mirror of
				https://github.com/meshtastic/firmware.git
				synced 2025-10-25 06:12:48 +00:00 
			
		
		
		
	 b12ac6d564
			
		
	
	
		b12ac6d564
		
			
		
	
	
	
		
			
	
		
	
	
		
			Some checks are pending
		
		
	
	CI / setup (check) (push) Waiting to run
				
			CI / setup (esp32) (push) Waiting to run
				
			CI / setup (esp32c3) (push) Waiting to run
				
			CI / setup (esp32c6) (push) Waiting to run
				
			CI / setup (esp32s3) (push) Waiting to run
				
			CI / setup (nrf52840) (push) Waiting to run
				
			CI / setup (rp2040) (push) Waiting to run
				
			CI / setup (stm32) (push) Waiting to run
				
			CI / check (push) Blocked by required conditions
				
			CI / build-esp32 (push) Blocked by required conditions
				
			CI / build-esp32-s3 (push) Blocked by required conditions
				
			CI / build-esp32-c3 (push) Blocked by required conditions
				
			CI / build-esp32-c6 (push) Blocked by required conditions
				
			CI / build-nrf52 (push) Blocked by required conditions
				
			CI / build-rpi2040 (push) Blocked by required conditions
				
			CI / build-stm32 (push) Blocked by required conditions
				
			CI / package-raspbian (push) Waiting to run
				
			CI / package-raspbian-armv7l (push) Waiting to run
				
			CI / package-native (push) Waiting to run
				
			CI / build-docker (push) Waiting to run
				
			CI / after-checks (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32c3) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32c6) (push) Blocked by required conditions
				
			CI / gather-artifacts (esp32s3) (push) Blocked by required conditions
				
			CI / gather-artifacts (nrf52840) (push) Blocked by required conditions
				
			CI / gather-artifacts (rp2040) (push) Blocked by required conditions
				
			CI / gather-artifacts (stm32) (push) Blocked by required conditions
				
			CI / release-artifacts (push) Blocked by required conditions
				
			CI / release-firmware (esp32) (push) Blocked by required conditions
				
			CI / release-firmware (esp32c3) (push) Blocked by required conditions
				
			CI / release-firmware (esp32c6) (push) Blocked by required conditions
				
			CI / release-firmware (esp32s3) (push) Blocked by required conditions
				
			CI / release-firmware (nrf52840) (push) Blocked by required conditions
				
			CI / release-firmware (rp2040) (push) Blocked by required conditions
				
			CI / release-firmware (stm32) (push) Blocked by required conditions
				
			Flawfinder Scan / Flawfinder (push) Waiting to run
				
			
		
			
				
	
	
		
			42 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Docker
		
	
	
	
	
	
			
		
		
	
	
			42 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Docker
		
	
	
	
	
	
| # trunk-ignore-all(trivy/DS002): We must run as root for this container
 | |
| # trunk-ignore-all(checkov/CKV_DOCKER_8): We must run as root for this container
 | |
| # trunk-ignore-all(hadolint/DL3002): We must run as root for this container
 | |
| 
 | |
| FROM python:3.12-alpine3.21 AS builder
 | |
| 
 | |
| ENV PIP_ROOT_USER_ACTION=ignore
 | |
| RUN apk add bash g++ libstdc++-dev linux-headers zip git ca-certificates libgpiod-dev yaml-cpp-dev bluez-dev \
 | |
|         libusb-dev i2c-tools-dev openssl-dev pkgconf argp-standalone && \
 | |
|     pip install --no-cache-dir -U platformio==6.1.16 && \
 | |
|     mkdir /tmp/firmware
 | |
| 
 | |
| WORKDIR /tmp/firmware
 | |
| COPY . /tmp/firmware
 | |
| 
 | |
| # Create small package (no debugging symbols)
 | |
| # Add `argp` for musl
 | |
| ENV PLATFORMIO_BUILD_FLAGS="-Os -ffunction-sections -fdata-sections -Wl,--gc-sections -largp"
 | |
| 
 | |
| RUN bash ./bin/build-native.sh && \
 | |
|     cp "/tmp/firmware/release/meshtasticd_linux_$(uname -m)" "/tmp/firmware/release/meshtasticd"
 | |
| 
 | |
| # ##### PRODUCTION BUILD #############
 | |
| 
 | |
| FROM alpine:3.21
 | |
| 
 | |
| # nosemgrep: dockerfile.security.last-user-is-root.last-user-is-root
 | |
| USER root
 | |
| 
 | |
| RUN apk add libstdc++ libgpiod yaml-cpp libusb i2c-tools \
 | |
|     && mkdir -p /var/lib/meshtasticd \
 | |
|     && mkdir -p /etc/meshtasticd/config.d
 | |
| COPY --from=builder /tmp/firmware/release/meshtasticd /usr/sbin/
 | |
| 
 | |
| WORKDIR /var/lib/meshtasticd
 | |
| VOLUME /var/lib/meshtasticd
 | |
| 
 | |
| EXPOSE 4403
 | |
| 
 | |
| CMD [ "sh",  "-cx", "meshtasticd --fsdir=/var/lib/meshtasticd" ]
 | |
| 
 | |
| HEALTHCHECK NONE |