cascade/ipfs-cluster
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Docker: use more recent versions

Browse Source 
Use gosu and tini from debian packages for the main container.
This commit is contained in:
Hector Sanjuan 2023-08-10 21:53:29 +02:00
parent 7c923c32e2
commit be612bc91d
4 changed files with 8 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
Dockerfile
View File

@ -1,4 +1,4 @@
FROM golang:1.20-buster AS builder
FROM golang:1.20-bullseye AS builder
MAINTAINER Hector Sanjuan <hector@protocol.ai>
# This dockerfile builds and runs ipfs-cluster-service.
@ -8,25 +8,8 @@ ENV SRC_PATH $GOPATH/src/github.com/ipfs-cluster/ipfs-cluster
ENV GO111MODULE on
ENV GOPROXY https://proxy.golang.org
ENV SUEXEC_VERSION v0.2
ENV TINI_VERSION v0.19.0
RUN set -eux; \
dpkgArch="$(dpkg --print-architecture)"; \
case "${dpkgArch##*-}" in \
"amd64" | "armhf" | "arm64") tiniArch="tini-static-$dpkgArch" ;;\
*) echo >&2 "unsupported architecture: ${dpkgArch}"; exit 1 ;; \
esac; \
cd /tmp \
&& git clone https://github.com/ncopa/su-exec.git \
&& cd su-exec \
&& git checkout -q $SUEXEC_VERSION \
&& make su-exec-static \
&& cd /tmp \
&& wget -q -O tini https://github.com/krallin/tini/releases/download/$TINI_VERSION/$tiniArch \
&& chmod +x tini
# Get the TLS CA certificates, they're not provided by busybox.
RUN apt-get update && apt-get install -y ca-certificates
RUN apt-get update && apt-get install -y ca-certificates tini gosu
COPY --chown=1000:users go.* $SRC_PATH/
WORKDIR $SRC_PATH
@ -55,8 +38,8 @@ COPY --from=builder $GOPATH/bin/ipfs-cluster-service /usr/local/bin/ipfs-cluster
COPY --from=builder $GOPATH/bin/ipfs-cluster-ctl /usr/local/bin/ipfs-cluster-ctl
COPY --from=builder $GOPATH/bin/ipfs-cluster-follow /usr/local/bin/ipfs-cluster-follow
COPY --from=builder $SRC_PATH/docker/entrypoint.sh /usr/local/bin/entrypoint.sh
COPY --from=builder /tmp/su-exec/su-exec-static /sbin/su-exec
COPY --from=builder /tmp/tini /sbin/tini
COPY --from=builder /usr/bin/tini /usr/bin/tini
COPY --from=builder /usr/sbin/gosu /usr/sbin/gosu
COPY --from=builder /etc/ssl/certs /etc/ssl/certs
RUN mkdir -p $IPFS_CLUSTER_PATH && \
@ -64,7 +47,7 @@ RUN mkdir -p $IPFS_CLUSTER_PATH && \
chown ipfs:users $IPFS_CLUSTER_PATH
VOLUME $IPFS_CLUSTER_PATH
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/entrypoint.sh"]
ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/entrypoint.sh"]
# Defaults for ipfs-cluster-service go here
CMD ["daemon"]

2
Dockerfile-bundle
View File

@ -1,4 +1,4 @@
FROM golang:1.20-buster AS builder
FROM golang:1.20-bullseye AS builder
MAINTAINER Hector Sanjuan <hector@protocol.ai>
# This dockerfile builds cluster and runs it along with kubo.

2
Dockerfile-test
View File

@ -1,4 +1,4 @@
FROM golang:1.20-buster AS builder
FROM golang:1.20-bullseye AS builder
MAINTAINER Hector Sanjuan <hector@protocol.ai>
# This build state just builds the cluster binaries

2
docker/entrypoint.sh
View File

@ -11,7 +11,7 @@ if [ `id -u` -eq 0 ]; then
echo "Changing user to $user"
# ensure directories are writable
su-exec "$user" test -w "${IPFS_CLUSTER_PATH}" || chown -R -- "$user" "${IPFS_CLUSTER_PATH}"
exec su-exec "$user" "$0" $@
exec gosu "$user" "$0" $@
fi
# Only ipfs user can get here