diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 38219465..446b0fce 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,6 @@ jobs: # This is done globally to prevent rebuilds when the RUSTFLAGS env variable changes. env: RUSTFLAGS: "-D warnings" - CARGO_REGISTRIES_CRATES_IO_PROTOCOL: sparse strategy: fail-fast: false matrix: @@ -205,12 +204,12 @@ jobs: cargo build --release --features sqlite,mysql,postgresql # End Build the binary - - # Upload artifact to Github Actions - - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 - if: ${{ matrix.channel == 'rust-toolchain' }} - with: - name: vaultwarden - path: target/release/vaultwarden - # End Upload artifact to Github Actions + # TODO: We should not upload these. We should extract Alpine build binaries from the containers and upload them + # # Upload artifact to Github Actions + # - name: "Upload artifact" + # uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + # if: ${{ matrix.channel == 'rust-toolchain' }} + # with: + # name: vaultwarden + # path: target/release/vaultwarden + # # End Upload artifact to Github Actions diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4829be6f..21c9d4c7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,6 @@ on: - ".github/workflows/release.yml" - "src/**" - "migrations/**" - - "hooks/**" - "docker/**" - "Cargo.*" - "build.rs" @@ -35,23 +34,20 @@ jobs: with: cancel_others: 'true' # Only run this when not creating a tag - if: ${{ startsWith(github.ref, 'refs/heads/') }} + if: ${{ github.ref_type == 'branch' }} docker-build: runs-on: ubuntu-22.04 timeout-minutes: 120 needs: skip_check - # Start a local docker registry to be used to generate multi-arch images. - services: - registry: - image: registry:2 - ports: - - 5000:5000 + if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} + # TODO: Start a local docker registry to be used to extract the final Alpine static build images + # services: + # registry: + # image: registry:2 + # ports: + # - 5000:5000 env: - # Use BuildKit (https://docs.docker.com/build/buildkit/) for better - # build performance and the ability to copy extended file attributes - # (e.g., for executable capabilities) across build phases. - DOCKER_BUILDKIT: 1 SOURCE_COMMIT: ${{ github.sha }} SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}" # The *_REPO variables need to be configured as repository variables @@ -65,7 +61,6 @@ jobs: # QUAY_REPO needs to be 'quay.io//' # Check for Quay.io credentials in secrets HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }} - if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} strategy: matrix: base_image: ["debian","alpine"] @@ -77,18 +72,43 @@ jobs: with: fetch-depth: 0 - # Determine Docker Tag - - name: Init Variables - id: vars + - name: Initialize QEMU binfmt support + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + with: + platforms: "arm64,arm" + + # Start Docker Buildx + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + # https://github.com/moby/buildkit/issues/3969 + # Also set max parallelism to 2, the default of 4 breaks GitHub Actions + with: + config-inline: | + [worker.oci] + max-parallelism = 2 + driver-opts: | + network=host + + # Determine Base Tags and Source Version + - name: Determine Base Tags and Source Version shell: bash run: | - # Check which main tag we are going to build determined by github.ref - if [[ "${{ github.ref }}" == refs/tags/* ]]; then - echo "DOCKER_TAG=${GITHUB_REF#refs/*/}" | tee -a "${GITHUB_OUTPUT}" - elif [[ "${{ github.ref }}" == refs/heads/* ]]; then - echo "DOCKER_TAG=testing" | tee -a "${GITHUB_OUTPUT}" + # Check which main tag we are going to build determined by github.ref_type + if [[ "${{ github.ref_type }}" == "tag" ]]; then + echo "BASE_TAGS=latest,${GITHUB_REF#refs/*/}" | tee -a "${GITHUB_ENV}" + elif [[ "${{ github.ref_type }}" == "branch" ]]; then + echo "BASE_TAGS=testing" | tee -a "${GITHUB_ENV}" + fi + + # Get the Source Version for this release + GIT_EXACT_TAG="$(git describe --tags --abbrev=0 --exact-match 2>/dev/null || true)" + if [[ -n "${GIT_EXACT_TAG}" ]]; then + echo "SOURCE_VERSION=${GIT_EXACT_TAG}" | tee -a "${GITHUB_ENV}" + else + GIT_LAST_TAG="$(git describe --tags --abbrev=0)" + echo "SOURCE_VERSION=${GIT_LAST_TAG}-${SOURCE_COMMIT:0:8}" | tee -a "${GITHUB_ENV}" fi - # End Determine Docker Tag + # End Determine Base Tags # Login to Docker Hub - name: Login to Docker Hub @@ -98,6 +118,12 @@ jobs: password: ${{ secrets.DOCKERHUB_TOKEN }} if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} + - name: Add registry for DockerHub + if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} + shell: bash + run: | + echo "CONTAINER_REGISTRIES=${{ vars.DOCKERHUB_REPO }}" | tee -a "${GITHUB_ENV}" + # Login to GitHub Container Registry - name: Login to GitHub Container Registry uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 @@ -107,6 +133,12 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} + - name: Add registry for ghcr.io + if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} + shell: bash + run: | + echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}${{ vars.GHCR_REPO }}" | tee -a "${GITHUB_ENV}" + # Login to Quay.io - name: Login to Quay.io uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 @@ -116,120 +148,22 @@ jobs: password: ${{ secrets.QUAY_TOKEN }} if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} - # Debian - - # Docker Hub - - name: Build Debian based images (docker.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/build - if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} - - - name: Push Debian based images (docker.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} - - # GitHub Container Registry - - name: Build Debian based images (ghcr.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.GHCR_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/build - if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} - - - name: Push Debian based images (ghcr.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.GHCR_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} - - # Quay.io - - name: Build Debian based images (quay.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.QUAY_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/build - if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} - - - name: Push Debian based images (quay.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.QUAY_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} - - # Alpine - - # Docker Hub - - name: Build Alpine based images (docker.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" - run: | - ./hooks/build - if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} - - - name: Push Alpine based images (docker.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} - - # GitHub Container Registry - - name: Build Alpine based images (ghcr.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.GHCR_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" - run: | - ./hooks/build - if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} - - - name: Push Alpine based images (ghcr.io) - shell: bash - env: - DOCKER_REPO: "${{ vars.GHCR_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} - - # Quay.io - - name: Build Alpine based images (quay.io) + - name: Add registry for Quay.io + if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} shell: bash - env: - DOCKER_REPO: "${{ vars.QUAY_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" run: | - ./hooks/build - if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} + echo "CONTAINER_REGISTRIES=${CONTAINER_REGISTRIES:+${CONTAINER_REGISTRIES},}${{ vars.QUAY_REPO }}" | tee -a "${GITHUB_ENV}" - - name: Push Alpine based images (quay.io) - shell: bash + - name: Bake ${{ matrix.base_image }} containers + uses: docker/bake-action@511fde2517761e303af548ec9e0ea74a8a100112 # v4.0.0 env: - DOCKER_REPO: "${{ vars.QUAY_REPO }}" - DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" - run: | - ./hooks/push - if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} + BASE_TAGS: "${{ env.BASE_TAGS }}" + SOURCE_COMMIT: "${{ env.SOURCE_COMMIT }}" + SOURCE_VERSION: "${{ env.SOURCE_VERSION }}" + SOURCE_REPOSITORY_URL: "${{ env.SOURCE_REPOSITORY_URL }}" + CONTAINER_REGISTRIES: "${{ env.CONTAINER_REGISTRIES }}" + with: + pull: true + push: true + files: docker/docker-bake.hcl + targets: "${{ matrix.base_image }}-multi" diff --git a/Cargo.lock b/Cargo.lock index 45399020..1fe5792e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -30,9 +30,9 @@ dependencies = [ [[package]] name = "aho-corasick" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea5d730647d4fadd988536d06fecce94b7b4f2a7efdae548f1cf4b63205518ab" +checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0" dependencies = [ "memchr", ] @@ -92,7 +92,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "81953c529336010edd6d8e358f886d9581267795c61b19475b71314bffa46d35" dependencies = [ "concurrent-queue", - "event-listener", + "event-listener 2.5.3", "futures-core", ] @@ -165,24 +165,41 @@ version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "287272293e9d8c41773cec55e365490fe034813a2f172f502d6ddcf75b2f582b" dependencies = [ - "event-listener", + "event-listener 2.5.3", ] [[package]] name = "async-process" -version = "1.7.0" +version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a9d28b1d97e08915212e2e45310d47854eafa69600756fc735fb788f75199c9" +checksum = "ea6438ba0a08d81529c69b36700fa2f95837bfe3e776ab39cde9c14d9149da88" dependencies = [ "async-io", "async-lock", - "autocfg", + "async-signal", "blocking", "cfg-if", - "event-listener", + "event-listener 3.0.0", "futures-lite", - "rustix 0.37.24", - "signal-hook", + "rustix 0.38.18", + "windows-sys", +] + +[[package]] +name = "async-signal" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2a5415b7abcdc9cd7d63d6badba5288b2ca017e3fbd4173b8f405449f1a2399" +dependencies = [ + "async-io", + "async-lock", + "atomic-waker", + "cfg-if", + "futures-core", + "futures-io", + "rustix 0.38.18", + "signal-hook-registry", + "slab", "windows-sys", ] @@ -350,9 +367,9 @@ dependencies = [ [[package]] name = "blocking" -version = "1.4.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94c4ef1f913d78636d78d538eec1f18de81e481f44b1be0a81060090530846e1" +checksum = "8c36a4d0d48574b3dd360b4b7d95cc651d2b6557b6402848a27d4b228a473e2a" dependencies = [ "async-channel", "async-lock", @@ -856,25 +873,14 @@ checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" [[package]] name = "errno" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "add4f07d43996f76ef320709726a556a9d4f965d9410d8d0271132d2f8293480" +checksum = "ac3e13f66a2f95e32a39eaa81f6b95d42878ca0e1db0c7543723dfe12557e860" dependencies = [ - "errno-dragonfly", "libc", "windows-sys", ] -[[package]] -name = "errno-dragonfly" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" -dependencies = [ - "cc", - "libc", -] - [[package]] name = "error-chain" version = "0.12.4" @@ -890,6 +896,17 @@ version = "2.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" +[[package]] +name = "event-listener" +version = "3.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "29e56284f00d94c1bc7fd3c77027b4623c88c1f53d8d2394c6199f2921dea325" +dependencies = [ + "concurrent-queue", + "parking", + "pin-project-lite", +] + [[package]] name = "fastrand" version = "1.9.0" @@ -1466,7 +1483,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" dependencies = [ "hermit-abi", - "rustix 0.38.17", + "rustix 0.38.18", "windows-sys", ] @@ -1562,9 +1579,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.148" +version = "0.2.149" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b" +checksum = "a08173bc88b7955d1b3145aa561539096c421ac8debde8cbc3612ec635fee29b" [[package]] name = "libmimalloc-sys" @@ -1601,9 +1618,9 @@ checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" [[package]] name = "linux-raw-sys" -version = "0.4.8" +version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3852614a3bd9ca9804678ba6be5e3b8ce76dfc902cae004e3e0c44051b6e88db" +checksum = "da2479e8c062e40bf0066ffa0bc823de0a9368974af99c9f6df941d2c231e03f" [[package]] name = "lock_api" @@ -1839,9 +1856,9 @@ dependencies = [ [[package]] name = "num-derive" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e6a0fd4f737c707bd9086cc16c925f294943eb62eb71499e9fd4cf71f8b9f4e" +checksum = "cfb77679af88f8b125209d354a202862602672222e7f2313fdd6dc349bad4712" dependencies = [ "proc-macro2", "quote", @@ -1860,9 +1877,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.16" +version = "0.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2" +checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c" dependencies = [ "autocfg", ] @@ -2205,9 +2222,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.68" +version = "1.0.69" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b1106fec09662ec6dd98ccac0f81cef56984d0b49f75c92d8cbad76e20c005c" +checksum = "134c189feb4956b20f6f547d2cf727d4c0fe06722b20a0eec87ed445a97f92da" dependencies = [ "unicode-ident", ] @@ -2359,14 +2376,14 @@ dependencies = [ [[package]] name = "regex" -version = "1.9.6" +version = "1.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ebee201405406dbf528b8b672104ae6d6d63e6d118cb10e4d51abbc7b58044ff" +checksum = "d119d7c7ca818f8a53c300863d4f87566aac09943aef5b355bb83969dae75d87" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.3.9", - "regex-syntax 0.7.5", + "regex-automata 0.4.1", + "regex-syntax 0.8.0", ] [[package]] @@ -2380,13 +2397,13 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.3.9" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "59b23e92ee4318893fa3fe3e6fb365258efbfe6ac6ab30f090cdcbb7aa37efa9" +checksum = "465c6fc0621e4abc4187a2bda0937bfd4f722c2730b29562e19689ea796c9a4b" dependencies = [ "aho-corasick", "memchr", - "regex-syntax 0.7.5", + "regex-syntax 0.8.0", ] [[package]] @@ -2397,9 +2414,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "regex-syntax" -version = "0.7.5" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da" +checksum = "c3cbb081b9784b07cceb8824c8583f86db4814d172ab043f3c23f7dc600bf83d" [[package]] name = "reopen" @@ -2637,14 +2654,14 @@ dependencies = [ [[package]] name = "rustix" -version = "0.38.17" +version = "0.38.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f25469e9ae0f3d0047ca8b93fc56843f38e6774f0914a107ff8b41be8be8e0b7" +checksum = "5a74ee2d7c2581cd139b42447d7d9389b889bdaad3a73f1ebb16f2a3237bb19c" dependencies = [ "bitflags 2.4.0", "errno", "libc", - "linux-raw-sys 0.4.8", + "linux-raw-sys 0.4.10", "windows-sys", ] @@ -2765,9 +2782,9 @@ dependencies = [ [[package]] name = "semver" -version = "1.0.19" +version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad977052201c6de01a8ef2aa3378c4bd23217a056337d1d6da40468d267a4fb0" +checksum = "836fa6a3e1e547f9a2c4040802ec865b5d85f4014efe00555d7090a3dcaa1090" [[package]] name = "serde" @@ -2873,16 +2890,6 @@ dependencies = [ "lazy_static", ] -[[package]] -name = "signal-hook" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8621587d4798caf8eb44879d42e56b9a93ea5dcd315a6487c357130095b62801" -dependencies = [ - "libc", - "signal-hook-registry", -] - [[package]] name = "signal-hook-registry" version = "1.4.1" @@ -3052,7 +3059,7 @@ dependencies = [ "cfg-if", "fastrand 2.0.1", "redox_syscall", - "rustix 0.38.17", + "rustix 0.38.18", "windows-sys", ] @@ -3142,9 +3149,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.32.0" +version = "1.33.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9" +checksum = "4f38200e3ef7995e5ef13baec2f432a6da0aa9ac495b2c0e8f3b7eec2c92d653" dependencies = [ "backtrace", "bytes", @@ -3775,7 +3782,7 @@ dependencies = [ "either", "home", "once_cell", - "rustix 0.38.17", + "rustix 0.38.18", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index e272d752..8c279c0d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -51,8 +51,8 @@ dotenvy = { version = "0.15.7", default-features = false } once_cell = "1.18.0" # Numerical libraries -num-traits = "0.2.16" -num-derive = "0.4.0" +num-traits = "0.2.17" +num-derive = "0.4.1" # Web framework rocket = { version = "0.5.0-rc.3", features = ["tls", "json"], default-features = false } @@ -68,7 +68,7 @@ dashmap = "5.5.3" # Async futures futures = "0.3.28" -tokio = { version = "1.32.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } +tokio = { version = "1.33.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } # A generic serialization/deserialization framework serde = { version = "1.0.188", features = ["derive"] } @@ -128,7 +128,7 @@ reqwest = { version = "0.11.22", features = ["stream", "json", "deflate", "gzip" # Favicon extraction libraries html5gum = "0.5.7" -regex = { version = "1.9.6", features = ["std", "perf", "unicode-perl"], default-features = false } +regex = { version = "1.10.0", features = ["std", "perf", "unicode-perl"], default-features = false } data-url = "0.3.0" bytes = "1.5.0" @@ -153,7 +153,7 @@ paste = "1.0.14" governor = "0.6.0" # Check client versions for specific features. -semver = "1.0.19" +semver = "1.0.20" # Allow overriding the default memory allocator # Mainly used for the musl builds, since the default musl malloc is very slow diff --git a/docker/Dockerfile.alpine b/docker/Dockerfile.alpine index 77742c35..6bfe90ad 100644 --- a/docker/Dockerfile.alpine +++ b/docker/Dockerfile.alpine @@ -73,7 +73,9 @@ COPY ./build.rs ./build.rs # Shared variables across Debian and Alpine RUN echo "export CARGO_TARGET=${RUST_MUSL_CROSS_TARGET}" >> /env-cargo && \ # To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic - if [[ "${TARGETARCH}${TARGETVARIANT}" == "armv6" ]] ; then echo "export RUSTFLAGS='-Clink-arg=-latomic'" >> /env-cargo ; fi + if [[ "${TARGETARCH}${TARGETVARIANT}" == "armv6" ]] ; then echo "export RUSTFLAGS='-Clink-arg=-latomic'" >> /env-cargo ; fi && \ + # Output the current contents of the file + cat /env-cargo # Enable MiMalloc to improve performance on Alpine builds ARG DB=sqlite,mysql,postgresql,enable_mimalloc diff --git a/docker/Dockerfile.debian b/docker/Dockerfile.debian index edeec273..8607e63a 100644 --- a/docker/Dockerfile.debian +++ b/docker/Dockerfile.debian @@ -51,22 +51,28 @@ ENV DEBIAN_FRONTEND=noninteractive \ # Install clang to get `xx-cargo` working # Install pkg-config to allow amd64 builds to find all libraries +# Install the libc cross packages based upon the debian-arch RUN apt-get update && \ apt-get install -y \ --no-install-recommends \ - clang pkg-config + clang pkg-config \ + "libc6-$(xx-info debian-arch)-cross" \ + "libc6-dev-$(xx-info debian-arch)-cross" \ + "linux-libc-dev-$(xx-info debian-arch)-cross" && \ + # Run xx-cargo early, since it sometimes seems to break when run at a later stage + echo "export CARGO_TARGET=$(xx-cargo --print-target-triple)" >> /env-cargo RUN xx-apt-get install -y \ --no-install-recommends \ gcc \ - libc6-dev \ - linux-libc-dev \ - libmariadb-dev \ - libmariadb-dev-compat \ libmariadb3 \ libpq-dev \ libpq5 \ - libssl-dev + libssl-dev && \ + # Force install arch dependend mariadb dev packages + # Installing them the normal way breaks several other packages (again) + apt-get download "libmariadb-dev-compat:$(xx-info debian-arch)" "libmariadb-dev:$(xx-info debian-arch)" && \ + dpkg --force-all -i ./libmariadb-dev*.deb # Create CARGO_HOME folder and don't download rust docs RUN mkdir -pv "${CARGO_HOME}" \ @@ -82,17 +88,19 @@ COPY ./rust-toolchain.toml ./rust-toolchain.toml COPY ./build.rs ./build.rs # Environment variables for cargo across Debian and Alpine -RUN echo "export CARGO_TARGET=$(xx-cargo --print-target-triple)" >> /env-cargo && \ +RUN source /env-cargo && \ if xx-info is-cross ; then \ # We can't use xx-cargo since that uses clang, which doesn't work for our libraries. # Because of this we generate the needed environment variables here which we can load in the needed steps. - echo "export CC_$(xx-cargo --print-target-triple | tr '[:upper:]' '[:lower:]' | tr - _)=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ - echo "export CARGO_TARGET_$(xx-cargo --print-target-triple | tr '[:lower:]' '[:upper:]' | tr - _)_LINKER=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ + echo "export CC_$(echo "${CARGO_TARGET}" | tr '[:upper:]' '[:lower:]' | tr - _)=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ + echo "export CARGO_TARGET_$(echo "${CARGO_TARGET}" | tr '[:lower:]' '[:upper:]' | tr - _)_LINKER=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ echo "export PKG_CONFIG=/usr/bin/$(xx-info)-pkg-config" >> /env-cargo && \ echo "export CROSS_COMPILE=1" >> /env-cargo && \ echo "export OPENSSL_INCLUDE_DIR=/usr/include/$(xx-info)" >> /env-cargo && \ echo "export OPENSSL_LIB_DIR=/usr/lib/$(xx-info)" >> /env-cargo ; \ - fi + fi && \ + # Output the current contents of the file + cat /env-cargo # Configure the DB ARG as late as possible to not invalidate the cached layers above ARG DB=sqlite,mysql,postgresql diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index 1a182116..5748850e 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -69,22 +69,28 @@ ENV DEBIAN_FRONTEND=noninteractive \ # Install clang to get `xx-cargo` working # Install pkg-config to allow amd64 builds to find all libraries +# Install the libc cross packages based upon the debian-arch RUN apt-get update && \ apt-get install -y \ --no-install-recommends \ - clang pkg-config + clang pkg-config \ + "libc6-$(xx-info debian-arch)-cross" \ + "libc6-dev-$(xx-info debian-arch)-cross" \ + "linux-libc-dev-$(xx-info debian-arch)-cross" && \ + # Run xx-cargo early, since it sometimes seems to break when run at a later stage + echo "export CARGO_TARGET=$(xx-cargo --print-target-triple)" >> /env-cargo RUN xx-apt-get install -y \ --no-install-recommends \ gcc \ - libc6-dev \ - linux-libc-dev \ - libmariadb-dev \ - libmariadb-dev-compat \ libmariadb3 \ libpq-dev \ libpq5 \ - libssl-dev + libssl-dev && \ + # Force install arch dependend mariadb dev packages + # Installing them the normal way breaks several other packages (again) + apt-get download "libmariadb-dev-compat:$(xx-info debian-arch)" "libmariadb-dev:$(xx-info debian-arch)" && \ + dpkg --force-all -i ./libmariadb-dev*.deb {% endif %} # Create CARGO_HOME folder and don't download rust docs @@ -102,17 +108,19 @@ COPY ./build.rs ./build.rs {% if base == "debian" %} # Environment variables for cargo across Debian and Alpine -RUN echo "export CARGO_TARGET=$(xx-cargo --print-target-triple)" >> /env-cargo && \ +RUN source /env-cargo && \ if xx-info is-cross ; then \ # We can't use xx-cargo since that uses clang, which doesn't work for our libraries. # Because of this we generate the needed environment variables here which we can load in the needed steps. - echo "export CC_$(xx-cargo --print-target-triple | tr '[:upper:]' '[:lower:]' | tr - _)=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ - echo "export CARGO_TARGET_$(xx-cargo --print-target-triple | tr '[:lower:]' '[:upper:]' | tr - _)_LINKER=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ + echo "export CC_$(echo ${CARGO_TARGET} | tr '[:upper:]' '[:lower:]' | tr - _)=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ + echo "export CARGO_TARGET_$(echo ${CARGO_TARGET} | tr '[:lower:]' '[:upper:]' | tr - _)_LINKER=/usr/bin/$(xx-info)-gcc" >> /env-cargo && \ echo "export PKG_CONFIG=/usr/bin/$(xx-info)-pkg-config" >> /env-cargo && \ echo "export CROSS_COMPILE=1" >> /env-cargo && \ echo "export OPENSSL_INCLUDE_DIR=/usr/include/$(xx-info)" >> /env-cargo && \ echo "export OPENSSL_LIB_DIR=/usr/lib/$(xx-info)" >> /env-cargo ; \ - fi + fi && \ + # Output the current contents of the file + cat /env-cargo # Configure the DB ARG as late as possible to not invalidate the cached layers above ARG DB=sqlite,mysql,postgresql @@ -120,7 +128,9 @@ ARG DB=sqlite,mysql,postgresql # Shared variables across Debian and Alpine RUN echo "export CARGO_TARGET=${RUST_MUSL_CROSS_TARGET}" >> /env-cargo && \ # To be able to build the armv6 image with mimalloc we need to tell the linker to also look for libatomic - if [[ "${TARGETARCH}${TARGETVARIANT}" == "armv6" ]] ; then echo "export RUSTFLAGS='-Clink-arg=-latomic'" >> /env-cargo ; fi + if [[ "${TARGETARCH}${TARGETVARIANT}" == "armv6" ]] ; then echo "export RUSTFLAGS='-Clink-arg=-latomic'" >> /env-cargo ; fi && \ + # Output the current contents of the file + cat /env-cargo # Enable MiMalloc to improve performance on Alpine builds ARG DB=sqlite,mysql,postgresql,enable_mimalloc diff --git a/docker/README.md b/docker/README.md index ad81e3b9..314e8aa1 100644 --- a/docker/README.md +++ b/docker/README.md @@ -112,10 +112,10 @@ docker/bake.sh ## Variables supported | Variable | default | description | | --------------------- | ------------------ | ----------- | -| CARGO_PROFILE | null | Which cargo profile to use. `null` means what is defined in the Dockerfile | -| DB | null | Which `features` to build. `null` means what is defined in the Dockerfile | -| SOURCE_REPOSITORY_URL | null | The source repository form where this build is triggered | -| SOURCE_COMMIT | null | The commit hash of the current commit for this build | -| SOURCE_VERSION | null | The current exact tag of this commit, else the last tag and the first 8 chars of the source commit | -| BASE_TAGS | testing | Tags to be used. Can be a comma separated value like "latest,1.29.2" | +| CARGO_PROFILE | null | Which cargo profile to use. `null` means what is defined in the Dockerfile | +| DB | null | Which `features` to build. `null` means what is defined in the Dockerfile | +| SOURCE_REPOSITORY_URL | null | The source repository form where this build is triggered | +| SOURCE_COMMIT | null | The commit hash of the current commit for this build | +| SOURCE_VERSION | null | The current exact tag of this commit, else the last tag and the first 8 chars of the source commit | +| BASE_TAGS | testing | Tags to be used. Can be a comma separated value like "latest,1.29.2" | | CONTAINER_REGISTRIES | vaultwarden/server | Comma separated value of container registries. Like `ghcr.io/dani-garcia/vaultwarden,docker.io/vaultwarden/server` |