diff --git a/Dockerfile.metadata b/Dockerfile.metadata index 05b3dac4ff..8e86963f90 100644 --- a/Dockerfile.metadata +++ b/Dockerfile.metadata @@ -1,15 +1,57 @@ -FROM mono:latest +# Everything we need in both the build and prod images +FROM ubuntu:latest as base -RUN /bin/sed -i 's/^mozilla\/DST_Root_CA_X3.crt$/!mozilla\/DST_Root_CA_X3.crt/' /etc/ca-certificates.conf && \ - /usr/sbin/update-ca-certificates -RUN apt-get update && \ - apt-get install -y --no-install-recommends python3 python3-pip python3-setuptools git build-essential python3-dev libffi-dev && \ - apt-get clean +# Don't prompt for time zone +ENV DEBIAN_FRONTEND=noninteractive + +# Put user-installed Python code in path +ENV PATH "$PATH:/root/.local/bin" + +# Install Git and Python +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + ca-certificates gnupg git libffi-dev \ + python3 python-is-python3 + +# Trust all git repos RUN git config --global --add safe.directory '*' + +# Set up Mono's APT repo +RUN gpg --homedir /tmp --no-default-keyring --keyring /usr/share/keyrings/mono-official-archive-keyring.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \ + && echo "deb [signed-by=/usr/share/keyrings/mono-official-archive-keyring.gpg] https://download.mono-project.com/repo/ubuntu stable-focal main" | tee /etc/apt/sources.list.d/mono-official-stable.list \ + && apt-get update + +# Install the necessary pieces of Mono +RUN apt-get install -y --no-install-recommends \ + mono-runtime ca-certificates-mono libmono-microsoft-csharp4.0-cil libmono-system-data4.0-cil libmono-system-runtime-serialization4.0-cil libmono-system-transactions4.0-cil libmono-system-net-http-webrequest4.0-cil + +# Isolate Python build stuff in a separate container +FROM base as build + +# Install Python build deps +RUN apt-get install -y --no-install-recommends \ + python3-pip python3-setuptools python3-dev + +# Install the meta tester's Python code and its Infra dep +ENV PIP_ROOT_USER_ACTION=ignore RUN pip3 install --upgrade pip -RUN pip3 install 'git+https://github.com/KSP-CKAN/NetKAN-Infra#subdirectory=netkan' -RUN pip3 install 'git+https://github.com/KSP-CKAN/xKAN-meta_testing' +RUN pip3 install --user 'git+https://github.com/KSP-CKAN/NetKAN-Infra#subdirectory=netkan' +RUN pip3 install --user 'git+https://github.com/KSP-CKAN/xKAN-meta_testing' + +# Prune unused deps (`--user` is implicit for uninstall) +RUN pip3 --no-input uninstall -y flask gunicorn werkzeug + +# The image we'll actually use +FROM base as prod + +# Purge APT download cache, package lists, and logs +RUN apt-get clean \ + && rm -r /var/lib/apt/lists /var/log/dpkg.log /var/log/apt + +# Extract built Python packages from the build image +COPY --from=build /root/.local /root/.local +# Install the .NET assemblies the meta tester uses ADD netkan.exe /usr/local/bin/. ADD ckan.exe /usr/local/bin/. diff --git a/Dockerfile.netkan b/Dockerfile.netkan index 2cc12656ae..ad8a738149 100644 --- a/Dockerfile.netkan +++ b/Dockerfile.netkan @@ -1,10 +1,27 @@ -FROM mono:latest -RUN /bin/sed -i 's/^mozilla\/DST_Root_CA_X3.crt$/!mozilla\/DST_Root_CA_X3.crt/' /etc/ca-certificates.conf && \ - /usr/sbin/update-ca-certificates +FROM ubuntu:latest + +# Don't prompt for time zone +ENV DEBIAN_FRONTEND=noninteractive + +# Set up Mono's APT repo +RUN apt-get update \ + && apt-get install -y --no-install-recommends ca-certificates gnupg curl \ + && gpg --homedir /tmp --no-default-keyring --keyring /usr/share/keyrings/mono-official-archive-keyring.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF \ + && echo "deb [signed-by=/usr/share/keyrings/mono-official-archive-keyring.gpg] https://download.mono-project.com/repo/ubuntu stable-focal main" | tee /etc/apt/sources.list.d/mono-official-stable.list \ + && apt-get update + +# Install the necessary pieces of Mono +RUN apt-get install -y --no-install-recommends \ + mono-runtime ca-certificates-mono libmono-microsoft-csharp4.0-cil libmono-system-data4.0-cil libmono-system-runtime-serialization4.0-cil libmono-system-transactions4.0-cil libmono-system-net-http-webrequest4.0-cil + +# Purge APT download cache, package lists, and logs +RUN apt-get clean \ + && rm -r /var/lib/apt/lists /var/log/dpkg.log /var/log/apt + RUN useradd -ms /bin/bash netkan USER netkan WORKDIR /home/netkan -ADD netkan.exe . +ADD --chown=netkan netkan.exe . ENTRYPOINT /usr/bin/mono netkan.exe --game ${GAME:-KSP} --queues $QUEUES \ --net-useragent 'Mozilla/5.0 (compatible; Netkanbot/1.0; CKAN; +https://github.com/KSP-CKAN/NetKAN-Infra)' \ --github-token $GH_Token --gitlab-token "$GL_Token" --cachedir ckan_cache -v diff --git a/doc/building.md b/doc/building.md index d5265ba034..f2c76a7044 100644 --- a/doc/building.md +++ b/doc/building.md @@ -199,7 +199,7 @@ The basic operation of the actual build process is as follows: These are the "final" output of the build process and are stored in: `_build/repack/$CONFIGURATION`. - Unit tests are executed - The NUnit unit tests in `CKAN.Tests.dll` are executed. -- Smoke tets are executed +- Smoke tests are executed - These are simple tests designed to make sure there isn't anything grossly wrong with the build. All they do is execute the repacked `ckan.exe` and `netkan.exe` and make sure their version output matches the expected output.