Add GH workflow for docker build and push (#186)

2025-10-16 23:01:56 -04:00
parent 8955547536
commit 3d12cc1c06
4 changed files with 103 additions and 45 deletions
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -0,0 +1,33 @@
+name: Build+Push Daemon/Admin Docker Image
+
+on:
+  push:
+    branches: [ "master" ]
+
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build Docker image
+      run: docker build --no-cache --tag vtnerd/monero-lws:master .
+    - name: Add additional tags
+      run: docker image tag vtnerd/monero-lws:master ghcr.io/vtnerd/monero-lws:master
+
+    - name: Login to GitHub Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+    - name: Push to GitHub Container Registry
+      run: docker push -a ghcr.io/vtnerd/monero-lws
+
+    - name: Login to Docker.io
+      uses: docker/login-action@v3
+      with:
+        username: ${{ github.actor }}
+        password: ${{ secrets.DOCKER_VTNERD_TOKEN }}
+    - name: Push to Docker.io
+      run: docker push -a vtnerd/monero-lws
--- a/90
+++ b/90
@@ -1,11 +1,10 @@
 # Initial base from https://github.com/sethforprivacy/monero-lws/blob/588c7f1965d3afbda8a65dc870645650e063e897/Dockerfile

 # Set monerod version to install from github
-ARG MONERO_BRANCH=v0.18.3.4
-ARG MONERO_COMMIT_HASH=b089f9ee69924882c5d14dd1a6991deb05d9d1cd
+ARG MONERO_COMMIT_HASH=d32b5bfe18e2f5b979fa8dc3a8966c76159ca722

-# Select ubuntu:20.04 for the build image base
-FROM ubuntu:20.04 as build
+# Select ubuntu:22.04 for the build image base
+FROM ubuntu:22.04 as build

 # Install all dependencies for a static build
 # Added DEBIAN_FRONTEND=noninteractive to workaround tzdata prompt on installation
@@ -20,23 +19,16 @@ RUN apt-get install --no-install-recommends -y \
    cmake \
    doxygen \
    git \
-    graphviz \
-    libboost-all-dev \
-    libexpat1-dev \
+    libgnutls30 \
    libldns-dev \
    liblzma-dev \
-    libpgm-dev \
    libprotobuf-dev \
-    libreadline6-dev \
    libsodium-dev \
    libssl-dev \
    libudev-dev \
    libunwind8-dev \
    libusb-1.0-0-dev \
-    libzmq3-dev \
    pkg-config \
-    protobuf-compiler \
-    qttools5-dev-tools \
    wget \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*
@@ -52,33 +44,56 @@ ENV USE_SINGLE_BUILDDIR 1
 ENV BOOST_DEBUG         1

 # Build expat, a dependency for libunbound
-RUN set -ex && wget https://github.com/libexpat/libexpat/releases/download/R_2_6_3/expat-2.6.3.tar.bz2 && \
-    echo "b8baef92f328eebcf731f4d18103951c61fa8c8ec21d5ff4202fb6f2198aeb2d  expat-2.6.3.tar.bz2" | sha256sum -c && \
-    tar -xf expat-2.6.3.tar.bz2 && \
-    rm expat-2.6.3.tar.bz2 && \
-    cd expat-2.6.3 && \
+RUN set -ex && wget https://github.com/libexpat/libexpat/releases/download/R_2_7_3/expat-2.7.3.tar.bz2 && \
+    echo "59c31441fec9a66205307749eccfee551055f2d792f329f18d97099e919a3b2f expat-2.7.3.tar.bz2" | sha256sum -c && \
+    tar -xf expat-2.7.3.tar.bz2 && \
+    rm expat-2.7.3.tar.bz2 && \
+    cd expat-2.7.3 && \
    ./configure --enable-static --disable-shared --prefix=/usr && \
    make -j${NPROC:-$(nproc)} && \
    make -j${NPROC:-$(nproc)} install

 # Build libunbound for static builds
 WORKDIR /tmp
-RUN set -ex && wget https://www.nlnetlabs.nl/downloads/unbound/unbound-1.22.0.tar.gz && \
-    echo "c5dd1bdef5d5685b2cedb749158dd152c52d44f65529a34ac15cd88d4b1b3d43  unbound-1.22.0.tar.gz" | sha256sum -c && \
-    tar -xzf unbound-1.22.0.tar.gz && \
-    rm unbound-1.22.0.tar.gz && \
-    cd unbound-1.22.0 && \
+RUN set -ex && wget https://www.nlnetlabs.nl/downloads/unbound/unbound-1.24.0.tar.gz && \
+    echo "147b22983cc7008aa21007e251b3845bfcf899ffd2d3b269253ebf2e27465086 unbound-1.24.0.tar.gz" | sha256sum -c && \
+    tar -xzf unbound-1.24.0.tar.gz && \
+    rm unbound-1.24.0.tar.gz && \
+    cd unbound-1.24.0 && \
    ./configure --disable-shared --enable-static --without-pyunbound --with-libexpat=/usr --with-ssl=/usr --with-libevent=no --without-pythonmodule --disable-flto --with-pthreads --with-libunbound-only --with-pic && \
    make -j${NPROC:-$(nproc)} && \
    make -j${NPROC:-$(nproc)} install

+# Build libzmq for static builds
+WORKDIR /tmp
+RUN set -ex && wget https://github.com/zeromq/libzmq/releases/download/v4.3.5/zeromq-4.3.5.tar.gz && \
+    echo "6653ef5910f17954861fe72332e68b03ca6e4d9c7160eb3a8de5a5a913bfab43 zeromq-4.3.5.tar.gz" | sha256sum -c && \
+    tar -xzf zeromq-4.3.5.tar.gz && \
+    rm zeromq-4.3.5.tar.gz && \
+    cd zeromq-4.3.5 && \
+    ./configure --disable-shared --enable-static --with-libsodium --disable-libunwind --with-pic && \
+    make -j${NPROC:-$(nproc)} && \
+    make -j${NPROC:-$(nproc)} install
+
+# Build boost for latest security updates
+WORKDIR /tmp
+RUN set -ex && wget https://archives.boost.io/release/1.89.0/source/boost_1_89_0.tar.bz2 && \
+    echo "85a33fa22621b4f314f8e85e1a5e2a9363d22e4f4992925d4bb3bc631b5a0c7a boost_1_89_0.tar.bz2" | sha256sum -c && \
+    tar -xf boost_1_89_0.tar.bz2 && \
+    rm boost_1_89_0.tar.bz2 && \
+    cd boost_1_89_0 && \
+    ./bootstrap.sh && \
+    ./b2 -j${NPROC:-$(nproc)} runtime-link=static link=static threading=multi variant=release \
+      --with-chrono --with-context --with-coroutine --with-date_time --with-filesystem --with-locale \
+      --with-program_options --with-regex --with-serialization --with-serialization install
+
 # Switch to Monero source directory
 WORKDIR /monero

 # Git pull Monero source at specified tag/branch and compile monerod binary
-RUN git clone --recursive --branch ${MONERO_BRANCH} \
+RUN git clone --recursive \
    https://github.com/monero-project/monero . \
-    && test `git rev-parse HEAD` = ${MONERO_COMMIT_HASH} || exit 1 \
+    && git checkout ${MONERO_COMMIT_HASH} \
    && git submodule init && git submodule update \
    && mkdir -p build/release && cd build/release \
    # Create make build files manually for release-static-linux-${TARGETARCH}
@@ -99,27 +114,13 @@ ARG NPROC
 RUN set -ex \
    && git submodule init && git submodule update \
    && rm -rf build && mkdir build && cd build \
-    && cmake -D STATIC=ON -D MONERO_SOURCE_DIR=/monero -D MONERO_BUILD_DIR=/monero/build/release .. \
-    && make -j${NPROC:-$(nproc)}
+    && cmake -D STATIC=ON -D BUILD_TESTS=ON -D MONERO_SOURCE_DIR=/monero -D MONERO_BUILD_DIR=/monero/build/release .. \
+    && make -j${NPROC:-$(nproc)} \
+    && ./tests/unit/monero-lws-unit

 # Begin final image build
 # Select Ubuntu 20.04LTS for the image base
-FROM ubuntu:20.04
-
-# Added DEBIAN_FRONTEND=noninteractive to workaround tzdata prompt on installation
-ENV DEBIAN_FRONTEND=noninteractive
-
-# Upgrade base image
-RUN apt-get update \
-    && apt-get upgrade --no-install-recommends -y
-
-# Install necessary dependencies
-RUN apt-get install --no-install-recommends -y \
-    ca-certificates \
-    curl \
-    jq \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
+FROM ubuntu:22.04

 # Add user and setup directories for monero-lws
 RUN useradd -ms /bin/bash monero-lws \
@@ -129,10 +130,11 @@ USER monero-lws

 # Switch to home directory and install newly built monero-lws binary
 WORKDIR /home/monero-lws
-COPY --chown=monero-lws:monero-lws --from=build /monero-lws/build/src/* /usr/local/bin/
+COPY --chown=monero-lws:monero-lws --from=build /monero-lws/build/src/monero-lws-daemon /usr/local/bin/
+COPY --chown=monero-lws:monero-lws --from=build /monero-lws/build/src/monero-lws-admin /usr/local/bin/

 # Expose REST server port
 EXPOSE 8443

-ENTRYPOINT ["monero-lws-daemon", "--db-path=/home/monero-lws/.bitmonero/light_wallet_server"]
+ENTRYPOINT ["monero-lws-daemon"]
 CMD ["--daemon=tcp://monerod:18082", "--sub=tcp://monerod:18083", "--log-level=4"]
--- a/README.md
+++ b/README.md
@@ -39,10 +39,33 @@ Differences from [OpenMonero](https://github.com/moneroexamples/openmonero):
  - Uses amd64 ASM acceleration from Monero project, if available
  - Supports webhook notifications, including "0-conf" notification

+
 ## License

 See [LICENSE](LICENSE).

+
+## Docker
+
+### Alpha Release
+
+Docker image for the `master` (alpha) branch can be fetched via:
+  * `docker pull ghcr.io/vtnerd/monero-lws:master`
+  * `docker pull vtnerd/monero-lws:master`
+
+This branch differs from the `develop` branch in that users should NOT expect
+incompatible DB changes; if users never "roll-back" their copy of `master` then
+the DB should also be in a valid state for use. However, the `master` version
+is considered alpha software so things could break, resulting in complications
+if the DB was not saved prior to upgrading.
+
+We need alpha testers, so consider using this where possible!
+
+> The `develop` branch should only be used for development purposes - breaking
+> DB changes are expected (but probably rare). No docker image is provided for
+> this branch - see compilation section below.
+
+
 ## Compiling Monero-lws from source

 ### Dependencies
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -56,8 +56,8 @@ target_link_libraries(monero-lws-daemon-common
    monero-lws-wire-json
    monero-lws-util
    ${Boost_CHRONO_LIBRARY}
-    ${Boost_CONTEXT_LIBRARY}
    ${Boost_COROUTINE_LIBRARY}
+    ${Boost_CONTEXT_LIBRARY}
    ${Boost_PROGRAM_OPTIONS_LIBRARY}
    ${Boost_SYSTEM_LIBRARY}
    ${Boost_THREAD_LIBRARY}