Skip to content

Commit

Permalink
nix,docker: switch to a mkctr-based approach
Browse files Browse the repository at this point in the history
  • Loading branch information
@Erisa
Erisa committed Sep 6, 2024
1 parent 0826c89 commit 5cce375
Show file tree
Hide file tree
Showing 7 changed files with 273 additions and 132 deletions.
12 changes: 3 additions & 9 deletions .github/workflows/nix.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,9 @@ jobs:
- name: "Basic CLI and web build"
run: |
nix build .#tclip .#tclipd
- name: "Docker image build"
- name: "Docker image build (dry run)"
run: |
nix build .#docker_amd64
docker load < ./result
nix build .#docker_arm64
docker load < ./result
go run github.com/tailscale/mkctr --gopaths="./cmd/tclipd:/bin/tclipd" --tags="latest" --base="gcr.io/distroless/static" --repos=ghcr.io/tailscale-dev/tclip --ldflags="-w -s" -- /bin/tclipd
- name: "docker login"
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
if: "github.event_name == 'push' && github.ref_name == 'main'"
Expand All @@ -34,10 +31,7 @@ jobs:
- name: "Docker image push"
if: "github.event_name == 'push' && github.ref_name == 'main'"
run: |
docker push ghcr.io/tailscale-dev/tclip:arm64
docker push ghcr.io/tailscale-dev/tclip:amd64
docker manifest create ghcr.io/tailscale-dev/tclip:latest ghcr.io/tailscale-dev/tclip:arm64 ghcr.io/tailscale-dev/tclip:amd64
docker manifest push ghcr.io/tailscale-dev/tclip:latest
go run github.com/tailscale/mkctr --gopaths="./cmd/tclipd:/bin/tclipd" --tags="latest" --base="gcr.io/distroless/static" --repos=ghcr.io/tailscale-dev/tclip --push --ldflags="-w -s" -- /bin/tclipd
- name: "Portable service build"
run: |
nix build .#portable-service
Expand Down
2 changes: 1 addition & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.#*
result
.direnv
node_modules
node_modules
24 changes: 0 additions & 24 deletions flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

171 changes: 76 additions & 95 deletions flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,110 +13,91 @@
};

outputs = { self, nixpkgs, utils, gomod2nix }:
utils.lib.eachDefaultSystem
(system:
let
graft = pkgs: pkg: pkg.override {
buildGoModule = pkgs.buildGo122Module;
utils.lib.eachSystem [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
] (system:
let
graft = pkgs: pkg: pkg.override {
buildGoModule = pkgs.buildGo122Module;
};
pkgs = import nixpkgs {
inherit system;
overlays = [ gomod2nix.overlays.default (final: prev: {
go = prev.go;
go-tools = graft prev prev.go-tools;
gotools = graft prev prev.gotools;
gopls = graft prev prev.gopls;
}) ];
};
version = builtins.substring 0 8 self.lastModifiedDate;
in {
packages = rec {
tclipd = pkgs.buildGoApplication {
pname = "tclipd";
version = "0.1.0-${version}";
go = pkgs.go;
src = ./.;
subPackages = "cmd/tclipd";
modules = ./gomod2nix.toml;
};
pkgs = import nixpkgs {
inherit system;
overlays = [
gomod2nix.overlays.default
(final: prev: {
go = prev.go;
go-tools = graft prev prev.go-tools;
gotools = graft prev prev.gotools;
gopls = graft prev prev.gopls;
})
];
};
version = builtins.substring 0 8 self.lastModifiedDate;
in
{
packages = rec {
tclipd = pkgs.buildGoApplication {
pname = "tclipd";
version = "0.1.0-${version}";
go = pkgs.go;
src = ./.;
subPackages = "cmd/tclipd";
modules = ./gomod2nix.toml;
};

tclipd_arm64 = tclipd.overrideAttrs ({ GOOS = "linux"; GOARCH = "arm64"; CGO_ENABLED = 0; });
tclipd_amd64 = tclipd.overrideAttrs ({ GOOS = "linux"; GOARCH = "amd64"; CGO_ENABLED = 0; });

tclip = pkgs.buildGoApplication {
pname = "tclip";
inherit (tclipd) src version modules;
subPackages = "cmd/tclip";
go = pkgs.go;
CGO_ENABLED = "0";
};
tclip = pkgs.buildGoApplication {
pname = "tclip";
inherit (tclipd) src version modules;
subPackages = "cmd/tclip";
go = pkgs.go;

# Builds natively for your current OS/arch
docker = pkgs.dockerTools.buildLayeredImage {
name = "ghcr.io/tailscale-dev/tclip";
tag = "latest";
config.Cmd = [ "${tclipd}/bin/tclipd" ];
contents = [ pkgs.cacert ];
};
CGO_ENABLED = "0";
};

# Always builds for amd64, used when building multi-arch :latest manifest
docker_amd64 = docker.override {
config.Cmd = [ "${tclipd_amd64}/bin/tclipd" ];
tag = "amd64";
architecture = "amd64";
};
docker = pkgs.dockerTools.buildLayeredImage {
name = "ghcr.io/tailscale-dev/tclip";
tag = "latest";
config.Cmd = [ "${tclipd}/bin/tclipd" ];
contents = [ pkgs.cacert ];
};

# Always builds for arm64, used when building multi-arch :latest manifest
docker_arm64 = docker.override {
config.Cmd = [ "${tclipd_arm64}/bin/linux_arm64/tclipd" ];
tag = "arm64";
architecture = "arm64";
portable-service = let
web-service = pkgs.substituteAll {
name = "tclip.service";
src = ./run/portable-service/tclip.service.in;
inherit tclipd;
};

portable-service =
let
web-service = pkgs.substituteAll {
name = "tclip.service";
src = ./run/portable-service/tclip.service.in;
inherit tclipd;
};
in
pkgs.portableService {
inherit (tclipd) version;
pname = "tclip";
description = "The tclip service";
homepage = "https://github.com/tailscale-dev/tclip";
units = [ web-service ];
symlinks = [{
object = "${pkgs.cacert}/etc/ssl";
symlink = "/etc/ssl";
}];
};

default = docker;
in pkgs.portableService {
inherit (tclipd) version;
pname = "tclip";
description = "The tclip service";
homepage = "https://github.com/tailscale-dev/tclip";
units = [ web-service ];
symlinks = [{
object = "${pkgs.cacert}/etc/ssl";
symlink = "/etc/ssl";
}];
};

apps.default =
utils.lib.mkApp { drv = self.packages.${system}.default; };
default = docker;
};

devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
go
gopls
gotools
go-tools
gomod2nix.packages.${system}.default
sqlite-interactive
apps.default =
utils.lib.mkApp { drv = self.packages.${system}.default; };

yarn
nodejs
];
devShells.default = pkgs.mkShell {
buildInputs = with pkgs; [
go
gopls
gotools
go-tools
gomod2nix.packages.${system}.default
sqlite-interactive

TSNET_HOSTNAME = "paste-devel";
};
}) // { };
yarn
nodejs
];

TSNET_HOSTNAME = "paste-devel";
};
}) // {};
}
28 changes: 27 additions & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ require (

require (
filippo.io/edwards25519 v1.1.0 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/akutz/memconn v0.1.0 // indirect
github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa // indirect
github.com/aws/aws-sdk-go-v2 v1.24.1 // indirect
Expand All @@ -35,19 +36,32 @@ require (
github.com/aymerick/douceur v0.2.0 // indirect
github.com/bits-and-blooms/bitset v1.13.0 // indirect
github.com/coder/websocket v1.8.12 // indirect
github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 // indirect
github.com/dblohm7/wingoes v0.0.0-20240119213807-a09d6be7affa // indirect
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/cli v27.1.1+incompatible // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect
github.com/docker/docker v27.1.1+incompatible // indirect
github.com/docker/docker-credential-helpers v0.8.2 // indirect
github.com/docker/go-connections v0.5.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fxamacker/cbor/v2 v2.6.0 // indirect
github.com/gaissmai/bart v0.11.1 // indirect
github.com/go-enry/go-oniguruma v1.2.1 // indirect
github.com/go-json-experiment/json v0.0.0-20231102232822-2e55bd4e08b0 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/btree v1.1.2 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/go-containerregistry v0.20.1 // indirect
github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806 // indirect
github.com/gorilla/csrf v1.7.2 // indirect
github.com/gorilla/css v1.0.1 // indirect
Expand All @@ -59,34 +73,46 @@ require (
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86 // indirect
github.com/jsimonetti/rtnetlink v1.4.0 // indirect
github.com/klauspost/compress v1.17.4 // indirect
github.com/klauspost/compress v1.17.9 // indirect
github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a // indirect
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mdlayher/genetlink v1.3.2 // indirect
github.com/mdlayher/netlink v1.7.2 // indirect
github.com/mdlayher/sdnotify v1.0.0 // indirect
github.com/mdlayher/socket v0.5.0 // indirect
github.com/miekg/dns v1.1.58 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-ps v1.0.0 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/ncruces/go-strftime v0.1.9 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/pierrec/lz4/v4 v4.1.21 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus-community/pro-bing v0.4.0 // indirect
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
github.com/safchain/ethtool v0.3.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e // indirect
github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55 // indirect
github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4 // indirect
github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05 // indirect
github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a // indirect
github.com/tailscale/mkctr v0.0.0-20240730144311-42e5cb39d30b // indirect
github.com/tailscale/netlink v1.1.1-0.20211101221916-cabfb018fe85 // indirect
github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4 // indirect
github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1 // indirect
github.com/tailscale/wireguard-go v0.0.0-20240731203015-71393c576b98 // indirect
github.com/tcnksm/go-httpstat v0.2.0 // indirect
github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
github.com/vishvananda/netlink v1.2.1-beta.2 // indirect
github.com/vishvananda/netns v0.0.4 // indirect
github.com/x448/float16 v0.8.4 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
go.opentelemetry.io/otel v1.28.0 // indirect
go.opentelemetry.io/otel/metric v1.28.0 // indirect
go.opentelemetry.io/otel/trace v1.28.0 // indirect
go4.org/mem v0.0.0-20220726221520-4f986261bf13 // indirect
go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect
golang.org/x/crypto v0.25.0 // indirect
Expand Down
Loading

0 comments on commit 5cce375

Please sign in to comment.