From 07857d4bb885cb508425485ffd933536ba45b406 Mon Sep 17 00:00:00 2001 From: aeris Date: Wed, 27 Dec 2017 18:18:29 +0100 Subject: [PATCH] Dockerization --- .dockerignore | 8 ++++++++ Dockerfile | 42 ++++++++++++++++++++++++++++++++++++++++++ Makefile | 41 +++++++++++++++++++++++++++++++---------- 3 files changed, 81 insertions(+), 10 deletions(-) create mode 100644 .dockerignore create mode 100644 Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..83f6c22 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,8 @@ +Dockerfile +.git/* +build/* +tmp/* +log/* +output/* +lib/*.so +lib/*.so.* diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..75a65ab --- /dev/null +++ b/Dockerfile @@ -0,0 +1,42 @@ +FROM alpine:3.7 AS builder +MAINTAINER aeris + +RUN apk add --update make gcc \ + linux-headers readline-dev libxml2-dev yaml-dev zlib-dev libffi-dev gdbm-dev ncurses-dev \ + ca-certificates wget patch perl musl-dev bash coreutils git + +ENV LD_LIBRARY_PATH /usr/local/ssl/lib + +WORKDIR /cryptcheck/ +COPY . /cryptcheck/ + +RUN make install-openssl +RUN PATH=/usr/local/ssl/bin:$PATH \ + LIBRARY_PATH=$LD_LIBRARY_PATH \ + C_INCLUDE_PATH=/usr/local/ssl/include \ + ac_cv_func_isnan=yes ac_cv_func_isinf=yes \ + make install-ruby && \ + make mr-proper +RUN echo "gem: --no-test --no-document" > /etc/gemrc && \ + gem install bundler && \ + bundle install --deployment --without development test + +FROM alpine:3.7 AS engine +MAINTAINER aeris + +WORKDIR /cryptcheck/ +RUN apk add --update bash ca-certificates libxml2 yaml zlib libffi gdbm ncurses +ENV LD_LIBRARY_PATH /usr/local/ssl/lib/ + +COPY --from=builder /etc/gemrc /etc/gemrc +COPY --from=builder /usr/local/ssl/ /usr/local/ssl/ +COPY --from=builder /usr/local/include/ruby-2.3.0/ /usr/local/include/ruby-2.3.0/ +COPY --from=builder /usr/local/bin/bundle \ + /usr/local/bin/bundler\ + /usr/local/bin/gem \ + /usr/local/bin/rake \ + /usr/local/bin/ruby \ + /usr/local/bin/ +COPY --from=builder /usr/local/lib/libruby* /usr/local/lib/ +COPY --from=builder /usr/local/lib/ruby/ /usr/local/lib/ruby/ +COPY --from=builder /cryptcheck/ /cryptcheck/ diff --git a/Makefile b/Makefile index ffbd011..244bc11 100644 --- a/Makefile +++ b/Makefile @@ -11,11 +11,12 @@ RUBY_OPENSSL_EXT_DIR = $(RUBY_DIR)/ext/openssl RBENV_DIR = $(RBENV_ROOT)/versions/$(RUBY_VERSION)-cryptcheck RUBY_LIB_DIR = $(RBENV_DIR)/lib/ruby/$(RUBY_MAJOR_VERSION).0 RBENV_ROOT ?= ~/.rbenv -export LIBRARY_PATH = $(PWD)/lib -export C_INCLUDE_PATH = $(PWD)/$(OPENSSL_DIR)/include -export LD_LIBRARY_PATH = $(PWD)/lib +export LIBRARY_PATH ?= $(PWD)/lib +export C_INCLUDE_PATH ?= $(PWD)/$(OPENSSL_DIR)/include +export LD_LIBRARY_PATH ?= $(PWD)/lib .SECONDARY: +.SUFFIXES: all: libs ext @@ -56,6 +57,9 @@ $(OPENSSL_DIR)/libssl.so \ $(OPENSSL_DIR)/libcrypto.so: $(OPENSSL_DIR)/Makefile $(MAKE) -C $(OPENSSL_DIR) +install-openssl: $(OPENSSL_DIR)/Makefile + $(MAKE) -C $(OPENSSL_DIR) install + LIBS = lib/libssl.so lib/libcrypto.so lib/libssl.so.$(OPENSSL_LIB_VERSION) lib/libcrypto.so.$(OPENSSL_LIB_VERSION) lib/%.so: $(OPENSSL_DIR)/%.so cp $< $@ @@ -63,21 +67,35 @@ lib/%.so.$(OPENSSL_LIB_VERSION): lib/%.so ln -fs $(notdir $(subst .$(OPENSSL_LIB_VERSION),,$@)) $@ libs: $(LIBS) +$(RBENV_ROOT)/: + git clone https://github.com/rbenv/rbenv/ $@ -b v1.1.1 --depth 1 + +$(RBENV_ROOT)/plugins/ruby-build/: | $(RBENV_ROOT)/ + git clone https://github.com/rbenv/ruby-build/ $@ -b v20171215 --depth 1 + +$(RBENV_ROOT)/plugins/ruby-build/share/ruby-build/$(RUBY_VERSION): | $(RBENV_ROOT)/plugins/ruby-build/ + build/$(RUBY_VERSION)-cryptcheck: $(RBENV_ROOT)/plugins/ruby-build/share/ruby-build/$(RUBY_VERSION) cp $< $@ -install-ruby: build/$(RUBY_VERSION)-cryptcheck $(LIBS) | $(OPENSSL_DIR)/ + +install-rbenv: build/$(RUBY_VERSION)-cryptcheck + +install-rbenv-cryptcheck: build/$(RUBY_VERSION)-cryptcheck $(LIBS) | $(OPENSSL_DIR)/ cat tmp_key.patch set_ecdh_curves.patch fallback_scsv.patch multiple_certs.patch | \ RUBY_BUILD_CACHE_PATH=$(PWD)/build \ RUBY_BUILD_DEFINITIONS=$(PWD)/build \ rbenv install -fp $(RUBY_VERSION)-cryptcheck - rbenv sequester $(RUBY_VERSION)-cryptcheck + # rbenv sequester $(RUBY_VERSION)-cryptcheck rbenv local $(RUBY_VERSION)-cryptcheck gem install bundler - bundle + bundle install --without test development + $(RUBY_LIB_DIR)/openssl/ssl.rb: $(RUBY_OPENSSL_EXT_DIR)/lib/openssl/ssl.rb cp $< $@ + $(RUBY_LIB_DIR)/x86_64-linux/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so cp $< $@ + sync-ruby: $(RUBY_LIB_DIR)/openssl/ssl.rb $(RUBY_LIB_DIR)/x86_64-linux/openssl.so build/$(RUBY_NAME).tar.xz: | build/ @@ -85,12 +103,12 @@ build/$(RUBY_NAME).tar.xz: | build/ $(RUBY_DIR)/: build/$(RUBY_NAME).tar.xz tar -C build -xf $< + patch -d $@ -p1 < tmp_key.patch + patch -d $@ -p1 < set_ecdh_curves.patch + patch -d $@ -p1 < fallback_scsv.patch + patch -d $@ -p1 < multiple_certs.patch $(RUBY_OPENSSL_EXT_DIR)/Makefile: libs | $(RUBY_DIR)/ - patch -d $(RUBY_DIR)/ -p1 < tmp_key.patch - patch -d $(RUBY_DIR)/ -p1 < set_ecdh_curves.patch - patch -d $(RUBY_DIR)/ -p1 < fallback_scsv.patch - patch -d $(RUBY_DIR)/ -p1 < multiple_certs.patch cd $(RUBY_OPENSSL_EXT_DIR) && ruby extconf.rb $(RUBY_OPENSSL_EXT_DIR)/openssl.so: $(LIBS) $(RUBY_OPENSSL_EXT_DIR)/Makefile @@ -101,6 +119,9 @@ lib/openssl.so: $(RUBY_OPENSSL_EXT_DIR)/openssl.so ext: lib/openssl.so +install-ruby: $(RUBY_DIR)/ + cd $(RUBY_DIR)/ && ./configure --enable-shared --disable-install-rdoc && make install + spec/faketime/libfaketime.so: spec/faketime/faketime.c spec/faketime/faketime.h $(CC) $^ -o $@ -shared -fPIC -ldl -std=c99 -Werror -Wall lib/libfaketime.so: spec/faketime/libfaketime.so