github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 17:49:10 +00:00
Code Issues Projects Releases Wiki Activity

pkg: Update the metadata package to multi-stage build and alpine base

Browse Source 
- Use the alpine base to compile the go program
- Use a multi-stage build

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This commit is contained in:
Rolf Neugebauer 2017-05-29 16:29:38 +01:00
parent e83aee2604
commit 6d59041daa
2 changed files with 22 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/metadata/Dockerfile
View File

@ -1,3 +1,15 @@
FROM linuxkit/alpine:451603daf499e3a40308dbf5571dcffed2343ffa AS mirror
RUN apk add --no-cache go musl-dev
ENV GOPATH=/go PATH=$PATH:/go/bin
COPY . /go/src/metadata/
RUN go-compile.sh /go/src/metadata
FROM scratch
COPY . ./
ENTRYPOINT []
CMD []
WORKDIR /
COPY --from=mirror /go/bin/metadata /usr/bin/metadata
CMD ["/usr/bin/metadata"]
LABEL org.mobyproject.config='{"net": "host", "binds": ["/dev:/dev", "/var:/var", "/tmp/etc/resolv.conf:/etc/resolv.conf"], "capabilities": ["CAP_SYS_ADMIN"]}'

48
pkg/metadata/Makefile
View File

@ -1,45 +1,15 @@
GO_COMPILE=linuxkit/go-compile:4513068d9a7e919e4ec42e2d7ee879ff5b95b7f5@sha256:bdfadbe3e4ec699ca45b67453662321ec270f2d1a1dbdbf09625776d3ebd68c5
SHA_IMAGE=alpine:3.5@sha256:dfbd4a3a8ebca874ebd2474f044a0b33600d4523d03b0df76e5c5986cb02d7e8
METADATA_BINARY=usr/bin/metadata
.PHONY: tag push
default: push
ORG?=linuxkit
IMAGE=metadata
DEPS=Dockerfile Makefile $(wildcard *.go)
.PHONY: tag push clean container
default: push
HASH?=$(shell git ls-tree HEAD -- ../$(notdir $(CURDIR)) | awk '{print $$3}')
$(METADATA_BINARY): $(wildcard *.go) Makefile
mkdir -p $(dir $@)
tar cf - $^ | docker run --rm --net=none --log-driver=none -i $(GO_COMPILE) -o $@ | tar xf -
tag: $(DEPS)
docker build --squash --no-cache --network=none -t $(ORG)/$(IMAGE):$(HASH) .
DIRS=dev proc sys
$(DIRS):
mkdir -p $@
DEPS=$(DIRS) $(METADATA_BINARY)
container: Dockerfile $(DEPS)
tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
hash: Dockerfile $(DEPS)
find $^ -type f | xargs cat | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
push: hash container
DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \
(docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash) && \
DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(shell cat hash))
docker rmi $(IMAGE):build
rm -f hash
tag: hash container
docker pull $(ORG)/$(IMAGE):$(shell cat hash) || \
docker tag $(IMAGE):build $(ORG)/$(IMAGE):$(shell cat hash)
docker rmi $(IMAGE):build
rm -f hash
clean:
rm -rf hash $(DIRS) usr
.DELETE_ON_ERROR:
push: tag
DOCKER_CONTENT_TRUST=1 docker pull $(ORG)/$(IMAGE):$(HASH) || \
DOCKER_CONTENT_TRUST=1 docker push $(ORG)/$(IMAGE):$(HASH)