github-mirrors/netris-nestri
1
0
Fork 0
mirror of https://github.com/nestriness/nestri.git synced 2025-12-12 16:55:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add CI for container (#141)

Browse Source 
This creates a CI job for building `containers/runner.Containerfile` on
PR or on merge to main.

This helps in checking whether it can build and work as expected
This commit is contained in:
Wanjohi
2024-12-09 20:20:41 +03:00
committed by GitHub
parent b6196b1c69
commit 8d6b7f744b
8 changed files with 192 additions and 455 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
.github/workflows/relay.yml vendored Normal file
View File

@@ -0,0 +1,88 @@
#Tabs not spaces, you moron :)
name: Build nestri:relay
on:
pull_request:
paths:
- "containers/relay.Containerfile"
- ".github/workflows/relay.yml"
schedule:
- cron: 0 0 * * * # At the end of everyday
push:
branches: [main]
paths:
- "containers/relay.Containerfile"
- ".github/workflows/relay.yml"
tags:
- v*.*.*
release:
types: [created]
env:
REGISTRY: ghcr.io
IMAGE_NAME: nestrilabs/nestri
BASE_TAG_PREFIX: relay
jobs:
build-docker-pr:
name: Build image on PR
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
steps:
-
name: Checkout repo
uses: actions/checkout@v4
-
name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Build Docker image
uses: docker/build-push-action@v5
with:
file: containers/relay.Containerfile
context: ./
push: false
load: true
tags: nestri:relay
build-docker-main:
name: Build image on main
if: ${{ github.event_name == 'release' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
-
name: Checkout repo
uses: actions/checkout@v4
-
name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ github.token }}
-
name: Extract Container metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.BASE_TAG_PREFIX }}
#
#tag on release, and a nightly build for 'dev'
tags: |
type=raw,value=nightly,enable={{is_default_branch}}
type=ref,event=tag
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
-
name: Build Docker image
uses: docker/build-push-action@v5
with:
file: containers/relay.Containerfile
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

94
.github/workflows/runner.yml vendored Normal file
View File

@@ -0,0 +1,94 @@
#Tabs not spaces, you moron :)
name: Build nestri:runner
on:
pull_request:
paths:
- "containers/runner.Containerfile"
- ".github/workflows/runner.yml"
schedule:
- cron: 0 0 * * * # At the end of everyday
push:
branches: [main]
paths:
- "containers/runner.Containerfile"
- ".github/workflows/runner.yml"
tags:
- v*.*.*
release:
types: [created]
env:
REGISTRY: ghcr.io
IMAGE_NAME: nestrilabs/nestri
BASE_TAG_PREFIX: runner
# This makes our release ci quit prematurely
# concurrency:
# group: ci-${{ github.ref }}
# cancel-in-progress: true
jobs:
build-docker-pr:
name: Build image on PR
runs-on: ubuntu-latest
if: ${{ github.event_name == 'pull_request' }}
steps:
-
name: Checkout repo
uses: actions/checkout@v4
-
name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Build Docker image
uses: docker/build-push-action@v5
with:
file: containers/runner.Containerfile
context: ./
push: false
load: true
tags: nestri:runner
build-docker-main:
name: Build image on main
if: ${{ github.event_name == 'release' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }}
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
-
name: Checkout repo
uses: actions/checkout@v4
-
name: Log into registry ${{ env.REGISTRY }}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ github.token }}
-
name: Extract Container metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.BASE_TAG_PREFIX }}
#
#tag on release, and a nightly build for 'dev'
tags: |
type=raw,value=nightly,enable={{is_default_branch}}
type=ref,event=tag
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
-
name: Build Docker image
uses: docker/build-push-action@v5
with:
file: containers/runner.Containerfile
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

206
containers/Containerfile.master
View File

@@ -1,206 +0,0 @@
#! Runs the docker server that handles everything else
#******************************************************************************
# base
#******************************************************************************
FROM archlinux:base-20241027.0.273886 AS base
# How to run - docker run -it --rm --device /dev/dri nestri /bin/bash - DO NOT forget the ports
# TODO: Migrate XDG_RUNTIME_DIR to /run/user/1000
# TODO: Add nestri-server to pulseaudio.conf
# TODO: Add our own entrypoint, with our very own zombie ripper 🧟🏾‍♀️
# FIXME: Add user root to `pulse-access` group as well :D
# TODO: Test the whole damn thing
# Update the pacman repo
RUN \
pacman -Syu --noconfirm
#******************************************************************************
# builder
#******************************************************************************
FROM base AS builder
RUN \
pacman -Su --noconfirm \
base-devel \
git \
sudo \
vim
WORKDIR /scratch
# Allow nobody user to invoke pacman to install packages (as part of makepkg) and modify the system.
# This should never exist in a running image, just used by *-build Docker stages.
RUN \
echo "nobody ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers;
ENV ARTIFACTS=/artifacts \
CARGO_TARGET_DIR=/build
RUN \
mkdir -p /artifacts \
&& mkdir -p /build
RUN \
chgrp nobody /scratch /artifacts /build \
&& chmod g+ws /scratch /artifacts /build
#******************************************************************************
# rust-builder
#******************************************************************************
FROM builder AS rust-builder
RUN \
pacman -Su --noconfirm \
rustup
RUN \
rustup default stable
#******************************************************************************
# nestri-server-builder
#******************************************************************************
# Builds nestri server binary
FROM rust-builder AS nestri-server-builder
RUN \
pacman -Su --noconfirm \
wayland \
vpl-gpu-rt \
gstreamer \
gst-plugin-va \
gst-plugins-base \
gst-plugins-good \
mesa-utils \
weston \
xorg-xwayland
#******************************************************************************
# nestri-server-build
#******************************************************************************
FROM nestri-server-builder AS nestri-server-build
#Allow makepkg to be run as nobody.
RUN chgrp -R nobody /scratch && chmod -R g+ws /scratch
# USER nobody
# Perform the server build.
WORKDIR /scratch/server
RUN \
git clone https://github.com/nestriness/nestri
WORKDIR /scratch/server/nestri
RUN \
git checkout feat/stream \
&& cargo build -j$(nproc) --release
# COPY packages/server/build/ /scratch/server/
# RUN makepkg && cp *.zst "$ARTIFACTS"
#******************************************************************************
# runtime_base_pkgs
#******************************************************************************
FROM base AS runtime_base_pkgs
COPY --from=nestri-server-build /build/release/nestri-server /usr/bin/
#******************************************************************************
# runtime_base
#******************************************************************************
FROM runtime_base_pkgs AS runtime_base
RUN \
pacman -Su --noconfirm \
weston \
sudo \
xorg-xwayland \
gstreamer \
gst-plugins-base \
gst-plugins-good \
gst-plugin-qsv \
gst-plugin-va \
gst-plugin-fmp4 \
mesa \
# Grab GPU encoding packages
# Intel (modern VPL + VA-API)
vpl-gpu-rt \
intel-media-driver \
# AMD/ATI (VA-API)
libva-mesa-driver \
# NVIDIA (proprietary)
nvidia-utils \
# Audio
pulseaudio \
# Supervisor
supervisor
RUN \
# Set up our non-root user $(nestri)
groupadd -g 1000 nestri \
&& useradd -ms /bin/bash nestri -u 1000 -g 1000 \
&& passwd -d nestri \
# Setup Pulseaudio
&& useradd -d /var/run/pulse -s /usr/bin/nologin -G audio pulse \
&& groupadd pulse-access \
&& usermod -aG audio,input,render,video,pulse-access nestri \
&& echo "nestri ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \
&& echo "Users created" \
# Create an empty machine-id file
&& touch /etc/machine-id
ENV \
XDG_RUNTIME_DIR=/tmp
#******************************************************************************
# runtime
#******************************************************************************
FROM runtime_base AS runtime
# Setup supervisor #
RUN <<-EOF
echo -e "
[supervisord]
user=root
nodaemon=true
loglevel=info
logfile=/tmp/supervisord.log
pidfile=/tmp/supervisord.pid
[program:dbus]
user=root
command=dbus-daemon --system --nofork
logfile=/tmp/dbus.log
pidfile=/tmp/dbus.pid
stopsignal=INT
autostart=true
autorestart=true
priority=1
[program:pulseaudio]
user=root
command=pulseaudio --daemonize=no --system --disallow-module-loading --disallow-exit --exit-idle-time=-1
logfile=/tmp/pulseaudio.log
pidfile=/tmp/pulseaudio.pid
stopsignal=INT
autostart=true
autorestart=true
priority=10
" | tee /etc/supervisord.conf
EOF
RUN \
chown -R nestri:nestri /tmp /etc/supervisord.conf
ENV USER=nestri
USER 1000
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
# Debug - pactl list

20
containers/Containerfile.relay
View File

@@ -1,20 +0,0 @@
FROM docker.io/golang:1.23-alpine AS go-build
WORKDIR /builder
COPY packages/relay/ /builder/
RUN go build
FROM docker.io/golang:1.23-alpine
COPY --from=go-build /builder/relay /relay/relay
WORKDIR /relay
# ENV flags
ENV VERBOSE=false
ENV ENDPOINT_PORT=8088
ENV WEBRTC_UDP_START=10000
ENV WEBRTC_UDP_END=20000
ENV STUN_SERVER="stun.l.google.com:19302"
EXPOSE $ENDPOINT_PORT
EXPOSE $WEBRTC_UDP_START-$WEBRTC_UDP_END/udp
ENTRYPOINT ["/relay/relay"]

219
containers/Containerfile.runner
View File

@@ -1,219 +0,0 @@
# Container build arguments #
ARG BASE_IMAGE=docker.io/cachyos/cachyos-v3:latest
#******************************************************************************
# gst-builder
#******************************************************************************
FROM ${BASE_IMAGE} AS gst-builder
WORKDIR /builder/
# Grab build and rust packages #
RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \
gstreamer gst-plugins-base gst-plugins-good
# Setup stable rust toolchain #
RUN rustup default stable
# Clone nestri source #
RUN git clone -b feat/stream https://github.com/nestriness/nestri.git
# Build nestri #
RUN cd nestri/packages/server/ && \
cargo build --release
#******************************************************************************
# gstwayland-builder
#******************************************************************************
FROM ${BASE_IMAGE} AS gstwayland-builder
WORKDIR /builder/
# Grab build and rust packages #
RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \
libxkbcommon wayland gstreamer gst-plugins-base gst-plugins-good libinput
# Setup stable rust toolchain #
RUN rustup default stable
# Build required cargo-c package #
RUN cargo install cargo-c
# Clone gst plugin source #
RUN git clone https://github.com/games-on-whales/gst-wayland-display.git
# Build gst plugin #
RUN mkdir plugin && \
cd gst-wayland-display && \
cargo cinstall --prefix=/builder/plugin/
#******************************************************************************
# runtime
#******************************************************************************
FROM ${BASE_IMAGE} AS runtime
## Nestri Env Variables ##
ENV NESTRI_PARAMS=""
ENV RESOLUTION="1280x720"
## Install Graphics, Media, and Audio packages ##
RUN pacman -Syu --noconfirm --needed \
# Graphics packages
sudo mesa mesa-utils xorg-xwayland labwc wlr-randr mangohud \
# Vulkan drivers
vulkan-intel vulkan-radeon nvidia-utils \
# Media encoding packages
vpl-gpu-rt intel-media-driver libva-utils \
# GStreamer plugins
gstreamer gst-plugins-base gst-plugins-good \
gst-plugin-va gst-plugins-bad gst-plugin-fmp4 \
gst-plugin-qsv gst-plugin-pipewire gst-plugin-rswebrtc \
gst-plugins-ugly gst-plugin-rsrtp \
# Audio packages
pipewire pipewire-pulse pipewire-alsa wireplumber \
# Other requirements
supervisor \
# Custom
umu-launcher && \
# Clean up pacman cache and unnecessary files
pacman -Scc --noconfirm && \
rm -rf /var/cache/pacman/pkg/* /tmp/* /var/tmp/* && \
# Optionally clean documentation, man pages, and locales
find /usr/share/locale -mindepth 1 -maxdepth 1 ! -name "en*" -exec rm -rf {} + && \
rm -rf /usr/share/doc /usr/share/man /usr/share/info
## User ##
# Create and setup user #
ENV USER="nestri" \
UID=99 \
GID=100 \
USER_PASSWORD="nestri1234" \
USER_HOME="/home/nestri"
RUN mkdir -p ${USER_HOME} && \
useradd -d ${USER_HOME} -u ${UID} -s /bin/bash ${USER} && \
chown -R ${USER} ${USER_HOME} && \
echo "${USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
echo "${USER}:${USER_PASSWORD}" | chpasswd
# Run directory #
RUN mkdir -p /run/user/${UID} && \
chown ${USER}:${USER} /run/user/${UID}
# Home config directory #
RUN mkdir -p ${USER_HOME}/.config && \
chown ${USER}:${USER} ${USER_HOME}/.config
# Groups #
RUN usermod -aG input root && usermod -aG input ${USER} && \
usermod -aG video root && usermod -aG video ${USER} && \
usermod -aG render root && usermod -aG render ${USER}
## Copy files from builders ##
# this is done here at end to not trigger full rebuild on changes to builder
# nestri
COPY --from=gst-builder /builder/nestri/target/release/nestri-server /usr/bin/nestri-server
# gstwayland
COPY --from=gstwayland-builder /builder/plugin/include/libgstwaylanddisplay /usr/include/
COPY --from=gstwayland-builder /builder/plugin/lib/*libgstwayland* /usr/lib/
COPY --from=gstwayland-builder /builder/plugin/lib/gstreamer-1.0/libgstwayland* /usr/lib/gstreamer-1.0/
COPY --from=gstwayland-builder /builder/plugin/lib/pkgconfig/gstwayland* /usr/lib/pkgconfig/
COPY --from=gstwayland-builder /builder/plugin/lib/pkgconfig/libgstwayland* /usr/lib/pkgconfig/
## Copy scripts ##
COPY packages/scripts/ /etc/nestri/
## Startup ##
# Setup supervisor #
RUN <<-EOF
echo -e "
[supervisord]
user=root
nodaemon=true
loglevel=info
logfile=/tmp/supervisord.log
[program:dbus]
user=root
command=dbus-daemon --system --nofork --nopidfile
logfile=/tmp/dbus.log
autoerestart=true
autostart=true
startretries=3
priority=1
[program:seatd]
user=root
command=seatd
logfile=/tmp/seatd.log
autoerestart=true
autostart=true
startretries=3
priority=2
[program:pipewire]
user=nestri
command=dbus-launch pipewire
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\"
logfile=/tmp/pipewire.log
autoerestart=true
autostart=true
startretries=3
priority=10
[program:pipewire-pulse]
user=nestri
command=dbus-launch pipewire-pulse
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\"
logfile=/tmp/pipewire-pulse.log
autoerestart=true
autostart=true
startretries=3
priority=20
[program:wireplumber]
user=nestri
command=dbus-launch wireplumber
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\"
logfile=/tmp/wireplumber.log
autoerestart=true
autostart=true
startretries=3
priority=30
[program:nestri-server]
user=nestri
command=sh -c 'nestri-server \$NESTRI_PARAMS'
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\"
logfile=/tmp/nestri-server.log
autoerestart=true
autostart=true
startretries=3
priority=50
[program:labwc]
user=nestri
command=sh -c 'sleep 4 && rm -rf /tmp/.X11-unix && mkdir -p /tmp/.X11-unix && chown nestri:nestri /tmp/.X11-unix && labwc'
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\",WAYLAND_DISPLAY=\"wayland-1\",WLR_BACKENDS=\"wayland\",WLR_RENDERER=\"vulkan\"
logfile=/tmp/labwc.log
autoerestart=true
autostart=true
startretries=5
priority=60
[program:wlrrandr]
user=nestri
command=sh -c 'sleep 6 && wlr-randr --output WL-1 --custom-mode \$RESOLUTION && read -n 1'
environment=XDG_RUNTIME_DIR=\"/run/user/${UID}\",HOME=\"${USER_HOME}\",WAYLAND_DISPLAY=\"wayland-0\"
logfile=/tmp/wlrrandr.log
autoerestart=true
autostart=true
startretries=10
priority=70
" | tee /etc/supervisord.conf
EOF
# Wireplumber disable suspend #
# Remove suspend node
RUN sed -z -i 's/{[[:space:]]*name = node\/suspend-node\.lua,[[:space:]]*type = script\/lua[[:space:]]*provides = hooks\.node\.suspend[[:space:]]*}[[:space:]]*//g' /usr/share/wireplumber/wireplumber.conf
# Remove "hooks.node.suspend" want
RUN sed -i '/wants = \[/{s/hooks\.node\.suspend\s*//; s/,\s*\]/]/}' /usr/share/wireplumber/wireplumber.conf
ENTRYPOINT ["supervisord", "-c", "/etc/supervisord.conf"]

0
Containerfile.master → containers/master.Containerfile
View File

0
Containerfile.relay → containers/relay.Containerfile
View File

18
Containerfile.runner → containers/runner.Containerfile
View File

@@ -2,7 +2,7 @@
ARG BASE_IMAGE=docker.io/cachyos/cachyos-v3:latest ARG BASE_IMAGE=docker.io/cachyos/cachyos-v3:latest
#****************************************************************************** #******************************************************************************
# gst-builder # nestri-server-builder
#****************************************************************************** #******************************************************************************
FROM ${BASE_IMAGE} AS gst-builder FROM ${BASE_IMAGE} AS gst-builder
WORKDIR /builder/ WORKDIR /builder/
@@ -13,15 +13,15 @@ RUN pacman -Syu --noconfirm meson pkgconf cmake git gcc make rustup \
# Setup stable rust toolchain # # Setup stable rust toolchain #
RUN rustup default stable RUN rustup default stable
# Clone nestri source # # # Clone nestri source #
RUN git clone -b feat/stream https://github.com/DatCaptainHorse/nestri.git #Copy the whole repo inside the build container
COPY ./ /builder/nestri/
# Build nestri # RUN cd /builder/nestri/packages/server/ && \
RUN cd nestri/packages/server/ && \
cargo build --release cargo build --release
#****************************************************************************** #******************************************************************************
# gstwayland-builder # gstwayland-builder
#****************************************************************************** #******************************************************************************
FROM ${BASE_IMAGE} AS gstwayland-builder FROM ${BASE_IMAGE} AS gstwayland-builder
WORKDIR /builder/ WORKDIR /builder/
@@ -44,7 +44,7 @@ RUN mkdir plugin && \
#****************************************************************************** #******************************************************************************
# runtime # runtime
#****************************************************************************** #******************************************************************************
FROM ${BASE_IMAGE} AS runtime FROM ${BASE_IMAGE} AS runtime
@@ -69,14 +69,14 @@ RUN pacman -Syu --noconfirm --needed \
ENV USER="nestri" \ ENV USER="nestri" \
UID=99 \ UID=99 \
GID=100 \ GID=100 \
USER_PASSWORD="nestri1234" USER_PWD="nestri1234"
RUN mkdir -p /home/${USER} && \ RUN mkdir -p /home/${USER} && \
groupadd -g ${GID} ${USER} && \ groupadd -g ${GID} ${USER} && \
useradd -d /home/${USER} -u ${UID} -g ${GID} -s /bin/bash ${USER} && \ useradd -d /home/${USER} -u ${UID} -g ${GID} -s /bin/bash ${USER} && \
chown -R ${USER}:${USER} /home/${USER} && \ chown -R ${USER}:${USER} /home/${USER} && \
echo "${USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \ echo "${USER} ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \
echo "${USER}:${USER_PASSWORD}" | chpasswd echo "${USER}:${USER_PWD}" | chpasswd
# Run directory # # Run directory #
RUN mkdir -p /run/user/${UID} && \ RUN mkdir -p /run/user/${UID} && \