For easier integration into docker buildx, Recyclarr is now built inside
of the Dockerfile as a dedicated build stage. This simplified the CI
workflows and local testing a bit.
The changes for this new process were driven by Microsoft's recommended
approach to building .NET applications inside Docker, which is
documented here:
https://github.com/dotnet/dotnet-docker/blob/main/samples/README.md
Due to [an issue][1] with the `actions/upload-artifact` action, when
binaries are uploaded they lose permission bits and `xattr` properties.
Composite actions `upload-tar` and `download-tar` have been added that
tarball the artifacts before uploading them to retain those properties.
[1]: https://github.com/actions/upload-artifact/issues/38
Changelog:
- Sign & notarize Recyclarr on macOS platforms (arm64, x64)
- Use `tar.xz` instead of `zip` on mac & linux platforms
- Compile linux binaries on the ubuntu-latest Github runner
- Compile macOS binaries on the macos-latest Github runner
- Executable size reduced by disabling ReadyToRun
Fixes#39
Reason: The docker image avoided using the upstream `dotnet/runtime`
image to save on image size. Total image size without it was under 50MB.
By using the upstream image, image size goes up to about 120MB.
The maintainability cost of avoiding the upstream image isn't worth it.
It's also error prone, which is why this bug happened.
The solution is to just use the upstream runtime image. Total image size
goes up but it's more robust.
Fixes#147.
It's been a sufficient amount of time since support for these variables
has been removed; users should no longer require an explicit error to
remind them to use `--user` from now on.
Fixes#115.
Users that do not do bind-mount for the `/config` volume saw permissions
issues with that directory because it was owned by the `root` user. This
change forces the ownership of `/config` to `1000:1000` for those that
plan to use vanilla docker volumes instead.
Edge builds previously would either download from the latest release on
github or directly compile the code. However, dotnet apparently has some
compatibility issues when run inside of a container built with qemu +
buildx.
The approach chosen going forward is to simply copy the builds from the
github workflow artifacts directly into the container during the build
process. This ended up causing a lot of change, mainly cleanup and
simplifying things.
Single-file builds incur a performance cost. Mainly because the runtime
must extract the contents of the C# application to a temp directory in
order for it to run. In a Docker container, single-file offers no
tangible benefit because the user isn't interacting directly with those
files.
To gain some performance improvement, single-file is disabled for MUSL
builds. Furthermore, the docker image is reconfigured to place the
Recyclarr binary files in a different directory. Previously, as a
single-file binary, it was placed in the container at `/usr/local/bin`,
but now that it is a multiple-file application, it now lives in
`/app/recyclarr`.
The recyclarr docker image no longer requires root.
- `PUID` and `PGID` environment variables are no longer used.
- `recyclarr.yml` is no longer created if it is missing.
Fixes#102
A new `edge` tag will be published for docker builds resulting from
relevant changes on `master`. This provides an opportunity for the
community to test Docker-specific changes prior to the next release of
Recyclarr itself.
The non-root user and group were still being created in the Dockerfile,
which means that if the PUID or PGID were modified, those changes would
not be processed.
This change completely removes the `adduser` / `addgroup` commands and
instead the user spec is passed directly to `su-exec`.