From ccdfc8d747c3ce573fb3b89d5de8fc0ff6e010b2 Mon Sep 17 00:00:00 2001
From: mozillazg <mozillazg101@gmail.com>
Date: Sat, 26 Oct 2024 07:07:20 +0000
Subject: [PATCH] feat(docker): support running with docker

---
 .github/workflows/docker-latest-image.yml | 105 ++++++++++++++++++++++
 Dockerfile                                |   9 ++
 Makefile                                  |   7 +-
 testdata/run_in_docker.sh                 |  11 +++
 4 files changed, 129 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/docker-latest-image.yml
 create mode 100644 Dockerfile
 create mode 100644 testdata/run_in_docker.sh

diff --git a/.github/workflows/docker-latest-image.yml b/.github/workflows/docker-latest-image.yml
new file mode 100644
index 00000000..82462891
--- /dev/null
+++ b/.github/workflows/docker-latest-image.yml
@@ -0,0 +1,105 @@
+name: docker-latest-image
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+      - 'docker-image'
+
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: quay.io
+  # github.repository as <account>/<repo>
+  IMAGE_NAME: 'ptcpdump/ptcpdump'
+
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+        with:
+          fetch-depth: 100
+
+      # Set up BuildKit Docker container builder to be able to build
+      # multi-platform images and export cache
+      # https://github.com/docker/setup-buildx-action
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+        with:
+          platforms: linux/amd64,linux/arm64
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.QUAY_USER }}
+          password: ${{ secrets.QUAY_PASSWD }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: generate tag name
+        run: |
+          echo "TAG_NAME=$(git describe)" >> $GITHUB_ENV
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image (no latest tag)
+        id: build-and-push
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
+        with:
+          context: .
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          # platforms: linux/amd64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_NAME }}'
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+#
+#      - name: test image
+#        run: |
+#          set -xe
+#
+#          IMAGE='${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_NAME }}'
+#
+#          docker run --rm "${IMAGE}" ptcpdump -i any -c
+#
+#
+#      # Build and push Docker image with Buildx (don't push on PR)
+#      # https://github.com/docker/build-push-action
+#      - name: Build and push Docker image (latest tag)
+#        id: build-and-push-latest
+#        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0
+#        with:
+#          context: .
+#          file: Dockerfile
+#          platforms: linux/amd64,linux/arm64
+#          # platforms: linux/amd64
+#          push: ${{ github.event_name != 'pull_request' }}
+#          tags: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest'
+#          labels: ${{ steps.meta.outputs.labels }}
+#          cache-from: type=gha
+#          cache-to: type=gha,mode=max
+#
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..5dcc0661
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,9 @@
+# .github/build.Dockerfile
+FROM quay.io/ptcpdump/develop:latest as build
+WORKDIR /app
+COPY . .
+RUN make build
+
+FROM busybox:latest
+WORKDIR /ptcpdump
+COPY --from=build /app/pwru /usr/local/bin/
diff --git a/Makefile b/Makefile
index 61946fa3..8e678352 100644
--- a/Makefile
+++ b/Makefile
@@ -28,7 +28,8 @@ CARCH ?= $(shell uname -m)
 LIBPCAP_ARCH = $(CARCH)-unknown-linux-gnu
 LIBPCAP_CC ?= gcc
 
-IMAGE_BUILD ?= quay.io/ptcpdump/develop:latest
+IMAGE_DEV ?= quay.io/ptcpdump/develop:latest
+IMAGE_BIN ?= quay.io/ptcpdump/ptcpdump:latest
 
 .PHONY: libpcap
 libpcap: $(LIBPCAP_OBJ)
@@ -76,12 +77,12 @@ build-bpf:
 
 .PHONY: build-bpf-via-docker
 build-bpf-via-docker:
-	docker run --rm -v `pwd`:/app quay.io/ptcpdump/develop:latest make build-bpf
+	docker run --rm -v `pwd`:/app $(IMAGE_DEV) make build-bpf
 
 
 .PHONY: build-via-docker
 build-via-docker:
-	docker run --rm -v `pwd`:/app quay.io/ptcpdump/develop:latest make build
+	docker run --rm -v `pwd`:/app $(IMAGE_DEV) make build
 
 
 .PHONY: lint
diff --git a/testdata/run_in_docker.sh b/testdata/run_in_docker.sh
new file mode 100644
index 00000000..f0455851
--- /dev/null
+++ b/testdata/run_in_docker.sh
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+set -ex
+
+IMAGE="$1"
+shift
+
+docker --privileged --rm -t --net=host --pid=host \
+  -v /sys/kernel/debug/:/sys/kernel/debug/ \
+  -v /run/netns/:/run/netns/ \
+  -v `pwd`:/ptcpdump "${IMAGE}" ptcpdump $@