From 1b18578fba1ae0e2d7d7beb63078f27e27ab4de8 Mon Sep 17 00:00:00 2001 From: Eric Jalal Date: Tue, 20 Feb 2024 13:04:46 +0200 Subject: [PATCH 1/3] Make the dockerfile multilayer for lightest running container --- Dockerfile | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index f0d1a1b..f33a99c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,20 @@ -FROM gcc:9.5.0 +FROM gcc:9.5.0 as builder ARG GIT_COMMIT=unspecified -LABEL org.mybigcompany=$GIT_COMMIT +LABEL build.org.mybigcompany=$GIT_COMMIT WORKDIR /usr/src/app COPY . . -RUN apt-get update && apt-get install -y cmake lcov +RUN apt-get update && apt-get install -y cmake RUN cmake . && make -CMD ["./main"] +FROM debian:buster-slim + +COPY --from=builder /usr/src/app/main /usr/app/main +WORKDIR /usr/app + +CMD ["./main"] From 7ee4bb796a723756c26743b45c7dcb6de4188dde Mon Sep 17 00:00:00 2001 From: Eric Jalal Date: Tue, 20 Feb 2024 13:07:18 +0200 Subject: [PATCH 2/3] Update README - Docker --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index a94b292..9eacbd5 100644 --- a/README.md +++ b/README.md @@ -65,12 +65,32 @@ To build and run the project inside a Docker container, use the provided `Docker 2. Run the Docker container: `docker run helloworld` +## Docker Key Points: +Multi-Stage Build: This Dockerfile utilizes a two-stage build process. The first stage, named builder, is based on gcc:9.5.0 and is used for compiling the application. The second stage uses a smaller base image (debian:buster-slim in this example) for running the application. + +COPY --from=builder: This command copies the compiled application from the builder stage into the second stage. Adjust the source and destination paths according to where your build system outputs the compiled binaries. + +Reducing Image Size: The final image does not include the C++ compiler, CMake, or source code, significantly reducing its size. + +### Considerations: + +Base Image for Runtime: The choice of debian:buster-slim is a balance between size and compatibility. Depending on your application's dependencies, you might opt for another image like alpine for an even smaller footprint. However, ensure that your application and its runtime dependencies are fully compatible with the chosen base image. + +Runtime Dependencies: If your application requires additional runtime libraries, you may need to install these in the second stage. Use the apt-get or equivalent package manager commands to install these dependencies, and remember to clean up the cache afterwards to keep the image size small. + ## CI/CD Pipeline This project uses GitHub Actions for continuous integration and deployment. The CI/CD pipeline automates the process of building the project, running tests, generating coverage reports, and pushing the Docker image to Docker Hub. The pipeline configuration can be found in `.github/workflows/build.yml`. +## Release process + +After the merge as it is explained below, the project is getting archived and pushed to Github Release artifacts. That includes all the source codes. +This is not correct and is subjected to a change. But it is not breaking the normal flow because it does push the SHA labeled image to HUB. +Later on we better to change it so it follows a git flow and in a separate stage push the image labled as `latest` and create the release artifactt only containing the `/usr/src/app/main` . + + ### Workflow - Make changes and push them into default branch `develop` From 9056c9419cf8dde7124fdf4e4b6320c4d57a10e0 Mon Sep 17 00:00:00 2001 From: Eric Jalal Date: Tue, 20 Feb 2024 13:23:46 +0200 Subject: [PATCH 3/3] Apply gitflow to the workflows - Only include compiled artifact in the release - Tag as latest the docker image pushed in this stage --- .../{release-notes.yml => release.yml} | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) rename .github/workflows/{release-notes.yml => release.yml} (50%) diff --git a/.github/workflows/release-notes.yml b/.github/workflows/release.yml similarity index 50% rename from .github/workflows/release-notes.yml rename to .github/workflows/release.yml index dc25704..bfd467a 100644 --- a/.github/workflows/release-notes.yml +++ b/.github/workflows/release.yml @@ -21,10 +21,33 @@ jobs: uses: mathieudutour/github-tag-action@v6.1 with: github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build release version + run: | + cmake . && make + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Build and push + uses: docker/build-push-action@v5 + with: + push: true + build-args: GIT_COMMIT=${{ github.sha }} + tags: jerilok/cpp-build-test:latest + + # This is an unofficial action and could be internilized and be recreated due to security reasons in enterprise companies. - name: Create a GitHub release uses: ncipollo/release-action@v1 with: tag: ${{ steps.tag_version.outputs.new_tag }} name: Release ${{ steps.tag_version.outputs.new_tag }} body: ${{ steps.tag_version.outputs.changelog }} + artifacts: "/usr/src/app/main"