From 960719e01c7f33793abeafcee6e1c84baf5dc305 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Thu, 13 Mar 2025 11:35:12 -0700 Subject: [PATCH] ci: update cloud images --- src/Billing/Dockerfile | 72 +++++++++++++++++++++++----- src/EventsProcessor/Dockerfile | 70 ++++++++++++++++++++++----- src/Notifications/Dockerfile | 68 +++++++++++++++++++++----- util/Attachments/Dockerfile | 71 +++++++++++++++++++++++++-- util/MsSql/Dockerfile | 6 +-- util/MsSqlMigratorUtility/Dockerfile | 68 ++++++++++++++++++++++++-- util/Nginx/Dockerfile | 18 +++---- util/Setup/Dockerfile | 61 +++++++++++++++++++++-- 8 files changed, 376 insertions(+), 58 deletions(-) diff --git a/src/Billing/Dockerfile b/src/Billing/Dockerfile index 1fd87df16e..a9fbeaa6e5 100644 --- a/src/Billing/Dockerfile +++ b/src/Billing/Dockerfile @@ -1,33 +1,79 @@ -FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build -ARG TARGETPLATFORM -ARG BUILDPLATFORM +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build ENV PROJECT_NAME=Billing +ARG GIT_COMMIT -WORKDIR /build -COPY ../../ ./ +# Docker buildx supplies the value for this arg +ARG TARGETPLATFORM -WORKDIR /build/src/${PROJECT_NAME} +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt -RUN dotnet publish --self-contained /p:PublishSingleFile=true -o out +# Copy csproj files as distinct layers +WORKDIR /source +COPY src/${PROJECT_NAME}/*.csproj ./src/${PROJECT_NAME}/ +COPY src/Core/*.csproj ./src/Core/ +COPY src/Infrastructure.Dapper/*.csproj ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/*.csproj ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/*.csproj ./src/SharedWeb/ +COPY Directory.Build.props . +# Restore project dependencies and tools +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY src/${PROJECT_NAME}/. ./src/${PROJECT_NAME}/ +COPY src/Core/. ./src/Core/ +COPY src/Infrastructure.Dapper/. ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/. ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/. ./src/SharedWeb/ +COPY .git/. ./.git/ +COPY .editorconfig . + +# Build project +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out + +WORKDIR /app + +############################################### +# App stage # +############################################### FROM mcr.microsoft.com/dotnet/aspnet:8.0 - LABEL com.bitwarden.product="bitwarden" +ARG TARGETPLATFORM +ENV ASPNETCORE_ENVIRONMENT=Production +ENV ASPNETCORE_URLS=http://+:5000 +EXPOSE 5000 ENV PROJECT_NAME=Billing RUN apt-get update \ && apt-get install -y --no-install-recommends \ gosu \ curl \ - krb5-user \ && rm -rf /var/lib/apt/lists/* -ENV ASPNETCORE_URLS=http://+:5000 - +# Copy app from the build stage WORKDIR /app -EXPOSE 5000 -COPY --from=build /build/src/${PROJECT_NAME}/out /app +COPY --from=build /source/src/${PROJECT_NAME}/out /app COPY ./src/${PROJECT_NAME}/entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh HEALTHCHECK CMD curl -f http://localhost:5000/alive || exit 1 diff --git a/src/EventsProcessor/Dockerfile b/src/EventsProcessor/Dockerfile index 14c5b354ac..e28b591531 100644 --- a/src/EventsProcessor/Dockerfile +++ b/src/EventsProcessor/Dockerfile @@ -1,19 +1,67 @@ -FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build -ARG TARGETPLATFORM -ARG BUILDPLATFORM +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build ENV PROJECT_NAME=EventsProcessor +ARG GIT_COMMIT -WORKDIR /build -COPY ../../ ./ +# Docker buildx supplies the value for this arg +ARG TARGETPLATFORM -WORKDIR /build/src/${PROJECT_NAME} +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt -RUN dotnet publish --self-contained /p:PublishSingleFile=true -o out +# Copy csproj files as distinct layers +WORKDIR /source +COPY src/${PROJECT_NAME}/*.csproj ./src/${PROJECT_NAME}/ +COPY src/Core/*.csproj ./src/Core/ +COPY src/Infrastructure.Dapper/*.csproj ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/*.csproj ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/*.csproj ./src/SharedWeb/ +COPY Directory.Build.props . + +# Restore project dependencies and tools +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY src/${PROJECT_NAME}/. ./src/${PROJECT_NAME}/ +COPY src/Core/. ./src/Core/ +COPY src/Infrastructure.Dapper/. ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/. ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/. ./src/SharedWeb/ +COPY .git/. ./.git/ +COPY .editorconfig /source + +# Build project +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out + +WORKDIR /app + +############################################### +# App stage # +############################################### FROM mcr.microsoft.com/dotnet/aspnet:8.0 - LABEL com.bitwarden.product="bitwarden" +EXPOSE 5000 +ENV ASPNETCORE_URLS=http://+:5000 ENV PROJECT_NAME=EventsProcessor RUN apt-get update \ @@ -22,11 +70,9 @@ RUN apt-get update \ curl \ && rm -rf /var/lib/apt/lists/* -ENV ASPNETCORE_URLS=http://+:5000 - -EXPOSE 5000 +# Copy app from the build stage WORKDIR /app -COPY --from=build /build/src/${PROJECT_NAME}/out /app +COPY --from=build /source/src/${PROJECT_NAME}/out /app COPY ./src/${PROJECT_NAME}/entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh HEALTHCHECK CMD curl -f http://localhost:5000/alive || exit 1 diff --git a/src/Notifications/Dockerfile b/src/Notifications/Dockerfile index 6adff83230..d8a339024e 100644 --- a/src/Notifications/Dockerfile +++ b/src/Notifications/Dockerfile @@ -1,33 +1,79 @@ -FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build -ARG TARGETPLATFORM -ARG BUILDPLATFORM +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build ENV PROJECT_NAME=Notifications +ARG GIT_COMMIT -WORKDIR /build -COPY ../../ ./ +# Docker buildx supplies the value for this arg +ARG TARGETPLATFORM -WORKDIR /build/src/${PROJECT_NAME} +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt -RUN dotnet publish --self-contained /p:PublishSingleFile=true -o out +# Copy csproj files as distinct layers +WORKDIR /source +COPY src/${PROJECT_NAME}/*.csproj ./src/${PROJECT_NAME}/ +COPY src/Core/*.csproj ./src/Core/ +COPY src/Infrastructure.Dapper/*.csproj ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/*.csproj ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/*.csproj ./src/SharedWeb/ +COPY Directory.Build.props . +# Restore project dependencies and tools +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY src/${PROJECT_NAME}/. ./src/${PROJECT_NAME}/ +COPY src/Core/. ./src/Core/ +COPY src/Infrastructure.Dapper/. ./src/Infrastructure.Dapper/ +COPY src/Infrastructure.EntityFramework/. ./src/Infrastructure.EntityFramework/ +COPY src/SharedWeb/. ./src/SharedWeb/ +COPY .git/. ./.git/ +COPY .editorconfig /source + +# Build project +WORKDIR /source/src/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out + +WORKDIR /app + +############################################### +# App stage # +############################################### FROM mcr.microsoft.com/dotnet/aspnet:8.0 - LABEL com.bitwarden.product="bitwarden" +EXPOSE 5000 +ENV ASPNETCORE_URLS=http://+:5000 ENV PROJECT_NAME=Notifications RUN apt-get update \ && apt-get install -y --no-install-recommends \ gosu \ curl \ - krb5-user \ && rm -rf /var/lib/apt/lists/* ENV ASPNETCORE_URLS=http://+:5000 -EXPOSE 5000 +# Copy app from the build stage WORKDIR /app -COPY --from=build /build/src/${PROJECT_NAME}/out /app +COPY --from=build /source/src/${PROJECT_NAME}/out /app COPY ./src/${PROJECT_NAME}/entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh HEALTHCHECK CMD curl -f http://localhost:5000/alive || exit 1 diff --git a/util/Attachments/Dockerfile b/util/Attachments/Dockerfile index aef188e050..823d8fbca8 100644 --- a/util/Attachments/Dockerfile +++ b/util/Attachments/Dockerfile @@ -1,9 +1,72 @@ -FROM bitwarden/server:latest AS build +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build +ENV PROJECT_NAME=Attachments +ARG GIT_COMMIT + +# Docker buildx supplies the value for this arg ARG TARGETPLATFORM -ARG BUILDPLATFORM + +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt + +# Copy csproj files as distinct layers +WORKDIR /source +COPY util/Server/*.csproj ./util/Server/ +COPY Directory.Build.props . + +# Restore project dependencies and tools +WORKDIR /source/util/Server +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY util/Server/. ./util/Server/ +COPY .git/. ./.git/ +COPY .editorconfig /source + +# Build project +WORKDIR /source/util/Server +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out + +WORKDIR /app + +############################################### +# App stage # +############################################### +FROM mcr.microsoft.com/dotnet/aspnet:8.0 +LABEL com.bitwarden.product="bitwarden" +EXPOSE 5000 + +ENV ASPNETCORE_URLS=http://+:5000 ENV PROJECT_NAME=Attachments -EXPOSE 5000 +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + gosu \ + curl \ + && rm -rf /var/lib/apt/lists/* + +# Copy app from the build stage +WORKDIR /bitwarden_server +COPY --from=build /source/util/Server/out /bitwarden_server +COPY util/${PROJECT_NAME}/entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + HEALTHCHECK CMD curl -f http://localhost:5000/alive || exit 1 -ENTRYPOINT ["/bitwarden_server/Server", "/contentRoot=/etc/bitwarden/core/attachments", "/webRoot=.", "/serveUnknown=true"] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/util/MsSql/Dockerfile b/util/MsSql/Dockerfile index ab439095f6..3ce7ce33d1 100644 --- a/util/MsSql/Dockerfile +++ b/util/MsSql/Dockerfile @@ -10,9 +10,9 @@ RUN apt-get update \ tzdata \ && rm -rf /var/lib/apt/lists/* -COPY backup-db.sql / -COPY backup-db.sh / -COPY entrypoint.sh / +COPY util/MsSql/backup-db.sql / +COPY util/MsSql/backup-db.sh / +COPY util/MsSql/entrypoint.sh / RUN chmod +x /entrypoint.sh \ && chmod +x /backup-db.sh diff --git a/util/MsSqlMigratorUtility/Dockerfile b/util/MsSqlMigratorUtility/Dockerfile index b3da6a53f0..197d25488c 100644 --- a/util/MsSqlMigratorUtility/Dockerfile +++ b/util/MsSqlMigratorUtility/Dockerfile @@ -1,8 +1,68 @@ -FROM mcr.microsoft.com/dotnet/aspnet:8.0 +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build +ENV PROJECT_NAME=MsSqlMigratorUtility +ARG GIT_COMMIT -LABEL com.bitwarden.product="bitwarden" +# Docker buildx supplies the value for this arg +ARG TARGETPLATFORM + +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt + +# Copy csproj files as distinct layers +WORKDIR /source +COPY util/${PROJECT_NAME}/*.csproj ./util/${PROJECT_NAME}/ +COPY src/Core/*.csproj ./src/Core/ +COPY util/Migrator/*.csproj ./util/Migrator/ +COPY util/Server/*.csproj ./util/Server/ +COPY util/Server/Properties/*.csproj ./util/Server/Properties/ +COPY util/Server/Properties/launchSettings.json ./util/Server/Properties/ +COPY Directory.Build.props . + +# Restore project dependencies and tools +WORKDIR /source/util/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY util/${PROJECT_NAME}/. ./util/${PROJECT_NAME}/ +COPY src/Core/. ./src/Core/ +COPY util/Migrator/. ./util/Migrator/ +COPY util/Server/. ./util/Server/ +COPY .git/. ./.git/ +COPY .editorconfig /source + +# Build project +WORKDIR /source/util/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out WORKDIR /app -COPY obj/build-output/publish . -ENTRYPOINT ["sh", "-c", "dotnet /app/MsSqlMigratorUtility.dll \"${MSSQL_CONN_STRING}\" ${@}", "--" ] +############################################### +# App stage # +############################################### +FROM mcr.microsoft.com/dotnet/aspnet:8.0 +LABEL com.bitwarden.product="bitwarden" + +ENV PROJECT_NAME=MsSqlMigratorUtility + +# Copy app from the build stage +WORKDIR /app +COPY --from=build /source/util/${PROJECT_NAME}/out /app + +ENTRYPOINT ["sh", "-c", "/app/MsSqlMigratorUtility \"${MSSQL_CONN_STRING}\" ${@}", "--" ] diff --git a/util/Nginx/Dockerfile b/util/Nginx/Dockerfile index e868e9b81f..6b38cc2168 100644 --- a/util/Nginx/Dockerfile +++ b/util/Nginx/Dockerfile @@ -1,4 +1,6 @@ -FROM nginx:stable +FROM --platform=$BUILDPLATFORM nginx:stable + +ARG TARGETPLATFORM LABEL com.bitwarden.product="bitwarden" @@ -8,13 +10,13 @@ RUN apt-get update \ curl \ && rm -rf /var/lib/apt/lists/* -COPY nginx.conf /etc/nginx -COPY proxy.conf /etc/nginx -COPY mime.types /etc/nginx -COPY security-headers.conf /etc/nginx -COPY security-headers-ssl.conf /etc/nginx -COPY logrotate.sh / -COPY entrypoint.sh / +COPY util/Nginx/nginx.conf /etc/nginx +COPY util/Nginx/proxy.conf /etc/nginx +COPY util/Nginx/mime.types /etc/nginx +COPY util/Nginx/security-headers.conf /etc/nginx +COPY util/Nginx/security-headers-ssl.conf /etc/nginx +COPY util/Nginx/logrotate.sh / +COPY util/Nginx/entrypoint.sh / EXPOSE 8080 EXPOSE 8443 diff --git a/util/Setup/Dockerfile b/util/Setup/Dockerfile index 0d0b0d7648..5915ac1762 100644 --- a/util/Setup/Dockerfile +++ b/util/Setup/Dockerfile @@ -1,16 +1,71 @@ -FROM mcr.microsoft.com/dotnet/aspnet:8.0 +############################################### +# Build stage # +############################################### +FROM --platform=$BUILDPLATFORM mcr.microsoft.com/dotnet/sdk:8.0 AS build +ENV PROJECT_NAME=Setup +ARG GIT_COMMIT +# Docker buildx supplies the value for this arg +ARG TARGETPLATFORM + +# Determine proper runtime value for .NET +# We put the value in a file to be read by later layers. +RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ + RID=linux-x64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ + RID=linux-arm64 ; \ + elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ + RID=linux-arm ; \ + fi \ + && echo "RID=$RID" > /tmp/rid.txt + +# Copy csproj files as distinct layers +WORKDIR /source +COPY util/${PROJECT_NAME}/*.csproj ./util/${PROJECT_NAME}/ +COPY src/Core/*.csproj ./src/Core/ +COPY util/Migrator/*.csproj ./util/Migrator/ +COPY Directory.Build.props . + +# Restore project dependencies and tools +WORKDIR /source/util/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet restore -r $RID + +# Copy required project files +WORKDIR /source +COPY util/${PROJECT_NAME}/. ./util/${PROJECT_NAME}/ +COPY src/Core/. ./src/Core/ +COPY util/Migrator/. ./util/Migrator/ +COPY .editorconfig /source + +# Build project +WORKDIR /source/util/${PROJECT_NAME} +RUN . /tmp/rid.txt && dotnet publish \ + --self-contained \ + /p:PublishSingleFile=true \ + /p:SourceRevisionId="$GIT_COMMIT" \ + -r $RID \ + -o out + +WORKDIR /app + +############################################### +# App stage # +############################################### +FROM mcr.microsoft.com/dotnet/aspnet:8.0 LABEL com.bitwarden.product="bitwarden" com.bitwarden.project="setup" +ENV PROJECT_NAME=Setup + RUN apt-get update \ && apt-get install -y --no-install-recommends \ openssl \ gosu \ && rm -rf /var/lib/apt/lists/* +# Copy the build output from the build stage WORKDIR /app -COPY obj/build-output/publish . -COPY entrypoint.sh / +COPY --from=build /source/util/${PROJECT_NAME}/out . +COPY util/${PROJECT_NAME}/entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"]