Simplify Build

Instead of compiling Monero from source, just download and verify SHA256 integrity. Remove DockerHub
rblaine95 · Feb 24, 2023 · 212f313 · 212f313
1 parent d1f176e
commit 212f313
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 137 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -10,12 +10,6 @@ jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        include:
-          - arch: amd64
-          - arch: arm64/v8
-          - arch: arm/v7
     steps:
       - uses: actions/checkout@v3
       - uses: docker/setup-qemu-action@v2
@@ -25,75 +19,18 @@ jobs:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GHCR_PAT }}
-      - uses: docker/login-action@v2
+      - uses: docker/metadata-action@v4
+        id: meta
         with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_PASSWORD }}
-      - name: Build
-        id: build
-        run: |
-          # Get the arch for this build
-          ARCH=$(echo "${{ matrix.arch }}" | sed 's/\//-/g')
-
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-
-          # Strip "v" prefix from tag name
-          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "master" ] && VERSION=latest
-
-          docker buildx build \
-            --platform linux/${{ matrix.arch }} \
-            --build-arg BUILD_THREADS=3 \
-            --cache-to type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH}-cache \
-            --cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH}-cache \
-            --cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:latest-${ARCH}-cache \
-            --tag ghcr.io/${{ github.repository_owner }}/${IMAGE_NAME}:${VERSION}-${ARCH} \
-            --tag docker.io/${{ secrets.DOCKERHUB_USERNAME }}/${IMAGE_NAME}:${VERSION}-${ARCH} \
-            --push \
-            .
-  package:
-    name: Package
-    needs: [build]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: docker/login-action@v2
+          images: ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
+            type=semver,pattern={{version}}
+      - uses: docker/build-push-action@v4
         with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GHCR_PAT }}
-      - uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_PASSWORD }}
-      - uses: docker/setup-qemu-action@v2
-      - uses: docker/setup-buildx-action@v2
-      - name: Package
-        run: |
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-
-          # Strip "v" prefix from tag name
-          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "master" ] && VERSION=latest
-
-          for platform in $(printf ${PLATFORMS} | sed 's/,/ /g'); do
-            arch=$(printf $platform | awk -F'/' '{print $2 "-" $3}' | sed -e 's/-$//g')
-            cacheRegistry="$cacheRegistry --cache-from type=registry,ref=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$VERSION-${arch}-cache"
-          done
-
-          build="docker buildx build --platform ${PLATFORMS} \
-            --tag ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$VERSION \
-            --tag docker.io/${{ secrets.DOCKERHUB_USERNAME }}/$IMAGE_NAME:$VERSION \
-            --build-arg BUILD_THREADS=3 \
-            --label org.opencontainers.image.source=https://github.com/${{ github.repository }} \
-            $cacheRegistry \
-            --push ."
-
-          echo "$build"
-          $build
+          platforms: ${{ env.PLATFORMS }}
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/Dockerfile b/Dockerfile
@@ -1,81 +1,41 @@
 ###################
 # --- builder --- #
 ###################
-FROM docker.io/debian:10-slim AS builder
+FROM docker.io/debian:11-slim AS builder
 
 WORKDIR /opt
 
-RUN apt-get update && \
+RUN DEBIAN_FRONTEND=noninteractive; \
+    apt-get update && \
     apt-get dist-upgrade -y && \
-    apt-get install -y wget git build-essential \
-        automake autotools-dev bsdmainutils \
-        ca-certificates curl libtool gperf \
-        cmake pkg-config libssl-dev libzmq3-dev \
-        libunbound-dev libsodium-dev libunwind8-dev \
-        liblzma-dev libreadline6-dev libldns-dev libexpat1-dev \
-        libpgm-dev qttools5-dev-tools libhidapi-dev \
-        libusb-1.0-0-dev libprotobuf-dev protobuf-compiler \
-        libudev-dev libboost-chrono-dev libboost-container-dev \
-        libboost-date-time-dev libboost-filesystem-dev \
-        libboost-locale-dev libboost-program-options-dev libboost-regex-dev \
-        libboost-serialization-dev libboost-system-dev \
-        libboost-thread-dev python3 ccache doxygen graphviz \
-        libevent-dev libnorm-dev
-
-ARG MONERO_VERSION=0.18.1.2
-RUN git clone --recursive --depth 1 --shallow-submodules https://github.com/monero-project/monero.git -b v${MONERO_VERSION}
-
-ARG BUILD_THREADS
-# Build libexpact - required for libunbound
-RUN set -ex && wget https://github.com/libexpat/libexpat/releases/download/R_2_4_9/expat-2.4.9.tar.bz2 && \
-    echo "7f44d1469b110773a94b0d5abeeeffaef79f8bd6406b07e52394bcf48126437a  expat-2.4.9.tar.bz2" | sha256sum -c && \
-    tar -xf expat-2.4.9.tar.bz2 && \
-    rm expat-2.4.9.tar.bz2 && \
-    cd expat-2.4.9 && \
-    ./configure --enable-static --disable-shared --prefix=/usr && \
-    make -j${BUILD_THREADS:-$(nproc)} && \
-    make -j${BUILD_THREADS:-$(nproc)} install
-
-# Build libunbound
-WORKDIR /tmp
-RUN set -ex && wget https://www.nlnetlabs.nl/downloads/unbound/unbound-1.16.3.tar.gz && \
-    echo "ea0c6665e2c3325b769eac1dfccd60fe1828d5fcf662650039eccb3f67edb28e  unbound-1.16.3.tar.gz" | sha256sum -c && \
-    tar -xzf unbound-1.16.3.tar.gz && \
-    rm unbound-1.16.3.tar.gz && \
-    cd unbound-1.16.3 && \
-    ./configure --disable-shared \
-      --enable-static \
-      --without-pyunbound \
-      --with-libexpat=/usr \
-      --with-ssl=/usr \
-      --with-libevent=no \
-      --without-pythonodule \
-      --disable-flto \
-      --with-pthreads \
-      --with-libunbound-only \
-      --with-pic && \
-    make -j${BUILD_THREADS:-$(nproc)} && \
-    make -j${BUILD_THREADS:-$(nproc)} install
+    apt-get install -y \
+      wget ca-certificates bzip2
 
+ARG MONERO_VERSION=v0.18.1.2
 WORKDIR /opt/monero
 RUN case "$(uname -m)" in \
-      x86_64) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-x86_64;; \
-      aarch64* | arm64 | armv8*) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-armv8;; \
-      armv7*) make -j${BUILD_THREADS:-$(nproc)} release-static-linux-armv7;; \
+      x86_64) ARCH="x64"; SHA256SUM="7d51e7072351f65d0c7909e745827cfd3b00abe5e7c4cc4c104a3c9b526da07e" ;; \
+      aarch64* | arm64 | armv8*) ARCH="armv8"; SHA256SUM="e1467fe289c98349be2b1c4c080e30a224eb3217c814fab0204241b2b19b9c6b" ;; \
+      armv7*) ARCH="armv7"; SHA256SUM="94ece435ed60f85904114643482c2b6716f74bf97040a7af237450574a9cf06d" ;; \
       *) echo "Unexpected architecture: $(uname -m)" && exit 1;; \
-    esac
+    esac \
+    \
+    && wget https://downloads.getmonero.org/cli/monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2 \
+    && echo "${SHA256SUM}  monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2" | sha256sum -c \
+    && tar -xjvf monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2 --strip-components 1 \
+    && rm -f monero-linux-${ARCH}-${MONERO_VERSION}.tar.bz2
 
 ##################
 # --- runner --- #
 ##################
-FROM docker.io/debian:11-slim
+FROM docker.io/debian:11-slim AS runner
 
 ENV PATH=/opt/monero:${PATH}
 
-RUN apt-get update && \
+RUN DEBIAN_FRONTEND=noninteractive;\
+    apt-get update && \
     apt-get dist-upgrade -y && \
-    apt-get install -y tini libkrb5-dev  \
-      curl ca-certificates && \
+    apt-get install -y tini ca-certificates && \
     apt-get clean && \
     apt-get autoremove -y && \
     rm -rf /var/lib/apt && \
@@ -85,7 +45,7 @@ RUN apt-get update && \
     chown -R monero:monero /home/monero/.bitmonero && \
     chown -R monero:monero /opt/bitmonero
 
-COPY --from=builder /opt/monero/build/Linux/_no_branch_/release/bin/* /opt/monero/
+COPY --from=builder /opt/monero/* /opt/monero/
 
 USER monero
 WORKDIR /home/monero

diff --git a/README.md b/README.md
@@ -19,7 +19,6 @@ docker run \
 ### Where can I download the image?
 I'm using Github Actions to build and publish this image to:
 * [ghcr.io/rblaine95/monero](https://ghcr.io/rblaine95/monero)
-* [docker.io/rblaine/monero](https://hub.docker.com/r/rblaine/monero)
 
 ### Future stuff
 I don't know, maybe I'll write a helm chart for this for Kubernetes?