From fb50c6ebf9d4b36d1c9c2ede31dd03d1dbd2f74b Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Fri, 17 Jan 2020 00:57:45 +0100 Subject: [PATCH] add build commands --- .drone.jsonnet | 126 +++++++++++--------------- .drone.yml | 130 +++++++++++++++++++++++---- Dockerfile.amd64 | 38 ++++++++ README.md | 1 + manifest.tmpl | 4 +- overlay/usr/local/bin/entrypoint.sh | 3 + overlay/usr/local/bin/healthcheck.sh | 9 ++ 7 files changed, 220 insertions(+), 91 deletions(-) create mode 100644 Dockerfile.amd64 create mode 100755 overlay/usr/local/bin/entrypoint.sh create mode 100644 overlay/usr/local/bin/healthcheck.sh diff --git a/.drone.jsonnet b/.drone.jsonnet index ddfb117..3a5076f 100644 --- a/.drone.jsonnet +++ b/.drone.jsonnet @@ -1,11 +1,9 @@ -local PipelineBuild(os='linux', arch='amd64') = { - local tag = os + '-' + arch, - local version_tag = os + '-' + arch, - local file_suffix = std.strReplace(version_tag, '-', '.'), +local PipelineBuild(arch='amd64') = { + local tag = 'linux-' + arch, kind: 'pipeline', - name: version_tag, + name: 'build-' + arch, platform: { - os: os, + os: 'linux', arch: arch, }, steps: [ @@ -24,72 +22,52 @@ local PipelineBuild(os='linux', arch='amd64') = { 'apt-get -qq update && apt-get install -yqq --no-install-recommends libpq-dev ', 'rustup set profile minimal', 'curl -sSL https://github.com/dani-garcia/bitwarden_rs/archive/$BITWARDEN_VERSION.tar.gz | tar xz -C source/ --strip-components=1', - 'ls -lah source && id', - 'cargo new --bin app/ && cd app/', - 'cp ../source/Cargo.* .', - 'cp ../source/rust-toolchain .', - 'cp ../source/build.rs .', - 'rustup target add x86_64-unknown-linux-musl', - 'cargo build -j 8 --features $DB --release', - 'find . -not -path "./target*" -delete', - 'ls -lah', - 'cp -rT ../source .', - 'ls -lah', - 'touch src/main.rs', - 'cargo build -j 8 --features $DB --release', - './target/x86_64-unknown-linux-musl/release/bitwarden_rs --help' + 'cd source/ && cargo build -j 8 --features $DB --release', ], }, - // { - // name: 'dryrun', - // image: 'plugins/docker:' + tag, - // settings: { - // dry_run: true, - // tags: version_tag, - // dockerfile: './Dockerfile.' + file_suffix, - // repo: 'xoxys/freshrss', - // username: { from_secret: 'docker_username' }, - // password: { from_secret: 'docker_password' }, - // build_args: { - // BITWARDEN_VERSION: '${DRONE_TAG%-*}', - // }, - // }, - // }, - // { - // name: 'publish', - // image: 'plugins/docker:' + tag, - // settings: { - // auto_tag: true, - // auto_tag_suffix: version_tag, - // dockerfile: './Dockerfile.' + file_suffix, - // repo: 'xoxys/freshrss', - // username: { from_secret: 'docker_username' }, - // password: { from_secret: 'docker_password' }, - // build_args: { - // BITWARDEN_VERSION: '${DRONE_TAG%-*}', - // }, - // }, - // when: { - // ref: [ - // 'refs/heads/master', - // 'refs/tags/**', - // ], - // }, - // }, - // { - // name: 'publish-gitea', - // image: 'plugins/gitea-release', - // settings: { - // api_key: { from_secret: 'gitea_token' }, - // base_url: 'https://gitea.rknet.org', - // overwrite: true, - // title: '${DRONE_TAG}', - // note: 'CHANGELOG.md', - // }, - // when: { - // ref: ['refs/tags/**'], - // }, - // }, + { + name: 'dryrun', + image: 'plugins/docker:' + tag, + settings: { + dry_run: true, + dockerfile: './Dockerfile.' + arch, + repo: 'xoxys/freshrss', + username: { from_secret: 'docker_username' }, + password: { from_secret: 'docker_password' }, + }, + }, + { + name: 'publish', + image: 'plugins/docker:' + tag, + settings: { + auto_tag: true, + auto_tag_suffix: arch, + dockerfile: './Dockerfile.' + arch, + repo: 'xoxys/freshrss', + username: { from_secret: 'docker_username' }, + password: { from_secret: 'docker_password' }, + }, + when: { + ref: [ + 'refs/heads/master', + 'refs/tags/**', + ], + }, + }, + { + name: 'publish-gitea', + image: 'plugins/gitea-release', + settings: { + api_key: { from_secret: 'gitea_token' }, + base_url: 'https://gitea.rknet.org', + overwrite: true, + title: '${DRONE_TAG}', + note: 'CHANGELOG.md', + }, + when: { + ref: ['refs/tags/**'], + }, + }, ], }; @@ -165,8 +143,8 @@ local PipelineNotifications(depends_on=[]) = { }; [ - PipelineBuild(os='linux', arch='amd64'), - // PipelineNotifications(depends_on=[ - // 'linux-amd64', - // ]), + PipelineBuild(arch='amd64'), + PipelineNotifications(depends_on=[ + 'linux-amd64', + ]), ] diff --git a/.drone.yml b/.drone.yml index 1cf4655..8d40c65 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,6 +1,6 @@ --- kind: pipeline -name: linux-amd64 +name: build-amd64 platform: os: linux @@ -15,24 +15,124 @@ steps: - "apt-get -qq update && apt-get install -yqq --no-install-recommends libpq-dev " - rustup set profile minimal - curl -sSL https://github.com/dani-garcia/bitwarden_rs/archive/$BITWARDEN_VERSION.tar.gz | tar xz -C source/ --strip-components=1 - - ls -lah source && id - - cargo new --bin app/ && cd app/ - - cp ../source/Cargo.* . - - cp ../source/rust-toolchain . - - cp ../source/build.rs . - - rustup target add x86_64-unknown-linux-musl - - cargo build -j 8 --features $DB --release - - find . -not -path "./target*" -delete - - ls -lah - - cp -rT ../source . - - ls -lah - - touch src/main.rs - - cargo build -j 8 --features $DB --release - - ./target/x86_64-unknown-linux-musl/release/bitwarden_rs --help + - cd source/ && cargo build -j 8 --features $DB --release environment: DB: postgresql DEBIAN_FRONTEND: noninteractive LANG: C.UTF-8 TZ: UTC +- name: dryrun + image: plugins/docker:linux-amd64 + settings: + dockerfile: ./Dockerfile.amd64 + dry_run: true + password: + from_secret: docker_password + repo: xoxys/freshrss + username: + from_secret: docker_username + +- name: publish + image: plugins/docker:linux-amd64 + settings: + auto_tag: true + auto_tag_suffix: amd64 + dockerfile: ./Dockerfile.amd64 + password: + from_secret: docker_password + repo: xoxys/freshrss + username: + from_secret: docker_username + when: + ref: + - refs/heads/master + - refs/tags/** + +- name: publish-gitea + image: plugins/gitea-release + settings: + api_key: + from_secret: gitea_token + base_url: https://gitea.rknet.org + note: CHANGELOG.md + overwrite: true + title: ${DRONE_TAG} + when: + ref: + - refs/tags/** + +--- +kind: pipeline +name: notifications + +platform: + os: linux + arch: amd64 + +steps: +- name: manifest + image: plugins/manifest + settings: + ignore_missing: true + password: + from_secret: docker_password + spec: ./manifest.tmpl + tags: + - ${DRONE_TAG} + - ${DRONE_TAG%-*} + - ${DRONE_TAG%.*} + - ${DRONE_TAG%%.*} + username: + from_secret: docker_username + when: + ref: + - refs/heads/master + - refs/tags/** + +- name: readme + image: sheogorath/readme-to-dockerhub + environment: + DOCKERHUB_PASSWORD: + from_secret: docker_password + DOCKERHUB_REPO_NAME: freshrss + DOCKERHUB_REPO_PREFIX: xoxys + DOCKERHUB_USERNAME: + from_secret: docker_username + README_PATH: README.md + SHORT_DESCRIPTION: Rootless FreshRSS - Self-hosted RSS feed aggregator + when: + ref: + - refs/heads/master + - refs/tags/** + +- name: microbadger + image: plugins/webhook + settings: + urls: + from_secret: microbadger_url + +- name: matrix + image: plugins/matrix + settings: + homeserver: https://matrix.rknet.org + password: + from_secret: matrix_password + roomid: MtidqQXWWAtQcByBhH:rknet.org + template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}" + username: + from_secret: matrix_username + when: + status: + - success + - failure + +trigger: + status: + - success + - failure + +depends_on: +- linux-amd64 + ... diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 new file mode 100644 index 0000000..2dc06bb --- /dev/null +++ b/Dockerfile.amd64 @@ -0,0 +1,38 @@ +FROM alpine:3.11 + +LABEL maintainer="Robert Kaussow " \ + org.label-schema.name="bitwardenrs" \ + org.label-schema.version="1.2" \ + org.label-schema.vendor="Robert Kaussow" \ + org.label-schema.schema-version="1.0" + +ARG VAULT_VERSION=2.12.0b +ARG VAULT_TARBALL=https://github.com/dani-garcia/bw_web_builds/releases/download/v${VAULT_VERSION}/bw_web_v${VAULT_VERSION}.tar.gz + +RUN addgroup -g 101 -S app && \ + adduser -S -D -H -u 101 -h /app -s /sbin/nologin -G app -g app app && \ + apk --update add --virtual .build-deps tar && \ + apk --update add openssl curl postgresql-libs ca-certificates && \ + mkdir -p /app/web-vault && \ + curl -SsL ${VAULT_TARBALL} | tar xz -C /app/web-vault && \ + apk del .build-deps && \ + rm -rf /var/cache/apk/* && \ + rm -rf /tmp/* && \ + chown -R app:app /app + +ADD overlay/ / +ADD source/Rocket.toml /app +ADD source/target/x86_64-unknown-linux-musl/release/bitwarden_rs /app + +VOLUME /data + +EXPOSE 8080 + +USER app + +STOPSIGNAL SIGTERM + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] +HEALTHCHECK --interval=30s --timeout=5s --retries=3 CMD /usr/local/bin/healthcheck.sh +WORKDIR /app +CMD [] diff --git a/README.md b/README.md index e69de29..6e24b29 100644 --- a/README.md +++ b/README.md @@ -0,0 +1 @@ +# bitwarden_rs diff --git a/manifest.tmpl b/manifest.tmpl index cd2c37e..a054d6b 100644 --- a/manifest.tmpl +++ b/manifest.tmpl @@ -1,4 +1,4 @@ -image: xoxys/freshrss:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} +image: xoxys/bitwardenrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} {{#if build.tags}} tags: {{#each build.tags}} @@ -9,7 +9,7 @@ tags: {{/each}} {{/if}} manifests: - - image: xoxys/freshrss:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 + - image: xoxys/bitwardenrs:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 platform: architecture: amd64 os: linux diff --git a/overlay/usr/local/bin/entrypoint.sh b/overlay/usr/local/bin/entrypoint.sh new file mode 100755 index 0000000..7d32a04 --- /dev/null +++ b/overlay/usr/local/bin/entrypoint.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +ROCKET_TLS=disabled ROCKET_ADDRESS=0.0.0.0 ROCKET_PORT=8080 /app/bitwarden_rs diff --git a/overlay/usr/local/bin/healthcheck.sh b/overlay/usr/local/bin/healthcheck.sh new file mode 100644 index 0000000..cec3e7d --- /dev/null +++ b/overlay/usr/local/bin/healthcheck.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env sh + +set -eo pipefail +URL=http://localhost:80 + +wget --quiet --tries=1 --spider ${URL} +[ $? -ne 0 ] && exit 1 + +exit 0