-
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Dockerfile
119 lines (96 loc) · 4.03 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
FROM golang:1.22.4-alpine3.19 AS build-env
# Customize to your build env
# TARGETPLATFORM should be one of linux/amd64 or linux/arm64
ARG TARGETPLATFORM
# Use muslc for static libs
ARG BUILD_TAGS=muslc
ARG LD_FLAGS=-linkmode=external -extldflags '-Wl,-z,muldefs -static'
# Install cli tools for building and final image
RUN apk add --update --no-cache curl make git libc-dev bash gcc linux-headers eudev-dev ncurses-dev libc6-compat jq htop atop iotop
# Install build dependencies.
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ] ; then \
wget -P /lib https://github.com/CosmWasm/wasmvm/releases/download/v2.1.2/libwasmvm_muslc.x86_64.a ; \
cp /lib/libwasmvm_muslc.x86_64.a /lib/libwasmvm_muslc.a ; \
fi
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ] ; then \
wget -P /lib https://github.com/CosmWasm/wasmvm/releases/download/v2.1.2/libwasmvm_muslc.aarch64.a ; \
cp /lib/libwasmvm_muslc.aarch64.a /lib/libwasmvm_muslc.a ; \
fi
# Build main app.
WORKDIR /go/src/app
COPY . .
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ] ; then \
GOOS=linux GOARCH=amd64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ; \
fi
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ] ; then \
GOOS=linux GOARCH=arm64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ; \
fi
# Build a second app
WORKDIR /go/src/app/client
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ] ; then \
GOOS=linux GOARCH=amd64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ; \
fi
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ] ; then \
GOOS=linux GOARCH=arm64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ; \
fi
# Use busybox to create a user
FROM busybox:stable-musl AS busybox
RUN addgroup --gid 1137 -S defiant && adduser --uid 1137 -S defiant -G defiant
# Use scratch for the final image
FROM scratch
WORKDIR /home/defiant
# Label should match your github repo
LABEL org.opencontainers.image.source="https://github.com/defiantlabs/cosmos-tax-cli"
# Installs all binaries built with go.
COPY --from=build-env /go/bin /bin
# Other binaries we want to keep.
COPY --from=build-env /usr/bin/ldd /bin/ldd
COPY --from=build-env /usr/bin/curl /bin/curl
COPY --from=build-env /usr/bin/jq /bin/jq
COPY --from=build-env /usr/bin/htop /bin/htop
COPY --from=build-env /usr/bin/atop /bin/atop
# Install Libraries
# cosmos-tax-cli
COPY --from=build-env /usr/lib/libgcc_s.so.1 /lib/
COPY --from=build-env /lib/ld-musl*.so.1* /lib
# jq Libraries
COPY --from=build-env /usr/lib/libonig.so.5 /lib
# curl Libraries
COPY --from=build-env /usr/lib/libcurl.so.4 /lib
COPY --from=build-env /lib/libz.so.1 /lib
COPY --from=build-env /usr/lib/libnghttp2.so.14 /lib
COPY --from=build-env /lib/libssl.so.3 /lib
COPY --from=build-env /lib/libcrypto.so.3 /lib
COPY --from=build-env /usr/lib/libbrotlidec.so.1 /lib
COPY --from=build-env /usr/lib/libbrotlicommon.so.1 /lib
# htop/atop libs
COPY --from=build-env /usr/lib/libncursesw.so.6 /lib
# Install trusted CA certificates
COPY --from=build-env /etc/ssl/cert.pem /etc/ssl/cert.pem
# Install cli tools from busybox
COPY --from=busybox /bin/ln /bin/ln
COPY --from=busybox /bin/dd /bin/dd
COPY --from=busybox /bin/vi /bin/vi
COPY --from=busybox /bin/chown /bin/chown
COPY --from=busybox /bin/id /bin/id
COPY --from=busybox /bin/cp /bin/cp
COPY --from=busybox /bin/ls /bin/ls
COPY --from=busybox /bin/busybox /bin/sh
COPY --from=busybox /bin/cat /bin/cat
COPY --from=busybox /bin/less /bin/less
COPY --from=busybox /bin/grep /bin/grep
COPY --from=busybox /bin/sleep /bin/sleep
COPY --from=busybox /bin/env /bin/env
COPY --from=busybox /bin/tar /bin/tar
COPY --from=busybox /bin/tee /bin/tee
COPY --from=busybox /bin/du /bin/du
COPY --from=busybox /bin/df /bin/df
COPY --from=busybox /bin/nc /bin/nc
COPY --from=busybox /bin/netstat /bin/netstat
# Copy user from busybox to scratch
COPY --from=busybox /etc/passwd /etc/passwd
COPY --from=busybox --chown=1137:1137 /home/defiant /home/defiant
# Set home directory and user
WORKDIR /home/defiant
RUN chown -R defiant /home/defiant
USER defiant