Add Dockerfile and workflow to build

nymtech · Dec 6, 2024 · 2356e47 · 2356e47
1 parent 4877a93
commit 2356e47
Show file tree

Hide file tree

Showing 2 changed files with 90 additions and 0 deletions.
diff --git a/.github/workflows/push-nyx-chain-watcher.yaml b/.github/workflows/push-nyx-chain-watcher.yaml
@@ -0,0 +1,55 @@
+name: Build and upload Nyx Chain Watcher container to harbor.nymte.ch
+on:
+  workflow_dispatch:
+
+env:
+  WORKING_DIRECTORY: "nyx-chain-watcher"
+  CONTAINER_NAME: "nyx-chain-watcher"
+
+jobs:
+  build-container:
+    runs-on: arc-ubuntu-22.04-dind
+    steps:
+      - name: Login to Harbor
+        uses: docker/login-action@v3
+        with:
+          registry: harbor.nymte.ch
+          username: ${{ secrets.HARBOR_ROBOT_USERNAME }}
+          password: ${{ secrets.HARBOR_ROBOT_SECRET }}
+
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Configure git identity
+        run: |
+          git config --global user.email "lawrence@nymtech.net"
+          git config --global user.name "Lawrence Stalder"
+
+      - name: Get version from cargo.toml
+        uses: mikefarah/yq@v4.44.5
+        id: get_version
+        with:
+          cmd: yq -oy '.package.version' ${{ env.WORKING_DIRECTORY }}/Cargo.toml
+
+      - name: Check if tag exists
+        run: |
+          if git rev-parse ${{ steps.get_version.outputs.value }} >/dev/null 2>&1; then
+            echo "Tag ${{ steps.get_version.outputs.value }} already exists"
+          fi
+
+      - name: Remove existing tag if exists
+        run: |
+          if git rev-parse ${{ env.WORKING_DIRECTORY }}-${{ steps.get_version.outputs.result }} >/dev/null 2>&1; then
+            git push --delete origin ${{ env.WORKING_DIRECTORY }}-${{ steps.get_version.outputs.result }}
+            git tag -d ${{ env.WORKING_DIRECTORY }}-${{ steps.get_version.outputs.result }}
+          fi
+
+      - name: Create tag
+        run: |
+          git tag -a ${{ env.WORKING_DIRECTORY }}-${{ steps.get_version.outputs.result }} -m "Version ${{ steps.get_version.outputs.result }}"
+          git push origin ${{ env.WORKING_DIRECTORY }}-${{ steps.get_version.outputs.result }}
+
+      - name: BuildAndPushImageOnHarbor
+        run: |
+          docker build -f ${{ env.WORKING_DIRECTORY }}/Dockerfile . -t harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }}:${{ steps.get_version.outputs.result }} -t harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }}:latest
+          docker push harbor.nymte.ch/nym/${{ env.CONTAINER_NAME }} --all-tags
diff --git a/nyx-chain-watcher/Dockerfile b/nyx-chain-watcher/Dockerfile
@@ -0,0 +1,35 @@
+FROM rust:latest AS builder
+
+COPY ./ /usr/src/nym
+WORKDIR /usr/src/nym/nym-credential-proxy/nym-credential-proxy
+
+RUN cargo build --release
+
+#-------------------------------------------------------------------
+# The following environment variables are required at runtime:
+#
+# NYM_CREDENTIAL_PROXY_MNEMONIC
+# NYM_CREDENTIAL_PROXY_AUTH_TOKEN
+#
+# WEBHOOK_ZK_NYMS_URL
+# WEBHOOK_ZK_NYMS_CLIENT_ID
+# WEBHOOK_ZK_NYMS_CLIENT_SECRET
+#
+# And optionally:
+#
+# NYM_CREDENTIAL_PROXY_PORT
+# NYM_CREDENTIAL_PROXY_BIND_ADDRESS
+# NYM_CREDENTIAL_PROXY_PERSISTENT_STORAGE_STORAGE
+#
+# see https://github.com/nymtech/nym/blob/develop/nym-credential-proxy/nym-credential-proxy/src/cli.rs for details
+#-------------------------------------------------------------------
+
+FROM ubuntu:24.04
+
+RUN apt update && apt install -yy curl ca-certificates
+
+WORKDIR /nym
+
+COPY --from=builder /usr/src/nym/nym-credential-proxy/target/release/nym-credential-proxy ./
+ENTRYPOINT [ "/nym/nym-credential-proxy" ]
+