From 0b704b74555ab0b3ded4442f86be600d99bdb6ec Mon Sep 17 00:00:00 2001 From: cyli Date: Fri, 2 Mar 2018 11:06:12 -0800 Subject: [PATCH] Update minimal dockerfiles to use multi-stage builds to achieve minimalness. Signed-off-by: cyli --- server.minimal.Dockerfile | 31 +++++++++++++++++++++++++------ signer.minimal.Dockerfile | 30 +++++++++++++++++++++++++----- 2 files changed, 50 insertions(+), 11 deletions(-) diff --git a/server.minimal.Dockerfile b/server.minimal.Dockerfile index 1b92b6eed..a8f26d265 100644 --- a/server.minimal.Dockerfile +++ b/server.minimal.Dockerfile @@ -1,3 +1,21 @@ +FROM golang:1.9.4-alpine AS build-env +RUN apk add --update git gcc libc-dev +# Pin to the specific v3.0.0 version +RUN go get -tags 'mysql postgres file' github.com/mattes/migrate/cli && mv /go/bin/cli /go/bin/migrate + +ENV NOTARYPKG github.com/theupdateframework/notary + +# Copy the local repo to the expected go path +COPY . /go/src/${NOTARYPKG} +WORKDIR /go/src/${NOTARYPKG} + +# Build notary-server +RUN go install \ + -tags pkcs11 \ + -ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" \ + ${NOTARYPKG}/cmd/notary-server + + FROM busybox:latest MAINTAINER David Lawrence "david.lawrence@docker.com" @@ -5,15 +23,16 @@ MAINTAINER David Lawrence "david.lawrence@docker.com" # images a straight swap for the those built in the compose file. RUN mkdir -p /usr/bin /var/lib && ln -s /bin/env /usr/bin/env -COPY ./bin/notary-server /usr/bin/notary-server -COPY ./bin/migrate /usr/bin/migrate -COPY ./bin/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1 -COPY ./fixtures /var/lib/notary/fixtures -COPY ./migrations /var/lib/notary/migrations +COPY --from=build-env /go/bin/notary-server /usr/bin/notary-server +COPY --from=build-env /go/bin/migrate /usr/bin/migrate +COPY --from=build-env /lib/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1 +COPY --from=build-env /go/src/github.com/theupdateframework/notary/migrations/ /var/lib/notary/migrations +COPY --from=build-env /go/src/github.com/theupdateframework/notary/fixtures /var/lib/notary/fixtures +RUN chmod 0600 /var/lib/notary/fixtures/database/* WORKDIR /var/lib/notary +# SERVICE_NAME needed for migration script ENV SERVICE_NAME=notary_server EXPOSE 4443 - ENTRYPOINT [ "/usr/bin/notary-server" ] CMD [ "-config=/var/lib/notary/fixtures/server-config-local.json" ] diff --git a/signer.minimal.Dockerfile b/signer.minimal.Dockerfile index cb4033dc8..18ee3d52e 100644 --- a/signer.minimal.Dockerfile +++ b/signer.minimal.Dockerfile @@ -1,3 +1,21 @@ +FROM golang:1.9.4-alpine AS build-env +RUN apk add --update git gcc libc-dev +# Pin to the specific v3.0.0 version +RUN go get -tags 'mysql postgres file' github.com/mattes/migrate/cli && mv /go/bin/cli /go/bin/migrate + +ENV NOTARYPKG github.com/theupdateframework/notary + +# Copy the local repo to the expected go path +COPY . /go/src/${NOTARYPKG} +WORKDIR /go/src/${NOTARYPKG} + +# Build notary-signer +RUN go install \ + -tags pkcs11 \ + -ldflags "-w -X ${NOTARYPKG}/version.GitCommit=`git rev-parse --short HEAD` -X ${NOTARYPKG}/version.NotaryVersion=`cat NOTARY_VERSION`" \ + ${NOTARYPKG}/cmd/notary-signer + + FROM busybox:latest MAINTAINER David Lawrence "david.lawrence@docker.com" @@ -5,13 +23,15 @@ MAINTAINER David Lawrence "david.lawrence@docker.com" # images a straight swap for the those built in the compose file. RUN mkdir -p /usr/bin /var/lib && ln -s /bin/env /usr/bin/env -COPY ./bin/notary-signer /usr/bin/notary-signer -COPY ./bin/migrate /usr/bin/migrate -COPY ./bin/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1 -COPY ./fixtures /var/lib/notary/fixtures -COPY ./migrations /var/lib/notary/migrations +COPY --from=build-env /go/bin/notary-signer /usr/bin/notary-signer +COPY --from=build-env /go/bin/migrate /usr/bin/migrate +COPY --from=build-env /lib/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1 +COPY --from=build-env /go/src/github.com/theupdateframework/notary/migrations/ /var/lib/notary/migrations +COPY --from=build-env /go/src/github.com/theupdateframework/notary/fixtures /var/lib/notary/fixtures +RUN chmod 0600 /var/lib/notary/fixtures/database/* WORKDIR /var/lib/notary +# SERVICE_NAME needed for migration script ENV SERVICE_NAME=notary_signer ENV NOTARY_SIGNER_DEFAULT_ALIAS="timestamp_1" ENV NOTARY_SIGNER_TIMESTAMP_1="testpassword"