-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move Dockerfiles to Component Directories #1846
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -55,7 +55,13 @@ $(DIST_DIR): | |
|
||
.PHONY: help | ||
help: ## Display this help | ||
@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-30s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) | ||
@awk 'BEGIN {FS = ":.*##"; printf " | ||
Usage: | ||
make [36m<target>[0m | ||
"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " [36m%-30s[0m %s | ||
", $$1, $$2 } /^##@/ { printf " | ||
[1m%s[0m | ||
", substr($$0, 5) } ' $(MAKEFILE_LIST) | ||
|
||
##@ Development | ||
|
||
|
@@ -279,12 +285,12 @@ docker: docker-apiserver docker-cli docker-orchestrator docker-ui docker-ui-back | |
.PHONY: docker-apiserver | ||
docker-apiserver: ## Build API Server container image | ||
$(info Building apiserver docker image ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-apiserver | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.apiserver vmclarity-apiserver | ||
|
||
.PHONY: docker-cli | ||
docker-cli: ## Build CLI container image | ||
$(info Building cli docker image ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-cli | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.cli vmclarity-cli | ||
|
||
# TODO(paralta) Temporary workaround to remove race flag from orchestrator build | ||
# since build fails in arm64 after #1587 | ||
|
@@ -293,27 +299,27 @@ BAKE_ENV_ORCHESTRATOR = $(subst -race,, $(BAKE_ENV)) | |
.PHONY: docker-orchestrator | ||
docker-orchestrator: ## Build Orchestrator container image | ||
$(info Building orchestrator docker image ...) | ||
$(BAKE_ENV_ORCHESTRATOR) docker buildx bake $(BAKE_OPTS) vmclarity-orchestrator | ||
$(BAKE_ENV_ORCHESTRATOR) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.orchestrator vmclarity-orchestrator | ||
|
||
.PHONY: docker-ui | ||
docker-ui: ## Build UI container image | ||
$(info Building ui docker image ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-ui | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.ui vmclarity-ui | ||
|
||
.PHONY: docker-ui-backend | ||
docker-ui-backend: ## Build UI Backend container image | ||
$(info Building ui-backend docker image ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-ui-backend | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.uibackend vmclarity-ui-backend | ||
|
||
.PHONY: docker-cr-discovery-server | ||
docker-cr-discovery-server: ## Build K8S Image Resolver Docker image | ||
$(info Building cr-discovery-server docker image ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-cr-discovery-server | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.cr-discovery-server vmclarity-cr-discovery-server | ||
|
||
.PHONY: docker-scanner-plugins | ||
docker-scanner-plugins: ## Build scanner plugin container images | ||
$(info Building scanner plugin docker images ...) | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) vmclarity-scanner-plugins | ||
$(BAKE_ENV) docker buildx bake $(BAKE_OPTS) -f dockerfiles/Dockerfile.scanner-plugins vmclarity-scanner-plugins | ||
|
||
##@ Code generation | ||
|
||
|
@@ -410,7 +416,7 @@ $(DIST_DIR)/aws-cloudformation-$(VERSION).tar.gz: $(DIST_DIR)/aws-cloudformation | |
$(DIST_DIR)/aws-cloudformation-$(VERSION).bundle: $(CFN_FILES) | $(CFN_DIST_DIR) | ||
$(info --- Generate Cloudformation bundle) | ||
cp -vR $(CFN_DIR)/* $(CFN_DIST_DIR)/ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' $(CFN_DIST_DIR)/VmClarity.cfn | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@:$(VERSION)@' $(CFN_DIST_DIR)/VmClarity.cfn | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did you change this? |
||
@touch $@ | ||
|
||
$(CFN_DIST_DIR)/LICENSE: $(ROOT_DIR)/LICENSE | $(CFN_DIST_DIR) | ||
|
@@ -433,7 +439,7 @@ $(DIST_DIR)/azure-bicep-$(VERSION).tar.gz: $(DIST_DIR)/azure-bicep-$(VERSION).bu | |
$(DIST_DIR)/azure-bicep-$(VERSION).bundle: $(BICEP_FILES) bin/bicep | $(BICEP_DIST_DIR) | ||
$(info --- Generate Bicep bundle) | ||
cp -vR $(BICEP_DIR)/* $(BICEP_DIST_DIR)/ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@:$(VERSION)@' \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did you change this? |
||
$(BICEP_DIST_DIR)/*.bicep $(BICEP_DIST_DIR)/vmclarity-UI.json | ||
$(BICEP_BIN) build $(BICEP_DIST_DIR)/vmclarity.bicep | ||
@touch $@ | ||
|
@@ -457,7 +463,7 @@ $(DIST_DIR)/docker-compose-$(VERSION).tar.gz: $(DIST_DIR)/docker-compose-$(VERSI | |
$(DIST_DIR)/docker-compose-$(VERSION).bundle: $(DOCKER_COMPOSE_FILES) | $(DOCKER_COMPOSE_DIST_DIR) | ||
$(info --- Generate Docker Compose bundle) | ||
cp -vR $(DOCKER_COMPOSE_DIR)/* $(DOCKER_COMPOSE_DIST_DIR)/ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@:$(VERSION)@' \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did you change this? |
||
$(DOCKER_COMPOSE_DIST_DIR)/*.yml $(DOCKER_COMPOSE_DIST_DIR)/*.yaml $(DOCKER_COMPOSE_DIST_DIR)/*.env | ||
@touch $@ | ||
|
||
|
@@ -481,7 +487,7 @@ $(DIST_DIR)/gcp-deployment-$(VERSION).tar.gz: $(DIST_DIR)/gcp-deployment-$(VERSI | |
$(DIST_DIR)/gcp-deployment-$(VERSION).bundle: $(GCP_DM_FILES) | $(GCP_DM_DIST_DIR) | ||
$(info --- Generate Google Cloud Deployment bundle) | ||
cp -vR $(GCP_DM_DIR)/* $(GCP_DM_DIST_DIR)/ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@\1:$(VERSION)@' \ | ||
sed -i -E 's@(ghcr\.io\/openclarity\/vmclarity\-(apiserver|cli|orchestrator|ui-backend|ui)):latest@:$(VERSION)@' \ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did you change this? |
||
$(GCP_DM_DIST_DIR)/vmclarity.py.schema $(GCP_DM_DIST_DIR)/components/vmclarity-server.py.schema | ||
@touch $@ | ||
|
||
|
@@ -565,3 +571,4 @@ renovate-fix-bicep: gen-bicep ## Fix Azure Bicep files after version update | |
$(info --- Fix Azure Bicep files after version update) | ||
git add ':$(subst $(ROOT_DIR),,$(BICEP_DIR))' \ | ||
&& git commit -m "fix: generate bicep template" | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# syntax=docker/dockerfile:1@sha256:e87caa74dcb7d46cd820352bfea12591f3dba3ddc4285e19c7dcd13359f7cefd | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. instead of creating a dockerfiles directory, put each dockerfile in the correct directory according to his suffix |
||
|
||
# xx is a helper for cross-compilation | ||
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0@sha256:0cd3f05c72d6c9b038eb135f91376ee1169ef3a330d34e418e65e2a5c2e9c0d4 AS xx | ||
|
||
FROM --platform=$BUILDPLATFORM golang:1.22.4-bullseye@sha256:067c5c7fe6d79f900c5ebe8351166356d6e3bbfcc6f807030e89b9a929252273 AS builder | ||
|
||
COPY --link --from=xx / / | ||
|
||
ARG TARGETPLATFORM | ||
|
||
RUN --mount=type=cache,id=${TARGETPLATFORM}-apt,target=/var/cache/apt,sharing=locked \ | ||
apt-get update \ | ||
&& xx-apt-get install -y --no-install-recommends \ | ||
gcc \ | ||
libc6-dev | ||
|
||
WORKDIR /build/api/server | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go mod download -x | ||
|
||
ARG VERSION | ||
ARG BUILD_TIMESTAMP | ||
ARG COMMIT_HASH | ||
ARG BUILD_OPTS | ||
|
||
ENV CGO_ENABLED=1 | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go build ${BUILD_OPTS} -ldflags="-s -w -extldflags -static \ | ||
-X 'github.com/openclarity/vmclarity/core/version.Version=${VERSION}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.CommitHash=${COMMIT_HASH}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.BuildTimestamp=${BUILD_TIMESTAMP}'" \ | ||
-o /bin/vmclarity-apiserver ./cmd/main.go | ||
|
||
RUN xx-verify /bin/vmclarity-apiserver | ||
|
||
FROM alpine:3.20@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 | ||
|
||
RUN apk add --update --no-cache \ | ||
ca-certificates \ | ||
libc6-compat | ||
|
||
COPY --from=builder ["/bin/vmclarity-apiserver", "/bin/vmclarity-apiserver"] | ||
|
||
ENTRYPOINT ["/bin/vmclarity-apiserver"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
# syntax=docker/dockerfile:1@sha256:e87caa74dcb7d46cd820352bfea12591f3dba3ddc4285e19c7dcd13359f7cefd | ||
|
||
ARG VMCLARITY_TOOLS_BASE=ghcr.io/openclarity/vmclarity-tools-base:v0.6.0@sha256:dc9779be25bdbd3a8725e768764a223b8ba5fd906fc5afc67b417886086806d8 | ||
# xx is a helper for cross-compilation | ||
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0@sha256:0cd3f05c72d6c9b038eb135f91376ee1169ef3a330d34e418e65e2a5c2e9c0d4 AS xx | ||
|
||
FROM --platform=$BUILDPLATFORM golang:1.22.4-bullseye@sha256:067c5c7fe6d79f900c5ebe8351166356d6e3bbfcc6f807030e89b9a929252273 AS builder | ||
|
||
COPY --link --from=xx / / | ||
|
||
ARG TARGETPLATFORM | ||
|
||
RUN --mount=type=cache,id=${TARGETPLATFORM}-apt,target=/var/cache/apt,sharing=locked \ | ||
apt-get update \ | ||
&& xx-apt-get install -y --no-install-recommends \ | ||
gcc \ | ||
libc6-dev | ||
|
||
WORKDIR /build/cli | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go mod download -x | ||
|
||
ARG VERSION | ||
ARG BUILD_TIMESTAMP | ||
ARG COMMIT_HASH | ||
ARG BUILD_OPTS | ||
|
||
ENV CGO_ENABLED=1 | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go build ${BUILD_OPTS} -ldflags="-s -w -extldflags -static \ | ||
-X 'github.com/openclarity/vmclarity/core/version.Version=${VERSION}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.CommitHash=${COMMIT_HASH}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.BuildTimestamp=${BUILD_TIMESTAMP}'" \ | ||
-o /bin/vmclarity-cli cmd/main.go | ||
|
||
FROM ${VMCLARITY_TOOLS_BASE} | ||
|
||
RUN apk upgrade --quiet --no-cache | ||
|
||
RUN apk add --update --no-cache \ | ||
util-linux \ | ||
ca-certificates \ | ||
libc6-compat | ||
|
||
COPY --from=builder /bin/vmclarity-cli /bin/vmclarity-cli | ||
|
||
ENTRYPOINT ["/bin/vmclarity-cli"] | ||
|
||
CMD ["--help"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# syntax=docker/dockerfile:1@sha256:e87caa74dcb7d46cd820352bfea12591f3dba3ddc4285e19c7dcd13359f7cefd | ||
|
||
# xx is a helper for cross-compilation | ||
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0@sha256:0cd3f05c72d6c9b038eb135f91376ee1169ef3a330d34e418e65e2a5c2e9c0d4 AS xx | ||
|
||
FROM --platform=$BUILDPLATFORM golang:1.22.4-bullseye@sha256:067c5c7fe6d79f900c5ebe8351166356d6e3bbfcc6f807030e89b9a929252273 AS builder | ||
|
||
COPY --link --from=xx / / | ||
|
||
ARG TARGETPLATFORM | ||
|
||
RUN --mount=type=cache,id=${TARGETPLATFORM}-apt,target=/var/cache/apt,sharing=locked \ | ||
apt-get update \ | ||
&& xx-apt-get install -y --no-install-recommends \ | ||
gcc \ | ||
libc6-dev | ||
|
||
WORKDIR /build/orchestrator | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go mod download -x | ||
|
||
ARG VERSION | ||
ARG BUILD_TIMESTAMP | ||
ARG COMMIT_HASH | ||
ARG BUILD_OPTS | ||
|
||
ENV CGO_ENABLED=1 | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
xx-go build ${BUILD_OPTS} -ldflags="-s -w -extldflags -static \ | ||
-X 'github.com/openclarity/vmclarity/core/version.Version=${VERSION}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.CommitHash=${COMMIT_HASH}' \ | ||
-X 'github.com/openclarity/vmclarity/core/version.BuildTimestamp=${BUILD_TIMESTAMP}'" \ | ||
-o /bin/vmclarity-orchestrator ./cmd/main.go | ||
|
||
RUN xx-verify /bin/vmclarity-orchestrator | ||
|
||
FROM alpine:3.20@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 | ||
|
||
COPY --from=builder ["/bin/vmclarity-orchestrator", "/bin/vmclarity-orchestrator"] | ||
|
||
RUN apk add --update --no-cache \ | ||
ca-certificates \ | ||
libc6-compat | ||
|
||
ENTRYPOINT ["/bin/vmclarity-orchestrator"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
FROM --platform=$BUILDPLATFORM golang:1.22.4-alpine3.19@sha256:c46c4609d3cc74a149347161fc277e11516f523fd8aa6347c9631527da0b7a56 AS builder | ||
|
||
ARG TARGETOS TARGETARCH | ||
|
||
WORKDIR /build/plugins/sdk-go/example | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
go mod download -x | ||
|
||
RUN --mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=cache,target=/root/.cache/go-build \ | ||
--mount=type=bind,source=.,target=/build,ro \ | ||
GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 \ | ||
go build -ldflags="-s -w -extldflags -static" \ | ||
-o /bin/scanner ./main.go | ||
|
||
FROM alpine:3.20@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 | ||
|
||
COPY --from=builder /bin/scanner /bin/scanner | ||
|
||
USER 65534 | ||
|
||
ENTRYPOINT ["/bin/scanner"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
FROM python:3.12-slim | ||
|
||
RUN apt-get update && \ | ||
apt-get install --no-install-recommends -y git | ||
|
||
# Set the working directory in the container | ||
WORKDIR /app | ||
|
||
# Copy the current directory contents into the container at /app | ||
COPY . /app | ||
|
||
# Install any needed dependencies specified in requirements.txt | ||
RUN pip install --no-cache-dir -r requirements.txt | ||
|
||
# Make sure all messages always reach console | ||
ENV PYTHONUNBUFFERED=1 | ||
|
||
USER 65534 | ||
|
||
# Run scanner when the container launches | ||
CMD ["python3", "/app/scanner.py"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
FROM ubuntu:24.04 AS builder-image | ||
|
||
# Avoid stuck build due to user prompt | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
RUN apt-get update && \ | ||
apt-get install --no-install-recommends -y python3.12 python3.12-dev python3.12-venv python3-pip python3-wheel build-essential && \ | ||
apt-get clean && rm -rf /var/lib/apt/lists/* | ||
|
||
# Create and activate virtual environment | ||
# Using final folder name to avoid path issues with packages | ||
RUN python3.12 -m venv /venv | ||
ENV PATH="/venv/bin:$PATH" | ||
|
||
# Install SDK from folder | ||
COPY ./plugins/sdk-python /pluginsdk | ||
RUN pip3 install --no-cache-dir wheel | ||
RUN pip3 install --no-cache-dir /pluginsdk | ||
|
||
|
||
FROM ubuntu:24.04 AS runner-image | ||
|
||
RUN apt-get update && \ | ||
apt-get install --no-install-recommends -y python3.12 python3-venv && \ | ||
apt-get clean && rm -rf /var/lib/apt/lists/* | ||
|
||
# Copy installed venv packages | ||
COPY --from=builder-image /venv /venv | ||
|
||
# Make sure all messages always reach console | ||
ENV PYTHONUNBUFFERED=1 | ||
|
||
# Activate virtual environment | ||
ENV VIRTUAL_ENV=/venv | ||
ENV PATH="/venv/bin:$PATH" | ||
|
||
# Copy example | ||
COPY ./plugins/sdk-python/example ./src | ||
|
||
USER 65534 | ||
|
||
# Run example scanner | ||
CMD ["python3", "/src/scanner.py"] | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# syntax=docker/dockerfile:1@sha256:e87caa74dcb7d46cd820352bfea12591f3dba3ddc4285e19c7dcd13359f7cefd | ||
|
||
FROM --platform=$BUILDPLATFORM node:20-slim AS site-build | ||
|
||
WORKDIR /src | ||
|
||
COPY --link ./ui /src | ||
|
||
RUN --mount=type=cache,target=/src/node_modules \ | ||
npm install | ||
|
||
RUN --mount=type=cache,target=/src/node_modules \ | ||
npm run build | ||
|
||
FROM nginx:1.27.0@sha256:9c367186df9a6b18c6735357b8eb7f407347e84aea09beb184961cb83543d46e | ||
|
||
COPY --from=site-build ["/src/build", "/usr/share/nginx/html"] | ||
|
||
COPY --link ["ui/nginx.conf", "/etc/nginx/conf.d/default.conf"] | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why did you change this?