From 8447328f90b1d668d8cab7362310a9c4a0ea3d7e Mon Sep 17 00:00:00 2001 From: Richard Ulrich Date: Thu, 5 Oct 2023 10:16:16 +0200 Subject: [PATCH 1/7] adding a dockerfile to run it --- .dockerignore | 5 +++++ Cargo.toml | 11 +++++++++-- Dockerfile | 16 ++++++++++++++++ Makefile | 7 +++++++ 4 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 .dockerignore create mode 100644 Dockerfile create mode 100644 Makefile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..7a17791 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +target/ +.git/ +.github/ +Dockerfile +Makefile diff --git a/Cargo.toml b/Cargo.toml index e327d87..319375a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,14 @@ bdk = "0.28" bdk-reserves = "0.28" env_logger = "0.10" log = "0.4" -base64 = "^0.13" +base64 = "0.13" [dev-dependencies] -actix-rt = "1" \ No newline at end of file +actix-rt = "1" + +[profile.release] +opt-level = 'z' # Optimize for size +lto = true # Enable link-time optimization +codegen-units = 1 # Reduce number of codegen units to increase optimizations +panic = 'abort' # Abort on panic +strip = true # Strip symbols from binary* diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..6ef439f --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.18 as builder +RUN apk add alpine-sdk build-base cargo +RUN adduser -S -G abuild satoshi +USER satoshi +WORKDIR /home/satoshi +COPY . . +RUN cargo test +RUN cargo build --release +RUN ldd target/release/bdk-reserves-web + +FROM alpine:3.18 as runner +COPY --from=builder /home/satoshi/target/release/bdk-reserves-web /bin/bdk-reserves-web +RUN apk add --no-cache libstdc++ +RUN adduser -S -G abuild satoshi +USER satoshi +CMD ["/bin/bdk-reserves-web"] \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..55331e9 --- /dev/null +++ b/Makefile @@ -0,0 +1,7 @@ +TAG := bdk-reserves-web + +run: builder + docker run --rm --tty -e PORT='8888' -p 8888:8888 ${TAG} + +builder: + docker build --tag ${TAG} . From 7746a351d08b47c33d537951cafdb91cdf8479ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Adamski?= Date: Thu, 5 Oct 2023 10:38:14 +0200 Subject: [PATCH 2/7] run without linux distro (scratch container) --- Dockerfile | 18 +++++++++--------- Makefile | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6ef439f..a2841c9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,16 @@ -FROM alpine:3.18 as builder -RUN apk add alpine-sdk build-base cargo +FROM rust:1.72-alpine3.18 as builder +RUN apk add --no-cache build-base RUN adduser -S -G abuild satoshi USER satoshi WORKDIR /home/satoshi COPY . . RUN cargo test RUN cargo build --release -RUN ldd target/release/bdk-reserves-web +RUN install -D target/release/bdk-reserves-web dist/bin/bdk-reserves-web +RUN ldd target/release/bdk-reserves-web | tr -s [:blank:] '\n' | grep ^/ | xargs -I % install -D % dist/% +RUN ln -s ld-musl-x86_64.so.1 dist/lib/libc.musl-x86_64.so.1 -FROM alpine:3.18 as runner -COPY --from=builder /home/satoshi/target/release/bdk-reserves-web /bin/bdk-reserves-web -RUN apk add --no-cache libstdc++ -RUN adduser -S -G abuild satoshi -USER satoshi -CMD ["/bin/bdk-reserves-web"] \ No newline at end of file +FROM scratch +COPY --from=builder /home/satoshi/dist / +USER 65534 +ENTRYPOINT ["/bin/bdk-reserves-web"] \ No newline at end of file diff --git a/Makefile b/Makefile index 55331e9..b9be5e5 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ TAG := bdk-reserves-web run: builder - docker run --rm --tty -e PORT='8888' -p 8888:8888 ${TAG} + docker run --rm --tty --env PORT=8888 --publish 8888:8888 ${TAG} builder: docker build --tag ${TAG} . From 591980b819dc545a4f0a15e6525ce28c8e5adb30 Mon Sep 17 00:00:00 2001 From: Richard Ulrich Date: Thu, 5 Oct 2023 11:06:29 +0200 Subject: [PATCH 3/7] adding cargo fmt clippy audit to the Dockerfile --- Dockerfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Dockerfile b/Dockerfile index a2841c9..ca19fac 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,13 @@ RUN install -D target/release/bdk-reserves-web dist/bin/bdk-reserves-web RUN ldd target/release/bdk-reserves-web | tr -s [:blank:] '\n' | grep ^/ | xargs -I % install -D % dist/% RUN ln -s ld-musl-x86_64.so.1 dist/lib/libc.musl-x86_64.so.1 +RUN rustup component add clippy-preview \ + && rustup component add rustfmt +RUN cargo install cargo-audit +RUN cargo fmt -- --check +RUN cargo clippy +#RUN cargo audit + FROM scratch COPY --from=builder /home/satoshi/dist / USER 65534 From b1ea73b6283068c6b2183b54ae81ad58c7863963 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Adamski?= Date: Thu, 5 Oct 2023 11:41:40 +0200 Subject: [PATCH 4/7] no need to add a user --- Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index ca19fac..a82ea16 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,7 @@ FROM rust:1.72-alpine3.18 as builder RUN apk add --no-cache build-base -RUN adduser -S -G abuild satoshi -USER satoshi -WORKDIR /home/satoshi +USER guest +WORKDIR /app COPY . . RUN cargo test RUN cargo build --release @@ -18,6 +17,6 @@ RUN cargo clippy #RUN cargo audit FROM scratch -COPY --from=builder /home/satoshi/dist / +COPY --from=builder /app/dist / USER 65534 ENTRYPOINT ["/bin/bdk-reserves-web"] \ No newline at end of file From c77d9d6e1f4e99f6e569fe6d6980547574cdbf4b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Adamski?= Date: Thu, 5 Oct 2023 11:45:32 +0200 Subject: [PATCH 5/7] ldd in dist directory (not cargo specific) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a82ea16..2895387 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ COPY . . RUN cargo test RUN cargo build --release RUN install -D target/release/bdk-reserves-web dist/bin/bdk-reserves-web -RUN ldd target/release/bdk-reserves-web | tr -s [:blank:] '\n' | grep ^/ | xargs -I % install -D % dist/% +RUN ldd dist/bin/bdk-reserves-web | tr -s [:blank:] '\n' | grep ^/ | xargs -I % install -D % dist/% RUN ln -s ld-musl-x86_64.so.1 dist/lib/libc.musl-x86_64.so.1 RUN rustup component add clippy-preview \ From a157a5d3b656ae4b1d9d62bd79e7807ba1c7b16e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Adamski?= Date: Thu, 5 Oct 2023 12:47:30 +0200 Subject: [PATCH 6/7] guest user has home folder set to /dev/null and it breaks cargo-fmt --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 2895387..81fb2b6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM rust:1.72-alpine3.18 as builder RUN apk add --no-cache build-base -USER guest +USER bin WORKDIR /app COPY . . RUN cargo test From 131c762f76350eb4015ad7e3530edec680e02597 Mon Sep 17 00:00:00 2001 From: Richard Ulrich Date: Thu, 5 Oct 2023 13:18:56 +0200 Subject: [PATCH 7/7] test the docker file in a github action --- .github/workflows/cont_integration.yml | 36 ++++++-------------------- 1 file changed, 8 insertions(+), 28 deletions(-) diff --git a/.github/workflows/cont_integration.yml b/.github/workflows/cont_integration.yml index 21f9ad7..030b270 100644 --- a/.github/workflows/cont_integration.yml +++ b/.github/workflows/cont_integration.yml @@ -51,34 +51,14 @@ jobs: - name: Test run: cargo test - -# check-azure: -# name: Check Azure -# runs-on: ubuntu-20.04 -# steps: -# - name: Checkout -# uses: actions/checkout@v4 -# - name: Cache -# uses: actions/cache@v2 -# with: -# path: | -# ~/.cargo/registry -# ~/.cargo/git -# target -# key: ${{ runner.os }}-cargo-${{ github.job }}-${{ hashFiles('**/Cargo.toml','**/Cargo.lock') }} -# - run: sudo apt-get update || exit 1 -# - run: sudo apt-get install -y clang musl musl-tools || exit 1 -# - run: sudo ln -s /usr/bin/g++ /usr/bin/musl-g++ -# - name: Set default toolchain -# run: rustup default 1.63.0 -# - name: Set profile -# run: rustup set profile minimal -# - name: Add target musl -# run: rustup target add x86_64-unknown-linux-musl -# - name: Update toolchain -# run: rustup update -# - name: Check -# run: cargo build --release --target=x86_64-unknown-linux-musl + build-docker: + name: build docker + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Build the Docker image + run: docker build --file Dockerfile --tag bdk-reserves-web . fmt: name: Rust fmt