Compare commits

..

No commits in common. "a2857ce16f286392b5c902e5ca38a3117552f0de" and "fc425425b5f7d017daf2cbe5fa2e912b8da6d523" have entirely different histories.

4 changed files with 23 additions and 19 deletions

View File

@ -182,7 +182,7 @@ Flags:
--video enable support for video files --video enable support for video files
``` ```
## Building the Docker image ## Building the Docker container
From inside the cloned repository, build the image using the following command: From inside the `docker/` subdirectory, build the image using the following command:
`REGISTRY=<registry url> LATEST=yes TAG=alpine ./build-docker.sh` `REGISTRY=<registry url> LATEST=yes TAG=alpine ./build.sh`

View File

@ -7,12 +7,12 @@ FROM --platform=$BUILDPLATFORM golang:$TAG AS build
ARG app ARG app
# install dependencies # install dependencies
RUN apk add --update-cache upx RUN apk add --update-cache git upx
# copy source files into the container # clone
COPY . /src/$app/ RUN git clone https://git.seedno.de/seednode/$app /src/$app
# build, strip, and compress the binary # build and compress the binary
WORKDIR /src/$app WORKDIR /src/$app
ARG TARGETOS TARGETARCH ARG TARGETOS TARGETARCH
RUN CGO_ENABLED=0 \ RUN CGO_ENABLED=0 \
@ -27,7 +27,7 @@ FROM scratch
ARG app ARG app
# copy in user info # copy in user info
COPY --chown=root:root --chmod=0400 docker/passwd /etc/passwd COPY --chown=root:root --chmod=0400 passwd /etc/passwd
# run as nonroot # run as nonroot
USER nonroot USER nonroot

View File

@ -6,16 +6,20 @@ ARG TAG
FROM --platform=$BUILDPLATFORM golang:$TAG AS build FROM --platform=$BUILDPLATFORM golang:$TAG AS build
ARG app ARG app
# copy source files into the container # install dependencies
COPY . /src/$app/ RUN apk add --update-cache git upx
# build the binary # clone
RUN git clone https://git.seedno.de/seednode/$app /src/$app
# build and compress the binary
WORKDIR /src/$app WORKDIR /src/$app
ARG TARGETOS TARGETARCH ARG TARGETOS TARGETARCH
RUN CGO_ENABLED=0 \ RUN CGO_ENABLED=0 \
GOOS=$TARGETOS \ GOOS=$TARGETOS \
GOARCH=$TARGETARCH \ GOARCH=$TARGETARCH \
go build -trimpath -tags timetzdata -o $app \ go build -trimpath -ldflags "-s -w" -tags timetzdata -o $app \
&& upx --best --lzma $app \
&& chmod 500 $app && chmod 500 $app
# set up final stage # set up final stage
@ -23,7 +27,7 @@ FROM --platform=$BUILDPLATFORM alpine:latest
ARG app ARG app
# copy in user info # copy in user info
COPY --chown=root:root --chmod=0400 docker/passwd /etc/passwd COPY --chown=root:root --chmod=0400 passwd /etc/passwd
# run as root for debug # run as root for debug
USER root USER root
@ -34,5 +38,5 @@ COPY --from=build --chown=root:root --chmod=0005 /src/$app/$app /$app
# listen on an unprivileged port # listen on an unprivileged port
EXPOSE 8080 EXPOSE 8080
# launch a shell by default # run application
ENTRYPOINT ["/bin/ash"] ENTRYPOINT ["/bin/ash"]

View File

@ -14,7 +14,7 @@ registry="${REGISTRY:-local}"
image_name="roulette" image_name="roulette"
# set image version # set image version
image_version="$(grep "ReleaseVersion" cmd/root.go | head -n1 | awk '{print $4}' | sed 's/\"//g')" image_version="$(grep "ReleaseVersion" ../cmd/root.go | head -n1 | awk '{print $4}' | sed 's/\"//g')"
# platforms to build for # platforms to build for
platforms="linux/amd64" platforms="linux/amd64"
@ -27,7 +27,7 @@ docker buildx build \
--build-arg TAG="${tag}" \ --build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}" \ -t "${registry}/${image_name}:${image_version}" \
$(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \
-f docker/Dockerfile . \ -f Dockerfile . \
--load --load
# push image to remote registry # push image to remote registry
@ -35,7 +35,7 @@ docker buildx build --platform "${platforms}" \
--build-arg TAG="${tag}" \ --build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}" \ -t "${registry}/${image_name}:${image_version}" \
$(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:latest"; fi) \
-f docker/Dockerfile . \ -f Dockerfile . \
--push --push
# copy debug image to local image repository # copy debug image to local image repository
@ -43,7 +43,7 @@ docker buildx build \
--build-arg TAG="${tag}" \ --build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}-debug" \ -t "${registry}/${image_name}:${image_version}-debug" \
$(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \
-f docker/Dockerfile.debug . \ -f Dockerfile.debug . \
--load --load
# push debug image to remote registry # push debug image to remote registry
@ -51,5 +51,5 @@ docker buildx build --platform "${platforms}" \
--build-arg TAG="${tag}" \ --build-arg TAG="${tag}" \
-t "${registry}/${image_name}:${image_version}-debug" \ -t "${registry}/${image_name}:${image_version}-debug" \
$(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \ $(if [ "${LATEST}" == "yes" ]; then echo "-t ${registry}/${image_name}:debug"; fi) \
-f docker/Dockerfile.debug . \ -f Dockerfile.debug . \
--push --push