Updates to docker workflow & image (#847)

Update to gradle: -- Update Jetty to 10.0.24 Update to dockerhub workflow: -- Add docker platforms for AMD64 & ARM64 builds -- Update to remove deprecated newer action versions -- Update to add builds for different repo actions (push, dispatch) -- Fix github breaking change of image ubuntu-latest now being ubuntu 24 Update to Dockerfile: -- Removed duplicate clean up code -- Update Alpine to 3.20 Signed-off-by: gittrekt <[email protected]>
signum-network · Dec 22, 2024 · e89e488 · e89e488
1 parent 47d8db7
commit e89e488
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 28 deletions.
diff --git a/.github/workflows/dockerhub.yml b/.github/workflows/dockerhub.yml
@@ -6,47 +6,61 @@
 # Add the dockerhub repo path in a secret named:
 #    DOCKERHUB_REPO
 # This workflow will use them automatically.
-
-# FIXME: Refactor this workflow using matrix and the new docker args
+## Notes:
+# - The workflow_dispatch event will be named latest only on dockerhub.
+# - The push event is used to automatically trigger the workflow when a new tag is pushed to the repository.
+# - The metadata action is used to extract the version from the tag and generate the appropriate Docker tags.
+# - The build-push-action is used to build and push the Docker image to Docker Hub.
+# - The cache-from and cache-to actions are used to cache the Docker image layers between builds.
+# -- If you don't want to have a build cache image, you can remove the cache-from and cache-to actions,
+# -- or you can set it to another dockerhub repo (e.g. user/different-dockerhub-repo)
+# - The sbom action is used to generate a Software Bill of Materials (SBOM) for the Docker image.
 
 name: Publish Docker images
 
-on: workflow_dispatch
-#    TODO: put this back once the docker files work correctly
-#  release:
-#    types: [released]
+on:
+    workflow_dispatch:
+    push:
+        tags:
+            - 'v*'
 
 jobs:
   publish-image:
-    environment: dockerhub-publish
     name: Push Docker image to Docker Hub
+    environment: dockerhub-publish
     runs-on: ubuntu-latest
     steps:
-      - name: Check out the repo
-        uses: actions/checkout@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
 
-      - name: Log in to Docker Hub
-        uses: docker/login-action@v1
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
-      - name: Extract metadata (tags, labels) for Docker
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Extract metadata
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
           images: ${{ secrets.DOCKERHUB_REPO }}
           tags: |
-            type=semver,pattern={{version}}
-            type=raw,value=latest
-          flavor: |
-            latest=false
+            type=semver,pattern={{version}},event=push
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'main') }}
+            type=raw,value={{branch}},enable=${{ github.ref != format('refs/heads/{0}', 'main') }}
 
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v2
+      - name: Build and push
+        uses: docker/build-push-action@v5
         with:
-          file: './Dockerfile'
           context: .
+          file: './Dockerfile'
           push: true
+          platforms: linux/amd64,linux/arm64
+          cache-from: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache
+          cache-to: type=registry,ref=${{ secrets.DOCKERHUB_REPO }}:buildcache,mode=max
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          sbom: true
diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 # Build the node software
 ARG NODE_VERSION=16.20.2
-FROM node:${NODE_VERSION}-alpine as builder
+FROM node:${NODE_VERSION}-alpine AS builder
 
 # Add the latest alpine repositories
 RUN echo "http://dl-3.alpinelinux.org/alpine/latest-stable/main" > /etc/apk/repositories \
@@ -68,7 +68,7 @@ RUN mkdir -p /requirements \
   && ldd /jre/bin/java | awk 'NF == 4 { system("cp --parents " $3 " /requirements") }'
 
 # Prepare final image
-FROM alpine:3.18
+FROM alpine:3.20
 LABEL name="Signum Node"
 LABEL description="This is the official Signum Node image"
 LABEL credits="gittrekt,damccull,ohager"
@@ -87,8 +87,7 @@ COPY --from=builder /requirements/ /
 WORKDIR /signum
 
 VOLUME ["/conf", "/db"]
-RUN ln -s /conf /signum/conf
-RUN ln -s /db /signum/db
+RUN ln -s /conf /signum/conf && ln -s /db /signum/db
 
 # We use the bootstrap folder to copy the config files to the host machine in the start-node.sh script
 # use one of [h2,mariadb,postgres]
@@ -108,10 +107,6 @@ COPY conf/${network}/node.${database}.properties ./bootstrap/node.properties
 COPY docker/scripts/start-node.sh ./start-node.sh
 RUN chmod +x start-node.sh
 
-# Clean up
-RUN rm signum-node.exe 2> /dev/null || true
-RUN rm signum-node.zip 2> /dev/null || true
-
 EXPOSE $port_ws $port_http $port_p2p
 
 ENTRYPOINT [ "./start-node.sh" ]
diff --git a/build.gradle b/build.gradle
@@ -91,6 +91,9 @@ dependencies {
   implementation 'org.apache.logging.log4j:log4j-api:2.17.1'
   implementation 'org.apache.logging.log4j:log4j-core:2.17.1'
 
+  implementation 'com.fasterxml.jackson.core:jackson-databind:2.15.2'
+  implementation 'org.eclipse.jgit:org.eclipse.jgit:6.5.0.202303070854-r'
+
   // Use JUnit test framework
   testImplementation("org.junit.platform:junit-platform-engine:1.5.1")
   testImplementation("org.junit.platform:junit-platform-launcher:1.5.1")