands would fail
|
||||
# To mitigate the build halting, we've added "|| true" so that it
|
||||
# To mitigate the build halting, you can add "|| true" so that it
|
||||
# unconditionally returns 0
|
||||
#
|
||||
RUN apt-get update && apt-get install $APT_ARGS sudo && rm -rf /var/lib/apt/lists/*
|
||||
RUN usermod -aG sudo dash
|
||||
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
|
||||
|
||||
# Make development environment more standalone
|
||||
RUN apt-get update && apt-get install $APT_ARGS nano openssh-client zsh gdb && rm -rf /var/lib/apt/lists/*
|
||||
# Also, we create the group `docker` and add our user to it to meet
|
||||
# Gitian's requirements
|
||||
#
|
||||
RUN groupadd docker && \
|
||||
usermod -aG sudo,docker dash && \
|
||||
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
|
||||
|
||||
# Disable noninteractive mode
|
||||
ENV DEBIAN_FRONTEND="dialog"
|
||||
|
@ -26,4 +26,26 @@ services:
|
||||
- type: bind
|
||||
# source: /host/$PWD # Workaround needed on non-Linux hosts
|
||||
source: ../../..
|
||||
target: /dash-src
|
||||
target: /src/dash
|
||||
|
||||
# Sharing your ccache
|
||||
#
|
||||
# As the container is supposed to be a reproducible replica of the build
|
||||
# environment 1:1, it will not interact with your filesystem except as
|
||||
# defined in this file. This comes with the disadvantage of having to engage
|
||||
# in repeated re-compilation of object files, which will prolong your build
|
||||
# times and make the process more arduous. Therefore it is recommended to share
|
||||
# your local ccache with the container. The example below connects to a remote
|
||||
# samba share and can be adopted to fit your needs.
|
||||
#
|
||||
# NOTE: Only the first line is a continuation of the services.container.volumes
|
||||
# definition
|
||||
|
||||
# - cache:/home/dash/.ccache
|
||||
#
|
||||
# volumes:
|
||||
# cache:
|
||||
# driver_opts:
|
||||
# type: cifs
|
||||
# o: "username=example,password=changemeplsfix"
|
||||
# device: "//127.0.0.1/cache"
|
||||
|
Loading…
Reference in New Issue
Block a user