Combined Docker repo into main repo

This commit is contained in:
Seednode 2023-09-05 08:22:06 -05:00
parent 38c947e90d
commit e93dafd08a
5 changed files with 95 additions and 4 deletions

View File

@ -18,7 +18,7 @@ I only test the linux/amd64, linux/arm64, and windows/amd64 builds, the rest are
x86_64 and ARM Docker images of latest version: `oci.seedno.de/seednode/roulette:latest`. x86_64 and ARM Docker images of latest version: `oci.seedno.de/seednode/roulette:latest`.
Dockerfile available [here](https://git.seedno.de/seednode/docker-roulette). Dockerfile available [here](https://git.seedno.de/seednode/roulette/docker/Dockerfile).
## Filtering ## Filtering
@ -114,3 +114,8 @@ Flags:
-v, --verbose log accessed files to stdout -v, --verbose log accessed files to stdout
-V, --version display version and exit -V, --version display version and exit
``` ```
## Building the Docker container
From inside the `docker/` subdirectory, build the image using the following command:
`REGISTRY=<registry url> LATEST=yes TAG=alpine ./build.sh`

View File

@ -1,2 +0,0 @@
#!/usr/bin/env bash
docker run -it --rm -v "$(pwd)":/code golang:alpine /bin/ash -c 'apk update && apk add bash && cd /code && ./build.sh'

49
docker/Dockerfile Normal file
View File

@ -0,0 +1,49 @@
# set app name
ARG app=roulette
# create build stage
ARG TAG
FROM --platform=$BUILDPLATFORM golang:$TAG AS build
ARG app
# install dependencies
RUN apk add --update-cache git upx
# clone
RUN git clone https://git.seedno.de/seednode/$app /src/$app
# build and compress the binary
WORKDIR /src/$app
ARG TARGETOS TARGETARCH
RUN CGO_ENABLED=0 \
GOOS=$TARGETOS \
GOARCH=$TARGETARCH \
go build -ldflags "-s -w" -o $app \
&& upx --best --lzma $app \
&& chmod 500 $app
# set up final stage
FROM scratch
ARG app
# copy in user info
COPY --chown=root:root --chmod=0400 passwd /etc/passwd
# run as nonroot
USER nonroot
# copy in binary
COPY --from=build --chown=root:root --chmod=0005 /src/$app/$app /$app
# copy in time zone info
COPY --from=build --chown=root:root --chmod=0004 /usr/local/go/lib/time/zoneinfo.zip /
# load time zone info
ENV ZONEINFO=/zoneinfo.zip
# listen on an unprivileged port
EXPOSE 8080
# run application
ENTRYPOINT ["/roulette"]
CMD ["-r","/data"]

37
docker/build.sh Normal file
View File

@ -0,0 +1,37 @@
#!/usr/bin/env bash
# build, tag, and push docker images
# exit if a command fails
set -o errexit
# go docker image tag to use
tag="${TAG:-latest}"
# if no registry is provided, tag image as "local" registry
registry="${REGISTRY:-local}"
# set image name
image_name="roulette"
# set image version
image_version="latest"
# platforms to build for
platforms="linux/amd64"
platforms+=",linux/arm"
platforms+=",linux/arm64"
platforms+=",linux/ppc64le"
# copy native image to local image repository
docker buildx build \
--build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}" \
-f Dockerfile . \
--load
# push image to remote registry
docker buildx build --platform "${platforms}" \
--build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}" \
-f Dockerfile . \
--push

2
docker/passwd Normal file
View File

@ -0,0 +1,2 @@
root:x:0:0:root:/root:/sbin/nologin
nonroot:x:65532:65532:nonroot:/home/nonroot:/sbin/nologin