From 104d1d15caf28f1fcda88b2fba8fdb442bd5307d Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Sat, 11 Nov 2023 18:50:43 +0000 Subject: [PATCH 1/8] Improve docker caching --- .dockerignore | 4 + .github/labeler.yml | 1 - .github/workflows/files-changed.yml | 1 - .github/workflows/pull-docker-dryrun.yml | 14 ++- .github/workflows/release-nightly.yml | 37 ++------ .github/workflows/release-tag-rc.yml | 5 +- .github/workflows/release-tag-version.yml | 5 +- Dockerfile | 102 ++++++++++++++++------ Dockerfile.rootless | 90 ------------------- 9 files changed, 96 insertions(+), 163 deletions(-) delete mode 100644 Dockerfile.rootless diff --git a/.dockerignore b/.dockerignore index 80cbeb040cf87..55636e790285e 100644 --- a/.dockerignore +++ b/.dockerignore @@ -111,3 +111,7 @@ prime/ # Manpage /man + +Dockerfile +.dockerignore +.github/ diff --git a/.github/labeler.yml b/.github/labeler.yml index 8a5ab26975ea0..99e9d6f0a356c 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -24,7 +24,6 @@ modifies/migrations: modifies/internal: - "Makefile" - "Dockerfile" - - "Dockerfile.rootless" - "docker/**" - "webpack.config.js" - ".eslintrc.yaml" diff --git a/.github/workflows/files-changed.yml b/.github/workflows/files-changed.yml index e7039053af9de..5bf817458b03e 100644 --- a/.github/workflows/files-changed.yml +++ b/.github/workflows/files-changed.yml @@ -78,7 +78,6 @@ jobs: docker: - "Dockerfile" - - "Dockerfile.rootless" - "docker/**" - "Makefile" diff --git a/.github/workflows/pull-docker-dryrun.yml b/.github/workflows/pull-docker-dryrun.yml index f74277de671bf..8fe160b83d353 100644 --- a/.github/workflows/pull-docker-dryrun.yml +++ b/.github/workflows/pull-docker-dryrun.yml @@ -11,7 +11,7 @@ jobs: files-changed: uses: ./.github/workflows/files-changed.yml - regular: + docker: if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true' needs: files-changed runs-on: ubuntu-latest @@ -19,17 +19,13 @@ jobs: - uses: docker/setup-buildx-action@v3 - uses: docker/build-push-action@v5 with: + target: gitea + pull: true push: false tags: gitea/gitea:linux-amd64 - - rootless: - if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true' - needs: files-changed - runs-on: ubuntu-latest - steps: - - uses: docker/setup-buildx-action@v3 - uses: docker/build-push-action@v5 with: + target: gitea-rootless + pull: true push: false - file: Dockerfile.rootless tags: gitea/gitea:linux-amd64 diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index ef1e63df2ffc0..611a84e44e1c5 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -57,7 +57,7 @@ jobs: - name: upload binaries to s3 run: | aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress - nightly-docker-rootful: + nightly-docker: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -91,44 +91,17 @@ jobs: uses: docker/build-push-action@v5 with: context: . + target: gitea platforms: linux/amd64,linux/arm64 + pull: true push: true tags: gitea/gitea:${{ steps.clean_name.outputs.branch }} - nightly-docker-rootless: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # fetch all commits instead of only the last as some branches are long lived and could have many between versions - # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - - run: git fetch --unshallow --quiet --tags --force - - uses: actions/setup-go@v4 - with: - go-version-file: go.mod - check-latest: true - - uses: docker/setup-qemu-action@v3 - - uses: docker/setup-buildx-action@v3 - - name: Get cleaned branch name - id: clean_name - run: | - # if main then say nightly otherwise cleanup name - if [ "${{ github.ref }}" = "refs/heads/main" ]; then - echo "branch=nightly" >> "$GITHUB_OUTPUT" - exit 0 - fi - REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') - echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: fetch go modules - run: make vendor - name: build rootless docker image uses: docker/build-push-action@v5 with: context: . + target: gitea-rootless platforms: linux/amd64,linux/arm64 + pull: true push: true - file: Dockerfile.rootless tags: gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml index 861179d9c8652..5c3376a482359 100644 --- a/.github/workflows/release-tag-rc.yml +++ b/.github/workflows/release-tag-rc.yml @@ -86,7 +86,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + target: gitea platforms: linux/amd64,linux/arm64 + pull: true push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -118,8 +120,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + target: gitea-rootless platforms: linux/amd64,linux/arm64 + pull: true push: true - file: Dockerfile.rootless tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml index c3fce7e2a7c58..d127173047ccd 100644 --- a/.github/workflows/release-tag-version.yml +++ b/.github/workflows/release-tag-version.yml @@ -95,7 +95,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + target: gitea platforms: linux/amd64,linux/arm64 + pull: true push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} @@ -134,8 +136,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + target: gitea-rootless platforms: linux/amd64,linux/arm64 + pull: true push: true - file: Dockerfile.rootless tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 5fe8df91268b8..b4bc3a3dd7675 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,9 +18,19 @@ RUN apk --no-cache add \ && rm -rf /var/cache/apk/* # Setup repo -COPY . ${GOPATH}/src/code.gitea.io/gitea WORKDIR ${GOPATH}/src/code.gitea.io/gitea +COPY ./go.mod . + +RUN go mod download + +COPY package.json . +COPY package-lock.json . + +RUN npm install --no-save --verbose + +COPY . . + # Checkout version if set RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ && make clean-all build @@ -28,49 +38,84 @@ RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ # Begin env-to-ini build RUN go build contrib/environment-to-ini/environment-to-ini.go -# Copy local files -COPY docker/root /tmp/local - -# Set permissions -RUN chmod 755 /tmp/local/usr/bin/entrypoint \ - /tmp/local/usr/local/bin/gitea \ - /tmp/local/etc/s6/gitea/* \ - /tmp/local/etc/s6/openssh/* \ - /tmp/local/etc/s6/.s6-svscan/* \ - /go/src/code.gitea.io/gitea/gitea \ - /go/src/code.gitea.io/gitea/environment-to-ini -RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete - -FROM docker.io/library/alpine:3.18 +FROM docker.io/library/alpine:3.18 AS gitea-base LABEL maintainer="maintainers@gitea.io" -EXPOSE 22 3000 - RUN apk --no-cache add \ bash \ ca-certificates \ - curl \ gettext \ git \ + curl \ + gnupg \ + && rm -rf /var/cache/apk/* + +RUN addgroup -S -g 1000 git + +FROM gitea-base AS gitea-rootless +LABEL maintainer="maintainers@gitea.io" + +EXPOSE 2222 3000 + +RUN apk --no-cache add \ + dumb-init \ + && rm -rf /var/cache/apk/* + +RUN adduser \ + -S -H -D \ + -h /var/lib/gitea/git \ + -s /bin/bash \ + -u 1000 \ + -G git \ + git + +RUN mkdir -p /var/lib/gitea /etc/gitea +RUN chown git:git /var/lib/gitea /etc/gitea + +# Copy local files +COPY --chmod=755 docker/rootless /tmp/local + +COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea +COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini +COPY --from=build-env --chmod=644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh + +# git:git +USER 1000:1000 +ENV GITEA_WORK_DIR /var/lib/gitea +ENV GITEA_CUSTOM /var/lib/gitea/custom +ENV GITEA_TEMP /tmp/gitea +ENV TMPDIR /tmp/gitea + +# TODO add to docs the ability to define the ini to load (useful to test and revert a config) +ENV GITEA_APP_INI /etc/gitea/app.ini +ENV HOME "/var/lib/gitea/git" +VOLUME ["/var/lib/gitea", "/etc/gitea"] +WORKDIR /var/lib/gitea + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] +CMD [] + +FROM gitea-base AS gitea +LABEL maintainer="maintainers@gitea.io" + +EXPOSE 22 3000 + +RUN apk --no-cache add \ linux-pam \ openssh \ s6 \ sqlite \ su-exec \ - gnupg \ && rm -rf /var/cache/apk/* -RUN addgroup \ - -S -g 1000 \ - git && \ - adduser \ +RUN adduser \ -S -H -D \ -h /data/git \ -s /bin/bash \ -u 1000 \ -G git \ git && \ - echo "git:*" | chpasswd -e + echo "git:*" | chpasswd -e ENV USER git ENV GITEA_CUSTOM /data/gitea @@ -80,7 +125,8 @@ VOLUME ["/data"] ENTRYPOINT ["/usr/bin/entrypoint"] CMD ["/bin/s6-svscan", "/etc/s6"] -COPY --from=build-env /tmp/local / -COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea -COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini -COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh +COPY --chmod=755 docker/root /tmp/local + +COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea +COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini +COPY --from=build-env --chmod=644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh diff --git a/Dockerfile.rootless b/Dockerfile.rootless deleted file mode 100644 index 5ea4d2fc75190..0000000000000 --- a/Dockerfile.rootless +++ /dev/null @@ -1,90 +0,0 @@ -# Build stage -FROM docker.io/library/golang:1.21-alpine3.18 AS build-env - -ARG GOPROXY -ENV GOPROXY ${GOPROXY:-direct} - -ARG GITEA_VERSION -ARG TAGS="sqlite sqlite_unlock_notify" -ENV TAGS "bindata timetzdata $TAGS" -ARG CGO_EXTRA_CFLAGS - -#Build deps -RUN apk --no-cache add \ - build-base \ - git \ - nodejs \ - npm \ - && rm -rf /var/cache/apk/* - -# Setup repo -COPY . ${GOPATH}/src/code.gitea.io/gitea -WORKDIR ${GOPATH}/src/code.gitea.io/gitea - -# Checkout version if set -RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ - && make clean-all build - -# Begin env-to-ini build -RUN go build contrib/environment-to-ini/environment-to-ini.go - -# Copy local files -COPY docker/rootless /tmp/local - -# Set permissions -RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \ - /tmp/local/usr/local/bin/docker-setup.sh \ - /tmp/local/usr/local/bin/gitea \ - /go/src/code.gitea.io/gitea/gitea \ - /go/src/code.gitea.io/gitea/environment-to-ini -RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete - -FROM docker.io/library/alpine:3.18 -LABEL maintainer="maintainers@gitea.io" - -EXPOSE 2222 3000 - -RUN apk --no-cache add \ - bash \ - ca-certificates \ - dumb-init \ - gettext \ - git \ - curl \ - gnupg \ - && rm -rf /var/cache/apk/* - -RUN addgroup \ - -S -g 1000 \ - git && \ - adduser \ - -S -H -D \ - -h /var/lib/gitea/git \ - -s /bin/bash \ - -u 1000 \ - -G git \ - git - -RUN mkdir -p /var/lib/gitea /etc/gitea -RUN chown git:git /var/lib/gitea /etc/gitea - -COPY --from=build-env /tmp/local / -COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea -COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini -COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh - -# git:git -USER 1000:1000 -ENV GITEA_WORK_DIR /var/lib/gitea -ENV GITEA_CUSTOM /var/lib/gitea/custom -ENV GITEA_TEMP /tmp/gitea -ENV TMPDIR /tmp/gitea - -# TODO add to docs the ability to define the ini to load (useful to test and revert a config) -ENV GITEA_APP_INI /etc/gitea/app.ini -ENV HOME "/var/lib/gitea/git" -VOLUME ["/var/lib/gitea", "/etc/gitea"] -WORKDIR /var/lib/gitea - -ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] -CMD [] From ee6a977f549038e69fff72de735eb7740bc1ef11 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Sat, 11 Nov 2023 19:25:10 +0000 Subject: [PATCH 2/8] Undo format change --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b4bc3a3dd7675..71e8f0d9f1ead 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,7 +48,7 @@ RUN apk --no-cache add \ git \ curl \ gnupg \ - && rm -rf /var/cache/apk/* + && rm -rf /var/cache/apk/* RUN addgroup -S -g 1000 git From 1d42402b494e4ee6293d7487e7c3c11cd2c0a6b9 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Sun, 12 Nov 2023 11:35:46 +0000 Subject: [PATCH 3/8] Use Makefile and go.sum --- Dockerfile | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 71e8f0d9f1ead..44442d3c07efc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,14 +20,19 @@ RUN apk --no-cache add \ # Setup repo WORKDIR ${GOPATH}/src/code.gitea.io/gitea -COPY ./go.mod . +COPY Makefile . -RUN go mod download +# Download Golang Modules +COPY go.mod . +COPY go.sum . +RUN make deps-backend + +# Download NPM Packages COPY package.json . COPY package-lock.json . -RUN npm install --no-save --verbose +RUN make deps-frontend COPY . . From 52b039bb0bcb762f84de528d144d19a71b7c8fb7 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Sun, 12 Nov 2023 14:43:10 +0000 Subject: [PATCH 4/8] Fix root directory --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 44442d3c07efc..7106ad9dedb51 100644 --- a/Dockerfile +++ b/Dockerfile @@ -78,7 +78,7 @@ RUN mkdir -p /var/lib/gitea /etc/gitea RUN chown git:git /var/lib/gitea /etc/gitea # Copy local files -COPY --chmod=755 docker/rootless /tmp/local +COPY --chmod=755 docker/rootless / COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini @@ -130,7 +130,7 @@ VOLUME ["/data"] ENTRYPOINT ["/usr/bin/entrypoint"] CMD ["/bin/s6-svscan", "/etc/s6"] -COPY --chmod=755 docker/root /tmp/local +COPY --chmod=755 docker/root / COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini From b8a3fe7d01f319181c2554aeff1a5b4439fb6ab9 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Mon, 13 Nov 2023 20:25:52 +0000 Subject: [PATCH 5/8] Split frontend and backend build --- Dockerfile | 85 ++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 64 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7106ad9dedb51..018ab3804b9ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,40 @@ # Build stage -FROM docker.io/library/golang:1.21-alpine3.18 AS build-env +FROM docker.io/library/node:20-alpine3.18 AS build-frontend + +ARG GITEA_VERSION + +# Build deps +RUN apk --no-cache add \ + build-base \ + git \ + && rm -rf /var/cache/apk/* + +# Setup repo +WORKDIR /usr/src/code.gitea.io/gitea + +COPY Makefile . + +# Download NPM Packages +COPY package.json . +COPY package-lock.json . + +RUN make deps-frontend + +# Copy source files +COPY ./webpack.config.js . +COPY ./assets ./assets +COPY ./public ./public +COPY ./web_src ./web_src + +# Checkout version if set +COPY ./.git ./.git +RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi + +# Build frontend +RUN make clean-all frontend + +# Build stage +FROM docker.io/library/golang:1.21-alpine3.18 AS build-backend ARG GOPROXY ENV GOPROXY ${GOPROXY:-direct} @@ -13,8 +48,6 @@ ARG CGO_EXTRA_CFLAGS RUN apk --no-cache add \ build-base \ git \ - nodejs \ - npm \ && rm -rf /var/cache/apk/* # Setup repo @@ -28,19 +61,35 @@ COPY go.sum . RUN make deps-backend -# Download NPM Packages -COPY package.json . -COPY package-lock.json . +# Copy source files +COPY ./build ./build +COPY ./cmd ./cmd +COPY ./models ./models +COPY ./modules ./modules +COPY ./options ./options +COPY ./routers ./routers +COPY ./services ./services +COPY ./templates ./templates +COPY ./build.go . +COPY ./main.go . -RUN make deps-frontend +# Checkout version if set +COPY ./.git ./.git +RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi -COPY . . +# Clean directory +RUN make clean-all -# Checkout version if set -RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \ - && make clean-all build +# Copy frontend build artifacts +COPY --from=build-frontend /usr/src/code.gitea.io/gitea/public ./public + +# Build backend +RUN make backend # Begin env-to-ini build +COPY contrib/environment-to-ini/environment-to-ini.go contrib/environment-to-ini/environment-to-ini.go +COPY ./custom ./custom + RUN go build contrib/environment-to-ini/environment-to-ini.go FROM docker.io/library/alpine:3.18 AS gitea-base @@ -57,8 +106,11 @@ RUN apk --no-cache add \ RUN addgroup -S -g 1000 git +COPY --chmod=644 ./contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh +COPY --chmod=755 --from=build-backend /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea +COPY --chmod=755 --from=build-backend /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini + FROM gitea-base AS gitea-rootless -LABEL maintainer="maintainers@gitea.io" EXPOSE 2222 3000 @@ -80,10 +132,6 @@ RUN chown git:git /var/lib/gitea /etc/gitea # Copy local files COPY --chmod=755 docker/rootless / -COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea -COPY --from=build-env --chmod=755 --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini -COPY --from=build-env --chmod=644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh - # git:git USER 1000:1000 ENV GITEA_WORK_DIR /var/lib/gitea @@ -101,7 +149,6 @@ ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] CMD [] FROM gitea-base AS gitea -LABEL maintainer="maintainers@gitea.io" EXPOSE 22 3000 @@ -131,7 +178,3 @@ ENTRYPOINT ["/usr/bin/entrypoint"] CMD ["/bin/s6-svscan", "/etc/s6"] COPY --chmod=755 docker/root / - -COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea -COPY --from=build-env --chmod=755 /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini -COPY --from=build-env --chmod=644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh From 1f063407123c9b0371df1a8154b6a24eb80ca6ce Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Wed, 15 Nov 2023 23:51:47 +0000 Subject: [PATCH 6/8] Forward github action variables to Dockerfile --- .github/workflows/release-nightly.yml | 16 ++++--- .github/workflows/release-tag-rc.yml | 53 +++++++++------------- .github/workflows/release-tag-version.yml | 54 +++++++++-------------- Dockerfile | 33 +++++++------- Makefile | 8 +++- 5 files changed, 75 insertions(+), 89 deletions(-) diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index 611a84e44e1c5..52fc8e0be3fb7 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -64,10 +64,6 @@ jobs: # fetch all commits instead of only the last as some branches are long lived and could have many between versions # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - run: git fetch --unshallow --quiet --tags --force - - uses: actions/setup-go@v4 - with: - go-version-file: go.mod - check-latest: true - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Get cleaned branch name @@ -80,18 +76,22 @@ jobs: fi REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" + - name: Get nightly version + run: echo "NIGHTLY_VERSION=$(git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" >> $GITHUB_ENV - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: fetch go modules - run: make vendor - name: build rootful docker image uses: docker/build-push-action@v5 with: context: . target: gitea + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + - DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} platforms: linux/amd64,linux/arm64 pull: true push: true @@ -101,6 +101,10 @@ jobs: with: context: . target: gitea-rootless + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + - DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} platforms: linux/amd64,linux/arm64 pull: true push: true diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml index 5c3376a482359..15d0583104f61 100644 --- a/.github/workflows/release-tag-rc.yml +++ b/.github/workflows/release-tag-rc.yml @@ -61,48 +61,21 @@ jobs: gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/* env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} - docker-rootful: + docker: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - # fetch all commits instead of only the last as some branches are long lived and could have many between versions - # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - - run: git fetch --unshallow --quiet --tags --force - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - uses: docker/metadata-action@v5 - id: meta + id: meta-rootful with: images: gitea/gitea # 1.2.3-rc0 tags: | type=semver,pattern={{version}} - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: build rootful docker image - uses: docker/build-push-action@v5 - with: - context: . - target: gitea - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - docker-rootless: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # fetch all commits instead of only the last as some branches are long lived and could have many between versions - # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - - run: git fetch --unshallow --quiet --tags --force - - uses: docker/setup-qemu-action@v3 - - uses: docker/setup-buildx-action@v3 - uses: docker/metadata-action@v5 - id: meta + id: meta-rootless with: images: gitea/gitea # each tag below will have the suffix of -rootless @@ -116,13 +89,29 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: build rootful docker image + uses: docker/build-push-action@v5 + with: + context: . + target: gitea + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: ${{ steps.meta-rootful.outputs.tags }} + labels: ${{ steps.meta-rootful.outputs.labels }} - name: build rootless docker image uses: docker/build-push-action@v5 with: context: . target: gitea-rootless + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + tags: ${{ steps.meta-rootless.outputs.tags }} + labels: ${{ steps.meta-rootless.outputs.labels }} diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml index d127173047ccd..aeb0fb54a0bfc 100644 --- a/.github/workflows/release-tag-version.yml +++ b/.github/workflows/release-tag-version.yml @@ -63,17 +63,13 @@ jobs: gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/* env: GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }} - docker-rootful: + docker: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - # fetch all commits instead of only the last as some branches are long lived and could have many between versions - # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - - run: git fetch --unshallow --quiet --tags --force - - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - uses: docker/metadata-action@v5 - id: meta + id: meta-rootful with: images: gitea/gitea # this will generate tags in the following format: @@ -86,32 +82,8 @@ jobs: type=semver,pattern={{major}} type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{version}} - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: build rootful docker image - uses: docker/build-push-action@v5 - with: - context: . - target: gitea - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - docker-rootless: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # fetch all commits instead of only the last as some branches are long lived and could have many between versions - # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567 - - run: git fetch --unshallow --quiet --tags --force - - uses: docker/setup-qemu-action@v3 - - uses: docker/setup-buildx-action@v3 - uses: docker/metadata-action@v5 - id: meta + id: meta-rootless with: images: gitea/gitea # each tag below will have the suffix of -rootless @@ -132,13 +104,29 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: build rootful docker image + uses: docker/build-push-action@v5 + with: + context: . + target: gitea + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: ${{ steps.meta-rootful.outputs.tags }} + labels: ${{ steps.meta-rootful.outputs.labels }} - name: build rootless docker image uses: docker/build-push-action@v5 with: context: . target: gitea-rootless + build-args: + - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + tags: ${{ steps.meta-rootless.outputs.tags }} + labels: ${{ steps.meta-rootless.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 018ab3804b9ed..3dcb6f0dffb7f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,8 @@ # Build stage FROM docker.io/library/node:20-alpine3.18 AS build-frontend -ARG GITEA_VERSION - # Build deps -RUN apk --no-cache add \ - build-base \ - git \ +RUN apk --no-cache add build-base git \ && rm -rf /var/cache/apk/* # Setup repo @@ -26,9 +22,13 @@ COPY ./assets ./assets COPY ./public ./public COPY ./web_src ./web_src -# Checkout version if set -COPY ./.git ./.git -RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi +ARG GITHUB_REF_NAME +ARG GITHUB_REF_TYPE +ARG DOCKER_GITEA_VERSION + +ENV GITHUB_REF_NAME=${GITHUB_REF_NAME:-docker-develop} +ENV GITHUB_REF_TYPE=${GITHUB_REF_TYPE:-branch} +ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION} # Build frontend RUN make clean-all frontend @@ -39,15 +39,12 @@ FROM docker.io/library/golang:1.21-alpine3.18 AS build-backend ARG GOPROXY ENV GOPROXY ${GOPROXY:-direct} -ARG GITEA_VERSION ARG TAGS="sqlite sqlite_unlock_notify" ENV TAGS "bindata timetzdata $TAGS" ARG CGO_EXTRA_CFLAGS # Build deps -RUN apk --no-cache add \ - build-base \ - git \ +RUN apk --no-cache add build-base git \ && rm -rf /var/cache/apk/* # Setup repo @@ -73,16 +70,20 @@ COPY ./templates ./templates COPY ./build.go . COPY ./main.go . -# Checkout version if set -COPY ./.git ./.git -RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi - # Clean directory RUN make clean-all # Copy frontend build artifacts COPY --from=build-frontend /usr/src/code.gitea.io/gitea/public ./public +ARG GITHUB_REF_NAME +ARG GITHUB_REF_TYPE +ARG DOCKER_GITEA_VERSION + +ENV GITHUB_REF_NAME=${GITHUB_REF_NAME:-docker-develop} +ENV GITHUB_REF_TYPE=${GITHUB_REF_TYPE:-branch} +ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION-${GITHUB_REF_NAME}} + # Build backend RUN make backend diff --git a/Makefile b/Makefile index 068dda5f52b17..24d59798e2a7b 100644 --- a/Makefile +++ b/Makefile @@ -96,6 +96,10 @@ else VERSION ?= main endif + ifneq ($(DOCKER_GITEA_VERSION),) + GITEA_VERSION ?= $(DOCKER_GITEA_VERSION) + endif + STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null) ifneq ($(STORED_VERSION),) GITEA_VERSION ?= $(STORED_VERSION) @@ -975,8 +979,8 @@ generate-manpage: .PHONY: docker docker: - docker build --disable-content-trust=false -t $(DOCKER_REF) . -# support also build args docker build --build-arg GITEA_VERSION=v1.2.3 --build-arg TAGS="bindata sqlite sqlite_unlock_notify" . + docker build --disable-content-trust=false -t $(DOCKER_REF) --taget gitea . +# support also build args docker build --build-arg TAGS="bindata sqlite sqlite_unlock_notify" --target gitea . # This endif closes the if at the top of the file endif From 16d5668156d1946deabfb04c76603a1176abd5e9 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Thu, 16 Nov 2023 00:07:18 +0000 Subject: [PATCH 7/8] Fix lint --- .github/workflows/release-nightly.yml | 20 +++++++++++--------- .github/workflows/release-tag-rc.yml | 12 ++++++------ .github/workflows/release-tag-version.yml | 12 ++++++------ 3 files changed, 23 insertions(+), 21 deletions(-) diff --git a/.github/workflows/release-nightly.yml b/.github/workflows/release-nightly.yml index 52fc8e0be3fb7..8cae8e630e212 100644 --- a/.github/workflows/release-nightly.yml +++ b/.github/workflows/release-nightly.yml @@ -77,7 +77,9 @@ jobs: REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//') echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT" - name: Get nightly version - run: echo "NIGHTLY_VERSION=$(git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" >> $GITHUB_ENV + run: | + NIGHTLY_VERSION="$(git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" + echo "NIGHTLY_VERSION=${NIGHTLY_VERSION}" >> "${GITHUB_ENV}" - name: Login to Docker Hub uses: docker/login-action@v3 with: @@ -88,10 +90,10 @@ jobs: with: context: . target: gitea - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} - - DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} platforms: linux/amd64,linux/arm64 pull: true push: true @@ -101,10 +103,10 @@ jobs: with: context: . target: gitea-rootless - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} - - DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + DOCKER_GITEA_VERSION=${{ env.NIGHTLY_VERSION }} platforms: linux/amd64,linux/arm64 pull: true push: true diff --git a/.github/workflows/release-tag-rc.yml b/.github/workflows/release-tag-rc.yml index 15d0583104f61..65a44d8dde326 100644 --- a/.github/workflows/release-tag-rc.yml +++ b/.github/workflows/release-tag-rc.yml @@ -94,9 +94,9 @@ jobs: with: context: . target: gitea - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true @@ -107,9 +107,9 @@ jobs: with: context: . target: gitea-rootless - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true diff --git a/.github/workflows/release-tag-version.yml b/.github/workflows/release-tag-version.yml index aeb0fb54a0bfc..94dffed29efd1 100644 --- a/.github/workflows/release-tag-version.yml +++ b/.github/workflows/release-tag-version.yml @@ -109,9 +109,9 @@ jobs: with: context: . target: gitea - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true @@ -122,9 +122,9 @@ jobs: with: context: . target: gitea-rootless - build-args: - - GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} - - GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} + build-args: | + GITHUB_REF_NAME=${{ env.GITHUB_REF_NAME }} + GITHUB_REF_TYPE=${{ env.GITHUB_REF_TYPE }} platforms: linux/amd64,linux/arm64 pull: true push: true From ab472b74fdfea93e357dcf168d8a47442a4b6d47 Mon Sep 17 00:00:00 2001 From: Max Stanley Date: Thu, 16 Nov 2023 20:10:56 +0000 Subject: [PATCH 8/8] Fix Dockerfile --- Dockerfile | 62 +++++++++++++++++++++++++++--------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3dcb6f0dffb7f..ad1d84828a03e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM docker.io/library/node:20-alpine3.18 AS build-frontend # Build deps RUN apk --no-cache add build-base git \ - && rm -rf /var/cache/apk/* + && rm -rf /var/cache/apk/* # Setup repo WORKDIR /usr/src/code.gitea.io/gitea @@ -28,7 +28,7 @@ ARG DOCKER_GITEA_VERSION ENV GITHUB_REF_NAME=${GITHUB_REF_NAME:-docker-develop} ENV GITHUB_REF_TYPE=${GITHUB_REF_TYPE:-branch} -ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION} +ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION:-${GITHUB_REF_NAME}} # Build frontend RUN make clean-all frontend @@ -45,7 +45,7 @@ ARG CGO_EXTRA_CFLAGS # Build deps RUN apk --no-cache add build-base git \ - && rm -rf /var/cache/apk/* + && rm -rf /var/cache/apk/* # Setup repo WORKDIR ${GOPATH}/src/code.gitea.io/gitea @@ -82,7 +82,7 @@ ARG DOCKER_GITEA_VERSION ENV GITHUB_REF_NAME=${GITHUB_REF_NAME:-docker-develop} ENV GITHUB_REF_TYPE=${GITHUB_REF_TYPE:-branch} -ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION-${GITHUB_REF_NAME}} +ENV DOCKER_GITEA_VERSION=${DOCKER_GITEA_VERSION:-${GITHUB_REF_NAME}} # Build backend RUN make backend @@ -97,12 +97,12 @@ FROM docker.io/library/alpine:3.18 AS gitea-base LABEL maintainer="maintainers@gitea.io" RUN apk --no-cache add \ - bash \ - ca-certificates \ - gettext \ - git \ - curl \ - gnupg \ + bash \ + ca-certificates \ + gettext \ + git \ + curl \ + gnupg \ && rm -rf /var/cache/apk/* RUN addgroup -S -g 1000 git @@ -116,16 +116,16 @@ FROM gitea-base AS gitea-rootless EXPOSE 2222 3000 RUN apk --no-cache add \ - dumb-init \ - && rm -rf /var/cache/apk/* + dumb-init \ + && rm -rf /var/cache/apk/* RUN adduser \ - -S -H -D \ - -h /var/lib/gitea/git \ - -s /bin/bash \ - -u 1000 \ - -G git \ - git + -S -H -D \ + -h /var/lib/gitea/git \ + -s /bin/bash \ + -u 1000 \ + -G git \ + git RUN mkdir -p /var/lib/gitea /etc/gitea RUN chown git:git /var/lib/gitea /etc/gitea @@ -154,21 +154,21 @@ FROM gitea-base AS gitea EXPOSE 22 3000 RUN apk --no-cache add \ - linux-pam \ - openssh \ - s6 \ - sqlite \ - su-exec \ - && rm -rf /var/cache/apk/* + linux-pam \ + openssh \ + s6 \ + sqlite \ + su-exec \ + && rm -rf /var/cache/apk/* RUN adduser \ - -S -H -D \ - -h /data/git \ - -s /bin/bash \ - -u 1000 \ - -G git \ - git && \ - echo "git:*" | chpasswd -e + -S -H -D \ + -h /data/git \ + -s /bin/bash \ + -u 1000 \ + -G git \ + git && \ + echo "git:*" | chpasswd -e ENV USER git ENV GITEA_CUSTOM /data/gitea