commit 55d5c676615828db2eb8ddfe737828b43975b7e6 Author: Lucas Schwiderski Date: Fri Aug 23 14:55:18 2024 +0200 Initialize repository diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7a6353d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.envrc diff --git a/Justfile b/Justfile new file mode 100644 index 0000000..dc0fa94 --- /dev/null +++ b/Justfile @@ -0,0 +1,33 @@ +pipeline_name := 'ci-images' +target := 'main' + +# Internal endpoint of the Docker registry, where no authentication is necessary +registry_url := env_var_or_default('REGISTRY_URL', 'docker.io/') +repo_url := shell("git remote get-url origin | sed 's|git@\\([^:]*\\):\\(.*\\).git|https://\\1/\\2|'") + +pipeline_file := shell('mktemp') + +build context dockerfile='' image_target='' *args='': + fly -t {{target}} execute \ + --config=./tasks/build-image.yml \ + --privileged \ + -i repo=. \ + -o image=/tmp/build-image \ + -v context=repo/images/{{context}} \ + -v dockerfile={{dockerfile}} \ + -v target={{image_target}} \ + {{args}} + +make-pipeline file: + jinja2 --strict --outfile="{{file}}" pipelines/build-and-push.yml.j2 pipelines/build-and-push.json + fly -t {{target}} validate-pipeline \ + --strict \ + --config "{{file}}" \ + -v registry_url={{registry_url}} + +set-pipeline: (make-pipeline pipeline_file) + fly -t {{target}} set-pipeline \ + --pipeline {{pipeline_name}} \ + --config "{{pipeline_file}}" \ + -v registry_url={{registry_url}} \ + -v repo_url={{repo_url}} diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..4153cd3 --- /dev/null +++ b/LICENSE @@ -0,0 +1,287 @@ + EUROPEAN UNION PUBLIC LICENCE v. 1.2 + EUPL © the European Union 2007, 2016 + +This European Union Public Licence (the ‘EUPL’) applies to the Work (as defined +below) which is provided under the terms of this Licence. Any use of the Work, +other than as authorised under this Licence is prohibited (to the extent such +use is covered by a right of the copyright holder of the Work). + +The Work is provided under the terms of this Licence when the Licensor (as +defined below) has placed the following notice immediately following the +copyright notice for the Work: + + Licensed under the EUPL + +or has expressed by any other means his willingness to license under the EUPL. + +1. Definitions + +In this Licence, the following terms have the following meaning: + +- ‘The Licence’: this Licence. + +- ‘The Original Work’: the work or software distributed or communicated by the + Licensor under this Licence, available as Source Code and also as Executable + Code as the case may be. + +- ‘Derivative Works’: the works or software that could be created by the + Licensee, based upon the Original Work or modifications thereof. This Licence + does not define the extent of modification or dependence on the Original Work + required in order to classify a work as a Derivative Work; this extent is + determined by copyright law applicable in the country mentioned in Article 15. + +- ‘The Work’: the Original Work or its Derivative Works. + +- ‘The Source Code’: the human-readable form of the Work which is the most + convenient for people to study and modify. + +- ‘The Executable Code’: any code which has generally been compiled and which is + meant to be interpreted by a computer as a program. + +- ‘The Licensor’: the natural or legal person that distributes or communicates + the Work under the Licence. + +- ‘Contributor(s)’: any natural or legal person who modifies the Work under the + Licence, or otherwise contributes to the creation of a Derivative Work. + +- ‘The Licensee’ or ‘You’: any natural or legal person who makes any usage of + the Work under the terms of the Licence. + +- ‘Distribution’ or ‘Communication’: any act of selling, giving, lending, + renting, distributing, communicating, transmitting, or otherwise making + available, online or offline, copies of the Work or providing access to its + essential functionalities at the disposal of any other natural or legal + person. + +2. Scope of the rights granted by the Licence + +The Licensor hereby grants You a worldwide, royalty-free, non-exclusive, +sublicensable licence to do the following, for the duration of copyright vested +in the Original Work: + +- use the Work in any circumstance and for all usage, +- reproduce the Work, +- modify the Work, and make Derivative Works based upon the Work, +- communicate to the public, including the right to make available or display + the Work or copies thereof to the public and perform publicly, as the case may + be, the Work, +- distribute the Work or copies thereof, +- lend and rent the Work or copies thereof, +- sublicense rights in the Work or copies thereof. + +Those rights can be exercised on any media, supports and formats, whether now +known or later invented, as far as the applicable law permits so. + +In the countries where moral rights apply, the Licensor waives his right to +exercise his moral right to the extent allowed by law in order to make effective +the licence of the economic rights here above listed. + +The Licensor grants to the Licensee royalty-free, non-exclusive usage rights to +any patents held by the Licensor, to the extent necessary to make use of the +rights granted on the Work under this Licence. + +3. Communication of the Source Code + +The Licensor may provide the Work either in its Source Code form, or as +Executable Code. If the Work is provided as Executable Code, the Licensor +provides in addition a machine-readable copy of the Source Code of the Work +along with each copy of the Work that the Licensor distributes or indicates, in +a notice following the copyright notice attached to the Work, a repository where +the Source Code is easily and freely accessible for as long as the Licensor +continues to distribute or communicate the Work. + +4. Limitations on copyright + +Nothing in this Licence is intended to deprive the Licensee of the benefits from +any exception or limitation to the exclusive rights of the rights owners in the +Work, of the exhaustion of those rights or of other applicable limitations +thereto. + +5. Obligations of the Licensee + +The grant of the rights mentioned above is subject to some restrictions and +obligations imposed on the Licensee. Those obligations are the following: + +Attribution right: The Licensee shall keep intact all copyright, patent or +trademarks notices and all notices that refer to the Licence and to the +disclaimer of warranties. The Licensee must include a copy of such notices and a +copy of the Licence with every copy of the Work he/she distributes or +communicates. The Licensee must cause any Derivative Work to carry prominent +notices stating that the Work has been modified and the date of modification. + +Copyleft clause: If the Licensee distributes or communicates copies of the +Original Works or Derivative Works, this Distribution or Communication will be +done under the terms of this Licence or of a later version of this Licence +unless the Original Work is expressly distributed only under this version of the +Licence — for example by communicating ‘EUPL v. 1.2 only’. The Licensee +(becoming Licensor) cannot offer or impose any additional terms or conditions on +the Work or Derivative Work that alter or restrict the terms of the Licence. + +Compatibility clause: If the Licensee Distributes or Communicates Derivative +Works or copies thereof based upon both the Work and another work licensed under +a Compatible Licence, this Distribution or Communication can be done under the +terms of this Compatible Licence. For the sake of this clause, ‘Compatible +Licence’ refers to the licences listed in the appendix attached to this Licence. +Should the Licensee's obligations under the Compatible Licence conflict with +his/her obligations under this Licence, the obligations of the Compatible +Licence shall prevail. + +Provision of Source Code: When distributing or communicating copies of the Work, +the Licensee will provide a machine-readable copy of the Source Code or indicate +a repository where this Source will be easily and freely available for as long +as the Licensee continues to distribute or communicate the Work. + +Legal Protection: This Licence does not grant permission to use the trade names, +trademarks, service marks, or names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the copyright notice. + +6. Chain of Authorship + +The original Licensor warrants that the copyright in the Original Work granted +hereunder is owned by him/her or licensed to him/her and that he/she has the +power and authority to grant the Licence. + +Each Contributor warrants that the copyright in the modifications he/she brings +to the Work are owned by him/her or licensed to him/her and that he/she has the +power and authority to grant the Licence. + +Each time You accept the Licence, the original Licensor and subsequent +Contributors grant You a licence to their contributions to the Work, under the +terms of this Licence. + +7. Disclaimer of Warranty + +The Work is a work in progress, which is continuously improved by numerous +Contributors. It is not a finished work and may therefore contain defects or +‘bugs’ inherent to this type of development. + +For the above reason, the Work is provided under the Licence on an ‘as is’ basis +and without warranties of any kind concerning the Work, including without +limitation merchantability, fitness for a particular purpose, absence of defects +or errors, accuracy, non-infringement of intellectual property rights other than +copyright as stated in Article 6 of this Licence. + +This disclaimer of warranty is an essential part of the Licence and a condition +for the grant of any rights to the Work. + +8. Disclaimer of Liability + +Except in the cases of wilful misconduct or damages directly caused to natural +persons, the Licensor will in no event be liable for any direct or indirect, +material or moral, damages of any kind, arising out of the Licence or of the use +of the Work, including without limitation, damages for loss of goodwill, work +stoppage, computer failure or malfunction, loss of data or any commercial +damage, even if the Licensor has been advised of the possibility of such damage. +However, the Licensor will be liable under statutory product liability laws as +far such laws apply to the Work. + +9. Additional agreements + +While distributing the Work, You may choose to conclude an additional agreement, +defining obligations or services consistent with this Licence. However, if +accepting obligations, You may act only on your own behalf and on your sole +responsibility, not on behalf of the original Licensor or any other Contributor, +and only if You agree to indemnify, defend, and hold each Contributor harmless +for any liability incurred by, or claims asserted against such Contributor by +the fact You have accepted any warranty or additional liability. + +10. Acceptance of the Licence + +The provisions of this Licence can be accepted by clicking on an icon ‘I agree’ +placed under the bottom of a window displaying the text of this Licence or by +affirming consent in any other similar way, in accordance with the rules of +applicable law. Clicking on that icon indicates your clear and irrevocable +acceptance of this Licence and all of its terms and conditions. + +Similarly, you irrevocably accept this Licence and all of its terms and +conditions by exercising any rights granted to You by Article 2 of this Licence, +such as the use of the Work, the creation by You of a Derivative Work or the +Distribution or Communication by You of the Work or copies thereof. + +11. Information to the public + +In case of any Distribution or Communication of the Work by means of electronic +communication by You (for example, by offering to download the Work from a +remote location) the distribution channel or media (for example, a website) must +at least provide to the public the information requested by the applicable law +regarding the Licensor, the Licence and the way it may be accessible, concluded, +stored and reproduced by the Licensee. + +12. Termination of the Licence + +The Licence and the rights granted hereunder will terminate automatically upon +any breach by the Licensee of the terms of the Licence. + +Such a termination will not terminate the licences of any person who has +received the Work from the Licensee under the Licence, provided such persons +remain in full compliance with the Licence. + +13. Miscellaneous + +Without prejudice of Article 9 above, the Licence represents the complete +agreement between the Parties as to the Work. + +If any provision of the Licence is invalid or unenforceable under applicable +law, this will not affect the validity or enforceability of the Licence as a +whole. Such provision will be construed or reformed so as necessary to make it +valid and enforceable. + +The European Commission may publish other linguistic versions or new versions of +this Licence or updated versions of the Appendix, so far this is required and +reasonable, without reducing the scope of the rights granted by the Licence. New +versions of the Licence will be published with a unique version number. + +All linguistic versions of this Licence, approved by the European Commission, +have identical value. Parties can take advantage of the linguistic version of +their choice. + +14. Jurisdiction + +Without prejudice to specific agreement between parties, + +- any litigation resulting from the interpretation of this License, arising + between the European Union institutions, bodies, offices or agencies, as a + Licensor, and any Licensee, will be subject to the jurisdiction of the Court + of Justice of the European Union, as laid down in article 272 of the Treaty on + the Functioning of the European Union, + +- any litigation arising between other parties and resulting from the + interpretation of this License, will be subject to the exclusive jurisdiction + of the competent court where the Licensor resides or conducts its primary + business. + +15. Applicable Law + +Without prejudice to specific agreement between parties, + +- this Licence shall be governed by the law of the European Union Member State + where the Licensor has his seat, resides or has his registered office, + +- this licence shall be governed by Belgian law if the Licensor has no seat, + residence or registered office inside a European Union Member State. + +Appendix + +‘Compatible Licences’ according to Article 5 EUPL are: + +- GNU General Public License (GPL) v. 2, v. 3 +- GNU Affero General Public License (AGPL) v. 3 +- Open Software License (OSL) v. 2.1, v. 3.0 +- Eclipse Public License (EPL) v. 1.0 +- CeCILL v. 2.0, v. 2.1 +- Mozilla Public Licence (MPL) v. 2 +- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3 +- Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0) for + works other than software +- European Union Public Licence (EUPL) v. 1.1, v. 1.2 +- Québec Free and Open-Source Licence — Reciprocity (LiLiQ-R) or Strong + Reciprocity (LiLiQ-R+). + +The European Commission may update this Appendix to later versions of the above +licences without producing a new version of the EUPL, as long as they provide +the rights granted in Article 2 of this Licence and protect the covered Source +Code from exclusive appropriation. + +All other changes or additions to this Appendix require the production of a new +EUPL version. diff --git a/README.md b/README.md new file mode 100644 index 0000000..34b1079 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# CI Images + +A collection of Dockerfiles used as task images for project CI at https://ci.sclu1034.dev. diff --git a/images/base/Dockerfile b/images/base/Dockerfile new file mode 100644 index 0000000..9d50042 --- /dev/null +++ b/images/base/Dockerfile @@ -0,0 +1 @@ +FROM debian:bullseye-slim diff --git a/images/beancount-import/.dockerignore b/images/beancount-import/.dockerignore new file mode 100644 index 0000000..4a246ec --- /dev/null +++ b/images/beancount-import/.dockerignore @@ -0,0 +1,2 @@ +Dockerfile +.dockerignore diff --git a/images/beancount-import/Dockerfile b/images/beancount-import/Dockerfile new file mode 100644 index 0000000..f4e0f33 --- /dev/null +++ b/images/beancount-import/Dockerfile @@ -0,0 +1,24 @@ +FROM python:3.12.3-slim + +COPY requirements.txt /tmp + +RUN set -eux; \ + pip3 install --break-system-packages -r /tmp/requirements.txt; \ + rm -rf \ + /root/.cache \ + /tmp/requirements.txt \ + ; + +WORKDIR /beancount-import +COPY . . + +ENV BEANCOUNT_IMPORT_ARGS="" \ + BEANCOUNT_IMPORT_JOURNAL_DIR="/beancount-import/journal" \ + BEANCOUNT_IMPORT_DATA_DIR="/beancount-import/data" + +EXPOSE 8080 + +VOLUME ${BEANCOUNT_IMPORT_DATA_DIR} +VOLUME ${BEANCOUNT_IMPORT_JOURNAL_DIR} + +CMD python3 /beancount-import/run.py --address 0.0.0.0 --port 8080 ${BEANCOUNT_IMPORT_ARGS} diff --git a/images/beancount-import/_config.py b/images/beancount-import/_config.py new file mode 100644 index 0000000..055a709 --- /dev/null +++ b/images/beancount-import/_config.py @@ -0,0 +1,45 @@ +""" +This config is where you would initialize your importers with personal info +like account number or credit card last4 digit. + +you may also define CONFIG:List[ImporterProtocol] for other beancount tools like +bean-identify, bean-file, and other beancount scripts to use +eg. `bean-identify _config.py ~/Downloads` +to identify the files that importers defined here can process + + +beancount-import should have it's own run.py where you invoke the +`beancount_import.webserver.main` but import the Importer objects from this config + +This is the way!! +""" +from beancount.ingest.importers.csv import Importer as CSVImporter, Col + +my_foobar_bank_importer = CSVImporter( + { + Col.DATE: "Date", + Col.NARRATION1: "Description", + Col.AMOUNT: "Amount", + }, + "Assets:FooBarBank", # account + "EUR", # currency + # regexps used by ImporterProtocol.identify() to identify the correct file + '"Date","Description","Amount"', +) + +my_amex_cc_importer = CSVImporter( + { + Col.DATE: "Date", + Col.NARRATION1: "Description", + Col.AMOUNT: "Amount", + Col.BALANCE: "Balance", + }, + "Liabilities:Amex-Credit-Card", # account + "EUR", # currency + # regexps used by ImporterProtocol.identify() to identify the correct file + ("Date,Description,Amount,Balance", "Credit.*7890"), + skip_lines=1, +) + +# beancount's scripts use this +CONFIG = [my_foobar_bank_importer, my_amex_cc_importer] diff --git a/images/beancount-import/requirements.txt b/images/beancount-import/requirements.txt new file mode 100644 index 0000000..fa7bc32 --- /dev/null +++ b/images/beancount-import/requirements.txt @@ -0,0 +1,2 @@ +beancount-import==1.3.5 +smart_importer==0.5 diff --git a/images/beancount-import/run.py b/images/beancount-import/run.py new file mode 100644 index 0000000..21f3c5d --- /dev/null +++ b/images/beancount-import/run.py @@ -0,0 +1,31 @@ +#!/usr/bin/env python3 + +import os +import sys + +from _config import data_sources + + +def run_reconcile(extra_args): + import beancount_import.webserver + + journal_dir = os.environ["BEANCOUNT_IMPORT_JOURNAL_DIR"] + + beancount_import.webserver.main( + extra_args, + journal_input=os.path.join(journal_dir, "main.beancount"), + ignored_journal=os.path.join(journal_dir, "ignored.beancount"), + default_output=os.path.join(journal_dir, "main.beancount"), + open_account_output_map=[ + (".*", os.path.join(journal_dir, "accounts.beancount")), + ], + balance_account_output_map=[ + (".*", os.path.join(journal_dir, "accounts.beancount")), + ], + price_output=os.path.join(journal_dir, "prices.beancount"), + data_sources=data_sources, + ) + + +if __name__ == "__main__": + run_reconcile(sys.argv[1:]) diff --git a/images/fava/Dockerfile b/images/fava/Dockerfile new file mode 100644 index 0000000..4e2c60c --- /dev/null +++ b/images/fava/Dockerfile @@ -0,0 +1,63 @@ +ARG BEANCOUNT_VERSION=2.3.6 +ARG FAVA_VERSION=1.27.3 + +FROM node:lts-slim as node_build_env +ARG FAVA_VERSION + +RUN set -eux; \ + apt-get update; \ + apt-get install -y python3-babel git make; + +RUN git clone --depth 1 --branch v${FAVA_VERSION} https://github.com/beancount/fava /tmp/build/fava + +WORKDIR /tmp/build/fava +RUN set -eux; \ + make -j $(nproc); \ + rm -rf .*cache .eggs .tox build dist frontend/node_modules; \ + find . -type f -name '*.py[c0]' -delete; \ + find . -type d -name "__pycache__" -delete + +FROM python:3.12.3-slim as build_env +ARG BEANCOUNT_VERSION + +RUN set -eux; \ + apt-get update; \ + apt-get install -y build-essential libxml2-dev libxslt-dev curl git; + +ENV PATH "/app/bin:$PATH" +RUN python -mvenv /app +COPY --from=node_build_env /tmp/build/fava /tmp/build/fava + +RUN git clone --depth 1 --branch ${BEANCOUNT_VERSION} https://github.com/beancount/beancount /tmp/build/beancount + +WORKDIR /tmp/build/beancount +RUN set -eux; \ + CFLAGS=-s pip3 install -U /tmp/build/beancount; \ + pip3 install -U /tmp/build/fava; \ + pip3 install \ + beancount-reds-plugins \ + git+https://github.com/andreasgerstmayr/fava-dashboards.git \ + git+https://github.com/beancount/beangrow.git \ + git+https://github.com/redstreet/fava_investor.git \ + git+https://github.com/daniel-wells/beancount_checkclosed.git \ + git+https://github.com/PhracturedBlue/fava-portfolio-summary.git \ + git+https://github.com/polarmutex/fava-envelope.git \ + git+https://github.com/scauligi/refried.git \ + git+https://github.com/beancount/beanprice.git@41576e2ac889e4825e4985b6f6c56aa71de28304 \ + ; \ + pip3 uninstall -y pip; \ + find /app -name __pycache__ -exec rm -rf -v {} + + +FROM python:3.12.3-slim +COPY --from=build_env /app /app + +# Default fava port number +EXPOSE 5000 + +ENV BEAN_ROOT "" +ENV BEANCOUNT_FILE "" + +ENV FAVA_HOST "0.0.0.0" +ENV PATH "/app/bin:$PATH" + +CMD ["fava"] diff --git a/images/fluentd/Dockerfile b/images/fluentd/Dockerfile new file mode 100644 index 0000000..a217761 --- /dev/null +++ b/images/fluentd/Dockerfile @@ -0,0 +1,32 @@ +FROM fluent/fluentd:v1.16.1 + +USER root + +# The recommendation is to install gems here. But in practice, +# the `geoip` plugin will fail if done so, because for unknown reasons, +# it wouldn't be able to find the `geoip2_c` gem, even though that would +# be installed successfully. +# The only way to get that plugin working is to use the `--gemfile` flag +# to have them installed at startup. +# Hence why we need to blow up this image with a bunch of dev dependencies. +RUN set -eux; \ + apk add --no-cache --virtual .build-deps \ + binutils \ + autoconf \ + automake \ + gcc \ + geoip-dev \ + gettext \ + libmaxminddb-dev \ + libtool \ + make \ + musl-dev \ + ruby-dev \ + ; \ + # fluentd needs this directory when installing Gems + mkdir /etc/fluentd; \ + chown fluent:fluent /etc/fluentd + +USER fluent + +COPY Gemfile /etc/fluentd/Gemfile diff --git a/images/fluentd/Gemfile b/images/fluentd/Gemfile new file mode 100644 index 0000000..094f7d3 --- /dev/null +++ b/images/fluentd/Gemfile @@ -0,0 +1,10 @@ +source 'https://rubygems.org' + +gem 'fluentd' +gem 'geoip2_c' +gem 'fluent-plugin-geoip' +gem 'fluent-plugin-prometheus' +gem 'fluent-plugin-ua-parser' +gem 'fluent-plugin-grafana-loki' +gem 'fluent-plugin-stdout-pp' +gem 'fluent-plugin-parser-logfmt' diff --git a/images/forgejo/Dockerfile b/images/forgejo/Dockerfile new file mode 100644 index 0000000..b645538 --- /dev/null +++ b/images/forgejo/Dockerfile @@ -0,0 +1,14 @@ +FROM codeberg.org/forgejo/forgejo:8.0.0 + +RUN apk --no-cache add \ + asciidoctor \ + freetype \ + freetype-dev \ + gcc \ + g++ \ + libpng \ + libffi-dev \ + py-pip \ + python3-dev \ + py3-pip \ + py3-pyzmq diff --git a/images/frp/Dockerfile b/images/frp/Dockerfile new file mode 100644 index 0000000..47df792 --- /dev/null +++ b/images/frp/Dockerfile @@ -0,0 +1,18 @@ +ARG FRP_VERSION=0.60.0 + +FROM scratch AS src + +ARG FRP_VERSION +ADD https://github.com/fatedier/frp/releases/download/v${FRP_VERSION}/frp_${FRP_VERSION}_linux_amd64.tar.gz /frp.tar.gz + + +FROM alpine:3.8 + +ARG FRP_VERSION + +RUN --mount=from=src,target=/src < $KEYRINGS/llvm.gpg < /root/llvm-snapshot.gpg.key; \ + gpg --dearmor > $KEYRINGS/winehq.gpg < /root/winehq.key; \ + echo "deb [signed-by=$KEYRINGS/llvm.gpg] http://apt.llvm.org/bullseye/ llvm-toolchain-bullseye-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list; \ + echo "deb [signed-by=$KEYRINGS/winehq.gpg] https://dl.winehq.org/wine-builds/debian/ bullseye main" > /etc/apt/sources.list.d/winehq.list; \ + dpkg --add-architecture i386; \ + apt-get update; \ + apt-get install --no-install-recommends --no-install-suggests -y \ + libclang-${LLVM_VERSION}-dev \ + gcc-mingw-w64-x86-64 \ + clang-${LLVM_VERSION} \ + llvm-${LLVM_VERSION} \ + lld-${LLVM_VERSION} \ + winehq-staging \ + ; \ + # ensure that clang/clang++ are callable directly + ln -s clang-${LLVM_VERSION} /usr/bin/clang && ln -s clang /usr/bin/clang++ && ln -s lld-${LLVM_VERSION} /usr/bin/ld.lld; \ + # We also need to setup symlinks ourselves for the MSVC shims because they aren't in the debian packages + ln -s clang-${LLVM_VERSION} /usr/bin/clang-cl && ln -s llvm-ar-${LLVM_VERSION} /usr/bin/llvm-lib && ln -s lld-link-${LLVM_VERSION} /usr/bin/lld-link; \ + # Verify the symlinks are correct + clang++ -v; \ + ld.lld -v; \ + # Doesn't have an actual -v/--version flag, but it still exits with 0 + llvm-lib -v; \ + clang-cl -v; \ + lld-link --version; \ + # Use clang instead of gcc when compiling and linking binaries targeting the host (eg proc macros, build files) + update-alternatives --install /usr/bin/cc cc /usr/bin/clang 100; \ + update-alternatives --install /usr/bin/c++ c++ /usr/bin/clang++ 100; \ + update-alternatives --install /usr/bin/ld ld /usr/bin/ld.lld 100; \ + rustup target add x86_64-pc-windows-msvc; \ + rustup default stable-x86_64-pc-windows-msvc; \ + rustup component add rust-src; \ + rustup update; \ + apt-get remove -y --auto-remove \ + gpg \ + ; \ + rm -rf \ + /var/lib/apt/lists/* \ + /root/*.key; + +COPY --from=xwin-download /xwin /xwin + +# Note that we're using the full target triple for each variable instead of the +# simple CC/CXX/AR shorthands to avoid issues when compiling any C/C++ code for +# build dependencies that need to compile and execute in the host environment +ENV CC_x86_64_pc_windows_msvc="clang-cl" \ + CXX_x86_64_pc_windows_msvc="clang-cl" \ + AR_x86_64_pc_windows_msvc="llvm-lib" \ + # wine can be quite spammy with log messages and they're generally uninteresting + WINEDEBUG="-all" \ + # Use wine to run test executables + CARGO_TARGET_X86_64_PC_WINDOWS_MSVC_RUNNER="wine" \ + # Note that we only disable unused-command-line-argument here since clang-cl + # doesn't implement all of the options supported by cl, but the ones it doesn't + # are _generally_ not interesting. + CL_FLAGS="-Wno-unused-command-line-argument -fuse-ld=lld-link /imsvc/xwin/crt/include /imsvc/xwin/sdk/include/ucrt /imsvc/xwin/sdk/include/um /imsvc/xwin/sdk/include/shared" \ + # Let cargo know what linker to invoke if you haven't already specified it + # in a .cargo/config.toml file + CARGO_TARGET_X86_64_PC_WINDOWS_MSVC_LINKER="lld-link" \ + CARGO_TARGET_X86_64_PC_WINDOWS_MSVC_RUSTFLAGS="-Lnative=/xwin/crt/lib/x86_64 -Lnative=/xwin/sdk/lib/um/x86_64 -Lnative=/xwin/sdk/lib/ucrt/x86_64" + +# These are separate since docker/podman won't transform environment variables defined in the same ENV block +ENV CFLAGS_x86_64_pc_windows_msvc="$CL_FLAGS" \ + CXXFLAGS_x86_64_pc_windows_msvc="$CL_FLAGS" + +WORKDIR /src/plugin + +# Run wineboot just to setup the default WINEPREFIX so we don't do it every +# container run +RUN wine wineboot --init + +FROM rust-xwin AS rust-xwin-ci + +RUN set -eux; \ + apt-get update; \ + apt-get install --no-install-recommends -y \ + git \ + jq \ + ; \ + sh -c "git config --global --add safe.directory '*'"; \ + apt-get remove -y --auto-remove; \ + rm -rf /var/lib/apt/lists/*; + diff --git a/pipelines/build-and-push.json b/pipelines/build-and-push.json new file mode 100644 index 0000000..2baa85b --- /dev/null +++ b/pipelines/build-and-push.json @@ -0,0 +1,56 @@ +{ + "images": [ + { + "type": "simple", + "name": "lua-clib" + }, + { + "type": "simple", + "name": "python-script" + }, + { + "type": "simple", + "name": "node-script" + }, + { + "type": "simple", + "name": "ruby-script" + }, + { + "type": "simple", + "name": "base" + }, + { + "type": "simple", + "name": "nextcloud" + }, + { + "type": "simple", + "name": "gotenberg" + }, + { + "type": "simple", + "name": "fluentd" + }, + { + "type": "simple", + "name": "forgejo" + }, + { + "type": "simple", + "name": "beancount-import" + }, + { + "type": "simple", + "name": "frp" + }, + { + "type": "simple", + "name": "fava" + }, + { + "type": "file", + "name": "rust-xwin" + } + ] +} diff --git a/pipelines/build-and-push.yml.j2 b/pipelines/build-and-push.yml.j2 new file mode 100644 index 0000000..33191fc --- /dev/null +++ b/pipelines/build-and-push.yml.j2 @@ -0,0 +1,43 @@ +{%- import 'jobs/simple-image.yml.j2' as simple_image %} +{%- macro simple_image_resource(name, registry_url) -%} + - name: image-{{ name }} + type: registry-image + icon: docker + source: + repository: "{{ registry_url }}/{{ name }}" +{% endmacro -%} +--- + +resource_types: + - name: github-release + type: registry-image + source: + repository: concourse/github-release-resource + +resources: + - name: repo + type: git + icon: github + source: + uri: ((repo_url)) + branch: master + + {%- set registry_url = "((registry_url))" %} + {% for img in images -%} + {%- if img.type == "simple" %} + {{ simple_image_resource(img.name, registry_url) }} + {%- elif img.type == "file" %} + {%- import "jobs/" + img.name + ".yml.j2" as job %} + {{ job.resources(registry_url) }} + {%- endif %} + {%- endfor %} + +jobs: + {%- for img in images %} + {%- if img.type == "simple" %} + {{ simple_image.jobs(img) }} + {%- elif img.type == "file" %} + {%- import "jobs/" + img.name + ".yml.j2" as job %} + {{ job.jobs() }} + {%- endif %} + {% endfor %} diff --git a/pipelines/jobs/rust-xwin.yml.j2 b/pipelines/jobs/rust-xwin.yml.j2 new file mode 100644 index 0000000..afb71df --- /dev/null +++ b/pipelines/jobs/rust-xwin.yml.j2 @@ -0,0 +1,46 @@ +{% macro resources(registry_url) -%} + - name: image-rust-xwin + type: registry-image + icon: docker + source: + repository: "{{ registry_url }}/rust-xwin" + + - name: image-rust-xwin-ci + type: registry-image + icon: docker + source: + repository: "{{ registry_url }}/rust-xwin-ci" +{% endmacro %} + +{% macro jobs() -%} + - name: rust-xwin + plan: + - get: repo + trigger: true + - in_parallel: + fail_fast: true + steps: + - task: build-rust-xwin + file: repo/tasks/build.yml + vars: + context: images/rust-xwin + target: rust-xwin + additional_targets: rust-xwin-ci + output_mapping: + image: image-rust-xwin + - task: build-rust-xwin-ci + file: repo/tasks/build.yml + vars: + context: images/rust-xwin + target: rust-xwin-ci + output_mapping: + image: image-rust-xwin-ci + - in_parallel: + steps: + - put: image-rust-xwin + params: + image: image-rust-xwin/image.tar + - put: image-rust-xwin-ci + params: + image: image-rust-xwin-ci/image.tar +{% endmacro %} diff --git a/pipelines/jobs/simple-image.yml.j2 b/pipelines/jobs/simple-image.yml.j2 new file mode 100644 index 0000000..681feb6 --- /dev/null +++ b/pipelines/jobs/simple-image.yml.j2 @@ -0,0 +1,19 @@ +{% macro jobs(job) -%} + - name: {{ job.name }} + plan: + - get: repo + trigger: true + - task: build-image + privileged: true + file: repo/tasks/build.yml + vars: + context: images/{{ job.name }} + {%- if "args" in job %} + params: + {%- for name, value in job.args.items() %} + BUILD_ARG_{{name}}: "{{value}}" + {%- endfor %} + {%- endif %} + - put: image-{{ job.name }} + params: { image: image/image.tar } +{%- endmacro -%} diff --git a/tasks/build-image.yml b/tasks/build-image.yml new file mode 100644 index 0000000..69ca9d5 --- /dev/null +++ b/tasks/build-image.yml @@ -0,0 +1,28 @@ +# yaml-language-server: $schema=https://raw.githubusercontent.com/cappyzawa/concourse-pipeline-jsonschema/master/concourse_jsonschema.json#/definitions/TaskConfig +--- +platform: linux + +image_resource: + name: image + type: registry-image + source: + repository: concourse/oci-build-task + tag: latest + +inputs: +- name: repo + +outputs: +- name: image + +caches: + - path: cache + - path: /var/cache + +params: + CONTEXT: ((context)) + DOCKERFILE: ((dockerfile)) + TARGET: ((target)) + +run: + path: build