Add/Update Dockerfiles to provide arm64 support

Dockerfile → Dockerfile.amd64

@@ -12,27 +12,29 @@
 # Create a stage for building the application.
 
 ARG RUST_VERSION=1.72.1
-FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
 ARG APP_NAME=pub-sub-service
+ARG UID=10001
+
+FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
+ARG APP_NAME
 WORKDIR /sdv
 
 COPY ./ .
 
+# Check that APP_NAME argument is valid.
+RUN /sdv/container/scripts/argument_sanitizer.sh \
+    --arg-value "${APP_NAME}" \
+    --regex "^[a-zA-Z_0-9-]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'APP_NAME'"; exit 1 )
+
 # Add Build dependencies.
 RUN apt update && apt upgrade -y && apt install -y \
     cmake \
     libssl-dev \
     pkg-config \
     protobuf-compiler
 
-# Check that APP_NAME argument is valid.
-RUN sanitized=$(echo "${APP_NAME}" | tr -dc '^[a-zA-Z_0-9-]+$'); \
-[ "$sanitized" = "${APP_NAME}" ] || { \
-    echo "ARG 'APP_NAME' is invalid. APP_NAME='${APP_NAME}' sanitized='${sanitized}'"; \
-    exit 1; \
-}
-
-# Build the application with the 'containerize' feature.
+# Build the application.
 RUN cargo build --release -p "${APP_NAME}"
 
 # Copy the built application to working directory.
@@ -50,10 +52,19 @@ RUN cp ./target/release/"${APP_NAME}" /sdv/service
 # reproducability is important, consider using a digest
 # (e.g., debian@sha256:ac707220fbd7b67fc19b112cee8170b41a9e97f703f588b2cdbbcdcecdd8af57).
 FROM docker.io/library/debian:bullseye-slim AS final
+ARG UID
+
+# Copy container scripts.
+COPY ./container/scripts/*.sh /sdv/scripts/
+
+# Check that UID argument is valid.
+RUN /sdv/scripts/argument_sanitizer.sh \
+    --arg-value "${UID}" \
+    --regex "^[0-9]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'UID'"; exit 1 )
 
 # Create a non-privileged user that the app will run under.
 # See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
-ARG UID=10001
 RUN adduser \
     --disabled-password \
     --gecos "" \
@@ -79,14 +90,11 @@ ENV AGEMO_HOME=/sdv/.agemo
 # Copy the executable from the "build" stage.
 COPY --from=build /sdv/service /sdv/
 
-# Copy startup script.
-COPY --from=build /sdv/container_startup.sh /sdv/container_startup.sh
-
 # Copy default configs.
 COPY --from=build /sdv/.agemo/config/ /sdv/.agemo/config/
 
 # Expose the port that the application listens on.
 EXPOSE 50051
 
 # What the container should run when it is started.
-CMD ["/sdv/container_startup.sh"]
+CMD ["/sdv/scripts/container_startup.sh"]

Dockerfile.arm64

@@ -12,12 +12,21 @@
 # Create a stage for building the application.
 
 ARG RUST_VERSION=1.72.1
-FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
 ARG APP_NAME=pub-sub-service
+ARG UID=10001
+
+FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
+ARG APP_NAME
 WORKDIR /sdv
 
 COPY ./ .
 
+# Check that APP_NAME argument is valid.
+RUN /sdv/container/scripts/argument_sanitizer.sh \
+    --arg-value "${APP_NAME}" \
+    --regex "^[a-zA-Z_0-9-]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'APP_NAME'"; exit 1 )
+
 # Add Build dependencies.
 RUN apt update && apt upgrade -y && apt install -y \
     cmake \
@@ -26,16 +35,9 @@ RUN apt update && apt upgrade -y && apt install -y \
     protobuf-compiler \
     gcc-aarch64-linux-gnu
 
-# Check that APP_NAME argument is valid.
-RUN sanitized=$(echo "${APP_NAME}" | tr -dc '^[a-zA-Z_0-9-]+$'); \
-[ "$sanitized" = "${APP_NAME}" ] || { \
-    echo "ARG 'APP_NAME' is invalid. APP_NAME='${APP_NAME}' sanitized='${sanitized}'"; \
-    exit 1; \
-}
-
 RUN rustup target add aarch64-unknown-linux-gnu
 
-# Build the application with the 'containerize' feature.
+# Build the application.
 RUN cargo build --release --target=aarch64-unknown-linux-gnu -p "${APP_NAME}"
 
 # Copy the built application to working directory.
@@ -53,10 +55,19 @@ RUN cp ./target/aarch64-unknown-linux-gnu/release/"${APP_NAME}" /sdv/service
 # reproducability is important, consider using a digest
 # (e.g., debian@sha256:ac707220fbd7b67fc19b112cee8170b41a9e97f703f588b2cdbbcdcecdd8af57).
 FROM docker.io/arm64v8/debian:bullseye-slim AS final
+ARG UID
+
+# Copy container scripts.
+COPY ./container/scripts/*.sh /sdv/scripts/
+
+# Check that UID argument is valid.
+RUN /sdv/scripts/argument_sanitizer.sh \
+    --arg-value "${UID}" \
+    --regex "^[0-9]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'UID'"; exit 1 )
 
 # Create a non-privileged user that the app will run under.
 # See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
-ARG UID=10001
 RUN adduser \
     --disabled-password \
     --gecos "" \
@@ -82,14 +93,11 @@ ENV AGEMO_HOME=/sdv/.agemo
 # Copy the executable from the "build" stage.
 COPY --from=build /sdv/service /sdv/
 
-# Copy startup script.
-COPY --from=build /sdv/container_startup.sh /sdv/container_startup.sh
-
 # Copy default configs.
 COPY --from=build /sdv/.agemo/config/ /sdv/.agemo/config/
 
 # Expose the port that the application listens on.
 EXPOSE 50051
 
 # What the container should run when it is started.
-CMD ["/sdv/container_startup.sh"]
+CMD ["/sdv/scripts/container_startup.sh"]

Dockerfile.mosquitto → Dockerfile.mosquitto.amd64

@@ -16,4 +16,5 @@ WORKDIR /mosquitto/config
 
 COPY ./pub-sub-service/src/connectors/mosquitto.conf ./mosquitto.conf
 
-EXPOSE 1883
+# Expose the port that the mqtt broker listens on.
+EXPOSE 1883

Dockerfile.mosquitto.arm64

@@ -16,4 +16,5 @@ WORKDIR /mosquitto/config
 
 COPY ./pub-sub-service/src/connectors/mosquitto.conf ./mosquitto.conf
 
-EXPOSE 1883
+# Expose the port that the mqtt broker listens on.
+EXPOSE 1883

Dockerfile.samples → Dockerfile.samples.amd64

@@ -12,27 +12,29 @@
 # Create a stage for building the application.
 
 ARG RUST_VERSION=1.72.1
-FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
 ARG APP_NAME=simple-publisher
+ARG UID=10001
+
+FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
+ARG APP_NAME
 WORKDIR /sdv
 
 COPY ./ .
 
+# Check that APP_NAME argument is valid.
+RUN /sdv/container/scripts/argument_sanitizer.sh \
+    --arg-value "${APP_NAME}" \
+    --regex "^[a-zA-Z_0-9-]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'APP_NAME'"; exit 1 )
+
 # Add Build dependencies.
 RUN apt update && apt upgrade -y && apt install -y \
     cmake \
     libssl-dev \
     pkg-config \
     protobuf-compiler
 
-# Check that APP_NAME argument is valid.
-RUN sanitized=$(echo "${APP_NAME}" | tr -dc '^[a-zA-Z_0-9-]+$'); \
-[ "$sanitized" = "${APP_NAME}" ] || { \
-    echo "ARG 'APP_NAME' is invalid. APP_NAME='${APP_NAME}' sanitized='${sanitized}'"; \
-    exit 1; \
-}
-
-# Build the application with the 'containerize' feature.
+# Build the application.
 RUN cargo build --release -p "${APP_NAME}"
 
 # Copy the built application to working directory.
@@ -50,10 +52,19 @@ RUN cp ./target/release/"${APP_NAME}" /sdv/service
 # reproducability is important, consider using a digest
 # (e.g., debian@sha256:ac707220fbd7b67fc19b112cee8170b41a9e97f703f588b2cdbbcdcecdd8af57).
 FROM docker.io/library/debian:bullseye-slim AS final
+ARG UID
+
+# Copy container scripts.
+COPY ./container/scripts/*.sh /sdv/scripts/
+
+# Check that UID argument is valid.
+RUN /sdv/scripts/argument_sanitizer.sh \
+    --arg-value "${UID}" \
+    --regex "^[0-9]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'UID'"; exit 1 )
 
 # Create a non-privileged user that the app will run under.
 # See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
-ARG UID=10001
 RUN adduser \
     --disabled-password \
     --gecos "" \
@@ -79,11 +90,8 @@ ENV AGEMO_SAMPLES_HOME=/sdv/.agemo
 # Copy the executable from the "build" stage.
 COPY --from=build /sdv/service /sdv/
 
-# Copy startup script.
-COPY --from=build /sdv/container_startup.sh /sdv/container_startup.sh
-
 # Copy default configs.
 COPY --from=build /sdv/.agemo-samples/config/ /sdv/.agemo/config/
 
 # What the container should run when it is started.
-CMD ["/sdv/container_startup.sh"]
+CMD ["/sdv/scripts/container_startup.sh"]

Dockerfile.samples.arm64

@@ -12,12 +12,21 @@
 # Create a stage for building the application.
 
 ARG RUST_VERSION=1.72.1
-FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
 ARG APP_NAME=simple-publisher
+ARG UID=10001
+
+FROM docker.io/library/rust:${RUST_VERSION}-slim-bullseye AS build
+ARG APP_NAME
 WORKDIR /sdv
 
 COPY ./ .
 
+# Check that APP_NAME argument is valid.
+RUN /sdv/container/scripts/argument_sanitizer.sh \
+    --arg-value "${APP_NAME}" \
+    --regex "^[a-zA-Z_0-9-]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'APP_NAME'"; exit 1 )
+
 # Add Build dependencies.
 RUN apt update && apt upgrade -y && apt install -y \
     cmake \
@@ -26,16 +35,9 @@ RUN apt update && apt upgrade -y && apt install -y \
     protobuf-compiler \
     gcc-aarch64-linux-gnu
 
-# Check that APP_NAME argument is valid.
-RUN sanitized=$(echo "${APP_NAME}" | tr -dc '^[a-zA-Z_0-9-]+$'); \
-[ "$sanitized" = "${APP_NAME}" ] || { \
-    echo "ARG 'APP_NAME' is invalid. APP_NAME='${APP_NAME}' sanitized='${sanitized}'"; \
-    exit 1; \
-}
-
 RUN rustup target add aarch64-unknown-linux-gnu
 
-# Build the application with the 'containerize' feature.
+# Build the application.
 RUN cargo build --release --target=aarch64-unknown-linux-gnu -p "${APP_NAME}"
 
 # Copy the built application to working directory.
@@ -53,10 +55,19 @@ RUN cp ./target/aarch64-unknown-linux-gnu/release/"${APP_NAME}" /sdv/service
 # reproducability is important, consider using a digest
 # (e.g., debian@sha256:ac707220fbd7b67fc19b112cee8170b41a9e97f703f588b2cdbbcdcecdd8af57).
 FROM docker.io/arm64v8/debian:bullseye-slim AS final
+ARG UID
+
+# Copy container scripts.
+COPY ./container/scripts/*.sh /sdv/scripts/
+
+# Check that UID argument is valid.
+RUN /sdv/scripts/argument_sanitizer.sh \
+    --arg-value "${UID}" \
+    --regex "^[0-9]+$" || \
+    ( echo "Argument sanitizer failed for ARG 'UID'"; exit 1 )
 
 # Create a non-privileged user that the app will run under.
 # See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
-ARG UID=10001
 RUN adduser \
     --disabled-password \
     --gecos "" \
@@ -82,11 +93,8 @@ ENV AGEMO_SAMPLES_HOME=/sdv/.agemo
 # Copy the executable from the "build" stage.
 COPY --from=build /sdv/service /sdv/
 
-# Copy startup script.
-COPY --from=build /sdv/container_startup.sh /sdv/container_startup.sh
-
 # Copy default configs.
 COPY --from=build /sdv/.agemo-samples/config/ /sdv/.agemo/config/
 
 # What the container should run when it is started.
-CMD ["/sdv/container_startup.sh"]
+CMD ["/sdv/scripts/container_startup.sh"]

container/scripts/argument_sanitizer.sh

@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT license.
+# SPDX-License-Identifier: MIT
+
+# Exits immediately on failure.
+set -e
+
+# Function to display usage information
+usage() {
+    echo "Usage: $0 [-a|--arg-value] <ARGUMENT_VALUE> [-r|--regex] <ACCEPTED_REGEX>"
+    echo "Example:"
+    echo "  $0 -a \"\${APP_NAME}\" -r \"^[a-zA-Z_0-9-]+$\""
+}
+
+# Parse command line arguments
+while [[ $# -gt 0 ]]
+do
+    key="$1"
+
+    case $key in
+        -a|--arg-value)
+            arg_value="$2"
+            shift # past argument
+            shift # past value
+            ;;
+        -r|--regex)
+            regex="$2"
+            shift # past argument
+            shift # past value
+            ;;
+        -h|--help)
+            usage
+            exit 0
+            ;;
+        *)
+            echo "Unknown argument: $key"
+            usage
+            exit 1
+    esac
+done
+
+# Check if all required arguments have been set
+if [[ -z "${arg_value}" || -z "${regex}" ]]; then
+    echo "Error: Missing required arguments:"
+    [[ -z "${arg_value}" ]] && echo "  -a|--arg-value"
+    [[ -z "${regex}" ]] && echo "  -r|--regex"
+    echo -e "\n"
+    usage
+    exit 1
+fi
+
+sanitized=$(echo "${arg_value}" | tr -dc "${regex}");
+[ "$sanitized" = "${arg_value}" ] || {
+    echo "ARG is invalid. ARG='${arg_value}' sanitized='${sanitized}'";
+    exit 1
+}
+
+echo -e "\nARG with value '${arg_value}' is sanitized"
+exit 0

container_startup.sh → container/scripts/container_startup.sh

@@ -8,6 +8,6 @@
 set -e
 
 # Copy any configuration files present to service configuration.
-cp -rn /mnt/config /sdv/.agemo
+cp -rf /mnt/config /sdv/.agemo
 
 /sdv/service