From 358fc45d376943f8715bfade6a964b953ef0360b Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 10:03:21 +0000 Subject: [PATCH 1/6] Use static linking and arm64 CI build --- .cargo/config.toml | 11 +++++++++ .devcontainer/Dockerfile | 11 ++++----- .gitignore | 3 ++- .woodpecker.yml | 49 ++++++++++++++++------------------------ 4 files changed, 37 insertions(+), 37 deletions(-) create mode 100644 .cargo/config.toml diff --git a/.cargo/config.toml b/.cargo/config.toml new file mode 100644 index 0000000..763fe5c --- /dev/null +++ b/.cargo/config.toml @@ -0,0 +1,11 @@ +[target.x86_64-unknown-linux-gnu] +linker="x86_64-linux-gnu-gcc" + +[target.x86_64-unknown-linux-musl] +linker="x86_64-linux-gnu-gcc" + +[target.aarch64-unknown-linux-musl] +linker="aarch64-linux-gnu-gcc" + +[target.aarch64-unknown-linux-gnu] +linker="aarch64-linux-gnu-gcc" diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 51b1d02..dd9bfbd 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -2,13 +2,10 @@ FROM mcr.microsoft.com/vscode/devcontainers/rust:1-1-bookworm -RUN dpkg --add-architecture arm64 && \ - apt-get update && export DEBIAN_FRONTEND=noninteractive \ +RUN apt update && export DEBIAN_FRONTEND=noninteractive \ && apt-get -y install --no-install-recommends \ tmux \ - vim \ - gcc-aarch64-linux-gnu \ - libssl-dev:arm64 \ - libc6-dev:arm64 + vim -RUN rustup target add aarch64-unknown-linux-gnu \ No newline at end of file +RUN rustup target add x86_64-unknown-linux-musl \ + && rustup target add aarch64-unknown-linux-musl \ No newline at end of file diff --git a/.gitignore b/.gitignore index 36f7647..c0e1200 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,5 @@ target temp docker-compose.yml .devcontainer/*.env -.cargo +.cargo/* +!.cargo/config.toml diff --git a/.woodpecker.yml b/.woodpecker.yml index 774e1e2..8aed9fb 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,7 +3,7 @@ variables: - &buildx_plugin 'woodpeckerci/plugin-docker-buildx:2.1.0' labels: - platform: linux/amd64 + platform: linux/arm64 clone: git: @@ -14,41 +14,32 @@ clone: branch: main steps: - - name: build-x86 + - name: build-arm64 image: *rust - commands: | - if [ "$CI_SYSTEM_PLATFORM" = "linux/amd64" ]; then - export CARGO_HOME=$(pwd)/.cargo/ - cargo test - cargo build --release - mkdir -p target/linux/amd64 - cp target/release/picus target/linux/amd64/picus - else - echo Unsupported platform! - exit1 - fi + commands: + - apt update + - apt install -y musl-tools + - rustup target add aarch64-unknown-linux-musl + - export CARGO_HOME=$(pwd)/.cargo/ + - cargo test --target aarch64-unknown-linux-musl + - cargo build --release --target aarch64-unknown-linux-musl + - mkdir -p target/linux/arm64 + - cp target/aarch64-unknown-linux-musl/release/picus target/linux/arm64/ when: - event: pull_request - event: [push, tag, manual] branch: main - - name: build-arm64 + - name: build-x86 image: *rust - commands: | - if [ "$CI_SYSTEM_PLATFORM" = "linux/amd64" ]; then - dpkg --add-architecture arm64 - apt-get update - export DEBIAN_FRONTED=noninteractive - apt-get -y install --no-install-recommends gcc-aarch64-linux-gnu libssl-dev:arm64 libc6-dev:arm64 - rustup target add aarch64-unknown-linux-gnu - export CARGO_HOME=$(pwd)/.cargo/ - RUSTFLAGS="-C linker=aarch64-linux-gnu-gcc" PKG_CONFIG_SYSROOT_DIR=/ cargo build --target aarch64-unknown-linux-gnu --release - mkdir -p target/linux/arm64 - cp target/aarch64-unknown-linux-gnu/release/picus target/linux/arm64/ - else - echo Unsupported platform! - exit1 - fi + commands: + - apt update + - apt install -y gcc-x86-64-linux-gnu musl-tools + - rustup target add x86_64-unknown-linux-musl + - export CARGO_HOME=$(pwd)/.cargo/ + - cargo build --release --target x86_64-unknown-linux-musl + - mkdir -p target/linux/amd64 + - cp target/x86_64-unknown-linux-musl/release/picus target/linux/amd64/picus when: - event: pull_request - event: [push, tag, manual] From 92efc3ad9725faf4738cac922abdc72c3ea002fb Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 10:34:35 +0000 Subject: [PATCH 2/6] Change base image for distroless --- .woodpecker.yml | 6 ++---- Dockerfile.distroless.multiarch | 4 ++-- Dockerfile.multiarch | 4 ++-- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 8aed9fb..4bcafb7 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -23,8 +23,7 @@ steps: - export CARGO_HOME=$(pwd)/.cargo/ - cargo test --target aarch64-unknown-linux-musl - cargo build --release --target aarch64-unknown-linux-musl - - mkdir -p target/linux/arm64 - - cp target/aarch64-unknown-linux-musl/release/picus target/linux/arm64/ + - cp target/aarch64-unknown-linux-musl/release/picus target/picus-linux-arm64 when: - event: pull_request - event: [push, tag, manual] @@ -38,8 +37,7 @@ steps: - rustup target add x86_64-unknown-linux-musl - export CARGO_HOME=$(pwd)/.cargo/ - cargo build --release --target x86_64-unknown-linux-musl - - mkdir -p target/linux/amd64 - - cp target/x86_64-unknown-linux-musl/release/picus target/linux/amd64/picus + - cp target/x86_64-unknown-linux-musl/release/picus target/picus-linux-amd64 when: - event: pull_request - event: [push, tag, manual] diff --git a/Dockerfile.distroless.multiarch b/Dockerfile.distroless.multiarch index 13123b0..ccefe32 100644 --- a/Dockerfile.distroless.multiarch +++ b/Dockerfile.distroless.multiarch @@ -1,8 +1,8 @@ -FROM gcr.io/distroless/cc-debian12:nonroot +FROM gcr.io/distroless/static-debian12:nonroot LABEL org.opencontainers.image.source https://github.com/windsource/picus ARG TARGETOS TARGETARCH -COPY target/${TARGETOS}/${TARGETARCH}/picus /usr/local/bin/picus +COPY target/picus-${TARGETOS}-${TARGETARCH} /usr/local/bin/picus CMD ["/usr/local/bin/picus"] diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 724f6f0..af750a8 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,4 +1,4 @@ -FROM debian:12.1-slim +FROM debian:12.6-slim LABEL org.opencontainers.image.source https://github.com/windsource/picus @@ -9,6 +9,6 @@ RUN groupadd -g 999 appuser && \ USER appuser ARG TARGETOS TARGETARCH -COPY target/${TARGETOS}/${TARGETARCH}/picus /usr/local/bin/picus +COPY target/picus-${TARGETOS}-${TARGETARCH} /usr/local/bin/picus CMD ["/usr/local/bin/picus"] From dcc04107798b45ad47e37d418ad7b34766ccf8d8 Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 10:43:41 +0000 Subject: [PATCH 3/6] Run CI steps in parallel --- .woodpecker.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.woodpecker.yml b/.woodpecker.yml index 4bcafb7..c78b9cf 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -55,6 +55,7 @@ steps: branch: main - name: publish-distroless + depends_on: [build-arm64, build-x86, check-licenses] image: *buildx_plugin settings: platforms: linux/amd64,linux/arm64 @@ -79,6 +80,7 @@ steps: branch: main - name: publish-debian + depends_on: [build-arm64, build-x86, check-licenses] image: *buildx_plugin settings: platforms: linux/amd64,linux/arm64 From 1e825cbabd51b7f53da5e8d6399ec7a0c1b16e39 Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 10:45:49 +0000 Subject: [PATCH 4/6] Optimize parallel builds --- .woodpecker.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.woodpecker.yml b/.woodpecker.yml index c78b9cf..172c255 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -15,6 +15,7 @@ clone: steps: - name: build-arm64 + depends_on: [] image: *rust commands: - apt update @@ -30,6 +31,7 @@ steps: branch: main - name: build-x86 + depends_on: [] image: *rust commands: - apt update @@ -44,6 +46,7 @@ steps: branch: main - name: check-licenses + depends_on: [] image: *rust commands: - export CARGO_HOME=$(pwd)/.cargo/ From cc607443b1c004d6bd42ed942a28e29e35bc3668 Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 11:10:03 +0000 Subject: [PATCH 5/6] Update CI build images --- .woodpecker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 172c255..94b80f3 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,5 +1,5 @@ variables: - - &rust 'rust:1.77.1-bookworm' + - &rust 'rust:1.79-bookworm' - &buildx_plugin 'woodpeckerci/plugin-docker-buildx:2.1.0' labels: @@ -7,7 +7,7 @@ labels: clone: git: - image: woodpeckerci/plugin-git:2.2.0 + image: woodpeckerci/plugin-git:2.5.1 when: - event: pull_request - event: [push, tag, manual] From 09a0a5e513bab92aeb2ec896c44bd2c64c817e85 Mon Sep 17 00:00:00 2001 From: windsource Date: Sun, 21 Jul 2024 11:26:00 +0000 Subject: [PATCH 6/6] Switch CI build back to amd64 platform --- .woodpecker.yml | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 94b80f3..43e72ee 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,7 +3,7 @@ variables: - &buildx_plugin 'woodpeckerci/plugin-docker-buildx:2.1.0' labels: - platform: linux/arm64 + platform: linux/amd64 clone: git: @@ -14,39 +14,37 @@ clone: branch: main steps: - - name: build-arm64 - depends_on: [] + - name: build-x86 image: *rust commands: - apt update - apt install -y musl-tools - - rustup target add aarch64-unknown-linux-musl + - rustup target add x86_64-unknown-linux-musl - export CARGO_HOME=$(pwd)/.cargo/ - - cargo test --target aarch64-unknown-linux-musl - - cargo build --release --target aarch64-unknown-linux-musl - - cp target/aarch64-unknown-linux-musl/release/picus target/picus-linux-arm64 + - cargo test --target x86_64-unknown-linux-musl + - cargo build --release --target x86_64-unknown-linux-musl + - cp target/x86_64-unknown-linux-musl/release/picus target/picus-linux-amd64 when: - event: pull_request - event: [push, tag, manual] branch: main - - name: build-x86 - depends_on: [] + - name: build-arm64 image: *rust commands: + - dpkg --add-architecture arm64 - apt update - - apt install -y gcc-x86-64-linux-gnu musl-tools - - rustup target add x86_64-unknown-linux-musl + - apt install -y --no-install-recommends gcc-aarch64-linux-gnu musl-tools libc6-dev:arm64 + - rustup target add aarch64-unknown-linux-musl - export CARGO_HOME=$(pwd)/.cargo/ - - cargo build --release --target x86_64-unknown-linux-musl - - cp target/x86_64-unknown-linux-musl/release/picus target/picus-linux-amd64 + - cargo build --release --target aarch64-unknown-linux-musl + - cp target/aarch64-unknown-linux-musl/release/picus target/picus-linux-arm64 when: - event: pull_request - event: [push, tag, manual] branch: main - name: check-licenses - depends_on: [] image: *rust commands: - export CARGO_HOME=$(pwd)/.cargo/ @@ -58,7 +56,6 @@ steps: branch: main - name: publish-distroless - depends_on: [build-arm64, build-x86, check-licenses] image: *buildx_plugin settings: platforms: linux/amd64,linux/arm64 @@ -83,7 +80,6 @@ steps: branch: main - name: publish-debian - depends_on: [build-arm64, build-x86, check-licenses] image: *buildx_plugin settings: platforms: linux/amd64,linux/arm64