From c0fee82c9f4aa693343e4a1097098b97e69c75fd Mon Sep 17 00:00:00 2001
From: Caspian Baska <email@caspian.computer>
Date: Tue, 1 Jun 2021 14:50:37 +1000
Subject: [PATCH] build(Dockerfile): attempt to fix github ci

---
 Dockerfile                         | 83 +++++++++++++-----------------
 Dockerfile.test                    | 53 ++++++++++---------
 scripts/entrypoint-test.sh         |  3 ++
 spec/placeos-build/drivers_spec.cr |  6 +--
 src/placeos-build/drivers.cr       |  2 +-
 5 files changed, 68 insertions(+), 79 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index abe2a2f..a360405 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,84 +1,73 @@
 ARG CRYSTAL_VERSION=1.0.0
-FROM crystallang/crystal:${CRYSTAL_VERSION} as build
+ARG PLACE_COMMIT="DEV"
 
-ARG PLACE_COMMIT=DEV
+FROM crystallang/crystal:${CRYSTAL_VERSION} as build
 
 WORKDIR /app
 
-RUN apt update
-RUN apt install --no-install-recommends -y \
+RUN apt-get update && \
+    apt-get install -y apt-transport-https && \
+    apt-get update && \
+    DEBIAN_FRONTEND=noninteractive \
+    apt install --no-install-recommends -y \
         bash \
         ca-certificates \
         curl \
-        git \
-        libssh2-1 libssh2-1-dev \
-        libgc-dev \
         llvm-10 llvm-10-dev \
-        tzdata
+        libssh2-1 libssh2-1-dev \
+        libyaml-dev \
+    && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
 
 # Add trusted CAs for communicating with external services
 RUN update-ca-certificates
 
-SHELL ["/bin/bash", "-l", "-c"]
-
-# Install asdf version manager
-RUN git clone https://github.com/asdf-vm/asdf.git $HOME/.asdf --branch v0.8.0
-RUN $HOME/.asdf/bin/asdf plugin-add crystal https://github.com/asdf-community/asdf-crystal.git
-
-RUN echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.bashrc && \
-    echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.profile && \
-    source ~/.bashrc
-
-# Create a non-privileged user
-ARG IMAGE_UID="10001"
-ENV UID=$IMAGE_UID
-ENV USER=appuser
-RUN adduser \
-    --disabled-password \
-    --gecos "" \
-    --home "/nonexistent" \
-    --shell "/sbin/nologin" \
-    --no-create-home \
-    --uid "${UID}" \
-    "${USER}"
-
-# These provide certificate chain validation where communicating with external services over TLS
-ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
-
-# Create binary directories
-RUN mkdir -p repositories bin/drivers
+# Install watchexec
+RUN curl -sLO https://github.com/watchexec/watchexec/releases/download/cli-v1.16.0/watchexec-1.16.0-x86_64-unknown-linux-gnu.deb && \
+    dpkg -i watchexec-1.16.0-x86_64-unknown-linux-gnu.deb && \
+    rm -rf ./*.deb
 
-RUN mkdir /app/.shards
+RUN mkdir -p /app/bin/drivers
 
-# Install deps
+# Install shards before adding source.
 COPY shard.yml /app
 COPY shard.lock /app
+RUN shards install --ignore-crystal-version
 
-RUN shards install --production --ignore-crystal-version
-
-# Copy source for the long building `digest_cli`
-RUN mkdir /app/src
+# Build digest tool before copying rest of source for better caching.
 COPY src/digest_cli.cr /app/src/digest_cli.cr
-
 RUN CRYSTAL_PATH=lib:/usr/share/crystal/src/ \
     LLVM_CONFIG=$(/usr/share/crystal/src/llvm/ext/find-llvm-config) \
-    PLACE_COMMIT=${PLACE_COMMIT} \
-    UNAME_AT_COMPILE_TIME=true \
-    shards build --error-trace --ignore-crystal-version --release --production -Dpreview_mt digest_cli
+    shards build digest_cli -Dpreview_mt --ignore-crystal-version --no-debug --production
+
+COPY scripts /app/scripts
+COPY src /app/src
 
 # Add the rest of the source last for efficient caching
 COPY src /app/src
 
 RUN PLACE_COMMIT=${PLACE_COMMIT} \
     UNAME_AT_COMPILE_TIME=true \
-    shards build --error-trace --ignore-crystal-version --release --production -Dpreview_mt build
+    shards build --error-trace -Dpreview_mt --release --ignore-crystal-version --production build
 
 RUN chown appuser -R /app
 
+ENV HOME="/app"
+
+# Install asdf version manager
+SHELL ["/bin/bash", "-l", "-c"]
+RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf --branch v0.8.0 && \
+    $HOME/.asdf/bin/asdf plugin-add crystal https://github.com/asdf-community/asdf-crystal.git && \
+    echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.bashrc && \
+    echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.profile && \
+    source ~/.bashrc
+
 ###############################################################################
 
 USER appuser:appuser
 
+# These provide certificate chain validation where communicating with external services over TLS
+ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
+
 EXPOSE 3000
 HEALTHCHECK CMD wget -qO- http://localhost:3000/api/build/v1
 CMD ["/app/scripts/entrypoint.sh", "--server", "-b", "0.0.0.0", "-p", "3000"]
diff --git a/Dockerfile.test b/Dockerfile.test
index 553d3d4..62d6e7f 100644
--- a/Dockerfile.test
+++ b/Dockerfile.test
@@ -1,37 +1,32 @@
 ARG CRYSTAL_VERSION=1.0.0
-FROM crystallang/crystal:${CRYSTAL_VERSION}
-
 ARG PLACE_COMMIT="DEV"
 
+FROM crystallang/crystal:${CRYSTAL_VERSION} as build
+
 WORKDIR /app
 
-RUN apt update
-RUN apt install --no-install-recommends -y \
+RUN apt-get update && \
+    apt-get install -y apt-transport-https && \
+    apt-get update && \
+    DEBIAN_FRONTEND=noninteractive \
+    apt install --no-install-recommends -y \
         bash \
         ca-certificates \
         curl \
-        git \
-        libssh2-1 libssh2-1-dev \
         llvm-10 llvm-10-dev \
-        tzdata
+        libssh2-1 libssh2-1-dev \
+        libyaml-dev \
+    && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Add trusted CAs for communicating with external services
+RUN update-ca-certificates
 
 # Install watchexec
 RUN curl -sLO https://github.com/watchexec/watchexec/releases/download/cli-v1.16.0/watchexec-1.16.0-x86_64-unknown-linux-gnu.deb && \
     dpkg -i watchexec-1.16.0-x86_64-unknown-linux-gnu.deb && \
     rm -rf ./*.deb
 
-# Add trusted CAs for communicating with external services
-RUN update-ca-certificates
-
-SHELL ["/bin/bash", "-l", "-c"]
-
-# Install asdf version manager
-RUN git clone https://github.com/asdf-vm/asdf.git $HOME/.asdf --branch v0.8.0
-RUN $HOME/.asdf/bin/asdf plugin-add crystal https://github.com/asdf-community/asdf-crystal.git
-
-RUN echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.bashrc && \
-    echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.profile && \
-    source ~/.bashrc
+RUN mkdir -p /app/bin/drivers
 
 # Install shards before adding source.
 COPY shard.yml /app
@@ -39,21 +34,25 @@ COPY shard.lock /app
 RUN shards install --ignore-crystal-version
 
 # Build digest tool before copying rest of source for better caching.
-RUN mkdir /app/src
 COPY src/digest_cli.cr /app/src/digest_cli.cr
-
 RUN CRYSTAL_PATH=lib:/usr/share/crystal/src/ \
     LLVM_CONFIG=$(/usr/share/crystal/src/llvm/ext/find-llvm-config) \
-    shards build digest_cli --ignore-crystal-version --no-debug
-
-COPY src/digest_cli.cr /app/src/digest_cli.cr
+    shards build digest_cli -Dpreview_mt --ignore-crystal-version --no-debug --production
 
 COPY scripts /app/scripts
-COPY src /app/sr
-
-RUN mkdir -p /app/bin/drivers
+COPY src /app/src
 
 # These provide certificate chain validation where communicating with external services over TLS
 ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
 
+SHELL ["/bin/bash", "-l", "-c"]
+ENV HOME="/app"
+# Install asdf version manager
+RUN git clone --depth 1 https://github.com/asdf-vm/asdf.git $HOME/.asdf --branch v0.8.0 && \
+    $HOME/.asdf/bin/asdf plugin-add crystal https://github.com/asdf-community/asdf-crystal.git && \
+    echo -e '\n. $HOME/.asdf/asdf.sh' >> $HOME/.bashrc && \
+    echo -e '\n. $HOME/.asdf/asdf.sh' >> $HOME/.profile && \
+    source ~/.bashrc
+
+
 CMD /app/scripts/entrypoint-test.sh
diff --git a/scripts/entrypoint-test.sh b/scripts/entrypoint-test.sh
index 49454ac..bb4e833 100755
--- a/scripts/entrypoint-test.sh
+++ b/scripts/entrypoint-test.sh
@@ -18,6 +18,9 @@ fi
 
 export CRYSTAL_PATH=lib:/usr/share/crystal/src
 export CRYSTAL_LIBRARY_PATH=/usr/local/lib
+export PKG_CONFIG_PATH=/usr/local/opt/openssl/lib/pkgconfig
+export CPPFlAGS=-L/usr/local/opt/openssl/include
+export LDFLAGS=-L/usr/local/opt/openssl/lib
 
 watch="false"
 multithreaded="false"
diff --git a/spec/placeos-build/drivers_spec.cr b/spec/placeos-build/drivers_spec.cr
index a4db2f1..9a37725 100644
--- a/spec/placeos-build/drivers_spec.cr
+++ b/spec/placeos-build/drivers_spec.cr
@@ -2,8 +2,7 @@ module PlaceOS::Build
   describe Drivers do
     it "compiles a crystal binary specificed by an entrypoint" do
       Drivers.legacy_build_method = false
-      drivers = Drivers.new
-      drivers.compile(
+      Drivers.new.compile(
         repository_uri: "https://github.com/place-labs/exec_from",
         entrypoint: "src/app.cr",
         commit: "da824d2a59f7e29eea6525f472ffc67c294a48cf",
@@ -13,8 +12,7 @@ module PlaceOS::Build
 
     pending "compiles drivers via the legacy ENV method" do
       Drivers.legacy_build_method = true
-      drivers = Drivers.new
-      drivers.compile(
+      Drivers.new.compile(
         repository_uri: "https://github.com/placeos/private-drivers",
         entrypoint: "drivers/place/private_helper.cr",
         commit: "c014d19225bb9aa2578494be797207c04745df39",
diff --git a/src/placeos-build/drivers.cr b/src/placeos-build/drivers.cr
index 3912b83..57a8d18 100644
--- a/src/placeos-build/drivers.cr
+++ b/src/placeos-build/drivers.cr
@@ -88,7 +88,7 @@ module PlaceOS::Build
         digest = begin
           PlaceOS::Build::Digest.digest([entrypoint], repository_path).first.hash
         rescue e
-          Log.warn(exception: e) { "failed to digesst, likely a legacy driver" }
+          Log.warn { "failed to digest #{entrypoint} using the driver's commit" }
           # Use the commit if a digest could not be produced
           commit[0, 6]
         end