diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..80b538c --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ + +version: 2 +updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index a75518d..1f8c5a0 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -11,60 +11,48 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout ${{ github.repository }} - uses: actions/checkout@v3 - - name: Collect build context id: context run: | - echo "::set-output name=date::$(date +'%Y-%m-%d')" - echo "::set-output name=version::$(cat VERSION)" + echo "version=$(< VERSION)" >> "$GITHUB_OUTPUT" + + - name: Checkout ${{ github.repository }} + uses: actions/checkout@v4 + + - name: Docker metadata mapping + id: meta + uses: docker/metadata-action@v5 + with: + images: | + docker.io/${{ github.repository_owner }}/monero + ghcr.io/${{ github.repository_owner }}/monero + tags: | + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }} + type=ref,event=branch,enable=${{ github.ref != 'refs/heads/master' }} - name: Login to DockerHub if: github.event_name != 'pull_request' - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ github.repository_owner }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry if: github.event_name != 'pull_request' - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - - name: Get monero tag ref - id: get_release_ref - uses: octokit/request-action@v2.x - with: - route: GET /repos/monero-project/monero/git/refs/tags/${{ steps.context.outputs.version }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker metadata mapping - id: meta - uses: docker/metadata-action@v4 - with: - images: | - docker.io/${{ github.repository_owner }}/monero - ghcr.io/${{ github.repository_owner }}/monero - tags: | - type=raw,value=latest,enable={{is_default_branch}} - type=ref,event=branch - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: Build and push - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} build-args: | - BUILD_DATE=${{ steps.context.outputs.date }} - MONERO_VERSION=${{ steps.context.outputs.version }} - MONERO_HASH=${{ fromJson(steps.get_release_ref.outputs.data).object.sha }} - MONERO_TARGET=release + MONERO_TAG=${{ steps.context.outputs.version }} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 866c769..faa5ca0 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,19 +1,24 @@ # Contributing -## Building locally - -```shell -BUILD_TAG='my-monero-build' ./build.sh -``` - ## Publishing a new release 1) Update the `VERSION` file to match the release version to be built 1) Build + ```shell + ./build.sh "$(< VERSION)-local" + ``` + 1) Test + ```shell + UID="$(id -u)" GID="$(id -g)" \ + WALLET='do_not_use_test_wallet' \ + TAG="$(< VERSION)-local" \ + docker compose run wallet + ``` + 1) Checkout a new branch and commit ```shell diff --git a/Dockerfile b/Dockerfile index e04cb07..cd4eae4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,183 +1,85 @@ # Multistage docker build, requires docker 17.05 # Builder stage -FROM alpine:3.15 as builder +FROM alpine:edge as builder -ARG MONERO_VERSION -ARG MONERO_HASH -ARG MONERO_TARGET +ARG MONERO_TAG +RUN test -n "${MONERO_TAG}" RUN set -ex && \ - test -n "${MONERO_HASH}" && \ - test -n "${MONERO_TARGET}" && \ - test -n "${MONERO_VERSION}" - -# These steps are broken up so that the builder picks up the layer from the --update command -RUN set -ex && apk --update --no-cache upgrade -RUN set -ex && apk add --no-cache \ + apk update && \ + apk upgrade --no-cache && \ + apk add --no-cache \ autoconf \ automake \ - boost \ - boost-atomic \ - boost-build \ - boost-build-doc \ - boost-chrono \ - boost-container \ - boost-context \ - boost-contract \ - boost-coroutine \ - boost-date_time \ - boost-dev \ - boost-doc \ - boost-fiber \ - boost-filesystem \ - boost-graph \ - boost-iostreams \ - boost-libs \ - boost-locale \ - boost-log \ - boost-log_setup \ - boost-math \ - boost-prg_exec_monitor \ - boost-program_options \ - boost-python3 \ - boost-random \ - boost-regex \ - boost-serialization \ - boost-stacktrace_basic \ - boost-stacktrace_noop \ - boost-static \ - boost-system \ - boost-thread \ - boost-timer \ - boost-type_erasure \ - boost-unit_test_framework \ - boost-wave \ - boost-wserialization \ - ca-certificates \ cmake \ curl \ - dev86 \ doxygen \ - eudev-dev \ file \ g++ \ + gettext \ git \ go \ - graphviz \ - libexecinfo-dev \ - libsodium-dev \ + gperf \ libtool \ - libusb-dev \ linux-headers \ make \ - miniupnpc-dev \ - ncurses-dev \ - openssl-dev \ - pcsc-lite-dev \ - pkgconf \ - protobuf-dev \ - rapidjson-dev \ - readline-dev \ - unbound-dev \ - zeromq-dev - -WORKDIR /usr/src - -ENV CFLAGS="-fPIC" -ENV CXXFLAGS="-fPIC -DELPP_FEATURE_CRASH_LOG" - -# Build Monero -RUN set -ex \ - && git clone --recursive --depth 1 -b ${MONERO_VERSION} https://github.com/monero-project/monero.git \ - && cd monero \ - && git submodule init \ - && git submodule update \ - && nice -n 19 ionice -c2 -n7 make -j${NPROC:-$(nproc)} ${MONERO_TARGET} - -# Install fixuid tool + patch \ + perl \ + python3 \ + zlib-dev + +# Alpine doesn't package this anymore, and it's been archived on github. +# This is dirty and won't last forever. It might be worth embedding soon. +RUN apk add --no-cache \ + --repository=http://dl-cdn.alpinelinux.org/alpine/v3.16/main \ + libexecinfo-dev + +# Build the fixuid tool RUN set -ex && \ go install github.com/boxboat/fixuid@v0.5.1 && \ chmod 4755 /root/go/bin/fixuid +# Clone Monero and submodules +RUN git clone \ + --recursive --depth 1 -b ${MONERO_TAG} \ + https://github.com/monero-project/monero.git \ + /usr/src/monero + +WORKDIR /usr/src/monero + +# This is patched on master, but didn't make it into this release. +COPY epee.stdint.patch epee.stdint.patch +RUN patch -p1 < epee.stdint.patch + +# Set flags that make it possible to compile against musl. +ENV CFLAGS="-fPIC -DELPP_FEATURE_CRASH_LOG -DSTACK_TRACE=OFF" +ENV CXXFLAGS="-fPIC -DELPP_FEATURE_CRASH_LOG -DSTACK_TRACE=OFF" +ENV LDFLAGS="-Wl,-V" + +# Build dependencies and monero, but like, be nice about it. +RUN nice -n 19 \ + ionice -c2 -n7 \ + make -j${NPROC:-$(( $(nproc) - 1 ))} depends target=x86_64-linux-gnu -# Runtime stage -FROM alpine:3.15 -ARG MONERO_VERSION -ARG MONERO_HASH -ARG MONERO_TARGET +# Runtime stage +FROM alpine:edge as runtime -RUN set -ex && apk --update --no-cache upgrade RUN set -ex && \ - case "${MONERO_TARGET}" in \ - *static*) apk add --no-cache \ - ca-certificates \ - iputils \ - libexecinfo \ - libsodium \ - ncurses-libs \ - pcsc-lite-libs \ - readline \ - zeromq \ - ;; \ - *) apk add --no-cache \ - boost \ - boost-atomic \ - boost-chrono \ - boost-container \ - boost-context \ - boost-contract \ - boost-coroutine \ - boost-date_time \ - boost-fiber \ - boost-filesystem \ - boost-graph \ - boost-iostreams \ - boost-libs \ - boost-locale \ - boost-log \ - boost-log_setup \ - boost-math \ - boost-prg_exec_monitor \ - boost-program_options \ - boost-python3 \ - boost-random \ - boost-regex \ - boost-serialization \ - boost-stacktrace_basic \ - boost-stacktrace_noop \ - boost-static \ - boost-system \ - boost-thread \ - boost-timer \ - boost-type_erasure \ - boost-unit_test_framework \ - boost-wave \ - boost-wserialization \ - ca-certificates \ - iputils \ - libexecinfo \ - libsodium \ - libusb \ - miniupnpc \ - ncurses-libs \ - numactl-tools \ - openssl \ - pcsc-lite-libs \ - protobuf \ - rapidjson \ - readline \ - unbound-libs \ - zeromq \ - ;; \ - esac + apk update && \ + apk upgrade --no-cache && \ + apk add --no-cache \ + ca-certificates -COPY --from=builder /root/go/bin/fixuid /usr/local/bin/fixuid -COPY --from=builder /usr/src/monero/build/Linux/_no_branch_/release/bin/* /usr/local/bin/ +# Alpine doesn't package this anymore, and it's been archived on github. +# This is dirty and won't last forever. It might be worth embedding soon. +RUN apk add --no-cache \ + --repository=http://dl-cdn.alpinelinux.org/alpine/v3.16/main \ + libexecinfo -ADD entrypoint.sh /entrypoint.sh -ENTRYPOINT [ "/entrypoint.sh" ] +COPY --from=builder /root/go/bin/fixuid /usr/local/bin/fixuid +COPY --from=builder /usr/src/monero/build/x86_64-linux-gnu/release/bin/* /usr/local/bin/ # Create a dedicated user and configure fixuid ARG MONERO_USER="monero" @@ -188,11 +90,13 @@ RUN set -ex && \ printf "user: ${MONERO_USER}\ngroup: ${MONERO_USER}\n" > /etc/fixuid/config.yml USER "${MONERO_USER}:${MONERO_USER}" -# Contains the blockchain and wallet files +# Define a volume for the blockchain and wallet files ARG MONERO_HOME="/home/${MONERO_USER}/.bitmonero" VOLUME ${MONERO_HOME} WORKDIR ${MONERO_HOME} +COPY entrypoint.sh /entrypoint.sh +ENTRYPOINT [ "/entrypoint.sh" ] CMD [ "monerod", \ "--p2p-bind-ip=0.0.0.0", \ "--p2p-bind-port=18080", \ @@ -202,17 +106,3 @@ CMD [ "monerod", \ "--confirm-external-bind" ] EXPOSE 18080 18081 - -# Labels, for details see http://label-schema.org/rc1/ -ARG BUILD_DATE -LABEL maintainer="github.com/cornfeedhobo/docker-monero" -LABEL org.label-schema.schema-version="1.0" -LABEL org.label-schema.build-date="${BUILD_DATE}" -LABEL org.label-schema.name="cornfeedhobo/monero" -LABEL org.label-schema.description="Built from source monero Docker images based on Alpine Linux" -LABEL org.label-schema.url="https://getmonero.org/" -LABEL org.label-schema.vcs-url="https://github.com/monero-project/monero/" -LABEL org.label-schema.vcs-ref="${MONERO_HASH}" -LABEL org.label-schema.vendor="cornfeedhobo" -LABEL org.label-schema.version="${MONERO_VERSION}" -LABEL org.label-schema.docker.cmd="docker run -dit -p 18080:18080 -p 18081:18081 cornfeedhobo/monero" diff --git a/VERSION b/VERSION index a5b500d..1ec0588 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.18.3.1 +v0.18.3.2 diff --git a/build.sh b/build.sh index c48f087..f439751 100755 --- a/build.sh +++ b/build.sh @@ -6,34 +6,30 @@ if [[ -n "${DEBUG:+1}" ]]; then set -x fi -version="$(< VERSION)" +monero_tag="$(< VERSION)" -version_sha="$(curl -LSs "https://api.github.com/repos/monero-project/monero/git/ref/tags/${version}" | jq -r '.object.sha')" +docker_tag="${1:-${monero_tag}}" -build_date="$(date -u +'%Y-%m-%dT%H:%M:%SZ')" +build_script=( + docker + build + --build-arg="MONERO_TAG=${monero_tag}" + --tag="cornfeedhobo/monero:${docker_tag}" + . +) -build_tag="${BUILD_TAG:-cornfeedhobo/monero:$version}" +sed \ + -e "s/[[:space:]]\+-/ \\\\\n -/g" \ + -e "s/[[:space:]]\+\./ \\\\\n \./" \ + <<<"${build_script[*]}" -build_script="$(sed -e "s/[[:space:]]\+/ /g" <<-ENDSCRIPT - docker build ${@} \ - --build-arg BUILD_DATE=${build_date} \ - --build-arg MONERO_VERSION=${version} \ - --build-arg MONERO_HASH=${version_sha} \ - --build-arg MONERO_TARGET=release \ - -t ${build_tag} . -ENDSCRIPT -)" - -echo -e " -$(sed -e "s/[[:space:]]\+--/\n --/g" -e "s/[[:space:]]-t/\n -t/" <<<"${build_script}") - -Are you ready to proceed? -" +echo 'Are you ready to proceed?' select confirm in 'Yes' 'No'; do case $confirm in Yes) - exec ${build_script} + # shellcheck disable=2048 + exec ${build_script[*]} ;; *) exit diff --git a/entrypoint.sh b/entrypoint.sh index 7902573..9d6dd06 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,9 +1,9 @@ -#!/bin/ash +#!/bin/sh set -e # if thrown flags immediately, # assume they want to run the blockchain daemon -if [ "${1:0:1}" = '-' ]; then +if [ "$(printf '%s' "$1" | cut -c 1)" = '-' ]; then set -- monerod "$@" fi @@ -11,8 +11,8 @@ fi # make efficient use of memory if [ "$1" = 'monerod' ]; then numa='numactl --interleave=all' - if $numa true &> /dev/null; then - set -- $numa "$@" + if $numa true > /dev/null 2>&1; then + set -- "${numa}" "$@" fi # start the daemon using fixuid # to adjust permissions if needed diff --git a/epee.stdint.patch b/epee.stdint.patch new file mode 100644 index 0000000..24401eb --- /dev/null +++ b/epee.stdint.patch @@ -0,0 +1,12 @@ +diff --git a/contrib/epee/include/net/http_base.h b/contrib/epee/include/net/http_base.h +index 4af4da790..ee49c6e2a 100644 +--- a/contrib/epee/include/net/http_base.h ++++ b/contrib/epee/include/net/http_base.h +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + + #undef MONERO_DEFAULT_LOG_CATEGORY + #define MONERO_DEFAULT_LOG_CATEGORY "net.http"