From 8d6b7f744b3baa7a7a57f6a4b009299ea354aa2b Mon Sep 17 00:00:00 2001 From: Wanjohi <71614375+wanjohiryan@users.noreply.github.com> Date: Mon, 9 Dec 2024 20:20:41 +0300 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20feat:=20Add=20CI=20for=20=20contain?= =?UTF-8?q?er=20(#141)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This creates a CI job for building `containers/runner.Containerfile` on PR or on merge to main. This helps in checking whether it can build and work as expected --- .github/workflows/relay.yml | 88 +++++++ .github/workflows/runner.yml | 94 ++++++++ containers/Containerfile.master | 206 ---------------- containers/Containerfile.relay | 20 -- containers/Containerfile.runner | 219 ------------------ .../master.Containerfile | 0 .../relay.Containerfile | 0 .../runner.Containerfile | 20 +- 8 files changed, 192 insertions(+), 455 deletions(-) create mode 100644 .github/workflows/relay.yml create mode 100644 .github/workflows/runner.yml delete mode 100644 containers/Containerfile.master delete mode 100644 containers/Containerfile.relay delete mode 100644 containers/Containerfile.runner rename Containerfile.master => containers/master.Containerfile (100%) rename Containerfile.relay => containers/relay.Containerfile (100%) rename Containerfile.runner => containers/runner.Containerfile (90%) diff --git a/.github/workflows/relay.yml b/.github/workflows/relay.yml new file mode 100644 index 00000000..f3ffe223 --- /dev/null +++ b/.github/workflows/relay.yml @@ -0,0 +1,88 @@ +#Tabs not spaces, you moron :) + +name: Build nestri:relay +on: + pull_request: + paths: + - "containers/relay.Containerfile" + - ".github/workflows/relay.yml" + schedule: + - cron: 0 0 * * * # At the end of everyday + push: + branches: [main] + paths: + - "containers/relay.Containerfile" + - ".github/workflows/relay.yml" + tags: + - v*.*.* + release: + types: [created] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: nestrilabs/nestri + BASE_TAG_PREFIX: relay + +jobs: + build-docker-pr: + name: Build image on PR + runs-on: ubuntu-latest + if: ${{ github.event_name == 'pull_request' }} + steps: + - + name: Checkout repo + uses: actions/checkout@v4 + - + name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Build Docker image + uses: docker/build-push-action@v5 + with: + file: containers/relay.Containerfile + context: ./ + push: false + load: true + tags: nestri:relay + + build-docker-main: + name: Build image on main + if: ${{ github.event_name == 'release' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }} + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - + name: Checkout repo + uses: actions/checkout@v4 + - + name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ github.token }} + - + name: Extract Container metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.BASE_TAG_PREFIX }} + # + #tag on release, and a nightly build for 'dev' + tags: | + type=raw,value=nightly,enable={{is_default_branch}} + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + - + name: Build Docker image + uses: docker/build-push-action@v5 + with: + file: containers/relay.Containerfile + context: ./ + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.github/workflows/runner.yml b/.github/workflows/runner.yml new file mode 100644 index 00000000..919ea91c --- /dev/null +++ b/.github/workflows/runner.yml @@ -0,0 +1,94 @@ +#Tabs not spaces, you moron :) + +name: Build nestri:runner + +on: + pull_request: + paths: + - "containers/runner.Containerfile" + - ".github/workflows/runner.yml" + schedule: + - cron: 0 0 * * * # At the end of everyday + push: + branches: [main] + paths: + - "containers/runner.Containerfile" + - ".github/workflows/runner.yml" + tags: + - v*.*.* + release: + types: [created] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: nestrilabs/nestri + BASE_TAG_PREFIX: runner + +# This makes our release ci quit prematurely +# concurrency: +# group: ci-${{ github.ref }} +# cancel-in-progress: true + +jobs: + build-docker-pr: + name: Build image on PR + runs-on: ubuntu-latest + if: ${{ github.event_name == 'pull_request' }} + steps: + - + name: Checkout repo + uses: actions/checkout@v4 + - + name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Build Docker image + uses: docker/build-push-action@v5 + with: + file: containers/runner.Containerfile + context: ./ + push: false + load: true + tags: nestri:runner + + build-docker-main: + name: Build image on main + if: ${{ github.event_name == 'release' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }} + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - + name: Checkout repo + uses: actions/checkout@v4 + - + name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ github.token }} + - + name: Extract Container metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.BASE_TAG_PREFIX }} + # + #tag on release, and a nightly build for 'dev' + tags: | + type=raw,value=nightly,enable={{is_default_branch}} + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + - + name: Build Docker image + uses: docker/build-push-action@v5 + with: + file: containers/runner.Containerfile + context: ./ + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/containers/Containerfile.master b/containers/Containerfile.master deleted file mode 100644 index 14777233..00000000 --- a/containers/Containerfile.master +++ /dev/null @@ -1,206 +0,0 @@ -#! Runs the docker server that handles everything else -#****************************************************************************** -# base -#****************************************************************************** -FROM archlinux:base-20241027.0.273886 AS base -# How to run - docker run -it --rm --device /dev/dri nestri /bin/bash - DO NOT forget the ports -# TODO: Migrate XDG_RUNTIME_DIR to /run/user/1000 -# TODO: Add nestri-server to pulseaudio.conf -# TODO: Add our own entrypoint, with our very own zombie ripper 🧟🏾‍♀️ -# FIXME: Add user root to `pulse-access` group as well :D -# TODO: Test the whole damn thing - -# Update the pacman repo -RUN \ - pacman -Syu --noconfirm - -#****************************************************************************** -# builder -#****************************************************************************** - -FROM base AS builder - -RUN \ - pacman -Su --noconfirm \ - base-devel \ - git \ - sudo \ - vim - -WORKDIR /scratch - -# Allow nobody user to invoke pacman to install packages (as part of makepkg) and modify the system. -# This should never exist in a running image, just used by *-build Docker stages. -RUN \ - echo "nobody ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers; - -ENV ARTIFACTS=/artifacts \ - CARGO_TARGET_DIR=/build - -RUN \ - mkdir -p /artifacts \ - && mkdir -p /build - -RUN \ - chgrp nobody /scratch /artifacts /build \ - && chmod g+ws /scratch /artifacts /build - -#****************************************************************************** -# rust-builder -#****************************************************************************** - -FROM builder AS rust-builder - -RUN \ - pacman -Su --noconfirm \ - rustup - -RUN \ - rustup default stable - -#****************************************************************************** -# nestri-server-builder -#****************************************************************************** -# Builds nestri server binary -FROM rust-builder AS nestri-server-builder - -RUN \ - pacman -Su --noconfirm \ - wayland \ - vpl-gpu-rt \ - gstreamer \ - gst-plugin-va \ - gst-plugins-base \ - gst-plugins-good \ - mesa-utils \ - weston \ - xorg-xwayland - - -#****************************************************************************** -# nestri-server-build -#****************************************************************************** - -FROM nestri-server-builder AS nestri-server-build - -#Allow makepkg to be run as nobody. -RUN chgrp -R nobody /scratch && chmod -R g+ws /scratch - -# USER nobody - -# Perform the server build. -WORKDIR /scratch/server - -RUN \ - git clone https://github.com/nestriness/nestri - -WORKDIR /scratch/server/nestri - -RUN \ - git checkout feat/stream \ - && cargo build -j$(nproc) --release - -# COPY packages/server/build/ /scratch/server/ - -# RUN makepkg && cp *.zst "$ARTIFACTS" -#****************************************************************************** -# runtime_base_pkgs -#****************************************************************************** - -FROM base AS runtime_base_pkgs - -COPY --from=nestri-server-build /build/release/nestri-server /usr/bin/ - -#****************************************************************************** -# runtime_base -#****************************************************************************** - -FROM runtime_base_pkgs AS runtime_base - -RUN \ - pacman -Su --noconfirm \ - weston \ - sudo \ - xorg-xwayland \ - gstreamer \ - gst-plugins-base \ - gst-plugins-good \ - gst-plugin-qsv \ - gst-plugin-va \ - gst-plugin-fmp4 \ - mesa \ - # Grab GPU encoding packages - # Intel (modern VPL + VA-API) - vpl-gpu-rt \ - intel-media-driver \ - # AMD/ATI (VA-API) - libva-mesa-driver \ - # NVIDIA (proprietary) - nvidia-utils \ - # Audio - pulseaudio \ - # Supervisor - supervisor - -RUN \ - # Set up our non-root user $(nestri) - groupadd -g 1000 nestri \ - && useradd -ms /bin/bash nestri -u 1000 -g 1000 \ - && passwd -d nestri \ - # Setup Pulseaudio - && useradd -d /var/run/pulse -s /usr/bin/nologin -G audio pulse \ - && groupadd pulse-access \ - && usermod -aG audio,input,render,video,pulse-access nestri \ - && echo "nestri ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \ - && echo "Users created" \ - # Create an empty machine-id file - && touch /etc/machine-id - -ENV \ - XDG_RUNTIME_DIR=/tmp - -#****************************************************************************** -# runtime -#****************************************************************************** - -FROM runtime_base AS runtime -# Setup supervisor # -RUN <<-EOF - echo -e " - [supervisord] - user=root - nodaemon=true - loglevel=info - logfile=/tmp/supervisord.log - pidfile=/tmp/supervisord.pid - - [program:dbus] - user=root - command=dbus-daemon --system --nofork - logfile=/tmp/dbus.log - pidfile=/tmp/dbus.pid - stopsignal=INT - autostart=true - autorestart=true - priority=1 - - [program:pulseaudio] - user=root - command=pulseaudio --daemonize=no --system --disallow-module-loading --disallow-exit --exit-idle-time=-1 - logfile=/tmp/pulseaudio.log - pidfile=/tmp/pulseaudio.pid - stopsignal=INT - autostart=true - autorestart=true - priority=10 - " | tee /etc/supervisord.conf -EOF - -RUN \ - chown -R nestri:nestri /tmp /etc/supervisord.conf - -ENV USER=nestri -USER 1000 - -CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] -# Debug - pactl list \ No newline at end of file diff --git a/containers/Containerfile.relay b/containers/Containerfile.relay deleted file mode 100644 index ee36a64e..00000000 --- a/containers/Containerfile.relay +++ /dev/null @@ -1,20 +0,0 @@ -FROM docker.io/golang:1.23-alpine AS go-build -WORKDIR /builder -COPY packages/relay/ /builder/ -RUN go build - -FROM docker.io/golang:1.23-alpine -COPY --from=go-build /builder/relay /relay/relay -WORKDIR /relay - -# ENV flags -ENV VERBOSE=false -ENV ENDPOINT_PORT=8088 -ENV WEBRTC_UDP_START=10000 -ENV WEBRTC_UDP_END=20000 -ENV STUN_SERVER="stun.l.google.com:19302" - -EXPOSE $ENDPOINT_PORT -EXPOSE $WEBRTC_UDP_START-$WEBRTC_UDP_END/udp - -ENTRYPOINT ["/relay/relay"] \ No newline at end of file diff --git a/containers/Containerfile.runner b/containers/Containerfile.runner deleted file mode 100644 index db0bfb0b..00000000 --- a/containers/Containerfile.runner +++ /dev/null @@ -1,219 +0,0 @@ -# Container build arguments # -ARG BASE_IMAGE=docker.io/cachyos/cachyos-v3:latest - -#****************************************************************************** -# gst-builder -#****************************************************************************** -FROM ${BASE_IMAGE} AS gst-builder -WORKDIR /builder/ - -# Grab build and rust packages # -RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \ - gstreamer gst-plugins-base gst-plugins-good - -# Setup stable rust toolchain # -RUN rustup default stable -# Clone nestri source # -RUN git clone -b feat/stream https://github.com/nestriness/nestri.git - -# Build nestri # -RUN cd nestri/packages/server/ && \ - cargo build --release - -#****************************************************************************** -# gstwayland-builder -#****************************************************************************** -FROM ${BASE_IMAGE} AS gstwayland-builder -WORKDIR /builder/ - -# Grab build and rust packages # -RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \ - libxkbcommon wayland gstreamer gst-plugins-base gst-plugins-good libinput - -# Setup stable rust toolchain # -RUN rustup default stable -# Build required cargo-c package # -RUN cargo install cargo-c -# Clone gst plugin source # -RUN git clone https://github.com/games-on-whales/gst-wayland-display.git - -# Build gst plugin # -RUN mkdir plugin && \ - cd gst-wayland-display && \ - cargo cinstall --prefix=/builder/plugin/ - - -#****************************************************************************** -# runtime -#****************************************************************************** -FROM ${BASE_IMAGE} AS runtime - -## Nestri Env Variables ## -ENV NESTRI_PARAMS="" -ENV RESOLUTION="1280x720" - -## Install Graphics, Media, and Audio packages ## -RUN pacman -Syu --noconfirm --needed \ - # Graphics packages - sudo mesa mesa-utils xorg-xwayland labwc wlr-randr mangohud \ - # Vulkan drivers - vulkan-intel vulkan-radeon nvidia-utils \ - # Media encoding packages - vpl-gpu-rt intel-media-driver libva-utils \ - # GStreamer plugins - gstreamer gst-plugins-base gst-plugins-good \ - gst-plugin-va gst-plugins-bad gst-plugin-fmp4 \ - gst-plugin-qsv gst-plugin-pipewire gst-plugin-rswebrtc \ - gst-plugins-ugly gst-plugin-rsrtp \ - # Audio packages - pipewire pipewire-pulse pipewire-alsa wireplumber \ - # Other requirements - supervisor \ - # Custom - umu-launcher && \ - # Clean up pacman cache and unnecessary files - pacman -Scc --noconfirm && \ - rm -rf /var/cache/pacman/pkg/* /tmp/* /var/tmp/* && \ - # Optionally clean documentation, man pages, and locales - find /usr/share/locale -mindepth 1 -maxdepth 1 ! -name "en*" -exec rm -rf {} + && \ - rm -rf /usr/share/doc /usr/share/man /usr/share/info - - -## User ## -# Create and setup user # -ENV USER="nestri" \ - UID=99 \ - GID=100 \ - USER_PASSWORD="nestri1234" \ - USER_HOME="/home/nestri" - -RUN mkdir -p ${USER_HOME} && \ - useradd -d ${USER_HOME} -u ${UID} -s /bin/bash ${USER} && \ - chown -R ${USER} ${USER_HOME} && \ - echo "${USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ - echo "${USER}:${USER_PASSWORD}" | chpasswd - -# Run directory # -RUN mkdir -p /run/user/${UID} && \ - chown ${USER}:${USER} /run/user/${UID} - -# Home config directory # -RUN mkdir -p ${USER_HOME}/.config && \ - chown ${USER}:${USER} ${USER_HOME}/.config - -# Groups # -RUN usermod -aG input root && usermod -aG input ${USER} && \ - usermod -aG video root && usermod -aG video ${USER} && \ - usermod -aG render root && usermod -aG render ${USER} - -## Copy files from builders ## -# this is done here at end to not trigger full rebuild on changes to builder -# nestri -COPY --from=gst-builder /builder/nestri/target/release/nestri-server /usr/bin/nestri-server -# gstwayland -COPY --from=gstwayland-builder /builder/plugin/include/libgstwaylanddisplay /usr/include/ -COPY --from=gstwayland-builder /builder/plugin/lib/*libgstwayland* /usr/lib/ -COPY --from=gstwayland-builder /builder/plugin/lib/gstreamer-1.0/libgstwayland* /usr/lib/gstreamer-1.0/ -COPY --from=gstwayland-builder /builder/plugin/lib/pkgconfig/gstwayland* /usr/lib/pkgconfig/ -COPY --from=gstwayland-builder /builder/plugin/lib/pkgconfig/libgstwayland* /usr/lib/pkgconfig/ - -## Copy scripts ## -COPY packages/scripts/ /etc/nestri/ - -## Startup ## -# Setup supervisor # -RUN <<-EOF -echo -e " -[supervisord] -user=root -nodaemon=true -loglevel=info -logfile=/tmp/supervisord.log - -[program:dbus] -user=root -command=dbus-daemon --system --nofork --nopidfile -logfile=/tmp/dbus.log -autoerestart=true -autostart=true -startretries=3 -priority=1 - -[program:seatd] -user=root -command=seatd -logfile=/tmp/seatd.log -autoerestart=true -autostart=true -startretries=3 -priority=2 - -[program:pipewire] -user=nestri -command=dbus-launch pipewire -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\" -logfile=/tmp/pipewire.log -autoerestart=true -autostart=true -startretries=3 -priority=10 - -[program:pipewire-pulse] -user=nestri -command=dbus-launch pipewire-pulse -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\" -logfile=/tmp/pipewire-pulse.log -autoerestart=true -autostart=true -startretries=3 -priority=20 - -[program:wireplumber] -user=nestri -command=dbus-launch wireplumber -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\" -logfile=/tmp/wireplumber.log -autoerestart=true -autostart=true -startretries=3 -priority=30 - -[program:nestri-server] -user=nestri -command=sh -c 'nestri-server \$NESTRI_PARAMS' -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\" -logfile=/tmp/nestri-server.log -autoerestart=true -autostart=true -startretries=3 -priority=50 - -[program:labwc] -user=nestri -command=sh -c 'sleep 4 && rm -rf /tmp/.X11-unix && mkdir -p /tmp/.X11-unix && chown nestri:nestri /tmp/.X11-unix && labwc' -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\",WAYLAND_DISPLAY=\"wayland-1\",WLR_BACKENDS=\"wayland\",WLR_RENDERER=\"vulkan\" -logfile=/tmp/labwc.log -autoerestart=true -autostart=true -startretries=5 -priority=60 - -[program:wlrrandr] -user=nestri -command=sh -c 'sleep 6 && wlr-randr --output WL-1 --custom-mode \$RESOLUTION && read -n 1' -environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\",WAYLAND_DISPLAY=\"wayland-0\" -logfile=/tmp/wlrrandr.log -autoerestart=true -autostart=true -startretries=10 -priority=70 -" | tee /etc/supervisord.conf -EOF - -# Wireplumber disable suspend # -# Remove suspend node -RUN sed -z -i 's/{[[:space:]]*name = node\/suspend-node\.lua,[[:space:]]*type = script\/lua[[:space:]]*provides = hooks\.node\.suspend[[:space:]]*}[[:space:]]*//g' /usr/share/wireplumber/wireplumber.conf -# Remove "hooks.node.suspend" want -RUN sed -i '/wants = \[/{s/hooks\.node\.suspend\s*//; s/,\s*\]/]/}' /usr/share/wireplumber/wireplumber.conf - -ENTRYPOINT ["supervisord", "-c", "/etc/supervisord.conf"] diff --git a/Containerfile.master b/containers/master.Containerfile similarity index 100% rename from Containerfile.master rename to containers/master.Containerfile diff --git a/Containerfile.relay b/containers/relay.Containerfile similarity index 100% rename from Containerfile.relay rename to containers/relay.Containerfile diff --git a/Containerfile.runner b/containers/runner.Containerfile similarity index 90% rename from Containerfile.runner rename to containers/runner.Containerfile index 64b2a39d..51ef409d 100644 --- a/Containerfile.runner +++ b/containers/runner.Containerfile @@ -2,7 +2,7 @@ ARG BASE_IMAGE=docker.io/cachyos/cachyos-v3:latest #****************************************************************************** -# gst-builder +# nestri-server-builder #****************************************************************************** FROM ${BASE_IMAGE} AS gst-builder WORKDIR /builder/ @@ -13,15 +13,15 @@ RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \ # Setup stable rust toolchain # RUN rustup default stable -# Clone nestri source # -RUN git clone -b feat/stream https://github.com/DatCaptainHorse/nestri.git +# # Clone nestri source # +#Copy the whole repo inside the build container +COPY ./ /builder/nestri/ -# Build nestri # -RUN cd nestri/packages/server/ && \ +RUN cd /builder/nestri/packages/server/ && \ cargo build --release #****************************************************************************** -# gstwayland-builder +# gstwayland-builder #****************************************************************************** FROM ${BASE_IMAGE} AS gstwayland-builder WORKDIR /builder/ @@ -44,7 +44,7 @@ RUN mkdir plugin && \ #****************************************************************************** -# runtime +# runtime #****************************************************************************** FROM ${BASE_IMAGE} AS runtime @@ -69,14 +69,14 @@ RUN pacman -Syu --noconfirm --needed \ ENV USER="nestri" \ UID=99 \ GID=100 \ - USER_PASSWORD="nestri1234" + USER_PWD="nestri1234" RUN mkdir -p /home/${USER} && \ groupadd -g ${GID} ${USER} && \ useradd -d /home/${USER} -u ${UID} -g ${GID} -s /bin/bash ${USER} && \ chown -R ${USER}:${USER} /home/${USER} && \ echo "${USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ - echo "${USER}:${USER_PASSWORD}" | chpasswd + echo "${USER}:${USER_PWD}" | chpasswd # Run directory # RUN mkdir -p /run/user/${UID} && \ @@ -116,4 +116,4 @@ RUN sed -z -i 's/{[[:space:]]*name = node\/suspend-node\.lua,[[:space:]]*type = # Remove "hooks.node.suspend" want RUN sed -i '/wants = \[/{s/hooks\.node\.suspend\s*//; s/,\s*\]/]/}' /usr/share/wireplumber/wireplumber.conf -ENTRYPOINT ["supervisord", "-c", "/etc/nestri/supervisord.conf"] +ENTRYPOINT ["supervisord", "-c", "/etc/nestri/supervisord.conf"] \ No newline at end of file