icedream
/
livestream-tools
1
0
Fork 0
Code Releases Activity

Split Dockerfile into multiple stages per package to be built.

liquidsoap-2.2
Icedream 2023-03-13 03:25:41 +01:00
parent 7572f594e7
commit 2396d6fb62
Signed by: icedream
GPG Key ID: 468BBEEBB9EC6AEA
1 changed files with 293 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

313
icedreammusic/ndi-feeder/Dockerfile
View File

@ -1,11 +1,102 @@
FROM busybox # syntax=docker/dockerfile:1.2.1
WORKDIR /target/usr/local/bin/ FROM alpine AS rootfs
COPY *.sh .
RUN dos2unix *.sh RUN apk add --no-cache gnupg
RUN chmod -v +x *.sh
RUN wget -O- https://raw.githubusercontent.com/archlinuxarm/archlinuxarm-keyring/master/archlinuxarm.gpg | gpg --import
WORKDIR /target/
ARG ALARM_ROOTFS_URL=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-2-latest.tar.gz
RUN wget "${ALARM_ROOTFS_URL}" -O/tmp/rootfs.tar.gz
RUN wget "${ALARM_ROOTFS_URL}.sig" -O/tmp/rootfs.tar.gz.sig
RUN gpg --verify /tmp/rootfs.tar.gz.sig
RUN tar -xvpzf /tmp/rootfs.tar.gz
### ###
# PREPARE LAYER FOR UPDATES AND GENERAL PACKAGE INSTALLATION
# FROM scratch AS image-base
# COPY --from=rootfs /target/ /
FROM archlinux AS image-base
# Make powerpill not act up later, placing this early for validation consistency
RUN sed -i 's,SigLevel\s\+=\s\+Required,SigLevel = PackageRequired,' /etc/pacman.conf
RUN pacman -Sy --noconfirm
RUN pacman-key --init
# Install core keyring (https://archlinuxarm.org/about/package-signing)
# RUN pacman -S --needed --noconfirm archlinuxarm-keyring
# RUN pacman-key --populate archlinuxarm
RUN pacman-key --populate archlinux
RUN pacman -S --needed --noconfirm archlinux-keyring
RUN pacman-key --populate archlinux
# ###
# # INSTALL FILESYSTEM PACKAGE UPDATES
# # We have to do this with an alternative root since /etc/{hosts,resolv.conf}
# # are mounted read-only by Docker.
# FROM image-base AS updated-filesystem-base
# COPY --from=image-base / /target/
FROM image-base AS updated-filesystem-base
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman -r /target/ -S --noconfirm --needed filesystem
# ###
# # LAYER USED FOR INSTALLING UPDATES AND ADDITIONAL PACKAGES USED IN FINAL IMAGE
# FROM scratch AS base
# COPY --from=updated-filesystem-base /target/ /
FROM updated-filesystem-base AS base
# # Install updates
# # NOTE - we install fsck helpers for fat and ext4 in this stage to save on time spent on /boot updates
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman -Suu --noconfirm --needed dosfstools e2fsprogs
###
# LAYER USED TO COMPILE STUFF
FROM image-base AS base-devel
RUN pacman -S --noconfirm base-devel git
#RUN pacman -S --noconfirm --needed sudo
RUN (echo "" && echo "%wheel ALL=(ALL) NOPASSWD: ALL") >> /etc/sudoers
RUN useradd -r -N -m -G wheel -d /tmp/build -k /var/empty build
RUN sed -i \
-e 's,#MAKEFLAGS=.*,MAKEFLAGS="-j$(getconf _NPROCESSORS_ONLN)",g' \
/etc/makepkg.conf
RUN \
--mount=type=cache,target=/tmp/build/.cache \
chown -Rv build /tmp/build /tmp/build/.cache
RUN echo "ParallelDownloads = 5" >>/etc/pacman.conf
USER build
# Needed for anything commits
RUN git config --global user.email "$(whoami)@localhost"
RUN git config --global user.name "Build"
###
# FAKESILENCE
FROM golang:1 AS fakesilence FROM golang:1 AS fakesilence
@ -15,27 +106,209 @@ RUN go install -v -ldflags "-s -w" github.com/icedream/fakesilence@"${FAKESILENC
RUN cp -v "$GOPATH"/bin/* /usr/local/bin RUN cp -v "$GOPATH"/bin/* /usr/local/bin
### ###
# YAY
# yay build FROM base-devel AS yay
FROM archlinux WORKDIR /usr/src/yay
RUN git clone --recursive https://aur.archlinux.org/yay.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
makepkg -sr --noconfirm --nocheck
WORKDIR /usr/src/ndi-feeder/ ###
RUN pacman --noconfirm -Sy git sudo make binutils fakeroot base-devel # BASE DEVEL (YAY)
RUN echo "" && echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN useradd -UMr -d /usr/src/ndi-feeder/ -G wheel app
RUN chown -R app .
USER app FROM base-devel AS base-devel-yay
RUN git clone --recursive https://aur.archlinux.org/yay.git yay/
RUN cd yay && makepkg --noconfirm -si && cd .. && rm -r yay USER root
RUN yay --noconfirm -S pod2man && sudo rm -r ~/.cache /var/cache/pacman/* COPY --from=yay /usr/src/yay/*.pkg.* /tmp/
RUN yay --noconfirm -S ndi-advanced-sdk && sudo rm -r ~/.cache /var/cache/pacman/* RUN \
RUN yay --noconfirm -S ffmpeg-ndi && sudo rm -r ~/.cache /var/cache/pacman/* --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
pacman --noconfirm -U /tmp/*.pkg.* && rm /tmp/*.pkg.*
USER build
###
# POD2MAN
FROM base-devel-yay AS pod2man
WORKDIR /usr/src/pod2man
RUN git clone --recursive https://aur.archlinux.org/pod2man.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN makepkg -sr --noconfirm
###
# NDI-SDK-EMBEDDED
FROM base-devel-yay AS ndi-sdk-embedded
WORKDIR /usr/src/ndi-sdk-embedded
RUN git clone --recursive https://aur.archlinux.org/ndi-sdk-embedded.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN makepkg -sr --noconfirm
###
# NDI-SDK
FROM base-devel-yay AS ndi-sdk
WORKDIR /usr/src/ndi-sdk
RUN git clone --recursive https://aur.archlinux.org/ndi-sdk.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${makedepends[@]}"))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
makepkg -sr --noconfirm
###
# NDI-ADVANCED-SDK
FROM base-devel-yay AS ndi-advanced-sdk
WORKDIR /usr/src/ndi-advanced-sdk
RUN git clone --recursive https://aur.archlinux.org/ndi-advanced-sdk.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${makedepends[@]}"))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
makepkg -sr --noconfirm
###
# FFMPEG-NDI
FROM base-devel-yay AS ffmpeg-ndi
WORKDIR /usr/src/ffmpeg-ndi
USER root
# COPY --from=ndi-sdk-embedded /usr/src/ndi-sdk-embedded/*.pkg.* /tmp/
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /tmp/
COPY --from=pod2man /usr/src/pod2man/*.pkg.* /tmp/
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
yay --noconfirm -U /tmp/*.pkg.* && rm /tmp/*.pkg.*
USER build
RUN git clone --recursive https://aur.archlinux.org/ffmpeg-ndi.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(\
. ./PKGBUILD &&\
if [ "${#depends[@]}" -eq 0 ]; then exit; fi &&\
packages=$(yay -T "${depends[@]}" 2>/dev/null|| true) &&\
if [ -z "$packages" ]; then exit; fi &&\
yay -S --noconfirm --asdeps --provides --needed $packages &&\
find ~/.cache/yay/ -mindepth 2 -maxdepth 2 -name \*.pkg.\* -exec mv {} . \;\
)
# RUN (. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${optdepends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(\
. ./PKGBUILD &&\
if [ "${#makedepends[@]}" -eq 0 ]; then exit; fi &&\
packages=$(yay -T "${makedepends[@]}" 2>/dev/null|| true) &&\
if [ -z "$packages" ]; then exit; fi &&\
yay -S --noconfirm --asdeps --provides --needed $packages \
)
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
makepkg -sr --noconfirm --nocheck
###
# PERMISSIONS FOR FINAL IMAGE FILES
FROM busybox AS files
WORKDIR /target/usr/local/bin/
COPY *.sh .
RUN dos2unix *.sh
RUN chmod -v +x *.sh
###
# PACKAGES
FROM scratch as packages
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /packages/
COPY --from=ffmpeg-ndi /usr/src/ffmpeg-ndi/*.pkg.* /packages/
COPY --from=fakesilence /usr/local/bin/fakesilence /target/usr/local/bin/
###
# PACKAGE INSTALL
FROM base AS install
USER root
# COPY --from=powerpill /usr/src/powerpill/*.pkg.* /tmp/
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman --noconfirm -U /tmp/*.pkg.*; rm /tmp/*.pkg.*
#COPY --from=yay /usr/src/yay/*.pkg.* /tmp/
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /tmp/
COPY --from=ffmpeg-ndi /usr/src/ffmpeg-ndi/*.pkg.* /tmp/
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
rm -f /var/cache/pacman/pkg/cache.lck; pacman --noconfirm -U /tmp/*.pkg.*; rm /tmp/*.pkg.*
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
rm -f /var/cache/pacman/pkg/cache.lck; pacman -S --noconfirm --needed sudo realtime-privileges
COPY --from=fakesilence /usr/local/bin/fakesilence /usr/local/bin/ COPY --from=fakesilence /usr/local/bin/fakesilence /usr/local/bin/
COPY --from=0 /target/ / COPY --from=files /target/ /
CMD ["ndi-feeder.sh"]
RUN rm -rf /var/cache/pacman/pkg/*
###
# FINAL IMAGE
FROM base AS final-image
# squash all the package installation into a single
COPY --from=install / /
RUN useradd -m -u 1000 -G wheel,realtime,audio,video ndi-feeder
RUN echo "ndi-feeder:ndi-feeder" | chpasswd
USER ndi-feeder
CMD ["ndi-feeder.sh"]
STOPSIGNAL SIGTERM STOPSIGNAL SIGTERM