Retropex/docker-bitcoind
1
0
Fork 0
mirror of https://github.com/Retropex/docker-bitcoind.git synced 2025-05-29 05:22:36 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

test v0.20.0 and qemu v5.0.0

Browse Source
This commit is contained in:
Damian Mee 2020-06-03 20:17:57 +08:00
parent 6d53d5e55c
commit a3d14fbecb
No known key found for this signature in database
GPG Key ID: 2F961EAB8789725D
5 changed files with 248 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/on-tag.yml vendored
View File

@ -28,7 +28,7 @@ jobs:
- arm64v8 - arm64v8
env: env:
QEMU_VERSION: v4.2.0 QEMU_VERSION: v5.0.0
DOCKER_BUILDKIT: 1 DOCKER_BUILDKIT: 1
steps: steps:

6
.github/workflows/qemu-perf.yml vendored
View File

@ -16,19 +16,17 @@ jobs:
env: env:
DOCKER_BUILDKIT: 1 DOCKER_BUILDKIT: 1
MINOR: 0.19 MINOR: 0.20
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
qemu: qemu:
- v3.1.0
- v3.1.1 - v3.1.1
- v4.0.0
- v4.0.1 - v4.0.1
- v4.1.0
- v4.1.1 - v4.1.1
- v4.2.0 - v4.2.0
- v5.0.0
arch: arch:
- arm32v7 - arm32v7

4
.github/workflows/test.yml vendored
View File

@ -18,11 +18,11 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
subver: subver:
- 0.15
- 0.16 - 0.16
- 0.17 - 0.17
- 0.18 - 0.18
- 0.19 - 0.19
- 0.20
arch: arch:
- amd64 - amd64
@ -30,7 +30,7 @@ jobs:
- arm64v8 - arm64v8
env: env:
QEMU_VERSION: v4.2.0 QEMU_VERSION: v5.0.0
DOCKER_BUILDKIT: 1 DOCKER_BUILDKIT: 1
steps: steps:

242
0.20/Dockerfile Normal file
View File

@ -0,0 +1,242 @@
# This Dockerfile builds Bitcoin Core and packages it into a minimal `final` image
# VERSION of Bitcoin Core to be build
# NOTE: Unlike our other images this one is NOT prefixed with `v`,
# as many things (like download URLs) use this form instead.
ARG VERSION=0.20.0
# CPU archtecture to build binaries for
ARG ARCH
# Define default versions so that they don't have to be repreated throughout the file
ARG VER_ALPINE=3.12
# $USER name, and data $DIR to be used in the `final` image
ARG USER=bitcoind
ARG DIR=/data
# Choose where to get bitcoind sources from, options: release, git
# NOTE: Only `SOURCE=git` can be used for RC releases
ARG SOURCE=release
# Choose where to get BerkeleyDB from, options: prebuilt, compile
# NOTE: When compiled here total execution time exceeds allowed CI limits, so pre-built one is used by default
ARG BDB_SOURCE=prebuilt
#
## `preparer-base` installs dependencies needed by both ways of fetching the source,
# as well as imports GPG keys needed to verify authenticity of the source.
#
FROM alpine:${VER_ALPINE} AS preparer-base
# Make sure APKs are downloaded over SSL. See: https://github.com/gliderlabs/docker-alpine/issues/184
RUN sed -i 's|http://dl-cdn.alpinelinux.org|https://alpine.global.ssl.fastly.net|g' /etc/apk/repositories
RUN apk add --no-cache gnupg
ENV KEYS 71A3B16735405025D447E8F274810B012346C9A6 01EA5486DE18A882D4C2684590C8019E36C2E964
RUN timeout 16s gpg --keyserver keyserver.ubuntu.com --recv-keys $KEYS
# Print imported keys, but also ensure there's no other keys in the system
RUN gpg --list-keys | tail -n +3 | tee /tmp/keys.txt && \
gpg --list-keys $KEYS | diff - /tmp/keys.txt
#
## Option #1: [default] Fetch bitcoind source from release tarballs
#
FROM preparer-base AS preparer-release
ARG VERSION
# Download checksums
ADD https://bitcoincore.org/bin/bitcoin-core-$VERSION/SHA256SUMS.asc ./
# Download source code (intentionally different website than checksums)
ADD https://bitcoin.org/bin/bitcoin-core-$VERSION/bitcoin-$VERSION.tar.gz ./
# Verify that hashes are signed with the previously imported key
RUN gpg --verify SHA256SUMS.asc
# Verify that downloaded source-code archive matches exactly the hash that's provided
RUN grep " bitcoin-$VERSION.tar.gz\$" SHA256SUMS.asc | sha256sum -c -
# Extract
RUN tar -xzf "bitcoin-$VERSION.tar.gz" && \
rm -f "bitcoin-$VERSION.tar.gz"
#
## Option #2: Fetch bitcoind source from GitHub
#
FROM preparer-base AS preparer-git
ARG VERSION
RUN apk add --no-cache git
# Fetch the source code at a specific TAG
RUN git clone -b "v$VERSION" --depth=1 https://github.com/bitcoin/bitcoin.git "/bitcoin-$VERSION/"
# Verify tag, and copy source code to predetermined location on success
RUN cd "/bitcoin-$VERSION/" && \
git verify-tag "v$VERSION"
#
## Alias to go around `COPY` not accepting ARGs in value passed to `--from=`
#
FROM preparer-${SOURCE} AS preparer
#
## `berkeleydb-prebuilt` downloads a pre-built BerkeleyDB to make sure
# the overall build time of this Dockerfile fits within CI limits.
#
FROM lncm/berkeleydb:v4.8.30.NC${ARCH:+-${ARCH}} AS berkeleydb-prebuilt
#
## `berkeleydb-compile` builds BerkeleyDB from source using script provided in bitcoind repo.
#
FROM alpine:${VER_ALPINE} AS berkeleydb-compile
# TODO: implement ^^
RUN echo "Not implemented" && exit 1
FROM berkeleydb-${BDB_SOURCE} AS berkeleydb
#
## `builder` builds Bitcoin Core regardless on how the source, and BDB code were obtained.
#
# NOTE: this stage is emulated using QEMU
# NOTE: `${ARCH:+${ARCH}/}` - if ARCH is set, append `/` to it, leave it empty otherwise
FROM ${ARCH:+${ARCH}/}alpine:${VER_ALPINE} AS builder
ARG VERSION
ARG SOURCE
# Use APK repos over HTTPS. See: https://github.com/gliderlabs/docker-alpine/issues/184
RUN sed -i 's|http://dl-cdn.alpinelinux.org|https://alpine.global.ssl.fastly.net|g' /etc/apk/repositories
# TODO: Check which dependencies are not necessary here
RUN apk add --no-cache \
autoconf \
automake \
boost-dev \
build-base \
chrpath \
file \
libevent-dev \
libressl \
libressl-dev \
libtool \
linux-headers \
protobuf-dev \
zeromq-dev
# Fetch pre-built berkeleydb
COPY --from=berkeleydb /opt/ /opt/
# Change to the extracted directory
WORKDIR /bitcoin-$VERSION/
# Copy bitcoin source (downloaded & verified in previous stages)
COPY --from=preparer /bitcoin-$VERSION/ ./
ENV BITCOIN_PREFIX /opt/bitcoin-$VERSION
RUN ./autogen.sh
# TODO: Try to optimize on passed params
RUN ./configure LDFLAGS=-L/opt/db4/lib/ CPPFLAGS=-I/opt/db4/include/ \
--prefix="$BITCOIN_PREFIX" \
--disable-man \
--disable-shared \
--disable-ccache \
--enable-static \
--enable-reduce-exports \
--without-gui \
--without-libs \
--with-utils \
--with-daemon
RUN make -j$(( $(nproc) + 1 )) check
RUN make install
# List installed binaries pre-strip & strip them
RUN ls -lh "$BITCOIN_PREFIX/bin/"
RUN strip -v "$BITCOIN_PREFIX/bin/bitcoin"*
# List installed binaries post-strip & print their checksums
RUN ls -lh "$BITCOIN_PREFIX/bin/"
RUN sha256sum "$BITCOIN_PREFIX/bin/bitcoin"*
#
## `final` aggregates build results from previous stages into a necessary minimum
# ready to be used, and published to Docker Hub.
#
# NOTE: this stage is emulated using QEMU
# NOTE: `${ARCH:+${ARCH}/}` - if ARCH is set, append `/` to it, leave it empty otherwise
FROM ${ARCH:+${ARCH}/}alpine:${VER_ALPINE} AS final
ARG VERSION
ARG USER
ARG DIR
LABEL maintainer="Damian Mee (@meeDamian)"
# Use APK repos over HTTPS. See: https://github.com/gliderlabs/docker-alpine/issues/184
RUN sed -i 's|http://dl-cdn.alpinelinux.org|https://alpine.global.ssl.fastly.net|g' /etc/apk/repositories
# TODO: Check which dependencies are not necessary here
RUN apk add --no-cache \
boost-chrono \
boost-filesystem \
boost-thread \
libevent \
libressl \
libsodium \
libstdc++ \
libzmq
COPY --from=builder /opt/bitcoin-$VERSION/bin/bitcoin* /usr/local/bin/
# NOTE: Default GID == UID == 1000
RUN adduser --disabled-password \
--home "$DIR/" \
--gecos "" \
"$USER"
USER $USER
# Prevents `VOLUME $DIR/.bitcoind/` being created as owned by `root`
RUN mkdir -p "$DIR/.bitcoin/"
# Expose volume containing all `bitcoind` data
VOLUME $DIR/.bitcoin/
# REST interface
EXPOSE 8080
# P2P network (mainnet, testnet & regnet respectively)
EXPOSE 8333 18333 18444
# RPC interface (mainnet, testnet & regnet respectively)
EXPOSE 8332 18332 18443
# ZMQ ports (for transactions & blocks respectively)
EXPOSE 28332 28333
ENTRYPOINT ["bitcoind"]
CMD ["-zmqpubrawblock=tcp://0.0.0.0:28332", "-zmqpubrawtx=tcp://0.0.0.0:28333"]

2
README.md
View File

@ -36,7 +36,7 @@ This repo builds [`bitcoind`] in an auditable way, and packages it into a minima
* All architectures are aggregated under an easy-to-use [Docker Manifest] * All architectures are aggregated under an easy-to-use [Docker Manifest]
* All [`git-tags`] are [build automatically], and with an [auditable trace] * All [`git-tags`] are [build automatically], and with an [auditable trace]
* Each successful build of a `git tag` pushes result Docker image to [Docker Hub] * Each successful build of a `git tag` pushes result Docker image to [Docker Hub]
* Images pushed to Docker Hub are never deleted (even if `lnd` version gets overriden, previous one is preserved) * Images pushed to Docker Hub are never deleted (even if `lnd` version gets overridden, previous one is preserved)
* All `final` images are based on Alpine for minimum base size * All `final` images are based on Alpine for minimum base size
* All binaries are [`strip`ped] * All binaries are [`strip`ped]
* Each `git-tag` build is tagged with a unique tag number * Each `git-tag` build is tagged with a unique tag number