forked from lf-edge/eve
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
79 lines (66 loc) · 2.79 KB
/
Copy pathDockerfile
File metadata and controls
79 lines (66 loc) · 2.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# Copyright (c) 2023-2025 Zededa, Inc.
# SPDX-License-Identifier: Apache-2.0
#
# DON'T FORGET TO UPDATE THE HASH WHEN SOMETHING CHANGES!
# please see https://github.com/lf-edge/eve/blob/master/docs/BUILD.md#how-to-update-eve-alpine-package
FROM lfedge/eve-alpine:1f744180283ffb4eabcc3862531aeacf1de886b3 AS cache-build
ARG ALPINE_VERSION=3.22
# this is only needed once, when this package
# is rebased on the new version of Alpine and
# you have to have FROM alpine:x.y.z above:
# Trigger update for go package
RUN apk update && apk upgrade -a
# Copy Dockerfile so we can include it in the hash
COPY Dockerfile abuild.conf /etc/
COPY mirrors /tmp/mirrors/
COPY build-cache.sh /bin/
# install abuild for signing (which requires gcc as well)
# hadolint ignore=DL3018
RUN apk add --no-cache abuild gcc sudo
# install a new key into /etc/apk/keys
# hadolint ignore=DL3059
RUN abuild-keygen -a -i -n
# create all the mirrors
WORKDIR /tmp/mirrors
RUN [ -f /etc/apk/repositories.upstream ] || mv /etc/apk/repositories /etc/apk/repositories.upstream
# hadolint ignore=DL3059
RUN [ -f /etc/apk/cache.url ] || echo https://dl-cdn.alpinelinux.org/alpine > /etc/apk/cache.url
RUN for repo in main community testing; do \
if [ ! -f "3.22/$repo" ]; then echo "skipping 3.22/$repo"; continue; fi &&\
packages="" &&\
if [ -f "3.22/$repo" ]; then packages="$packages $(cat "3.22/$repo")"; fi &&\
if [ -f "3.22/$repo.$(apk --print-arch)" ]; then packages="$packages $(cat "3.22/$repo.$(apk --print-arch)")"; fi &&\
if [ -n "$packages" ]; then build-cache.sh "3.22/$repo" "/mirror/$(dirname "3.22/$repo")" "$packages"; fi \
done
# set the default repository to use
RUN cp /mirror/${ALPINE_VERSION}/rootfs/etc/apk/repositories /etc/apk
RUN apk update
FROM lfedge/eve-alpine-base:77cc1495c875b7468dbf4123210abf86a1ffb852-07a6e7df6 AS compactor
ARG TARGETARCH
ARG GO_VERSION=1.25.11
COPY --from=cache-build /etc/apk/repositories* /etc/apk/
COPY --from=cache-build /etc/apk/keys /etc/apk/keys/
COPY --from=cache-build /mirror /mirror/
COPY eve-alpine-deploy.sh go-compile.sh register-sbom-pkg.sh /bin/
RUN apk update && apk upgrade -a
ADD "https://go.dev/dl/go${GO_VERSION}.linux-${TARGETARCH}.tar.gz" /tmp/go.tar.gz
RUN rm -rf /usr/local/go && tar -C /usr/local -xzf /tmp/go.tar.gz
RUN ln -s /usr/local/go/bin/go /usr/bin/go
RUN ln -s /usr/local/go/bin/gofmt /usr/bin/gofmt
# define arch-specific envs
FROM scratch AS final-amd64
ENV EVE_BUILD_ARCH=x86_64
ENV EVE_TARGET_ARCH=x86_64
FROM scratch AS final-arm64
ENV EVE_BUILD_ARCH=aarch64
ENV EVE_TARGET_ARCH=aarch64
FROM scratch AS final-riscv64
ENV EVE_BUILD_ARCH=riscv64
ENV EVE_TARGET_ARCH=riscv64
# we merge layers in previous step
# so we should avoid large possible diff
# hadolint ignore=DL3006
FROM final-${TARGETARCH}
COPY --from=compactor / /
ENV GOTOOLCHAIN=local
CMD ["/bin/sh"]