From 15d96f24d9a22aa079da71ce59235a26bf5b7993 Mon Sep 17 00:00:00 2001 From: Mohammad Mahdi Baghbani Pourvahid Date: Sat, 9 Mar 2024 11:34:09 +0000 Subject: [PATCH 1/3] add: multi stage build for reva --- docker/dockerfiles/revad.Dockerfile | 77 +++++++++++++---------------- 1 file changed, 35 insertions(+), 42 deletions(-) diff --git a/docker/dockerfiles/revad.Dockerfile b/docker/dockerfiles/revad.Dockerfile index b8e7cfaa..39d55979 100644 --- a/docker/dockerfiles/revad.Dockerfile +++ b/docker/dockerfiles/revad.Dockerfile @@ -1,29 +1,8 @@ -FROM golang:1.22.1-bookworm +# stage 1: build stage +FROM golang:1.22.1-alpine AS build -# keys for oci taken from: -# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys -LABEL org.opencontainers.image.licenses=MIT -LABEL org.opencontainers.image.title="Pondersource Revad Image" -LABEL org.opencontainers.image.source="https://github.com/pondersource/dev-stock" -LABEL org.opencontainers.image.authors="Mohammad Mahdi Baghbani Pourvahid" - -# set timezone. -ENV TZ=UTC -RUN ln --symbolic --no-dereference --force /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone - -ENV DEBIAN_FRONTEND noninteractive - -RUN apt update --yes - -# install dependencies. -RUN apt install --yes \ - git \ - vim \ - curl \ - wget \ - openssl \ - build-essential \ - ca-certificates +# install build dependencies. +RUN apk --no-cache add git make bash # go to root directory. WORKDIR / @@ -41,21 +20,40 @@ RUN git clone \ ${REPO_REVA} \ reva-git -# change directory to reva +# change directory to reva git. WORKDIR /reva-git -# build revad from source. -RUN go mod vendor +# copy and download dependencies. +RUN go mod download + # only build revad, leave out reva and test and lint and docs. RUN make revad -COPY ./configs/revad /configs/revad -WORKDIR /configs/revad +# stage 2: app image. +FROM alpine:3.19.1 + +# keys for oci taken from: +# https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys +LABEL org.opencontainers.image.licenses=MIT +LABEL org.opencontainers.image.title="Pondersource Revad Image" +LABEL org.opencontainers.image.source="https://github.com/pondersource/dev-stock" +LABEL org.opencontainers.image.authors="Mohammad Mahdi Baghbani Pourvahid" + +# set the timezone and install CA certificates. +RUN apk --no-cache add bash ca-certificates tzdata + +ENV TZ=Etc/UTC + +# copy the binary from the build stage. +COPY --from=build /reva-git/cmd /reva-git/cmd + +# copy the reva config files from host. +COPY ./configs/revad /configs/revad # trust all the certificates: -COPY ./tls/certificates/* /tls/ +COPY ./tls/certificates/reva* /tls/ COPY ./tls/certificate-authority/* /tls/ -RUN ln --symbolic --force /tls/*.crt /usr/local/share/ca-certificates +RUN ln -sf /tls/*.crt /usr/local/share/ca-certificates RUN update-ca-certificates RUN mkdir -p /var/tmp/reva/ @@ -63,16 +61,11 @@ RUN mkdir -p /var/tmp/reva/ # update path to include revad bin directory. ENV PATH="${PATH}:/reva/cmd/revad" -COPY ./scripts/reva-run.sh /usr/bin/reva-run.sh -RUN chmod +x /usr/bin/reva-run.sh - -COPY ./scripts/reva-kill.sh /usr/bin/reva-kill.sh -RUN chmod +x /usr/bin/reva-kill.sh +COPY ./scripts/reva/* /usr/bin/ -COPY ./scripts/reva-entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh +RUN chmod +x /usr/bin/run.sh && chmod +x /usr/bin/kill.sh && chmod +x /usr/bin/entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] +ENTRYPOINT ["/usr/bin/entrypoint.sh"] -# Keep Docker Container Running for Debugging. -CMD tail --follow /var/log/revad.log +# keep Docker Container Running for Debugging. +CMD tail -F /var/log/revad.log From 87a450bc2d02655a04d2392661abd5d7e8f76b48 Mon Sep 17 00:00:00 2001 From: Mohammad Mahdi Baghbani Pourvahid Date: Sat, 9 Mar 2024 11:34:27 +0000 Subject: [PATCH 2/3] modify: use go alpine image for compiling reva --- init/ocm-test-suite.sh | 4 ++-- init/sciencemesh.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/init/ocm-test-suite.sh b/init/ocm-test-suite.sh index 51b3529d..c5e5c05b 100755 --- a/init/ocm-test-suite.sh +++ b/init/ocm-test-suite.sh @@ -76,8 +76,8 @@ if [ "${SCRIPT_MODE}" = "dev" ]; then docker run --rm \ -v "$(pwd)/reva:/reva-build" \ --workdir /reva-build \ - golang:1.22.1-bookworm \ - bash -c "git config --global --add safe.directory /reva-build && go mod vendor && make revad" + golang:1.22.1-alpine \ + sh -c "apk --no-cache add git make bash && git config --global --add safe.directory /reva-build && go mod download && make revad" else [ ! -d "nextcloud/apps" ] && \ mkdir -p nextcloud/apps diff --git a/init/sciencemesh.sh b/init/sciencemesh.sh index 3e0d980b..3cd0f9b4 100755 --- a/init/sciencemesh.sh +++ b/init/sciencemesh.sh @@ -91,8 +91,8 @@ BRANCH_REVA=v1.28.0 docker run -it --rm \ -v "$(pwd)/reva:/reva-build" \ --workdir /reva-build \ - golang:1.22.1-bookworm \ - bash -c "git config --global --add safe.directory /reva-build && go mod vendor && make revad" + golang:1.22.1-alpine \ + sh -c "apk --no-cache add git make bash && git config --global --add safe.directory /reva-build && go mod download && make revad" docker network inspect testnet >/dev/null 2>&1 || docker network create testnet From 1673dabcbeb47bab89682686924e19f5be4205bd Mon Sep 17 00:00:00 2001 From: Mohammad Mahdi Baghbani Pourvahid Date: Sat, 9 Mar 2024 11:34:50 +0000 Subject: [PATCH 3/3] refactor: reva script name and location --- .gitignore | 2 +- dev/ocm-test-suite.sh | 13 +++++----- dev/sciencemesh.sh | 13 +++++----- .../entrypoint.sh} | 4 +-- docker/scripts/{reva-kill.sh => reva/kill.sh} | 2 +- docker/scripts/{reva-run.sh => reva/run.sh} | 26 +++++++++---------- 6 files changed, 31 insertions(+), 29 deletions(-) rename docker/scripts/{reva-entrypoint.sh => reva/entrypoint.sh} (83%) rename docker/scripts/{reva-kill.sh => reva/kill.sh} (67%) rename docker/scripts/{reva-run.sh => reva/run.sh} (76%) diff --git a/.gitignore b/.gitignore index 024ee60a..8b349732 100644 --- a/.gitignore +++ b/.gitignore @@ -4,7 +4,7 @@ bin/ ocm -reva/ +.reva/ core temp server diff --git a/dev/ocm-test-suite.sh b/dev/ocm-test-suite.sh index 391d65ae..14dfcc7b 100755 --- a/dev/ocm-test-suite.sh +++ b/dev/ocm-test-suite.sh @@ -120,9 +120,9 @@ function createReva() { redirect_to_null_cmd echo "creating reva for ${platform} ${number}" # make sure scripts are executable. - chmod +x "${ENV_ROOT}/docker/scripts/reva-run.sh" >/dev/null 2>&1 - chmod +x "${ENV_ROOT}/docker/scripts/reva-kill.sh" >/dev/null 2>&1 - chmod +x "${ENV_ROOT}/docker/scripts/reva-entrypoint.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/run.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/kill.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/entrypoint.sh" >/dev/null 2>&1 if [ "${SCRIPT_MODE}" = "dev" ]; then waitForCollabora @@ -136,9 +136,9 @@ function createReva() { -v "${ENV_ROOT}/docker/tls/certificates:/certificates" \ -v "${ENV_ROOT}/docker/tls/certificate-authority:/certificate-authority" \ -v "${ENV_ROOT}/temp/revad:/configs/revad" \ - -v "${ENV_ROOT}/docker/scripts/reva-run.sh:/usr/bin/reva-run.sh" \ - -v "${ENV_ROOT}/docker/scripts/reva-kill.sh:/usr/bin/reva-kill.sh" \ - -v "${ENV_ROOT}/docker/scripts/reva-entrypoint.sh:/entrypoint.sh" \ + -v "${ENV_ROOT}/temp/reva/run.sh:/usr/bin/run.sh" \ + -v "${ENV_ROOT}/temp/reva/kill.sh:/usr/bin/kill.sh" \ + -v "${ENV_ROOT}/temp/reva/entrypoint.sh:/usr/bin/entrypoint.sh" \ pondersource/dev-stock-revad \ >/dev/null 2>&1 } @@ -161,6 +161,7 @@ function sciencemeshInsertIntoDB() { rm -rf "${ENV_ROOT}/temp" && mkdir --parents "${ENV_ROOT}/temp" # copy init files. +cp -fr "${ENV_ROOT}/docker/scripts/reva" "${ENV_ROOT}/temp/" cp -fr "${ENV_ROOT}/docker/configs/revad" "${ENV_ROOT}/temp/" cp -f "${ENV_ROOT}/docker/scripts/init-owncloud-sm-ocm.sh" "${ENV_ROOT}/temp/owncloud.sh" cp -f "${ENV_ROOT}/docker/scripts/init-nextcloud-sciencemesh.sh" "${ENV_ROOT}/temp/nextcloud.sh" diff --git a/dev/sciencemesh.sh b/dev/sciencemesh.sh index d10ec497..9ae99947 100755 --- a/dev/sciencemesh.sh +++ b/dev/sciencemesh.sh @@ -105,9 +105,9 @@ function createReva() { echo "creating reva for ${platform} ${number}" # make sure scripts are executable. - chmod +x "${ENV_ROOT}/docker/scripts/reva-run.sh" >/dev/null 2>&1 - chmod +x "${ENV_ROOT}/docker/scripts/reva-kill.sh" >/dev/null 2>&1 - chmod +x "${ENV_ROOT}/docker/scripts/reva-entrypoint.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/run.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/kill.sh" >/dev/null 2>&1 + chmod +x "${ENV_ROOT}/temp/reva/entrypoint.sh" >/dev/null 2>&1 waitForCollabora @@ -119,9 +119,9 @@ function createReva() { -v "${ENV_ROOT}/docker/tls/certificates:/certificates" \ -v "${ENV_ROOT}/docker/tls/certificate-authority:/certificate-authority" \ -v "${ENV_ROOT}/temp/revad:/configs/revad" \ - -v "${ENV_ROOT}/docker/scripts/reva-run.sh:/usr/bin/reva-run.sh" \ - -v "${ENV_ROOT}/docker/scripts/reva-kill.sh:/usr/bin/reva-kill.sh" \ - -v "${ENV_ROOT}/docker/scripts/reva-entrypoint.sh:/entrypoint.sh" \ + -v "${ENV_ROOT}/temp/reva/run.sh:/usr/bin/run.sh" \ + -v "${ENV_ROOT}/temp/reva/kill.sh:/usr/bin/kill.sh" \ + -v "${ENV_ROOT}/temp/reva/entrypoint.sh:/usr/bin/entrypoint.sh" \ pondersource/dev-stock-revad \ >/dev/null 2>&1 } @@ -144,6 +144,7 @@ function sciencemeshInsertIntoDB() { rm -rf "${ENV_ROOT}/temp" && mkdir --parents "${ENV_ROOT}/temp" # copy init files. +cp -fr "${ENV_ROOT}/docker/scripts/reva" "${ENV_ROOT}/temp/" cp -fr "${ENV_ROOT}/docker/configs/revad" "${ENV_ROOT}/temp/" cp -f "${ENV_ROOT}/docker/scripts/init-owncloud-sciencemesh.sh" "${ENV_ROOT}/temp/owncloud.sh" cp -f "${ENV_ROOT}/docker/scripts/init-nextcloud-sciencemesh.sh" "${ENV_ROOT}/temp/nextcloud.sh" diff --git a/docker/scripts/reva-entrypoint.sh b/docker/scripts/reva/entrypoint.sh similarity index 83% rename from docker/scripts/reva-entrypoint.sh rename to docker/scripts/reva/entrypoint.sh index 48cbe422..7644eb6c 100755 --- a/docker/scripts/reva-entrypoint.sh +++ b/docker/scripts/reva/entrypoint.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# @michielbdejong halt on error in docker init scripts +# @michielbdejong halt on error in docker init scripts. set -e # see https://github.com/golang/go/issues/22846#issuecomment-380809416 @@ -11,7 +11,7 @@ echo "127.0.0.1 ${HOST}.docker" >> /etc/hosts touch /var/log/revad.log # run revad. -reva-run.sh +run.sh # This will exec the CMD from your Dockerfile, i.e. "npm start" exec "$@" diff --git a/docker/scripts/reva-kill.sh b/docker/scripts/reva/kill.sh similarity index 67% rename from docker/scripts/reva-kill.sh rename to docker/scripts/reva/kill.sh index 13770a82..fac113ff 100755 --- a/docker/scripts/reva-kill.sh +++ b/docker/scripts/reva/kill.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# @michielbdejong halt on error in docker init scripts +# @michielbdejong halt on error in docker init scripts. set -e # kill running revad. diff --git a/docker/scripts/reva-run.sh b/docker/scripts/reva/run.sh similarity index 76% rename from docker/scripts/reva-run.sh rename to docker/scripts/reva/run.sh index ff7c2c05..c2f16381 100755 --- a/docker/scripts/reva-run.sh +++ b/docker/scripts/reva/run.sh @@ -12,9 +12,9 @@ fi if [ -n "$(find /reva -prune -empty -type d 2>/dev/null)" ]; then echo "/reva is an empty directory, populating it with reva binaries." # populate /reva with Reva binaries. - cp --archive --recursive --no-clobber /reva-git/cmd /reva + cp -ar /reva-git/cmd /reva else - ls -l --all --size /reva + ls -lsa /reva echo "/reva contains files, doing noting." fi @@ -40,21 +40,21 @@ sed -i "s/debug/trace/" # update OS certificate store. mkdir -p /tls -[ -d "/certificates" ] && \ - cp -f /certificates/*.crt /tls/ \ - && \ - cp -f /certificates/*.key /tls/ +[ -d "/certificates" ] && \ + cp -f /certificates/*.crt /tls/ \ + && \ + cp -f /certificates/*.key /tls/ -[ -d "/certificate-authority" ] && \ - cp -f /certificate-authority/*.crt /tls/ \ - && \ - cp -f /certificate-authority/*.key /tls/ +[ -d "/certificate-authority" ] && \ + cp -f /certificate-authority/*.crt /tls/ \ + && \ + cp -f /certificate-authority/*.key /tls/ -cp -f /tls/*.crt /usr/local/share/ca-certificates/ || true +cp -f /tls/*.crt /usr/local/share/ca-certificates/ || true update-ca-certificates -ln --symbolic --force "/tls/${HOST}.crt" /tls/server.crt -ln --symbolic --force "/tls/${HOST}.key" /tls/server.key +ln -sf "/tls/${HOST}.crt" /tls/server.crt +ln -sf "/tls/${HOST}.key" /tls/server.key # run revad. revad --dev-dir "/etc/revad" &