mirror of https://github.com/linkerd/linkerd2.git
60 lines
2.8 KiB
Plaintext
60 lines
2.8 KiB
Plaintext
ARG RUNTIME_IMAGE=gcr.io/distroless/cc-debian12
|
|
ARG BUILDPLATFORM=linux/amd64
|
|
|
|
# Precompile key slow-to-build dependencies
|
|
FROM --platform=$BUILDPLATFORM golang:1.23-alpine AS go-deps
|
|
WORKDIR /linkerd-build
|
|
COPY go.mod go.sum ./
|
|
COPY bin/install-deps bin/
|
|
RUN go mod download
|
|
ARG TARGETARCH
|
|
RUN ./bin/install-deps $TARGETARCH
|
|
|
|
FROM --platform=$BUILDPLATFORM debian:bookworm-slim AS fetch
|
|
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
|
|
DEBIAN_FRONTEND=noninteractive apt-get install -y curl jq && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
WORKDIR /build
|
|
COPY bin/fetch-proxy bin/fetch-proxy
|
|
COPY bin/scurl bin/scurl
|
|
ARG TARGETARCH
|
|
ARG LINKERD2_PROXY_REPO="linkerd/linkerd2-proxy"
|
|
ARG LINKERD2_PROXY_VERSION=""
|
|
RUN --mount=type=secret,id=github \
|
|
export GITHUB_TOKEN_FILE=/run/secrets/github; \
|
|
proxy=$(bin/fetch-proxy "$LINKERD2_PROXY_VERSION" "$TARGETARCH"); \
|
|
mv "$proxy" linkerd2-proxy
|
|
RUN echo "$LINKERD2_PROXY_VERSION" > proxy-version
|
|
ARG LINKERD_AWAIT_VERSION=v0.2.9
|
|
RUN bin/scurl -o linkerd-await https://github.com/linkerd/linkerd-await/releases/download/release%2F${LINKERD_AWAIT_VERSION}/linkerd-await-${LINKERD_AWAIT_VERSION}-${TARGETARCH} && chmod +x linkerd-await
|
|
ARG LINKERD_VALIDATOR_VERSION=v0.1.2
|
|
RUN bin/scurl -O https://github.com/linkerd/linkerd2-proxy-init/releases/download/validator%2F${LINKERD_VALIDATOR_VERSION}/linkerd-network-validator-${LINKERD_VALIDATOR_VERSION}-${TARGETARCH}.tgz
|
|
RUN tar -zxvf linkerd-network-validator-${LINKERD_VALIDATOR_VERSION}-${TARGETARCH}.tgz && mv linkerd-network-validator-${LINKERD_VALIDATOR_VERSION}-${TARGETARCH}/linkerd-network-validator .
|
|
|
|
## compile proxy-identity agent
|
|
FROM go-deps AS golang
|
|
WORKDIR /linkerd-build
|
|
COPY pkg/util pkg/util
|
|
COPY pkg/flags pkg/flags
|
|
COPY pkg/tls pkg/tls
|
|
COPY pkg/version pkg/version
|
|
ARG TARGETARCH
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=$TARGETARCH go build -mod=readonly ./pkg/...
|
|
COPY proxy-identity proxy-identity
|
|
RUN CGO_ENABLED=0 GOOS=linux GOARCH=$TARGETARCH go build -o /out/proxy-identity -mod=readonly -ldflags "-s -w" ./proxy-identity
|
|
|
|
FROM $RUNTIME_IMAGE AS runtime
|
|
LABEL org.opencontainers.image.source=https://github.com/linkerd/linkerd2
|
|
COPY --from=fetch /build/target/proxy/LICENSE /usr/lib/linkerd/LICENSE
|
|
COPY --from=fetch /build/proxy-version /usr/lib/linkerd/linkerd2-proxy-version.txt
|
|
COPY --from=fetch /build/linkerd2-proxy /usr/lib/linkerd/linkerd2-proxy
|
|
COPY --from=fetch /build/linkerd-await /usr/lib/linkerd/linkerd-await
|
|
COPY --from=fetch /build/linkerd-network-validator /usr/lib/linkerd/linkerd2-network-validator
|
|
COPY --from=golang /out/proxy-identity /usr/lib/linkerd/linkerd2-proxy-identity
|
|
COPY --from=debian:bookworm-slim /bin/sleep /bin/sleep
|
|
ARG LINKERD_VERSION
|
|
ENV LINKERD_CONTAINER_VERSION_OVERRIDE=${LINKERD_VERSION}
|
|
ENV LINKERD2_PROXY_LOG=warn,linkerd=info
|
|
ENV LINKERD2_PROXY_LOG_FORMAT=plain
|
|
ENTRYPOINT ["/usr/lib/linkerd/linkerd2-proxy-identity"]
|