tar · tangled.org/knot-docker@8b517de

tangled.org / knot-docker

fork atom

Community maintained Docker config for the knot server

fork atom

tar

knotbin.com 7 months ago 8b517de8 3e619dfa

+125 -48

1 changed file

expand all

.tangled

workflows

publish.yml

+125 -48

.tangled/workflows/publish.yml

··· 7 7 8 8 dependencies: 9 9 nixpkgs: 10 - - buildah 11 10 - skopeo 12 11 - coreutils 13 12 - gnused 14 13 - gnugrep 15 14 - bash 16 15 - git 16 + - tar 17 + - gzip 18 + - golang 19 + - gcc 20 + - musl-dev 17 21 18 22 steps: 19 23 - name: "Extract version from Dockerfile" ··· 32 36 fi 33 37 echo "export TAG=$TAG" >> ~/.bashrc 34 38 35 - - name: "Build Docker image with buildah" 39 + - name: "Build knot binary and create Docker image manually" 36 40 command: | 37 41 # Source environment 38 42 source ~/.bashrc || true ··· 45 49 exit 1 46 50 fi 47 51 48 - echo "Building image with buildah for TAG: $TAG" 52 + echo "Building knot binary for TAG: $TAG" 49 53 50 - # Suppress buildah user warnings in CI environment 51 - export BUILDAH_ISOLATION=chroot 52 - export XDG_RUNTIME_DIR=/tmp/buildah-runtime 53 - mkdir -p $XDG_RUNTIME_DIR 54 + # Build knot binary 55 + git clone -b $TAG https://tangled.sh/@tangled.sh/core knot-src 56 + cd knot-src 57 + export CGO_ENABLED=1 58 + go build -o ../knot -ldflags "-s -w -extldflags -static" ./cmd/knot 59 + cd .. 60 + rm -rf knot-src 54 61 55 - # Create a new container from alpine 56 - container=$(buildah from alpine:edge) 62 + echo "Creating Docker image archive manually..." 57 63 58 - # Configure the container 59 - buildah config --port 5555 --port 22 $container 60 - buildah config --env KNOT_REPO_SCAN_PATH=/home/git/repositories $container 61 - buildah config --workingdir /app $container 62 - buildah config --entrypoint '["/init"]' $container 64 + # Create image directory structure 65 + mkdir -p docker-image/rootfs 63 66 64 - # Add labels 65 - buildah config --label "org.opencontainers.image.title=knot" $container 66 - buildah config --label "org.opencontainers.image.description=data server for tangled" $container 67 - buildah config --label "org.opencontainers.image.source=https://tangled.sh/@tangled.sh/knot-docker" $container 67 + # Copy knot binary 68 + cp knot docker-image/rootfs/usr/bin/knot 2>/dev/null || { 69 + mkdir -p docker-image/rootfs/usr/bin 70 + cp knot docker-image/rootfs/usr/bin/knot 71 + } 72 + chmod +x docker-image/rootfs/usr/bin/knot 68 73 69 - # Install packages 70 - buildah run $container -- apk add --no-cache shadow s6-overlay execline openssl openssh git curl bash golang gcc musl-dev 74 + # Copy project rootfs if it exists 75 + if [ -d "rootfs" ]; then 76 + cp -r rootfs/* docker-image/rootfs/ 2>/dev/null || true 77 + fi 71 78 72 - # Setup users and directories 73 - buildah run $container -- sh -c 'useradd -d /home/git git && echo "git:$(openssl rand -hex 16)" | chpasswd' 74 - buildah run $container -- mkdir -p /home/git/repositories 75 - buildah run $container -- chown -R git:git /home/git 76 - buildah run $container -- mkdir -p /app 77 - buildah run $container -- chown -R git:git /app 79 + # Create manifest.json 80 + cat > docker-image/manifest.json << EOF 81 + [ 82 + { 83 + "Config": "config.json", 84 + "RepoTags": ["$DOCKER_USERNAME/$DOCKER_REPO:$TAG"], 85 + "Layers": ["layer.tar"] 86 + } 87 + ] 88 + EOF 78 89 79 - # Build knot binary 80 - buildah run $container -- git clone -b $TAG https://tangled.sh/@tangled.sh/core /tmp/knot-src 81 - buildah run $container -- sh -c 'cd /tmp/knot-src && CGO_ENABLED=1 go build -o /usr/bin/knot -ldflags "-s -w -extldflags -static" ./cmd/knot' 82 - buildah run $container -- rm -rf /tmp/knot-src 83 - 84 - # Copy rootfs 85 - if [ -d "rootfs" ]; then 86 - buildah copy $container rootfs/ / 87 - buildah run $container -- chmod 755 /etc 88 - buildah run $container -- sh -c 'chmod -R 755 /etc/s6-overlay 2>/dev/null || true' 89 - fi 90 + # Create config.json 91 + cat > docker-image/config.json << EOF 92 + { 93 + "architecture": "amd64", 94 + "config": { 95 + "Hostname": "", 96 + "Domainname": "", 97 + "User": "", 98 + "AttachStdin": false, 99 + "AttachStdout": false, 100 + "AttachStderr": false, 101 + "ExposedPorts": { 102 + "22/tcp": {}, 103 + "5555/tcp": {} 104 + }, 105 + "Tty": false, 106 + "OpenStdin": false, 107 + "StdinOnce": false, 108 + "Env": [ 109 + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 110 + "KNOT_REPO_SCAN_PATH=/home/git/repositories" 111 + ], 112 + "Cmd": null, 113 + "Image": "", 114 + "Volumes": null, 115 + "WorkingDir": "/app", 116 + "Entrypoint": ["/init"], 117 + "OnBuild": null, 118 + "Labels": { 119 + "org.opencontainers.image.title": "knot", 120 + "org.opencontainers.image.description": "data server for tangled", 121 + "org.opencontainers.image.source": "https://tangled.sh/@tangled.sh/knot-docker" 122 + } 123 + }, 124 + "container_config": { 125 + "Hostname": "", 126 + "Domainname": "", 127 + "User": "", 128 + "AttachStdin": false, 129 + "AttachStdout": false, 130 + "AttachStderr": false, 131 + "ExposedPorts": { 132 + "22/tcp": {}, 133 + "5555/tcp": {} 134 + }, 135 + "Tty": false, 136 + "OpenStdin": false, 137 + "StdinOnce": false, 138 + "Env": [ 139 + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", 140 + "KNOT_REPO_SCAN_PATH=/home/git/repositories" 141 + ], 142 + "Cmd": null, 143 + "Image": "", 144 + "Volumes": null, 145 + "WorkingDir": "/app", 146 + "Entrypoint": ["/init"], 147 + "OnBuild": null, 148 + "Labels": { 149 + "org.opencontainers.image.title": "knot", 150 + "org.opencontainers.image.description": "data server for tangled", 151 + "org.opencontainers.image.source": "https://tangled.sh/@tangled.sh/knot-docker" 152 + } 153 + }, 154 + "created": "$(date -u +%Y-%m-%dT%H:%M:%S.%NZ)", 155 + "docker_version": "manual", 156 + "history": [ 157 + { 158 + "created": "$(date -u +%Y-%m-%dT%H:%M:%S.%NZ)", 159 + "created_by": "manual build" 160 + } 161 + ], 162 + "os": "linux", 163 + "rootfs": { 164 + "type": "layers", 165 + "diff_ids": ["sha256:0000000000000000000000000000000000000000000000000000000000000000"] 166 + } 167 + } 168 + EOF 90 169 91 - # Add healthcheck (as a script since buildah doesn't support healthcheck directly) 92 - buildah run $container -- sh -c 'echo "#!/bin/sh\ncurl -f http://localhost:5555 || exit 1" > /usr/bin/healthcheck && chmod +x /usr/bin/healthcheck' 170 + # Create layer 171 + cd docker-image 172 + tar -czf layer.tar rootfs/ 93 173 94 - # Export directly from container instead of committing to avoid storage issues 95 - echo "Exporting container directly to archives..." 96 - buildah push $container docker-archive:image-$TAG.tar || { 97 - echo "Failed to export $TAG image from container" 98 - exit 1 99 - } 174 + # Create final docker archive 175 + tar -cf ../image-$TAG.tar manifest.json config.json layer.tar 176 + cd .. 100 177 101 - # Create latest archive as copy of tagged archive 178 + # Create latest archive 102 179 cp image-$TAG.tar image-latest.tar 103 180 104 181 # Clean up 105 - buildah rm $container 182 + rm -rf docker-image knot 106 183 107 - echo "Image exported successfully to archives" 184 + echo "Docker image archives created successfully" 108 185 109 186 - name: "Convert buildah image to Docker format and push" 110 187 command: |