-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathDockerfile
More file actions
72 lines (53 loc) · 2.21 KB
/
Dockerfile
File metadata and controls
72 lines (53 loc) · 2.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Build the libvirt-provider binary
FROM --platform=$BUILDPLATFORM golang:1.26.2-bookworm AS builder
# Prevent Go from downloading a different toolchain at build time.
# The Docker image IS the toolchain — if go.mod requires something newer,
# we want a loud failure, not a silent download.
ENV GOTOOLCHAIN=local
WORKDIR /workspace
# Copy the Go Modules manifests
COPY go.mod go.sum ./
# Cache dependencies before copying source code
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg \
go mod download
# Copy the Go source code
COPY api/ api/
COPY internal/ internal/
COPY cmd/ cmd/
COPY hack/ hack/
ARG TARGETOS
ARG TARGETARCH
ARG BUILDPLATFORM
ARG LDFLAGS
ENV BUILDARCH=${BUILDPLATFORM##*/}
# Install common dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
qemu-user-static qemu-utils ca-certificates \
libvirt-clients libcephfs-dev librbd-dev librados-dev libc-bin \
gcc g++ \
&& update-ca-certificates \
&& rm -rf /var/lib/apt/lists/*
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg \
CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GO111MODULE=on go build -ldflags="${LDFLAGS}" -a -o libvirt-provider ./cmd/libvirt-provider/main.go
# Install irictl-machine
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg \
CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GO111MODULE=on \
go install github.com/ironcore-dev/ironcore/irictl-machine/cmd/irictl-machine@main
# Ensure the binary is in a common location
RUN if [ "$TARGETARCH" = "$BUILDARCH" ]; then \
mv /go/bin/irictl-machine /workspace/irictl-machine; \
else \
mv /go/bin/linux_$TARGETARCH/irictl-machine /workspace/irictl-machine; \
fi
FROM busybox:1.37.0-uclibc AS busybox
# Since we're leveraging apt to pull in dependencies, we use `gcr.io/distroless/base` because it includes glibc.
FROM gcr.io/distroless/static-debian13 AS libvirt-provider
WORKDIR /
COPY --from=busybox /bin/sh /bin/sh
COPY --from=builder /workspace/libvirt-provider /libvirt-provider
COPY --from=builder /workspace/irictl-machine /irictl-machine
USER 65532:65532
ENTRYPOINT ["/libvirt-provider"]