From: Matthew Newton Date: Fri, 3 May 2024 15:26:32 +0000 (+0100) Subject: docker: copy local files into docker image X-Git-Tag: release_3_2_4~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6d9eab52b1212fa57aba6d7fa292bf3e78ed2085;p=thirdparty%2Ffreeradius-server.git docker: copy local files into docker image rather than always pulling from remote --- diff --git a/scripts/docker/docker.mk b/scripts/docker/docker.mk index 917d47536c7..77e2310f70f 100644 --- a/scripts/docker/docker.mk +++ b/scripts/docker/docker.mk @@ -83,10 +83,14 @@ define ADD_DOCKER_RULES .PHONY: docker.${1}.build docker.${1}.build: @echo BUILD ${1} $(DOCKER_COMMIT) - $(Q)docker build $(DOCKER_BUILD_ARGS) \ + $(Q)docker buildx build \ + $(DOCKER_BUILD_ARGS) \ + --progress=plain \ --build-arg=release=$(DOCKER_COMMIT) \ -t $(DOCKER_REGISTRY)$(DOCKER_REPO)$(DOCKER_TAG):$(DOCKER_VERSION)-${1} \ - $(DIST_DIR)/${1} + -f $(DIST_DIR)/${1}/Dockerfile \ + . + endef $(foreach IMAGE,$(DOCKER_IMAGES), \ diff --git a/scripts/docker/etc/docker-entrypoint.sh.alpine b/scripts/docker/etc/docker-entrypoint.sh.alpine new file mode 100755 index 00000000000..e0f9f6f2a74 --- /dev/null +++ b/scripts/docker/etc/docker-entrypoint.sh.alpine @@ -0,0 +1,27 @@ +#!/bin/sh +set -e + +PATH=/opt/sbin:/opt/bin:$PATH +export PATH + +# this if will check if the first argument is a flag +# but only works if all arguments require a hyphenated flag +# -v; -SL; -f arg; etc will work, but not arg1 arg2 +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + set -- radiusd "$@" +fi + +# check for the expected command +if [ "$1" = 'radiusd' ]; then + shift + exec radiusd -f "$@" +fi + +# debian people are likely to call "freeradius" as well, so allow that +if [ "$1" = 'freeradius' ]; then + shift + exec radiusd -f "$@" +fi + +# else default to run whatever the user wanted like "bash" or "sh" +exec "$@" diff --git a/scripts/docker/etc/docker-entrypoint.sh.deb b/scripts/docker/etc/docker-entrypoint.sh.deb new file mode 100755 index 00000000000..93141b0d74b --- /dev/null +++ b/scripts/docker/etc/docker-entrypoint.sh.deb @@ -0,0 +1,24 @@ +#!/bin/sh +set -e + +# this if will check if the first argument is a flag +# but only works if all arguments require a hyphenated flag +# -v; -SL; -f arg; etc will work, but not arg1 arg2 +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + set -- freeradius "$@" +fi + +# check for the expected command +if [ "$1" = 'freeradius' ]; then + shift + exec freeradius -f "$@" +fi + +# many people are likely to call "radiusd" as well, so allow that +if [ "$1" = 'radiusd' ]; then + shift + exec freeradius -f "$@" +fi + +# else default to run whatever the user wanted like "bash" or "sh" +exec "$@" diff --git a/scripts/docker/etc/docker-entrypoint.sh.rpm b/scripts/docker/etc/docker-entrypoint.sh.rpm new file mode 100755 index 00000000000..900ad6b20fb --- /dev/null +++ b/scripts/docker/etc/docker-entrypoint.sh.rpm @@ -0,0 +1,24 @@ +#!/bin/sh +set -e + +# this if will check if the first argument is a flag +# but only works if all arguments require a hyphenated flag +# -v; -SL; -f arg; etc will work, but not arg1 arg2 +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + set -- radiusd "$@" +fi + +# check for the expected command +if [ "$1" = 'radiusd' ]; then + shift + exec radiusd -f "$@" +fi + +# debian people are likely to call "freeradius" as well, so allow that +if [ "$1" = 'freeradius' ]; then + shift + exec radiusd -f "$@" +fi + +# else default to run whatever the user wanted like "bash" or "sh" +exec "$@" diff --git a/scripts/docker/m4/Dockerfile.alpine.m4 b/scripts/docker/m4/Dockerfile.alpine.m4 index c03a26ad3e2..64c6c8ffd7e 100644 --- a/scripts/docker/m4/Dockerfile.alpine.m4 +++ b/scripts/docker/m4/Dockerfile.alpine.m4 @@ -10,17 +10,23 @@ RUN apk add git gcc make # # Create build directory # -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ # -# Shallow clone the FreeRADIUS source +# Copy the FreeRADIUS directory in # -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG release=v3.2.x +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +RUN [ -z "$release" ] || git checkout ${release} -RUN git clone --depth 1 --single-branch --branch ${release} ${source} -WORKDIR freeradius-server # # Install build dependencies @@ -75,8 +81,9 @@ RUN apk update \ \ && ln -s /opt/etc/raddb /etc/raddb -COPY docker-entrypoint.sh / -RUN chmod +x /docker-entrypoint.sh +WORKDIR / +COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh EXPOSE 1812/udp 1813/udp ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/scripts/docker/m4/Dockerfile.deb.m4 b/scripts/docker/m4/Dockerfile.deb.m4 index a43273a6652..c8a5eec5c5d 100644 --- a/scripts/docker/m4/Dockerfile.deb.m4 +++ b/scripts/docker/m4/Dockerfile.deb.m4 @@ -12,23 +12,27 @@ RUN apt-get install -y devscripts equivs git quilt gcc # # Create build directory # -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ # -# Shallow clone the FreeRADIUS source +# Copy the FreeRADIUS directory in # -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG release=v3.2.x +COPY . . -RUN git clone --depth 1 --single-branch --branch ${release} ${source} -WORKDIR freeradius-server +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +RUN [ -z "$release" ] || git checkout ${release} # # Install build dependencies # -RUN git checkout ${release}; \ - if [ -e ./debian/control.in ]; then \ +RUN if [ -e ./debian/control.in ]; then \ debian/rules debian/control; \ fi; \ echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control @@ -36,12 +40,19 @@ RUN git checkout ${release}; \ # # Build the server # -RUN make -j2 deb +# Work around fakeroot problems in Docker when building for different +# platforms - doesn't matter as we run as root in the container anyway. +# +#RUN make -j$(nproc) deb +RUN debian/rules debian/control \ + && dpkg-buildpackage --jobs=auto -b -uc # # Clean environment and run the server # FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + COPY --from=build /usr/local/src/repositories/*.deb /tmp/ ifelse(ifelse( @@ -53,17 +64,18 @@ ARG freerad_uid=101 ARG freerad_gid=101 RUN groupadd -g ${freerad_gid} -r freerad \ - && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ - && apt-get update \', + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \', `RUN apt-get update \') - && apt-get install -y /tmp/*.deb \ - && apt-get clean \ - && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ \ - && ln -s /etc/freeradius /etc/raddb + && ln -s /etc/freeradius /etc/raddb -COPY docker-entrypoint.sh / -RUN chmod +x /docker-entrypoint.sh +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh EXPOSE 1812/udp 1813/udp ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/scripts/docker/m4/Dockerfile.m4 b/scripts/docker/m4/Dockerfile.m4 index 873421ca230..f9890a1b009 100644 --- a/scripts/docker/m4/Dockerfile.m4 +++ b/scripts/docker/m4/Dockerfile.m4 @@ -8,6 +8,7 @@ dnl they use are different - see the m4 directories for each. dnl divert(`-1') changequote(`[', `]') +define([DOCKER_TOPDIR], [scripts/docker/]) define([p_SET], [ define([PKG_TYPE], [$1]) define([OS_NAME], [$2]) diff --git a/scripts/docker/m4/Dockerfile.rpm.m4 b/scripts/docker/m4/Dockerfile.rpm.m4 index 52425c43203..0137483c428 100644 --- a/scripts/docker/m4/Dockerfile.rpm.m4 +++ b/scripts/docker/m4/Dockerfile.rpm.m4 @@ -28,17 +28,22 @@ RUN yum install -y rpmdevtools openssl dnf-utils # # Create build directory # -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ # -# Shallow clone the FreeRADIUS source +# Copy the FreeRADIUS directory in # -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG release=v3.2.x +COPY . . -RUN git clone --depth 1 --single-branch --branch ${release} ${source} -WORKDIR freeradius-server +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +RUN [ -z "$release" ] || git checkout ${release} # # Other requirements @@ -88,9 +93,11 @@ ENV BUILDDIR=/root/rpmbuild RUN rpmdev-setuptree RUN ./configure -RUN make freeradius-server-$(cat VERSION).tar.bz2 -RUN cp freeradius-server-$(cat VERSION).tar.bz2 $BUILDDIR/SOURCES/ +RUN cp VERSION /VERSION +RUN make freeradius-server-$(cat /VERSION).tar.bz2 +RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/ RUN cp -r redhat/* $BUILDDIR/SOURCES/ +RUN sed -i "s/^Version:.*/Version: $(cat /VERSION)/" redhat/freeradius.spec RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/ WORKDIR $BUILDDIR @@ -98,7 +105,7 @@ WORKDIR $BUILDDIR # Build the server # ENV QA_RPATHS=0x0003 -RUN rpmbuild -bb --define '_release $release' "$BUILDDIR/SPECS/freeradius.spec" +RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec" RUN mkdir /root/rpms RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/ @@ -107,6 +114,7 @@ RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/ # Clean environment and run the server # FROM ${from} + COPY --from=build /root/rpms /tmp/ ifelse(OS_VER, `7', `', `dnl @@ -150,8 +158,9 @@ RUN groupadd -g ${radiusd_gid} -r radiusd \ && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \') && yum install -y /tmp/*.rpm -COPY docker-entrypoint.sh / -RUN chmod +x /docker-entrypoint.sh +WORKDIR / +COPY DOCKER_TOPDIR/etc/docker-entrypoint.sh.PKG_TYPE docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh EXPOSE 1812/udp 1813/udp ENTRYPOINT ["/docker-entrypoint.sh"]