Initial Dockerfile, Alpine-based (#1)

* Initial Dockerfile, Alpine-based curl 7.84.0-DEV (x86_64-pc-linux-musl) libcurl/7.84.0-DEV BoringSSL quiche/0.14.0 Release-Date: [unreleased] Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS HSTS HTTP3 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB SSL threadsafe UnixSockets * Add Docker Image CI * Simplify the Dockerfile * ghcr.io: publish on pushes to master and releases * Dockerfile improved + examples in README * Make our resulting image way smaller: from 2.85GB to 44.9MB * CI: is http/3 supported? * Update README.md
macbre · Aug 10, 2022 · 17e14a1 · 17e14a1
1 parent 617bafc
commit 17e14a1
Show file tree

Hide file tree

Showing 5 changed files with 155 additions and 1 deletion.
diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
@@ -0,0 +1,35 @@
+name: Docker Image CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+
+jobs:
+
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    # https://github.com/marketplace/actions/build-and-push-docker-images
+    - name: Build the Docker image
+      uses: docker/build-push-action@v3
+      with:
+        context: .
+        tags: macbre/curl-http3
+        cache-from: |
+          ghcr.io/macbre/curl-http3:latest
+
+    - name: Inspect images
+      run: |
+        docker images | head -n3
+
+    - name: curl --version
+      run: |
+        docker run -t macbre/curl-http3 curl --version
+
+    - name: Is http/3 supported?
+      run: |
+        docker run --rm macbre/curl-http3 curl -sIL https://blog.cloudflare.com --http3 -H 'user-agent: mozilla' | grep 'HTTP/3'
diff --git a/.github/workflows/push-to-ghcr.yml b/.github/workflows/push-to-ghcr.yml
@@ -0,0 +1,25 @@
+name: Build and publish a Docker image to ghcr.io
+on:
+
+  # publish on releases (tagged as "x.y.z" - "v" prefix is removed)
+  release:
+    types: [ published ]
+
+  # publish on pushes to the main branch (tagged as "master")
+  push:
+    branches:
+      - master
+
+jobs:
+  docker_publish:
+    runs-on: "ubuntu-20.04"
+
+    steps:
+      - uses: actions/checkout@v3
+
+      # https://github.com/marketplace/actions/push-to-ghcr
+      - name: Build and publish a Docker image for macbre/curl-http3
+        uses: macbre/push-to-ghcr@v8
+        with:
+          image_name: macbre/curl-http3
+          github_token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+*.swp
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,74 @@
+# https://github.com/curl/curl/releases 
+ARG CURL_VERSION=curl-7_84_0
+# https://github.com/cloudflare/quiche/releases
+ARG QUICHE_VERSION=0.14.0
+
+FROM alpine:3.14 AS base
+
+ARG CURL_VERSION
+ARG QUICHE_VERSION
+
+LABEL maintainer="macbre <maciej.brencz@gmail.com>"
+WORKDIR /opt
+
+# install dependency
+RUN apk add --no-cache \
+  autoconf \
+  automake \
+  build-base \
+  cmake \
+  git \
+  libtool \
+  pkgconfig \
+  wget
+
+# set up our home directory
+RUN mkdir -p /root
+ENV HOME /root
+
+# set up Rust
+RUN wget https://sh.rustup.rs -O - | sh -s -- -y
+
+ENV PATH "${PATH}:$HOME/.cargo/bin"
+RUN cargo --version; rustc --version
+
+# @see https://curl.se/docs/http3.html#quiche-version
+RUN \
+  echo "Building quiche ${QUICHE_VERSION} ..." && \
+  git clone -b ${QUICHE_VERSION} --depth 1 --single-branch https://github.com/cloudflare/quiche.git && \
+  cd quiche && \
+  git submodule init && \
+  git submodule update && \
+  cargo build --package quiche --release --features ffi,pkg-config-meta,qlog
+
+RUN \
+  mkdir /opt/quiche/quiche/deps/boringssl/src/lib/ && \
+  ln -vnf $(find ./quiche/target/release/build/ -name libcrypto.a -o -name libssl.a) /opt/quiche/quiche/deps/boringssl/src/lib/
+
+RUN \
+  cd /opt && \
+  echo "Building ${CURL_VERSION} ..." && \
+  git clone -b ${CURL_VERSION} --depth 1 --single-branch https://github.com/curl/curl && \
+  cd curl && \
+  autoreconf -fi && \
+  ./configure LDFLAGS="-Wl,-rpath,/opt/quiche/target/release" --with-openssl=/opt/quiche/quiche/deps/boringssl/src --with-quiche=/opt/quiche/target/release && \
+  make && \
+  make install
+
+# make our resulting image way smaller
+# from 2.85GB to 44.9MB
+FROM alpine:3.14
+
+ARG CURL_VERSION
+ARG QUICHE_VERSION
+
+ENV CURL_VERSION   $CURL_VERSION
+ENV QUICHE_VERSION $QUICHE_VERSION
+
+COPY --from=base /usr/local/bin/curl /usr/local/bin/curl
+COPY --from=base /usr/local/lib/libcurl.so.4 /usr/local/lib/libcurl.so.4
+COPY --from=base /usr/lib/libgcc_s.so.1 /usr/lib/libgcc_s.so.1
+
+# we do not need root anymore
+USER nobody
+RUN env | sort; which curl; curl --version
diff --git a/README.md b/README.md
@@ -1,2 +1,21 @@
 # curl-http3
-A custom curl build with BoringSSL and http3 support via quiche
+A custom `curl` build with `BoringSSL` and http3 support via `quiche`.
+
+```
+curl 7.84.0-DEV (x86_64-pc-linux-musl) libcurl/7.84.0-DEV BoringSSL quiche/0.14.0
+Release-Date: [unreleased]
+Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
+Features: alt-svc AsynchDNS HSTS HTTP3 HTTPS-proxy IPv6 Largefile NTLM NTLM_WB SSL threadsafe UnixSockets
+```
+
+## Usage
+
+```
+$ docker run --rm ghcr.io/macbre/curl-http3 curl --version
+```
+
+```
+$ docker run --rm ghcr.io/macbre/curl-http3 curl -sIL https://blog.cloudflare.com --http3 -H 'user-agent: mozilla'
+HTTP/3 200
+(...)
+```