feat(dev): Add dev container

dustinblackman · Mar 16, 2024 · e8430d9 · e8430d9
1 parent 858207e
commit e8430d9
Show file tree

Hide file tree

Showing 11 changed files with 227 additions and 1 deletion.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -0,0 +1,31 @@
+FROM rust:1.74.0-slim-bookworm as builder
+
+RUN apt-get update && \
+    apt-get install -y curl libssl-dev pkg-config
+
+COPY ./Cargo.lock ./Cargo.toml ./.mise.toml ./rust-toolchain.toml /tmp/build-cache/
+COPY .cargo/ /tmp/build-cache/.cargo
+
+# Only install what we can fit within an arm64 container within the Github Actions time limit. The rest will be done at
+# runtime. On amd64 all binaries will be installed.
+WORKDIR /tmp/build-cache
+RUN cargo install cargo-run-bin
+RUN dpkg --print-architecture | grep -q 'arm64' && (cargo bin mise --help && cargo cmd --help) || cargo bin --install
+
+FROM rust:1.74.0-slim-bookworm
+
+# TODO: Root for devpod, but I'd rather not... Fix later.
+RUN groupadd --gid 1000 oatmeal && \
+    useradd --uid 1000 --gid 1000 --shell /bin/bash --create-home oatmeal && \
+    mkdir -p /etc/sudoers.d/ && \
+    echo oatmeal ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/oatmeal && \
+    chmod 0440 /etc/sudoers.d/oatmeal
+
+USER oatmeal
+
+COPY --chown=1000:1000 --from=builder /usr/local/cargo/bin/cargo-bin /usr/local/cargo/bin/cargo-bin
+COPY --chown=1000:1000 --from=builder /tmp/build-cache/ /tmp/build-cache
+
+RUN cd /tmp/build-cache/ && \
+    cargo cmd setup-nightly && \
+    cargo bin mise install
diff --git a/.devcontainer/build.sh b/.devcontainer/build.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+set -e
+
+PROGDIR=$(dirname "$(readlink -f "$0")")
+cd "$PROGDIR/.."
+
+BUILD_ARCH="$1"
+
+(
+	cd tools/node
+	npm ci
+)
+
+echo "[BUILD] Building $BUILD_ARCH"
+tools/node/node_modules/.bin/devcontainer build --workspace-folder . --config ./.devcontainer/devcontainer-src.json --push --platform "linux/$BUILD_ARCH" --image-name ghcr.io/dustinblackman/devcontainer-oatmeal:latest-"$BUILD_ARCH"
diff --git a/.devcontainer/devcontainer-src.json b/.devcontainer/devcontainer-src.json
@@ -0,0 +1,11 @@
+{
+  "name": "oatmeal",
+  "build": {
+    "context": "..",
+    "dockerfile": "./Dockerfile"
+  },
+  "remoteUser": "oatmeal",
+  "features": {
+    "ghcr.io/dustinblackman/devcontainer-features/base:latest": {}
+  }
+}
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -0,0 +1,9 @@
+{
+  "name": "oatmeal",
+  "dockerComposeFile": "./docker-compose.yml",
+  "service": "oatmeal",
+  "workspaceFolder": "/workspace",
+  "shutdownAction": "stopCompose",
+  "postCreateCommand": "/workspace/.devcontainer/start.sh",
+  "remoteUser": "oatmeal"
+}
diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml
@@ -0,0 +1,14 @@
+version: "3"
+services:
+  oatmeal:
+    command: /bin/sh -c "trap :; TERM INT; sleep infinity & wait"
+    image: ghcr.io/dustinblackman/devcontainer-oatmeal:latest
+    environment:
+      OATMEAL_OLLAMA_URL: http://host.docker.internal:11434
+    volumes:
+      - ..:/workspace
+      - cache_bin:/workspace/.bin
+      - cache_target:/workspace/target
+volumes:
+  cache_bin:
+  cache_target:
diff --git a/.devcontainer/release.sh b/.devcontainer/release.sh
@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+set -e
+
+PROGDIR=$(dirname "$(readlink -f "$0")")
+cd "$PROGDIR/.."
+
+(
+	cd tools/node
+	npm ci
+)
+
+echo "[BUILD] Pulling arm64"
+DOCKER_DEFAULT_PLATFORM=linux/arm64 docker pull ghcr.io/dustinblackman/devcontainer-oatmeal:latest-arm64
+echo "[BUILD] Pulling amd64"
+docker pull ghcr.io/dustinblackman/devcontainer-oatmeal:latest-amd64
+echo "[BUILD] Creating manifest"
+docker buildx imagetools create -t ghcr.io/dustinblackman/devcontainer-oatmeal:latest ghcr.io/dustinblackman/devcontainer-oatmeal:latest-arm64 ghcr.io/dustinblackman/devcontainer-oatmeal:latest-amd64
+BUILD_SHA=$(docker buildx imagetools inspect ghcr.io/dustinblackman/devcontainer-oatmeal:latest | grep 'Digest' | awk '{print $2}')
+echo "[BUILD] Manifest SHA: ${BUILD_SHA}"
+
+echo "[BUILD] Updating docker-compose.yml"
+DC_UPDATE=$(yq ".services.oatmeal.image = \"ghcr.io/dustinblackman/devcontainer-oatmeal@${BUILD_SHA}\"" ./.devcontainer/docker-compose.yml)
+rm ./.devcontainer/docker-compose.yml
+echo "$DC_UPDATE" >./.devcontainer/docker-compose.yml
+
+echo "[BUILD] Creating GitHub PR"
+git config --global user.email github-actions[bot]@users.noreply.github.com
+git config --global user.name github-actions[bot]
+git config pull.rebase false
+BUILD_BRANCH="devcontainer-image-update-$GITHUB_RUN_ID"
+git checkout -b "$BUILD_BRANCH"
+git add ./.devcontainer/docker-compose.yml
+git commit -m 'chore: Update dev container image sha'
+git push origin "$BUILD_BRANCH"
+gh pr create \
+	--title "[CI] Update devcontainer to $BUILD_SHA" \
+	--body "Updates the dev container image based on the changes made in https://github.com/dustinblackman/oatmeal/commit/${GITHUB_SHA}"
+
+echo "[BUILD] Done"
diff --git a/.devcontainer/start.sh b/.devcontainer/start.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+set -e
+
+sudo chown -R oatmeal:oatmeal /workspace/.bin
+cp -fr /tmp/build-cache/.bin /workspace/
+ls /workspace/ | grep target | grep -q 'oatmeal' || sudo chown -R oatmeal:oatmeal /workspace/target
diff --git a/.github/devpod.svg b/.github/devpod.svg
diff --git a/.github/workflows/devcontainer.yml b/.github/workflows/devcontainer.yml
@@ -0,0 +1,82 @@
+on:
+  push:
+    branches:
+      - dev-container
+    paths:
+      - '.devcontainer/Dockerfile'
+      - '.devcontainer/devcontainer-src.json'
+      - '.devcontainer/build.sh'
+      - '.devcontainer/release.sh'
+      - '.github/workflows/devcontainer.yml'
+
+name: devcontainer
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        arch: ["arm64", "amd64"]
+    permissions:
+      packages: write
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up QEMU
+        # v3
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
+        with:
+          image: tonistiigi/binfmt@sha256:6088cbd69c369178ffd6b68992f342c3a9d5c3cc619bbaa4bfe9a98cb23893d0
+      - name: Set up Docker Buildx
+        # v3.1.0
+        uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c
+      - name: Login to GitHub Container Registry
+        # v3.0.0
+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
+        with:
+          registry: ghcr.io
+          username: ${{github.actor}}
+          password: ${{secrets.GITHUB_TOKEN}}
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18.19.0
+      - name: Build
+        run: |
+          ./.devcontainer/build.sh ${{ matrix.arch }}
+
+  release:
+    runs-on: ubuntu-latest
+    needs: [build]
+    permissions:
+      contents: write
+      pull-requests: write
+      packages: write
+    steps:
+      - uses: actions/checkout@v2
+      - name: Set up QEMU
+        # v3
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
+        with:
+          image: tonistiigi/binfmt@sha256:6088cbd69c369178ffd6b68992f342c3a9d5c3cc619bbaa4bfe9a98cb23893d0
+      - name: Set up Docker Buildx
+        # v3.1.0
+        uses: docker/setup-buildx-action@0d103c3126aa41d772a8362f6aa67afac040f80c
+      - name: Login to GitHub Container Registry
+        # v3.0.0
+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d
+        with:
+          registry: ghcr.io
+          username: ${{github.actor}}
+          password: ${{secrets.GITHUB_TOKEN}}
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18.19.0
+      - name: Release
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          sudo curl -L -o /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.42.1/yq_linux_amd64 
+          if [[ "$(sha256sum /usr/local/bin/yq | awk '{print $1}')" != "1a95960dddd426321354d58d2beac457717f7c49a9ec0806749a5a9e400eb45e" ]]; then
+            echo "yq checksum failed"
+            exit 1
+          fi
+          sudo chmod +x /usr/local/bin/yq
+          ./.devcontainer/release.sh
diff --git a/.gitignore b/.gitignore
@@ -14,3 +14,4 @@ dhat-heap.json
 tools/thirdparty/.failed-lint
 ghrelease.md
 tools/node/node_modules/
+.idea
diff --git a/README.md b/README.md
@@ -357,7 +357,9 @@ problem is! If you've run in to a problem, I'd really help appreciate solving it
 
 #### Setup
 
-The following will get you set up with all the necessary tooling to work on Oatmeal.
+[![Open in DevPod!](.github/devpod.svg)](https://devpod.sh/open#https://github.com/dustinblackman/oatmeal)
+
+Oatmeal comes with a ready made DevContainer with all the magic needed to work on the project. However if you wish to develop fully local, the following will get you set up with all the necessary tooling.
 
 ```sh
 cargo install cargo-run-bin