mirror of
https://github.com/LizardByte/Sunshine.git
synced 2026-02-04 22:35:24 +00:00
docker: updates to docker images (#942)
This commit is contained in:
ReenigneArcher
GitHub
@ -2,6 +2,7 @@
|
||||
# artifacts: true
|
||||
# platforms: linux/amd64
|
||||
# archlinux does not have an arm64 base image
|
||||
# no-cache-filters: sunshine-base,artifacts,sunshine
|
||||
ARG BASE=archlinux
|
||||
ARG TAG=base-devel
|
||||
FROM ${BASE}:${TAG} AS sunshine-base
|
||||
@ -11,31 +12,13 @@ RUN <<_DEPS
|
||||
#!/bin/bash
|
||||
set -e
|
||||
pacman -Syu --noconfirm \
|
||||
archlinux-keyring \
|
||||
git
|
||||
archlinux-keyring
|
||||
_DEPS
|
||||
|
||||
# Setup builder user, arch prevents running makepkg as root
|
||||
RUN useradd -m builder && \
|
||||
echo 'builder ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
|
||||
WORKDIR /home/builder
|
||||
USER builder
|
||||
|
||||
# install paru
|
||||
WORKDIR /tmp
|
||||
RUN git clone https://aur.archlinux.org/paru.git
|
||||
WORKDIR /tmp/paru
|
||||
RUN makepkg -si --noconfirm
|
||||
|
||||
# install optional dependencies
|
||||
RUN paru -Syu --noconfirm \
|
||||
cuda \
|
||||
libcap \
|
||||
libdrm
|
||||
|
||||
# switch back to root user, hadolint will complain if last user is root
|
||||
# hadolint ignore=DL3002
|
||||
USER root
|
||||
# makepkg is used in sunshine-build and uploader build stages
|
||||
|
||||
FROM sunshine-base as sunshine-build
|
||||
|
||||
@ -46,12 +29,16 @@ ARG CLONE_URL
|
||||
|
||||
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
|
||||
# install dependencies
|
||||
# cuda, libcap, and libdrm are optional dependencies for PKGBUILD
|
||||
RUN <<_DEPS
|
||||
#!/bin/bash
|
||||
set -e
|
||||
pacman -Syu --noconfirm \
|
||||
base-devel \
|
||||
cmake \
|
||||
cuda \
|
||||
libcap \
|
||||
libdrm \
|
||||
namcap
|
||||
_DEPS
|
||||
|
||||
@ -60,7 +47,7 @@ USER builder
|
||||
|
||||
# copy repository
|
||||
WORKDIR /build/sunshine/
|
||||
COPY .. .
|
||||
COPY --link .. .
|
||||
|
||||
# setup build directory
|
||||
WORKDIR /build/sunshine/build
|
||||
@ -97,96 +84,13 @@ _PKGBUILD
|
||||
|
||||
FROM scratch as artifacts
|
||||
|
||||
COPY --from=sunshine-build /build/sunshine/pkg/PKGBUILD /PKGBUILD
|
||||
COPY --from=sunshine-build /build/sunshine/pkg/sunshine*.pkg.tar.zst /sunshine.pkg.tar.zst
|
||||
|
||||
FROM sunshine-base as uploader
|
||||
|
||||
# most of this stage is borrowed from
|
||||
# https://github.com/KSXGitHub/github-actions-deploy-aur/blob/master/build.sh
|
||||
|
||||
ARG BUILD_VERSION
|
||||
ARG RELEASE
|
||||
ARG TARGETPLATFORM
|
||||
|
||||
# Setup builder user
|
||||
WORKDIR /home/builder
|
||||
USER builder
|
||||
|
||||
# hadolint ignore=SC3010
|
||||
RUN <<_SSH_CONFIG
|
||||
#!/bin/bash
|
||||
set -e
|
||||
if [[ "${TARGETPLATFORM}" == 'linux/amd64' ]]; then
|
||||
echo "Host aur.archlinux.org"; echo " IdentityFile ~/.ssh/aur"; echo " User aur" >>~/.ssh/config
|
||||
fi
|
||||
_SSH_CONFIG
|
||||
|
||||
# create and apply secrets, hadolint is giving a false positive
|
||||
# hadolint ignore=SC1133
|
||||
RUN --mount=type=secret,id=AUR_EMAIL,target=/secrets/AUR_EMAIL \
|
||||
--mount=type=secret,id=AUR_SSH_PRIVATE_KEY,target=/secrets/AUR_SSH_PRIVATE_KEY \
|
||||
--mount=type=secret,id=AUR_USERNAME,target=/secrets/AUR_USERNAME && \
|
||||
cat /secrets/AUR_SSH_PRIVATE_KEY >~/.ssh/aur && \
|
||||
git config --global user.name "$(cat /secrets/AUR_USERNAME)" && \
|
||||
git config --global user.email "$(cat /secrets/AUR_EMAIL)"
|
||||
|
||||
WORKDIR /tmp
|
||||
|
||||
# hadolint ignore=SC3010
|
||||
RUN <<_AUR_SETUP
|
||||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
if [[ "${TARGETPLATFORM}" == 'linux/amd64' ]]; then
|
||||
# Adding aur.archlinux.org to known hosts
|
||||
ssh_keyscan_types="rsa,dsa,ecdsa,ed25519"
|
||||
ssh-keyscan -v -t "$ssh_keyscan_types" aur.archlinux.org >>~/.ssh/known_hosts
|
||||
|
||||
# Importing private key
|
||||
chmod -vR 600 ~/.ssh/aur*
|
||||
ssh-keygen -vy -f ~/.ssh/aur >~/.ssh/aur.pub
|
||||
|
||||
# Clone AUR package
|
||||
mkdir -p /tmp/local-repo
|
||||
git clone -v "https://aur.archlinux.org/sunshine.git" /tmp/local-repo
|
||||
|
||||
# Copy built package
|
||||
COPY --from=artifacts /PRKBUILD /tmp/local-repo/
|
||||
fi
|
||||
_AUR_SETUP
|
||||
|
||||
WORKDIR /tmp/local-repo
|
||||
# aur upload if release event
|
||||
# hadolint ignore=SC3010
|
||||
RUN <<_AUR_UPLOAD
|
||||
#!/bin/bash
|
||||
set -e
|
||||
if [[ "${RELEASE}" == "true" && "${TARGETPLATFORM}" == 'linux/amd64' ]]; then
|
||||
# update package checksums
|
||||
updpkgsums
|
||||
|
||||
# generate srcinfo
|
||||
makepkg --printsrcinfo >.SRCINFO
|
||||
|
||||
# commit changes
|
||||
git add --all
|
||||
|
||||
# check if there are any changes and commit/push
|
||||
if [[ $(git diff-index --quiet HEAD) != "" ]]; then
|
||||
git commit -m "${BUILD_VERSION}"
|
||||
git remote add aur "https://aur.archlinux.org/sunshine.git"
|
||||
git push -v aur master
|
||||
fi
|
||||
fi
|
||||
_AUR_UPLOAD
|
||||
|
||||
# remove secrets
|
||||
RUN rm -rf /secrets
|
||||
COPY --link --from=sunshine-build /build/sunshine/pkg/PKGBUILD /PKGBUILD
|
||||
COPY --link --from=sunshine-build /build/sunshine/pkg/sunshine*.pkg.tar.zst /sunshine.pkg.tar.zst
|
||||
|
||||
FROM sunshine-base as sunshine
|
||||
|
||||
COPY --from=artifacts /sunshine*.pkg.tar.zst /sunshine.pkg.tar.zst
|
||||
# copy from uploader instead of artifacts or uploader stage will not run
|
||||
COPY --link --from=artifacts /sunshine.pkg.tar.zst /
|
||||
|
||||
# install sunshine
|
||||
RUN <<_INSTALL_SUNSHINE
|
||||
@ -216,7 +120,7 @@ ENV HOME=/home/$UNAME
|
||||
RUN <<_SETUP_USER
|
||||
#!/bin/bash
|
||||
set -e
|
||||
# first delete the builder
|
||||
# first delete the builder user
|
||||
userdel -r builder
|
||||
|
||||
# then create the lizard user
|
||||
|
||||
Reference in New Issue
Block a user