forked from vmware-tanzu/tanzu-framework
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
155 lines (134 loc) · 6.18 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# Copyright 2023 VMware, Inc. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
# This Dockerfile is currently consumed by build tooling https://github.com/vmware-tanzu/build-tooling-for-integrations
# to build components in tanzu-framework, check out build-tooling.mk to understand how this is being consumed.
ARG BUILDER_BASE_IMAGE=golang:1.19
ARG ENVTEST_K8S_VERSION=1.26.1
ARG TANZU_CLI_VERSION=0.90.0
FROM --platform=${BUILDPLATFORM} $BUILDER_BASE_IMAGE as base
ARG COMPONENT
ARG GOPROXY_ARG
ENV GOPROXY=${GOPROXY_ARG}
WORKDIR /workspace
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
cd $COMPONENT && go mod download
# Linting
FROM golangci/golangci-lint:v1.52.2 AS lint-base
FROM base AS lint
RUN --mount=target=. \
--mount=from=lint-base,src=/usr/bin/golangci-lint,target=/usr/bin/golangci-lint \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/root/.cache/golangci-lint \
cd $COMPONENT && golangci-lint run --config /workspace/.golangci.yaml --timeout 10m0s ./...
FROM base AS fmt
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
cd $COMPONENT && go fmt ./...
FROM base AS vet
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
cd $COMPONENT && go vet ./...
# Testing
FROM --platform=${BUILDPLATFORM} $BUILDER_BASE_IMAGE as test-base
ARG ENVTEST_K8S_VERSION
RUN go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
RUN setup-envtest use ${ENVTEST_K8S_VERSION} --bin-dir /bin
FROM base AS test
ARG ENVTEST_K8S_VERSION
ARG BUILDARCH
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=from=test-base,src=/bin/k8s,target=/bin/k8s \
cd $COMPONENT && mkdir /out && KUBEBUILDER_ASSETS=/bin/k8s/${ENVTEST_K8S_VERSION}-linux-${BUILDARCH} go test -v -coverprofile=/out/cover.out ./...
# Build the manager binary
FROM base as builder
ARG TARGETOS
ARG TARGETARCH
ARG LD_FLAGS
ENV LD_FLAGS="$LD_FLAGS "'-extldflags "-static"'
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
cd $COMPONENT && CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} GO111MODULE=on go build -o /out/manager ./main.go
# Download and install Carvel's imgpkg program.
FROM --platform=${BUILDPLATFORM} $BUILDER_BASE_IMAGE as carvel-base
ARG IMGPKG_VERSION
ARG BUILDARCH
RUN wget -O /bin/imgpkg https://github.com/vmware-tanzu/carvel-imgpkg/releases/download/${IMGPKG_VERSION}/imgpkg-linux-${BUILDARCH} && \
chmod +x /bin/imgpkg
# Install Tanzu CLI Plugin Builder.
# Note: We are temporarily using a deactivated plugin until a bug fix is made to the plugin builder.
FROM --platform=${BUILDPLATFORM} $BUILDER_BASE_IMAGE AS cli-plugin-builder-install
ARG TANZU_CLI_VERSION
RUN apt-get update && \
apt-get install -y ca-certificates && \
printf "deb https://storage.googleapis.com/tanzu-cli-os-packages/apt tanzu-cli-jessie main" | tee /etc/apt/sources.list.d/tanzu.list && \
apt-get update --allow-insecure-repositories && \
apt-get install -y tanzu-cli=${TANZU_CLI_VERSION} --allow-unauthenticated && \
tanzu ceip set true && \
tanzu config eula accept && \
TANZU_CLI_INCLUDE_DEACTIVATED_PLUGINS_TEST_ONLY=true tanzu plugin install builder -v v0.90.0-alpha.2
# Run Tanzu plugin builder and compile all plugins in the project's cmd/cli/plugin directory.
FROM base AS cli-plugin-build-prep
ARG CLI_PLUGIN_VERSION
ARG CLI_PLUGIN
ARG OCI_REGISTRY
ARG CLI_PLUGIN_GO_FLAGS
RUN --mount=type=bind,readwrite \
--mount=from=carvel-base,src=/bin/imgpkg,target=/bin/imgpkg \
--mount=from=cli-plugin-builder-install,src=/usr/bin/tanzu,target=/bin/tanzu \
--mount=from=cli-plugin-builder-install,src=/root/.local/share/tanzu-cli/builder,target=/root/.local/share/tanzu-cli/builder \
--mount=from=cli-plugin-builder-install,src=/root/.config/tanzu/,target=/root/.config/tanzu/ \
--mount=from=cli-plugin-builder-install,src=/root/.cache/tanzu/,target=/root/.cache/tanzu/ \
tanzu builder plugin build \
--match "${CLI_PLUGIN}" \
--os-arch linux_amd64 --os-arch windows_amd64 --os-arch darwin_amd64 \
--version "${CLI_PLUGIN_VERSION}" \
--binary-artifacts "./artifacts/plugins" \
--goflags "${CLI_PLUGIN_GO_FLAGS}" && \
tanzu builder plugin build-package \
--oci-registry "${OCI_REGISTRY}" && \
mkdir -p /out/plugin-artifacts && \
cp -r artifacts /out/plugin-artifacts
# Run Tanzu plugin builder and publish plugins listed in
# build/artifacts/packages/plugin_manifest.yaml.
FROM base AS cli-plugin-publish
ARG REPOSITORY
ARG PUBLISHER
ARG VENDOR
ARG IMGPKG_USERNAME
ARG IMGPKG_PASSWORD
ENV IMGPKG_USERNAME=${IMGPKG_USERNAME} IMGPKG_PASSWORD=${IMGPKG_PASSWORD}
RUN --mount=type=bind,readwrite \
--mount=from=carvel-base,src=/bin/imgpkg,target=/bin/imgpkg \
--mount=from=cli-plugin-builder-install,src=/usr/bin/tanzu,target=/bin/tanzu \
--mount=from=cli-plugin-builder-install,src=/root/.local/share/tanzu-cli/builder,target=/root/.local/share/tanzu-cli/builder \
--mount=from=cli-plugin-builder-install,src=/root/.config/tanzu/,target=/root/.config/tanzu/ \
--mount=from=cli-plugin-builder-install,src=/root/.cache/tanzu/,target=/root/.cache/tanzu/ \
tanzu builder plugin publish-package \
--repository "${REPOSITORY}" \
--publisher "${PUBLISHER}" \
--vendor "${VENDOR}" \
--package-artifacts "./build/artifacts/packages"
# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot as image
WORKDIR /
COPY --from=builder /out/manager .
USER nonroot:nonroot
ENTRYPOINT ["/manager"]
FROM scratch AS unit-test-coverage
COPY --from=test /out/cover.out /cover.out
FROM scratch AS bin-unix
COPY --from=builder /out/manager /
FROM bin-unix AS bin-linux
FROM bin-unix AS bin-darwin
FROM scratch AS bin-windows
COPY --from=builder /out/manager /manager.exe
FROM bin-${TARGETOS} as bin
FROM scratch as cli-plugin-build
COPY --from=cli-plugin-build-prep /out/plugin-artifacts/ .