From 22dabbeeb5302dbdfd62f3d96a27103792052ca2 Mon Sep 17 00:00:00 2001 From: "Sam Mikes (He/him/his)" Date: Mon, 14 Apr 2025 08:50:08 -0600 Subject: [PATCH] docker: refactor and update docker image build Fixes tailscale/tailscale#15674 update docker image datestamp make docker-shell target use the build image with an explicit /bin/bash command retain the docker-remove-shell-image target in case something depends on it, but clarify that it is now a no-op hoist all ENV declarations hoist all mkdir commands combine mkdir commands use env vars in mkdir combine apt-get commands into single RUN make argument order consistent in apt-get commands collect packages into fewer apt-get commands add clean up of temporary files after apt-get expand apt-get commands to one package per line sort packages in apt-get commands combine go installation commands into single RUN update golang version to 1.24.1 also copy build.gradle file ensure gradlew is executable before running remove trailing newline per review comment, extract multiline apt-get command into shell script, copy and run that shell script within image during docker build Signed-off-by: Sam Mikes (He/him/his) --- Makefile | 9 +++---- docker/DockerFile.amd64-build | 38 +++++++++++++------------- docker/DockerFile.amd64-shell | 47 --------------------------------- scripts/docker-build-apt-get.sh | 39 +++++++++++++++++++++++++++ 4 files changed, 62 insertions(+), 71 deletions(-) delete mode 100644 docker/DockerFile.amd64-shell create mode 100755 scripts/docker-build-apt-get.sh diff --git a/Makefile b/Makefile index 2db7821..342e0bc 100644 --- a/Makefile +++ b/Makefile @@ -10,7 +10,7 @@ # with this name, it will be used. # # The convention here is tailscale-android-build-amd64- -DOCKER_IMAGE := tailscale-android-build-amd64-031325-1 +DOCKER_IMAGE := tailscale-android-build-amd64-041425-1 export TS_USE_TOOLCHAIN=1 # Auto-select an NDK from ANDROID_HOME (choose highest version available) @@ -355,13 +355,12 @@ docker-remove-build-image: ## Removes the current docker build image docker-all: docker-build-image docker-run-build $(DOCKER_IMAGE) .PHONY: docker-shell -docker-shell: ## Builds a docker image with the android build env and opens a shell - docker build -f docker/DockerFile.amd64-shell -t tailscale-android-shell-amd64 . - docker run --rm -v $(CURDIR):/build/tailscale-android -it tailscale-android-shell-amd64 +docker-shell: docker-build-image ## Builds a docker image with the android build env and opens a shell + docker run --rm -v $(CURDIR):/build/tailscale-android -it $(DOCKER_IMAGE) /bin/bash .PHONY: docker-remove-shell-image docker-remove-shell-image: ## Removes all docker shell image - docker rmi --force tailscale-android-shell-amd64 + @echo "docker-remove-shell-image retained for backward compatibility, but is a no-op; docker-shell now uses build image" .PHONY: clean clean: ## Remove build artifacts. Does not purge docker build envs. Use dockerRemoveEnv for that. diff --git a/docker/DockerFile.amd64-build b/docker/DockerFile.amd64-build index b911779..2b79c70 100644 --- a/docker/DockerFile.amd64-build +++ b/docker/DockerFile.amd64-build @@ -3,31 +3,30 @@ FROM --platform=linux/amd64 eclipse-temurin:21 -# To enable running android tools such as aapt -RUN apt-get update && apt-get -y upgrade -RUN apt-get install -y libz1 libstdc++6 unzip zip -# For Go: -RUN apt-get -y --no-install-recommends install curl gcc -RUN apt-get -y --no-install-recommends install ca-certificates libc6-dev git - -RUN apt-get -y install make - -RUN mkdir -p build ENV HOME /build - -# Make android sdk location, the later make step will populate it. -RUN mkdir android-sdk ENV ANDROID_HOME $HOME/android-sdk ENV ANDROID_SDK_ROOT $ANDROID_HOME ENV PATH $PATH:$HOME/bin:$ANDROID_HOME/platform-tools +RUN mkdir -p \ + ${HOME} \ + /android-sdk \ + ${ANDROID_HOME} \ + $HOME/tailscale-android + +# To enable running android tools such as aapt +COPY scripts/docker-build-apt-get.sh /tmp +RUN chmod 755 /tmp/docker-build-apt-get.sh && \ + /tmp/docker-build-apt-get.sh && \ + rm -f /tmp/docker-build-apt-get.sh + # We need some version of Go new enough to support the "embed" package # to run "go run tailscale.com/cmd/printdep" to figure out which Tailscale Go # version we need later, but otherwise this toolchain isn't used: -RUN curl -L https://go.dev/dl/go1.23.0.linux-amd64.tar.gz | tar -C /usr/local -zxv -RUN ln -s /usr/local/go/bin/go /usr/bin +RUN \ + curl -L https://go.dev/dl/go1.24.1.linux-amd64.tar.gz | tar -C /usr/local -zxv && \ + ln -s /usr/local/go/bin/go /usr/bin -RUN mkdir -p $HOME/tailscale-android RUN git config --global --add safe.directory $HOME/tailscale-android WORKDIR $HOME/tailscale-android @@ -37,10 +36,11 @@ COPY Makefile Makefile RUN make androidsdk # Preload Gradle -COPY android/gradlew android/gradlew +COPY android/gradlew android/build.gradle android COPY android/gradle android/gradle -RUN ./android/gradlew + +RUN chmod 755 android/gradlew && \ + ./android/gradlew # Build the android app, bump the playstore version code, and make the tv release CMD make clean && make release && make bump_version_code && make release-tv - diff --git a/docker/DockerFile.amd64-shell b/docker/DockerFile.amd64-shell deleted file mode 100644 index cdacec7..0000000 --- a/docker/DockerFile.amd64-shell +++ /dev/null @@ -1,47 +0,0 @@ -# This is a Dockerfile for creating a build environment for -# tailscale-android. - -FROM --platform=linux/amd64 eclipse-temurin:21 - -# To enable running android tools such as aapt -RUN apt-get update && apt-get -y upgrade -RUN apt-get install -y libz1 libstdc++6 unzip zip -# For Go: -RUN apt-get -y --no-install-recommends install curl gcc -RUN apt-get -y --no-install-recommends install ca-certificates libc6-dev git - -RUN apt-get -y install make - -RUN mkdir -p build -ENV HOME /build - -# Make android sdk location, the later make step will populate it. -RUN mkdir android-sdk -ENV ANDROID_HOME $HOME/android-sdk -ENV ANDROID_SDK_ROOT $ANDROID_HOME -ENV PATH $PATH:$HOME/bin:$ANDROID_HOME/platform-tools - -# We need some version of Go new enough to support the "embed" package -# to run "go run tailscale.com/cmd/printdep" to figure out which Tailscale Go -# version we need later, but otherwise this toolchain isn't used: -RUN curl -L https://go.dev/dl/go1.23.0.linux-amd64.tar.gz | tar -C /usr/local -zxv -RUN ln -s /usr/local/go/bin/go /usr/bin - -RUN mkdir -p $HOME/tailscale-android -RUN git config --global --add safe.directory $HOME/tailscale-android -WORKDIR $HOME/tailscale-android - -COPY Makefile Makefile - -# Get android sdk, ndk, and rest of the stuff needed to build the android app. -RUN make androidsdk - -# Preload Gradle -COPY android/gradlew android/gradlew -COPY android/gradle android/gradle -RUN ./android/gradlew - -# Run a shell -CMD /bin/bash - - diff --git a/scripts/docker-build-apt-get.sh b/scripts/docker-build-apt-get.sh new file mode 100755 index 0000000..060d660 --- /dev/null +++ b/scripts/docker-build-apt-get.sh @@ -0,0 +1,39 @@ +#!/bin/sh +# +# Copyright (c) Tailscale Inc & AUTHORS +# SPDX-License-Identifier: BSD-3-Clause +# +# docker-build-apt-get.sh runs 'apt'-related commands inside +# the environment that /builds the docker image/ +set -x +set -e + +apt-get update +apt-get -y upgrade + +apt-get -y install \ + \ + libstdc++6 \ + libz1 \ + make \ + unzip \ + zip \ + \ + # end of sort region + +apt-get -y --no-install-recommends install \ + \ + ca-certificates \ + curl \ + gcc \ + git \ + libc6-dev \ + \ + # end of sort region + +apt-get -y clean + +rm -rf \ + /var/cache/debconf \ + /var/lib/apt/lists \ + /var/lib/apt/dpkg