mirror of
https://github.com/balena-os/balena-supervisor.git
synced 2024-12-21 14:37:49 +00:00
17aa625d3b
This is necessary since the builder no longer passes the platform flag to the build. This would lead to dockerfiles that are mixing multi and single arch stages to pull the wrong architecture images, particularly when trying to build images in emulated builds (e.g. armv7hf built on aarch64). Moving the full build to single-arch solves this as the docker engine is capable of chosing the right architecture from the manifest. Once some of the builder issues are fixed, we should move to #2141 Relates-to: balena-io/balena-builder#1010 Change-type: patch
211 lines
6.1 KiB
Docker
211 lines
6.1 KiB
Docker
ARG ARCH=%%BALENA_ARCH%%
|
|
ARG FATRW_VERSION=0.2.9
|
|
|
|
|
|
FROM arm32v6/alpine:3.16 as alpine-rpi
|
|
FROM arm32v7/alpine:3.16 as alpine-armv7hf
|
|
FROM arm64v8/alpine:3.16 as alpine-aarch64
|
|
FROM amd64/alpine:3.16 as alpine-amd64
|
|
FROM i386/alpine:3.16 as alpine-i386
|
|
|
|
FROM arm32v6/alpine:3.11 as procmail-rpi
|
|
FROM arm32v7/alpine:3.11 as procmail-armv7hf
|
|
FROM arm64v8/alpine:3.11 as procmail-aarch64
|
|
FROM amd64/alpine:3.11 as procmail-amd64
|
|
FROM i386/alpine:3.11 as procmail-i386
|
|
|
|
###################################################
|
|
# Build the supervisor dependencies
|
|
###################################################
|
|
FROM balenalib/${ARCH}-alpine-node:16-run as build-base
|
|
|
|
ARG ARCH
|
|
ARG FATRW_VERSION
|
|
ARG FATRW_ARCHIVE="fatrw-${ARCH}.tar.gz"
|
|
ARG FATRW_LOCATION="https://github.com/balena-os/fatrw/releases/download/v${FATRW_VERSION}/${FATRW_ARCHIVE}"
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
RUN apk add --no-cache \
|
|
g++ \
|
|
make \
|
|
python3 \
|
|
libgcc \
|
|
libuv \
|
|
sqlite-dev \
|
|
dbus-dev
|
|
|
|
COPY package*.json ./
|
|
|
|
RUN strip /usr/local/bin/node
|
|
|
|
# Install fatrw
|
|
RUN curl -SLO "${FATRW_LOCATION}" && \
|
|
ls -la "${FATRW_ARCHIVE}" && \
|
|
tar -xzf "${FATRW_ARCHIVE}" -C /usr/local/bin && \
|
|
rm -f "${FATRW_ARCHIVE}"
|
|
|
|
# Just install dev dependencies first
|
|
RUN npm ci --build-from-source --sqlite=/usr/lib
|
|
|
|
###################################################################
|
|
# Journal access.
|
|
# The supervisor is built on an alpine image but still needs
|
|
# to use journalctl (from systemd) which cannot be built for
|
|
# musl. We hack around this by copying the binary and its library
|
|
# dependencies to the final image
|
|
###################################################################
|
|
FROM balenalib/${ARCH}-debian:bullseye-run as journal
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends systemd
|
|
|
|
COPY ./build-utils/setup-journal.sh /
|
|
RUN /setup-journal.sh
|
|
|
|
|
|
###################################################
|
|
# Extra dependencies. This uses alpine 3.11 as the
|
|
# procmail package was removed on 3.12
|
|
###################################################
|
|
FROM procmail-${ARCH} as extra
|
|
|
|
RUN apk add --update --no-cache procmail
|
|
|
|
###################################################
|
|
# Image with the final production dependencies.
|
|
# This image will also be be used for testing
|
|
###################################################
|
|
FROM alpine-${ARCH} as runtime-base
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
# We just need the node binary in the final image
|
|
COPY --from=build-base /usr/local/bin/node /usr/local/bin/node
|
|
|
|
# Also copy the fatrw binary
|
|
COPY --from=build-base /usr/local/bin/fatrw /usr/local/bin/fatrw
|
|
|
|
# Similarly, from the procmail package we just need the lockfile binary
|
|
COPY --from=extra /usr/bin/lockfile /usr/bin/lockfile
|
|
|
|
# Copy journalctl and library dependecies to the final image
|
|
COPY --from=journal /sysroot /
|
|
|
|
# Runtime dependencies
|
|
RUN apk add --no-cache \
|
|
ca-certificates \
|
|
iptables \
|
|
ip6tables \
|
|
rsync \
|
|
dbus \
|
|
libstdc++ \
|
|
dmidecode \
|
|
sqlite-libs
|
|
|
|
ARG ARCH
|
|
ARG VERSION=master
|
|
ENV CONFIG_MOUNT_POINT=/boot/config.json \
|
|
LED_FILE=/dev/null \
|
|
SUPERVISOR_IMAGE=balena/$ARCH-supervisor \
|
|
VERSION=$VERSION
|
|
|
|
###############################################################
|
|
# Use the base image to run integration tests and for livepush
|
|
###############################################################
|
|
FROM runtime-base as test
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
# Copy node install from the build folder
|
|
COPY --from=build-base /usr/local/bin /usr/local/bin
|
|
COPY --from=build-base /usr/local/lib/node_modules /usr/local/lib/node_modules
|
|
|
|
# Copy build dependencies
|
|
COPY --from=build-base /usr/src/app/package.json ./
|
|
COPY --from=build-base /usr/src/app/node_modules ./node_modules
|
|
|
|
# Run livepush here
|
|
#dev-copy=entry.sh .
|
|
#dev-cmd-live=LIVEPUSH=1 ./entry.sh
|
|
|
|
# Copy build files
|
|
COPY build-utils ./build-utils
|
|
COPY webpack.config.js tsconfig.json tsconfig.release.json tsconfig.js.json .mochapodrc.yml ./
|
|
COPY typings ./typings
|
|
COPY src ./src
|
|
COPY test ./test
|
|
|
|
# Run type checking and unit tests here
|
|
# to prevent setting up a test environment that will
|
|
# most likely fail.
|
|
RUN npm run test
|
|
|
|
# When running tests from a container built from this stage,
|
|
# skip the mocha-pod setup
|
|
ENV MOCHAPOD_SKIP_SETUP=1
|
|
|
|
# This command will be used by default when running integration tests
|
|
# from this stage
|
|
CMD npm run test:integration
|
|
|
|
###################################################
|
|
# Build the production package
|
|
###################################################
|
|
FROM build-base as build-prod
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
# Copy build files
|
|
COPY build-utils ./build-utils
|
|
COPY webpack.config.js tsconfig.json tsconfig.release.json ./
|
|
COPY src ./src
|
|
COPY typings ./typings
|
|
|
|
# Compile the sources using the dev
|
|
# dependencies
|
|
RUN npm run build
|
|
|
|
# Run the production install here, to avoid the npm dependency on
|
|
# the later stage
|
|
RUN npm ci \
|
|
--production \
|
|
--no-optional \
|
|
--unsafe-perm \
|
|
--build-from-source \
|
|
--sqlite=/usr/lib \
|
|
&& npm cache clean --force \
|
|
# For some reason this doesn't get cleared with the other
|
|
# cache
|
|
&& rm -rf node_modules/.cache \
|
|
# Remove various uneeded filetypes in order to reduce space
|
|
# We also remove the spurious node.dtps, see https://github.com/mapbox/node-sqlite3/issues/861
|
|
&& find . -path '*/coverage/*' -o -path '*/test/*' -o -path '*/.nyc_output/*' \
|
|
-o -name '*.tar.*' -o -name '*.in' -o -name '*.cc' \
|
|
-o -name '*.c' -o -name "*.ts" -o -name '*.eslintrc' \
|
|
-o -name '*.h' -o -name '*.html' -o -name '*.markdown' \
|
|
-o -name '*.md' -o -name '*.patch' -o -name '*.png' \
|
|
-o -name '*.yml' \
|
|
-delete \
|
|
&& find . -type f -path '*/node_modules/sqlite3/deps*' -delete \
|
|
&& find . -type f -path '*/node_modules/knex/build*' -delete \
|
|
&& rm -rf node_modules/sqlite3/node.dtps
|
|
|
|
###################################################
|
|
# Build the production image
|
|
###################################################
|
|
FROM runtime-base
|
|
|
|
WORKDIR /usr/src/app
|
|
|
|
COPY --from=build-prod /usr/src/app/dist ./dist
|
|
COPY --from=build-prod /usr/src/app/package.json ./
|
|
COPY --from=build-prod /usr/src/app/node_modules ./node_modules
|
|
|
|
COPY entry.sh .
|
|
|
|
VOLUME /data
|
|
HEALTHCHECK --interval=5m --start-period=1m --timeout=30s --retries=3 \
|
|
CMD wget http://127.0.0.1:${LISTEN_PORT:-48484}/v1/healthy -O - -q
|
|
|
|
CMD ["/usr/src/app/entry.sh"]
|