|
1 |
| -FROM golang:1.16-buster as builder |
2 |
| - |
3 |
| -# Up-to-date libgit2 dependencies are only available in |
4 |
| -# unstable, as libssh2 in testing/bullseye has been linked |
5 |
| -# against gcrypt which causes issues with PKCS* formats. |
6 |
| -# Explicitly listing all build dependencies is required because |
7 |
| -# they can only be automagically found for AMD64 builds. |
8 |
| -# Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668271 |
9 |
| -RUN echo "deb http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list \ |
10 |
| - && echo "deb-src http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list |
11 |
| -RUN set -eux; \ |
12 |
| - apt-get update \ |
13 |
| - && apt-get install -y \ |
14 |
| - libgit2-dev/unstable \ |
15 |
| - zlib1g-dev/unstable \ |
16 |
| - libssh2-1-dev/unstable \ |
17 |
| - libpcre3-dev/unstable \ |
18 |
| - && apt-get clean \ |
19 |
| - && apt-get autoremove --purge -y \ |
20 |
| - && rm -rf /var/lib/apt/lists/* |
| 1 | +ARG BASE_VARIANT=bullseye |
| 2 | +ARG GO_VERSION=1.16.8 |
| 3 | +ARG XX_VERSION=1.0.0-rc.2 |
| 4 | + |
| 5 | +ARG LIBGIT2_IMG=ghcr.io/fluxcd/golang-with-libgit2 |
| 6 | +ARG LIBGIT2_TAG=libgit2-1.1.1 |
| 7 | + |
| 8 | +FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx |
| 9 | +FROM ${LIBGIT2_IMG}:${LIBGIT2_TAG} as libgit2 |
| 10 | + |
| 11 | +FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} as gostable |
| 12 | +FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest |
| 13 | + |
| 14 | +FROM gostable AS go-linux |
| 15 | + |
| 16 | +FROM go-${TARGETOS} AS build-base-bullseye |
| 17 | + |
| 18 | +# Copy the build utiltiies |
| 19 | +COPY --from=xx / / |
| 20 | +COPY --from=libgit2 /Makefile /libgit2/ |
| 21 | + |
| 22 | +# Install the libgit2 build dependencies |
| 23 | +RUN make -C /libgit2 cmake |
| 24 | + |
| 25 | +ARG TARGETPLATFORM |
| 26 | +RUN make -C /libgit2 dependencies |
| 27 | + |
| 28 | +FROM build-base-${BASE_VARIANT} as libgit2-bullseye |
21 | 29 |
|
| 30 | +# Compile and install libgit2 |
| 31 | +ARG TARGETPLATFORM |
| 32 | +RUN FLAGS=$(xx-clang --print-cmake-defines) make -C /libgit2 libgit2 |
| 33 | + |
| 34 | +FROM libgit2-${BASE_VARIANT} as build-bullseye |
| 35 | + |
| 36 | +# Configure workspace |
22 | 37 | WORKDIR /workspace
|
23 | 38 |
|
24 |
| -# copy api submodule |
| 39 | +# Copy api submodule |
25 | 40 | COPY api/ api/
|
26 | 41 |
|
27 |
| -# copy modules manifests |
| 42 | +# Copy modules manifests |
28 | 43 | COPY go.mod go.mod
|
29 | 44 | COPY go.sum go.sum
|
30 | 45 |
|
31 |
| -# cache modules |
| 46 | +# Cache modules |
32 | 47 | RUN go mod download
|
33 | 48 |
|
34 |
| -# copy source code |
| 49 | +# Copy source code |
35 | 50 | COPY main.go main.go
|
36 | 51 | COPY controllers/ controllers/
|
37 | 52 | COPY pkg/ pkg/
|
38 | 53 | COPY internal/ internal/
|
39 | 54 |
|
40 |
| -# build without specifing the arch |
41 |
| -RUN CGO_ENABLED=1 go build -o source-controller main.go |
| 55 | +# Build the binary |
| 56 | +ENV CGO_ENABLED=1 |
| 57 | +ARG TARGETPLATFORM |
| 58 | +RUN xx-go build -o source-controller -trimpath \ |
| 59 | + main.go |
42 | 60 |
|
43 |
| -FROM debian:buster-slim as controller |
| 61 | +FROM build-${BASE_VARIANT} as prepare-bullseye |
44 | 62 |
|
45 |
| -# link repo to the GitHub Container Registry image |
46 |
| -LABEL org.opencontainers.image.source="https://github.com/fluxcd/source-controller" |
| 63 | +# Move libgit2 lib to generic and predictable location |
| 64 | +ARG TARGETPLATFORM |
| 65 | +RUN mkdir -p /libgit2/lib/ \ |
| 66 | + && cp -d /usr/lib/$(xx-info triple)/libgit2.so* /libgit2/lib/ |
47 | 67 |
|
48 |
| -# Up-to-date libgit2 dependencies are only available in |
49 |
| -# unstable, as libssh2 in testing/bullseye has been linked |
50 |
| -# against gcrypt which causes issues with PKCS* formats. |
51 |
| -# Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668271 |
52 |
| -RUN echo "deb http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list \ |
53 |
| - && echo "deb-src http://deb.debian.org/debian unstable main" >> /etc/apt/sources.list |
54 |
| -RUN set -eux; \ |
55 |
| - apt-get update \ |
56 |
| - && apt-get install -y \ |
57 |
| - ca-certificates \ |
58 |
| - libgit2-1.1 \ |
59 |
| - && apt-get clean \ |
60 |
| - && apt-get autoremove --purge -y \ |
61 |
| - && rm -rf /var/lib/apt/lists/* |
| 68 | +FROM prepare-${BASE_VARIANT} as build |
| 69 | + |
| 70 | +FROM debian:${BASE_VARIANT}-slim as controller |
62 | 71 |
|
63 |
| -COPY --from=builder /workspace/source-controller /usr/local/bin/ |
| 72 | +# Link repo to the GitHub Container Registry image |
| 73 | +LABEL org.opencontainers.image.source="https://github.com/fluxcd/source-controller" |
64 | 74 |
|
| 75 | +# Configure user |
65 | 76 | RUN groupadd controller && \
|
66 | 77 | useradd --gid controller --shell /bin/sh --create-home controller
|
67 | 78 |
|
| 79 | +# Copy libgit2 |
| 80 | +COPY --from=build /libgit2/lib/ /usr/local/lib/ |
| 81 | +RUN ldconfig |
| 82 | + |
| 83 | +# Upgrade packages and install runtime dependencies |
| 84 | +RUN echo "deb http://deb.debian.org/debian sid main" >> /etc/apt/sources.list \ |
| 85 | + && echo "deb-src http://deb.debian.org/debian sid main" >> /etc/apt/sources.list \ |
| 86 | + && apt update \ |
| 87 | + && apt install --no-install-recommends -y zlib1g/sid libssl1.1/sid libssh2-1/sid \ |
| 88 | + && apt install --no-install-recommends -y ca-certificates \ |
| 89 | + && apt clean \ |
| 90 | + && apt autoremove --purge -y \ |
| 91 | + && rm -rf /var/lib/apt/lists/* |
| 92 | + |
| 93 | +# Copy over binary from build |
| 94 | +COPY --from=build /workspace/source-controller /usr/local/bin/ |
| 95 | + |
68 | 96 | USER controller
|
69 | 97 | ENTRYPOINT [ "source-controller" ]
|
0 commit comments