Skip to content

Commit

Permalink
Try to build
Browse files Browse the repository at this point in the history
  • Loading branch information
louischan-oursky committed Jun 5, 2024
1 parent d02b028 commit e90a765
Show file tree
Hide file tree
Showing 8 changed files with 1,560 additions and 0 deletions.
84 changes: 84 additions & 0 deletions .github/workflows/custom-build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
name: Custom Build

on:
push:
branches:
- '*'
- '!gh-pages'
tags:
- '*'
pull_request:
branches:
- '*'
- '!gh-pages'

jobs:
authgear-image-custom:
runs-on: ubuntu-22.04
if: ${{ github.repository == 'authgear/authgear-server' }}
steps:
- uses: actions/checkout@v3
# https://aran.dev/posts/github-actions-go-private-modules/
- name: Set up SSH key
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
AUTHGEAR_PRIVATE_DEPLOY_KEY: ${{ secrets.AUTHGEAR_PRIVATE_DEPLOY_KEY }}
run: |
mkdir -p ~/.ssh
ssh-agent -a $SSH_AUTH_SOCK
printf "$AUTHGEAR_PRIVATE_DEPLOY_KEY" | base64 --decode | ssh-add -
echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> "$GITHUB_ENV"
- run: make -C custombuild build-image TARGET=authgearx IMAGE_NAME=authgear-server-custom
- name: Push to HK
env:
DOCKER_PASSWORD: ${{ secrets.AUTHGEAR_CUSTOM_BUILD_SERVICE_ACCOUNT_KEY_HK }}
REPO: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_HK }}
REPO_PREFIX: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_PREFIX_HK }}
run: |
make -C custombuild tag-image IMAGE_NAME=authgear-server-custom REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-server"
printf "$DOCKER_PASSWORD" | docker login --username _json_key_base64 --password-stdin "$REPO"
make -C custombuild push-image REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-server"
- name: Push to US
env:
DOCKER_PASSWORD: ${{ secrets.AUTHGEAR_CUSTOM_BUILD_SERVICE_ACCOUNT_KEY_US }}
REPO: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_US }}
REPO_PREFIX: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_PREFIX_US }}
run: |
make -C custombuild tag-image IMAGE_NAME=authgear-server-custom REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-server"
printf "$DOCKER_PASSWORD" | docker login --username _json_key_base64 --password-stdin "$REPO"
make -C custombuild push-image REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-server"
portal-image-custom:
runs-on: ubuntu-22.04
if: ${{ github.repository == 'authgear/authgear-server' }}
steps:
- uses: actions/checkout@v3
# https://aran.dev/posts/github-actions-go-private-modules/
- name: Set up SSH key
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
AUTHGEAR_PRIVATE_DEPLOY_KEY: ${{ secrets.AUTHGEAR_PRIVATE_DEPLOY_KEY }}
run: |
mkdir -p ~/.ssh
ssh-agent -a $SSH_AUTH_SOCK
printf "$AUTHGEAR_PRIVATE_DEPLOY_KEY" | base64 --decode | ssh-add -
echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> "$GITHUB_ENV"
- run: make -C custombuild build-image TARGET=portalx IMAGE_NAME=authgear-portal-custom
- name: Push to HK
env:
DOCKER_PASSWORD: ${{ secrets.AUTHGEAR_CUSTOM_BUILD_SERVICE_ACCOUNT_KEY_HK }}
REPO: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_HK }}
REPO_PREFIX: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_PREFIX_HK }}
run: |
make -C custombuild tag-image IMAGE_NAME=authgear-portal-custom REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-portal"
printf "$DOCKER_PASSWORD" | docker login --username _json_key_base64 --password-stdin "$REPO"
make -C custombuild push-image REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-portal"
- name: Push to US
env:
DOCKER_PASSWORD: ${{ secrets.AUTHGEAR_CUSTOM_BUILD_SERVICE_ACCOUNT_KEY_US }}
REPO: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_US }}
REPO_PREFIX: ${{ vars.AUTHGEAR_CUSTOM_BUILD_REPO_PREFIX_US }}
run: |
make -C custombuild tag-image IMAGE_NAME=authgear-portal-custom REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-portal"
printf "$DOCKER_PASSWORD" | docker login --username _json_key_base64 --password-stdin "$REPO"
make -C custombuild push-image REMOTE_IMAGE_NAME="$REPO_PREFIX/authgear-portal"
31 changes: 31 additions & 0 deletions custombuild/Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# GIT_NAME could be empty.
GIT_NAME ?= $(shell git describe --exact-match 2>/dev/null)
GIT_HASH ?= git-$(shell git rev-parse --short=12 HEAD)

LDFLAGS ?= "-X github.com/authgear/authgear-server/pkg/version.Version=${GIT_HASH}"

.PHONY: start
start:
go run -ldflags ${LDFLAGS} ./cmd/authgearx start

.PHONY: start-portal
start-portal:
go run -ldflags ${LDFLAGS} ./cmd/portalx start

.PHONY: build
build:
go build -o $(BIN_NAME) -tags "osusergo netgo static_build timetzdata $(GO_BUILD_TAGS)" -ldflags ${LDFLAGS} ./cmd/$(TARGET)

.PHONY: build-image
build-image:
# Add --pull so that we are using the latest base image.
# The build context is the parent directory
docker build --pull --ssh=default --file ./cmd/$(TARGET)/Dockerfile --tag $(IMAGE_NAME) --build-arg GIT_HASH=$(GIT_HASH) ../

.PHONY: tag-image
tag-image:
docker tag $(IMAGE_NAME) $(REMOTE_IMAGE_NAME):$(GIT_HASH)

.PHONY: push-image
push-image:
docker push $(REMOTE_IMAGE_NAME):$(GIT_HASH)
79 changes: 79 additions & 0 deletions custombuild/cmd/authgearx/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# syntax=docker/dockerfile:1

# Stage 1: Build the Go binary
FROM golang:1.22.3-bookworm as stage1

# Install build time C dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
pkg-config \
libicu-dev \
libvips-dev \
libmagic-dev \
&& rm -rf /var/lib/apt/lists/*

# In order to build a Go program that uses private modules in Docker,
# we need the following
#
# 1. Set GOPRIVATE
# 2. Set up ~/.gitconfig to make Go to use SSH instead HTTPS to fetch the private modules.
# 3. Set up ~/.ssh/known_hosts
# 4. use --mount=type=ssh to use the SSH agent from the host machine.
ENV GOPRIVATE github.com/authgear/iamsmart
RUN git config --global url."ssh://[email protected]/authgear/iamsmart".insteadOf https://github.com/authgear/iamsmart
RUN mkdir -p ~/.ssh \
&& ssh-keyscan github.com >> ~/.ssh/known_hosts

WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
WORKDIR /src/custombuild
COPY ./custombuild/go.mod ./custombuild/go.sum ./
RUN --mount=type=ssh go mod download
WORKDIR /src
COPY . .
ARG GIT_HASH
RUN make -C custombuild build BIN_NAME=authgear TARGET=authgearx GIT_HASH=$GIT_HASH

# We used to build static binary.
# But we have a transitive dependency on icu4c so this is no longer the case.
# RUN readelf -d ./authgear | grep 'There is no dynamic section in this file'

# Stage 2: Build the static files
FROM node:20.9.0-bookworm as stage2
ARG GIT_HASH
WORKDIR /usr/src/app
COPY ./scripts/npm/package.json ./scripts/npm/package-lock.json ./scripts/npm/
RUN cd ./scripts/npm && npm ci
COPY ./authui/package.json ./authui/package-lock.json ./authui/
RUN cd ./authui && npm ci
COPY . .
RUN make authui GIT_HASH=$GIT_HASH

# Stage 3: Prepare the actual fs we use to run the program
FROM debian:bookworm-slim
ARG GIT_HASH
WORKDIR /app
# /etc/mime.types (mime-support)
# /usr/share/ca-certificates/*/* (ca-certificates)
# /usr/share/zoneinfo/ (tzdata)
RUN apt-get update && apt-get install -y --no-install-recommends \
libicu-dev \
libvips-dev \
libmagic-dev \
libmagic-mgc \
ca-certificates \
mime-support \
tzdata \
&& rm -rf /var/lib/apt/lists/*
RUN update-ca-certificates
COPY ./GeoLite2-Country.mmdb ./GeoLite2-Country.mmdb
COPY ./migrations ./migrations
COPY --from=stage1 /src/custombuild/authgear /usr/local/bin/
COPY ./resources/ ./resources/
COPY --from=stage2 /usr/src/app/resources/authgear/ ./resources/authgear/
COPY ./docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]
# update-ca-certificates requires root to run.
#USER nobody
EXPOSE 3000
CMD ["authgear", "start"]
51 changes: 51 additions & 0 deletions custombuild/cmd/authgearx/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package main

import (
"errors"
"log"
"os"

"github.com/joho/godotenv"
_ "go.uber.org/automaxprocs"

"github.com/authgear/authgear-server/cmd/authgear/cmd"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdaudit"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdbackground"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmddatabase"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdimages"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdimages/cmddatabase"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdimages/cmdstart"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdimport"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdinit"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdinternal"
_ "github.com/authgear/authgear-server/cmd/authgear/cmd/cmdstart"
_ "github.com/authgear/authgear-server/pkg/latte"
_ "github.com/authgear/authgear-server/pkg/lib/authenticationflow/declarative"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/adfs"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/apple"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/azureadb2c"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/azureadv2"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/facebook"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/github"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/google"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/linkedin"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/wechat"
"github.com/authgear/authgear-server/pkg/util/debug"
_ "github.com/authgear/iamsmart/pkg/iamsmartoauthrelyingparty"
)

func main() {
debug.TrapSIGQUIT()

err := godotenv.Load()
if err != nil && !errors.Is(err, os.ErrNotExist) {
log.Printf("failed to load .env file: %s", err)
}

err = cmd.Root.Execute()
if err != nil {
os.Exit(1)
} else {
os.Exit(0)
}
}
90 changes: 90 additions & 0 deletions custombuild/cmd/portalx/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
# syntax=docker/dockerfile:1

# Stage 1: Build the Go binary
FROM golang:1.22.3-bookworm as stage1

# Install build time C dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
pkg-config \
libicu-dev \
libvips-dev \
libmagic-dev \
&& rm -rf /var/lib/apt/lists/*

# In order to build a Go program that uses private modules in Docker,
# we need the following
#
# 1. Set GOPRIVATE
# 2. Set up ~/.gitconfig to make Go to use SSH instead HTTPS to fetch the private modules.
# 3. Set up ~/.ssh/known_hosts
# 4. use --mount=type=ssh to use the SSH agent from the host machine.
ENV GOPRIVATE github.com/authgear/iamsmart
RUN git config --global url."ssh://[email protected]/authgear/iamsmart".insteadOf https://github.com/authgear/iamsmart
RUN mkdir -p ~/.ssh \
&& ssh-keyscan github.com >> ~/.ssh/known_hosts

WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
WORKDIR /src/custombuild
COPY ./custombuild/go.mod ./custombuild/go.sum ./
RUN --mount=type=ssh go mod download
WORKDIR /src
COPY . .
ARG GIT_HASH
RUN make -C custombuild build BIN_NAME=authgear-portal TARGET=portalx GIT_HASH=$GIT_HASH

# We used to build static binary.
# But we have a transitive dependency on icu4c so this is no longer the case.
# RUN readelf -d ./authgear | grep 'There is no dynamic section in this file'

# Stage 2: Build the static files
FROM node:20.9.0-bookworm as stage2
ARG GIT_HASH
WORKDIR /usr/src/app
COPY ./scripts/npm/package.json ./scripts/npm/package-lock.json ./scripts/npm/
RUN cd ./scripts/npm && npm ci
COPY ./authui/package.json ./authui/package-lock.json ./authui/
RUN cd ./authui && npm ci
COPY . .
RUN make authui GIT_HASH=$GIT_HASH

# Stage 3: Build the portal static files
FROM node:20.9.0-bookworm as stage3
ARG GIT_HASH
# If the working directory is /src, Parcel will have some problem with it.
WORKDIR /usr/src/app
COPY ./portal/package.json ./portal/package-lock.json ./
RUN npm ci
COPY ./portal .
RUN npm run build

# Stage 4: Prepare the actual fs we use to run the program
FROM debian:bookworm-slim
ARG GIT_HASH
WORKDIR /app
# /etc/mime.types (mime-support)
# /usr/share/ca-certificates/*/* (ca-certificates)
# /usr/share/zoneinfo/ (tzdata)
RUN apt-get update && apt-get install -y --no-install-recommends \
libicu-dev \
libvips-dev \
libmagic-dev \
libmagic-mgc \
ca-certificates \
mime-support \
tzdata \
&& rm -rf /var/lib/apt/lists/*
RUN update-ca-certificates
COPY ./GeoLite2-Country.mmdb ./GeoLite2-Country.mmdb
COPY ./migrations ./migrations
COPY --from=stage1 /src/custombuild/authgear-portal /usr/local/bin/
COPY ./resources/ ./resources/
COPY --from=stage2 /usr/src/app/resources/authgear/ ./resources/authgear/
COPY --from=stage3 /usr/src/app/dist/ ./resources/portal/static/
COPY ./docker-entrypoint.sh /usr/local/bin/
ENTRYPOINT ["docker-entrypoint.sh"]
# update-ca-certificates requires root to run.
#USER nobody
EXPOSE 3003
CMD ["authgear-portal", "start"]
46 changes: 46 additions & 0 deletions custombuild/cmd/portalx/main.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
package main

import (
"errors"
"log"
"os"

"github.com/joho/godotenv"
_ "go.uber.org/automaxprocs"
_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"

"github.com/authgear/authgear-server/cmd/portal/cmd"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmdanalytic"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmddatabase"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmdinternal"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmdpricing"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmdstart"
_ "github.com/authgear/authgear-server/cmd/portal/cmd/cmdusage"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/adfs"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/apple"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/azureadb2c"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/azureadv2"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/facebook"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/github"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/google"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/linkedin"
_ "github.com/authgear/authgear-server/pkg/lib/oauthrelyingparty/wechat"
"github.com/authgear/authgear-server/pkg/util/debug"
_ "github.com/authgear/iamsmart/pkg/iamsmartoauthrelyingparty"
)

func main() {
debug.TrapSIGQUIT()

err := godotenv.Load()
if err != nil && !errors.Is(err, os.ErrNotExist) {
log.Printf("failed to load .env file: %s", err)
}

err = cmd.Root.Execute()
if err != nil {
os.Exit(1)
} else {
os.Exit(0)
}
}
Loading

0 comments on commit e90a765

Please sign in to comment.