From 0d718fed4026e825b05da816d9ae488b5a06ddda Mon Sep 17 00:00:00 2001 From: Rolf Neugebauer Date: Tue, 30 May 2017 12:50:45 +0100 Subject: [PATCH] tools: Use the Alpine base to build the go-compile image Also, convert to use a git tree hash. Signed-off-by: Rolf Neugebauer --- tools/go-compile/Dockerfile | 22 ++++++++++++------- tools/go-compile/Makefile | 44 ++++++++----------------------------- 2 files changed, 23 insertions(+), 43 deletions(-) diff --git a/tools/go-compile/Dockerfile b/tools/go-compile/Dockerfile index d743063e8..5ee504062 100644 --- a/tools/go-compile/Dockerfile +++ b/tools/go-compile/Dockerfile @@ -1,10 +1,16 @@ -FROM alpine:3.5 -RUN apk update && apk add --no-cache build-base git go +FROM linuxkit/alpine:451603daf499e3a40308dbf5571dcffed2343ffa AS mirror +RUN mkdir -p /out/etc/apk && cp -r /etc/apk/* /out/etc/apk/ +RUN apk add --no-cache --initdb -p /out \ + alpine-baselayout \ + busybox \ + git \ + go \ + musl-dev +RUN rm -rf /out/etc/apk /out/lib/apk /out/var/cache + +FROM scratch ENV GOPATH=/go PATH=$PATH:/go/bin -RUN go get -u github.com/golang/lint/golint && \ - go get -u github.com/gordonklaus/ineffassign && \ - go get -u github.com/LK4D4/vndr - -COPY . ./ - +COPY --from=mirror /out/ / +COPY --from=mirror /go/bin/ /go/bin/ +COPY /compile.sh /compile.sh ENTRYPOINT ["/compile.sh"] diff --git a/tools/go-compile/Makefile b/tools/go-compile/Makefile index cdd98dca5..1f0995e2a 100644 --- a/tools/go-compile/Makefile +++ b/tools/go-compile/Makefile @@ -1,41 +1,15 @@ .PHONY: tag push - -BASE=alpine:3.5 -IMAGE=go-compile - default: push -hash: Dockerfile compile.sh - DOCKER_CONTENT_TRUST=1 docker pull $(BASE) - tar cf - $^ | docker build --no-cache -t $(IMAGE):build - - docker run --rm --entrypoint=/bin/sh $(IMAGE):build -c "cat $^ /lib/apk/db/installed /go/bin/golint | sha1sum" | sed 's/ .*//' > hash +ORG?=linuxkit +IMAGE=go-compile +DEPS=Dockerfile Makefile compile.sh -push: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) && \ - docker push linuxkit/$(IMAGE):$(shell cat hash)) - docker rmi $(IMAGE):build - rm -f hash +HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}') -tag: hash - docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash) - docker rmi $(IMAGE):build - rm -f hash +tag: $(DEPS) + docker build --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) . -signed-tag: hash - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - (DOCKER_CONTENT_TRUST=1 docker pull $(BASE) && \ - docker build --no-cache -t $(IMAGE):build . && \ - docker tag $(IMAGE):build linuxkit/$(IMAGE):$(shell cat hash)) - -sign: signed-tag - DOCKER_CONTENT_TRUST=1 docker pull linuxkit/$(IMAGE):$(shell cat hash) || \ - DOCKER_CONTENT_TRUST=1 docker push linuxkit/$(IMAGE):$(shell cat hash) - rm -f hash - docker rmi $(IMAGE):build || true - -clean: - rm -f hash - -.DELETE_ON_ERROR: +push: tag + DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \ + DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH)