Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Debian package build #447

Merged
merged 2 commits into from
Aug 15, 2024
Merged

Debian package build #447

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
34497c0
Install via deb package in docker file
mmd-osm Aug 15, 2024
a4be122
Upload Debian 12 build artifacts
mmd-osm Aug 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion .github/workflows/docker_bookworm.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,10 @@ jobs:

- name: Running Docker image
run: |
docker run --entrypoint /bin/bash cgimap:bookworm -c "/usr/local/bin/openstreetmap-cgimap --help"
docker run --name cgimap --entrypoint /bin/bash cgimap:bookworm -c "/usr/bin/openstreetmap-cgimap --help"
docker cp cgimap:/app_deb ${{ github.workspace }}
- uses: actions/upload-artifact@v4
with:
name: openstreetmap_cgimap_debian_12.zip
path: ${{ github.workspace }}/app_deb/*.deb
if-no-files-found: error
18 changes: 7 additions & 11 deletions docker/debian/Dockerfile_bookworm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
libfcgi-dev libxml2-dev libmemcached-dev libbrotli-dev \
libboost-program-options-dev libcrypto++-dev libyajl-dev \
libpqxx-dev zlib1g-dev libfmt-dev \
postgresql-15 postgresql-server-dev-all \
postgresql-15 postgresql-server-dev-all dpkg-dev file \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
Expand All @@ -20,24 +20,20 @@

# Compile, install and remove source
RUN mkdir build && cd build && \
CXXFLAGS="-Wall -Wextra -Wpedantic -Wno-unused-parameter" cmake .. -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=ON -DCMAKE_BUILD_TYPE=Release && \
CXXFLAGS="-flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2" cmake .. -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=ON -DCMAKE_BUILD_TYPE=Release && \
make -j${nproc} && \
ctest --output-on-failure && \
strip openstreetmap-cgimap && \
cp openstreetmap-cgimap ../
cmake --build . -t package

FROM debian:bookworm-slim

COPY --from=builder /app/build/*.deb /app_deb/

RUN apt-get update -qq && \
apt-get install -y \
libfcgi-bin libmemcached11 libboost-program-options1.74.0 \
libxml2 libcrypto++8 libyajl2 libpqxx-6.4 zlib1g libbrotli1 libfmt9 \
--no-install-recommends && \
apt install --no-install-recommends -y /app_deb/*.deb && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

COPY --from=builder /app/openstreetmap-cgimap /usr/local/bin

RUN groupadd -g 61000 cgimap && \
useradd -g 61000 -l -M -s /bin/false -u 61000 cgimap

Expand All @@ -46,7 +42,7 @@
ENV CGIMAP_HOST=db
ENV CGIMAP_DBNAME=openstreetmap
ENV CGIMAP_USERNAME=openstreetmap
ENV CGIMAP_PASSWORD=openstreetmap

Check warning on line 45 in docker/debian/Dockerfile_bookworm

View workflow job for this annotation

GitHub Actions / build

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CGIMAP_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV CGIMAP_MEMCACHE=memcached
ENV CGIMAP_RATELIMIT=204800
ENV CGIMAP_MAXDEBT=250
Expand All @@ -57,5 +53,5 @@

EXPOSE 8000

ENTRYPOINT /usr/local/bin/openstreetmap-cgimap --pidfile /tmp/cgimap.pid --logfile=/proc/1/fd/1 --daemon && \
ENTRYPOINT /usr/bin/openstreetmap-cgimap --pidfile /tmp/cgimap.pid --logfile=/proc/1/fd/1 --daemon && \

Check warning on line 56 in docker/debian/Dockerfile_bookworm

View workflow job for this annotation

GitHub Actions / build

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals 

JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
tail --pid=$(cat /tmp/cgimap.pid) -f /dev/null
14 changes: 5 additions & 9 deletions docker/debian/Dockerfile_trixie
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
libfcgi-dev libxml2-dev libmemcached-dev libbrotli-dev \
libboost-program-options-dev libcrypto++-dev libyajl-dev \
libpqxx-dev zlib1g-dev libfmt-dev \
postgresql-16 postgresql-server-dev-all \
postgresql-16 postgresql-server-dev-all dpkg-dev file \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
Expand All @@ -23,21 +23,17 @@
CXXFLAGS="-Wall -Wextra -Wpedantic -Wno-unused-parameter" cmake .. -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=ON -DCMAKE_BUILD_TYPE=Release && \
make -j${nproc} && \
ctest --output-on-failure && \
strip openstreetmap-cgimap && \
cp openstreetmap-cgimap ../
cmake --build . -t package

FROM debian:trixie-slim

COPY --from=builder /app/build/*.deb /app_deb/

RUN apt-get update -qq && \
apt-get install -y \
libfcgi-bin libmemcached11 libboost-program-options1.83.0 \
libxml2 libcrypto++8 libyajl2 libpqxx-7.9 zlib1g libbrotli1 libfmt9 \
--no-install-recommends && \
apt install --no-install-recommends -y /app_deb/*.deb && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

COPY --from=builder /app/openstreetmap-cgimap /usr/local/bin

RUN groupadd -g 61000 cgimap && \
useradd -g 61000 -l -M -s /bin/false -u 61000 cgimap

Expand All @@ -46,7 +42,7 @@
ENV CGIMAP_HOST=db
ENV CGIMAP_DBNAME=openstreetmap
ENV CGIMAP_USERNAME=openstreetmap
ENV CGIMAP_PASSWORD=openstreetmap

Check warning on line 45 in docker/debian/Dockerfile_trixie

View workflow job for this annotation

GitHub Actions / build

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CGIMAP_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV CGIMAP_MEMCACHE=memcached
ENV CGIMAP_RATELIMIT=204800
ENV CGIMAP_MAXDEBT=250
Expand All @@ -57,5 +53,5 @@

EXPOSE 8000

ENTRYPOINT /usr/local/bin/openstreetmap-cgimap --pidfile /tmp/cgimap.pid --logfile=/proc/1/fd/1 --daemon && \

Check warning on line 56 in docker/debian/Dockerfile_trixie

View workflow job for this annotation

GitHub Actions / build

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals 

JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
tail --pid=$(cat /tmp/cgimap.pid) -f /dev/null
14 changes: 5 additions & 9 deletions docker/ubuntu/Dockerfile2204
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
libfcgi-dev libxml2-dev libmemcached-dev libbrotli-dev \
libboost-program-options-dev libcrypto++-dev libyajl-dev \
libpqxx-dev zlib1g-dev libfmt-dev \
postgresql-14 postgresql-server-dev-all \
postgresql-14 postgresql-server-dev-all dpkg-dev file \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
Expand All @@ -23,21 +23,17 @@
CXXFLAGS="-Wall -Wextra -Wpedantic -Wno-unused-parameter" cmake .. -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=ON -DCMAKE_BUILD_TYPE=Release && \
make -j${nproc} && \
ctest --output-on-failure && \
strip openstreetmap-cgimap && \
cp openstreetmap-cgimap ../
cmake --build . -t package

FROM ubuntu:22.04

COPY --from=builder /app/build/*.deb /app_deb/

RUN apt-get update -qq && \
apt-get install -y \
libfcgi-bin libmemcached11 libboost-program-options1.74.0 \
libxml2 libcrypto++8 libyajl2 libpqxx-6.4 zlib1g libbrotli1 libfmt8 \
--no-install-recommends && \
apt install --no-install-recommends -y /app_deb/*.deb && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

COPY --from=builder /app/openstreetmap-cgimap /usr/local/bin

RUN groupadd -g 61000 cgimap && \
useradd -g 61000 -l -M -s /bin/false -u 61000 cgimap

Expand All @@ -46,7 +42,7 @@
ENV CGIMAP_HOST=db
ENV CGIMAP_DBNAME=openstreetmap
ENV CGIMAP_USERNAME=openstreetmap
ENV CGIMAP_PASSWORD=openstreetmap

Check warning on line 45 in docker/ubuntu/Dockerfile2204

View workflow job for this annotation

GitHub Actions / build

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CGIMAP_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV CGIMAP_MEMCACHE=memcached
ENV CGIMAP_RATELIMIT=204800
ENV CGIMAP_MAXDEBT=250
Expand All @@ -57,6 +53,6 @@

EXPOSE 8000

ENTRYPOINT /usr/local/bin/openstreetmap-cgimap --pidfile /tmp/cgimap.pid --logfile=/proc/1/fd/1 --daemon && \

Check warning on line 56 in docker/ubuntu/Dockerfile2204

View workflow job for this annotation

GitHub Actions / build

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals 

JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
tail --pid=$(cat /tmp/cgimap.pid) -f /dev/null

14 changes: 5 additions & 9 deletions docker/ubuntu/Dockerfile2404
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
libfcgi-dev libxml2-dev libmemcached-dev libbrotli-dev \
libboost-program-options-dev libcrypto++-dev libyajl-dev \
libpqxx-dev zlib1g-dev libfmt-dev \
postgresql-16 postgresql-server-dev-all \
postgresql-16 postgresql-server-dev-all dpkg-dev file \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
Expand All @@ -23,21 +23,17 @@
CXXFLAGS="-Wall -Wextra -Wpedantic -Wno-unused-parameter" cmake .. -DBUILD_SHARED_LIBS=OFF -DBUILD_TESTING=ON -DCMAKE_BUILD_TYPE=Release && \
make -j${nproc} && \
ctest --output-on-failure && \
strip openstreetmap-cgimap && \
cp openstreetmap-cgimap ../
cmake --build . -t package

FROM ubuntu:24.04

COPY --from=builder /app/build/*.deb /app_deb/

RUN apt-get update -qq && \
apt-get install -y \
libfcgi-bin libmemcached11 libboost-program-options1.83.0 \
libxml2 libcrypto++8 libyajl2 libpqxx-7.8t64 zlib1g libbrotli1 libfmt9 \
--no-install-recommends && \
apt install --no-install-recommends -y /app_deb/*.deb && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

COPY --from=builder /app/openstreetmap-cgimap /usr/local/bin

RUN groupadd -g 61000 cgimap && \
useradd -g 61000 -l -M -s /bin/false -u 61000 cgimap

Expand All @@ -46,7 +42,7 @@
ENV CGIMAP_HOST=db
ENV CGIMAP_DBNAME=openstreetmap
ENV CGIMAP_USERNAME=openstreetmap
ENV CGIMAP_PASSWORD=openstreetmap

Check warning on line 45 in docker/ubuntu/Dockerfile2404

View workflow job for this annotation

GitHub Actions / build

Sensitive data should not be used in the ARG or ENV commands 

SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data (ENV "CGIMAP_PASSWORD")
More info: https://docs.docker.com/go/dockerfile/rule/secrets-used-in-arg-or-env/
ENV CGIMAP_MEMCACHE=memcached
ENV CGIMAP_RATELIMIT=204800
ENV CGIMAP_MAXDEBT=250
Expand All @@ -57,6 +53,6 @@

EXPOSE 8000

ENTRYPOINT /usr/local/bin/openstreetmap-cgimap --pidfile /tmp/cgimap.pid --logfile=/proc/1/fd/1 --daemon && \

Check warning on line 56 in docker/ubuntu/Dockerfile2404

View workflow job for this annotation

GitHub Actions / build

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals 

JSONArgsRecommended: JSON arguments recommended for ENTRYPOINT to prevent unintended behavior related to OS signals
More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/
tail --pid=$(cat /tmp/cgimap.pid) -f /dev/null