self-hosted/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich.git synced 2025-10-31 00:18:28 +02:00
Code Activity

chore(ci): use custom base for server image build (#4456)

Browse Source 
* Use base image for server build
* Clean up build scripts
* target tags for base image
* use prod tag instead of runtime
* use runtime stage for dev

---------

Co-authored-by: mertalev <101130780+mertalev@users.noreply.github.com>
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
This commit is contained in:
bo0tzz
2023-11-09 14:12:05 +01:00
committed by GitHub
parent 52fe392a9e
commit 5db73c5c5c
8 changed files with 5 additions and 241 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
.github/workflows/docker.yml vendored
View File

@@ -33,91 +33,10 @@ jobs:
- context: "nginx"
image: "immich-proxy"
platforms: "linux/amd64,linux/arm64"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3.0.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.0.0
# Workaround to fix error:
# failed to push: failed to copy: io: read/write on closed pipe
# See https://github.com/docker/build-push-action/issues/761
with:
driver-opts: |
image=moby/buildkit:v0.10.6
- name: Login to Docker Hub
# Only push to Docker Hub when making a release
if: ${{ github.event_name == 'release' }}
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
# Skip when PR from a fork
if: ${{ !github.event.pull_request.head.repo.fork }}
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate docker image tags
id: metadata
uses: docker/metadata-action@v5
with:
flavor: |
# Disable latest tag
latest=false
images: |
name=ghcr.io/${{ github.repository_owner }}/${{matrix.image}}
name=altran1502/${{matrix.image}},enable=${{ github.event_name == 'release' }}
tags: |
# Tag with branch name
type=ref,event=branch
# Tag with pr-number
type=ref,event=pr
# Tag with git tag on release
type=ref,event=tag
type=raw,value=release,enable=${{ github.event_name == 'release' }}
- name: Determine build cache output
id: cache-target
run: |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
# Essentially just ignore the cache output (PR can't write to registry cache)
echo "cache-to=type=local,dest=/tmp/discard,ignore-error=true" >> $GITHUB_OUTPUT
else
echo "cache-to=type=registry,mode=max,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{ matrix.image }}" >> $GITHUB_OUTPUT
fi
- name: Build and push image
uses: docker/build-push-action@v5.0.0
with:
context: ${{ matrix.context }}
platforms: ${{ matrix.platforms }}
# Skip pushing when PR from a fork
push: ${{ !github.event.pull_request.head.repo.fork }}
cache-from: type=registry,ref=ghcr.io/${{ github.repository_owner }}/immich-build-cache:${{matrix.image}}
cache-to: ${{ steps.cache-target.outputs.cache-to }}
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
build_and_push_server_arm_64:
runs-on: self-hosted
strategy:
# Prevent a failure in one image from stopping the other builds
fail-fast: false
matrix:
include:
- context: "server"
image: "immich-server"
platforms: "linux/arm64,linux/amd64"
steps:
- name: Checkout
uses: actions/checkout@v4

40
server/Dockerfile
View File

@@ -1,52 +1,20 @@
FROM node:20.8-bookworm as builder
WORKDIR /usr/src/app
COPY bin/install-ffmpeg.sh build-lock.json ./
RUN sed -i -e's/ main/ main contrib non-free non-free-firmware/g' /etc/apt/sources.list.d/debian.sources
RUN apt-get update && apt-get install -yqq build-essential ninja-build meson pkg-config jq zlib1g autoconf \
libglib2.0-dev libexpat1-dev librsvg2-dev libexif-dev libwebp-dev liborc-0.4-dev \
libjpeg62-turbo-dev libgsf-1-dev libspng-dev libjxl-dev libheif-dev liblcms2-2 \
mesa-va-drivers libmimalloc2.0 $(if [ $(arch) = "x86_64" ]; then echo "intel-media-va-driver-non-free"; fi) \
&& ./install-ffmpeg.sh && apt-get autoremove && apt-get clean && rm -rf /var/lib/apt/lists/*
# debian build for imagemagick has broken RAW support, so build manually
ENV LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH
ENV LD_RUN_PATH=/usr/local/lib:$LD_RUN_PATH
COPY bin/build-libraw.sh bin/build-imagemagick.sh bin/build-libvips.sh bin/use-camera-wb.patch ./
RUN ./build-libraw.sh
RUN ./build-imagemagick.sh
RUN ./build-libvips.sh
FROM ghcr.io/immich-app/base-server-dev:20231109 as builder
COPY package.json package-lock.json ./
RUN npm ci
COPY . .
FROM builder as prod
RUN npm run build
RUN npm prune --omit=dev --omit=optional
FROM node:20.8-bookworm
FROM ghcr.io/immich-app/base-server-prod:20231109
ENV NODE_ENV=production
WORKDIR /usr/src/app
COPY bin/install-ffmpeg.sh build-lock.json ./
RUN sed -i -e's/ main/ main contrib non-free non-free-firmware/g' /etc/apt/sources.list.d/debian.sources
RUN apt-get update && apt-get install -yqq tini libheif1 libwebp7 libwebpdemux2 libwebpmux3 mesa-va-drivers \
libjpeg62-turbo libexpat1 librsvg2-2 libjxl0.7 libspng0 libexif12 libgcc-s1 libglib2.0-0 \
libgsf-1-114 libopenjp2-7 liblcms2-2 liborc-0.4-0 libopenexr-3-1-30 liblqr-1-0 libltdl7 zlib1g libgomp1 \
mesa-va-drivers libmimalloc2.0 $(if [ $(arch) = "x86_64" ]; then echo "intel-media-va-driver-non-free"; fi) jq wget \
&& ./install-ffmpeg.sh && apt-get remove -yqq jq wget && apt-get autoremove -yqq && apt-get clean && rm -rf /var/lib/apt/lists/* \
&& rm install-ffmpeg.sh && rm build-lock.json
COPY --from=prod /usr/local/lib/ /usr/local/lib/
RUN ldconfig /usr/local/lib
COPY --from=prod /usr/src/app/node_modules ./node_modules
COPY --from=prod /usr/src/app/dist ./dist
COPY --from=prod /usr/src/app/bin ./bin

22
server/bin/build-imagemagick.sh
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env bash
set -e
LOCK=$(jq -c '.packages[] | select(.name == "imagemagick")' build-lock.json)
IMAGEMAGICK_VERSION=${IMAGEMAGICK_VERSION:=$(echo $LOCK | jq -r '.version')}
IMAGEMAGICK_SHA256=${IMAGEMAGICK_SHA256:=$(echo $LOCK | jq -r '.sha256')}
echo "$IMAGEMAGICK_SHA256 $IMAGEMAGICK_VERSION.tar.gz" > imagemagick.sha256
mkdir -p ImageMagick
wget -nv https://github.com/ImageMagick/ImageMagick/archive/${IMAGEMAGICK_VERSION}.tar.gz
sha256sum -c imagemagick.sha256
tar -xvf ${IMAGEMAGICK_VERSION}.tar.gz -C ImageMagick --strip-components=1
rm ${IMAGEMAGICK_VERSION}.tar.gz
rm imagemagick.sha256
patch -u ImageMagick/coders/dng.c -i use-camera-wb.patch
cd ImageMagick
./configure --with-modules
make -j$(nproc)
make install
cd .. && rm -rf ImageMagick
ldconfig /usr/local/lib

22
server/bin/build-libraw.sh
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env bash
set -e
LOCK=$(jq -c '.packages[] | select(.name == "libraw")' build-lock.json)
LIBRAW_VERSION=${LIBRAW_VERSION:=$(echo $LOCK | jq -r '.version')}
LIBRAW_SHA256=${LIBRAW_SHA256:=$(echo $LOCK | jq -r '.sha256')}
echo "$LIBRAW_SHA256 $LIBRAW_VERSION.tar.gz" > libraw.sha256
mkdir -p libraw
wget -nv https://github.com/libraw/libraw/archive/${LIBRAW_VERSION}.tar.gz
sha256sum -c libraw.sha256
tar -xvf ${LIBRAW_VERSION}.tar.gz -C libraw --strip-components=1
rm ${LIBRAW_VERSION}.tar.gz
rm libraw.sha256
cd libraw
autoreconf --install
./configure
make -j$(nproc)
make install
cd .. && rm -rf libraw
ldconfig /usr/local/lib

22
server/bin/build-libvips.sh
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env bash
set -e
LOCK=$(jq -c '.packages[] | select(.name == "libvips")' build-lock.json)
LIBVIPS_VERSION=${LIBVIPS_VERSION:=$(echo $LOCK | jq -r '.version')}
LIBVIPS_SHA256=${LIBVIPS_SHA256:=$(echo $LOCK | jq -r '.sha256')}
echo "$LIBVIPS_SHA256 vips-$LIBVIPS_VERSION.tar.xz" > libvips.sha256
mkdir -p libvips
wget -nv https://github.com/libvips/libvips/releases/download/v${LIBVIPS_VERSION}/vips-${LIBVIPS_VERSION}.tar.xz
sha256sum -c libvips.sha256
tar -xvf vips-${LIBVIPS_VERSION}.tar.xz -C libvips --strip-components=1
rm vips-${LIBVIPS_VERSION}.tar.xz
rm libvips.sha256
cd libvips
meson setup build --buildtype=release --libdir=lib -Dintrospection=false -Dtiff=disabled
cd build
# ninja test # tests set concurrency too high for arm/v7
ninja install
cd .. && rm -rf libvips
ldconfig /usr/local/lib

20
server/bin/install-ffmpeg.sh
View File

@@ -1,20 +0,0 @@
#!/usr/bin/env bash
set -e
LOCK=$(jq -c '.packages[] | select(.name == "ffmpeg")' build-lock.json)
export TARGETARCH=${TARGETARCH:=$(dpkg --print-architecture)}
FFMPEG_VERSION=${FFMPEG_VERSION:=$(echo $LOCK | jq -r '.version')}
FFMPEG_SHA256=${FFMPEG_SHA256:=$(echo $LOCK | jq -r '.sha256[$ENV.TARGETARCH]')}
echo "$FFMPEG_SHA256 jellyfin-ffmpeg6_${FFMPEG_VERSION}-bookworm_${TARGETARCH}.deb" > ffmpeg.sha256
wget -nv https://github.com/jellyfin/jellyfin-ffmpeg/releases/download/v${FFMPEG_VERSION}/jellyfin-ffmpeg6_${FFMPEG_VERSION}-bookworm_${TARGETARCH}.deb
sha256sum -c ffmpeg.sha256
apt-get -yqq -f install ./jellyfin-ffmpeg6_${FFMPEG_VERSION}-bookworm_${TARGETARCH}.deb
rm jellyfin-ffmpeg6_${FFMPEG_VERSION}-bookworm_${TARGETARCH}.deb
rm ffmpeg.sha256
ldconfig /usr/lib/jellyfin-ffmpeg/lib
ln -s /usr/lib/jellyfin-ffmpeg/ffmpeg /usr/bin
ln -s /usr/lib/jellyfin-ffmpeg/ffprobe /usr/bin

9
server/bin/use-camera-wb.patch
View File

@@ -1,9 +0,0 @@
@@ -339,6 +339,8 @@
option=GetImageOption(image_info,"dng:use_camera_wb");
if (option != (const char *) NULL)
raw_info->params.use_camera_wb=IsStringTrue(option);
+ else
+ raw_info->params.use_camera_wb=MagickTrue;
option=GetImageOption(image_info,"dng:use-auto-wb");
if (option == (const char *) NULL)
option=GetImageOption(image_info,"dng:use_auto_wb");

28
server/build-lock.json
View File

@@ -1,28 +0,0 @@
{
"packages": [
{
"name": "imagemagick",
"version": "7.1.1-13",
"sha256": "8e3ce1aaad19da9f2ca444072bcc631d193a219e3ee11c13ad6d3c895044142c"
},
{
"name": "libraw",
"version": "0.21.1",
"sha256": "b63d7ffa43463f74afcc02f9083048c231349b41cc9255dec0840cf8a67b52e0"
},
{
"name": "libvips",
"version": "8.14.5",
"sha256": "90374e9f6fbd5657b5faf306cacda20658d6144d385316b59b865bc1a487b68d"
},
{
"name": "ffmpeg",
"version": "6.0-4",
"sha256": {
"amd64": "18d98b292b891cde86c2a08e5e989c3430e51a136cdc232bc4162fef3b4f0f44",
"arm64": "67eb1e5a38ac695dd253d9ac290ad0e9fb709e8260449a7445e8460b7db3c516",
"armhf": "a29605ab0eced3511c8a6623504fab5b8bb174a486d87f94bf5522ed9a5970e6"
}
}
]
}