diff --git a/services/docker-compose.yml b/services/docker-compose.yml --- a/services/docker-compose.yml +++ b/services/docker-compose.yml @@ -10,17 +10,12 @@ build: dockerfile: services/tunnelbroker/Dockerfile context: ../ - args: - - COMM_TEST_SERVICES=${COMM_TEST_SERVICES} - - COMM_SERVICES_SANDBOX=${COMM_SERVICES_SANDBOX} - image: commapp/tunnelbroker-server:0.2 + image: commapp/tunnelbroker-server:0.5 ports: - '${COMM_SERVICES_PORT_TUNNELBROKER}:50051' volumes: - - $HOME/.aws/config:/root/.aws/config:ro - - $HOME/.aws/credentials:/root/.aws/credentials:ro - - ./tunnelbroker/tunnelbroker.ini:/root/tunnelbroker/tunnelbroker.ini:ro - - ./tunnelbroker/tunnelbroker-sandbox.ini:/root/tunnelbroker/tunnelbroker-sandbox.ini:ro + - $HOME/.aws/config:/home/comm/.aws/config:ro + - $HOME/.aws/credentials:/home/comm/.aws/credentials:ro # backup backup-server: depends_on: diff --git a/services/tunnelbroker/Dockerfile b/services/tunnelbroker/Dockerfile --- a/services/tunnelbroker/Dockerfile +++ b/services/tunnelbroker/Dockerfile @@ -1,39 +1,36 @@ -FROM commapp/services-base:1.3.2 +FROM rust:1.70-bullseye as builder -ENV PATH=/root/.cargo/bin:$PATH +RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + build-essential cmake git libgtest-dev libssl-dev zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* \ + && mkdir -p /home/root/app/ -ARG COMM_TEST_SERVICES -ARG COMM_SERVICES_SANDBOX +WORKDIR /home/root/app -ENV COMM_TEST_SERVICES=${COMM_TEST_SERVICES} -ENV COMM_SERVICES_SANDBOX=${COMM_SERVICES_SANDBOX} +# Install more recent version of protobuf, must be ran as root +COPY scripts/install_protobuf.sh ../../scripts/install_protobuf.sh +RUN ../../scripts/install_protobuf.sh -# Install Curl -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y curl +COPY services/tunnelbroker . -# Install Rust -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y +COPY shared/protos ../../shared/protos +COPY shared/tunnelbroker_messages ../../shared/tunnelbroker_messages -# Copying of the installation scripts -WORKDIR /transferred/services/tunnelbroker/docker -COPY services/tunnelbroker/docker . +RUN cargo install --path . -# Copying of the shared code -WORKDIR /transferred -COPY services/lib/src/ services/lib/src/ -COPY shared/ shared/ +FROM debian:bullseye-slim as runner -# Copying of the Tunnelbroker code -WORKDIR /transferred/services/tunnelbroker -COPY services/tunnelbroker/ . +RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* \ + && useradd -m comm \ + && mkdir -p /home/comm/app/tunnelbroker -# Build Rust by Cargo -WORKDIR /transferred/services/tunnelbroker -RUN cargo build --release +WORKDIR /home/comm/app/tunnelbroker -CMD if [ "$COMM_TEST_SERVICES" -eq 1 ];\ - then\ - cargo test;\ - else\ - cargo run;\ - fi +COPY --from=builder /usr/local/cargo/bin/tunnelbroker \ + /usr/local/bin/tunnelbroker + +USER comm + +CMD ["tunnelbroker"] diff --git a/services/tunnelbroker/make_docker_image.sh b/services/tunnelbroker/make_docker_image.sh new file mode 100755 --- /dev/null +++ b/services/tunnelbroker/make_docker_image.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +# This file exists to make a smaller docker context, so that building it is +# significantly faster and requires less system resources + +SCRIPT_DIR="$(cd "$(dirname "$0")" || exit 1; pwd -P)" +BUILD_DIR="${SCRIPT_DIR}/target/oci_image" + +rm -rf "$BUILD_DIR" +mkdir -p "$BUILD_DIR"/{scripts,shared,services/tunnelbroker} + +cp "$SCRIPT_DIR/../../scripts/install_protobuf.sh" "$BUILD_DIR"/scripts +cp -r "${SCRIPT_DIR}/../../shared/protos" "$BUILD_DIR"/shared/protos +cp -r "${SCRIPT_DIR}/../../shared/tunnelbroker_messages" \ + "$BUILD_DIR"/shared/tunnelbroker_messages +cp -r "${SCRIPT_DIR}"/{Cargo.toml,Cargo.lock,build.rs,src} \ + "$BUILD_DIR"/services/tunnelbroker/ + +docker build -f "${SCRIPT_DIR}/Dockerfile" "$BUILD_DIR"