chore: update docker scripts

2024-01-27 19:11:26 +08:00 · 2024-01-27 19:11:26 +08:00 · 362b5ea9ba
commit 362b5ea9ba
parent b5bedddf94
4 changed files with 12 additions and 25 deletions
--- a/Runner.Dockerfile
+++ b/Runner.Dockerfile
@ -17,24 +17,16 @@ RUN --mount=type=cache,id=golang,target=/go/pkg make build
 # main image
-FROM quay.io/podman/stable
+FROM docker.io/library/alpine
 # pkill
 RUN yum -y install jq procps-ng && yum -y clean all && rm -rf /var/cache
 WORKDIR /app
-
+RUN apk --no-cache add tzdata ca-certificates bash openrc \
-# prepare images
+                   containerd nerdctl
 COPY --from=builder /builder/resource/runner /app/resource/runner
 RUN bash -c "cd /app/resource/runner/scripts && ./prepare_images.sh save"
 # sources
 COPY --from=builder /builder/resource/runner /app/resource/runner
 COPY --from=builder /builder/config.docker.yaml /app
 COPY --from=builder /builder/docker-entrypoint.sh /app
 COPY --from=builder /builder/woj /app
 # switch user
 RUN chown -R podman:podman /app
 USER podman
 ENTRYPOINT ["/app/docker-entrypoint.sh"]
--- a/Server.Dockerfile
+++ b/Server.Dockerfile
@ -1,7 +1,7 @@
 # Go builder
 FROM docker.io/library/golang:alpine AS go-builder
-ENV GOPROXY=https://goproxy.cn
+#ENV GOPROXY=https://goproxy.cn
 ENV CGO_ENABLED=0
 WORKDIR /builder
@ -23,7 +23,7 @@ RUN find /app -type f -name "*.map" -delete
 FROM docker.io/library/alpine
 WORKDIR /app
-RUN apk --no-cache add tzdata ca-certificates libc6-compat bash
+RUN apk --no-cache add tzdata ca-certificates bash
 COPY --from=go-builder /builder/config.docker.yaml /app
 COPY --from=go-builder /builder/docker-entrypoint.sh /app
--- a/build_image.sh
+++ b/build_image.sh
@ -31,8 +31,7 @@ function build_server() {
 function build_runner() {
    log_info "[+] Building Runner"
    $DOCKER build \
-        --cap-add=sys_admin,mknod \
+        --cap-add=sys_admin \
        --device=/dev/fuse \
        --security-opt label=disable \
        -t "git.0x7f.app/woj/woj-runner:latest" \
        -f Runner.Dockerfile . ||
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,6 +1,6 @@
 services:
  server:
-    image: git.0x7f.app/woj/woj-server:1.2.2
+    image: git.0x7f.app/woj/woj-server:1.2.3-dev
    restart: unless-stopped
    healthcheck:
      test: [ "CMD", "wget", "-q", "-O", "/dev/null", "http://127.0.0.1:8000/health" ]
@ -21,8 +21,6 @@ services:
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    depends_on:
      runner:
        condition: service_started
      storage:
        condition: service_healthy
      cache:
@ -33,16 +31,12 @@ services:
      - "8000:8000"
  runner:
-    image: git.0x7f.app/woj/woj-runner:1.2.2
+    image: git.0x7f.app/woj/woj-runner:1.2.3-dev
    restart: unless-stopped
    command: runner
-    security_opt:
+    privileged: true
      - "label=disable"
    cap_add:
      - SYS_ADMIN
      - MKNOD
    devices:
      - "/dev/fuse"
    environment:
      - REDIS_ADDRESS=cache
      - STORAGE_ENDPOINT=storage:9000
@ -50,8 +44,10 @@ services:
      - STORAGE_SECRET_KEY=secret_key
      - STORAGE_BUCKET=woj
      - DEVELOPMENT=true
      - START_CONTAINERD=true
    volumes:
      - runner:/app/resource/runner/user
      - container:/var/lib/containerd
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    depends_on: