forked from eclipse-iofog/router
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.edge
More file actions
136 lines (109 loc) · 6.01 KB
/
Copy pathDockerfile.edge
File metadata and controls
136 lines (109 loc) · 6.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# Plan 5 spike — Debian Trixie compile for linux/arm/v7 and linux/riscv64.
# UBI Dockerfile handles amd64/arm64; this file mirrors /image layout → scratch.
# debian:trixie — pin manifest list digest
FROM debian:trixie@sha256:d07d1b51c39f51188e60be9b64e6bf769fa94e187f092bc32b91305cfa34ba5a AS builder
RUN apt-get update && apt-get install -y --no-install-recommends \
gcc g++ make cmake pkg-config \
libsasl2-dev libssl-dev uuid-dev libffi-dev \
python3-dev python3-pip python3-venv \
python3-build python3-setuptools python3-cffi-backend \
libnghttp2-dev \
wget ca-certificates tar patch findutils git \
libtool autoconf automake \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /build
RUN git clone --depth 1 --branch 3.5.1 https://github.com/skupperproject/skupper-router.git .
ENV PROTON_VERSION=e5d5c2badb964684bf41ba509a110bf06a24712a
ENV PROTON_SOURCE_URL=${PROTON_SOURCE_URL:-https://github.com/apache/qpid-proton/archive/${PROTON_VERSION}.tar.gz}
ENV LWS_VERSION=v4.3.3
ENV LIBUNWIND_VERSION=v1.8.1
ENV LWS_SOURCE_URL=${LWS_SOURCE_URL:-https://github.com/warmcat/libwebsockets/archive/refs/tags/${LWS_VERSION}.tar.gz}
ENV LIBUNWIND_SOURCE_URL=${LIBUNWIND_SOURCE_URL:-https://github.com/libunwind/libunwind/archive/refs/tags/${LIBUNWIND_VERSION}.tar.gz}
ENV PKG_CONFIG_PATH=/usr/local/lib/pkgconfig
ENV PIP_BREAK_SYSTEM_PACKAGES=1
ENV CFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector-strong"
ENV CXXFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fstack-protector-strong"
ENV LDFLAGS="-Wl,-z,relro -Wl,-z,now -Wl,--as-needed"
ARG VERSION=0.0.0
ENV VERSION=$VERSION
ARG TARGETARCH
ENV PLATFORM=$TARGETARCH
# compile.sh expects RPM %set_build_flags and RHEL lib64 paths; adapt for Debian.
# Skip requirements-dev.txt (tests/grpcio) and ci_requirements.txt (PyPI pip upgrade);
# Proton Python bindings use apt: python3-build, setuptools, cffi-backend above.
RUN sed -i \
-e '/^BUILD_FLAGS=/d' \
-e '/^eval "${BUILD_FLAGS}"/d' \
-e 's|install/lib64/cmake/Proton|install/lib/cmake/Proton|' \
-e 's|-DENABLE_PROFILE_GUIDED_OPTIMIZATION=ON|-DENABLE_PROFILE_GUIDED_OPTIMIZATION=OFF|' \
-e 's|-DCMAKE_INSTALL_PREFIX=/usr|-DCMAKE_C_FLAGS="-Wno-error=format" -DCMAKE_INSTALL_PREFIX=/usr|' \
-e '/requirements-dev.txt/s/^/# /' \
-e '/ci_requirements.txt/s/^/# /' \
-e 's|python3 -m pip install "$(find|python3 -m pip install --ignore-installed "$(find|g' \
.github/scripts/compile.sh
RUN .github/scripts/compile.sh
RUN mkdir -p /image \
&& tar zxpf /qpid-proton-image.tar.gz -C /image \
&& tar zxpf /skupper-router-image.tar.gz -C /image \
&& tar zxpf /libwebsockets-image.tar.gz -C /image
RUN mkdir /image/licenses && cp ./LICENSE /image/licenses
# debian:trixie — pin manifest list digest
FROM debian:trixie@sha256:d07d1b51c39f51188e60be9b64e6bf769fa94e187f092bc32b91305cfa34ba5a AS packager
# UBI installroot analogue: download only runtime .debs + hard deps, extract to /output.
ENV ROOTFS=/output
ENV PACKAGER_PKGS="base-files base-passwd libc6 libgcc-s1 bash ca-certificates coreutils hostname iputils-ping libnghttp2-14 libsasl2-2 libsasl2-modules libpython3.13 openssl python3 login"
RUN apt-get update \
&& mkdir -p "${ROOTFS}" /tmp/debs \
&& cd /tmp/debs \
&& apt-get download $(apt-cache depends --recurse --no-recommends --no-suggests --no-conflicts --no-breaks --no-replaces --no-enhances ${PACKAGER_PKGS} 2>/dev/null | grep '^\w' | sort -u) \
&& for deb in *.deb; do dpkg-deb -x "$deb" "${ROOTFS}"; done \
&& mkdir -p "${ROOTFS}/home/runner" \
&& grep -q '^runner:' "${ROOTFS}/etc/passwd" 2>/dev/null || echo 'runner:x:10000:10000:runner:/home/runner:/usr/sbin/nologin' >> "${ROOTFS}/etc/passwd" \
&& grep -q '^runner:' "${ROOTFS}/etc/group" 2>/dev/null || echo 'runner:x:10000:' >> "${ROOTFS}/etc/group" \
&& rm -rf /tmp/debs /var/lib/apt/lists/*
RUN rm -rf \
"${ROOTFS}/usr/share/doc" "${ROOTFS}/usr/share/man" "${ROOTFS}/usr/share/info" \
"${ROOTFS}/usr/share/locale" "${ROOTFS}/usr/share/debconf" \
"${ROOTFS}/usr/share/tzdata" "${ROOTFS}/usr/share/zoneinfo" \
"${ROOTFS}/var/lib/dpkg" "${ROOTFS}/etc/dpkg" \
"${ROOTFS}/usr/bin/dpkg"* "${ROOTFS}/usr/bin/apt"* \
"${ROOTFS}/usr/bin/gawk" "${ROOTFS}/usr/bin/mawk" "${ROOTFS}/usr/bin/tar" \
&& find "${ROOTFS}/usr/lib" -name 'libapt*.so*' -delete \
&& find "${ROOTFS}/usr/lib" -path '*/python3*' -type d \( -name test -o -name idlelib -o -name tkinter -o -name ensurepip \) -exec rm -rf {} + 2>/dev/null || true
# golang:1.26.4-alpine — pin manifest list digest
FROM golang:1.26.4-alpine@sha256:3ad57304ad93bbec8548a0437ad9e06a455660655d9af011d58b993f6f615648 AS go-builder
ARG TARGETOS
ARG TARGETARCH
RUN mkdir -p /go/src/github.com/eclipse-iofog/router
WORKDIR /go/src/github.com/eclipse-iofog/router
COPY . /go/src/github.com/eclipse-iofog/router
RUN go fmt ./...
RUN if [ "$TARGETARCH" = "arm" ]; then \
GOOS=${TARGETOS} GOARCH=arm GOARM=7 go build -trimpath -ldflags="-s -w" -o bin/router .; \
else \
GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -trimpath -ldflags="-s -w" -o bin/router .; \
fi
# debian:trixie-slim — pin manifest list digest
FROM debian:trixie-slim@sha256:28de0877c2189802884ccd20f15ee41c203573bd87bb6b883f5f46362d24c5c2 AS tz
RUN apt-get update && apt-get install -y --no-install-recommends tzdata \
&& rm -rf /var/lib/apt/lists/*
FROM scratch
ARG OCI_SOURCE_REPO
ARG OCI_VERSION=latest
ARG OCI_REVISION
ARG ROUTER_DISTRIBUTION
LABEL org.opencontainers.image.source="${OCI_SOURCE_REPO}" \
org.opencontainers.image.version="${OCI_VERSION}" \
org.opencontainers.image.revision="${OCI_REVISION}" \
distribution="${ROUTER_DISTRIBUTION}"
COPY --from=packager /output /
USER 10000
COPY --from=builder /image /
WORKDIR /home/skrouterd/bin
COPY scripts/launch.sh /home/skrouterd/bin/launch.sh
ENV VERSION=${OCI_VERSION}
ENV QDROUTERD_HOME=/home/skrouterd
COPY LICENSE /licenses/LICENSE
COPY --from=go-builder /go/src/github.com/eclipse-iofog/router/bin/router /home/skrouterd/bin/router
COPY --from=tz /usr/share/zoneinfo /usr/share/zoneinfo
CMD ["/home/skrouterd/bin/router"]