diff --git a/.github/workflows/dockerhub.yml b/.github/workflows/dockerhub.yml index 55257b3a7..605627371 100644 --- a/.github/workflows/dockerhub.yml +++ b/.github/workflows/dockerhub.yml @@ -6,47 +6,61 @@ # Add the dockerhub repo path in a secret named: # DOCKERHUB_REPO # This workflow will use them automatically. - -# FIXME: Refactor this workflow using matrix and the new docker args +## Notes: +# - The workflow_dispatch event will be named latest only on dockerhub. +# - The push event is used to automatically trigger the workflow when a new tag is pushed to the repository. +# - The metadata action is used to extract the version from the tag and generate the appropriate Docker tags. +# - The build-push-action is used to build and push the Docker image to Docker Hub. +# - The cache-from and cache-to actions are used to cache the Docker image layers between builds. +# -- If you don't want to have a build cache image, you can remove the cache-from and cache-to actions, +# -- or you can set it to another dockerhub repo (e.g. user/different-dockerhub-repo) +# - The sbom action is used to generate a Software Bill of Materials (SBOM) for the Docker image. name: Publish Docker images -on: workflow_dispatch -# TODO: put this back once the docker files work correctly -# release: -# types: [released] +on: + workflow_dispatch: + push: + tags: + - 'v*' jobs: publish-image: - environment: dockerhub-publish name: Push Docker image to Docker Hub + environment: dockerhub-publish runs-on: ubuntu-latest steps: - - name: Check out the repo - uses: actions/checkout@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub - uses: docker/login-action@v1 + - name: Login to Docker Hub + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Extract metadata (tags, labels) for Docker + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Extract metadata id: meta - uses: docker/metadata-action@v3 + uses: docker/metadata-action@v5 with: images: ${{ secrets.DOCKERHUB_REPO }} tags: | - type=semver,pattern={{version}} - type=raw,value=latest - flavor: | - latest=false + type=semver,pattern={{version}},event=push + type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} + type=raw,value={{branch}},enable=${{ github.ref != format('refs/heads/{0}', 'main') }} - - name: Build and push Docker image - uses: docker/build-push-action@v2 + - name: Build and push + uses: docker/build-push-action@v5 with: - file: './Dockerfile' context: . + file: './Dockerfile' push: true + platforms: linux/amd64,linux/arm64 + cache-from: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache + cache-to: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache,mode=max tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + sbom: true \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 0972270ea..33a9b59aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # Build the node software ARG NODE_VERSION=16.20.2 -FROM node:${NODE_VERSION}-alpine as builder +FROM node:${NODE_VERSION}-alpine AS builder # Add the latest alpine repositories RUN echo "http://dl-3.alpinelinux.org/alpine/latest-stable/main" > /etc/apk/repositories \ @@ -68,7 +68,7 @@ RUN mkdir -p /requirements \ && ldd /jre/bin/java | awk 'NF == 4 { system("cp --parents " $3 " /requirements") }' # Prepare final image -FROM alpine:3.18 +FROM alpine:3.20 LABEL name="Signum Node" LABEL description="This is the official Signum Node image" LABEL credits="gittrekt,damccull,ohager" @@ -87,8 +87,7 @@ COPY --from=builder /requirements/ / WORKDIR /signum VOLUME ["/conf", "/db"] -RUN ln -s /conf /signum/conf -RUN ln -s /db /signum/db +RUN ln -s /conf /signum/conf && ln -s /db /signum/db # We use the bootstrap folder to copy the config files to the host machine in the start-node.sh script # use one of [h2,mariadb,postgres] @@ -108,10 +107,6 @@ COPY conf/${network}/node.${database}.properties ./bootstrap/node.properties COPY docker/scripts/start-node.sh ./start-node.sh RUN chmod +x start-node.sh -# Clean up -RUN rm signum-node.exe 2> /dev/null || true -RUN rm signum-node.zip 2> /dev/null || true - EXPOSE $port_ws $port_http $port_p2p ENTRYPOINT [ "./start-node.sh" ] diff --git a/build.gradle b/build.gradle index 58e318471..74fa66724 100644 --- a/build.gradle +++ b/build.gradle @@ -74,11 +74,11 @@ dependencies { implementation 'org.slf4j:slf4j-api:1.7.35' implementation 'org.slf4j:slf4j-jdk14:1.7.35' - implementation 'org.eclipse.jetty:jetty-server:10.0.19' - implementation 'org.eclipse.jetty:jetty-servlet:10.0.19' - implementation 'org.eclipse.jetty:jetty-servlets:10.0.19' - implementation 'org.eclipse.jetty:jetty-rewrite:10.0.19' - implementation 'org.eclipse.jetty.websocket:websocket-jetty-server:10.0.19' + implementation 'org.eclipse.jetty:jetty-server:10.0.24' + implementation 'org.eclipse.jetty:jetty-servlet:10.0.24' + implementation 'org.eclipse.jetty:jetty-servlets:10.0.24' + implementation 'org.eclipse.jetty:jetty-rewrite:10.0.24' + implementation 'org.eclipse.jetty.websocket:websocket-jetty-server:10.0.24' implementation 'javax.annotation:javax.annotation-api:1.3.2' @@ -90,6 +90,9 @@ dependencies { implementation 'org.apache.logging.log4j:log4j-api:2.17.1' implementation 'org.apache.logging.log4j:log4j-core:2.17.1' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.15.2' + implementation 'org.eclipse.jgit:org.eclipse.jgit:6.5.0.202303070854-r' + // Use JUnit test framework testImplementation("org.junit.platform:junit-platform-engine:1.5.1") testImplementation("org.junit.platform:junit-platform-launcher:1.5.1")