From c0fa1f4e81030656ec1c89abc06aa4c4c758cf2b Mon Sep 17 00:00:00 2001
From: Asmir Avdicevic <asmir.avdicevic64@gmail.com>
Date: Thu, 18 Jul 2024 19:04:27 +0200
Subject: [PATCH] feat(ci): publish docker images (#2520)

## Description

Tested here:
https://github.com/n0-computer/iroh/actions/runs/9992457651/job/27617587850?pr=2520
Results here:
- https://hub.docker.com/r/n0computer/iroh
- https://hub.docker.com/r/n0computer/iroh-relay
- https://hub.docker.com/r/n0computer/iroh-dns-server

Will only trigger on new releases.
Pretty happy, images are very slim and builds are pretty snappy.

Test it out with
`docker run -p 9090:9090 -p 4919:4919/udp -Pit n0computer/iroh:latest
--rpc-addr 0.0.0.0:4919 start`

Closes #1371

## Breaking Changes

<!-- Optional, if there are any breaking changes document them,
including how to migrate older code. -->

## Notes & open questions

<!-- Any notes, remarks or open questions you have to make about the PR.
-->


## Change checklist

- [ ] Self-review.
- [ ] Documentation updates following the [style
guide](https://rust-lang.github.io/rfcs/1574-more-api-documentation-conventions.html#appendix-a-full-conventions-text),
if relevant.
- [ ] Tests if relevant.
- [ ] All breaking changes documented.
---
 .github/workflows/ci.yml      |  2 +-
 .github/workflows/release.yml | 75 +++++++++++++++++++++++++++++++++++
 docker/Dockerfile             |  8 ++--
 docker/Dockerfile.ci          | 52 ++++++++++++++++++++++++
 4 files changed, 132 insertions(+), 5 deletions(-)
 create mode 100644 docker/Dockerfile.ci

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3eb75dad33..cb2af3c383 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -449,4 +449,4 @@ jobs:
       - name: Cleanup Docker
         continue-on-error: true
         run: |
-          docker kill $(docker ps -q)
\ No newline at end of file
+          docker kill $(docker ps -q)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fed6d4c250..f7f200fc31 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -253,3 +253,78 @@ jobs:
           with:
             upload_url: ${{ needs.create-release.outputs.upload_url }}
             asset_path: ${{ env.ASSET }}
+
+    docker:
+      timeout-minutes: 30
+      needs: build_release
+      name: Docker
+      runs-on: [self-hosted, linux, X64]
+      steps:
+        - name: Checkout
+          uses: actions/checkout@v4
+
+        - name: Set up Docker Buildx
+          uses: docker/setup-buildx-action@v3
+
+        - name: Login to Docker Hub
+          uses: docker/login-action@v3
+          with:
+            username: ${{ secrets.DOCKERHUB_USERNAME }}
+            password: ${{ secrets.DOCKERHUB_TOKEN }}
+        
+        - name: Prep dirs
+          run: |
+            mkdir -p bins/linux/amd64
+            mkdir -p bins/linux/arm64
+
+        - name: Setup awscli on linux
+          run: |
+            curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
+            unzip awscliv2.zip
+            sudo ./aws/install --update
+    
+        - name: Set aws credentials
+          run: |
+              echo "AWS_ACCESS_KEY_ID=${{secrets.S3_ACCESS_KEY_ID}}" >> $GITHUB_ENV
+              echo "AWS_SECRET_ACCESS_KEY=${{secrets.S3_ACCESS_KEY}}" >> $GITHUB_ENV
+              echo "AWS_DEFAULT_REGION=us-west-2" >> $GITHUB_ENV
+
+        - name: Fetch release binaries
+          run: |
+            aws s3 cp s3://vorc/iroh-linux-amd64-${GITHUB_SHA::7} bins/linux/amd64/iroh
+            aws s3 cp s3://vorc/iroh-relay-linux-amd64-${GITHUB_SHA::7} bins/linux/amd64/iroh-relay
+            aws s3 cp s3://vorc/iroh-dns-server-linux-amd64-${GITHUB_SHA::7} bins/linux/amd64/iroh-dns-server
+
+            aws s3 cp s3://vorc/iroh-linux-aarch64-${GITHUB_SHA::7} bins/linux/arm64/iroh
+            aws s3 cp s3://vorc/iroh-relay-linux-aarch64-${GITHUB_SHA::7} bins/linux/arm64/iroh-relay
+            aws s3 cp s3://vorc/iroh-dns-server-linux-aarch64-${GITHUB_SHA::7} bins/linux/arm64/iroh-dns-server
+
+        - name: Build Docker image (iroh)
+          uses: docker/build-push-action@v6
+          with:
+            context: .
+            push: true
+            tags: n0computer/iroh:latest,n0computer/iroh:${{ needs.create-release.outputs.release_version }}
+            target: iroh
+            platforms: linux/amd64,linux/arm64/v8
+            file: docker/Dockerfile.ci
+        
+        - name: Build Docker image (iroh-relay)
+          uses: docker/build-push-action@v6
+          with:
+            context: .
+            push: true
+            tags: n0computer/iroh-relay:latest,n0computer/iroh-relay:${{ needs.create-release.outputs.release_version }}
+            target: iroh-relay
+            platforms: linux/amd64,linux/arm64/v8
+            file: docker/Dockerfile.ci
+
+        - name: Build Docker image (iroh-dns-server)
+          uses: docker/build-push-action@v6
+          with:
+            context: .
+            push: true
+            tags: n0computer/iroh-dns-server:latest,n0computer/iroh-dns-server:${{ needs.create-release.outputs.release_version }}
+            target: iroh-dns-server
+            platforms: linux/amd64,linux/arm64/v8
+            file: docker/Dockerfile.ci
\ No newline at end of file
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 8e10de9dac..016f0103b2 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -27,7 +27,7 @@ COPY . .
 RUN cargo build --release --all-features
 
 ### Target image
-FROM alpine:latest as iroh
+FROM alpine:latest AS iroh
 
 RUN apk update && apk add ca-certificates && update-ca-certificates
 
@@ -46,7 +46,7 @@ ENTRYPOINT ["/iroh"]
 CMD ["start"]
 
 ### Target image
-FROM alpine:latest as iroh-relay
+FROM alpine:latest AS iroh-relay
 
 RUN apk update && apk add ca-certificates && update-ca-certificates
 
@@ -65,7 +65,7 @@ ENTRYPOINT ["/iroh-relay"]
 CMD [""]
 
 ### Target image
-FROM alpine:latest as iroh-dns-server
+FROM alpine:latest AS iroh-dns-server
 
 RUN apk update && apk add ca-certificates && update-ca-certificates
 
@@ -80,5 +80,5 @@ WORKDIR /
 # expose the default ports
 # dns, metrics
 EXPOSE 53/udp 9090
-ENTRYPOINT ["/iroh-relay"]
+ENTRYPOINT ["/iroh-dns-server"]
 CMD [""]
\ No newline at end of file
diff --git a/docker/Dockerfile.ci b/docker/Dockerfile.ci
new file mode 100644
index 0000000000..4557737368
--- /dev/null
+++ b/docker/Dockerfile.ci
@@ -0,0 +1,52 @@
+### Base image for iroh-relay and iroh-dns-server
+FROM alpine:latest as base
+RUN apk update && apk add ca-certificates && update-ca-certificates
+
+
+### Target image
+FROM base as iroh
+ARG TARGETPLATFORM
+
+COPY bins/${TARGETPLATFORM}/iroh /iroh
+
+RUN chmod +x /iroh
+
+WORKDIR /
+
+# expose the default ports
+# rpc, nat-pmp, metrics, iroh_node_ipv4, iroh_node_ipv6
+EXPOSE 4919/udp 5351 9090 11204/udp 11205/udp
+ENTRYPOINT ["/iroh"]
+CMD ["start"]
+
+### Target image
+FROM base as iroh-relay
+ARG TARGETPLATFORM
+
+COPY bins/${TARGETPLATFORM}/iroh-relay /iroh-relay
+
+RUN chmod +x /iroh-relay
+
+WORKDIR /
+
+# expose the default ports
+# http, https, stun, metrics
+EXPOSE  80 443 3478/udp 9090
+ENTRYPOINT ["/iroh-relay"]
+CMD [""]
+
+### Target image
+FROM base as iroh-dns-server
+ARG TARGETPLATFORM
+
+COPY bins/${TARGETPLATFORM}/iroh-dns-server /iroh-dns-server
+
+RUN chmod +x /iroh-dns-server
+
+WORKDIR /
+
+# expose the default ports
+# dns, metrics
+EXPOSE 53/udp 9090
+ENTRYPOINT ["/iroh-dns-server"]
+CMD [""]
\ No newline at end of file