diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 383dcd572..25741c402 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -266,6 +266,17 @@ jobs: if: needs.build-check.outputs.should_build == 'true' runs-on: ubicloud-standard-2 timeout-minutes: 60 + strategy: + fail-fast: false + matrix: + include: + - variant: musl + file: Dockerfile + suffix: "" + - variant: glibc + file: Dockerfile.glibc + suffix: "-glibc" + steps: - name: Checkout repository uses: actions/checkout@v6 @@ -296,6 +307,7 @@ jobs: VERSION="${{ needs.build-check.outputs.version }}" SHORT_SHA="${{ needs.build-check.outputs.short_sha }}" CREATE_LATEST="${{ needs.build-check.outputs.create_latest }}" + VARIANT_SUFFIX="${{ matrix.suffix }}" # Convert version format for Dockerfile compatibility case "$VERSION" in @@ -326,14 +338,14 @@ jobs: # Generate tags based on build type # Only support release and prerelease builds (no development builds) - TAGS="${{ env.REGISTRY_DOCKERHUB }}:${VERSION}" + TAGS="${{ env.REGISTRY_DOCKERHUB }}:${VERSION}${VARIANT_SUFFIX}" # Add channel tags for prereleases and latest for stable if [[ "$CREATE_LATEST" == "true" ]]; then # TODO: Temporary change - the current alpha version will also create the latest tag # After the version is stabilized, the logic here remains unchanged, but the upstream CREATE_LATEST setting needs to be restored. # Stable release (and temporary alpha versions) - TAGS="$TAGS,${{ env.REGISTRY_DOCKERHUB }}:latest" + TAGS="$TAGS,${{ env.REGISTRY_DOCKERHUB }}:latest${VARIANT_SUFFIX}" elif [[ "$BUILD_TYPE" == "prerelease" ]]; then # Prerelease channel tags (alpha, beta, rc) if [[ "$VERSION" == *"alpha"* ]]; then @@ -345,7 +357,7 @@ jobs: fi if [[ -n "$CHANNEL" ]]; then - TAGS="$TAGS,${{ env.REGISTRY_DOCKERHUB }}:${CHANNEL}" + TAGS="$TAGS,${{ env.REGISTRY_DOCKERHUB }}:${CHANNEL}${VARIANT_SUFFIX}" fi fi @@ -372,15 +384,15 @@ jobs: uses: docker/build-push-action@v6 with: context: . - file: Dockerfile + file: ${{ matrix.file }} platforms: ${{ env.DOCKER_PLATFORMS }} push: ${{ needs.build-check.outputs.should_push == 'true' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: | - type=gha,scope=docker-binary + type=gha,scope=docker-${{ matrix.variant }} cache-to: | - type=gha,mode=max,scope=docker-binary + type=gha,mode=max,scope=docker-${{ matrix.variant }} build-args: | BUILDTIME=$(date -u +'%Y-%m-%dT%H:%M:%SZ') VERSION=${{ needs.build-check.outputs.version }} diff --git a/Dockerfile.glibc b/Dockerfile.glibc new file mode 100644 index 000000000..434e8fa0e --- /dev/null +++ b/Dockerfile.glibc @@ -0,0 +1,101 @@ +FROM ubuntu:24.04 AS build + +ARG TARGETARCH +ARG RELEASE=latest + +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + unzip \ + && rm -rf /var/lib/apt/lists/* + +WORKDIR /build + +RUN set -eux; \ + case "$TARGETARCH" in \ + amd64) ARCH_SUBSTR="x86_64-gnu" ;; \ + arm64) ARCH_SUBSTR="aarch64-gnu" ;; \ + *) echo "Unsupported TARGETARCH=$TARGETARCH" >&2; exit 1 ;; \ + esac; \ + \ + if [ "$RELEASE" = "latest" ]; then \ + TAG="$(curl -fsSL https://api.github.com/repos/rustfs/rustfs/releases \ + | grep -o '"tag_name": "[^"]*"' | cut -d'"' -f4 | head -n 1)"; \ + else \ + TAG="$RELEASE"; \ + fi; \ + \ + URL="$(curl -fsSL "https://api.github.com/repos/rustfs/rustfs/releases/tags/$TAG" \ + | grep -o "\"browser_download_url\": \"[^\"]*${ARCH_SUBSTR}[^\"]*\\.zip\"" \ + | cut -d'"' -f4 | head -n 1)"; \ + \ + if [ -z "$URL" ]; then echo "Failed to locate release asset for $ARCH_SUBSTR at tag $TAG" >&2; exit 1; fi; \ + \ + curl -fL "$URL" -o rustfs.zip; \ + unzip -q rustfs.zip -d /build; \ + \ + if [ ! -x /build/rustfs ]; then \ + BIN_PATH="$(unzip -Z -1 rustfs.zip | grep -E '(^|/)rustfs$' | head -n 1 || true)"; \ + if [ -n "$BIN_PATH" ]; then \ + mkdir -p /build/.tmp && unzip -q rustfs.zip "$BIN_PATH" -d /build/.tmp && \ + mv "/build/.tmp/$BIN_PATH" /build/rustfs; \ + fi; \ + fi; \ + [ -x /build/rustfs ] || { echo "rustfs binary not found in asset" >&2; exit 1; }; \ + chmod +x /build/rustfs; \ + rm -rf rustfs.zip /build/.tmp || true + +FROM ubuntu:24.04 + +ARG RELEASE=latest +ARG BUILD_DATE +ARG VCS_REF + +LABEL name="RustFS" \ + vendor="RustFS Team" \ + maintainer="RustFS Team " \ + version="v${RELEASE#v}" \ + release="${RELEASE}" \ + build-date="${BUILD_DATE}" \ + vcs-ref="${VCS_REF}" \ + summary="High-performance distributed object storage system (glibc)" \ + url="https://rustfs.com" \ + license="Apache-2.0" + +RUN apt-get update && apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + && rm -rf /var/lib/apt/lists/* + +COPY --from=build /build/rustfs /usr/bin/rustfs +COPY entrypoint.sh /entrypoint.sh + +RUN chmod +x /usr/bin/rustfs /entrypoint.sh + +RUN groupadd -g 10001 rustfs && \ + useradd -u 10001 -g rustfs -m -s /sbin/nologin rustfs && \ + mkdir -p /data /logs && \ + chown -R rustfs:rustfs /data /logs && \ + chmod 0750 /data /logs + +ENV RUSTFS_ADDRESS=":9000" \ + RUSTFS_CONSOLE_ADDRESS=":9001" \ + RUSTFS_ACCESS_KEY="rustfsadmin" \ + RUSTFS_SECRET_KEY="rustfsadmin" \ + RUSTFS_CONSOLE_ENABLE="true" \ + RUSTFS_CORS_ALLOWED_ORIGINS="*" \ + RUSTFS_CONSOLE_CORS_ALLOWED_ORIGINS="*" \ + RUSTFS_VOLUMES="/data" \ + RUSTFS_OBS_LOGGER_LEVEL=warn \ + RUSTFS_OBS_LOG_DIRECTORY=/logs \ + RUSTFS_OBS_ENVIRONMENT=production + +EXPOSE 9000 9001 + +VOLUME ["/data"] + +USER rustfs + +ENTRYPOINT ["/entrypoint.sh"] + +CMD ["rustfs"]