From b0e358acfdaa12116f0a7d0e84162d97e6b209c4 Mon Sep 17 00:00:00 2001 From: AlseinX Date: Thu, 12 Oct 2023 18:50:49 +0800 Subject: [PATCH 1/2] chore: inheriting proxy env vars from host when building with docker --- docker/Dockerfile | 13 +++++++++++-- scripts/build-docker.sh | 3 +++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 5b9eb6f605..23a4427eb3 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,5 +1,6 @@ # global args that are used across multiple stages ARG PROFILE +ARG HTTP_PROXY # ========================== # stage 1: build @@ -7,6 +8,10 @@ ARG PROFILE # our host is based on bullseye/sid (ubuntu 20) # ========================== FROM rust:bullseye as builder +ENV HTTP_PROXY=$HTTP_PROXY +ENV HTTPS_PROXY=$HTTP_PROXY +ENV http_proxy=$HTTP_PROXY +ENV https_proxy=$HTTP_PROXY WORKDIR /litentry COPY . /litentry @@ -22,6 +27,10 @@ RUN cargo build --locked --profile $PROFILE $BUILD_ARGS # stage 2: packaging # ========================== FROM ubuntu:20.04 +ENV HTTP_PROXY=$HTTP_PROXY +ENV HTTPS_PROXY=$HTTP_PROXY +ENV http_proxy=$HTTP_PROXY +ENV https_proxy=$HTTP_PROXY LABEL maintainer="Trust Computing GmbH " ARG PROFILE @@ -35,9 +44,9 @@ RUN useradd -m -u 1000 -U -s /bin/sh -d /litentry litentry && \ mkdir -p /data /litentry/.local/share && \ chown -R litentry:litentry /data && \ ln -s /data /litentry/.local/share/litentry-collator && \ -# unclutter and minimize the attack surface + # unclutter and minimize the attack surface rm -rf /usr/bin /usr/sbin && \ -# check if executable works in this container + # check if executable works in this container /usr/local/bin/litentry-collator --version USER litentry diff --git a/scripts/build-docker.sh b/scripts/build-docker.sh index 89b393cf28..9a88400c8a 100755 --- a/scripts/build-docker.sh +++ b/scripts/build-docker.sh @@ -51,6 +51,9 @@ echo "Building ${GITUSER}/${GITREPO}:${TAG} docker image ..." docker build ${NOCACHE_FLAG} --pull -f ./docker/Dockerfile \ --build-arg PROFILE="$PROFILE" \ --build-arg BUILD_ARGS="$ARGS" \ + --build-arg HTTP_PROXY="${HTTP_PROXY//localhost/host.docker.internal}" \ + --add-host=host.docker.internal:host-gateway \ + --network host \ -t ${GITUSER}/${GITREPO}:${TAG} . # Tag it with latest if no tag parameter was provided From 4c07e90b44fd1431f95a72245120217eef57071a Mon Sep 17 00:00:00 2001 From: AlseinX Date: Fri, 13 Oct 2023 16:34:50 +0800 Subject: [PATCH 2/2] chore: simplify thexy env va passing --- docker/Dockerfile | 9 --------- scripts/build-docker.sh | 6 +++++- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 23a4427eb3..2de618dc8a 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,6 +1,5 @@ # global args that are used across multiple stages ARG PROFILE -ARG HTTP_PROXY # ========================== # stage 1: build @@ -8,10 +7,6 @@ ARG HTTP_PROXY # our host is based on bullseye/sid (ubuntu 20) # ========================== FROM rust:bullseye as builder -ENV HTTP_PROXY=$HTTP_PROXY -ENV HTTPS_PROXY=$HTTP_PROXY -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTP_PROXY WORKDIR /litentry COPY . /litentry @@ -27,10 +22,6 @@ RUN cargo build --locked --profile $PROFILE $BUILD_ARGS # stage 2: packaging # ========================== FROM ubuntu:20.04 -ENV HTTP_PROXY=$HTTP_PROXY -ENV HTTPS_PROXY=$HTTP_PROXY -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTP_PROXY LABEL maintainer="Trust Computing GmbH " ARG PROFILE diff --git a/scripts/build-docker.sh b/scripts/build-docker.sh index 9a88400c8a..ace3ce077a 100755 --- a/scripts/build-docker.sh +++ b/scripts/build-docker.sh @@ -44,6 +44,7 @@ echo "ARGS: $ARGS" GITUSER=litentry GITREPO=litentry-parachain +PROXY="${HTTP_PROXY//localhost/host.docker.internal}" # Build the image echo "------------------------------------------------------------" @@ -51,7 +52,10 @@ echo "Building ${GITUSER}/${GITREPO}:${TAG} docker image ..." docker build ${NOCACHE_FLAG} --pull -f ./docker/Dockerfile \ --build-arg PROFILE="$PROFILE" \ --build-arg BUILD_ARGS="$ARGS" \ - --build-arg HTTP_PROXY="${HTTP_PROXY//localhost/host.docker.internal}" \ + --build-arg HTTP_PROXY="$PROXY" \ + --build-arg HTTPS_PROXY="$PROXY" \ + --build-arg http_proxy="$PROXY" \ + --build-arg https_proxy="$PROXY" \ --add-host=host.docker.internal:host-gateway \ --network host \ -t ${GITUSER}/${GITREPO}:${TAG} .