From f0265afccd23cf72ee44ce704bb11789202a72d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= Date: Mon, 27 Jan 2025 14:24:19 +0800 Subject: [PATCH] feat: Add an entrypoint to perform env setup --- Dockerfile | 22 ++++++++++++- README.md | 15 +++++++++ docker.json | 5 +++ entrypoint.sh | 85 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 README.md create mode 100644 docker.json create mode 100755 entrypoint.sh diff --git a/Dockerfile b/Dockerfile index 3e1de19..657fe4e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,9 +3,24 @@ FROM docker.io/rust:bookworm ARG NIGHTLY_VERSION_DATE ENV NIGHTLY_VERSION=nightly-$NIGHTLY_VERSION_DATE +# Add the docker apt repo. +# +# See instructions in the docker docs: +# https://docs.docker.com/engine/install/ubuntu/#installation-methods +RUN apt install ca-certificates curl \ + && install -m 0755 -d /etc/apt/keyrings \ + && curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \ + && chmod a+r /etc/apt/keyrings/docker.asc \ + && echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + tee /etc/apt/sources.list.d/docker.list + +# Note that we do not need docker engine as we mount a docker socket +# into the container RUN apt update -yqq \ && apt install -yqq --no-install-recommends \ - build-essential cmake libssl-dev pkg-config git musl-tools jq xmlstarlet lcov protobuf-compiler libprotobuf-dev libprotoc-dev nats-server \ + build-essential cmake libssl-dev pkg-config git musl-tools jq xmlstarlet lcov protobuf-compiler libprotobuf-dev libprotoc-dev \ + docker-ce-cli docker-compose-plugin docker-buildx-plugin \ && rustup toolchain add $NIGHTLY_VERSION --component rustfmt --component clippy --component llvm-tools-preview \ && rustup toolchain add beta --component rustfmt --component clippy --component llvm-tools-preview \ && rustup toolchain add stable --component rustfmt --component clippy --component llvm-tools-preview \ @@ -26,4 +41,9 @@ RUN apt update -yqq \ taplo-cli \ cargo-chef \ && cargo cache -a + COPY cobertura_transform.xslt /opt/ +COPY docker.json /etc/docker/daemon.json + +COPY entrypoint.sh /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md new file mode 100644 index 0000000..19356d3 --- /dev/null +++ b/README.md @@ -0,0 +1,15 @@ +# Famedly Rust Container + +Container used for Rust CI jobs. Set up with all necessary packages +and configuration to build, test and publish our crates. + +For full environment setup, some secrets need to be defined: + +## Settings + +| Variable | Example Value | Explanation | +|------------------------------|---------------------------------------------------|-------------| +| FRC_ADDITIONAL_PACKAGES | libxml2 dbus | Additional ubuntu packages to install before running the given command. | +| FRC_CRATES_REGISTRY | famedly | Additional registry to pull crates from. | +| FRC_CRATES_REGISTRY_INDEX | ssh://git@ssh.shipyard.rs/famedly/crate-index.git | The index URL of the registry; Can be omitted for `famedly`. | +| FRC_SSH_KEY | | The SSH key to use | diff --git a/docker.json b/docker.json new file mode 100644 index 0000000..6f7ae08 --- /dev/null +++ b/docker.json @@ -0,0 +1,5 @@ +{ + "features": { + "buildkit": true + } +} diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..d4812b0 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,85 @@ +#!/bin/sh + +# Famedly Rust Container entrypoint. +# +# Configures the runtime to be used for various CI jobs. + +echo "Preparing Rust build environment" + + +if [ -n "${FRC_SSH_KEY}" ]; then + echo "Setting up SSH" + + # Get an ssh agent running + USER="$(whoami)" + SSH_HOME="$(getent passwd "$USER" | cut -d: -f6)" # Is different from $HOME in docker containers, because github CI.. + eval "$(ssh-agent)" # This exports the socket to `SSH_AUTH_SOCK` + + # Import the SSH key from the secret. + # + # `echo` ensures there will be a newline at the end of the key. + echo "${FRC_SSH_KEY}" | ssh-add -vvv - + + # Import host keys for GitHub and Gitlab + mkdir -p "$SSH_HOME/.ssh" + ( + ssh-keyscan -H gitlab.com + ssh-keyscan -H github.com + ) >> "$SSH_HOME/.ssh/known_hosts" +else + echo "SSH key not specified; SSH not available in this run" +fi + + +if [ -n "${FRC_ADDITIONAL_PACKAGES}" ]; then + echo "Installing additional packages: ${FRC_ADDITIONAL_PACKAGES}" + # shellcheck disable=SC2086 + apt-get install -yqq --no-install-recommends ${FRC_ADDITIONAL_PACKAGES} +fi + + +echo "Configuring cargo" + +CARGO_HOME="${HOME}/${CARGO_HOME}" +mkdir -p "${CARGO_HOME}" +cat << EOF > "${CARGO_HOME}/config.toml" +[term] +color = 'always' +[net] +git-fetch-with-cli = true +EOF + +# Don't write anything for crates-io, since it is baked-in and cargo +# special cases on it so configuring it works differently anyway. +if [ -n "${FRC_CRATES_REGISTRY}" ] && [ "${FRC_CRATES_REGISTRY}" != "crates-io" ]; then + case "${FRC_CRATES_REGISTRY}" in + "famedly") + FRC_CRATES_REGISTRY_INDEX="${FRC_CRATES_REGISTRY_INDEX:-ssh://git@ssh.shipyard.rs/famedly/crate-index.git}" + ;; + "") + if [ -z "${FRC_CRATES_REGISTRY_INDEX}" ]; then + echo "Error: Crate registry index URL not known for ${FRC_CRATES_REGISTRY}. Configure it using \$FRC_CRATES_REGISTRY_INDEX." > /dev/stderr + exit 1 + fi + ;; + esac + + cat << EOF >> "${CARGO_HOME}/config.toml" +[registries.${FRC_CRATES_REGISTRY}] +index = "${FRC_CRATES_REGISTRY_INDEX}" +EOF +fi + + +if [ -n "${GITHUB_ENV}" ]; then + echo "Exporting created environment variables" + + ( + echo "CARGO_HOME=${CARGO_HOME}" + echo "SSH_AUTH_SOCK=${SSH_AUTH_SOCK}" + ) >> "$GITHUB_ENV" +fi + + +echo "Preparations finished" +"$@"