kapitan/IXWebSocket
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

(docker) trim down docker image (300M -> 12M) / binary built without symbol and size optimization, and source code not copied over

Browse Source
This commit is contained in:
Benjamin Sergeant 2020-03-29 13:05:31 -07:00
parent 22b02e0e5c
commit 40c619c1ec
5 changed files with 46 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
docker/Dockerfile.alpine
View File

@ -1,12 +1,13 @@
FROM alpine:3.11 as build FROM alpine:3.11 as build
RUN apk add --no-cache gcc g++ musl-dev linux-headers cmake mbedtls-dev RUN apk add --no-cache \
RUN apk add --no-cache make gcc g++ musl-dev linux-headers \
RUN apk add --no-cache zlib-dev cmake mbedtls-dev make zlib-dev
RUN addgroup -S app && adduser -S -G app app RUN addgroup -S app && \
RUN chown -R app:app /opt adduser -S -G app app && \
RUN chown -R app:app /usr/local chown -R app:app /opt && \
chown -R app:app /usr/local
# There is a bug in CMake where we cannot build from the root top folder # There is a bug in CMake where we cannot build from the root top folder
# So we build from /opt # So we build from /opt
@ -14,21 +15,21 @@ COPY --chown=app:app . /opt
WORKDIR /opt WORKDIR /opt
USER app USER app
RUN [ "make", "ws_mbedtls_install" ] RUN make ws_mbedtls_install && \
RUN [ "rm", "-rf", "build" ] sh tools/trim_repo_for_docker.sh
FROM alpine:3.11 as runtime FROM alpine:3.11 as runtime
RUN apk add --no-cache libstdc++ mbedtls RUN apk add --no-cache libstdc++ mbedtls ca-certificates && \
RUN apk add --no-cache ca-certificates addgroup -S app && \
adduser -S -G app app
RUN addgroup -S app && adduser -S -G app app
COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws COPY --chown=app:app --from=build /usr/local/bin/ws /usr/local/bin/ws
RUN chmod +x /usr/local/bin/ws
RUN ldd /usr/local/bin/ws
# Copy source code for gcc # COPY --chown=app:app --from=build /opt /opt
COPY --chown=app:app --from=build /opt /opt
RUN chmod +x /usr/local/bin/ws && \
ldd /usr/local/bin/ws
# Now run in usermode # Now run in usermode
USER app USER app

4
docs/CHANGELOG.md
View File

@ -1,6 +1,10 @@
# Changelog # Changelog
All changes to this project will be documented in this file. All changes to this project will be documented in this file.
## [9.1.5] - 2020-03-29
(docker) trim down docker image (300M -> 12M) / binary built without symbol and size optimization, and source code not copied over
## [9.1.4] - 2020-03-28 ## [9.1.4] - 2020-03-28
(jsoncpp) update bundled copy to version 1.9.3 (at sha 3beb37ea14aec1bdce1a6d542dc464d00f4a6cec) (jsoncpp) update bundled copy to version 1.9.3 (at sha 3beb37ea14aec1bdce1a6d542dc464d00f4a6cec)

2
ixwebsocket/IXWebSocketVersion.h
View File

@ -6,4 +6,4 @@
#pragma once #pragma once
#define IX_WEBSOCKET_VERSION "9.1.4" #define IX_WEBSOCKET_VERSION "9.1.5"

24
makefile
View File

@ -1,5 +1,13 @@
# #
# This makefile is just used to easily work with docker (linux build) # This makefile is used for convenience, and wrap simple cmake commands
# You don't need to use it as an end user, it is more for developer.
#
# * work with docker (linux build)
# * execute the unittest
#
# The default target will install ws, the command line tool coming with
# IXWebSocket into /usr/local/bin
#
# #
all: brew all: brew
@ -8,14 +16,23 @@ install: brew
# Use -DCMAKE_INSTALL_PREFIX= to install into another location # Use -DCMAKE_INSTALL_PREFIX= to install into another location
# on osx it is good practice to make /usr/local user writable # on osx it is good practice to make /usr/local user writable
# sudo chown -R `whoami`/staff /usr/local # sudo chown -R `whoami`/staff /usr/local
#
# Release, Debug, MinSizeRel, RelWithDebInfo are the build types
#
brew: brew:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. ; make -j 4 install) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_TEST=1 .. ; make -j 4 install)
# Docker default target. We've add problem with OpenSSL and TLS 1.3 (on the
# server side ?) and I can't work-around it easily, so we're using mbedtls on
# Linux for the SSL backend, which works great.
ws_mbedtls_install:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=MinSizeRel -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j 4 install)
ws: ws:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4)
ws_install: ws_install:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4 install) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=MinSizeRel -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j 4 install)
ws_openssl: ws_openssl:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_OPEN_SSL=1 .. ; make -j 4) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_OPEN_SSL=1 .. ; make -j 4)
@ -23,9 +40,6 @@ ws_openssl:
ws_mbedtls: ws_mbedtls:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j 4) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j 4)
ws_mbedtls_install:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j 4 install)
ws_no_ssl: ws_no_ssl:
mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_WS=1 .. ; make -j 4) mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_WS=1 .. ; make -j 4)

6
tools/trim_repo_for_docker.sh Normal file
View File

@ -0,0 +1,6 @@
#!/bin/sh
# Used to clean up some non essential folders to make the ws container
rm -rf build
rm -rf third_party/zlib
rm -rf third_party/mbedtls