forked from k3s-io/k3s
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile.dapper
67 lines (56 loc) · 2.44 KB
/
Dockerfile.dapper
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
ARG GOLANG=golang:1.22.4-alpine3.20
FROM ${GOLANG}
# Set proxy environment variables
ARG http_proxy
ARG https_proxy
ARG no_proxy
ENV http_proxy=${http_proxy} \
https_proxy=${https_proxy} \
no_proxy=${no_proxy}
# Install necessary packages
RUN apk -U --no-cache add \
bash git gcc musl-dev docker vim less file curl wget ca-certificates jq linux-headers \
zlib-dev tar zip squashfs-tools npm coreutils python3 py3-pip openssl-dev libffi-dev libseccomp \
libseccomp-dev libseccomp-static make libuv-static sqlite-dev sqlite-static libselinux \
libselinux-dev zlib-dev zlib-static zstd pigz alpine-sdk binutils-gold btrfs-progs-dev \
btrfs-progs-static gawk yq pipx \
&& [ "$(go env GOARCH)" = "amd64" ] && apk -U --no-cache add mingw-w64-gcc || true
# Install AWS CLI
RUN PIPX_BIN_DIR=/usr/local/bin pipx install awscli
# Install Trivy
ENV TRIVY_VERSION="0.53.0"
RUN case "$(go env GOARCH)" in \
arm64) TRIVY_ARCH="ARM64" ;; \
amd64) TRIVY_ARCH="64bit" ;; \
s390x) TRIVY_ARCH="s390x" ;; \
*) TRIVY_ARCH="" ;; \
esac
RUN if [ -n "${TRIVY_ARCH}" ]; then \
wget --no-verbose "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
&& tar -zxvf "trivy_${TRIVY_VERSION}_Linux-${TRIVY_ARCH}.tar.gz" \
&& mv trivy /usr/local/bin; \
fi
# Install goimports
RUN GOPROXY=direct go install golang.org/x/tools/cmd/goimports@gopls/v0.11.0
# Cleanup
RUN rm -rf /go/src /go/pkg
# Install golangci-lint for amd64
RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
curl -sL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.55.2; \
fi
# Set SELINUX environment variable
ARG SELINUX=true
ENV SELINUX=${SELINUX}
# Set Dapper configuration variables
ENV DAPPER_RUN_ARGS="--privileged -v k3s-cache:/go/src/github.com/k3s-io/k3s/.cache -v trivy-cache:/root/.cache/trivy" \
DAPPER_ENV="REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE SKIP_IMAGE SKIP_AIRGAP AWS_SECRET_ACCESS_KEY AWS_ACCESS_KEY_ID GITHUB_TOKEN GOLANG GOCOVER DEBUG" \
DAPPER_SOURCE="/go/src/github.com/k3s-io/k3s/" \
DAPPER_OUTPUT="./bin ./dist ./build/out ./build/static ./pkg/static ./pkg/deploy" \
DAPPER_DOCKER_SOCKET=true \
CROSS=true \
STATIC_BUILD=true
# Set $HOME separately because it refers to $DAPPER_SOURCE, set above
ENV HOME=${DAPPER_SOURCE}
WORKDIR ${DAPPER_SOURCE}
ENTRYPOINT ["./scripts/entry.sh"]
CMD ["ci"]