diff --git a/.github/Dockerfile.simplex b/.github/Dockerfile.simplex new file mode 100644 index 0000000..8743e54 --- /dev/null +++ b/.github/Dockerfile.simplex @@ -0,0 +1,56 @@ +ARG TAG=22.04 + +FROM ubuntu:${TAG} AS build + +### Build stage + +# Install curl and git and simplexmq dependencies +RUN apt-get update && apt-get install -y curl git build-essential libgmp3-dev zlib1g-dev llvm-12 llvm-12-dev libnuma-dev libssl-dev + +# Specify bootstrap Haskell versions +ENV BOOTSTRAP_HASKELL_GHC_VERSION=9.6.3 +ENV BOOTSTRAP_HASKELL_CABAL_VERSION=3.10.1.0 + +# Install ghcup +RUN curl --proto '=https' --tlsv1.2 -sSf https://get-ghcup.haskell.org | BOOTSTRAP_HASKELL_NONINTERACTIVE=1 sh + +# Adjust PATH +ENV PATH="/root/.cabal/bin:/root/.ghcup/bin:$PATH" + +# Set both as default +RUN ghcup set ghc "${BOOTSTRAP_HASKELL_GHC_VERSION}" && \ + ghcup set cabal "${BOOTSTRAP_HASKELL_CABAL_VERSION}" + +COPY . /project +WORKDIR /project + +# Compile apps +RUN cabal update +RUN cabal build exe:smp-server +RUN cabal build exe:xftp-server + +# Create new path containing all files needed +RUN mkdir /final +WORKDIR /final + +# Strip the binaries from debug symbols to reduce size +RUN for app in smp-server xftp-server; do \ + bin=$(find /project/dist-newstyle -name "$app" -type f -executable) && \ + mv "$bin" ./ && \ + strip ./"$app" &&\ + mv /project/scripts/docker/entrypoint-"$app" ./entrypoint; \ +done + +### Final stage +FROM ubuntu:${TAG} + +# Install OpenSSL dependency +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends openssl libnuma-dev netcat \ + && rm -rf /var/lib/apt/lists/* + +# Copy compiled apps from build stage +COPY --from=build /final /usr/local/bin/ + +# simplexmq requires using SIGINT to correctly preserve undelivered messages and restore them on restart +STOPSIGNAL SIGINT diff --git a/.github/workflows/build-simplex-server.yml b/.github/workflows/build-simplex-server.yml new file mode 100644 index 0000000..ead4a1f --- /dev/null +++ b/.github/workflows/build-simplex-server.yml @@ -0,0 +1,75 @@ +name: Build and Publish SimpleX Docker Image + +on: + workflow_dispatch: + inputs: + simplex_version: + description: 'SimpleX Server version to build (e.g. v6.0.4 or v6.1.0-beta.1). Use "latest" to build the most recent version' + required: true + default: 'latest' + +jobs: + build: + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + id-token: write + + env: + REPO_URL: https://github.com/simplex-chat/simplex-chat.git + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: all + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + install: true + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Fetch latest tags from SimpleX repository + run: | + git clone --depth=1 --tags $REPO_URL + cd simplex-chat + # Find the latest tag, filtering out any non-version tags like 'v*' + LATEST_TAG=$(git tag -l --sort=-v:refname 'v*' | head -n 1) + echo "Latest tag found: $LATEST_TAG" + echo "LATEST_TAG=$LATEST_TAG" >> $GITHUB_ENV + + - name: Determine version to build + run: | + if [ "${{ github.event.inputs.simplex_version }}" == "latest" ]; then + echo "Using latest tag: $LATEST_TAG" + echo "SIMPLEX_VERSION=$LATEST_TAG" >> $GITHUB_ENV + else + echo "Using specified version: ${{ github.event.inputs.simplex_version }}" + echo "SIMPLEX_VERSION=${{ github.event.inputs.simplex_version }}" >> $GITHUB_ENV + + - name: Build and push Docker image for x86 and arm + run: | + echo "Building SimpleX version: $SIMPLEX_VERSION" + + docker buildx build \ + --platform linux/amd64,linux/arm64 \ + --file .github/Dockerfile.simplex \ + --tag ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:$SIMPLEX_VERSION \ + --build-arg SIMPLEX_VERSION=$SIMPLEX_VERSION \ + --push \ + . + + - name: Image build complete + run: echo "Docker image has been built and published."