chore: build docker from release binary for faster and armv7l support

Co-authored-by: Kosette <35268640+Kosette@users.noreply.github.com>
ihciah · May 3, 2023 · f13cefd · f13cefd
1 parent 5191766
commit f13cefd
Show file tree

Hide file tree

Showing 6 changed files with 110 additions and 92 deletions.
diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml
diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml
@@ -5,6 +5,7 @@ on:
       - v*
 
 env:
+  IMAGE_NAME: shadow-tls
   CARGO_TERM_COLOR: always
   CARGO_REGISTRIES_CRATES_IO_PROTOCOL: sparse
 
@@ -36,21 +37,58 @@ jobs:
         timeout-minutes: 120
         run: |
           cross build --release --target ${{ matrix.target }} &&
-          mv target/${{ matrix.target }}/release/shadow-tls target/${{ matrix.target }}/release/shadow-tls-${{ matrix.target }}
+          cp target/${{ matrix.target }}/release/shadow-tls target/${{ matrix.target }}/release/shadow-tls-${{ matrix.target }}
       - name: Upload Github Assets
         uses: softprops/action-gh-release@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           files: target/${{ matrix.target }}/release/shadow-tls-${{ matrix.target }}
           prerelease: ${{ contains(github.ref, '-') }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Setup Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      - name: Login to Dockerhub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Login to Gitlab Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: registry.gitlab.com
+          username: ${{ secrets.GITLAB_USERNAME }}
+          password: ${{ secrets.GITLAB_TOKEN }}
+      - name: Generate App Version
+        run: echo VERSIONED_TAG=`git describe --tags --always` >> $GITHUB_ENV
+      - name: Build and release Docker images
+        uses: docker/build-push-action@v3
+        with:
+          file: Dockerfile.action
+          build-args: "DOWNLOAD_BASE=https://github.com/${{ github.repository }}/releases/${{ env.VERSIONED_TAG }}/download/"
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          tags: |
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSIONED_TAG }}
+            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest
+            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ env.VERSIONED_TAG }}
+            registry.gitlab.com/${{ secrets.GITLAB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
+            registry.gitlab.com/${{ secrets.GITLAB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ env.VERSIONED_TAG }}
+          push: true
+
   build-unix:
-    runs-on: ${{ matrix.os }}
+    runs-on: macos-latest
     env:
       RUST_BACKTRACE: full
     strategy:
       matrix:
-        os: [macos-latest]
         target:
           - x86_64-apple-darwin
           - aarch64-apple-darwin
@@ -75,4 +113,4 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           files: target/${{ matrix.target }}/release/shadow-tls-${{ matrix.target }}
-          prerelease: ${{ contains(github.ref, '-') }}
+          prerelease: ${{ contains(github.ref, '-') }}
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -7,17 +7,17 @@ license = "MIT/Apache-2.0"
 name = "shadow-tls"
 readme = "README.md"
 repository = "https://github.com/ihciah/shadow-tls"
-version = "0.2.20"
+version = "0.2.21"
 
 [dependencies]
-monoio = {version = "0.1.2"}
-monoio-rustls-fork-shadow-tls = {version = "0.1.1-mod.0"}
-rustls-fork-shadow-tls = {version = "0.20.9-mod.2", default-features = false}
+monoio = { version = "0.1.2" }
+monoio-rustls-fork-shadow-tls = { version = "0.1.1-mod.0" }
+rustls-fork-shadow-tls = { version = "0.20.9-mod.2", default-features = false }
 
 anyhow = "1"
 byteorder = "1"
-clap = {version = "4", features = ["derive"]}
-ctrlc = {version = "3", features = ["termination"]}
+clap = { version = "4", features = ["derive"] }
+ctrlc = { version = "3", features = ["termination"] }
 hmac = "0.12"
 local-sync = "0.1.0"
 pin-project-lite = "0.2"
@@ -26,7 +26,7 @@ rustc-hash = "1"
 sha1 = "0.10"
 sha2 = "0.10"
 tracing = "0.1"
-tracing-subscriber = {version = "0.3", features = ["env-filter"]}
+tracing-subscriber = { version = "0.3", features = ["env-filter"] }
 webpki-roots = "0.22"
 
 [profile.release]

diff --git a/Dockerfile.action b/Dockerfile.action
@@ -0,0 +1,25 @@
+FROM alpine:latest as builder
+
+ARG DOWNLOAD_BASE
+RUN ARCH=$(uname -m | sed -e "s/armv7l/armv7-unknown-linux-musleabihf/g" | sed -e "s/aarch64/aarch64-unknown-linux-musl/g" | sed -e "s/x86_64/x86_64-unknown-linux-musl/g") && \
+    apk add --no-cache curl && \
+    curl -L "${DOWNLOAD_BASE}/shadow-tls-${ARCH}" -o /shadow-tls && \
+    chmod +x /shadow-tls
+
+FROM alpine:latest
+
+ENV MODE=""
+ENV LISTEN=""
+ENV SERVER=""
+ENV TLS=""
+ENV THREADS=""
+ENV PASSWORD=""
+ENV ALPN=""
+ENV DISABLE_NODELAY=""
+ENV V3=""
+ENV STRICT=""
+
+COPY ./entrypoint.sh /
+RUN chmod +x /entrypoint.sh && apk add --no-cache ca-certificates
+COPY --from=builder /shadow-tls /usr/local/bin/shadow-tls
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/README.md b/README.md
@@ -1,5 +1,5 @@
 # Shadow TLS
-[![Build Docker Image](https://github.com/ihciah/shadow-tls/actions/workflows/build-docker-image.yml/badge.svg)](https://github.com/ihciah/shadow-tls/pkgs/container/shadow-tls) [![Build Releas](https://github.com/ihciah/shadow-tls/actions/workflows/build-release.yml/badge.svg)](https://github.com/ihciah/shadow-tls/releases) [![Crates.io](https://img.shields.io/crates/v/shadow-tls.svg)](https://crates.io/crates/shadow-tls) [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fihciah%2Fshadow-tls.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fihciah%2Fshadow-tls?ref=badge_shield)
+[![Build Releases](https://github.com/ihciah/shadow-tls/actions/workflows/build-release.yml/badge.svg)](https://github.com/ihciah/shadow-tls/releases) [![Crates.io](https://img.shields.io/crates/v/shadow-tls.svg)](https://crates.io/crates/shadow-tls) [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fihciah%2Fshadow-tls.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fihciah%2Fshadow-tls?ref=badge_shield)
 
 一个**可以使用别人的受信证书**的 TLS 伪装代理。