search

lncm / ideas

Ideas for things to be built on meetups.
MIT License
21 stars 4 forks source link

Docker Infra checklist #41

Open meeDamian opened 4 years ago

meeDamian commented 4 years ago

I've had a lot of stuff happening all around the place, so I want to create this issue to just gather it all together (Perhaps move it to some wiki later)…

🧩 meeDamian/simple-qemu

tl;dr: Fetches qemu source, and from it builds static binaries for amd64 host system. Result is pushed to Docker registry(ies), and binaries are uploaded to Github Release.

Click to expand already done - [x] Get it to build - [x] Verify it works - [x] Build multiple versions - [x]: `v3.1.0` `v3.1.1` `v4.0.0` `v4.1.0` - [x] Create short/floating tags - `v4`, `v3`, `v4.0`, `v4.1`, `v3.1`, `arm`, `aarch64`, `latest`, `arm32v7`, `arm64v8`, `enable`, `riscv32`, `riscv64`, etc… - [x] Create _permanent_ tags - [x] Push to 🐳 Hub - [ ] ~~Push to :octocat: Registry~~ It's borked. Perhaps later… - [x] Write proper `README.md` - [x] Create short script to generate the `Simple tags` section [the] [way] [most] [repos] [have it] - [x] Ask @lncm/lncm for code, and process review [the]: https://hub.docker.com/_/golang [way]: https://hub.docker.com/_/python [most]: https://hub.docker.com/_/postgres [repos]: https://hub.docker.com/_/redis [have it]: https://hub.docker.com/_/node

🧩 lncm/berkeleydb

tl;dr: Pre-builds and packages BerkeleyDB v4.8.30.NC into a small container, that later can be reused in Dockerfile with sth like:

COPY --from=meedamian/berkeleydb:db-4.8.30.NC  /opt/  /opt/
Click to expand already done - [ ] ~~Push to :octocat: Registry~~ It's borked. Perhaps later… - [x] Setup build on :octocat: Actions - [x] Build for `amd64`, `arm32v7`, and `arm64v8` - [x] Push to 🐳 Hub - [x] BDB doesn't use semver, but for consistency _permanent_ tags can behave the same as above `+build` - [x] See if it's possible to help consumers emulating CPU arch choose the correct version based on manifest, w/o specifying it verbatim - [x] Ask @lncm/lncm for code, and process review - [x] :octocat: Actions are enabled for the org (see https://github.com/lncm/docker-berkeleydb/pull/11) - [x] Move back to `lncm/` namespace (blocked by: https://github.com/lncm/docker-berkeleydb/issues/13, AKA `no-secrets-in-forks` issue)

🧩 lncm/bitcoind

tl;dr: Docker image with Bitcoin Core client built for amd64, arm32v7, and arm64v8.

Click to expand already done - [ ] ~~Push to :octocat: Registry~~ It's borked. Perhaps later… - [x] Get it to build on a CI - [x] Split build into jobs - [x] 1. Berkeleydb - [ ] ~~2. Finish at `make`~~ - [ ] ~~3. Start at `make check`~~ - [x] 2. Build images - [x] 3. Upload images - [x] Build a few last, non vulnerable, versions - builds latest ~3 on each push to `master` - [x] Build for `amd64`, `arm32v7`, and `arm64v8` - [x] Do not upload anything to image registry, until builds of **all** architecture variants complete green

🧩 lncm/lnd

tl;dr: Docker image of a Lightning Network client built for amd64, arm32v7, and arm64v8.

Click to expand already done - [ ] ~~Push to :octocat: Registry~~ It's borked. Perhaps later… - [x] Move to :octocat: Actions - [x] Build for `amd64`, `arm32v7`, and `arm64v8` - [x] Use Go `v1.13` - [x] Use `-trimpath -mod=readonly` - [x] In each build, build each binary twice: - [x] `alpine` - [x] `debian:*-slim` - [x] compare checksums

🧩 lncm/invoicer

tl;dr: Utility living on top of lnd (and optionally bitcoind), that helps with creation of payment-accepting frontends

Click to expand already done - [ ] ~~Push to :octocat: Registry~~ It's borked. Perhaps later… - [x] Move to :octocat: Actions - [x] Build for `amd64`, `arm32v7`, and `arm64v8` - [x] Use Go `v1.13` - [x] Use `-trimpath -mod=readonly` - [x] In each build, build each binary twice: - [x] `alpine` - [x] `debian:*-slim` - [x] compare checksums - [x] From :octocat: Actions push to 🐳 Hub - [x] Move back to `lncm/` namespace once :octocat: Actions are enabled for the org (see https://github.com/lncm/docker-berkeleydb/pull/11) - [x] Get rid of *BSD platforms (@AnotherDroog?) - [x] Ask @lncm/lncm for code and process review

🧩 lncm/donations

tl;dr: A UI that lives on top of invoicer that facilitates receiving BTC & LN donations.

🧩 lncm/invoicer-ui

tl;dr: A UI that lives on top of invoicer that facilitates receiving BTC & LN in-store payments.

🧩 lncm/noma

🧩 lncm/pi-factory

Other/General TODOs

Click to expand already done - [x] Find a way to sync README.md between :octocat:, and 🐳 Hub - done: https://github.com/meeDamian/sync-readme - [x] Write an all-in :octocat: Action to create :octocat: Release, and upload files to it - done: https://github.com/meeDamian/github-release - [x] Come up with a tagging scheme that never overrides non-short tags (Ex. override of `v4` is desired, while override of `v4.1.0-riscv64` should probably be avoided). First thought is to use [semver-compliant] `+build` scheme. - done: https://github.com/meeDamian/tag-suggestions [semver-compliant]: https://semver.org/#spec-item-10
nolim1t commented 4 years ago

merchant-ui

pi-factory

lnd

meeDamian commented 4 years ago

have a neutrino build already on dockerhub

I don't think we'll "have it" until it's automated, and auditable. For what I, and anyone, knows you could've added code that sends you all of the btc there once there's enough deposited on that node ;).

nolim1t commented 4 years ago

You're welcome to audit it

AnotherDroog commented 4 years ago

For what it’s worth, I’m happily using your lnd container @nolim1t

Of course auditing is a core concern for us. In that light, I’d like to see all components within one organization and the same git host.

That way at least all dependencies can be easily found