Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docker: refactored build scripts, added alpine variants (#23683)
- Loading branch information
Showing
13 changed files
with
210 additions
and
72 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# 5.4.0 | ||
|
||
- New `python` and `python-slim` variants of the images. | ||
- All base images have been switched to `debian:buster`. | ||
- New `alpine` and `alpine-slim` variants. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
ARG BASE_IMAGE=keybaseio/client:alpine | ||
|
||
FROM $BASE_IMAGE AS base | ||
|
||
FROM alpine:3.11 | ||
LABEL maintainer="Keybase <admin@keybase.io>" | ||
|
||
RUN apk add --update --no-cache gnupg procps ca-certificates bash | ||
|
||
ENV TINI_VERSION v0.18.0 | ||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini | ||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /tini.asc | ||
COPY packaging/linux/docker/tini_key.asc /tini_key.asc | ||
RUN gpg --import /tini_key.asc \ | ||
&& rm /tini_key.asc \ | ||
&& gpg --batch --verify /tini.asc /tini \ | ||
&& chmod +x /tini | ||
|
||
ENV GOSU_VERSION 1.11 | ||
ADD https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 /usr/local/bin/gosu | ||
ADD https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64.asc /usr/local/bin/gosu.asc | ||
COPY packaging/linux/docker/gosu_key.asc /gosu_key.asc | ||
RUN gpg --import /gosu_key.asc \ | ||
&& rm /gosu_key.asc \ | ||
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ | ||
&& chmod +x /usr/local/bin/gosu | ||
|
||
COPY packaging/linux/docker/slim/entrypoint.sh /usr/bin/entrypoint.sh | ||
RUN chmod +x /usr/bin/entrypoint.sh | ||
|
||
RUN adduser --disabled-password --gecos "" --shell /bin/bash keybase | ||
VOLUME [ "/home/keybase/.config/keybase", "/home/keybase/.cache/keybase" ] | ||
|
||
COPY --from=base /usr/bin/keybase /usr/bin/keybase | ||
COPY --from=base /usr/bin/keybase.sig /usr/bin/keybase.sig | ||
|
||
ENTRYPOINT ["/tini", "--", "entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
FROM golang:1.13.10-alpine3.11 AS builder | ||
|
||
RUN apk add --update --no-cache gnupg bash build-base | ||
|
||
ARG SOURCE_COMMIT=unknown | ||
|
||
ARG SIGNING_FINGERPRINT | ||
COPY .docker/code_signing_key /code_signing_key | ||
RUN gpg --import /code_signing_key | ||
|
||
COPY . /go/src/github.com/keybase/client | ||
RUN SOURCE_COMMIT=${SOURCE_COMMIT} \ | ||
KEYBASE_NO_GUI=1 \ | ||
KEYBASE_SKIP_32_BIT=1 \ | ||
/go/src/github.com/keybase/client/packaging/linux/build_binaries.sh \ | ||
prerelease / | ||
RUN gpg --detach-sign --armor --use-agent --local-user "$SIGNING_FINGERPRINT" \ | ||
-o "/binaries/amd64/usr/bin/keybase.sig" /binaries/amd64/usr/bin/keybase && \ | ||
gpg --detach-sign --armor --use-agent --local-user "$SIGNING_FINGERPRINT" \ | ||
-o "/binaries/amd64/usr/bin/kbfsfuse.sig" /binaries/amd64/usr/bin/kbfsfuse && \ | ||
gpg --detach-sign --armor --use-agent --local-user "$SIGNING_FINGERPRINT" \ | ||
-o "/binaries/amd64/usr/bin/git-remote-keybase.sig" /binaries/amd64/usr/bin/git-remote-keybase | ||
RUN chmod +x /binaries/amd64/usr/bin/keybase \ | ||
&& chmod +x /binaries/amd64/usr/bin/kbfsfuse \ | ||
&& chmod +x /binaries/amd64/usr/bin/git-remote-keybase | ||
|
||
FROM alpine:3.11 | ||
LABEL maintainer="Keybase <admin@keybase.io>" | ||
|
||
RUN apk add --update --no-cache gnupg procps ca-certificates bash | ||
|
||
ENV TINI_VERSION v0.18.0 | ||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /usr/local/bin/tini | ||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini.asc /usr/local/bin/tini.asc | ||
COPY packaging/linux/docker/tini_key.asc /tini_key.asc | ||
RUN gpg --import /tini_key.asc \ | ||
&& rm /tini_key.asc \ | ||
&& gpg --batch --verify /usr/local/bin/tini.asc /usr/local/bin/tini \ | ||
&& chmod +x /usr/local/bin/tini | ||
|
||
ENV GOSU_VERSION 1.11 | ||
ADD https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 /usr/local/bin/gosu | ||
ADD https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64.asc /usr/local/bin/gosu.asc | ||
COPY packaging/linux/docker/gosu_key.asc /gosu_key.asc | ||
RUN gpg --import /gosu_key.asc \ | ||
&& rm /gosu_key.asc \ | ||
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ | ||
&& chmod +x /usr/local/bin/gosu | ||
|
||
COPY packaging/linux/docker/standard/entrypoint.sh /usr/bin/entrypoint.sh | ||
RUN chmod +x /usr/bin/entrypoint.sh | ||
|
||
RUN adduser --disabled-password --gecos "" --shell /bin/bash keybase | ||
VOLUME [ "/home/keybase/.config/keybase", "/home/keybase/.cache/keybase" ] | ||
|
||
COPY --from=builder /binaries/amd64/usr/bin/keybase /usr/bin/keybase | ||
COPY --from=builder /binaries/amd64/usr/bin/keybase.sig /usr/bin/keybase.sig | ||
COPY --from=builder /binaries/amd64/usr/bin/kbfsfuse /usr/bin/kbfsfuse | ||
COPY --from=builder /binaries/amd64/usr/bin/kbfsfuse.sig /usr/bin/kbfsfuse.sig | ||
COPY --from=builder /binaries/amd64/usr/bin/git-remote-keybase /usr/bin/git-remote-keybase | ||
COPY --from=builder /binaries/amd64/usr/bin/git-remote-keybase.sig /usr/bin/git-remote-keybase.sig | ||
|
||
ENTRYPOINT ["tini", "--", "entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
{ | ||
"_c": "Base image of the name", | ||
"image_name": "keybaseio/client", | ||
|
||
"_c": "Variant definitions", | ||
"variants": { | ||
"": { | ||
"_c": "Path to the Dockerfile relative to the project's root", | ||
"dockerfile": "packaging/linux/docker/standard/Dockerfile", | ||
|
||
"_c": "`null` if it has no dependencies, otherwise the key of the image its based on", | ||
"base": null | ||
}, | ||
"-slim": { | ||
"dockerfile": "packaging/linux/docker/slim/Dockerfile", | ||
"base": "" | ||
}, | ||
|
||
"-alpine": { | ||
"dockerfile": "packaging/linux/docker/alpine/Dockerfile", | ||
"base": null | ||
}, | ||
"-alpine-slim": { | ||
"dockerfile": "packaging/linux/docker/alpine-slim/Dockerfile", | ||
"base": "-alpine" | ||
}, | ||
|
||
"-node": { | ||
"dockerfile": "packaging/linux/docker/node/Dockerfile", | ||
"base": "" | ||
}, | ||
"-node-slim": { | ||
"dockerfile": "packaging/linux/docker/node-slim/Dockerfile", | ||
"base": "" | ||
}, | ||
|
||
"-python": { | ||
"dockerfile": "packaging/linux/docker/python/Dockerfile", | ||
"base": "" | ||
}, | ||
"-python-slim": { | ||
"dockerfile": "packaging/linux/docker/python-slim/Dockerfile", | ||
"base": "" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters