From 9782d4c268cdbab3fb5ab2f8421c8bfc5169534e Mon Sep 17 00:00:00 2001
From: guochao <guochao@cn.nutstore.net>
Date: Tue, 21 Nov 2023 15:04:54 +0800
Subject: [PATCH] add more build examples

---
 build/Dockerfile.ubuntu-build-with-tracer | 38 +++++++++++++++++++++++
 build/Dockerfile.ubuntu-env-override      | 25 +++++++++++++++
 data/.keep                                |  0
 data/demo.xml.skip                        | 30 ++++++++++++++++++
 4 files changed, 93 insertions(+)
 create mode 100644 build/Dockerfile.ubuntu-build-with-tracer
 create mode 100644 build/Dockerfile.ubuntu-env-override
 create mode 100644 data/.keep
 create mode 100644 data/demo.xml.skip

diff --git a/build/Dockerfile.ubuntu-build-with-tracer b/build/Dockerfile.ubuntu-build-with-tracer
new file mode 100644
index 0000000..3e8e042
--- /dev/null
+++ b/build/Dockerfile.ubuntu-build-with-tracer
@@ -0,0 +1,38 @@
+ARG  REGISTRY=docker.io
+ARG  BASE_IMAGE=library/ubuntu:20.04
+
+ARG  ONLYOFFICE_IMAGE=onlyoffice/documentserver:7.5
+
+FROM ${REGISTRY}/${BASE_IMAGE} as base
+
+FROM ${REGISTRY}/${ONLYOFFICE_IMAGE} as runtime-base
+RUN  apt update && apt install libseccomp2 -y && rm -rf /var/apt
+
+FROM base as builder-base
+RUN  ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && apt update && apt install build-essential libseccomp-dev curl pkg-config -y
+RUN  curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s - -y
+COPY Cargo.toml Cargo.lock build.rs /src/
+COPY src /src/src
+COPY x2t-sandbox-rulegen /src/x2t-sandbox-rulegen
+WORKDIR /src
+
+FROM builder-base as tracer-builder
+RUN  /root/.cargo/bin/cargo build --release --features tracing-mode
+
+FROM runtime-base as tracer-generate-syscalls
+COPY data /data
+COPY --from=tracer-builder /src/target/release/x2t-sandbox /usr/local/bin/x2t-sandbox
+RUN  bash -c 'set -euo pipefail; for filename in $(ls /data/ | grep "\.xml$"); do /usr/local/bin/x2t-sandbox -l $filename.out /var/www/onlyoffice/documentserver/server/FileConverter/bin/x2t /data/$filename; done'
+RUN  cat *.out | sort | uniq > x2t-syscalls.txt
+
+FROM builder-base as sandbox-builder
+COPY --from=tracer-generate-syscalls /x2t-syscalls.txt /src/x2t-syscalls.txt
+RUN  /root/.cargo/bin/cargo build --release --features tracing-mode
+
+FROM runtime-base as onlyoffice-output
+COPY --from=sandbox-builder /src/target/release/x2t-sandbox /usr/local/bin/x2t-sandbox
+
+FROM base as copy-to-data
+COPY --from=sandbox-builder /src/target/release/x2t-sandbox /x2t-sandbox
+CMD  ["cp", "-v", "x2t-sandbox", "/data/x2t-sandbox"]
+
diff --git a/build/Dockerfile.ubuntu-env-override b/build/Dockerfile.ubuntu-env-override
new file mode 100644
index 0000000..09fa5ff
--- /dev/null
+++ b/build/Dockerfile.ubuntu-env-override
@@ -0,0 +1,25 @@
+ARG  REGISTRY=docker.io
+ARG  BASE=library/ubuntu:20.04
+
+FROM ${REGISTRY}/${BASE} as base
+
+FROM base as builder
+RUN  ln -svf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && apt update && apt install build-essential libseccomp-dev curl pkg-config -y
+RUN  curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | bash -s - -y
+COPY Cargo.toml Cargo.lock build.rs /src/
+COPY src /src/src
+COPY x2t-sandbox-rulegen /src/x2t-sandbox-rulegen
+WORKDIR /src
+ARG  X2T_SYSCALLS
+ENV  X2T_SYSCALLS=${X2T_SYSCALLS}
+RUN  test ! -z "${X2T_SYSCALLS}" || { echo please set X2T_SYSCALLS with --build-arg X2T_SYSCALLS="open:close:read:write:..."; exit 1; }
+RUN  /root/.cargo/bin/cargo build --release
+
+FROM base as runtime
+RUN  apt update && apt install libseccomp2 -y && rm -rf /var/apt
+COPY --from=builder /src/target/release/x2t-sandbox /usr/local/bin/x2t-sandbox
+
+FROM base as copy-to-data
+COPY --from=builder /src/target/release/x2t-sandbox /x2t-sandbox
+CMD  ["cp", "-v", "x2t-sandbox", "/data/x2t-sandbox"]
+
diff --git a/data/.keep b/data/.keep
new file mode 100644
index 0000000..e69de29
diff --git a/data/demo.xml.skip b/data/demo.xml.skip
new file mode 100644
index 0000000..09882b9
--- /dev/null
+++ b/data/demo.xml.skip
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<TaskQueueDataConvert xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+ <m_sKey>conv_Khirz6zTPdar34_pdf</m_sKey>
+ <m_sFileFrom>/share/Word.docx</m_sFileFrom>
+ <m_sFileTo>/share/Word.pdf</m_sFileTo>
+ <m_nFormatTo>513</m_nFormatTo>
+ <m_bIsPDFA xsi:nil="true" />
+ <m_nCsvTxtEncoding>46</m_nCsvTxtEncoding>
+ <m_nCsvDelimiter>4</m_nCsvDelimiter>
+ <m_nCsvDelimiterChar xsi:nil="true" />
+ <m_bPaid xsi:nil="true" />
+ <m_bEmbeddedFonts>false</m_bEmbeddedFonts>
+ <m_bFromChanges xsi:nil="true" />
+ <m_sFontDir/>
+ <m_sJsonParams xsi:nil="true" />
+ <m_nLcid xsi:nil="true" />
+ <m_oTimestamp>2020-09-30T11:14:00.207Z</m_oTimestamp>
+ <m_bIsNoBase64>true</m_bIsNoBase64>
+ <m_oInputLimits>
+  <m_oInputLimit type="docx;dotx;docm;dotm">
+   <m_oZip uncompressed="52428800" template="*."/>
+  </m_oInputLimit>
+  <m_oInputLimit type="xlsx;xltx;xlsm;xltm">
+   <m_oZip uncompressed="4294967290" template="*.xml"/>
+  </m_oInputLimit>
+  <m_oInputLimit type="pptx;ppsx;potx;pptm;ppsm;potm">
+   <m_oZip uncompressed="52428800" template="*.xml"/>
+  </m_oInputLimit>
+ </m_oInputLimits>
+</TaskQueueDataConvert>