diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8863298f..44f65777 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -22,7 +22,7 @@ jobs: build: runs-on: ubuntu-latest container: - image: jf002/test-infinitime-build + image: jf002/infinitime-build-github steps: - name: Checkout source files uses: actions/checkout@v2 diff --git a/doc/buildWithDocker.md b/doc/buildWithDocker.md index a57893c9..35cb168a 100644 --- a/doc/buildWithDocker.md +++ b/doc/buildWithDocker.md @@ -44,19 +44,19 @@ docker run --rm -it -v $(pwd):/sources --user 1234:1234 infinitime-build ## Using the image from Docker Hub -The image is available via Docker Hub for both the amd64 and arm64v8 architectures at [pfeerick/infinitime-build](https://hub.docker.com/r/pfeerick/infinitime-build). +The image is available via Docker Hub for both the amd64 and arm64v8 architectures at [jf002/infinitime-build](https://hub.docker.com/repository/docker/jf002/infinitime-build). It can be pulled (downloaded) using the following command: ```bash -docker pull pfeerick/infinitime-build +docker pull jf002/infinitime-build ``` The default `latest` tag *should* automatically identify the correct image architecture, but if for some reason Docker does not, you can specify it manually: -* For AMD64 (x86_64) systems: `docker pull pfeerick/infinitime-build:amd64` +* For AMD64 (x86_64) systems: `docker pull jf002/infinitime-build:amd64` -* For ARM64v8 (ARM64/aarch64) systems: `docker pull pfeerick/infinitime-build:arm64v8` +* For ARM64v8 (ARM64/aarch64) systems: `docker pull jf002/infinitime-build:arm64v8` ## Build the image @@ -73,3 +73,14 @@ The `PUID` and `PGID` build arguments are used to set the user and group ids use ```bash docker image build -t infinitime-build --build-arg PUID=$(id -u) --build-arg PGID=$(id -g) ./docker ``` + +## Docker image for Github Actions +The Github Action workflow also uses the build docker container to build the project in the cloud. However, due to [some limitations](https://docs.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions) the container must be slightly modified to run in the Github Actions environment : the `USER` instruction cannot be used in Github. This means that the container runs as the default user (root), and that all the files created by the users will belong to root. That's probably fine for Docker Actions, but it's not convenient when the container is used on a personal computer : only root will be able to modify or delete the files created by the container. + +For this reason, we decided to create an alternative Dockerfile (`docker/Dockerfile-github`) and to build a [second docker image](https://hub.docker.com/repository/docker/jf002/infinitime-build-github) that are intended be used exclusively on Github Action. + +To build this image: + +```bash +docker image build -t jf002/infinitime-build-github -f ./docker/Dockerfile-github ./docker +``` \ No newline at end of file diff --git a/docker/Dockerfile b/docker/Dockerfile index 7924bf81..2d703285 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -39,5 +39,11 @@ RUN bash -c "source /opt/build.sh; GetNrfSdk;" # McuBoot RUN bash -c "source /opt/build.sh; GetMcuBoot;" +ARG PUID=1000 +ARG PGID=1000 +RUN groupadd --system --gid $PGID infinitime && useradd --system --uid $PUID --gid $PGID infinitime + +USER infinitime:infinitime + ENV SOURCES_DIR /sources CMD ["/opt/build.sh"] diff --git a/docker/Dockerfile-github b/docker/Dockerfile-github new file mode 100644 index 00000000..7924bf81 --- /dev/null +++ b/docker/Dockerfile-github @@ -0,0 +1,43 @@ +FROM ubuntu:20.04 + +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update -qq \ + && apt-get install -y \ +# x86_64 / generic packages + bash \ + build-essential \ + cmake \ + git \ + make \ + python3 \ + python3-pip \ + tar \ + unzip \ + wget \ +# aarch64 packages + libffi-dev \ + libssl-dev \ + python3-dev \ + python \ + git \ + && rm -rf /var/cache/apt/* /var/lib/apt/lists/*; + +# Git needed for PROJECT_GIT_COMMIT_HASH variable setting + +RUN pip3 install adafruit-nrfutil +RUN pip3 install -Iv cryptography==3.3 +RUN pip3 install cbor + +# build.sh knows how to compile +COPY build.sh /opt/ + +# Lets get each in a separate docker layer for better downloads +# GCC +RUN bash -c "source /opt/build.sh; GetGcc;" +# NrfSdk +RUN bash -c "source /opt/build.sh; GetNrfSdk;" +# McuBoot +RUN bash -c "source /opt/build.sh; GetMcuBoot;" + +ENV SOURCES_DIR /sources +CMD ["/opt/build.sh"]