Skip to content

Commit

Permalink
feat: (WIP)multi-arch (#9)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ko-matsu
ko-matsu authored Sep 24, 2022
1 parent 7b21845 commit bcc4a10
Show file tree
Hide file tree
Showing 5 changed files with 378 additions and 60 deletions.
69 changes: 33 additions & 36 deletions .github/workflows/create-docker-image.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,44 +7,41 @@ on:
- 'bitcoin-*'

env:
DOCKER_BASE_NAME: ghcr.io/${{ github.repository_owner }}/elements-testing
REPOSITORY_PATH: ${{ github.repository }}
IMAGE_BASE_NAME: "ghcr.io/${{ github.repository_owner }}/elements-testing"

jobs:
upload-image:
runs-on: ubuntu-20.04
strategy:
matrix:
baseimage: ['3.10.4-slim-bullseye']
runs-on: ubuntu-22.04

steps:
- uses: actions/checkout@v2
- name: Get tag version
id: get_version
run: |
echo ::set-output name=PKG_TAG::${DOCKER_BASE_NAME}:${GITHUB_REF/refs\/tags\//}
echo ::set-output name=REP_USER_NAME::${REPOSITORY_PATH/\/elements-testing-dockerfile//}
- name: Build docker image
env:
PKG_TAG: ${{steps.get_version.outputs.PKG_TAG}}
run: |
docker build . -t "${PKG_TAG}" --build-arg BASE_IMAGE="${{ matrix.baseimage }}"
# docker run --rm ${PKG_TAG} --version

# - name: Scan docker image
# env:
# PKG_TAG: ${{steps.get_version.outputs.PKG_TAG}}
# run: |
# docker run --rm -v /var/run/docker.sock:/var/run/docker.sock \
# -v ${HOME}/.cache:/root/.cache aquasec/trivy:latest --exit-code 1 ${PKG_TAG}

- name: Push to Packages
env:
CR_TOKEN: ${{ secrets.CR_PAT }}
PKG_TAG: ${{steps.get_version.outputs.PKG_TAG}}
REP_USER_NAME: ${{ secrets.CR_USER_NAME }}
run: |
echo "$CR_TOKEN" | docker login ghcr.io -u "$REP_USER_NAME" --password-stdin
docker push "${PKG_TAG}"
- uses: actions/checkout@v3
- name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
# list of Docker images to use as base name for tags
images: name=${{env.IMAGE_BASE_NAME}}
# generate Docker tags based on the following events/attributes
tags: |
type=ref,event=tag
type=semver,pattern={{raw}}
type=sha
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ secrets.CR_USER_NAME }}
password: ${{ secrets.CR_PAT }}
- name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
88 changes: 64 additions & 24 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,14 @@
FROM python:3.10.4-slim-bullseye
FROM --platform=$TARGETPLATFORM python:3.10.7-slim-bullseye

# NOTE: nodedir has used by cmake-js.
RUN mkdir /var/.npm \
&& echo 'prefix = /var/.npm' > ~/.npmrc
&& mkdir /var/.npm/_logs \
&& mkdir /var/.node \
&& chmod -R 777 /var/.npm \
&& chmod -R 777 /var/.node \
&& echo 'prefix = /var/.npm' > /root/.npmrc \
&& echo 'cache = /var/.npm' >> /root/.npmrc \
&& echo 'nodedir = /var/.node' >> /root/.npmrc

# install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
Expand All @@ -16,24 +23,25 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
&& apt-get -y clean \
&& rm -rf /var/lib/apt/lists/*

ENV USER_NAME testuser
RUN useradd --user-group --create-home --shell /bin/false ${USER_NAME} \
&& chown ${USER_NAME}:${USER_NAME} /var/.npm

RUN export PATH=/var/.npm/bin:$PATH \
&& npm install -g n \
&& n lts

RUN python -V && node -v && npm -v
ARG TARGETARCH
RUN python -V && node -v && npm -v && echo "TARGETARCH=${TARGETARCH}"

WORKDIR /tmp
ENV GPG_KEY_SERVER hkps://keyserver.ubuntu.com
# setup bitcoin
ARG BITCOIN_VERSION=23.0
ENV BITCOIN_TARBALL bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz
ENV BITCOIN_URL_BASE https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}
ENV BITCOIN_PGP_KEY 152812300785C96444D3334D17565732E08E5E41 0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 590B7292695AFFA5B672CBB2E13FC145CD3F4304 28F5900B1BB5D1A4B6B6D1A9ED357015286A333D 637DB1E23370F84AFF88CCE03152347D07DA627C CFB16E21C950F67FA95E558F2EEB9F5CC09526C1 F4FC70F07310028424EFC20A8E4256593F177720 D1DBF2C4B96F2DEBF4C16654410108112E7EA81F 287AE4CA1187C68C08B49CB2D11BD4F33F1DB499 F9A8737BF4FF5C89C903DF31DD78544CF91B1514 9DEAE0DC7063249FB05474681E4AED62986CD25D E463A93F5F3117EEDE6C7316BD02942421F4889F 9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C 4DAF18FE948E7A965B30F9457E296D555E7F63A7 28E72909F1717FE9607754F8A7BEB2621678D37D 74E2DEF5D77260B98BC19438099BAD163C70FBFA
RUN wget -qO ${BITCOIN_TARBALL} ${BITCOIN_URL_BASE}/${BITCOIN_TARBALL} \
RUN if [ "${TARGETARCH}" = "arm64" ]; then \
export BITCOIN_TARBALL=bitcoin-${BITCOIN_VERSION}-aarch64-linux-gnu.tar.gz ;\
else \
export BITCOIN_TARBALL=bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz ;\
fi \
&& wget -qO ${BITCOIN_TARBALL} ${BITCOIN_URL_BASE}/${BITCOIN_TARBALL} \
&& wget -qO SHA256SUMS ${BITCOIN_URL_BASE}/SHA256SUMS \
&& wget -qO SHA256SUMS.asc ${BITCOIN_URL_BASE}/SHA256SUMS.asc \
&& echo "dump RSA key" \
Expand All @@ -57,10 +65,15 @@ RUN wget -qO ${BITCOIN_TARBALL} ${BITCOIN_URL_BASE}/${BITCOIN_TARBALL} \

# setup elements
ARG ELEMENTS_VERSION=0.21.0.2
ENV ELEMENTS_TARBALL elements-elements-${ELEMENTS_VERSION}-x86_64-linux-gnu.tar.gz
ENV ELEMENTS_URL_BASE https://github.com/ElementsProject/elements/releases/download/elements-${ELEMENTS_VERSION}
ENV ELEMENTS_PGP_KEY DE10E82629A8CAD55B700B972F2A88D7F8D68E87
RUN wget -qO ${ELEMENTS_TARBALL} ${ELEMENTS_URL_BASE}/${ELEMENTS_TARBALL} \
ENV ELEMENTS_PGP_KEY DE10E82629A8CAD55B700B972F2A88D7F8D68E87 BD0F3062F87842410B06A0432F656B0610604482
RUN if [ "${TARGETARCH}" = "arm64" ]; then \
export ELEMENTS_TARBALL0=elements-elements-${ELEMENTS_VERSION}-aarch64-linux-gnu.tar.gz ;\
export ELEMENTS_TARBALL=elements-elements-${ELEMENTS_VERSION}-arm-linux-gnueabihf.tar.gz ;\
else \
export ELEMENTS_TARBALL=elements-elements-${ELEMENTS_VERSION}-x86_64-linux-gnu.tar.gz ;\
fi \
&& wget -qO ${ELEMENTS_TARBALL} ${ELEMENTS_URL_BASE}/${ELEMENTS_TARBALL} \
&& gpg -v --keyserver ${GPG_KEY_SERVER} --recv-keys ${ELEMENTS_PGP_KEY} \
&& wget -qO SHA256SUMS.asc ${ELEMENTS_URL_BASE}/SHA256SUMS.asc \
&& gpg --verify SHA256SUMS.asc \
Expand All @@ -75,32 +88,59 @@ RUN wget -qO ${ELEMENTS_TARBALL} ${ELEMENTS_URL_BASE}/${ELEMENTS_TARBALL} \


# setup cmake
ENV CMAKE_VERSION 3.22.4
ENV CMAKE_TARBALL cmake-${CMAKE_VERSION}-linux-x86_64.tar.gz
ENV CMAKE_VERSION 3.24.2
ENV CMAKE_URL_BASE https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}
ENV CMAKE_PGP_KEY 2D2CEF1034921684
RUN wget -qO ${CMAKE_TARBALL} ${CMAKE_URL_BASE}/${CMAKE_TARBALL} \
RUN if [ "${TARGETARCH}" = "arm64" ]; then \
export CMAKE_TARBALL=cmake-${CMAKE_VERSION}-linux-aarch64.tar.gz ;\
export CMAKE_DIR_NAME=cmake-${CMAKE_VERSION}-linux-aarch64 ;\
else \
export CMAKE_TARBALL=cmake-${CMAKE_VERSION}-linux-x86_64.tar.gz ;\
export CMAKE_DIR_NAME=cmake-${CMAKE_VERSION}-linux-x86_64 ;\
fi \
&& wget -qO ${CMAKE_TARBALL} ${CMAKE_URL_BASE}/${CMAKE_TARBALL} \
&& gpg --keyserver ${GPG_KEY_SERVER} --recv-keys ${CMAKE_PGP_KEY} \
&& wget -qO cmake-SHA-256.txt ${CMAKE_URL_BASE}/cmake-${CMAKE_VERSION}-SHA-256.txt \
&& wget -qO cmake-SHA-256.txt.asc ${CMAKE_URL_BASE}/cmake-${CMAKE_VERSION}-SHA-256.txt.asc \
&& gpg --verify cmake-SHA-256.txt.asc \
&& sha256sum --ignore-missing --check cmake-SHA-256.txt \
&& tar -xzvf ${CMAKE_TARBALL} --directory=/opt/ \
&& ln -sfn /opt/cmake-${CMAKE_VERSION}-Linux-x86_64/bin/* /usr/bin \
&& mv /opt/${CMAKE_DIR_NAME} /opt/cmake-${CMAKE_VERSION}-linux \
&& ln -sfn /opt/cmake-${CMAKE_VERSION}-linux/bin/* /usr/bin \
&& rm -f ${CMAKE_TARBALL} cmake-*SHA-256.txt*

ENV PATH /var/.npm/bin:/opt/cmake-${CMAKE_VERSION}-linux-x86_64/bin:/opt/elements-${ELEMENTS_VERSION}/bin:/opt/bitcoin-${BITCOIN_VERSION}/bin:$PATH
ENV PATH /var/.npm/bin:/opt/cmake-${CMAKE_VERSION}-linux/bin:/opt/elements-${ELEMENTS_VERSION}/bin:/opt/bitcoin-${BITCOIN_VERSION}/bin:$PATH

WORKDIR /root

CMD bitcoin-cli --version && elements-cli --version \
&& python -V && echo "node version" && node -v && echo "npm version" && npm -v \
&& cmake --version && env
ENV USER_NAME testuser
RUN useradd --user-group --create-home --shell /bin/false ${USER_NAME} \
&& mkdir /github \
&& mkdir /workspace \
&& chmod -R 777 /github \
&& chmod -R 777 /workspace \
&& chown ${USER_NAME}:${USER_NAME} /github \
&& chown ${USER_NAME}:${USER_NAME} /workspace \
&& chown -R ${USER_NAME}:${USER_NAME} /var/.npm \
&& chown -R ${USER_NAME}:${USER_NAME} /var/.node

USER ${USER_NAME}

ENV PATH /var/.npm/bin:/opt/cmake-${CMAKE_VERSION}-linux-x86_64/bin:/opt/elements-${ELEMENTS_VERSION}/bin:/opt/bitcoin-${BITCOIN_VERSION}/bin:$PATH
WORKDIR /workspace

RUN echo 'prefix = /var/.npm' > ~/.npmrc \
&& echo 'cache = /var/.npm' >> ~/.npmrc\
&& echo 'nodedir = /var/.node' >> ~/.npmrc

ARG TARGETPLATFORM
RUN cmake --version && echo "TARGETARCH=${TARGETARCH}, TARGETPLATFORM=${TARGETPLATFORM}"

CMD bitcoin-cli --version && elements-cli --version \
&& python -V && echo "node version" && node -v && echo "npm version" && npm -v \
&& cmake --version && env

RUN echo 'prefix = /var/.npm' > ~/.npmrc
# TODO: set ENTRYPOINT

# TODO: set ENTRYPOINT
# NOTE: When using with github actions, please use the root user.
# docker login docker.pkg.github.com -u owner -p ${{ secrets.GITHUB_TOKEN }}
# docker pull (image)
# docker run -u root -v ${{ github.workspace }}:/github/workspace --entrypoint xxxx (image)
33 changes: 33 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,35 @@
# elements-testing-dockerfile
Elements and Bitcoin for testing docker.

## build

with buildx:

```
docker buildx build .
```

with build:

```
(amd64)
docker build -f amd64.dockerfile .
(arm64)
docker build -f arm64.dockerfile .
```

### for WSL

When using buildx with WSL, please exclude the Windows environment path.
The build may fail because it reads the meta-information of the Windows environment.

## NOTE

When using with github actions, please use the root user.

```
docker login docker.pkg.github.com -u owner -p ${{ secrets.GITHUB_TOKEN }}
docker pull (image)
docker run -u root -v ${{ github.workspace }}:/github/workspace --entrypoint xxxx (image)
```
124 changes: 124 additions & 0 deletions amd64.dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
FROM python:3.10.7-slim-bullseye

# NOTE: nodedir has used by cmake-js.
RUN mkdir /var/.npm \
&& mkdir /var/.npm/_logs \
&& mkdir /var/.node \
&& chmod -R 777 /var/.npm \
&& chmod -R 777 /var/.node \
&& echo 'prefix = /var/.npm' > /root/.npmrc \
&& echo 'cache = /var/.npm' >> /root/.npmrc \
&& echo 'nodedir = /var/.node' >> /root/.npmrc

# install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
dirmngr \
gpg \
gpg-agent \
wget \
build-essential \
nodejs \
npm \
git \
&& apt-get -y clean \
&& rm -rf /var/lib/apt/lists/*

RUN export PATH=/var/.npm/bin:$PATH \
&& npm install -g n \
&& n lts

RUN python -V && node -v && npm -v

WORKDIR /tmp
ENV GPG_KEY_SERVER hkps://keyserver.ubuntu.com
# setup bitcoin
ARG BITCOIN_VERSION=23.0
ENV BITCOIN_URL_BASE https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}
ENV BITCOIN_PGP_KEY 152812300785C96444D3334D17565732E08E5E41 0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 590B7292695AFFA5B672CBB2E13FC145CD3F4304 28F5900B1BB5D1A4B6B6D1A9ED357015286A333D 637DB1E23370F84AFF88CCE03152347D07DA627C CFB16E21C950F67FA95E558F2EEB9F5CC09526C1 F4FC70F07310028424EFC20A8E4256593F177720 D1DBF2C4B96F2DEBF4C16654410108112E7EA81F 287AE4CA1187C68C08B49CB2D11BD4F33F1DB499 F9A8737BF4FF5C89C903DF31DD78544CF91B1514 9DEAE0DC7063249FB05474681E4AED62986CD25D E463A93F5F3117EEDE6C7316BD02942421F4889F 9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C 4DAF18FE948E7A965B30F9457E296D555E7F63A7 28E72909F1717FE9607754F8A7BEB2621678D37D 74E2DEF5D77260B98BC19438099BAD163C70FBFA
RUN export BITCOIN_TARBALL=bitcoin-${BITCOIN_VERSION}-x86_64-linux-gnu.tar.gz \
&& wget -qO ${BITCOIN_TARBALL} ${BITCOIN_URL_BASE}/${BITCOIN_TARBALL} \
&& wget -qO SHA256SUMS ${BITCOIN_URL_BASE}/SHA256SUMS \
&& wget -qO SHA256SUMS.asc ${BITCOIN_URL_BASE}/SHA256SUMS.asc \
&& echo "dump RSA key" \
&& gpg --verify SHA256SUMS.asc 2>&1 | grep "using RSA key" | tr -s ' ' | cut -d ' ' -f5 \
&& echo "dump ECDSA key" \
&& gpg --verify SHA256SUMS.asc 2>&1 | grep "using ECDSA key" | tr -s ' ' | cut -d ' ' -f5 \
&& echo "dump key" \
&& gpg --verify SHA256SUMS.asc 2>&1 | grep "using " | tr -s ' ' | cut -d ' ' -f5 \
&& gpg -v --keyserver ${GPG_KEY_SERVER} --recv-keys ${BITCOIN_PGP_KEY} \
&& gpg -v --keyserver hkps://keys.openpgp.org --recv-keys 82921A4B88FD454B7EB8CE3C796C4109063D4EAF \
&& gpg -v --keyserver hkps://keys.openpgp.org --recv-keys C388F6961FB972A95678E327F62711DBDCA8AE56 \
&& sha256sum --ignore-missing --check SHA256SUMS \
&& tar -xzvf ${BITCOIN_TARBALL} --directory=/opt/ \
&& ln -sfn /opt/bitcoin-${BITCOIN_VERSION}/bin/* /usr/bin \
&& rm -f ${BITCOIN_TARBALL} SHA256SUMS.asc

#20220427: ignore gpg verify (for C388F6961FB972A95678E327F62711DBDCA8AE56)
# && gpg --verify -v SHA256SUMS.asc \
# && sha256sum --ignore-missing --check SHA256SUMS \


# setup elements
ARG ELEMENTS_VERSION=0.21.0.2
ENV ELEMENTS_URL_BASE https://github.com/ElementsProject/elements/releases/download/elements-${ELEMENTS_VERSION}
ENV ELEMENTS_PGP_KEY DE10E82629A8CAD55B700B972F2A88D7F8D68E87 BD0F3062F87842410B06A0432F656B0610604482
RUN export ELEMENTS_TARBALL=elements-elements-${ELEMENTS_VERSION}-x86_64-linux-gnu.tar.gz \
&& wget -qO ${ELEMENTS_TARBALL} ${ELEMENTS_URL_BASE}/${ELEMENTS_TARBALL} \
&& gpg -v --keyserver ${GPG_KEY_SERVER} --recv-keys ${ELEMENTS_PGP_KEY} \
&& wget -qO SHA256SUMS.asc ${ELEMENTS_URL_BASE}/SHA256SUMS.asc \
&& gpg --verify SHA256SUMS.asc \
&& sha256sum --ignore-missing --check SHA256SUMS.asc \
&& tar -xzvf ${ELEMENTS_TARBALL} --directory=/opt/ \
&& mv /opt/elements-elements-* /opt/elements-${ELEMENTS_VERSION} \
&& ln -sfn /opt/elements-${ELEMENTS_VERSION}/bin/* /usr/bin \
&& rm -f ${ELEMENTS_TARBALL} SHA256SUMS.asc

# unsigned 0.21.0
# && gpg --verify SHA256SUMS.asc \


# setup cmake
ENV CMAKE_VERSION 3.24.2
ENV CMAKE_URL_BASE https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}
ENV CMAKE_PGP_KEY 2D2CEF1034921684
RUN export CMAKE_TARBALL=cmake-${CMAKE_VERSION}-linux-x8664.tar.gz \
&& wget -qO ${CMAKE_TARBALL} ${CMAKE_URL_BASE}/${CMAKE_TARBALL} \
&& gpg --keyserver ${GPG_KEY_SERVER} --recv-keys ${CMAKE_PGP_KEY} \
&& wget -qO cmake-SHA-256.txt ${CMAKE_URL_BASE}/cmake-${CMAKE_VERSION}-SHA-256.txt \
&& wget -qO cmake-SHA-256.txt.asc ${CMAKE_URL_BASE}/cmake-${CMAKE_VERSION}-SHA-256.txt.asc \
&& gpg --verify cmake-SHA-256.txt.asc \
&& sha256sum --ignore-missing --check cmake-SHA-256.txt \
&& tar -xzvf ${CMAKE_TARBALL} --directory=/opt/ \
&& ln -sfn /opt/cmake-${CMAKE_VERSION}-linux-x86_64/bin/* /usr/bin \
&& rm -f ${CMAKE_TARBALL} cmake-*SHA-256.txt*

ENV PATH /var/.npm/bin:/opt/cmake-${CMAKE_VERSION}-linux-x86_64/bin:/opt/elements-${ELEMENTS_VERSION}/bin:/opt/bitcoin-${BITCOIN_VERSION}/bin:$PATH


ENV USER_NAME testuser
RUN useradd --user-group --create-home --shell /bin/false ${USER_NAME} \
&& mkdir /github \
&& mkdir /workspace \
&& chmod -R 777 /github \
&& chmod -R 777 /workspace \
&& chown ${USER_NAME}:${USER_NAME} /github \
&& chown ${USER_NAME}:${USER_NAME} /workspace \
&& chown -R ${USER_NAME}:${USER_NAME} /var/.npm \
&& chown -R ${USER_NAME}:${USER_NAME} /var/.node

USER ${USER_NAME}

WORKDIR /workspace

RUN echo 'prefix = /var/.npm' > ~/.npmrc \
&& echo 'cache = /var/.npm' >> ~/.npmrc\
&& echo 'nodedir = /var/.node' >> ~/.npmrc

ARG TARGETPLATFORM
RUN cmake --version && echo "TARGETARCH=${TARGETARCH}, TARGETPLATFORM=${TARGETPLATFORM}"

CMD bitcoin-cli --version && elements-cli --version \
&& python -V && echo "node version" && node -v && echo "npm version" && npm -v \
&& cmake --version && env

# TODO: set ENTRYPOINT
Loading

0 comments on commit bcc4a10

Please sign in to comment.