Add an automated Docker Image Build Pipeline (#385)
* Chore/dockerfile GitHub action (#1) * chore: initial Dockerfile * chore: docker hub actions Co-authored-by: Hugh Hoang <hugh.hoang@onfinality.io> * chore: update docs (#2) * chore: initial Dockerfile * chore: docker hub actions * Additional docs * Update Dockerfile * chore: remove deprecate `::set-output` * fix: typo Co-authored-by: Hugh Hoang <hugh.hoang@onfinality.io> Co-authored-by: hugh-onf <105209853+hugh-onf@users.noreply.github.com> * chore: remove redundant action * chore: update actions version (#3) * chore: using latest version of the actions * chore: not triggering on PRs * Remove auto build * Create check.yml * Add environment variable * Update rev to v Co-authored-by: Hugh Hoang <hugh.hoang@onfinality.io> Co-authored-by: hugh-onf <105209853+hugh-onf@users.noreply.github.com>main
parent
378a3e5ae4
commit
9bbc80c70c
|
@ -0,0 +1,5 @@
|
||||||
|
.devcontainer
|
||||||
|
.github
|
||||||
|
.vscode
|
||||||
|
scripts
|
||||||
|
target
|
|
@ -0,0 +1,53 @@
|
||||||
|
# This is an example GitHub action that will build and publish a Docker image to DockerHub
|
||||||
|
# You need to add the following secrets to your GitHub Repository or Organization to make this work
|
||||||
|
# - DOCKER_USERNAME: The username of the DockerHub account. E.g. parity
|
||||||
|
# - DOCKER_TOKEN: Access token for DockerHub, see https://docs.docker.com/docker-hub/access-tokens/. E.g. VVVVVVVV-WWWW-XXXXXX-YYYY-ZZZZZZZZZ
|
||||||
|
# The following are setup as an environment variable below
|
||||||
|
# - DOCKER_REPO: The unique name of the DockerHub repository. E.g. parity/polkadot
|
||||||
|
|
||||||
|
name: Build & Publish Docker Image
|
||||||
|
|
||||||
|
# Controls when the action will run.
|
||||||
|
on:
|
||||||
|
# Triggers the workflow on push events but only for the main branch
|
||||||
|
# push:
|
||||||
|
# branches: [ main ]
|
||||||
|
|
||||||
|
# Allows you to run this workflow manually from the Actions tab
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
# Set an environment variable (that can be overriden) for the Docker Repo
|
||||||
|
env:
|
||||||
|
DOCKER_REPO: parity/polkadot
|
||||||
|
|
||||||
|
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
# The type of runner that the job will run on
|
||||||
|
runs-on: ubuntu-20.04
|
||||||
|
|
||||||
|
# Steps represent a sequence of tasks that will be executed as part of the job
|
||||||
|
steps:
|
||||||
|
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
||||||
|
- name: Check out the repo
|
||||||
|
uses: actions/checkout@v2.5.0
|
||||||
|
|
||||||
|
# Login to Docker hub using the credentials stored in the repository secrets
|
||||||
|
- name: Log in to Docker Hub
|
||||||
|
uses: docker/login-action@v2.1.0
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.DOCKER_USERNAME }}
|
||||||
|
password: ${{ secrets.DOCKER_TOKEN }}
|
||||||
|
|
||||||
|
# Get the commit short hash, to use as the rev
|
||||||
|
- name: Calculate rev hash
|
||||||
|
id: rev
|
||||||
|
run: echo "value=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
# Build and push 2 images, One with the version tag and the other with latest tag
|
||||||
|
- name: Build and push Docker images
|
||||||
|
uses: docker/build-push-action@v3.2.0
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
push: true
|
||||||
|
tags: ${{ env.DOCKER_REPO }}:v${{ steps.rev.outputs.value }}, ${{ secrets.DOCKER_REPO }}:latest
|
|
@ -0,0 +1,37 @@
|
||||||
|
# This is an example build stage for the node template. Here we create the binary in a temporary image.
|
||||||
|
|
||||||
|
# This is a base image to build substrate nodes
|
||||||
|
FROM docker.io/paritytech/ci-linux:production as builder
|
||||||
|
|
||||||
|
WORKDIR /node-template
|
||||||
|
COPY . .
|
||||||
|
RUN cargo build --locked --release
|
||||||
|
|
||||||
|
# This is the 2nd stage: a very small image where we copy the binary."
|
||||||
|
FROM docker.io/library/ubuntu:20.04
|
||||||
|
LABEL description="Multistage Docker image for Substrate Node Template" \
|
||||||
|
image.type="builder" \
|
||||||
|
image.authors="you@email.com" \
|
||||||
|
image.vendor="Substrate Developer Hub" \
|
||||||
|
image.description="Multistage Docker image for Substrate Node Template" \
|
||||||
|
image.source="https://github.com/substrate-developer-hub/substrate-node-template" \
|
||||||
|
image.documentation="https://github.com/substrate-developer-hub/substrate-node-template"
|
||||||
|
|
||||||
|
# Copy the node binary.
|
||||||
|
COPY --from=builder /node-template/target/release/node-template /usr/local/bin
|
||||||
|
|
||||||
|
RUN useradd -m -u 1000 -U -s /bin/sh -d /node-dev node-dev && \
|
||||||
|
mkdir -p /chain-data /node-dev/.local/share && \
|
||||||
|
chown -R node-dev:node-dev /chain-data && \
|
||||||
|
ln -s /chain-data /node-dev/.local/share/node-template && \
|
||||||
|
# unclutter and minimize the attack surface
|
||||||
|
rm -rf /usr/bin /usr/sbin && \
|
||||||
|
# check if executable works in this container
|
||||||
|
/usr/local/bin/node-template --version
|
||||||
|
|
||||||
|
USER node-dev
|
||||||
|
|
||||||
|
EXPOSE 30333 9933 9944 9615
|
||||||
|
VOLUME ["/chain-data"]
|
||||||
|
|
||||||
|
ENTRYPOINT ["/usr/local/bin/node-template"]
|
Loading…
Reference in New Issue