From 6ff461a4bd871750e45ae722834ff3c338d8e15e Mon Sep 17 00:00:00 2001 From: wilmardo Date: Tue, 14 Jan 2020 10:34:59 +0100 Subject: [PATCH 01/11] feat: build from pinned version not master Signed-off-by: wilmardo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9e3a068..cf5bae3 100755 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG ARCHITECTURE ####################################################################################################################### # Nexe packaging of binary ####################################################################################################################### -FROM lansible/nexe:master-${ARCHITECTURE} as builder +FROM lansible/nexe:4.0.0-beta.3-${ARCHITECTURE} as builder ENV VERSION=dev From 2bd443b287838af1455624b7cd57bf4fc995234f Mon Sep 17 00:00:00 2001 From: wilmardo Date: Tue, 14 Jan 2020 14:09:59 +0100 Subject: [PATCH 02/11] fix: workaround kaniko issue Signed-off-by: wilmardo --- Dockerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index cf5bae3..5a412d0 100755 --- a/Dockerfile +++ b/Dockerfile @@ -50,10 +50,14 @@ COPY --from=builder /bin/udevadm /bin/udevadm # Can't be fullly static since @serialport uses a C++ node addon # https://github.com/serialport/node-serialport/blob/master/packages/bindings/lib/linux.js#L2 COPY --from=builder /lib/ld-musl-*.so.1 /lib/ +# TODO: merge this into one COPY statement when the issue is fixed: +# https://github.com/GoogleContainerTools/kaniko/issues/915 +COPY --from=builder \ + /usr/lib/libstdc++.so.6.* \ + /usr/lib/libstdc++.so.6 COPY --from=builder \ - /usr/lib/libstdc++.so.6 \ /usr/lib/libgcc_s.so.1 \ - /usr/lib/ + /usr/lib/libgcc_s.so.1 # Copy zigbee2mqtt binary COPY --from=builder /zigbee2mqtt/zigbee2mqtt /zigbee2mqtt/zigbee2mqtt From 258a66fe6a8344c349e732347a0caa7d7b24b55e Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 12:44:09 +0100 Subject: [PATCH 03/11] Revert "fix: workaround kaniko issue" This reverts commit 2bd443b287838af1455624b7cd57bf4fc995234f. --- Dockerfile | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5a412d0..cf5bae3 100755 --- a/Dockerfile +++ b/Dockerfile @@ -50,14 +50,10 @@ COPY --from=builder /bin/udevadm /bin/udevadm # Can't be fullly static since @serialport uses a C++ node addon # https://github.com/serialport/node-serialport/blob/master/packages/bindings/lib/linux.js#L2 COPY --from=builder /lib/ld-musl-*.so.1 /lib/ -# TODO: merge this into one COPY statement when the issue is fixed: -# https://github.com/GoogleContainerTools/kaniko/issues/915 -COPY --from=builder \ - /usr/lib/libstdc++.so.6.* \ - /usr/lib/libstdc++.so.6 COPY --from=builder \ + /usr/lib/libstdc++.so.6 \ /usr/lib/libgcc_s.so.1 \ - /usr/lib/libgcc_s.so.1 + /usr/lib/ # Copy zigbee2mqtt binary COPY --from=builder /zigbee2mqtt/zigbee2mqtt /zigbee2mqtt/zigbee2mqtt From 07c670feb104f27fab3a028480a2c2cbedaf1bdb Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 12:49:21 +0100 Subject: [PATCH 04/11] test: build from nexe:dev Signed-off-by: wilmardo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cf5bae3..eb2efd5 100755 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ ARG ARCHITECTURE ####################################################################################################################### # Nexe packaging of binary ####################################################################################################################### -FROM lansible/nexe:4.0.0-beta.3-${ARCHITECTURE} as builder +FROM lansible/nexe:dev-${ARCHITECTURE} as builder ENV VERSION=dev From 582593eae8811ab9b2d4b857545a0ab809487f3b Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 12:49:33 +0100 Subject: [PATCH 05/11] test: use dev branch for includes Signed-off-by: wilmardo --- .gitlab-ci.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 454c90a..8e4c037 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,11 +4,12 @@ variables: include: - template: Container-Scanning.gitlab-ci.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/docker-login.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/docker-build.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/sast-cis-benchmark.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/docker-login.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/docker-build.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/sast-cis-benchmark.yml stages: + - lint - build - test - push From c44b747e5cb1f7b878fbc4237566063e98131510 Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 12:49:44 +0100 Subject: [PATCH 06/11] clean: remove unused entrypoint Signed-off-by: wilmardo --- entrypoint.sh | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh deleted file mode 100644 index cf08d19..0000000 --- a/entrypoint.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh - -# Create aliases to busybox -alias basename="/bin/busybox basename" -alias ln="/bin/busybox ln" - -# Create symlinks when config mounted, else exit -if [ ! -d "/data" ]; then - echo "No /data found, please data volume to container" - exit 1 -fi - -if [ -d "/config" ]; then - # For each config file create a symlink - for file in /config/*; do - filename=$(basename "$file") - # Create symlink when it does not exist yet - if [ ! -L "/data/$filename" ]; then - echo "Creating symlink from /config/$filename to /data/$filename" - ln -sf "/config/$filename" "/data/$filename" - fi - done -else - # Print warning when no config was found, could be intentional - echo "No /config found, no symlink will be created" -fi - -# Start docker CMD -exec "$@" From 79f1824d8d99cdddc4f53fa27c96e1c5e5504a25 Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 17:38:49 +0100 Subject: [PATCH 07/11] chore: rename example to statefulset Signed-off-by: wilmardo --- examples/kubernetes/{deployment.yml => statefulset.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename examples/kubernetes/{deployment.yml => statefulset.yml} (100%) diff --git a/examples/kubernetes/deployment.yml b/examples/kubernetes/statefulset.yml similarity index 100% rename from examples/kubernetes/deployment.yml rename to examples/kubernetes/statefulset.yml From b401c888bc13c256d20450298e2aacbeb140a9e7 Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 17:39:10 +0100 Subject: [PATCH 08/11] fix: switch to master for ci include Signed-off-by: wilmardo --- .gitlab-ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 8e4c037..aefbcd1 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,9 +4,9 @@ variables: include: - template: Container-Scanning.gitlab-ci.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/docker-login.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/docker-build.yml - - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/dev/sast-cis-benchmark.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/docker-login.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/docker-build.yml + - remote: https://raw.githubusercontent.com/LANsible/gitlab-includes/master/sast-cis-benchmark.yml stages: - lint From bfa0b991c3ec9b30c497fb01ac028fbe48bbcadc Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 17:40:19 +0100 Subject: [PATCH 09/11] docs: update readme for new setup Signed-off-by: wilmardo --- README.MD | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/README.MD b/README.MD index 8083948..e1949de 100644 --- a/README.MD +++ b/README.MD @@ -1,4 +1,4 @@ -# Zigbee2MQTT +# Zigbee2MQTT from scratch! [![Build Status](https://cloud.drone.io/api/badges/LANsible/docker-zigbee2mqtt/status.svg)](https://cloud.drone.io/LANsible/docker-zigbee2mqtt) [![Docker Pulls](https://img.shields.io/docker/pulls/lansible/zigbee2mqtt.svg)](https://hub.docker.com/r/lansible/zigbee2mqtt) [![Docker Version](https://images.microbadger.com/badges/version/lansible/zigbee2mqtt:latest.svg)](https://microbadger.com/images/lansible/zigbee2mqtt:latest) @@ -8,6 +8,8 @@ It does not work on Kubernetes with a configmap since it tries to create the database.db, state.json etc in the directory where the config is mounted. This container allows this setup to work flawlessly! +Also it is super small since Zigbee2Mqtt is build as a single binary and put into a FROM scratch container. +The container run as user 1000 with primary group 1000 and dailout(20) as secondary group for tty access. ## Test container with docker-compose @@ -18,18 +20,21 @@ docker-compose up ### Building the container locally -You could build the container locally to add plugins. It works like this: +You could build the container locally like this: ```bash docker build . \ - --build-arg VERSION=1.4.0 \ - --tag lansible/zigbee2mqtt:1.4.0 + --build-arg ARCHITECTURE=amd64 \ + --tag lansible/zigbee2mqtt:dev-amd64 ``` The arguments are: | Build argument | Description | Example | |----------------|------------------------------------------------|-------------------------| -| `VERSION` | Version of Zigbee2MQTT | `1.4.0` | +| `ARCHITECTURE` | For what architecture to build the container | `arm64` | + +Available architectures are what `lansible/nexe` supports: +https://hub.docker.com/r/lansible/nexe/tags ## Credits From 62db86fae17baedf2b2ccbbe63702a0f9b2979fd Mon Sep 17 00:00:00 2001 From: wilmardo Date: Sun, 19 Jan 2020 17:40:41 +0100 Subject: [PATCH 10/11] feat: add user to dailout, switch to version FROM Signed-off-by: wilmardo --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index eb2efd5..cd309bb 100755 --- a/Dockerfile +++ b/Dockerfile @@ -2,12 +2,14 @@ ARG ARCHITECTURE ####################################################################################################################### # Nexe packaging of binary ####################################################################################################################### -FROM lansible/nexe:dev-${ARCHITECTURE} as builder +FROM lansible/nexe:4.0.0-beta.3-${ARCHITECTURE} as builder ENV VERSION=dev # Add unprivileged user RUN echo "zigbee2mqtt:x:1000:1000:zigbee2mqtt:/:" > /etc_passwd +# Add to dailout as secondary group (20) +RUN echo "dailout:x:20:zigbee2mqtt" > /etc_group # eudev: needed for udevadm binary RUN apk --no-cache add \ @@ -41,6 +43,7 @@ LABEL org.label-schema.description="Zigbee2MQTT as single binary in a scratch co # Copy the unprivileged user COPY --from=builder /etc_passwd /etc/passwd +COPY --from=builder /etc_group /etc/group # Serialport is using the udevadm binary COPY --from=builder /bin/udevadm /bin/udevadm From 5b3841e72636c35737c1693daa444b96537c8fc9 Mon Sep 17 00:00:00 2001 From: wilmardo Date: Mon, 20 Jan 2020 17:43:26 +0100 Subject: [PATCH 11/11] feat: 1.9.0 released Signed-off-by: wilmardo --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cd309bb..1ddc448 100755 --- a/Dockerfile +++ b/Dockerfile @@ -4,7 +4,7 @@ ARG ARCHITECTURE ####################################################################################################################### FROM lansible/nexe:4.0.0-beta.3-${ARCHITECTURE} as builder -ENV VERSION=dev +ENV VERSION=1.9.0 # Add unprivileged user RUN echo "zigbee2mqtt:x:1000:1000:zigbee2mqtt:/:" > /etc_passwd