mirror of
https://github.com/dockur/windows.git
synced 2026-01-08 23:33:15 +00:00
modified: Dockerfile
This commit is contained in:
436646-eng
parent
eb3e590bec
commit
bc42b820cb
260
Dockerfile
260
Dockerfile
@ -1,236 +1,46 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
# This Dockerfile builds Bitcoin Core and packages it into a minimal `final` image
|
||||
ARG VERSION_ARG="latest"
|
||||
FROM scratch AS build-amd64
|
||||
|
||||
# VERSION of Bitcoin Core to be build
|
||||
# NOTE: Unlike our other images this one is NOT prefixed with `v`,
|
||||
# as many things (like download URLs) use this form instead.
|
||||
ARG VERSION=25.1
|
||||
COPY --from=qemux/qemu:7.29 / /
|
||||
|
||||
# CPU architecture to build binaries for
|
||||
ARG ARCH
|
||||
ARG TARGETARCH
|
||||
ARG DEBCONF_NOWARNINGS="yes"
|
||||
ARG DEBIAN_FRONTEND="noninteractive"
|
||||
ARG DEBCONF_NONINTERACTIVE_SEEN="true"
|
||||
|
||||
# Define default versions so that they don't have to be repeated throughout the file
|
||||
ARG VER_ALPINE=3.18
|
||||
RUN set -eu && \
|
||||
apt-get update && \
|
||||
apt-get --no-install-recommends -y install \
|
||||
samba \
|
||||
wimtools \
|
||||
dos2unix \
|
||||
cabextract \
|
||||
libxml2-utils \
|
||||
libarchive-tools && \
|
||||
wget "https://github.com/gershnik/wsdd-native/releases/download/v1.22/wsddn_1.22_${TARGETARCH}.deb" -O /tmp/wsddn.deb -q && \
|
||||
dpkg -i /tmp/wsddn.deb && \
|
||||
apt-get clean && \
|
||||
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||
|
||||
# $USER name, and data $DIR to be used in the `final` image
|
||||
ARG USER=bitcoind
|
||||
ARG DIR=/data
|
||||
COPY --chmod=755 ./src /run/
|
||||
COPY --chmod=755 ./assets /run/assets
|
||||
|
||||
# Choose where to get bitcoind sources from, options: release, git
|
||||
# NOTE: Only `SOURCE=git` can be used for RC releases
|
||||
ARG SOURCE=release
|
||||
ADD --chmod=664 https://github.com/qemus/virtiso-whql/releases/download/v1.9.49-0/virtio-win-1.9.49.tar.xz /var/drivers.txz
|
||||
|
||||
# Choose where to get BerkeleyDB from, options: prebuilt, compile
|
||||
# NOTE: When compiled here total execution time exceeds allowed CI limits, so pre-built one is used by default
|
||||
ARG BDB_SOURCE=prebuilt
|
||||
FROM dockurr/windows-arm:${VERSION_ARG} AS build-arm64
|
||||
FROM build-${TARGETARCH}
|
||||
|
||||
ARG VERSION_ARG="0.00"
|
||||
RUN echo "$VERSION_ARG" > /run/version
|
||||
|
||||
VOLUME /storage
|
||||
EXPOSE 3389 8006
|
||||
|
||||
#
|
||||
## `preparer-base` installs dependencies needed by both ways of fetching the source,
|
||||
# as well as imports GPG keys needed to verify authenticity of the source.
|
||||
#
|
||||
FROM alpine:${VER_ALPINE} AS preparer-base
|
||||
ENV VERSION="11"
|
||||
ENV RAM_SIZE="4G"
|
||||
ENV CPU_CORES="2"
|
||||
ENV DISK_SIZE="64G"
|
||||
|
||||
RUN apk add --no-cache gnupg
|
||||
|
||||
# Guix Builder Keys: https://github.com/bitcoin-core/guix.sigs/tree/main/builder-keys
|
||||
# curl -s "https://api.github.com/repos/bitcoin-core/guix.sigs/contents/builder-keys" | jq -r '.[].download_url'
|
||||
ENV KEYS 982A193E3CE0EED535E09023188CBB2648416AD5 101598DC823C1B5F9A6624ABA5E0907A0380E6C3 9EDAFF80E080659604F4A76B2EBB056FD847F8A7 \
|
||||
ED9BDF7AD6A55E232E84524257FF9BDBCC301009 A8FC55F3B04BA3146F3492E79303B33A305224CB 152812300785C96444D3334D17565732E08E5E41 \
|
||||
0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8 C060A6635913D98A3587D7DB1C2491FFEB0EF770 590B7292695AFFA5B672CBB2E13FC145CD3F4304 \
|
||||
948444FCE03B05BA5AB0591EC37B1C1D44C786EE E777299FC265DD04793070EB944D35F9AC3DB76A 6B002C6EA3F91B1B0DF0C9BC8F617F1200A6D25C \
|
||||
F4FC70F07310028424EFC20A8E4256593F177720 D1DBF2C4B96F2DEBF4C16654410108112E7EA81F 287AE4CA1187C68C08B49CB2D11BD4F33F1DB499 \
|
||||
616516B8EB6ED02882FC4A7A8ADCB558C4F33D65 71A3B16735405025D447E8F274810B012346C9A6 2F78ACF677029767C8736F13747A7AE2FB0FD25B \
|
||||
133EAC179436F14A5CF1B794860FEB804E669320 9ED99C7A355AE46098103E74476E74C8529A9006 6A8F9C266528E25AEB1D7731C2371D91CB716EA7 \
|
||||
28E72909F1717FE9607754F8A7BEB2621678D37D 67AA5B46E7AF78053167FE343B8F814A784218F8 79D00BAC68B56D422F945A8F8E3A8F3247DBCBBF \
|
||||
C388F6961FB972A95678E327F62711DBDCA8AE56
|
||||
|
||||
RUN gpg --keyserver keyserver.ubuntu.com --recv-keys $KEYS
|
||||
|
||||
#
|
||||
## Option #1: [default] Fetch bitcoind source from release tarballs
|
||||
#
|
||||
FROM preparer-base AS preparer-release
|
||||
|
||||
ARG VERSION
|
||||
|
||||
# Download sigs
|
||||
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS.asc ./
|
||||
# Download checksums
|
||||
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS ./
|
||||
|
||||
# Download source code (intentionally different website than checksums)
|
||||
ADD https://github.com/bitcoin/bitcoin/archive/refs/tags/v$VERSION.tar.gz ./bitcoin-$VERSION.tar.gz
|
||||
|
||||
# Verify that hashes are signed with the previously imported key
|
||||
RUN gpg --verify SHA256SUMS.asc SHA256SUMS
|
||||
|
||||
# Verify that downloaded source-code archive matches exactly the hash that's provided
|
||||
RUN grep "bitcoin-$VERSION.tar.gz" SHA256SUMS | sha256sum -c
|
||||
|
||||
# Extract
|
||||
RUN tar -xzf "bitcoin-$VERSION.tar.gz" && \
|
||||
rm -f "bitcoin-$VERSION.tar.gz"
|
||||
|
||||
#
|
||||
## Option #2: Fetch bitcoind source from GitHub
|
||||
#
|
||||
FROM preparer-base AS preparer-git
|
||||
|
||||
ARG VERSION
|
||||
|
||||
RUN apk add --no-cache git
|
||||
|
||||
# Fetch the source code at a specific TAG
|
||||
RUN git clone -b "v$VERSION" --depth=1 https://github.com/bitcoin/bitcoin.git "/bitcoin-$VERSION/"
|
||||
|
||||
# Verify tag, and copy source code to predetermined location on success
|
||||
RUN cd "/bitcoin-$VERSION/" && \
|
||||
git verify-tag "v$VERSION"
|
||||
|
||||
|
||||
|
||||
#
|
||||
## Alias to go around `COPY` not accepting ARGs in value passed to `--from=`
|
||||
#
|
||||
FROM preparer-${SOURCE} AS preparer
|
||||
|
||||
|
||||
|
||||
#
|
||||
## `berkeleydb-prebuilt` downloads a pre-built BerkeleyDB to make sure
|
||||
# the overall build time of this Dockerfile fits within CI limits.
|
||||
#
|
||||
FROM lncm/berkeleydb:v4.8.30.NC${ARCH:+-${ARCH}} AS berkeleydb-prebuilt
|
||||
|
||||
#
|
||||
## `berkeleydb-compile` builds BerkeleyDB from source using script provided in bitcoind repo.
|
||||
#
|
||||
FROM alpine:${VER_ALPINE} AS berkeleydb-compile
|
||||
# TODO: implement ^^
|
||||
RUN echo "Not implemented" && exit 1
|
||||
|
||||
|
||||
FROM berkeleydb-${BDB_SOURCE} AS berkeleydb
|
||||
|
||||
|
||||
|
||||
#
|
||||
## `builder` builds Bitcoin Core regardless on how the source, and BDB code were obtained.
|
||||
#
|
||||
# NOTE: this stage is emulated using QEMU
|
||||
# NOTE: `${ARCH:+${ARCH}/}` - if ARCH is set, append `/` to it, leave it empty otherwise
|
||||
FROM ${ARCH:+${ARCH}/}alpine:${VER_ALPINE} AS builder
|
||||
|
||||
ARG VERSION
|
||||
ARG SOURCE
|
||||
|
||||
RUN apk add --no-cache \
|
||||
autoconf \
|
||||
automake \
|
||||
boost-dev \
|
||||
sqlite-dev \
|
||||
build-base \
|
||||
chrpath \
|
||||
file \
|
||||
libevent-dev \
|
||||
libressl \
|
||||
libtool \
|
||||
linux-headers \
|
||||
zeromq-dev
|
||||
|
||||
# Fetch pre-built berkeleydb
|
||||
COPY --from=berkeleydb /opt/ /opt/
|
||||
|
||||
# Change to the extracted directory
|
||||
WORKDIR /bitcoin-$VERSION/
|
||||
|
||||
# Copy bitcoin source (downloaded & verified in previous stages)
|
||||
COPY --from=preparer /bitcoin-$VERSION/ ./
|
||||
|
||||
ENV BITCOIN_PREFIX /opt/bitcoin-$VERSION
|
||||
|
||||
RUN ./autogen.sh
|
||||
|
||||
# TODO: Try to optimize on passed params
|
||||
RUN ./configure LDFLAGS=-L/opt/db4/lib/ CPPFLAGS=-I/opt/db4/include/ \
|
||||
CXXFLAGS="-O2" \
|
||||
--prefix="$BITCOIN_PREFIX" \
|
||||
--disable-man \
|
||||
--disable-shared \
|
||||
--disable-ccache \
|
||||
--disable-tests \
|
||||
--enable-static \
|
||||
--enable-reduce-exports \
|
||||
--without-gui \
|
||||
--without-libs \
|
||||
--with-utils \
|
||||
--with-sqlite=yes \
|
||||
--with-daemon
|
||||
|
||||
RUN make -j$(( $(nproc) + 1 ))
|
||||
RUN make install
|
||||
|
||||
# List installed binaries pre-strip & strip them
|
||||
RUN ls -lh "$BITCOIN_PREFIX/bin/"
|
||||
RUN strip -v "$BITCOIN_PREFIX/bin/bitcoin"*
|
||||
|
||||
# List installed binaries post-strip & print their checksums
|
||||
RUN ls -lh "$BITCOIN_PREFIX/bin/"
|
||||
RUN sha256sum "$BITCOIN_PREFIX/bin/bitcoin"*
|
||||
|
||||
|
||||
|
||||
#
|
||||
## `final` aggregates build results from previous stages into a necessary minimum
|
||||
# ready to be used, and published to Docker Hub.
|
||||
#
|
||||
# NOTE: this stage is emulated using QEMU
|
||||
# NOTE: `${ARCH:+${ARCH}/}` - if ARCH is set, append `/` to it, leave it empty otherwise
|
||||
FROM ${ARCH:+${ARCH}/}alpine:${VER_ALPINE} AS final
|
||||
|
||||
ARG VERSION
|
||||
ARG USER
|
||||
ARG DIR
|
||||
|
||||
LABEL maintainer="Damian Mee (@meeDamian)"
|
||||
|
||||
RUN apk add --no-cache \
|
||||
libevent \
|
||||
libsodium \
|
||||
libstdc++ \
|
||||
libzmq \
|
||||
sqlite-libs
|
||||
|
||||
COPY --from=builder /opt/bitcoin-$VERSION/bin/bitcoin* /usr/local/bin/
|
||||
|
||||
# NOTE: Default GID == UID == 1000
|
||||
RUN adduser --disabled-password \
|
||||
--home "$DIR/" \
|
||||
--gecos "" \
|
||||
"$USER"
|
||||
|
||||
USER $USER
|
||||
|
||||
# Prevents `VOLUME $DIR/.bitcoind/` being created as owned by `root`
|
||||
RUN mkdir -p "$DIR/.bitcoin/"
|
||||
|
||||
# Expose volume containing all `bitcoind` data
|
||||
VOLUME $DIR/.bitcoin/
|
||||
|
||||
# REST interface
|
||||
EXPOSE 8080
|
||||
|
||||
# P2P network (mainnet, testnet & regnet respectively)
|
||||
EXPOSE 8333 18333 18444
|
||||
|
||||
# RPC interface (mainnet, testnet & regnet respectively)
|
||||
EXPOSE 8332 18332 18443
|
||||
|
||||
# ZMQ ports (for transactions & blocks respectively)
|
||||
EXPOSE 28332 28333
|
||||
|
||||
ENTRYPOINT ["bitcoind"]
|
||||
|
||||
CMD ["-zmqpubrawblock=tcp://0.0.0.0:28332", "-zmqpubrawtx=tcp://0.0.0.0:28333"]
|
||||
ENTRYPOINT ["/usr/bin/tini", "-s", "/run/entry.sh"]
|
||||
|
||||
Loading…
Reference in New Issue
Block a user