Change to use alpine, and try multi-arch building

2023-02-01 09:52:51 +11:00 · 2023-02-01 09:52:51 +11:00 · 88503c81a2
commit 88503c81a2
parent 80a8203985
7 changed files with 145 additions and 110 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -2,47 +2,115 @@ image: docker:latest

 stages:
 - build
+- build-manifest
 - build-test
+- build-manifest-test
+
+cache:
+  key: ${CI_COMMIT_REF_SLUG}
+  paths:
+    - docker/

 variables:
-  BRANCH: latest
+  BRANCH: alpine
  VERSION: 8.1-fpm-${BRANCH}
-  CACHETAG: build-${BRANCH}
  DOCKER_HOST: tcp://docker:2375
+  VERSIONARCH: ${VERSION}-${ARCH}

 services:
- docker:stable-dind
+- docker:dind

 before_script:
+- sed -ie s'/https/http/' /etc/apk/repositories
+- HTTP_PROXY=http://proxy.dege.lan:3128 apk add git curl
 - docker info
 - docker version
+- env|sort
+# docker login -u "$CI_DEPENDENCY_PROXY_USER" -p "$CI_DEPENDENCY_PROXY_PASSWORD" "$CI_SERVER_HOST"
 - echo "$CI_JOB_TOKEN" | docker login -u "$CI_REGISTRY_USER" "$CI_REGISTRY" --password-stdin

 x86_64:build:
+  variables:
+    ARCH: x86_64
  stage: build
  script:
  - if [ -f init ]; then chmod 500 init; fi
-  - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true
-  - docker build --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION} -t ${CI_REGISTRY_IMAGE}:${CACHETAG} .
-  - docker push ${CI_REGISTRY_IMAGE}:${VERSION}
-  - docker push ${CI_REGISTRY_IMAGE}:${CACHETAG}
-  - apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=image ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
-  - apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=server ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
+  - ([ -z "$REFRESH" -a -f docker/${CI_COMMIT_REF_SLUG} ]) && docker load < docker/${CI_COMMIT_REF_SLUG} || true
+  - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --cache-from ${CI_REGISTRY_IMAGE}:${VERSIONARCH} -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH} .
+  - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}
+  - docker save ${CI_REGISTRY_IMAGE}:${VERSIONARCH} > docker/${CI_COMMIT_REF_SLUG}
+
+  # apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=image ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
+  # apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=server ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
  tags:
  - docker
  - x86_64
  only:
-  - master
+  - alpine

 x86_64:build-test:
+  variables:
+    ARCH: x86_64
  stage: build-test
  script:
-  - if [ -f init ]; then chmod 500 init; fi
-  - ([ -z "$REFRESH" ] && docker pull ${CI_REGISTRY_IMAGE}:${CACHETAG}) || true
-  - docker build --file Dockerfile.phptest --cache-from ${CI_REGISTRY_IMAGE}:${CACHETAG} -t ${CI_REGISTRY_IMAGE}:${VERSION}-test .
-  - docker push ${CI_REGISTRY_IMAGE}:${VERSION}-test
+  - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --file Dockerfile.phptest -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH}-test .
+  - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}-test
  tags:
  - docker
  - x86_64
  only:
-  - master
+  - alpine
+
+armv7l:build:
+  variables:
+    ARCH: armv7l
+  stage: build
+  script:
+  - if [ -f init ]; then chmod 500 init; fi
+  - ([ -z "$REFRESH" -a -f docker/${CI_COMMIT_REF_SLUG} ]) && docker load < docker/${CI_COMMIT_REF_SLUG} || true
+  - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --cache-from ${CI_REGISTRY_IMAGE}:${VERSIONARCH} -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH} .
+  - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}
+  - docker save ${CI_REGISTRY_IMAGE}:${VERSIONARCH} > docker/${CI_COMMIT_REF_SLUG}
+
+  # apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=image ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
+  # apk add curl && curl -LX POST --post301 -F token=${TRIGGER_TOKEN} -F ref=server ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/trigger/pipeline
+  tags:
+  - docker
+  - armv7l
+  only:
+  - alpine
+
+armv7l:build-test:
+  variables:
+    ARCH: armv7l
+  stage: build-test
+  script:
+  - docker build --build-arg HTTP_PROXY=http://proxy.dege.lan:3128 --file Dockerfile.phptest -t ${CI_REGISTRY_IMAGE}:${VERSIONARCH}-test .
+  - docker push ${CI_REGISTRY_IMAGE}:${VERSIONARCH}-test
+  tags:
+  - docker
+  - armv7l
+  only:
+  - alpine
+
+x86_64:build-manifest:
+  stage: build-manifest
+  script:
+  - docker manifest create ${CI_REGISTRY_IMAGE}:${VERSION} ${CI_REGISTRY_IMAGE}:${VERSION}-armv7l ${CI_REGISTRY_IMAGE}:${VERSION}-x86_64
+  - docker manifest push --purge ${CI_REGISTRY_IMAGE}:${VERSION}
+  tags:
+  - docker
+  - x86_64
+  only:
+  - alpine
+
+x86_64:build-manifest-test:
+  stage: build-manifest-test
+  script:
+  - docker manifest create ${CI_REGISTRY_IMAGE}:${VERSION}-test ${CI_REGISTRY_IMAGE}:${VERSION}-armv7l-test ${CI_REGISTRY_IMAGE}:${VERSION}-x86_64-test
+  - docker manifest push --purge ${CI_REGISTRY_IMAGE}:${VERSION}-test
+  tags:
+  - docker
+  - x86_64
+  only:
+  - alpine
--- a/106
+++ b/106
@ -1,82 +1,50 @@
 # NAME leenooks/php
-# VERSION 8.1-fpm-latest
+# VERSION 8.1-fpm-alpine

-FROM php:8.1-fpm
+FROM php:8.1-fpm-alpine

-RUN apt-get update && apt-get install -y openssh-server unzip git msmtp nginx wait-for-it \
-	&& rm /etc/nginx/sites-enabled/default \
-	&& apt-get -y purge nginx-core \
-	&& apt-get -y autoremove \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+# Change to http respositories, so they we can cache the install packages
+RUN if [ -n ${HTTP_PROXY} ] ; then sed -ie s'/https/http/' /etc/apk/repositories; fi
+COPY docker/pecl_install /usr/local/bin/pecl_install

-RUN useradd -c "Hosting Admin User" -u 1000 -g users -G www-data -d /var/www/html -M lamp
+# Tune PHP
 RUN sed -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini-production > /usr/local/etc/php/php.ini
-COPY www.conf /usr/local/etc/php-fpm.d/
-COPY nginx-app.conf /etc/nginx/conf.d/
+RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' -e 's#^memory_limit = 128M#memory_limit = 256M#' /usr/local/etc/php/php.ini
+RUN adduser -g "Hosting Admin User" -u 1000 -G www-data -h /var/www/html -HD lamp

-COPY sshd_config.patch /tmp/
-RUN (cd / && patch -p0 ) < /tmp/sshd_config.patch && rm /tmp/sshd_config.patch
+# Base
+RUN apk add --no-cache bash git unzip zlib nginx msmtp
+RUN curl -SLo /usr/local/bin/wait-for-it https://github.com/vishnubob/wait-for-it/raw/master/wait-for-it.sh && chmod +x /usr/local/bin/wait-for-it

-COPY msmtprc /etc/
-RUN sed -i -e 's#^;sendmail_path =#sendmail_path = "/usr/bin/msmtp -t"#' /usr/local/etc/php/php.ini && sed -i -e 's#^memory_limit = 128M#memory_limit = 256M#' /usr/local/etc/php/php.ini
-
-EXPOSE 22/tcp
-
-# Add composer
-RUN curl https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer
-
-# Add Mongo DB
-RUN apt-get update && apt-get -y install zlib1g-dev libssl-dev \
-	&& pecl install mongodb && docker-php-ext-enable mongodb \
-	&& apt-get -y purge zlib1g-dev libssl-dev \
-	&& apt-get -y autoremove \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-# Mysql/Postgress/LDAP
-RUN apt-get update && apt-get install -y libpq5 libpq-dev unzip git libldap2-dev \
-	&& docker-php-ext-install -j$(nproc) pdo_mysql pdo_pgsql ldap gettext \
-	&& apt-get -y purge libpq-dev libldap2-dev libx11-6 dbus ncurses-term systemd \
-	&& apt-get -y autoremove \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-# Enable phpredis
-RUN apt-get update && apt-get install -y redis \
-	&& pecl install -o -f igbinary && pecl install -o -f redis && docker-php-ext-enable redis igbinary \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-# Enable phpmemcache
-RUN apt-get update && apt-get install -y memcached libmemcachedutil2 zlib1g-dev libmemcached-dev \
-	&& pecl install -o -f memcached && docker-php-ext-enable memcached \
-	&& apt-get -y purge zlib1g-dev libmemcached-dev \
-	&& apt-get -y autoremove \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
-# Enable ZIP
-RUN apt-get -y update \
-	&& apt-get -y install build-essential libzip4 libzip-dev libpng16-16 libpng-dev libbz2-dev zlib1g-dev libgmp-dev libjpeg62-turbo libjpeg-dev libfreetype6 libfreetype6-dev --no-install-recommends \
-	&& docker-php-ext-configure gd --with-freetype=/usr/include/freetype2 --with-jpeg=/usr/include/ \
-	&& docker-php-ext-install -j$(nproc) zip bz2 gd \
-	&& apt-get purge -y build-essential libzip-dev zlib1g-dev libpng-dev libbz2-dev zlib1g-dev libgmp-dev libjpeg-dev libfreetype6-dev \
-	&& apt-get autoremove -y \
-	&& rm -rf /var/lib/apt/lists/* /tmp/*
-
-# Add bcmath
-RUN apt-get -y update \
-	&& apt-get -y install build-essential libicu-dev \
-	&& docker-php-ext-install -j$(nproc) bcmath intl \
-	&& apt-get purge -y build-essential libicu-dev \
-	&& apt-get autoremove -y \
-	&& rm -rf /var/lib/apt/lists/* /tmp/*
+# Memcache
+RUN apk add --no-cache memcached libmemcached pkgconfig zlib-dev memcached-dev libmemcached-dev && \
+	pecl_install igbinary msgpack memcached && \
+	apk del --no-cache pkgconfig zlib-dev memcached-dev libmemcached-dev

+# Enable ZIP BZIP2
+RUN apk add --no-cache libzip libzip-dev zlib-dev && \
+	docker-php-ext-install -j$(nproc) zip bz2 && \
+	apk del --no-cache libzip-dev zlib-dev
 # Add zstd
-RUN pecl install -o -f zstd && docker-php-ext-enable zstd
+RUN pecl_install zstd

-COPY init /sbin/
+# Add GD
+RUN apk add --no-cache libjpeg libgd libpng freetype freetype-dev zlib-dev libpng-dev jpeg-dev && \
+	docker-php-ext-configure gd --with-freetype=/usr/include/freetype2 --with-jpeg=/usr/include/ && \
+	docker-php-ext-install -j$(nproc) gd && \
+	apk del --no-cache zlib-dev libpng-dev jpeg-dev freetype-dev
+
+RUN ip addr list && env
+# Add composer
+RUN curl -4 https://getcomposer.org/installer|php -- --install-dir=/usr/local/bin --filename=composer
+
+COPY docker/www.conf /usr/local/etc/php-fpm.d/
+COPY docker/nginx-app.conf /etc/nginx/http.d/default.conf
+
+COPY docker/init /sbin/
 RUN chmod 550 /sbin/init && chown 0:0 /sbin/init
+
+WORKDIR /var/www/html
+EXPOSE 80
 ENTRYPOINT [ "/sbin/init" ]
 CMD [ "php-fpm" ]
--- a/Dockerfile.phptest
+++ b/Dockerfile.phptest
@ -1,14 +1,10 @@
 # NAME leenooks/php
-# VERSION 8.1-fpm-test
+# VERSION 8.1-fpm-alpine-test

-FROM registry.leenooks.net/leenooks/php:8.1-fpm-latest
+FROM registry.dege.au/leenooks/php:8.1-fpm-alpine

-RUN pecl install xdebug \
-	&& docker-php-ext-enable xdebug
+# Enable xdebug
+RUN pecl_install xdebug

-RUN mv /sbin/init /sbin/init.orig \
-	&& apt-get update && apt-get install -y npm \
-	&& apt-get -y autoremove \
-	&& apt-get clean \
-	&& mv /sbin/init.orig /sbin/init \
-	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+# Add other built tools
+RUN apk add npm
--- a/docker/init
+++ b/docker/init
@ -6,9 +6,8 @@ env=${APP_ENV:-live}
 php=${PHP_DIR:-/var/www/html}
 composer=${COMPOSER_DIR:-/var/www/.composer}

+SITE_USER=${SITE_USER:-www-data}
 NGINX_START=${NGINX_START:-TRUE}
-SSH_START=${SSH_START:-FALSE}
-REDIS_START=${REDIS_START:-FALSE}
 MEMCACHED_START=${MEMCACHED_START:-FALSE}

 # To run a local queue, running jobs from the queue "hostname"
@ -28,25 +27,14 @@ function nginx_start() {
 	# Start NGINX
 	if [ -x /usr/sbin/nginx -a "${NGINX_START}" == "TRUE" ]; then
 		echo "* Starting NGINX..."
-		start-stop-daemon --start --pidfile /var/run/nginx.pid --exec /usr/sbin/nginx -- -g 'daemon on; master_process on;'
+		/usr/sbin/nginx -g 'daemon on; master_process on;'
 	fi
 }

 # General Setup
-if [ -x /usr/sbin/sshd -a "${SSH_START}" == "TRUE" ]; then
-	echo "* Starting SSH..."
-	[ ! -d /var/run/sshd ] && mkdir /var/run/sshd
-	start-stop-daemon --start --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- -p 22
-fi
-
-if [ -x /usr/bin/redis-server -a "${REDIS_START}" == "TRUE" ]; then
-	echo "* Starting REDIS..."
-	start-stop-daemon --start --quiet --oknodo --umask 007 --pidfile /var/run/redis-server.pid --chuid redis:redis --exec /usr/bin/redis-server -- /etc/redis/redis.conf
-fi
-
 if [ -x /usr/bin/memcached -a "${MEMCACHED_START}" == "TRUE" ]; then
 	echo "* Starting MEMCACHED..."
-	start-stop-daemon --start --quiet --exec "/usr/share/memcached/scripts/start-memcached" -- /etc/memcached.conf /var/run/memcached.pid
+	/usr/bin/memcached -d -P /var/run/memcached.pid -u memcached
 fi

 # Laravel Specific
@ -69,7 +57,7 @@ if [ "${role}" = "app" -a -e artisan ]; then
 			find ${php}/public -type d -exec chmod 755 {} \;
 			chmod o+rx ${php}
 			chmod a+rx ${php}/artisan
-			chown -R lamp:www-data ${php}
+			chown -R ${SITE_USER}:www-data ${php}
 			chown -R www-data:www-data ${php}/storage ${php}/bootstrap ${php}/composer.*
 			[ -e ${php}/vendor ] && chown -R www-data:www-data ${php}/vendor
 		fi
--- a/docker/nginx-app.conf
+++ b/docker/nginx-app.conf
--- a/docker/pecl_install
+++ b/docker/pecl_install
@ -0,0 +1,15 @@
+#!/bin/sh
+
+# This will install our PHP modules
+# call peck-install module1 module2
+
+# First install some dependancies
+apk add --no-cache autoconf gcc libc-dev make
+
+# Install the modules
+for module in $@; do
+	pecl install -o -f ${module} && docker-php-ext-enable ${module}
+done
+
+# Clean up
+apk del --no-cache autoconf gcc libc-dev make
--- a/docker/www.conf
+++ b/docker/www.conf