Merge pull request #2 from atsign-foundation/Dockerize-and-GitHub

Feat: Dockerized and GitHub actions to build and deploy sshrd
atsign-foundation · Nov 30, 2022 · d37063f · d37063f
2 parents 7271e86 + 0dbfee8
commit d37063f
Show file tree

Hide file tree

Showing 7 changed files with 110 additions and 13 deletions.
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -0,0 +1,16 @@
+version: 2
+enable-beta-ecosystems: true
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "pub"
+    directory: "/"
+    schedule:
+      interval: "daily"
diff --git a/.github/workflows/dockerhub_shrd.yaml b/.github/workflows/dockerhub_shrd.yaml
@@ -0,0 +1,43 @@
+name: dockerhub_sshnpd
+
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+
+permissions:  # added using https://github.com/step-security/secure-workflows
+  contents: read
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@e81a89b1732b9c48d79cd809d8d81d79c4647a18 # v2.1.0
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 # v2.2.1
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+ # Extract version for docker tag
+      -
+        name: Get version
+        run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV
+      -
+        name: Build and push
+        uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 # v3.2.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: true
+          tags: |
+            atsigncompany/shrd:latest
+            atsigncompany/shrd:release-${{ env.VERSION }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,30 @@
+FROM dart:2.18.3 AS buildimage
+ENV HOMEDIR=/atsign
+ENV BINARYDIR=/usr/local/at
+ENV USER_ID=1024
+ENV GROUP_ID=1024
+WORKDIR /app
+COPY . .
+RUN \
+  mkdir -p $HOMEDIR/shrd ; \
+  mkdir -p $BINARYDIR \
+  dart pub get ; \
+  dart pub update ; \
+  dart compile exe bin/at_split_horizon_root.dart -o $BINARYDIR/shrd ; \
+  addgroup --gid $GROUP_ID atsign ; \
+  useradd --system --uid $USER_ID --gid $GROUP_ID --shell /bin/bash \
+    --home $HOMEDIR atsign ; \
+  chown -R atsign:atsign $HOMEDIR ; \
+  cp ./atServers $HOMEDIR ; \
+  cp ./*.pem $HOMEDIR ; \
+  cp pubspec.yaml $HOMEDIR/
+# Second stage of build FROM scratch
+FROM scratch
+COPY --from=buildimage /runtime/ /
+COPY --from=buildimage /etc/passwd /etc/passwd
+COPY --from=buildimage /etc/group /etc/group
+COPY --from=buildimage --chown=atsign:atsign /atsign /atsign/
+COPY --from=buildimage --chown=atsign:atsign /usr/local/at /usr/local/at/
+WORKDIR /atsign/shrd
+USER atsign
+ENTRYPOINT ["/usr/local/at/shrd"]
diff --git a/README.md b/README.md
@@ -40,6 +40,13 @@ dart run bin/at_split_horizon_root.dart <args|flags>
 |---------------------|--------------|---------------------------------------------------------------------------------|
 | --[no-]verbose      | -v           | More logging                                                                    |
 
+### shrd in Docker
+The latest version of the docker image can be found at `atsigncompany/shrd:latest` on dockerhub.com. Usage is simple enough as well. For example
+
+`docker run -it  -v <directory conatiuning files>:/atsign/shrd -p 64:64  atsigncompany/shrd -v`
+
+This will run shrd and use the .pem files and the atServers file in the specified directory and expose port 64 and then finally log connections/lookups made by clients.
+
 ### Configuration file atServers
 
 The 'atServers' file should contain the atSigns and your networks resolver name of the atServer for the atSign. Use of local DNS or host files is very important as TLS will need to verify the atServers and shrd certificates match the resolved network name. 

diff --git a/atServers b/atServers
@@ -1,4 +1,7 @@
+# Format
+# <atSign> <Internal Network FQDN>:<PORT>
+# For examples see below
 colin   cally.lan:6464
 kevin   cally.lan:6465
-barbaracally.lan:6466               
+barbara cally.lan:6466               
 denise cally.lan:6467
diff --git a/bin/at_split_horizon_root.dart b/bin/at_split_horizon_root.dart
@@ -10,9 +10,7 @@ import 'package:at_utils/at_logger.dart';
 import 'package:at_lookup/at_lookup.dart';
 import 'package:hive/hive.dart';
 
-// Local packages
-import 'package:at_split_horizon_root/home_directory.dart';
-import 'package:at_split_horizon_root/check_file_exists.dart';
+
 
 void main(List<String> args) async {
   int port = 64;

diff --git a/pubspec.lock b/pubspec.lock
@@ -28,7 +28,7 @@ packages:
       name: asn1lib
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "1.2.2"
+    version: "1.4.0"
   async:
     dependency: transitive
     description:
@@ -42,14 +42,14 @@ packages:
       name: at_commons
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "3.0.29"
+    version: "3.0.32"
   at_lookup:
     dependency: "direct main"
     description:
       name: at_lookup
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "3.0.32"
+    version: "3.0.33"
   at_utils:
     dependency: "direct main"
     description:
@@ -112,14 +112,14 @@ packages:
       name: frontend_server_client
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "3.1.0"
+    version: "3.2.0"
   glob:
     dependency: transitive
     description:
       name: glob
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "2.1.0"
+    version: "2.1.1"
   hive:
     dependency: "direct main"
     description:
@@ -189,7 +189,7 @@ packages:
       name: mime
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "1.0.2"
+    version: "1.0.3"
   mocktail:
     dependency: transitive
     description:
@@ -203,7 +203,7 @@ packages:
       name: mutex
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "3.0.0"
+    version: "3.0.1"
   node_preamble:
     dependency: transitive
     description:
@@ -245,7 +245,7 @@ packages:
       name: pub_semver
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "2.1.2"
+    version: "2.1.3"
   shelf:
     dependency: transitive
     description:
@@ -357,7 +357,7 @@ packages:
       name: uuid
       url: "https://pub.dartlang.org"
     source: hosted
-    version: "3.0.6"
+    version: "3.0.7"
   vm_service:
     dependency: transitive
     description: