-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
135 lines (119 loc) · 5 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#syntax=docker/dockerfile:1.12.1
FROM ghcr.io/uniget-org/tools/goreleaser:2.5.1@sha256:447e7a414dd121ddeaf633723ef50782789e12a5f1485946ae26049603c70c81 AS uniget-goreleaser
FROM ghcr.io/uniget-org/tools/cosign:2.4.1@sha256:e03414a126cadad52a0af26325b879945533beb3c48c40c5dfe952c09da00827 AS uniget-cosign
FROM ghcr.io/uniget-org/tools/syft:1.18.1@sha256:d79131ceae4ba49aacccaf2108200db5ef41425068e6655dce178e02d4b026bc AS uniget-syft
FROM ghcr.io/uniget-org/tools/gh:2.65.0@sha256:8cd99590d88e7d8783beb3376f195b1100b1b3ea0eb90cfa6a81219b1c921521 AS uniget-gh
FROM ghcr.io/uniget-org/tools/gosec:2.22.0@sha256:f59cb6fa8729f4018811e5476718509397b16fff4e006afe0b7ebe19d9838c18 AS uniget-gosec
FROM ghcr.io/uniget-org/tools/golangci-lint:1.63.4@sha256:0fbf6af165633030827e37136259b55f79c98dd2f439169229482d2cedfa8d44 AS lint-base
FROM golang:1.23.4@sha256:7ea4c9dcb2b97ff8ee80a67db3d44f98c8ffa0d191399197007d8459c1453041 AS latest-golang
FROM alpine:3.21.2@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099 AS latest-alpine
FROM ubuntu:24.04@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6734ab AS latest-ubuntu
FROM --platform=${BUILDPLATFORM} latest-golang AS base
SHELL [ "/bin/sh", "-o", "errexit", "-c" ]
WORKDIR /src
COPY go.* .
RUN --mount=type=cache,target=/go/pkg/mod \
go mod download
FROM base AS build
ARG TARGETOS
ARG TARGETARCH
ARG GOOS=${TARGETOS}
ARG GOARCH=${TARGETARCH}
WORKDIR /go/src/github.com/uniget-org/cli
RUN --mount=target=.,readwrite \
--mount=from=uniget-goreleaser,src=/bin/goreleaser,target=/usr/local/bin/goreleaser \
--mount=from=uniget-cosign,src=/bin/cosign,target=/usr/local/bin/cosign \
--mount=from=uniget-syft,src=/bin/syft,target=/usr/local/bin/syft \
--mount=from=uniget-gh,src=/bin/gh,target=/usr/local/bin/gh \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
goreleaser healthcheck
goreleaser build \
--single-target \
--snapshot
mkdir -p /out
find dist -type f -executable -exec cp {} /out/uniget \;
EOF
FROM base AS publish
ARG GITHUB_TOKEN
ARG ACTIONS_ID_TOKEN_REQUEST_URL
ARG ACTIONS_ID_TOKEN_REQUEST_TOKEN
ARG GITHUB_REF_NAME
WORKDIR /go/src/github.com/uniget-org/cli
RUN --mount=target=.,readwrite \
--mount=from=uniget-goreleaser,src=/bin/goreleaser,target=/usr/local/bin/goreleaser \
--mount=from=uniget-cosign,src=/bin/cosign,target=/usr/local/bin/cosign \
--mount=from=uniget-syft,src=/bin/syft,target=/usr/local/bin/syft \
--mount=from=uniget-gh,src=/bin/gh,target=/usr/local/bin/gh \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
goreleaser healthcheck
goreleaser release
bash scripts/release-notes.sh >release-notes.md
echo "Updating release ${GITHUB_REF_NAME} with release notes"
gh release edit "${GITHUB_REF_NAME}" --notes-file release-notes.md
EOF
FROM base AS unit-test
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
mkdir -p /out
go test \
-v \
-coverprofile=/out/cover.out \
./...
EOF
FROM base AS cli-test
COPY --from=build /out/uniget /usr/local/bin/
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
bash scripts/test.sh
EOF
FROM base AS lint
RUN --mount=target=. \
--mount=from=lint-base,src=/bin/golangci-lint,target=/usr/local/bin/golangci-lint \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/root/.cache/golangci-lint <<EOF
golangci-lint run
EOF
FROM scratch AS unit-test-coverage
COPY --from=unit-test /out/cover.out /cover.out
FROM scratch AS bin-unix
COPY --from=build /out/uniget /
FROM bin-unix AS bin-linux
FROM bin-unix AS bin-darwin
FROM scratch AS bin-windows
COPY --from=build /out/uniget /uniget.exe
FROM bin-${TARGETOS} AS bin
FROM latest-alpine AS ca-certificates
RUN <<EOF
apk update
apk add ca-certificates
EOF
FROM ca-certificates AS uniget
COPY --from=bin /uniget /usr/local/bin/uniget
ENTRYPOINT [ "/usr/local/bin/uniget"]
FROM scratch AS scratch-uniget
COPY --from=ca-certificates /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=bin /uniget /uniget
ENTRYPOINT [ "/uniget"]
FROM ghcr.io/uniget-org/images/systemd:ubuntu24.04@sha256:08de6e0d69bfb2edb7a097f2749461d2d73718fc72d33258fcba531173d7e07b AS systemd-uniget
ARG version
ARG TARGETARCH
RUN <<EOF
case "${TARGETARCH}" in
amd64) ARCH="x86_64" ;;
arm64) ARCH="aarch64" ;;
*) ARCH="${TARGETARCH}" ;;
esac
curl --silent --show-error --location --fail \
"https://github.com/uniget-org/cli/releases/download/v${version}/uniget_Linux_${ARCH}.tar.gz" \
| tar --extract --gzip --directory=/usr/local/bin uniget
EOF
LABEL \
org.opencontainers.image.source="https://github.com/uniget-org/cli" \
org.opencontainers.image.title="uniget CLI" \
org.opencontainers.image.description="The universal installer and updater for (container) tools" \
org.opencontainers.image.version="${version}"