Combined Docker repo into main repo
This commit is contained in:
parent
38c947e90d
commit
e93dafd08a
|
@ -18,7 +18,7 @@ I only test the linux/amd64, linux/arm64, and windows/amd64 builds, the rest are
|
||||||
|
|
||||||
x86_64 and ARM Docker images of latest version: `oci.seedno.de/seednode/roulette:latest`.
|
x86_64 and ARM Docker images of latest version: `oci.seedno.de/seednode/roulette:latest`.
|
||||||
|
|
||||||
Dockerfile available [here](https://git.seedno.de/seednode/docker-roulette).
|
Dockerfile available [here](https://git.seedno.de/seednode/roulette/docker/Dockerfile).
|
||||||
|
|
||||||
## Filtering
|
## Filtering
|
||||||
|
|
||||||
|
@ -114,3 +114,8 @@ Flags:
|
||||||
-v, --verbose log accessed files to stdout
|
-v, --verbose log accessed files to stdout
|
||||||
-V, --version display version and exit
|
-V, --version display version and exit
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Building the Docker container
|
||||||
|
From inside the `docker/` subdirectory, build the image using the following command:
|
||||||
|
|
||||||
|
`REGISTRY=<registry url> LATEST=yes TAG=alpine ./build.sh`
|
|
@ -1,2 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
docker run -it --rm -v "$(pwd)":/code golang:alpine /bin/ash -c 'apk update && apk add bash && cd /code && ./build.sh'
|
|
|
@ -0,0 +1,49 @@
|
||||||
|
# set app name
|
||||||
|
ARG app=roulette
|
||||||
|
|
||||||
|
# create build stage
|
||||||
|
ARG TAG
|
||||||
|
FROM --platform=$BUILDPLATFORM golang:$TAG AS build
|
||||||
|
ARG app
|
||||||
|
|
||||||
|
# install dependencies
|
||||||
|
RUN apk add --update-cache git upx
|
||||||
|
|
||||||
|
# clone
|
||||||
|
RUN git clone https://git.seedno.de/seednode/$app /src/$app
|
||||||
|
|
||||||
|
# build and compress the binary
|
||||||
|
WORKDIR /src/$app
|
||||||
|
ARG TARGETOS TARGETARCH
|
||||||
|
RUN CGO_ENABLED=0 \
|
||||||
|
GOOS=$TARGETOS \
|
||||||
|
GOARCH=$TARGETARCH \
|
||||||
|
go build -ldflags "-s -w" -o $app \
|
||||||
|
&& upx --best --lzma $app \
|
||||||
|
&& chmod 500 $app
|
||||||
|
|
||||||
|
# set up final stage
|
||||||
|
FROM scratch
|
||||||
|
ARG app
|
||||||
|
|
||||||
|
# copy in user info
|
||||||
|
COPY --chown=root:root --chmod=0400 passwd /etc/passwd
|
||||||
|
|
||||||
|
# run as nonroot
|
||||||
|
USER nonroot
|
||||||
|
|
||||||
|
# copy in binary
|
||||||
|
COPY --from=build --chown=root:root --chmod=0005 /src/$app/$app /$app
|
||||||
|
|
||||||
|
# copy in time zone info
|
||||||
|
COPY --from=build --chown=root:root --chmod=0004 /usr/local/go/lib/time/zoneinfo.zip /
|
||||||
|
|
||||||
|
# load time zone info
|
||||||
|
ENV ZONEINFO=/zoneinfo.zip
|
||||||
|
|
||||||
|
# listen on an unprivileged port
|
||||||
|
EXPOSE 8080
|
||||||
|
|
||||||
|
# run application
|
||||||
|
ENTRYPOINT ["/roulette"]
|
||||||
|
CMD ["-r","/data"]
|
|
@ -0,0 +1,37 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# build, tag, and push docker images
|
||||||
|
|
||||||
|
# exit if a command fails
|
||||||
|
set -o errexit
|
||||||
|
|
||||||
|
# go docker image tag to use
|
||||||
|
tag="${TAG:-latest}"
|
||||||
|
|
||||||
|
# if no registry is provided, tag image as "local" registry
|
||||||
|
registry="${REGISTRY:-local}"
|
||||||
|
|
||||||
|
# set image name
|
||||||
|
image_name="roulette"
|
||||||
|
|
||||||
|
# set image version
|
||||||
|
image_version="latest"
|
||||||
|
|
||||||
|
# platforms to build for
|
||||||
|
platforms="linux/amd64"
|
||||||
|
platforms+=",linux/arm"
|
||||||
|
platforms+=",linux/arm64"
|
||||||
|
platforms+=",linux/ppc64le"
|
||||||
|
|
||||||
|
# copy native image to local image repository
|
||||||
|
docker buildx build \
|
||||||
|
--build-arg TAG="${tag}" \
|
||||||
|
-t "${registry}/${image_name}:${image_version}" \
|
||||||
|
-f Dockerfile . \
|
||||||
|
--load
|
||||||
|
|
||||||
|
# push image to remote registry
|
||||||
|
docker buildx build --platform "${platforms}" \
|
||||||
|
--build-arg TAG="${tag}" \
|
||||||
|
-t "${registry}/${image_name}:${image_version}" \
|
||||||
|
-f Dockerfile . \
|
||||||
|
--push
|
|
@ -0,0 +1,2 @@
|
||||||
|
root:x:0:0:root:/root:/sbin/nologin
|
||||||
|
nonroot:x:65532:65532:nonroot:/home/nonroot:/sbin/nologin
|
Loading…
Reference in New Issue