Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

COPY static release build artifacts into alpine Docker - DO NOT MERGE #3877

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .dockerignore
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
# These are directories created by the make process
bin
build
release

ci
docs
Expand Down
27 changes: 24 additions & 3 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ env:
GO_VER: 1.18.7
ALPINE_VER: 3.16
FABRIC_VER: ${{ github.ref_name }}
DOCKER_REGISTRY: docker.io # or ghcr.io
DOCKER_REGISTRY: ${{ github.repository_owner == 'hyperledger' && 'docker.io' || 'ghcr.io' }}

permissions:
contents: read
Expand Down Expand Up @@ -64,6 +64,9 @@ jobs:
name: Build and Push
runs-on: ubuntu-20.04

needs:
- build-binaries

permissions:
contents: read
packages: write
Expand Down Expand Up @@ -101,8 +104,8 @@ jobs:
uses: docker/login-action@v2
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ contains(env.DOCKER_REGISTRY, 'docker.io') && secrets.DOCKERHUB_USERNAME || github.actor }}
password: ${{ contains(env.DOCKER_REGISTRY, 'docker.io') && secrets.DOCKERHUB_TOKEN || secrets.GITHUB_TOKEN }}
username: ${{ env.DOCKER_REGISTRY == 'docker.io' && secrets.DOCKERHUB_USERNAME || github.actor }}
password: ${{ env.DOCKER_REGISTRY == 'docker.io' && secrets.DOCKERHUB_TOKEN || secrets.GITHUB_TOKEN }}

- name: Docker meta
id: meta
Expand All @@ -114,6 +117,24 @@ jobs:
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}.{{minor}}.{{patch}}

- name: Download Artifacts
id: download
uses: actions/download-artifact@v3
with:
path: release

- name: Unfurl release artifacts
run: |
find release

mkdir -p release/linux-arm64
mkdir -p release/linux-amd64

tar zxvf release/release-linux-arm64/*.tar.gz -C release/linux-arm64
tar zxvf release/release-linux-amd64/*.tar.gz -C release/linux-amd64

find release

- name: Build and push ${{ matrix.COMPONENT }} Image
id: push
uses: docker/build-push-action@v3
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ $(BUILD_DIR)/images/peer/$(DUMMY): BUILD_ARGS=--build-arg GO_TAGS=${GO_TAGS}
$(BUILD_DIR)/images/orderer/$(DUMMY): BUILD_ARGS=--build-arg GO_TAGS=${GO_TAGS}
$(BUILD_DIR)/images/tools/$(DUMMY): BUILD_ARGS=--build-arg GO_TAGS=${GO_TAGS}

$(BUILD_DIR)/images/%/$(DUMMY):
$(BUILD_DIR)/images/%/$(DUMMY): release/linux-$(ARCH)
@echo "Building Docker image $(DOCKER_NS)/fabric-$*"
@mkdir -p $(@D)
$(DBUILD) -f images/$*/Dockerfile \
Expand Down
76 changes: 40 additions & 36 deletions images/orderer/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,46 +1,50 @@
# Copyright IBM Corp. All Rights Reserved.
#
# Copyright contributors to the Hyperledger Fabric project
#
# SPDX-License-Identifier: Apache-2.0

ARG GO_VER
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
ARG ALPINE_VER
FROM alpine:${ALPINE_VER}

RUN apk add --no-cache \
bash \
curl \
tzdata

FROM alpine:${ALPINE_VER} as base
RUN apk add --no-cache tzdata
# set up nsswitch.conf for Go's "netgo" implementation
# - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
# - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
RUN echo 'hosts: files dns' > /etc/nsswitch.conf

FROM golang:${GO_VER}-alpine${ALPINE_VER} as golang
RUN apk add --no-cache \
bash \
binutils-gold \
gcc \
git \
make \
musl-dev
ADD . $GOPATH/src/github.com/hyperledger/fabric
WORKDIR $GOPATH/src/github.com/hyperledger/fabric

FROM golang as orderer
ARG GO_TAGS
ARG TARGETOS
ARG TARGETARCH
ARG FABRIC_VER
ENV FABRIC_VER ${FABRIC_VER}

# Disable cgo when building in the container. This will create a static binary, which can be
# copied and run in the base alpine container without the libc/musl runtime.
ENV CGO_ENABLED 0

RUN make orderer GO_TAGS=${GO_TAGS}

FROM base
ENV FABRIC_CFG_PATH /etc/hyperledger/fabric
VOLUME /etc/hyperledger/fabric
VOLUME /var/hyperledger
COPY --from=orderer /go/src/github.com/hyperledger/fabric/build/bin /usr/local/bin
COPY --from=orderer /go/src/github.com/hyperledger/fabric/sampleconfig/msp ${FABRIC_CFG_PATH}/msp
COPY --from=orderer /go/src/github.com/hyperledger/fabric/sampleconfig/orderer.yaml ${FABRIC_CFG_PATH}
COPY --from=orderer /go/src/github.com/hyperledger/fabric/sampleconfig/configtx.yaml ${FABRIC_CFG_PATH}
EXPOSE 7050
CMD ["orderer"]

# copy the release build outputs for the target arch
COPY release/${TARGETOS}-${TARGETARCH}/bin/orderer /usr/local/bin

ENV FABRIC_CFG_PATH /var/hyperledger/fabric/config
ENV FABRIC_VER ${FABRIC_VER}

COPY sampleconfig/msp ${FABRIC_CFG_PATH}/msp
COPY sampleconfig/orderer.yaml ${FABRIC_CFG_PATH}
COPY sampleconfig/configtx.yaml ${FABRIC_CFG_PATH}

VOLUME /etc/hyperledger/fabric
VOLUME /var/hyperledger
EXPOSE 7050

ENTRYPOINT [ "orderer" ]
CMD [ "start" ]
69 changes: 36 additions & 33 deletions images/peer/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,48 +1,51 @@
# Copyright IBM Corp. All Rights Reserved.
#
# Copyright contributors to the Hyperledger Fabric project
#
# SPDX-License-Identifier: Apache-2.0

ARG GO_VER
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
ARG ALPINE_VER
FROM alpine:${ALPINE_VER} as peer-base
RUN apk add --no-cache tzdata
FROM alpine:${ALPINE_VER}

RUN apk add --no-cache \
bash \
curl \
tzdata

# set up nsswitch.conf for Go's "netgo" implementation
# - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
# - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
RUN echo 'hosts: files dns' > /etc/nsswitch.conf

FROM golang:${GO_VER}-alpine${ALPINE_VER} as golang
RUN apk add --no-cache \
bash \
binutils-gold \
gcc \
git \
make \
musl-dev
ADD . $GOPATH/src/github.com/hyperledger/fabric
WORKDIR $GOPATH/src/github.com/hyperledger/fabric

FROM golang as peer
ARG GO_TAGS
ARG TARGETOS
ARG TARGETARCH
ARG FABRIC_VER
ENV FABRIC_VER ${FABRIC_VER}

# Disable cgo when building in the container. This will create a static binary, which can be
# copied and run in the base alpine container without the libc/musl runtime.
ENV CGO_ENABLED 0
# copy the release build outputs for the target arch
COPY release/${TARGETOS}-${TARGETARCH}/bin/peer /usr/local/bin
COPY release/${TARGETOS}-${TARGETARCH}/builders/ccaas/bin /opt/hyperledger/ccaas_builder

RUN make peer GO_TAGS=${GO_TAGS}
RUN make ccaasbuilder
ENV FABRIC_CFG_PATH /var/hyperledger/fabric/config
ENV FABRIC_VER ${FABRIC_VER}

COPY sampleconfig/msp ${FABRIC_CFG_PATH}/msp
COPY sampleconfig/core.yaml ${FABRIC_CFG_PATH}/core.yaml

FROM peer-base
ARG TARGETARCH
ARG TARGETOS
ENV FABRIC_CFG_PATH /etc/hyperledger/fabric
VOLUME /etc/hyperledger/fabric
VOLUME /var/hyperledger
COPY --from=peer /go/src/github.com/hyperledger/fabric/build/bin /usr/local/bin
COPY --from=peer /go/src/github.com/hyperledger/fabric/sampleconfig/msp ${FABRIC_CFG_PATH}/msp
COPY --from=peer /go/src/github.com/hyperledger/fabric/sampleconfig/core.yaml ${FABRIC_CFG_PATH}/core.yaml
COPY --from=peer /go/src/github.com/hyperledger/fabric/release/${TARGETOS}-${TARGETARCH}/builders/ccaas/bin/ /opt/hyperledger/ccaas_builder/bin/

EXPOSE 7051
CMD ["peer","node","start"]

ENTRYPOINT [ "peer" ]
CMD [ "node", "start" ]
63 changes: 32 additions & 31 deletions images/tools/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,41 +1,42 @@
# Copyright IBM Corp. All Rights Reserved.
#
# Copyright contributors to the Hyperledger Fabric project
#
# SPDX-License-Identifier: Apache-2.0

ARG GO_VER
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
ARG ALPINE_VER
FROM golang:${GO_VER}-alpine${ALPINE_VER} as golang
FROM alpine:${ALPINE_VER}

RUN apk add --no-cache \
bash \
binutils-gold \
gcc \
git \
make \
musl-dev;

ADD . $GOPATH/src/github.com/hyperledger/fabric
WORKDIR $GOPATH/src/github.com/hyperledger/fabric
bash \
curl \
jq \
tzdata

FROM golang as tools
ARG GO_TAGS
ARG TARGETOS
ARG TARGETARCH
ARG FABRIC_VER
ENV FABRIC_VER ${FABRIC_VER}

# Disable cgo when building in the container. This will create a static binary, which can be
# copied and run in the base alpine container without the libc/musl runtime.
ENV CGO_ENABLED 0
# copy the release build outputs for the target arch
COPY release/${TARGETOS}-${TARGETARCH}/bin /usr/local/bin

RUN make tools GO_TAGS=${GO_TAGS}
ENV FABRIC_VER ${FABRIC_VER}
ENV FABRIC_CFG_PATH /var/hyperledger/fabric/config

FROM golang:${GO_VER}-alpine${ALPINE_VER}
# git is required to support `go list -m`
RUN apk add --no-cache \
bash \
git \
jq \
tzdata;
ENV FABRIC_CFG_PATH /etc/hyperledger/fabric
VOLUME /etc/hyperledger/fabric
COPY --from=tools /go/src/github.com/hyperledger/fabric/build/bin /usr/local/bin
COPY --from=tools /go/src/github.com/hyperledger/fabric/sampleconfig ${FABRIC_CFG_PATH}
COPY sampleconfig ${FABRIC_CFG_PATH}

VOLUME /etc/hyperledger/fabric
VOLUME /var/hyperledger

ENTRYPOINT [ "bash" ]
Loading