diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6f6f56f..75bdfd6 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -217,7 +217,7 @@ build:docker:main: --context $CI_PROJECT_DIR --build-arg CREATED=$(date -u +'%Y-%m-%dT%H:%M:%SZ') --build-arg VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9]' Cargo.toml) - --build-arg "GIT_REF=$CI_COMMIT_REF_NAME" + --build-arg "GIT_REF=$CI_COMMIT_SHORT_SHA" --dockerfile "$CI_PROJECT_DIR/docker/ci-binaries-packaging.Dockerfile" --destination "$CI_REGISTRY_IMAGE/conduit:latest" --destination "$CI_REGISTRY_IMAGE/conduit:alpine" diff --git a/Dockerfile b/Dockerfile index 68dce3f..f4b176f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,25 +7,29 @@ # Alpine build image to build Conduit's statically compiled binary FROM alpine:3.14 as builder +# Install packages needed for building all crates +RUN apk add --no-cache \ + cargo \ + openssl-dev + # Specifies if the local project is build or if Conduit gets build # from the official git repository. Defaults to the git repo. ARG LOCAL=false # Specifies which revision/commit is build. Defaults to HEAD ARG GIT_REF=origin/master -# Install packages needed for building all crates -RUN apk add --no-cache \ - cargo \ - openssl-dev - - # Copy project files from current folder COPY . . # Build it from the copied local files or from the official git repository RUN if [[ $LOCAL == "true" ]]; then \ + mv ./docker/healthcheck.sh . ; \ + echo "Building from local source..." ; \ cargo install --path . ; \ else \ - cargo install --git "https://gitlab.com/famedly/conduit.git" --rev ${GIT_REF}; \ + echo "Building revision '${GIT_REF}' from online source..." ; \ + cargo install --git "https://gitlab.com/famedly/conduit.git" --rev ${GIT_REF} ; \ + echo "Loadings healthcheck script from online source..." ; \ + wget "https://gitlab.com/famedly/conduit/-/raw/${GIT_REF#origin/}/docker/healthcheck.sh" ; \ fi ########################## RUNTIME IMAGE ########################## @@ -64,6 +68,7 @@ EXPOSE 6167 # /srv/conduit and create data folder for database RUN mkdir -p /srv/conduit/.local/share/conduit COPY --from=builder /root/.cargo/bin/conduit /srv/conduit/ +COPY --from=builder ./healthcheck.sh /srv/conduit/ # Add www-data user and group with UID 82, as used by alpine # https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install @@ -82,10 +87,7 @@ RUN apk add --no-cache \ libgcc # Test if Conduit is still alive, uses the same endpoint as Element -HEALTHCHECK --start-period=5s \ - CMD curl --fail -s "http://localhost:$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*')/_matrix/client/versions" || \ - curl -k --fail -s "https://localhost:$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*')/_matrix/client/versions" || \ - exit 1 +HEALTHCHECK --start-period=5s --interval=60s CMD ./healthcheck.sh # Set user to www-data USER www-data diff --git a/docker/ci-binaries-packaging.Dockerfile b/docker/ci-binaries-packaging.Dockerfile index 797ef0c..1fe85bf 100644 --- a/docker/ci-binaries-packaging.Dockerfile +++ b/docker/ci-binaries-packaging.Dockerfile @@ -53,10 +53,7 @@ RUN apk add --no-cache \ libgcc # Test if Conduit is still alive, uses the same endpoint as Element -HEALTHCHECK --start-period=5s \ - CMD curl --fail -s "http://localhost:$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*')/_matrix/client/versions" || \ - curl -k --fail -s "https://localhost:$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*')/_matrix/client/versions" || \ - exit 1 +HEALTHCHECK --start-period=5s --interval=60s CMD ./healthcheck.sh # Set user to www-data USER www-data @@ -68,3 +65,4 @@ ENTRYPOINT [ "/srv/conduit/conduit" ] # Copy the Conduit binary into the image at the latest possible moment to maximise caching: COPY ./conduit-x86_64-unknown-linux-musl /srv/conduit/conduit +COPY ./docker/healthcheck.sh /srv/conduit/ diff --git a/docker/healthcheck.sh b/docker/healthcheck.sh new file mode 100644 index 0000000..568838e --- /dev/null +++ b/docker/healthcheck.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +# If the port is not specified as env var, take it from the config file +if [ -z ${CONDUIT_PORT} ]; then + CONDUIT_PORT=$(grep -m1 -o 'port\s=\s[0-9]*' conduit.toml | grep -m1 -o '[0-9]*') +fi + +# The actual health check. +# We try to first get a response on HTTP and when that fails on HTTPS and when that fails, we exit with code 1. +# TODO: Change this to a single curl call. Do we have a config value that we can check for that? +curl --fail -s "http://localhost:${CONDUIT_PORT}/_matrix/client/versions" || \ + curl -k --fail -s "https://localhost:${CONDUIT_PORT}/_matrix/client/versions" || \ + exit 1