Skip to content

Commit

Permalink
Simplify Build
Browse files Browse the repository at this point in the history 
Instead of compiling Monero from source, just download and verify SHA256
integrity.
  • Loading branch information
@rblaine95
rblaine95 committed Feb 24, 2023
1 parent d1f176e commit 15ada04
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 130 deletions.
87 changes: 15 additions & 72 deletions .github/workflows/docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,6 @@ jobs:
build:
name: Build
runs-on: ubuntu-latest
strategy:
matrix:
include:
- arch: amd64
- arch: arm64/v8
- arch: arm/v7
steps:
- uses: actions/checkout@v3
- uses: docker/setup-qemu-action@v2
Expand All @@ -29,71 +23,20 @@ jobs:
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Build
id: build
run: |
# Get the arch for this build
ARCH=$(echo "${{ matrix.arch }}" | sed 's/\//-/g')
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
docker buildx build \
--platform linux/${{ matrix.arch }} \
--build-arg BUILD_THREADS=3 \
--cache-to type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH}-cache \
--cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH}-cache \
--cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:latest-${ARCH}-cache \
--tag ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH} \
--tag docker.io/${{ secrets.DOCKERHUB_USERNAME }}/${IMAGE_NAME}:${VERSION}-${ARCH} \
--push \
.
package:
name: Package
needs: [build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: docker/login-action@v2
- uses: docker/metadata-action@v4
id: meta
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_PAT }}
- uses: docker/login-action@v2
images: |
ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
docker.io/rblaine/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
type=semver,pattern={{version}}
- uses: docker/build-push-action@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- uses: docker/setup-qemu-action@v2
- uses: docker/setup-buildx-action@v2
- name: Package
run: |
# Strip git ref prefix from version
VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
# Strip "v" prefix from tag name
[[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
# Use Docker `latest` tag convention
[ "$VERSION" == "master" ] && VERSION=latest
for platform in $(printf ${PLATFORMS} | sed 's/,/ /g'); do
arch=$(printf $platform | awk -F'/' '{print $2 "-" $3}' | sed -e 's/-$//g')
cacheRegistry="$cacheRegistry --cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$VERSION-${arch}-cache"
done
build="docker buildx build --platform ${PLATFORMS} \
--tag ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$VERSION \
--tag docker.io/${{ secrets.DOCKERHUB_USERNAME }}/$IMAGE_NAME:$VERSION \
--build-arg BUILD_THREADS=3 \
--label org.opencontainers.image.source=https://github.com/${{ github.repository }} \
$cacheRegistry \
--push ."
echo "$build"
$build
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
74 changes: 16 additions & 58 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,81 +1,39 @@
###################
# --- builder --- #
###################
FROM docker.io/debian:10-slim AS builder
FROM docker.io/debian:11-slim AS builder

WORKDIR /opt

RUN apt-get update && \
apt-get dist-upgrade -y && \
apt-get install -y wget git build-essential \
automake autotools-dev bsdmainutils \
ca-certificates curl libtool gperf \
cmake pkg-config libssl-dev libzmq3-dev \
libunbound-dev libsodium-dev libunwind8-dev \
liblzma-dev libreadline6-dev libldns-dev libexpat1-dev \
libpgm-dev qttools5-dev-tools libhidapi-dev \
libusb-1.0-0-dev libprotobuf-dev protobuf-compiler \
libudev-dev libboost-chrono-dev libboost-container-dev \
libboost-date-time-dev libboost-filesystem-dev \
libboost-locale-dev libboost-program-options-dev libboost-regex-dev \
libboost-serialization-dev libboost-system-dev \
libboost-thread-dev python3 ccache doxygen graphviz \
libevent-dev libnorm-dev

ARG MONERO_VERSION=0.18.1.2
RUN git clone --recursive --depth 1 --shallow-submodules https://github.com/monero-project/monero.git -b v${MONERO_VERSION}

ARG BUILD_THREADS
# Build libexpact - required for libunbound
RUN set -ex && wget https://github.com/libexpat/libexpat/releases/download/R_2_4_9/expat-2.4.9.tar.bz2 && \
echo "7f44d1469b110773a94b0d5abeeeffaef79f8bd6406b07e52394bcf48126437a expat-2.4.9.tar.bz2" | sha256sum -c && \
tar -xf expat-2.4.9.tar.bz2 && \
rm expat-2.4.9.tar.bz2 && \
cd expat-2.4.9 && \
./configure --enable-static --disable-shared --prefix=/usr && \
make -j${BUILD_THREADS:-$(nproc)} && \
make -j${BUILD_THREADS:-$(nproc)} install

# Build libunbound
WORKDIR /tmp
RUN set -ex && wget https://www.nlnetlabs.nl/downloads/unbound/unbound-1.16.3.tar.gz && \
echo "ea0c6665e2c3325b769eac1dfccd60fe1828d5fcf662650039eccb3f67edb28e unbound-1.16.3.tar.gz" | sha256sum -c && \
tar -xzf unbound-1.16.3.tar.gz && \
rm unbound-1.16.3.tar.gz && \
cd unbound-1.16.3 && \
./configure --disable-shared \
--enable-static \
--without-pyunbound \
--with-libexpat=/usr \
--with-ssl=/usr \
--with-libevent=no \
--without-pythonodule \
--disable-flto \
--with-pthreads \
--with-libunbound-only \
--with-pic && \
make -j${BUILD_THREADS:-$(nproc)} && \
make -j${BUILD_THREADS:-$(nproc)} install
apt-get install -y \
wget ca-certificates bzip2

ARG MONERO_VERSION=v0.18.1.2
WORKDIR /opt/monero
RUN case "$(uname -m)" in \
x86_64) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-x86_64;; \
aarch64* | arm64 | armv8*) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-armv8;; \
armv7*) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-armv7;; \
x86_64) ARCH="x64"; SHA256SUM="7d51e7072351f65d0c7909e745827cfd3b00abe5e7c4cc4c104a3c9b526da07e" ;; \
aarch64* | arm64 | armv8*) ARCH="armv8"; SHA256SUM="e1467fe289c98349be2b1c4c080e30a224eb3217c814fab0204241b2b19b9c6b" ;; \
armv7*) ARCH="armv7"; SHA256SUM="94ece435ed60f85904114643482c2b6716f74bf97040a7af237450574a9cf06d" ;; \
*) echo "Unexpected architecture: $(uname -m)" && exit 1;; \
esac
esac \
\
&& wget https://downloads.getmonero.org/cli/monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2 \
&& echo "${SHA256SUM} monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2" | sha256sum -c \
&& tar -xjvf monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2 --strip-components 1 \
&& rm -f monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2

##################
# --- runner --- #
##################
FROM docker.io/debian:11-slim
FROM docker.io/debian:11-slim AS runner

ENV PATH=/opt/monero:${PATH}

RUN apt-get update && \
apt-get dist-upgrade -y && \
apt-get install -y tini libkrb5-dev \
curl ca-certificates && \
apt-get install -y tini ca-certificates && \
apt-get clean && \
apt-get autoremove -y && \
rm -rf /var/lib/apt && \
Expand All @@ -85,7 +43,7 @@ RUN apt-get update && \
chown -R monero:monero /home/monero/.bitmonero && \
chown -R monero:monero /opt/bitmonero

COPY --from=builder /opt/monero/build/Linux/_no_branch_/release/bin/* /opt/monero/
COPY --from=builder /opt/monero/* /opt/monero/

USER monero
WORKDIR /home/monero
Expand Down

0 comments on commit 15ada04

Please sign in to comment.