Switch to scratch based libgit2 container image
This moves the `libgit2` compilation to the image, to ensure it can be build on builders that aren't backed by AMD64. The image is structured in such a way that e.g. running nightly builds targeting a different Go version, or targeting a different OS vendor would be possible in the future via build arguments. Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit is contained in:
Hidde Beydals
parent
58e21f37fb
commit
a3e9f69bd5
48
Dockerfile
48
Dockerfile
|
|
@ -1,6 +1,37 @@
|
|||
ARG BASE_IMG=ghcr.io/hiddeco/golang-with-libgit2
|
||||
ARG BASE_TAG=dev
|
||||
FROM ${BASE_IMG}:${BASE_TAG} AS build
|
||||
ARG BASE_VARIANT=bullseye
|
||||
ARG GO_VERSION=1.16.8
|
||||
ARG XX_VERSION=1.0.0-rc.2
|
||||
|
||||
ARG LIBGIT2_IMG=ghcr.io/fluxcd/golang-with-libgit2
|
||||
ARG LIBGIT2_TAG=libgit2-1.1.1
|
||||
|
||||
FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx
|
||||
FROM ${LIBGIT2_IMG}:${LIBGIT2_TAG} as libgit2
|
||||
|
||||
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${BASE_VARIANT} as gostable
|
||||
FROM --platform=$BUILDPLATFORM golang:1.17rc1-${BASE_VARIANT} AS golatest
|
||||
|
||||
FROM gostable AS go-linux
|
||||
|
||||
FROM go-${TARGETOS} AS build-base-bullseye
|
||||
|
||||
# Copy the build utiltiies
|
||||
COPY --from=xx / /
|
||||
COPY --from=libgit2 /Makefile /libgit2/
|
||||
|
||||
# Install the libgit2 build dependencies
|
||||
RUN make -C /libgit2 cmake
|
||||
|
||||
ARG TARGETPLATFORM
|
||||
RUN make -C /libgit2 dependencies
|
||||
|
||||
FROM build-base-${BASE_VARIANT} as libgit2-bullseye
|
||||
|
||||
# Compile and install libgit2
|
||||
ARG TARGETPLATFORM
|
||||
RUN FLAGS=$(xx-clang --print-cmake-defines) make -C /libgit2 libgit2
|
||||
|
||||
FROM libgit2-${BASE_VARIANT} as build-bullseye
|
||||
|
||||
# Configure workspace
|
||||
WORKDIR /workspace
|
||||
|
|
@ -28,7 +59,16 @@ ARG TARGETPLATFORM
|
|||
RUN xx-go build -o image-automation-controller -trimpath \
|
||||
main.go
|
||||
|
||||
FROM debian:bullseye-slim as controller
|
||||
FROM build-${BASE_VARIANT} as prepare-bullseye
|
||||
|
||||
# Move libgit2 lib to generic and predictable location
|
||||
ARG TARGETPLATFORM
|
||||
RUN mkdir -p /libgit2/lib/ \
|
||||
&& cp -d /usr/lib/$(xx-info triple)/libgit2.so* /libgit2/lib/
|
||||
|
||||
FROM prepare-${BASE_VARIANT} as build
|
||||
|
||||
FROM debian:${BASE_VARIANT}-slim as controller
|
||||
|
||||
# Configure user
|
||||
RUN groupadd controller && \
|
||||
|
|
|
|||
47
Makefile
47
Makefile
|
|
@ -7,15 +7,21 @@ TAG ?= latest
|
|||
CRD_OPTIONS ?= crd:crdVersions=v1
|
||||
|
||||
# Base image used to build the Go binary
|
||||
BASE_IMG ?= ghcr.io/hiddeco/golang-with-libgit2
|
||||
BASE_TAG ?= dev
|
||||
LIBGIT2_IMG ?= ghcr.io/fluxcd/golang-with-libgit2
|
||||
LIBGIT2_TAG ?= libgit2-1.1.1
|
||||
|
||||
# Allows for defining additional Docker buildx arguments,
|
||||
# e.g. '--push'.
|
||||
BUILD_ARGS ?=
|
||||
# Architectures to build images for
|
||||
BUILD_PLATFORMS ?= linux/amd64,linux/arm64,linux/arm/v7
|
||||
|
||||
# Directory with versioned, downloaded things
|
||||
CACHE := cache
|
||||
|
||||
# Version of the source-controller from which to get the GitRepository CRD.
|
||||
# Change this if you bump the source-controller/api version in go.mod.
|
||||
SOURCE_VER ?= v0.15.4
|
||||
SOURCE_VER ?= v0.16.0
|
||||
|
||||
# Version of the image-reflector-controller from which to get the ImagePolicy CRD.
|
||||
# Change this if you bump the image-reflector-controller/api version in go.mod.
|
||||
|
|
@ -27,13 +33,21 @@ LIBGIT2_VER ?= 1.1.1
|
|||
# Repository root based on Git metadata.
|
||||
REPOSITORY_ROOT := $(shell git rev-parse --show-toplevel)
|
||||
|
||||
# libgit2 related magical paths.
|
||||
# libgit2 related magical paths
|
||||
# These are used to determine if the target libgit2 version is already available on
|
||||
# the system, or where they should be installed to.
|
||||
SYSTEM_LIBGIT2_VER := $(shell pkg-config --modversion libgit2 2>/dev/null)
|
||||
# the system, or where they should be installed to
|
||||
SYSTEM_LIBGIT2_VERSION := $(shell pkg-config --modversion libgit2 2>/dev/null)
|
||||
LIBGIT2_PATH := $(REPOSITORY_ROOT)/hack/libgit2
|
||||
LIBGIT2_LIB_PATH := $(LIBGIT2_PATH)/lib
|
||||
LIBGIT2 := $(LIBGIT2_LIB_PATH)/libgit2.so.$(LIBGIT2_VER)
|
||||
LIBGIT2 := $(LIBGIT2_LIB_PATH)/libgit2.so.$(LIBGIT2_VERSION)
|
||||
|
||||
ifneq ($(LIBGIT2_VERSION),$(SYSTEM_LIBGIT2_VERSION))
|
||||
LIBGIT2_FORCE ?= 1
|
||||
endif
|
||||
|
||||
ifeq ($(shell uname -s),Darwin)
|
||||
LIBGIT2 := $(LIBGIT2_LIB_PATH)/libgit2.$(LIBGIT2_VERSION).dylib
|
||||
endif
|
||||
|
||||
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
|
||||
ifeq (,$(shell go env GOBIN))
|
||||
|
|
@ -127,10 +141,12 @@ generate: controller-gen ## Generate code
|
|||
cd api; $(CONTROLLER_GEN) object:headerFile="../hack/boilerplate.go.txt" paths="./..."
|
||||
|
||||
docker-build: ## Build the Docker image
|
||||
docker build \
|
||||
--build-arg BASE_IMG=$(BASE_IMG) \
|
||||
--build-arg BASE_TAG=$(BASE_TAG) \
|
||||
-t $(IMG):$(TAG) .
|
||||
docker buildx build \
|
||||
--build-arg LIBGIT2_IMG=$(LIBGIT2_IMG) \
|
||||
--build-arg LIBGIT2_TAG=$(LIBGIT2_TAG) \
|
||||
--platform=$(BUILD_PLATFORMS) \
|
||||
-t $(IMG):$(TAG) \
|
||||
$(BUILD_ARGS) .
|
||||
|
||||
docker-push: ## Push the Docker image
|
||||
docker push $(IMG):$(TAG)
|
||||
|
|
@ -168,16 +184,15 @@ else
|
|||
API_REF_GEN=$(shell which gen-crd-api-reference-docs)
|
||||
endif
|
||||
|
||||
libgit2: $(LIBGIT2) ## Detect or download libgit2 library
|
||||
libgit2: $(LIBGIT2) ## Detect or download libgit2 library
|
||||
|
||||
$(LIBGIT2):
|
||||
ifeq ($(LIBGIT2_VER),$(SYSTEM_LIBGIT2_VER))
|
||||
else
|
||||
ifeq (1, $(LIBGIT2_FORCE))
|
||||
@{ \
|
||||
set -e; \
|
||||
mkdir -p $(LIBGIT2_PATH); \
|
||||
docker cp $(shell docker create --rm $(BASE_IMG):$(BASE_TAG)):/libgit2/Makefile $(LIBGIT2_PATH); \
|
||||
INSTALL_PREFIX=$(LIBGIT2_PATH) LIGBIT2_VERSION=$(LIBGIT2_VER) make -C $(LIBGIT2_PATH); \
|
||||
curl -sL https://raw.githubusercontent.com/fluxcd/golang-with-libgit2/$(LIBGIT2_TAG)/hack/Makefile -o $(LIBGIT2_PATH)/Makefile; \
|
||||
INSTALL_PREFIX=$(LIBGIT2_PATH) make -C $(LIBGIT2_PATH) libgit2; \
|
||||
}
|
||||
endif
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ go 1.16
|
|||
|
||||
require (
|
||||
github.com/fluxcd/pkg/apis/meta v0.10.0
|
||||
github.com/fluxcd/source-controller/api v0.15.4
|
||||
github.com/fluxcd/source-controller/api v0.16.0
|
||||
k8s.io/apimachinery v0.21.3
|
||||
sigs.k8s.io/controller-runtime v0.9.5
|
||||
)
|
||||
|
|
|
|||
|
|
@ -93,8 +93,8 @@ github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQL
|
|||
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
|
||||
github.com/fluxcd/pkg/apis/meta v0.10.0 h1:N7wVGHC1cyPdT87hrDC7UwCwRwnZdQM46PBSLjG2rlE=
|
||||
github.com/fluxcd/pkg/apis/meta v0.10.0/go.mod h1:CW9X9ijMTpNe7BwnokiUOrLl/h13miwVr/3abEQLbKE=
|
||||
github.com/fluxcd/source-controller/api v0.15.4 h1:9aRcH/WKJWt7Bp954K/wzLRuiRiHuD2osvYp74GoP64=
|
||||
github.com/fluxcd/source-controller/api v0.15.4/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
|
||||
github.com/fluxcd/source-controller/api v0.16.0 h1:xFz+K7lLg/82uOQp+a0g04GsgoWNfyzwXAoVQy4T/oI=
|
||||
github.com/fluxcd/source-controller/api v0.16.0/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
|
||||
github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
|
||||
|
|
|
|||
5
go.mod
5
go.mod
|
|
@ -15,9 +15,8 @@ require (
|
|||
github.com/fluxcd/pkg/runtime v0.12.1
|
||||
github.com/fluxcd/pkg/ssh v0.1.0
|
||||
// If you bump this, change SOURCE_VER in the Makefile to match
|
||||
// TODO(hidde): set to tagged version of release.
|
||||
github.com/fluxcd/source-controller v0.15.5-0.20210930103634-ac1b95090415
|
||||
github.com/fluxcd/source-controller/api v0.15.4
|
||||
github.com/fluxcd/source-controller v0.16.0
|
||||
github.com/fluxcd/source-controller/api v0.16.0
|
||||
github.com/go-git/go-billy/v5 v5.3.1
|
||||
github.com/go-git/go-git/v5 v5.4.2
|
||||
github.com/go-logr/logr v0.4.0
|
||||
|
|
|
|||
8
go.sum
8
go.sum
|
|
@ -358,10 +358,10 @@ github.com/fluxcd/pkg/testserver v0.1.0/go.mod h1:fvt8BHhXw6c1+CLw1QFZxcQprlcXzs
|
|||
github.com/fluxcd/pkg/untar v0.1.0/go.mod h1:aGswNyzB1mlz/T/kpOS58mITBMxMKc9tlJBH037A2HY=
|
||||
github.com/fluxcd/pkg/version v0.1.0 h1:v+SmCanmCB5Tj2Cx9TXlj+kNRfPGbAvirkeqsp7ZEAQ=
|
||||
github.com/fluxcd/pkg/version v0.1.0/go.mod h1:V7Z/w8dxLQzv0FHqa5ox5TeyOd2zOd49EeuWFgnwyj4=
|
||||
github.com/fluxcd/source-controller v0.15.5-0.20210930103634-ac1b95090415 h1:XrTvVFkWdFQX6GbosGNVtfreqAVqjBtFVk2cqy0uBYk=
|
||||
github.com/fluxcd/source-controller v0.15.5-0.20210930103634-ac1b95090415/go.mod h1:XPuJVVTs4eYwDWbZjaZY6JLiaNMPti+sl6LpCewEcvc=
|
||||
github.com/fluxcd/source-controller/api v0.15.4 h1:9aRcH/WKJWt7Bp954K/wzLRuiRiHuD2osvYp74GoP64=
|
||||
github.com/fluxcd/source-controller/api v0.15.4/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
|
||||
github.com/fluxcd/source-controller v0.16.0 h1:GUzyh6+NmA8Tx9fhhz/shYo585ICM9lCG0gAWkr/kGA=
|
||||
github.com/fluxcd/source-controller v0.16.0/go.mod h1:WsrFDJcVFawfMvTuKaz52yU9NA+lxGy+6qRFO3tdbps=
|
||||
github.com/fluxcd/source-controller/api v0.16.0 h1:xFz+K7lLg/82uOQp+a0g04GsgoWNfyzwXAoVQy4T/oI=
|
||||
github.com/fluxcd/source-controller/api v0.16.0/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
|
||||
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
|
||||
github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
|
||||
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
|
||||
|
|
|
|||
Loading…
Reference in New Issue