From f793ece922607014aca66640f67dbfd7d3cffc84 Mon Sep 17 00:00:00 2001 From: Christoph Haas Date: Thu, 8 Apr 2021 09:23:48 +0200 Subject: [PATCH] WIP: smaller docker image --- Dockerfile | 37 +++++++++++++++++----------- Makefile | 3 +++ cmd/wg-portal/main.go | 4 +++ docker-compose.yml | 2 +- go.mod | 3 ++- hooks/build | 10 ++++++++ internal/server/server.go | 2 +- internal/server/version.go | 1 + scripts/docker-healthcheck.sh | 7 ------ scripts/goss/wgportal/goss-wait.yaml | 3 --- scripts/goss/wgportal/goss.yaml | 3 --- 11 files changed, 45 insertions(+), 30 deletions(-) create mode 100755 hooks/build delete mode 100755 scripts/docker-healthcheck.sh delete mode 100644 scripts/goss/wgportal/goss-wait.yaml delete mode 100644 scripts/goss/wgportal/goss.yaml diff --git a/Dockerfile b/Dockerfile index 8662f55..e74a226 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,6 +6,12 @@ ######- FROM golang:1.16 as builder +ARG BUILD_IDENTIFIER +ENV ENV_BUILD_IDENTIFIER=$BUILD_IDENTIFIER + +ARG BUILD_VERSION +ENV ENV_BUILD_VERSION=$BUILD_VERSION + RUN mkdir /build # Copy the source from the current directory to the Working Directory inside the container @@ -17,28 +23,32 @@ WORKDIR /build # Workaround for failing travis-ci builds RUN rm -rf ~/go; rm -rf go.sum +# Download dependencies +RUN curl -L https://git.prolicht.digital/pub/healthcheck/-/releases/v1.0.1/downloads/binaries/hc -o /build/hc; \ + chmod +rx /build/hc; \ + echo "Building version: $ENV_BUILD_IDENTIFIER-$ENV_BUILD_VERSION" + # Build the Go app -RUN go clean -modcache; go mod tidy; make build +RUN go clean -modcache; go mod tidy; make build-docker ######- # Here starts the main image ######- -FROM debian:buster +FROM scratch # Setup timezone ENV TZ=Europe/Vienna -# GOSS for container health checks -ENV GOSS_VERSION v0.3.16 -RUN apt-get update && apt-get upgrade -y && \ - apt-get install --no-install-recommends -y moreutils ca-certificates curl && \ - rm -rf /var/cache/apt /var/lib/apt/lists/*; \ - curl -L https://github.com/aelsabbahy/goss/releases/download/$GOSS_VERSION/goss-linux-amd64 -o /usr/local/bin/goss && \ - chmod +rx /usr/local/bin/goss && \ - goss --version +# Import linux stuff from builder. +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ +COPY --from=builder /etc/passwd /etc/passwd +COPY --from=builder /etc/group /etc/group -COPY --from=builder /build/dist/wg-portal-amd64 /app/wgportal -COPY --from=builder /build/scripts /app/ +# Import healthcheck binary +COPY --from=builder /build/hc /app/hc + +# Copy binaries +COPY --from=builder /build/dist/wgportal /app/wgportal # Set the Current Working Directory inside the container WORKDIR /app @@ -46,5 +56,4 @@ WORKDIR /app # Command to run the executable CMD [ "/app/wgportal" ] -HEALTHCHECK --interval=1m --timeout=10s \ - CMD /app/docker-healthcheck.sh +HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 CMD [ "/app/hc", "http://localhost:11223/health" ] diff --git a/Makefile b/Makefile index 789b1d3..19d3406 100644 --- a/Makefile +++ b/Makefile @@ -18,6 +18,9 @@ build-cross-plat: dep build $(addsuffix -arm,$(addprefix $(BUILDDIR)/,$(BINARIES cp scripts/wg-portal.service $(BUILDDIR) cp scripts/wg-portal.env $(BUILDDIR) +build-docker: dep + CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GOCMD) build -o $(BUILDDIR)/wgportal -ldflags "-w -s -extldflags \"-static\" -X github.com/h44z/wg-portal/internal/server.Version=${ENV_BUILD_IDENTIFIER}-${ENV_BUILD_VERSION}" cmd/wg-portal/main.go + dep: $(GOCMD) mod download diff --git a/cmd/wg-portal/main.go b/cmd/wg-portal/main.go index 057d27a..c21ae09 100644 --- a/cmd/wg-portal/main.go +++ b/cmd/wg-portal/main.go @@ -8,6 +8,7 @@ import ( "syscall" "time" + "git.prolicht.digital/pub/healthcheck" "github.com/h44z/wg-portal/internal/server" "github.com/sirupsen/logrus" ) @@ -26,6 +27,9 @@ func main() { ctx, cancel := context.WithCancel(context.Background()) defer cancel() + // start health check service on port 11223 + healthcheck.New(healthcheck.WithContext(ctx)).Start() + service := server.Server{} if err := service.Setup(ctx); err != nil { logrus.Fatalf("setup failed: %v", err) diff --git a/docker-compose.yml b/docker-compose.yml index 7b95fce..227f77b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.6' services: wg-portal: - image: h44z/wg-portal:latest + image: h44z/wg-portal:1.0.6 container_name: wg-portal restart: unless-stopped cap_add: diff --git a/go.mod b/go.mod index 5a05f29..4524368 100644 --- a/go.mod +++ b/go.mod @@ -3,12 +3,13 @@ module github.com/h44z/wg-portal go 1.16 require ( + git.prolicht.digital/pub/healthcheck v1.0.1 github.com/gin-contrib/sessions v0.0.3 github.com/gin-gonic/gin v1.6.3 github.com/go-ldap/ldap/v3 v3.2.4 github.com/go-playground/validator/v10 v10.4.1 github.com/gorilla/sessions v1.2.1 // indirect - github.com/jordan-wright/email v4.0.1-0.20200917010138-e1c00e156980+incompatible + github.com/jordan-wright/email v4.0.1-0.20210109023952-943e75fe5223+incompatible github.com/kelseyhightower/envconfig v1.4.0 github.com/milosgajdos/tenus v0.0.3 github.com/pkg/errors v0.9.1 diff --git a/hooks/build b/hooks/build new file mode 100755 index 0000000..622fc06 --- /dev/null +++ b/hooks/build @@ -0,0 +1,10 @@ +#!/bin/bash + +# File needs to be called /hooks/build relative to the Dockerfile. +# Some environment variables are injected into the build hook, see: https://docs.docker.com/docker-hub/builds/advanced/. + +GIT_SHORT_HASH=$(echo $SOURCE_COMMIT | cut -c1-7) +echo "Build hook running for git hash $GIT_SHORT_HASH" +docker build --build-arg BUILD_IDENTIFIER=$DOCKER_TAG \ + --build-arg BUILD_VERSION=$GIT_SHORT_HASH \ + -t $IMAGE_NAME . \ No newline at end of file diff --git a/internal/server/server.go b/internal/server/server.go index 1bd6d8e..143bcd3 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -104,7 +104,7 @@ func (s *Server) Setup(ctx context.Context) error { if err != nil { return errors.WithMessage(err, "database setup failed") } - err = common.MigrateDatabase(s.db, Version) + err = common.MigrateDatabase(s.db, DatabaseVersion) if err != nil { return errors.WithMessage(err, "database migration failed") } diff --git a/internal/server/version.go b/internal/server/version.go index 1433fa0..7076578 100644 --- a/internal/server/version.go +++ b/internal/server/version.go @@ -1,3 +1,4 @@ package server var Version = "1.0.6" +var DatabaseVersion = "1.0.6" diff --git a/scripts/docker-healthcheck.sh b/scripts/docker-healthcheck.sh deleted file mode 100755 index 61322e7..0000000 --- a/scripts/docker-healthcheck.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e - -goss -g /app/goss/wgportal/goss.yaml validate --format json_oneline - -exit 0 \ No newline at end of file diff --git a/scripts/goss/wgportal/goss-wait.yaml b/scripts/goss/wgportal/goss-wait.yaml deleted file mode 100644 index be7a9cd..0000000 --- a/scripts/goss/wgportal/goss-wait.yaml +++ /dev/null @@ -1,3 +0,0 @@ -process: - wgportal: - running: true \ No newline at end of file diff --git a/scripts/goss/wgportal/goss.yaml b/scripts/goss/wgportal/goss.yaml deleted file mode 100644 index be7a9cd..0000000 --- a/scripts/goss/wgportal/goss.yaml +++ /dev/null @@ -1,3 +0,0 @@ -process: - wgportal: - running: true \ No newline at end of file