mii/ncb-tts-r2
1
0
Fork 0
mirror of https://github.com/mii443/ncb-tts-r2.git synced 2025-08-22 16:15:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

update Docker things

Browse Source
This commit is contained in:
mii443
2025-05-25 00:10:08 +09:00
parent 879644f30c
commit 65db668e2a
2 changed files with 37 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.github/workflows/build.yml vendored
View File

@ -8,43 +8,29 @@ jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v2 - uses: actions/checkout@v4
name: Checkout name: Checkout
- uses: docker/metadata-action@v3 - uses: docker/metadata-action@v4
id: meta id: meta
with: with:
images: ghcr.io/mii443/ncb-tts-r2 images: ghcr.io/mii443/ncb-tts-r2
tags: | tags: |
type=semver,pattern={{version}} type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
- uses: docker/login-action@v1 - uses: docker/login-action@v2
with: with:
registry: ghcr.io registry: ghcr.io
username: mii443 username: mii443
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v2
with:
platforms: linux/amd64,linux/arm64
- name: Cache Docker layers - uses: docker/build-push-action@v4
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- uses: docker/build-push-action@v2
with: with:
context: . context: .
push: true push: true
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=local,src=/tmp/.buildx-cache cache-from: type=gha
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max cache-to: type=gha,mode=max
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache

34
Dockerfile
View File

@ -1,5 +1,5 @@
FROM lukemathwalker/cargo-chef:latest-rust-1.82 AS chef FROM lukemathwalker/cargo-chef:latest-rust-1.82 AS chef
WORKDIR app WORKDIR /app
FROM chef AS planner FROM chef AS planner
COPY . . COPY . .
@ -7,13 +7,39 @@ RUN cargo chef prepare --recipe-path recipe.json
FROM chef AS builder FROM chef AS builder
COPY --from=planner /app/recipe.json recipe.json COPY --from=planner /app/recipe.json recipe.json
RUN apt-get update && apt-get install -y --no-install-recommends ffmpeg libssl-dev pkg-config libopus-dev gcc && apt-get -y clean RUN apt-get update && \
apt-get install -y --no-install-recommends \
ffmpeg \
libssl-dev \
pkg-config \
libopus-dev \
gcc && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
RUN cargo chef cook --release --recipe-path recipe.json RUN cargo chef cook --release --recipe-path recipe.json
COPY . . COPY . .
RUN cargo build --release RUN cargo build --release
FROM ubuntu:22.04 AS runtime FROM ubuntu:22.04 AS runtime
WORKDIR /ncb-tts-r2 WORKDIR /ncb-tts-r2
RUN apt-get update && apt-get install -y --no-install-recommends openssl ca-certificates ffmpeg libssl-dev libopus-dev && apt-get -y clean
COPY --from=builder /app/target/release/ncb-tts-r2 /usr/local/bin # 非rootユーザーの作成
RUN groupadd -r appgroup && useradd -r -g appgroup appuser
RUN apt-get update && \
apt-get install -y --no-install-recommends \
openssl \
ca-certificates \
ffmpeg \
libssl-dev \
libopus-dev && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
COPY --from=builder /app/target/release/ncb-tts-r2 /usr/local/bin/ncb-tts-r2
RUN chmod +x /usr/local/bin/ncb-tts-r2
# 非rootユーザーに切り替え
USER appuser
ENTRYPOINT ["/usr/local/bin/ncb-tts-r2"] ENTRYPOINT ["/usr/local/bin/ncb-tts-r2"]