mirror of
https://github.com/kanidm/kanidm.git
synced 2025-05-08 01:55:06 +02:00
1355 docker builds (#1357)
This commit is contained in:
Firstyear
GitHub
parent
965423d2ac
commit
100bbd5477
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -7,6 +7,7 @@ altnames.cnf
|
|||
/insecure
|
||||
**/*.rs.bk
|
||||
test.db
|
||||
cargo_vendor_config
|
||||
/vendor
|
||||
kanidm_rlm_python/test_data/certs/
|
||||
vendor.tar.gz
|
||||
|
|
|
|||
8
Makefile
8
Makefile
|
|
@ -15,7 +15,7 @@ help:
|
|||
|
||||
.PHONY: buildx/kanidmd/x86_64_v3
|
||||
buildx/kanidmd/x86_64_v3: ## build multiarch server images
|
||||
buildx/kanidmd/x86_64_v3:
|
||||
buildx/kanidmd/x86_64_v3: vendor
|
||||
@$(CONTAINER_TOOL) buildx build $(CONTAINER_TOOL_ARGS) --pull --push --platform "linux/amd64/v3" \
|
||||
-f kanidmd/Dockerfile -t $(IMAGE_BASE)/server:x86_64_$(IMAGE_VERSION) \
|
||||
--build-arg "KANIDM_BUILD_PROFILE=container_x86_64_v3" \
|
||||
|
|
@ -25,7 +25,7 @@ buildx/kanidmd/x86_64_v3:
|
|||
|
||||
.PHONY: buildx/kanidmd
|
||||
buildx/kanidmd: ## Build multiarch kanidm server images and push to docker hub
|
||||
buildx/kanidmd:
|
||||
buildx/kanidmd: vendor
|
||||
@$(CONTAINER_TOOL) buildx build $(CONTAINER_TOOL_ARGS) \
|
||||
--pull --push --platform $(IMAGE_ARCH) \
|
||||
-f kanidmd/Dockerfile \
|
||||
|
|
@ -37,7 +37,7 @@ buildx/kanidmd:
|
|||
|
||||
.PHONY: buildx/kanidm_tools
|
||||
buildx/kanidm_tools: ## Build multiarch kanidm tool images and push to docker hub
|
||||
buildx/kanidm_tools:
|
||||
buildx/kanidm_tools: vendor
|
||||
@$(CONTAINER_TOOL) buildx build $(CONTAINER_TOOL_ARGS) \
|
||||
--pull --push --platform $(IMAGE_ARCH) \
|
||||
-f kanidm_tools/Dockerfile \
|
||||
|
|
@ -103,7 +103,7 @@ precommit: test codespell test/pykanidm doc/format
|
|||
|
||||
.PHONY: vendor
|
||||
vendor:
|
||||
cargo vendor
|
||||
cargo vendor > cargo_vendor_config
|
||||
|
||||
.PHONY: vendor-prep
|
||||
vendor-prep: vendor
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ path = "src/ssh_authorizedkeys.rs"
|
|||
|
||||
[dependencies]
|
||||
clap = { workspace = true, features = ["derive", "env"] }
|
||||
compact_jwt.workspace = true
|
||||
compact_jwt = { workspace = true, features = ["openssl"] }
|
||||
dialoguer.workspace = true
|
||||
futures-concurrency.workspace = true
|
||||
libc.workspace = true
|
||||
|
|
|
|||
|
|
@ -1,53 +1,56 @@
|
|||
# This builds the kanidm CLI tool
|
||||
# This builds the kanidm CLI tools
|
||||
ARG BASE_IMAGE=opensuse/tumbleweed:latest
|
||||
FROM ${BASE_IMAGE} AS repos
|
||||
|
||||
RUN zypper refresh --force
|
||||
RUN zypper dup -y
|
||||
|
||||
FROM repos AS builder
|
||||
ARG SCCACHE_REDIS=""
|
||||
ARG KANIDM_FEATURES
|
||||
ARG KANIDM_BUILD_PROFILE
|
||||
ARG KANIDM_BUILD_OPTIONS=""
|
||||
|
||||
RUN zypper install -y \
|
||||
RUN echo Profile $KANIDM_BUILD_PROFILE
|
||||
RUN echo Features $KANIDM_FEATURES
|
||||
|
||||
RUN zypper install -y --no-recommends \
|
||||
rustup wasm-pack \
|
||||
gcc clang lld \
|
||||
clang \
|
||||
make automake autoconf \
|
||||
libopenssl-devel \
|
||||
libopenssl-3-devel \
|
||||
pam-devel \
|
||||
libudev-devel \
|
||||
sqlite3-devel \
|
||||
rsync
|
||||
rsync \
|
||||
mold
|
||||
|
||||
RUN zypper clean -a
|
||||
RUN rustup default stable
|
||||
|
||||
COPY . /usr/src/kanidm
|
||||
|
||||
RUN mkdir /scratch
|
||||
RUN echo $KANIDM_BUILD_PROFILE
|
||||
ENV KANIDM_BUILD_PROFILE=${KANIDM_BUILD_PROFILE:-container_generic}
|
||||
RUN echo Features $KANIDM_FEATURES
|
||||
|
||||
ENV CARGO_HOME=/scratch/.cargo
|
||||
ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.lld"
|
||||
RUN mkdir -p /usr/src/kanidm/.cargo
|
||||
RUN cp /usr/src/kanidm/cargo_vendor_config /usr/src/kanidm/.cargo/config.toml
|
||||
|
||||
WORKDIR /usr/src/kanidm/
|
||||
|
||||
# Set the build profile
|
||||
ENV KANIDM_BUILD_PROFILE=${KANIDM_BUILD_PROFILE:-container_generic}
|
||||
ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.mold"
|
||||
|
||||
# build the CLI
|
||||
RUN if [ -z "${KANIDM_FEATURES}" ]; then \
|
||||
cargo build --bin kanidm ${KANIDM_BUILD_OPTIONS} \
|
||||
cargo build -p kanidm_tools ${KANIDM_BUILD_OPTIONS} \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--release; \
|
||||
cargo build --bin kanidm-ipa-sync ${KANIDM_BUILD_OPTIONS} \
|
||||
cargo build -p kanidm-ipa-sync ${KANIDM_BUILD_OPTIONS} \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--release; \
|
||||
else \
|
||||
cargo build --bin kanidm ${KANIDM_BUILD_OPTIONS} \
|
||||
cargo build -p kanidm_tools ${KANIDM_BUILD_OPTIONS} \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--features="${KANIDM_FEATURES}" \
|
||||
--release; \
|
||||
cargo build --bin kanidm-ipa-sync ${KANIDM_BUILD_OPTIONS} \
|
||||
cargo build -p kanidm-ipa-sync ${KANIDM_BUILD_OPTIONS} \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--features="${KANIDM_FEATURES}" \
|
||||
--release; \
|
||||
|
|
@ -58,7 +61,7 @@ RUN ls -al /usr/src/kanidm/target/release
|
|||
# == Construct the tools container
|
||||
FROM repos
|
||||
|
||||
RUN zypper install -y timezone busybox-adduser && \
|
||||
RUN zypper install -y timezone busybox-adduser openssl-3 && \
|
||||
zypper clean -a
|
||||
|
||||
COPY --from=builder /usr/src/kanidm/target/release/kanidm /sbin/
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
# Build the main Kanidmd server
|
||||
ARG BASE_IMAGE=opensuse/tumbleweed:latest
|
||||
FROM ${BASE_IMAGE} AS repos
|
||||
RUN zypper refresh --force
|
||||
|
|
@ -5,56 +6,59 @@ RUN zypper dup -y
|
|||
|
||||
# ======================
|
||||
FROM repos AS builder
|
||||
ARG KANIDM_FEATURES
|
||||
ARG KANIDM_BUILD_PROFILE="container_generic"
|
||||
ARG KANIDM_BUILD_OPTIONS=""
|
||||
|
||||
RUN zypper install -y \
|
||||
RUN echo Profile $KANIDM_BUILD_PROFILE
|
||||
RUN echo Features $KANIDM_FEATURES
|
||||
|
||||
RUN zypper install -y --no-recommends \
|
||||
rustup \
|
||||
wasm-pack \
|
||||
clang lld \
|
||||
clang \
|
||||
make automake autoconf \
|
||||
libopenssl-devel pam-devel \
|
||||
libopenssl-3-devel pam-devel \
|
||||
sqlite3-devel \
|
||||
gcc \
|
||||
rsync \
|
||||
findutils \
|
||||
which
|
||||
which \
|
||||
mold
|
||||
# wasm-pack \
|
||||
# lld
|
||||
|
||||
RUN zypper clean -a
|
||||
RUN rustup default stable
|
||||
|
||||
COPY . /usr/src/kanidm
|
||||
|
||||
ARG KANIDM_FEATURES
|
||||
ARG KANIDM_BUILD_PROFILE="container_generic"
|
||||
ARG KANIDM_BUILD_OPTIONS=""
|
||||
|
||||
RUN mkdir /scratch
|
||||
RUN echo $KANIDM_BUILD_PROFILE
|
||||
RUN echo $KANIDM_FEATURES
|
||||
|
||||
ENV CARGO_HOME=/scratch/.cargo
|
||||
RUN mkdir -p /usr/src/kanidm/.cargo
|
||||
RUN cp /usr/src/kanidm/cargo_vendor_config /usr/src/kanidm/.cargo/config.toml
|
||||
|
||||
# ======================
|
||||
|
||||
WORKDIR /usr/src/kanidm/kanidmd_web_ui
|
||||
# WORKDIR /usr/src/kanidm/kanidmd_web_ui
|
||||
# # This can't be used in the wasm build for now.
|
||||
# # ENV RUSTFLAGS="-Clinker=clang"
|
||||
RUN ./build_wasm.sh
|
||||
# RUN ./build_wasm.sh
|
||||
|
||||
# ======================
|
||||
|
||||
WORKDIR /usr/src/kanidm/kanidmd/daemon
|
||||
|
||||
# Set the build profile
|
||||
ENV KANIDM_BUILD_PROFILE="${KANIDM_BUILD_PROFILE}"
|
||||
ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.lld"
|
||||
ENV KANIDM_BUILD_PROFILE=${KANIDM_BUILD_PROFILE:-container_generic}
|
||||
ENV RUSTFLAGS="-Clinker=clang -Clink-arg=-fuse-ld=/usr/bin/ld.mold"
|
||||
|
||||
# Exports don't persist through RUN statements.
|
||||
RUN export CC="/usr/bin/clang"; \
|
||||
if [ -z "${KANIDM_FEATURES}" ]; then \
|
||||
cargo build -p daemon ${KANIDM_BUILD_OPTIONS} \
|
||||
--locked --offline \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--release; \
|
||||
else \
|
||||
cargo build -p daemon ${KANIDM_BUILD_OPTIONS} \
|
||||
--locked --offline \
|
||||
--target-dir="/usr/src/kanidm/target/" \
|
||||
--features="${KANIDM_FEATURES}" \
|
||||
--release; \
|
||||
|
|
@ -68,6 +72,7 @@ FROM repos
|
|||
|
||||
RUN zypper install -y \
|
||||
timezone \
|
||||
openssl-3 \
|
||||
sqlite3 \
|
||||
pam
|
||||
RUN zypper clean -a
|
||||
|
|
|
|||
Loading…
Reference in a new issue