-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
109 lines (89 loc) · 3.76 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
FROM golang:1.19-alpine3.16 AS build-env
# Customize to your build env
ARG PACKAGES="./main.go"
# TARGETPLATFORM should be one of linux/amd64 or linux/arm64
ARG TARGETPLATFORM
# Use muslc for static libs
ARG BUILD_TAGS=muslc
ARG LD_FLAGS=-linkmode=external -extldflags '-Wl,-z,muldefs -static'
# Install cli tools for building and final image
RUN apk add --update --no-cache curl make git libc-dev bash gcc linux-headers eudev-dev ncurses-dev libc6-compat jq htop atop iotop
# Install build dependencies.
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ] ; then \
wget -P /lib https://github.com/CosmWasm/wasmvm/releases/download/v1.2.3/libwasmvm_muslc.x86_64.a ; \
cp /lib/libwasmvm_muslc.x86_64.a /lib/libwasmvm_muslc.a ; \
fi
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ] ; then \
wget -P /lib https://github.com/CosmWasm/wasmvm/releases/download/v1.2.3/libwasmvm_muslc.aarch64.a ; \
cp /lib/libwasmvm_muslc.aarch64.a /lib/libwasmvm_muslc.a ; \
fi
# Build main app.
WORKDIR /go/src/app
COPY . .
RUN if [ "${TARGETPLATFORM}" = "linux/amd64" ] ; then \
GOOS=linux GOARCH=amd64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ${PACKAGES} ; \
fi
RUN if [ "${TARGETPLATFORM}" = "linux/arm64" ] ; then \
GOOS=linux GOARCH=arm64 CGO_ENABLED=1 go install -ldflags ${LD_FLAGS} -tags ${BUILD_TAGS} ${PACKAGES} ; \
fi
# Use busybox to create a user
FROM busybox:stable-musl AS busybox
RUN addgroup --gid 1137 -S xchains-indexer && adduser --uid 1137 -S xchains-indexer -G xchains-indexer
# Use scratch for the final image
FROM scratch
WORKDIR /home/xchains-indexer
# Label should match your github repo
LABEL org.opencontainers.image.source="https://github.com/scalarorg/xchains-indexer"
# Installs all binaries built with go.
COPY --from=build-env /go/bin /bin
# Other binaries we want to keep.
COPY --from=build-env /usr/bin/ldd /bin/ldd
COPY --from=build-env /usr/bin/curl /bin/curl
COPY --from=build-env /usr/bin/jq /bin/jq
COPY --from=build-env /usr/bin/htop /bin/htop
COPY --from=build-env /usr/bin/atop /bin/atop
# Install Libraries
# cosmos-indexer
COPY --from=build-env /usr/lib/libgcc_s.so.1 /lib/
COPY --from=build-env /lib/ld-musl*.so.1* /lib
# jq Libraries
COPY --from=build-env /usr/lib/libonig.so.5 /lib
# curl Libraries
COPY --from=build-env /usr/lib/libcurl.so.4 /lib
COPY --from=build-env /lib/libz.so.1 /lib
COPY --from=build-env /usr/lib/libnghttp2.so.14 /lib
COPY --from=build-env /lib/libssl.so.1.1 /lib
COPY --from=build-env /lib/libcrypto.so.1.1 /lib
COPY --from=build-env /usr/lib/libbrotlidec.so.1 /lib
COPY --from=build-env /usr/lib/libbrotlicommon.so.1 /lib
# htop/atop libs
COPY --from=build-env /usr/lib/libncursesw.so.6 /lib
# Install trusted CA certificates
COPY --from=build-env /etc/ssl/cert.pem /etc/ssl/cert.pem
# Install cli tools from busybox
COPY --from=busybox /bin/ln /bin/ln
COPY --from=busybox /bin/dd /bin/dd
COPY --from=busybox /bin/vi /bin/vi
COPY --from=busybox /bin/chown /bin/chown
COPY --from=busybox /bin/id /bin/id
COPY --from=busybox /bin/cp /bin/cp
COPY --from=busybox /bin/ls /bin/ls
COPY --from=busybox /bin/busybox /bin/sh
COPY --from=busybox /bin/cat /bin/cat
COPY --from=busybox /bin/less /bin/less
COPY --from=busybox /bin/grep /bin/grep
COPY --from=busybox /bin/sleep /bin/sleep
COPY --from=busybox /bin/env /bin/env
COPY --from=busybox /bin/tar /bin/tar
COPY --from=busybox /bin/tee /bin/tee
COPY --from=busybox /bin/du /bin/du
COPY --from=busybox /bin/df /bin/df
COPY --from=busybox /bin/nc /bin/nc
COPY --from=busybox /bin/netstat /bin/netstat
# Copy user from busybox to scratch
COPY --from=busybox /etc/passwd /etc/passwd
COPY --from=busybox --chown=1137:1137 /home/xchains-indexer /home/xchains-indexer
# Set home directory and user
WORKDIR /home/xchains-indexer
RUN chown -R xchains-indexer /home/xchains-indexer
USER xchains-indexer