From ec29ddaebc9cf1db30c403bebc8d8d68aa965f46 Mon Sep 17 00:00:00 2001 From: Nadav Ivgi Date: Fri, 22 Jan 2021 09:12:18 +0200 Subject: [PATCH] Docker multi-arch support for arm32v7/arm64v8 (#79) - Generate dockerfiles for arm32v7/arm64v8 - Use built binaries in release process --- .dockerignore | 1 - Dockerfile => dockerfiles/Dockerfile | 6 ++-- dockerfiles/README.md | 1 + dockerfiles/arm32v7.Dockerfile | 16 +++++++++ dockerfiles/arm64v8.Dockerfile | 16 +++++++++ scripts/docker-generate.sh | 23 +++++++++++++ scripts/docker-release.sh | 49 ++++++++++++++++++++++++++++ scripts/release.sh | 15 ++------- 8 files changed, 112 insertions(+), 15 deletions(-) rename Dockerfile => dockerfiles/Dockerfile (68%) create mode 100644 dockerfiles/README.md create mode 100644 dockerfiles/arm32v7.Dockerfile create mode 100644 dockerfiles/arm64v8.Dockerfile create mode 100755 scripts/docker-generate.sh create mode 100755 scripts/docker-release.sh diff --git a/.dockerignore b/.dockerignore index a2750ed..0a3679b 100644 --- a/.dockerignore +++ b/.dockerignore @@ -4,6 +4,5 @@ Dockerfile stuff scripts .git -dist contrib examples diff --git a/Dockerfile b/dockerfiles/Dockerfile similarity index 68% rename from Dockerfile rename to dockerfiles/Dockerfile index 2a6027e..b10da0f 100644 --- a/Dockerfile +++ b/dockerfiles/Dockerfile @@ -4,11 +4,13 @@ RUN apt-get update && apt-get install -y pkg-config libssl-dev WORKDIR /usr/src/bwt COPY . . ARG FEATURES=electrum,http,webhooks,track-spends -RUN cargo install --locked --path . --no-default-features --features "cli,$FEATURES" +ARG PREBUILT_BIN +RUN if [ -n "$PREBUILT_BIN" ]; then cp $PREBUILT_BIN /usr/local/bin; \ + else cargo install --locked --path . --root /usr/local/ --no-default-features --features "cli,$FEATURES"; fi # debian:buster-slim FROM debian@sha256:59678da095929b237694b8cbdbe4818bb89a2918204da7fa0145dc4ba5ef22f9 ARG FEATURES=electrum,http,webhooks,track-spends RUN echo $FEATURES | grep -v webhooks > /dev/null || (apt-get update && apt-get install -y libssl-dev) -COPY --from=builder /usr/local/cargo/bin/bwt /usr/local/bin/ +COPY --from=builder /usr/local/bin/bwt /usr/local/bin/ ENTRYPOINT [ "bwt", "--bitcoind-dir", "/bitcoin" ] diff --git a/dockerfiles/README.md b/dockerfiles/README.md new file mode 100644 index 0000000..d0d41a5 --- /dev/null +++ b/dockerfiles/README.md @@ -0,0 +1 @@ +Changing the `Dockerfile` requires running `scripts/docker-generate.sh` to generate the arm32v7/arm64v8 images. diff --git a/dockerfiles/arm32v7.Dockerfile b/dockerfiles/arm32v7.Dockerfile new file mode 100644 index 0000000..37d2856 --- /dev/null +++ b/dockerfiles/arm32v7.Dockerfile @@ -0,0 +1,16 @@ +# rust:1.49-slim +FROM rust@sha256:58cb29151843a8ba8e0e78e3f80096ed2f9514cf81d4f85ef43727140631e67b as builder +RUN apt-get update && apt-get install -y pkg-config libssl-dev +WORKDIR /usr/src/bwt +COPY . . +ARG FEATURES=electrum,http,webhooks,track-spends +ARG PREBUILT_BIN +RUN if [ -n "$PREBUILT_BIN" ]; then cp $PREBUILT_BIN /usr/local/bin; \ + else cargo install --locked --path . --root /usr/local/ --no-default-features --features "cli,$FEATURES"; fi + +# debian:buster-slim +FROM debian@sha256:d31590f680577ffde6bd08943e9590eaabdc04529ea60f4bb6f58cddbc33f628 +ARG FEATURES=electrum,http,webhooks,track-spends +RUN echo $FEATURES | grep -v webhooks > /dev/null || (apt-get update && apt-get install -y libssl-dev) +COPY --from=builder /usr/local/bin/bwt /usr/local/bin/ +ENTRYPOINT [ "bwt", "--bitcoind-dir", "/bitcoin" ] diff --git a/dockerfiles/arm64v8.Dockerfile b/dockerfiles/arm64v8.Dockerfile new file mode 100644 index 0000000..7a5807c --- /dev/null +++ b/dockerfiles/arm64v8.Dockerfile @@ -0,0 +1,16 @@ +# rust:1.49-slim +FROM rust@sha256:2a44876432ba0cfbe7f7fcddd9b16f316ee13abecdee43b25f0645529966bc40 as builder +RUN apt-get update && apt-get install -y pkg-config libssl-dev +WORKDIR /usr/src/bwt +COPY . . +ARG FEATURES=electrum,http,webhooks,track-spends +ARG PREBUILT_BIN +RUN if [ -n "$PREBUILT_BIN" ]; then cp $PREBUILT_BIN /usr/local/bin; \ + else cargo install --locked --path . --root /usr/local/ --no-default-features --features "cli,$FEATURES"; fi + +# debian:buster-slim +FROM debian@sha256:01b65c2928fed9427e59a679e287a75d98551ea2061cf03c61be0c7e1fc40fef +ARG FEATURES=electrum,http,webhooks,track-spends +RUN echo $FEATURES | grep -v webhooks > /dev/null || (apt-get update && apt-get install -y libssl-dev) +COPY --from=builder /usr/local/bin/bwt /usr/local/bin/ +ENTRYPOINT [ "bwt", "--bitcoind-dir", "/bitcoin" ] diff --git a/scripts/docker-generate.sh b/scripts/docker-generate.sh new file mode 100755 index 0000000..038d98b --- /dev/null +++ b/scripts/docker-generate.sh @@ -0,0 +1,23 @@ +#!/bin/bash +set -xeo pipefail + +# Generate the arm32v7/arm64v8 dockerfiles using the main dockerfile as a template +generate_dockerfile() { + local builder_image=$1 + local runtime_image=$2 + sed -r "s/^(FROM rust@sha256:)[^ ]+/\1$builder_image/; s/^(FROM debian@sha256:)[^ ]+/\1$runtime_image/;" dockerfiles/Dockerfile +} + +# arm32v7/rust:1.49.0-slim and arm32v7/debian:buster-slim (10.7) +# https://hub.docker.com/r/arm32v7/rust/tags?name=slim +# https://hub.docker.com/r/arm32v7/debian/tags?name=buster-slim +generate_dockerfile 58cb29151843a8ba8e0e78e3f80096ed2f9514cf81d4f85ef43727140631e67b \ + d31590f680577ffde6bd08943e9590eaabdc04529ea60f4bb6f58cddbc33f628 \ + > dockerfiles/arm32v7.Dockerfile + +# arm64v8/rust:1.49.0-slim and arm64v8/debian:buster-slim (10.7) +# https://hub.docker.com/r/arm64v8/rust/tags?name=slim +# https://hub.docker.com/r/arm64v8/debian/tags?name=buster-slim +generate_dockerfile 2a44876432ba0cfbe7f7fcddd9b16f316ee13abecdee43b25f0645529966bc40 \ + 01b65c2928fed9427e59a679e287a75d98551ea2061cf03c61be0c7e1fc40fef \ + > dockerfiles/arm64v8.Dockerfile diff --git a/scripts/docker-release.sh b/scripts/docker-release.sh new file mode 100755 index 0000000..b9a1805 --- /dev/null +++ b/scripts/docker-release.sh @@ -0,0 +1,49 @@ +#!/bin/bash +set -xeo pipefail +shopt -s expand_aliases + +docker_name=shesek/bwt + +version=$(grep -E '^version =' Cargo.toml | cut -d'"' -f2) +base_tag=$docker_name:$version + +docker_name=shesek/bwt-test +base_tag=$docker_name:$version + +build_variant() { + local docker_tag=$1 + local docker_alias=$2 + + build $1-amd64 $2-amd64 $3 "$4" x86_64-linux Dockerfile + build $1-arm32v7 $2-arm32v7 $3 "$4" arm32v7-linux arm32v7.Dockerfile + build $1-arm64v8 $2-arm64v8 $3 "$4" arm64v8-linux arm64v8.Dockerfile + + # can't tag manifests to create an alias, need to create them separately instead + for target in $docker_tag $docker_alias; do + docker manifest create --amend $target $docker_tag-amd64 $docker_tag-arm32v7 $docker_tag-arm64v8 + docker manifest annotate $target $docker_tag-amd64 --os linux --arch amd64 + docker manifest annotate $target $docker_tag-arm32v7 --os linux --arch arm --variant v7 + docker manifest annotate $target $docker_tag-arm64v8 --os linux --arch arm64 --variant v8 + docker manifest push $target -p + done +} + +build() { + local docker_tag=$1 + local docker_alias=$2 + local features=$3 + local bin_variant=$4 + local bin_platform=$5 + local dockerfile=$6 + + docker build -t $docker_tag --build-arg FEATURES=$features \ + --build-arg PREBUILT_BIN=dist/bwt-$version$bin_variant-$bin_platform/bwt \ + -f dockerfiles/$dockerfile . + + docker tag $docker_tag $docker_alias + docker push $docker_tag + docker push $docker_alias +} + +build_variant $base_tag $docker_name:latest http,electrum,webhooks,track-spends '' +build_variant $base_tag-electrum $docker_name:electrum electrum '-electrum_only' diff --git a/scripts/release.sh b/scripts/release.sh index 090a4d6..64d809b 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -57,11 +57,8 @@ if [ -z "$SKIP_BUILD" ]; then ./scripts/build.sh fi - # remove subdirectories, keep release tarballs - rm -r dist/*/ - echo Making SHA256SUMS... - (cd dist && sha256sum *) | sort | gpg --clearsign --digest-algo sha256 > SHA256SUMS.asc + (cd dist && sha256sum *.{tar.gz,zip}) | sort | gpg --clearsign --digest-algo sha256 > SHA256SUMS.asc fi @@ -96,7 +93,7 @@ if [[ -z "$SKIP_UPLOAD" && -n "$GH_TOKEN" ]]; then || curl -sf -H "$gh_auth" -d "$release_opt" $gh_base/releases) gh_upload=$(echo "$gh_release" | jq -r .upload_url | sed -e 's/{?name,label}//') - for file in SHA256SUMS.asc dist/*; do + for file in SHA256SUMS.asc dist/*.{tar.gz,zip}; do echo ">> Uploading $file" curl -f --progress-bar -H "$gh_auth" -H "Content-Type: application/octet-stream" \ @@ -110,11 +107,5 @@ fi if [ -z "$SKIP_DOCKER" ]; then echo Releasing docker images... - - docker_tag=$docker_name:$version - docker build -t $docker_tag . - docker build -t $docker_tag-electrum --build-arg FEATURES=electrum . - docker tag $docker_tag $docker_name:latest - docker tag $docker_tag-electrum $docker_name:electrum - docker push $docker_name + ./scripts/docker-release.sh fi