diff --git a/Dockerfile b/Dockerfile index 6407b1e..c76816f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ # ================================ # Build image # ================================ -FROM swift:5.7-focal as build +FROM swift:5.9-jammy-slim +# Install OS updates RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ && apt-get -q update \ - && apt-get -q dist-upgrade -y \ - && apt-get install -y libsqlite3-dev nano \ + && apt-get -q dist-upgrade -y\ && rm -rf /var/lib/apt/lists/* # Set up a build area @@ -17,13 +17,17 @@ WORKDIR /build # as long as your Package.swift/Package.resolved # files do not change. COPY ./Package.* ./ -RUN swift package resolve +RUN swift package resolve --skip-update \ + $([ -f ./Package.resolved ] && echo "--force-resolved-versions" || true) # Copy entire repo into container COPY . . # Build everything, with optimizations -RUN swift build -c release --static-swift-stdlib +RUN swift build -c release --static-swift-stdlib \ + # Workaround for https://github.com/apple/swift/pull/68669 + # This can be removed as soon as 5.9.1 is released, but is harmless if left in. + -Xlinker -u -Xlinker _swift_backtrace_isThunkFunction # Switch to the staging area WORKDIR /staging @@ -31,18 +35,17 @@ WORKDIR /staging # Copy main executable to staging area RUN cp "$(swift build --package-path /build -c release --show-bin-path)/Main" ./ -# Copy resources bundled by SPM to staging area -RUN find -L "$(swift build --package-path /build -c release --show-bin-path)/" -regex '.*\.resources$' -exec cp -Ra {} ./ \; # Copy any resources from the public directory and views directory if the directories exist # Ensure that by default, neither the directory nor any of its contents are writable. RUN [ -d /build/Public ] && { mv /build/Cert ./Cert && chmod -R a-w ./Cert; } || true RUN [ -d /build/Public ] && { mv /build/Public ./Public && chmod -R a-w ./Public; } || true RUN [ -d /build/Resources ] && { mv /build/Resources ./Resources && chmod -R a-w ./Resources; } || true + # ================================ # Run image # ================================ -FROM ubuntu:focal +FROM swift:5.9-jammy-slim # Make sure all system packages are up to date, and install only essential packages. RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ @@ -60,11 +63,15 @@ RUN export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ # Create a vapor user and group with /app as its home directory RUN useradd --user-group --create-home --system --skel /dev/null --home-dir /app vapor +# Copy built executable and any staged resources from builder +COPY --from=build --chown=vapor:vapor /staging /app + # Switch to the new home directory WORKDIR /app + # Copy built executable and any staged resources from builder -COPY --from=build --chown=vapor:vapor /staging /app +#COPY --from=build --chown=vapor:vapor /staging /app COPY --from=build --chown=vapor:vapor /build/.build/release /app # Uncomment the next line if you need to load resources from the `Public` directory #COPY --from=build --chown=vapor:vapor /build/Public /app/Public @@ -79,6 +86,9 @@ COPY --from=build --chown=vapor:vapor /build/.build/release /app # Uncomment the next line if you need to load resources from the `Resources` directory #COPY --from=build --chown=vapor:vapor /build/Resources /app/Resources +# Provide configuration needed by the built-in crash reporter and some sensible default behaviors. +ENV SWIFT_ROOT=/usr SWIFT_BACKTRACE=enable=yes,sanitize=yes,threads=all,images=all,interactive=no + # Ensure all further commands run as the vapor user USER vapor:vapor diff --git a/Package.swift b/Package.swift index 867b59b..478e55c 100644 --- a/Package.swift +++ b/Package.swift @@ -1,4 +1,4 @@ -// swift-tools-version:5.7 +// swift-tools-version:5.9 import PackageDescription let package = Package(