search

stuckj / subsonic-docker

Docker container for subsonic
MIT License
4 stars 5 forks source link

Add build args to control the subsonic version #5

Open 2-shell opened 1 year ago

2-shell commented 1 year ago

This PR adds docker build args for controlling the Subsonic binary download and refactors the download logic, such that docker images for multiple specific Subsonic versions can be built more easily.

Also, this adds a safety check on the downloaded binary, by comparing the SHA-256 of the downloaded archive against the specified value.

These args can be used to build multiple images with different subsonic versions like so:

docker build -t subsonic-docker:6.1.5 \
    --build-arg DL_VERSION=6.1.5 \
    --build-arg DL_SHA256=662463f291c747cbea7e7a8b34f3fd65f19ecbbefdff18dedeacc3d23a75e3f7 .

docker build -t subsonic-docker:6.1.4 \
    --build-arg DL_VERSION=6.1.4 \
    --build-arg DL_SHA256=2b1998982d8424f115841aa30ab85f9d35a18f9dc38ac62d50f5834a17293a6e .

Available versions and SHA-256 values can be taken from the official Subsonic download page.

This does intentionally not implement automatic installation of the latest released binary.
The rationale is, that even for older subsonic versions it must be possible to build updated images (e.g. for receiving distribution package updates, fixing bugs, etc.).

Therefore, this PR provides the foundation for building the image for any Subsonic version from a simple CI script as shown above.

If desired, the file containing all official checksums could be used to build images for all versions with some bash-acrobatics like this:

curl -s https://s3-eu-west-1.amazonaws.com/subsonic-public/download/checksums-sha256.txt \
  | grep standalone \
  | while read pair; do 
      version=$(echo "$pair" | sed -e 's:.*subsonic-\([^-]*\).*:\1:')
      sha256=$(echo "$pair" | sed -e 's: .*::')
      docker build -t subsonic-docker:"$version" \
        --build-arg DL_VERSION="$version" \
        --build-arg DL_SHA256="$sha256" \
        .
  done

... or for building just the latest version with something like this:

version=$(curl -s https://s3-eu-west-1.amazonaws.com/subsonic-public/download/checksums-sha256.txt \
                  | grep standalone \
                  | cut -f 3 -d ' ' | sort | tail -1 \
                  | sed -e 's:subsonic-\([^-]*\)-.*:\1:')
sha256=$(curl -s https://s3-eu-west-1.amazonaws.com/subsonic-public/download/checksums-sha256.txt \
                   | grep standalone | grep "$version" | cut -f 1 -d ' ')

docker build -t subsonic-docker:"$version" \
  --build-arg DL_VERSION="$version" \
  --build-arg DL_SHA256="$sha256" \
  .

However, since releases (as you have already said) are infrequent and to avoid instabilities due to changing contents of the checksum file, I'd recommend just setting up a simple CI job with hardcoded values for known and supported versions.

Not knowing anything about you CI infrastructure, an example job for e.g. Gitlab CI could look something like this:

---
# Example .gitlab-ci.yaml for building and publishing multiple image versions
build:docker:
  stage: build
  image: docker:latest
  services:
    - docker:dind
  variables:
    DOCKER_DRIVER: overlay2
    IMAGE_URL: subsonic-docker
  before_script:
    - apk add bash curl
  script:
    - >-
      docker build -t "$IMAGE_URL:$BUILD_VERSION"
      --build-arg DL_VERSION="$BUILD_VERSION"
      --build-arg DL_SHA256="$BUILD_SHA256"
      .
    - docker push "$IMAGE_URL:$BUILD_VERSION"
  parallel:
    matrix:
      - BUILD_VERSION: 6.1.6
        BUILD_SHA256: dfb78fa9bb38f2265f498122846b1d6121f7666035a78dbe3a24305bd16c18a0
      - BUILD_VERSION: 6.1.5
        BUILD_SHA256: 662463f291c747cbea7e7a8b34f3fd65f19ecbbefdff18dedeacc3d23a75e3f7
...

Please let me know what you think about these changes.