From 3544a8affd118b044ec67fdc751be9ebe691315f Mon Sep 17 00:00:00 2001 From: Chalito Date: Tue, 5 Dec 2023 14:51:30 -0300 Subject: [PATCH] Generate docker image on release and push to registry --- .github/workflows/build-push-docker.yml | 64 +++++++++++++++++++++++++ Dockerfile | 37 ++++++++++++++ 2 files changed, 101 insertions(+) create mode 100644 .github/workflows/build-push-docker.yml create mode 100644 Dockerfile diff --git a/.github/workflows/build-push-docker.yml b/.github/workflows/build-push-docker.yml new file mode 100644 index 000000000..e975ab9c2 --- /dev/null +++ b/.github/workflows/build-push-docker.yml @@ -0,0 +1,64 @@ +name: Docker Image Build and Push +on: + push: + tags: + - '*' + +env: + GHCR_REPO: "ghcr.io/rsksmart/powpeg-node" + DOCKERHUB_REPO: "rsksmart/powpeg-node" + +jobs: + build: + runs-on: ubuntu-22.04 + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set version + id: vars + run: echo ::set-output name=tag::${GITHUB_REF#refs/*/} + + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.DOCKERHUB_REPO }} + ${{ env.GHCR_REPO }} + tags: | + type=ref,event=tag + type=edge + # This is used for generating IRIS-3 out of IRIS-3.x.y. + type=match,pattern=(\w+-\d+)\.\d+\.\d+.*,group=1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + driver: docker + + - name: Build Docker Image + uses: docker/build-push-action@v5 + with: + context: . + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + build-args: RSK_RELEASE=${{ steps.vars.outputs.tag }} + + - name: DockerHub login + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: GitHub container registry login + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push Images + run: | + docker push ${{ env.DOCKERHUB_REPO }} + docker push ${{ env.GHCR_REPO }} diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..495a884d1 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,37 @@ +FROM openjdk:8-jdk-slim-buster AS build + +ARG RSK_RELEASE +ENV RSK_VERSION $RSK_RELEASE +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update -y && \ + apt-get install -y git curl gnupg + +RUN useradd -ms /bin/bash rsk +USER rsk + +WORKDIR /home/rsk +COPY --chown=rsk:rsk . ./ + +RUN gpg --keyserver https://secchannel.rsk.co/SUPPORT.asc --recv-keys 1DC9157991323D23FD37BAA7A6DBEAC640C5A14B && \ + gpg --verify --output SHA256SUMS SHA256SUMS.asc && \ + sha256sum --check SHA256SUMS && \ + ./configure.sh && \ + ./gradlew --no-daemon clean build -x test && \ + cp "build/libs/federate-node-$RSK_VERSION-all.jar" rsk.jar + +FROM openjdk:8-jre-slim-buster +LABEL org.opencontainers.image.authors="ops@rootstocklabs.com" + +RUN useradd -ms /sbin/nologin -d /var/lib/rsk rsk +USER rsk + +WORKDIR /var/lib/rsk +COPY --from=build --chown=rsk:rsk /home/rsk/rsk.jar ./ + +ENV DEFAULT_JVM_OPTS="-Xss4M" +ENV RSKJ_SYS_PROPS="-Dlogback.configurationFile='/etc/rsk/logback.xml' -Drsk.conf.file=/etc/rsk/node.conf" +ENV RSKJ_CLASS=co.rsk.federate.FederateRunner +ENV RSKJ_OPTS="" + +ENTRYPOINT ["/bin/sh", "-c", "exec java $DEFAULT_JVM_OPTS $RSKJ_SYS_PROPS -cp rsk.jar $RSKJ_CLASS $RSKJ_OPTS \"${@}\"", "--"]