diff --git a/images/chromium-headful/Dockerfile b/images/chromium-headful/Dockerfile index 4e87c9a7..4ddc280f 100644 --- a/images/chromium-headful/Dockerfile +++ b/images/chromium-headful/Dockerfile @@ -1,51 +1,69 @@ FROM docker.io/golang:1.25.0 AS server-builder WORKDIR /workspace/server -ARG TARGETOS +# Allow cross-compilation when building with BuildKit platforms ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-golang1250 ENV CGO_ENABLED=0 COPY server/go.mod ./ COPY server/go.sum ./ -RUN --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg/mod \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ go mod download COPY server/ . # Build kernel-images API -RUN --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg/mod \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ go build -ldflags="-s -w" -o /out/kernel-images-api ./cmd/api # Build chromium launcher -RUN GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ + GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ go build -ldflags="-s -w" -o /out/chromium-launcher ./cmd/chromium-launcher # webrtc client FROM node:22-bullseye-slim AS client WORKDIR /src + +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-node22bullseye + COPY images/chromium-headful/client/package*.json ./ -RUN --mount=type=cache,target=/root/.npm npm install +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm install COPY images/chromium-headful/client/ . -RUN --mount=type=cache,target=/root/.npm npm run build +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm run build # xorg dependencies FROM docker.io/ubuntu:22.04 AS xorg-deps WORKDIR /xorg + +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 + ENV DEBIAN_FRONTEND=noninteractive -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ rm -f /etc/apt/apt.conf.d/docker-clean; \ echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ - set -eux; \ apt-get update; \ apt-get --no-install-recommends -y install \ git gcc pkgconf autoconf automake libtool make xorg-dev xutils-dev; COPY images/chromium-headful/xorg-deps/ /xorg/ # build xf86-video-dummy v0.3.8 with RandR support -RUN set -eux; \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ cd xf86-video-dummy/v0.3.8; \ patch -p1 < ../01_v0.3.8_xdummy-randr.patch; \ autoreconf -v --install; \ @@ -53,23 +71,96 @@ RUN set -eux; \ make -j$(nproc); \ make install; # build custom input driver -RUN set -eux; \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ cd xf86-input-neko; \ ./autogen.sh --prefix=/usr; \ ./configure; \ make -j$(nproc); \ make install; +FROM docker.io/ubuntu:22.04 AS ffmpeg-downloader + +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -xe; \ + rm -f /etc/apt/apt.conf.d/docker-clean; \ + echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ + apt-get -yqq update; \ + apt-get -yqq --no-install-recommends install ca-certificates curl xz-utils; + +# Download FFmpeg (latest static build) for the recording server +RUN --mount=type=cache,target=/tmp/cache/ffmpeg,sharing=locked,id=$CACHEIDPREFIX-ffmpeg \ + <<-'EOT' + set -eux + FFMPEG_CACHE_PATH="/tmp/cache/ffmpeg" + case ${TARGETARCH:-amd64} in + "amd64") FFMPEG_TARGET_ARCH="64" ;; + "arm64") FFMPEG_TARGET_ARCH="arm64" ;; + esac + FFMPEG_TARGET=linux${FFMPEG_TARGET_ARCH:?} + ARCHIVE_NAME="ffmpeg-n7.1-latest-${FFMPEG_TARGET}-gpl-7.1.tar.xz" + FFMPEG_CACHED_ARCHIVE_PATH="$FFMPEG_CACHE_PATH/$ARCHIVE_NAME" + FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH="$FFMPEG_CACHED_ARCHIVE_PATH.sha256" + URL="https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/$ARCHIVE_NAME" + TEMPORARY_SHA256_CHECKSUM_PATH=$(mktemp /tmp/tmp_sha256.XXXXXXXXXX) + CONTINUE="true" + echo "Downloading FFmpeg checksum" + if curl --connect-timeout 10 -fsSL "https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/checksums.sha256" -o $TEMPORARY_SHA256_CHECKSUM_PATH; then + grep -F "$ARCHIVE_NAME" $TEMPORARY_SHA256_CHECKSUM_PATH > $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH + else + echo "Failed to connect to ffmpeg static build provider for checksum." + echo "Checking for cached version to use." + if [ -f "$FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH" ]; then + echo "Found cached checksum." + else + echo "Unable to locate cached checksum." + CONTINUE="false" + fi + fi + rm $TEMPORARY_SHA256_CHECKSUM_PATH + + if [ "$CONTINUE" = "false" ]; then + exit 1 + fi + + echo "Checking cache for FFmpeg archive and validating checksum" + if (cd $FFMPEG_CACHE_PATH && sha256sum --check $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH); then + echo "Checksum validated, using cached FFmpeg archive" + else + echo "Downloading FFmpeg static build from $URL" + curl -fsSL "$URL" -o $FFMPEG_CACHED_ARCHIVE_PATH + echo "Validating checksum of FFmpeg static build download" + (cd $FFMPEG_CACHE_PATH && sha256sum --check $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH) + fi + + tar -xJf $FFMPEG_CACHED_ARCHIVE_PATH -C /tmp + install -m755 /tmp/ffmpeg-*/bin/ffmpeg /usr/local/bin/ffmpeg + install -m755 /tmp/ffmpeg-*/bin/ffprobe /usr/local/bin/ffprobe + rm -rf /tmp/ffmpeg* +EOT + FROM ghcr.io/onkernel/neko/base:3.0.8-v1.3.0 AS neko # ^--- now has event.SYSTEM_PONG with legacy support to keepalive FROM node:22-bullseye-slim AS node-22 FROM docker.io/ubuntu:22.04 +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 + ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_PRIORITY=high -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ rm -f /etc/apt/apt.conf.d/docker-clean; \ echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ apt-get update && \ @@ -119,45 +210,16 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptca fonts-nanum \ fontconfig \ unzip && \ - apt-get clean && fc-cache -f + fc-cache -f # install ffmpeg manually since the version available in apt is from the 4.x branch due to #drama. -# as of writing these static builds will be the latest 7.0.x release. -RUN --mount=type=cache,target=/tmp/cache/ffmpeg,id=ffmpeg \ - <<-'EOT' - set -eux - URL="https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz" - echo "Downloading FFmpeg MD5 checksum" - if ! curl --connect-timeout 10 -fsSL "${URL}.md5" -o /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5; then - echo "Failed to connect to ffmpeg static build provider for MD5 checksum." - echo "Checking for cached version to use." - if [ ! -f /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 ]; then - echo "Unable to locate cached MD5 checksum. Exiting." - exit 1 - else - echo "Found cached MD5 checksum." - fi - fi - sed -i -e 's/ .*$/ \/tmp\/cache\/ffmpeg\/ffmpeg.tar.xz/' /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 - echo "Checking cache for FFmpeg archive and validating MD5 checksum" - if md5sum --check /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5; then - echo "Checksum validated, using cached FFmpeg archive" - else - echo "Downloading FFmpeg static build from $URL" - curl -fsSL "$URL" -o /tmp/cache/ffmpeg/ffmpeg.tar.xz - echo "Validating MD5 checksum of FFmpeg static build download" - md5sum --check /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 - fi - tar -xJf /tmp/cache/ffmpeg/ffmpeg.tar.xz -C /tmp - install -m755 /tmp/ffmpeg-*/ffmpeg /usr/local/bin/ffmpeg - install -m755 /tmp/ffmpeg-*/ffprobe /usr/local/bin/ffprobe - rm -rf /tmp/ffmpeg* -EOT +COPY --from=ffmpeg-downloader /usr/local/bin/ffmpeg /usr/local/bin/ffmpeg +COPY --from=ffmpeg-downloader /usr/local/bin/ffprobe /usr/local/bin/ffprobe # runtime ENV USERNAME=root -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ set -eux; \ apt-get update; \ apt-get --no-install-recommends -y install \ @@ -190,11 +252,11 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptca chown -R $USERNAME:$USERNAME /home/$USERNAME; # install chromium and sqlite3 for debugging the cookies file -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ add-apt-repository -y ppa:xtradeb/apps; -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ apt update -y && \ apt -y install chromium && \ apt --no-install-recommends -y install sqlite3; @@ -215,7 +277,7 @@ RUN set -eux; \ fi # Install TypeScript and Playwright globally -RUN --mount=type=cache,target=/root/.npm npm install -g typescript playwright-core tsx +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm install -g typescript playwright-core tsx # setup desktop env & app ENV DISPLAY_NUM=1 diff --git a/images/chromium-headful/client/Dockerfile b/images/chromium-headful/client/Dockerfile index 85e77c36..44b9eccf 100644 --- a/images/chromium-headful/client/Dockerfile +++ b/images/chromium-headful/client/Dockerfile @@ -3,15 +3,20 @@ FROM $BASE_IMAGE AS client WORKDIR /src +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-node18bullseye + # # install dependencies COPY package*.json ./ -RUN --mount=type=cache,target=/root/.npm npm install +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm install # # build client COPY . . -RUN --mount=type=cache,target=/root/.npm npm run build +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm run build # # artifacts from this stage diff --git a/images/chromium-headful/xorg-deps/Dockerfile b/images/chromium-headful/xorg-deps/Dockerfile index 5e38145c..8f61945d 100644 --- a/images/chromium-headful/xorg-deps/Dockerfile +++ b/images/chromium-headful/xorg-deps/Dockerfile @@ -3,12 +3,16 @@ FROM $BASE_IMAGE AS xorg-deps WORKDIR /xorg +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 ENV DEBIAN_FRONTEND=noninteractive -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ rm -f /etc/apt/apt.conf.d/docker-clean; \ echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ - set -eux; \ apt-get update; \ apt-get --no-install-recommends -y install \ git gcc pkgconf autoconf automake libtool make xorg-dev xutils-dev; @@ -17,7 +21,9 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptca COPY . /xorg/ # build xf86-video-dummy v0.3.8 with RandR support -RUN set -eux; \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ cd xf86-video-dummy/v0.3.8; \ patch -p1 < ../01_v0.3.8_xdummy-randr.patch; \ autoreconf -v --install; \ @@ -26,7 +32,9 @@ RUN set -eux; \ make install; # build custom input driver -RUN set -eux; \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ cd xf86-input-neko; \ ./autogen.sh --prefix=/usr; \ ./configure; \ diff --git a/images/chromium-headful/xorg-deps/xf86-input-neko/Dockerfile b/images/chromium-headful/xorg-deps/xf86-input-neko/Dockerfile index 864de108..7e169ee4 100644 --- a/images/chromium-headful/xorg-deps/xf86-input-neko/Dockerfile +++ b/images/chromium-headful/xorg-deps/xf86-input-neko/Dockerfile @@ -1,12 +1,16 @@ FROM debian:bullseye-slim ENV DEBIAN_FRONTEND=noninteractive +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-debianbullseye -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=debian-bullseye-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=debian-bullseye-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ rm -f /etc/apt/apt.conf.d/docker-clean; \ echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ - set -eux; \ apt-get update; \ apt-get install --no-install-recommends -y \ gcc pkgconf autoconf automake libtool make xorg-dev xutils-dev; @@ -15,7 +19,9 @@ WORKDIR /app COPY ./ /app/ -RUN set -eux; \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -eux; \ ./autogen.sh --prefix=/usr; \ ./configure; \ make -j$(nproc); \ diff --git a/images/chromium-headless/image/Dockerfile b/images/chromium-headless/image/Dockerfile index 9c354b8b..d6229082 100644 --- a/images/chromium-headless/image/Dockerfile +++ b/images/chromium-headless/image/Dockerfile @@ -2,36 +2,111 @@ FROM docker.io/golang:1.25.0 AS server-builder WORKDIR /workspace/server # Allow cross-compilation when building with BuildKit platforms -ARG TARGETOS ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-golang1250 ENV CGO_ENABLED=0 # Go module dependencies first for better layer caching COPY server/go.mod ./ COPY server/go.sum ./ -RUN --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg/mod \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ go mod download COPY server/ . # Build kernel-images API -RUN --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg/mod \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ go build -ldflags="-s -w" -o /out/kernel-images-api ./cmd/api # Build chromium launcher -RUN GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ +RUN --mount=type=cache,target=/root/.cache/go-build,id=$CACHEIDPREFIX-go-build \ + --mount=type=cache,target=/go/pkg/mod,id=$CACHEIDPREFIX-go-pkg-mod \ + GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH:-amd64} \ go build -ldflags="-s -w" -o /out/chromium-launcher ./cmd/chromium-launcher +FROM docker.io/ubuntu:22.04 AS ffmpeg-downloader + +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -xe; \ + rm -f /etc/apt/apt.conf.d/docker-clean; \ + echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ + apt-get -yqq update; \ + apt-get -yqq --no-install-recommends install ca-certificates curl xz-utils; + +# Download FFmpeg (latest static build) for the recording server +RUN --mount=type=cache,target=/tmp/cache/ffmpeg,sharing=locked,id=$CACHEIDPREFIX-ffmpeg \ + <<-'EOT' + set -eux + FFMPEG_CACHE_PATH="/tmp/cache/ffmpeg" + case ${TARGETARCH:-amd64} in + "amd64") FFMPEG_TARGET_ARCH="64" ;; + "arm64") FFMPEG_TARGET_ARCH="arm64" ;; + esac + FFMPEG_TARGET=linux${FFMPEG_TARGET_ARCH:?} + ARCHIVE_NAME="ffmpeg-n7.1-latest-${FFMPEG_TARGET}-gpl-7.1.tar.xz" + FFMPEG_CACHED_ARCHIVE_PATH="$FFMPEG_CACHE_PATH/$ARCHIVE_NAME" + FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH="$FFMPEG_CACHED_ARCHIVE_PATH.sha256" + URL="https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/$ARCHIVE_NAME" + TEMPORARY_SHA256_CHECKSUM_PATH=$(mktemp /tmp/tmp_sha256.XXXXXXXXXX) + CONTINUE="true" + echo "Downloading FFmpeg checksum" + if curl --connect-timeout 10 -fsSL "https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/checksums.sha256" -o $TEMPORARY_SHA256_CHECKSUM_PATH; then + grep -F "$ARCHIVE_NAME" $TEMPORARY_SHA256_CHECKSUM_PATH > $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH + else + echo "Failed to connect to ffmpeg static build provider for checksum." + echo "Checking for cached version to use." + if [ -f "$FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH" ]; then + echo "Found cached checksum." + else + echo "Unable to locate cached checksum." + CONTINUE="false" + fi + fi + rm $TEMPORARY_SHA256_CHECKSUM_PATH + + if [ "$CONTINUE" = "false" ]; then + exit 1 + fi + + echo "Checking cache for FFmpeg archive and validating checksum" + if (cd $FFMPEG_CACHE_PATH && sha256sum --check $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH); then + echo "Checksum validated, using cached FFmpeg archive" + else + echo "Downloading FFmpeg static build from $URL" + curl -fsSL "$URL" -o $FFMPEG_CACHED_ARCHIVE_PATH + echo "Validating checksum of FFmpeg static build download" + (cd $FFMPEG_CACHE_PATH && sha256sum --check $FFMPEG_CACHED_ARCHIVE_CHECKSUM_PATH) + fi + + tar -xJf $FFMPEG_CACHED_ARCHIVE_PATH -C /tmp + install -m755 /tmp/ffmpeg-*/bin/ffmpeg /usr/local/bin/ffmpeg + install -m755 /tmp/ffmpeg-*/bin/ffprobe /usr/local/bin/ffprobe + rm -rf /tmp/ffmpeg* +EOT + FROM node:22-bullseye-slim AS node-22 FROM docker.io/ubuntu:22.04 -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ + +# Allow cross-compilation when building with BuildKit platforms +ARG TARGETARCH +ARG TARGETOS +ARG CACHEIDPREFIX=${TARGETOS:-linux}-${TARGETARCH:-amd64}-ubuntu2204 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ + set -xe; \ rm -f /etc/apt/apt.conf.d/docker-clean; \ echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache; \ - set -xe; \ apt-get -yqq update; \ apt-get -yqq --no-install-recommends install \ libcups2 \ @@ -71,11 +146,11 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptca fc-cache -f # install chromium and sqlite3 for debugging the cookies file -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ add-apt-repository -y ppa:xtradeb/apps -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ apt-get update -y && \ apt-get -y install chromium && \ apt-get --no-install-recommends -y install sqlite3; @@ -85,40 +160,12 @@ RUN mkdir -p /etc/chromium/policies/managed COPY shared/chromium-policies/managed/policy.json /etc/chromium/policies/managed/policy.json # Install FFmpeg (latest static build) for the recording server -RUN --mount=type=cache,target=/tmp/cache/ffmpeg,id=ffmpeg \ - <<-'EOT' - set -eux - URL="https://johnvansickle.com/ffmpeg/releases/ffmpeg-release-amd64-static.tar.xz" - echo "Downloading FFmpeg MD5 checksum" - if ! curl --connect-timeout 10 -fsSL "${URL}.md5" -o /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5; then - echo "Failed to connect to ffmpeg static build provider for MD5 checksum." - echo "Checking for cached version to use." - if [ ! -f /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 ]; then - echo "Unable to locate cached MD5 checksum. Exiting." - exit 1 - else - echo "Found cached MD5 checksum." - fi - fi - sed -i -e 's/ .*$/ \/tmp\/cache\/ffmpeg\/ffmpeg.tar.xz/' /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 - echo "Checking cache for FFmpeg archive and validating MD5 checksum" - if md5sum --check /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5; then - echo "Checksum validated, using cached FFmpeg archive" - else - echo "Downloading FFmpeg static build from $URL" - curl -fsSL "$URL" -o /tmp/cache/ffmpeg/ffmpeg.tar.xz - echo "Validating MD5 checksum of FFmpeg static build download" - md5sum --check /tmp/cache/ffmpeg/ffmpeg.tar.xz.md5 - fi - tar -xJf /tmp/cache/ffmpeg/ffmpeg.tar.xz -C /tmp - install -m755 /tmp/ffmpeg-*/ffmpeg /usr/local/bin/ffmpeg - install -m755 /tmp/ffmpeg-*/ffprobe /usr/local/bin/ffprobe - rm -rf /tmp/ffmpeg* -EOT +COPY --from=ffmpeg-downloader /usr/local/bin/ffmpeg /usr/local/bin/ffmpeg +COPY --from=ffmpeg-downloader /usr/local/bin/ffprobe /usr/local/bin/ffprobe # Remove upower to prevent spurious D-Bus activations and logs -RUN --mount=type=cache,target=/var/cache/apt,sharing=private,id=ubuntu2204-aptcache \ - --mount=type=cache,target=/var/lib/apt,sharing=private,id=ubuntu2204-aptlib \ +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=$CACHEIDPREFIX-apt-cache \ + --mount=type=cache,target=/var/lib/apt,sharing=locked,id=$CACHEIDPREFIX-apt-lib \ apt-get -yqq purge upower || true # install Node.js 22.x by copying from the node:22-bullseye-slim stage @@ -133,7 +180,7 @@ RUN set -eux; \ fi # Install TypeScript and Playwright globally -RUN npm install -g typescript playwright-core tsx +RUN --mount=type=cache,target=/root/.npm,id=$CACHEIDPREFIX-npm npm install -g typescript playwright-core tsx ENV WITHDOCKER=true