-
Notifications
You must be signed in to change notification settings - Fork 0
/
Containerfile
129 lines (107 loc) · 4.97 KB
/
Containerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# syntax = docker/dockerfile-upstream:1.2.0-labs
ARG TOOLCHAIN
# cleaned up specs and compiled versions
FROM scratch AS generate
FROM ghcr.io/sentinelos/certificates:2022-10-11 AS certificates
FROM ghcr.io/sentinelos/fhs:0.0.1 AS fhs
# runs markdownlint
FROM docker.io/node:19.4.0-alpine3.16 AS lint-markdown
WORKDIR /src
RUN npm i -g [email protected]
RUN npm i [email protected]
COPY .markdownlint.json .
RUN markdownlint --ignore "CHANGELOG.md" --ignore "**/node_modules/**" --ignore '**/hack/chglog/**' --rules node_modules/sentences-per-line/index.js .
# base toolchain image
FROM ${TOOLCHAIN} AS toolchain
RUN apk --update --no-cache add bash curl build-base protoc protobuf-dev
# build tools
FROM --platform=${BUILDPLATFORM} toolchain AS tools
ENV GO111MODULE on
ARG CGO_ENABLED
ENV CGO_ENABLED ${CGO_ENABLED}
ENV GOPATH /go
ARG GOLANGCILINT_VERSION
RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCILINT_VERSION} \
&& mv /go/bin/golangci-lint /bin/golangci-lint
ARG GOFUMPT_VERSION
RUN go install mvdan.cc/gofumpt@${GOFUMPT_VERSION} \
&& mv /go/bin/gofumpt /bin/gofumpt
RUN go install golang.org/x/vuln/cmd/govulncheck@latest \
&& mv /go/bin/govulncheck /bin/govulncheck
ARG GOIMPORTS_VERSION
RUN go install golang.org/x/tools/cmd/goimports@${GOIMPORTS_VERSION} \
&& mv /go/bin/goimports /bin/goimports
# tools and sources
FROM tools AS base
WORKDIR /src
COPY ./go.mod .
COPY ./go.sum .
RUN --mount=type=cache,target=/go/src go mod download
RUN --mount=type=cache,target=/go/src go mod verify
COPY . .
RUN --mount=type=cache,target=/go/src go list -mod=readonly all >/dev/null
# builds tasker-linux-amd64
FROM base AS tasker-linux-amd64-build
COPY --from=generate / /
WORKDIR /src
ARG GO_BUILDFLAGS
ARG GO_LDFLAGS
ARG VERSION_PKG="github.com/sentinelos/tasker/internal/version"
ARG SHA
ARG TAG
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/src GOARCH=amd64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=tasker -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /tasker-linux-amd64 /src/main
# builds tasker-linux-arm64
FROM base AS tasker-linux-arm64-build
COPY --from=generate / /
WORKDIR /src
ARG GO_BUILDFLAGS
ARG GO_LDFLAGS
ARG VERSION_PKG="github.com/sentinelos/tasker/internal/version"
ARG SHA
ARG TAG
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/src GOARCH=arm64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=tasker -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /tasker-linux-arm64 /src/main
# runs gofumpt
FROM base AS lint-gofumpt
RUN FILES="$(gofumpt -l .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'gofumpt -w .':\n${FILES}"; exit 1)
# runs goimports
FROM base AS lint-goimports
RUN FILES="$(goimports -l -local github.com/sentinelos/tasker .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'goimports -w -local github.com/sentinelos/tasker .':\n${FILES}"; exit 1)
# runs golangci-lint
FROM base AS lint-golangci-lint
COPY .golangci.yml .
ENV GOGC 50
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint --mount=type=cache,target=/go/src golangci-lint run --config .golangci.yml
# runs govulncheck
FROM base AS lint-govulncheck
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/src govulncheck ./...
# runs unit-tests with race detector
FROM base AS unit-tests-race
ARG TESTPKGS
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/src --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS}
# runs unit-tests
FROM base AS unit-tests-run
ARG TESTPKGS
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/src --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -coverpkg=${TESTPKGS} -count 1 ${TESTPKGS}
FROM scratch AS tasker-linux-amd64
COPY --from=tasker-linux-amd64-build /tasker-linux-amd64 /tasker-linux-amd64
FROM scratch AS tasker-linux-arm64
COPY --from=tasker-linux-arm64-build /tasker-linux-arm64 /tasker-linux-arm64
FROM scratch AS unit-tests
COPY --from=unit-tests-run /src/coverage.txt /coverage.txt
FROM tasker-${TARGETOS}-${TARGETARCH} AS tasker
FROM scratch AS tasker-all
COPY --from=tasker-linux-amd64 / /
COPY --from=tasker-linux-arm64 / /
FROM scratch AS tasker-image
ARG TARGETOS
ARG TARGETARCH
COPY --from=fhs / /
COPY --from=certificates / /
COPY --from=tasker tasker-${TARGETOS}-${TARGETARCH} /usr/bin/tasker
LABEL org.opencontainers.image.title="Tasker"
LABEL org.opencontainers.image.description="Tasker is a task runner."
LABEL org.opencontainers.image.licenses="MPL-2.0"
LABEL org.opencontainers.image.authors="Sentinel OS Authors"
LABEL org.opencontainers.image.documentation="https://github.com/sentinelos/tasker/blob/main/README.md"
LABEL org.opencontainers.image.source="https://github.com/sentinelos/tasker"
ENTRYPOINT ["/usr/bin/tasker"]