chore: update docker scripts
This commit is contained in:
parent
b5bedddf94
commit
362b5ea9ba
@ -17,24 +17,16 @@ RUN --mount=type=cache,id=golang,target=/go/pkg make build
|
|||||||
|
|
||||||
|
|
||||||
# main image
|
# main image
|
||||||
FROM quay.io/podman/stable
|
FROM docker.io/library/alpine
|
||||||
|
|
||||||
# pkill
|
|
||||||
RUN yum -y install jq procps-ng && yum -y clean all && rm -rf /var/cache
|
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
RUN apk --no-cache add tzdata ca-certificates bash openrc \
|
||||||
# prepare images
|
containerd nerdctl
|
||||||
COPY --from=builder /builder/resource/runner /app/resource/runner
|
|
||||||
RUN bash -c "cd /app/resource/runner/scripts && ./prepare_images.sh save"
|
|
||||||
|
|
||||||
# sources
|
# sources
|
||||||
|
COPY --from=builder /builder/resource/runner /app/resource/runner
|
||||||
COPY --from=builder /builder/config.docker.yaml /app
|
COPY --from=builder /builder/config.docker.yaml /app
|
||||||
COPY --from=builder /builder/docker-entrypoint.sh /app
|
COPY --from=builder /builder/docker-entrypoint.sh /app
|
||||||
COPY --from=builder /builder/woj /app
|
COPY --from=builder /builder/woj /app
|
||||||
|
|
||||||
# switch user
|
|
||||||
RUN chown -R podman:podman /app
|
|
||||||
USER podman
|
|
||||||
|
|
||||||
ENTRYPOINT ["/app/docker-entrypoint.sh"]
|
ENTRYPOINT ["/app/docker-entrypoint.sh"]
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
# Go builder
|
# Go builder
|
||||||
FROM docker.io/library/golang:alpine AS go-builder
|
FROM docker.io/library/golang:alpine AS go-builder
|
||||||
|
|
||||||
ENV GOPROXY=https://goproxy.cn
|
#ENV GOPROXY=https://goproxy.cn
|
||||||
ENV CGO_ENABLED=0
|
ENV CGO_ENABLED=0
|
||||||
WORKDIR /builder
|
WORKDIR /builder
|
||||||
|
|
||||||
@ -23,7 +23,7 @@ RUN find /app -type f -name "*.map" -delete
|
|||||||
FROM docker.io/library/alpine
|
FROM docker.io/library/alpine
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
RUN apk --no-cache add tzdata ca-certificates libc6-compat bash
|
RUN apk --no-cache add tzdata ca-certificates bash
|
||||||
|
|
||||||
COPY --from=go-builder /builder/config.docker.yaml /app
|
COPY --from=go-builder /builder/config.docker.yaml /app
|
||||||
COPY --from=go-builder /builder/docker-entrypoint.sh /app
|
COPY --from=go-builder /builder/docker-entrypoint.sh /app
|
||||||
|
@ -31,8 +31,7 @@ function build_server() {
|
|||||||
function build_runner() {
|
function build_runner() {
|
||||||
log_info "[+] Building Runner"
|
log_info "[+] Building Runner"
|
||||||
$DOCKER build \
|
$DOCKER build \
|
||||||
--cap-add=sys_admin,mknod \
|
--cap-add=sys_admin \
|
||||||
--device=/dev/fuse \
|
|
||||||
--security-opt label=disable \
|
--security-opt label=disable \
|
||||||
-t "git.0x7f.app/woj/woj-runner:latest" \
|
-t "git.0x7f.app/woj/woj-runner:latest" \
|
||||||
-f Runner.Dockerfile . ||
|
-f Runner.Dockerfile . ||
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
services:
|
services:
|
||||||
server:
|
server:
|
||||||
image: git.0x7f.app/woj/woj-server:1.2.2
|
image: git.0x7f.app/woj/woj-server:1.2.3-dev
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: [ "CMD", "wget", "-q", "-O", "/dev/null", "http://127.0.0.1:8000/health" ]
|
test: [ "CMD", "wget", "-q", "-O", "/dev/null", "http://127.0.0.1:8000/health" ]
|
||||||
@ -21,8 +21,6 @@ services:
|
|||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
depends_on:
|
depends_on:
|
||||||
runner:
|
|
||||||
condition: service_started
|
|
||||||
storage:
|
storage:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
cache:
|
cache:
|
||||||
@ -33,16 +31,12 @@ services:
|
|||||||
- "8000:8000"
|
- "8000:8000"
|
||||||
|
|
||||||
runner:
|
runner:
|
||||||
image: git.0x7f.app/woj/woj-runner:1.2.2
|
image: git.0x7f.app/woj/woj-runner:1.2.3-dev
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
command: runner
|
command: runner
|
||||||
security_opt:
|
privileged: true
|
||||||
- "label=disable"
|
|
||||||
cap_add:
|
cap_add:
|
||||||
- SYS_ADMIN
|
- SYS_ADMIN
|
||||||
- MKNOD
|
|
||||||
devices:
|
|
||||||
- "/dev/fuse"
|
|
||||||
environment:
|
environment:
|
||||||
- REDIS_ADDRESS=cache
|
- REDIS_ADDRESS=cache
|
||||||
- STORAGE_ENDPOINT=storage:9000
|
- STORAGE_ENDPOINT=storage:9000
|
||||||
@ -50,8 +44,10 @@ services:
|
|||||||
- STORAGE_SECRET_KEY=secret_key
|
- STORAGE_SECRET_KEY=secret_key
|
||||||
- STORAGE_BUCKET=woj
|
- STORAGE_BUCKET=woj
|
||||||
- DEVELOPMENT=true
|
- DEVELOPMENT=true
|
||||||
|
- START_CONTAINERD=true
|
||||||
volumes:
|
volumes:
|
||||||
- runner:/app/resource/runner/user
|
- runner:/app/resource/runner/user
|
||||||
|
- container:/var/lib/containerd
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
depends_on:
|
depends_on:
|
||||||
|
Loading…
Reference in New Issue
Block a user