diff --git a/docker/build.sh b/build-docker.sh similarity index 85% rename from docker/build.sh rename to build-docker.sh index a25a2e5..e05d6ce 100755 --- a/docker/build.sh +++ b/build-docker.sh @@ -14,7 +14,7 @@ registry="${REGISTRY:-local}" image_name="roulette" # set image version -image_version="$(grep "ReleaseVersion" ../cmd/root.go | head -n1 | awk '{print $4}' | sed 's/\"//g')" +image_version="$(grep "ReleaseVersion" cmd/root.go | head -n1 | awk '{print $4}' | sed 's/\"//g')" # platforms to build for platforms="linux/amd64" @@ -27,7 +27,7 @@ docker buildx build \ --build-arg TAG="${tag}" \ -t "${registry}/${image_name}:${image_version}" \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \ - -f Dockerfile . \ + -f docker/Dockerfile . \ --load # push image to remote registry @@ -35,7 +35,7 @@ docker buildx build --platform "${platforms}" \ --build-arg TAG="${tag}" \ -t "${registry}/${image_name}:${image_version}" \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \ - -f Dockerfile . \ + -f docker/Dockerfile . \ --push # copy debug image to local image repository @@ -43,7 +43,7 @@ docker buildx build \ --build-arg TAG="${tag}" \ -t "${registry}/${image_name}:${image_version}-debug" \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ - -f Dockerfile.debug . \ + -f docker/Dockerfile.debug . \ --load # push debug image to remote registry @@ -51,5 +51,5 @@ docker buildx build --platform "${platforms}" \ --build-arg TAG="${tag}" \ -t "${registry}/${image_name}:${image_version}-debug" \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ - -f Dockerfile.debug . \ + -f docker/Dockerfile.debug . \ --push diff --git a/docker/Dockerfile b/docker/Dockerfile index 3768afa..296fb28 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -7,12 +7,12 @@ FROM --platform=$BUILDPLATFORM golang:$TAG AS build ARG app # install dependencies -RUN apk add --update-cache git upx +RUN apk add --update-cache upx -# clone -RUN git clone https://git.seedno.de/seednode/$app /src/$app +# copy source files into the container +COPY . /src/$app/ -# build and compress the binary +# build, strip, and compress the binary WORKDIR /src/$app ARG TARGETOS TARGETARCH RUN CGO_ENABLED=0 \ @@ -27,7 +27,7 @@ FROM scratch ARG app # copy in user info -COPY --chown=root:root --chmod=0400 passwd /etc/passwd +COPY --chown=root:root --chmod=0400 docker/passwd /etc/passwd # run as nonroot USER nonroot diff --git a/docker/Dockerfile.debug b/docker/Dockerfile.debug index 0c2958d..0ed20d9 100644 --- a/docker/Dockerfile.debug +++ b/docker/Dockerfile.debug @@ -6,20 +6,16 @@ ARG TAG FROM --platform=$BUILDPLATFORM golang:$TAG AS build ARG app -# install dependencies -RUN apk add --update-cache git upx +# copy source files into the container +COPY . /src/$app/ -# clone -RUN git clone https://git.seedno.de/seednode/$app /src/$app - -# build and compress the binary +# build the binary WORKDIR /src/$app ARG TARGETOS TARGETARCH RUN CGO_ENABLED=0 \ GOOS=$TARGETOS \ GOARCH=$TARGETARCH \ - go build -trimpath -ldflags "-s -w" -tags timetzdata -o $app \ - && upx --best --lzma $app \ + go build -trimpath -tags timetzdata -o $app \ && chmod 500 $app # set up final stage @@ -27,7 +23,7 @@ FROM --platform=$BUILDPLATFORM alpine:latest ARG app # copy in user info -COPY --chown=root:root --chmod=0400 passwd /etc/passwd +COPY --chown=root:root --chmod=0400 docker/passwd /etc/passwd # run as root for debug USER root @@ -38,5 +34,5 @@ COPY --from=build --chown=root:root --chmod=0005 /src/$app/$app /$app # listen on an unprivileged port EXPOSE 8080 -# run application +# launch a shell by default ENTRYPOINT ["/bin/ash"]