diff --git a/.cargo/config.toml b/.cargo/config.toml new file mode 100644 index 0000000..6e388b4 --- /dev/null +++ b/.cargo/config.toml @@ -0,0 +1,25 @@ +# This is used in the Docker build, you might need to adjust it for local usage. + +[target.x86_64-unknown-linux-musl] +linker = "x86_64-linux-musl-gcc" + +[target.aarch64-unknown-linux-musl] +linker = "aarch64-linux-musl-gcc" + +[target.armv7-unknown-linux-musleabi] +linker = "armv7m-linux-musleabi-gcc" + +[target.arm-unknown-linux-musleabi] +linker = "armv6-linux-musleabi-gcc" + +[target.i686-unknown-linux-musl] +linker = "i686-linux-musl-gcc" + +[target.powerpc64le-unknown-linux-musl] +linker = "powerpc64le-linux-musl-gcc" + +[target.s390x-unknown-linux-musl] +linker = "s390x-linux-musl-gcc" + +[target.riscv64gc-unknown-linux-musl] +linker = "riscv64-linux-musl-gcc" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 918add5..fdb0fed 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,6 +19,8 @@ on: jobs: build: runs-on: ubuntu-latest + env: + DOCKER_BUILDKIT: "1" steps: - name: Checkout uses: actions/checkout@v2 diff --git a/.github/workflows/buildx-branch.yml b/.github/workflows/buildx-branch.yml index 4002fa7..897f5ff 100644 --- a/.github/workflows/buildx-branch.yml +++ b/.github/workflows/buildx-branch.yml @@ -32,7 +32,7 @@ jobs: run: | docker buildx build \ --progress plain \ - --platform=linux/amd64 \ + --platform=linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7 \ --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ --build-arg COMMIT=`git rev-parse --short HEAD` \ --build-arg VERSION=${GITHUB_REF##*/} \ diff --git a/.github/workflows/buildx-latest.yml b/.github/workflows/buildx-latest.yml index 934f95c..8610c3b 100644 --- a/.github/workflows/buildx-latest.yml +++ b/.github/workflows/buildx-latest.yml @@ -29,7 +29,7 @@ jobs: run: | docker buildx build \ --progress plain \ - --platform=linux/amd64 \ + --platform=linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7 \ --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ --build-arg COMMIT=`git rev-parse --short HEAD` \ --build-arg VERSION=latest \ diff --git a/.github/workflows/buildx-release.yml b/.github/workflows/buildx-release.yml index 7402124..ec64897 100644 --- a/.github/workflows/buildx-release.yml +++ b/.github/workflows/buildx-release.yml @@ -29,7 +29,7 @@ jobs: run: | docker buildx build \ --progress plain \ - --platform=linux/amd64 \ + --platform=linux/amd64,linux/386,linux/arm64,linux/arm/v6,linux/arm/v7 \ --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ --build-arg COMMIT=`git rev-parse --short HEAD` \ --build-arg VERSION=${GITHUB_REF##*/} \ diff --git a/Dockerfile b/Dockerfile index 797817c..2d6d7f4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,34 +1,116 @@ +ARG BUILDPLATFORM=linux/amd64 + ARG ALPINE_VERSION=3.12 -ARG RUST_VERSION=1-alpine${ALPINE_VERSION} +ARG RUST_VERSION=1-slim-bullseye -FROM rust:${RUST_VERSION} AS build +FROM --platform=${BUILDPLATFORM} rust:${RUST_VERSION} AS build WORKDIR /usr/src/prometheus_wireguard_exporter # Setup -ARG ARCH=x86_64 -RUN apk add --update -q --no-cache musl-dev -RUN rustup target add ${ARCH}-unknown-linux-musl +RUN apt-get update -y && \ + apt-get install -y \ + # to cross build with musl + musl-tools \ + # to download the musl cross build tool + wget \ + # for verifying the binary properties + file -# Install dependencies -COPY Cargo.toml Cargo.lock ./ +# Download dependencies RUN mkdir src && \ - echo "fn main() {}" > src/main.rs -RUN cargo build --release && \ - rm -rf target/release/deps/prometheus_wireguard_exporter* + echo 'fn main() {}' > src/main.rs +COPY Cargo.toml Cargo.lock ./ +RUN cargo fetch && \ + rm src/main.rs + +ARG STATIC=yes +RUN touch /tmp/rustflags && \ + if [ "${STATIC}" != "yes" ]; then \ + echo "-C target-feature=-crt-static" | tee /tmp/rustflags; \ + fi + +ARG TARGETPLATFORM +RUN echo "Setting variables for ${TARGETPLATFORM:=linux/amd64}" && \ + case "${TARGETPLATFORM}" in \ + linux/amd64) \ + MUSL="x86_64-linux-musl"; \ + RUSTTARGET="x86_64-unknown-linux-musl"; \ + break;; \ + linux/arm64) \ + MUSL="aarch64-linux-musl"; \ + RUSTTARGET="aarch64-unknown-linux-musl"; \ + break;; \ + linux/arm/v7) \ + MUSL="armv7m-linux-musleabi"; \ + RUSTTARGET="armv7-unknown-linux-musleabi"; \ + break;; \ + linux/arm/v6) \ + MUSL="armv6-linux-musleabi"; \ + RUSTTARGET="arm-unknown-linux-musleabi"; \ + break;; \ + linux/386) \ + MUSL="i686-linux-musl"; \ + RUSTTARGET="i686-unknown-linux-musl"; \ + break;; \ + linux/ppc64le) \ + MUSL="powerpc64le-linux-musl"; \ + RUSTTARGET="powerpc64le-unknown-linux-musl"; \ + break;; \ + linux/s390x) \ + MUSL="s390x-linux-musl"; \ + RUSTTARGET="s390x-unknown-linux-musl"; \ + break;; \ + linux/riscv64) \ + MUSL="riscv64-linux-musl"; \ + RUSTTARGET="riscv64gc-unknown-linux-musl"; \ + break;; \ + *) echo "unsupported platform ${TARGETPLATFORM}"; exit 1;; \ + esac && \ + echo "${MUSL}" | tee /tmp/musl && \ + echo "${RUSTTARGET}" | tee /tmp/rusttarget + +RUN MUSL="$(cat /tmp/musl)" && \ + wget -qO- "https://musl.cc/$MUSL-cross.tgz" | tar -xzC /tmp && \ + rm "/tmp/$MUSL-cross/usr" && \ + cp -fr /tmp/"$MUSL"-cross/* / && \ + rm -rf "/tmp/$MUSL-cross" + +RUN rustup target add "$(cat /tmp/rusttarget)" + +# Copy .cargo/config for cross build configuration +COPY .cargo ./.cargo + +# Install dependencies +RUN echo 'fn main() {}' > src/main.rs && \ + RUSTFLAGS="$(cat /tmp/rustflags)" \ + CC="$(cat /tmp/musl)-gcc" \ + cargo build --target "$(cat /tmp/rusttarget)" --release +RUN rm -r \ + target/*-linux-*/release/deps/prometheus_wireguard_exporter* \ + target/*-linux-*/release/prometheus_wireguard_exporter* \ + src/main.rs -# Build the musl linked binary +# Build static binary with musl built-in COPY . . -RUN cargo build --release -RUN cargo install --target ${ARCH}-unknown-linux-musl --path . +RUN RUSTFLAGS="$(cat /tmp/rustflags)" \ + CC="$(cat /tmp/musl)-gcc" \ + cargo build --target "$(cat /tmp/rusttarget)" --release && \ + mv target/*-linux-*/release/prometheus_wireguard_exporter /tmp/binary +RUN description="$(file /tmp/binary)" && \ + echo "$description" && \ + if [ "${STATIC}" = "yes" ] && [ ! -z "$(echo $description | grep musl)" ]; then \ + echo "binary is not statically built!" && exit 1; \ + fi FROM alpine:${ALPINE_VERSION} EXPOSE 9586/tcp +WORKDIR /usr/local/bin RUN adduser prometheus-wireguard-exporter -s /bin/sh -D -u 1000 1000 && \ mkdir -p /etc/sudoers.d && \ echo 'prometheus-wireguard-exporter ALL=(root) NOPASSWD:/usr/bin/wg show * dump' > /etc/sudoers.d/prometheus-wireguard-exporter && \ chmod 0440 /etc/sudoers.d/prometheus-wireguard-exporter RUN apk add --update -q --no-cache wireguard-tools-wg sudo USER prometheus-wireguard-exporter -ENTRYPOINT [ "prometheus_wireguard_exporter" ] +ENTRYPOINT [ "/usr/local/bin/prometheus_wireguard_exporter" ] CMD [ "-a" ] -COPY --from=build --chown=prometheus-wireguard-exporter /usr/local/cargo/bin/prometheus_wireguard_exporter /usr/local/bin/prometheus_wireguard_exporter +COPY --from=build --chown=prometheus-wireguard-exporter /tmp/binary ./prometheus_wireguard_exporter diff --git a/README.md b/README.md index 281b49c..8096c46 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,20 @@ docker run -it --rm --init --net=host --cap-add=NET_ADMIN mindflavor/prometheus- docker run -it --rm alpine:3.12 wget -qO- http://localhost:9586/metrics ``` +ℹ️ The Docker image is compatible with `amd64`, `386`, `arm64`, `armv7` and `armv6` CPUs. + +To update the image, you can use + +```sh +docker pull mindflavor/prometheus_wireguard_exporter +``` + +You can also build it with: + +```sh +docker build -t mindflavor/prometheus_wireguard_exporter https://github.com/MindFlavor/prometheus_wireguard_exporter.git +``` + ## Compilation To compile the latest master version: