Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

optimize: Simplify and clean up Dockerfile #8244

Merged
merged 1 commit into from
Nov 14, 2023
Merged

optimize: Simplify and clean up Dockerfile #8244

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
86 changes: 44 additions & 42 deletions Dockerfile.dapper
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,63 +1,65 @@
ARG GOLANG=golang:1.20.10-alpine3.18
FROM ${GOLANG}

ARG http_proxy=$http_proxy
ARG https_proxy=$https_proxy
ARG no_proxy=$no_proxy
ENV http_proxy=$http_proxy
ENV https_proxy=$https_proxy
ENV no_proxy=$no_proxy
# Set proxy environment variables
ARG http_proxy
ARG https_proxy
ARG no_proxy
ENV http_proxy=${http_proxy} \
https_proxy=${https_proxy} \
no_proxy=${no_proxy}

RUN apk -U --no-cache add bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \
zlib-dev tar zip squashfs-tools npm coreutils python3 py3-pip openssl-dev libffi-dev libseccomp libseccomp-dev \
libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux libselinux-dev zlib-dev zlib-static \
zstd pigz alpine-sdk binutils-gold btrfs-progs-dev btrfs-progs-static gawk yq \
&& \
if [ "$(go env GOARCH)" = "amd64" ]; then \
apk -U --no-cache add mingw-w64-gcc; \
fi
# Install necessary packages
RUN apk -U --no-cache add \
bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \
zlib-dev tar zip squashfs-tools npm coreutils python3 py3-pip openssl-dev libffi-dev libseccomp \
libseccomp-dev libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux \
libselinux-dev zlib-dev zlib-static zstd pigz alpine-sdk binutils-gold btrfs-progs-dev \
btrfs-progs-static gawk yq \
&& [ "$(go env GOARCH)" = "amd64" ] && apk -U --no-cache add mingw-w64-gcc || true
Leke-Ariyo marked this conversation as resolved.
Show resolved Hide resolved

# Install AWS CLI
RUN python3 -m pip install awscli

RUN TRIVY_VERSION="0.46.1" && \
if [ "$(go env GOARCH)" != "arm" ] && [ "$(go env GOARCH)" != "386" ]; then \
if [ "$(go env GOARCH)" = "arm64" ]; then \
# Turn arm64 into uppercase ARM64 for Trivy's download
TRIVY_ARCH=$(go env GOARCH | tr "[:lower:]" "[:upper:]") && \
wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" && \
tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" && \
mv trivy /usr/local/bin; \
elif [ "$(go env GOARCH)" = "amd64" ]; then \
wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
tar -zxvf "trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" && \
mv trivy /usr/local/bin; \
elif [ "$(go env GOARCH)" = "s390x" ]; then \
wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-s390x.tar.gz" && \
tar -zxvf "trivy_${TRIVY_VERSION}_Linux-s390x.tar.gz" && \
mv trivy /usr/local/bin; \
fi \
# Install Trivy
ENV TRIVY_VERSION="0.46.1"
RUN case "$(go env GOARCH)" in \
arm64) TRIVY_ARCH="ARM64" ;; \
amd64) TRIVY_ARCH="64bit" ;; \
s390x) TRIVY_ARCH="s390x" ;; \
*) TRIVY_ARCH="" ;; \
esac
RUN if [ -n "${TRIVY_ARCH}" ]; then \
wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
&& tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
&& mv trivy /usr/local/bin; \
fi

# this works for both go 1.17 and 1.18
# Install goimports
RUN GOPROXY=direct go install golang.org/x/tools/cmd/goimports@gopls/v0.11.0

# Cleanup
RUN rm -rf /go/src /go/pkg

# Install golangci-lint for amd64
RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
curl -sL https://github.com/golangci/golangci-lint/master/install.sh | sh -s v1.51.2; \
fi


# Set SELINUX environment variable
ARG SELINUX=true
ENV SELINUX $SELINUX
ENV SELINUX=${SELINUX}

ENV DAPPER_RUN_ARGS --privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy
ENV DAPPER_ENV REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG
ENV DAPPER_SOURCE /go/src/github.com/k3s-io/k3s/
ENV DAPPER_OUTPUT ./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy
# Set Dapper configuration variables
ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \
DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \
DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \
DAPPER_DOCKER_SOCKET=true \
HOME=${DAPPER_SOURCE} \
CROSS=true \
STATIC_BUILD=true

ENV DAPPER_DOCKER_SOCKET true
ENV HOME ${DAPPER_SOURCE}
ENV CROSS true
ENV STATIC_BUILD true
WORKDIR ${DAPPER_SOURCE}

ENTRYPOINT ["./scripts/entry.sh"]
Expand Down