forked from argoproj/argo-workflows
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
161 lines (115 loc) · 5.66 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#syntax=docker/dockerfile:1.2
ARG DOCKER_CHANNEL=stable
ARG DOCKER_VERSION=18.09.1
# NOTE: kubectl version should be one minor version less than https://storage.googleapis.com/kubernetes-release/release/stable.txt
ARG KUBECTL_VERSION=1.19.6
ARG JQ_VERSION=1.6
FROM docker.io/library/golang:1.15.7 as builder
RUN apt-get update && apt-get --no-install-recommends install -y \
git \
make \
apt-utils \
apt-transport-https \
ca-certificates \
wget \
gcc \
zip && \
apt-get clean \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/* \
/usr/share/man \
/usr/share/doc \
/usr/share/doc-base
WORKDIR /tmp
# https://blog.container-solutions.com/faster-builds-in-docker-with-go-1-11
WORKDIR /go/src/github.com/argoproj/argo-workflows
COPY go.mod .
COPY go.sum .
RUN go mod download
COPY . .
####################################################################################################
FROM docker.io/library/debian:10.7-slim as argoexec-base
ARG DOCKER_CHANNEL
ARG DOCKER_VERSION
ARG KUBECTL_VERSION
ARG JQ_VERSION
RUN apt-get update && \
apt-get --no-install-recommends install -y curl procps git apt-utils apt-transport-https ca-certificates tar mime-support libcap2-bin && \
apt-get clean \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/* \
/usr/share/man \
/usr/share/doc \
/usr/share/doc-base
COPY hack/recurl.sh hack/arch.sh hack/os.sh /
RUN if [ $(./arch.sh) = ppc64le ] || [ $(./arch.sh) = s390x ]; then \
./recurl.sh docker.tgz https://download.docker.com/$(./os.sh)/static/${DOCKER_CHANNEL}/$(uname -m)/docker-18.06.3-ce.tgz; \
else \
./recurl.sh docker.tgz https://download.docker.com/$(./os.sh)/static/${DOCKER_CHANNEL}/$(uname -m)/docker-${DOCKER_VERSION}.tgz; \
fi && \
tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ && \
rm docker.tgz
RUN ./recurl.sh /usr/local/bin/kubectl https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/$(./os.sh)/$(./arch.sh)/kubectl
RUN ./recurl.sh /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64
RUN rm recurl.sh arch.sh os.sh
COPY hack/ssh_known_hosts /etc/ssh/
COPY hack/nsswitch.conf /etc/
####################################################################################################
FROM docker.io/library/node:14.0.0 as argo-ui
COPY ui/package.json ui/yarn.lock ui/
RUN JOBS=max yarn --cwd ui install --network-timeout 1000000
COPY ui ui
COPY api api
RUN JOBS=max yarn --cwd ui build
####################################################################################################
FROM builder as argoexec-build
# Tell git to forget about all of the files that were not included because of .dockerignore in order to ensure that
# the git state is "clean" even though said .dockerignore files are not present
RUN cat .dockerignore >> .gitignore
RUN git status --porcelain | cut -c4- | xargs git update-index --skip-worktree
RUN --mount=type=cache,target=/root/.cache/go-build make dist/argoexec
####################################################################################################
FROM builder as workflow-controller-build
# Tell git to forget about all of the files that were not included because of .dockerignore in order to ensure that
# the git state is "clean" even though said .dockerignore files are not present
RUN cat .dockerignore >> .gitignore
RUN git status --porcelain | cut -c4- | xargs git update-index --skip-worktree
RUN --mount=type=cache,target=/root/.cache/go-build make dist/workflow-controller
####################################################################################################
FROM builder as argocli-build
RUN mkdir -p ui/dist
COPY --from=argo-ui ui/dist/app ui/dist/app
# stop make from trying to re-build this without yarn installed
RUN touch ui/dist/node_modules.marker
RUN touch ui/dist/app/index.html
# Tell git to forget about all of the files that were not included because of .dockerignore in order to ensure that
# the git state is "clean" even though said .dockerignore files are not present
RUN cat .dockerignore >> .gitignore
RUN git status --porcelain | cut -c4- | xargs git update-index --skip-worktree
RUN --mount=type=cache,target=/root/.cache/go-build make dist/argo
####################################################################################################
FROM argoexec-base as argoexec
COPY --from=argoexec-build /go/src/github.com/argoproj/argo-workflows/dist/argoexec /usr/local/bin/
RUN setcap CAP_SYS_PTRACE,CAP_SYS_CHROOT+ei /usr/local/bin/argoexec
ENTRYPOINT [ "argoexec" ]
####################################################################################################
FROM scratch as workflow-controller
USER 8737
COPY --chown=8737 --from=workflow-controller-build /usr/share/zoneinfo /usr/share/zoneinfo
COPY --chown=8737 --from=workflow-controller-build /go/src/github.com/argoproj/argo-workflows/dist/workflow-controller /bin/
ENTRYPOINT [ "workflow-controller" ]
####################################################################################################
FROM scratch as argocli
USER 8737
WORKDIR /home/argo
COPY hack/ssh_known_hosts /etc/ssh/
COPY hack/nsswitch.conf /etc/
COPY --from=argocli-build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=argocli-build --chown=8737 /go/src/github.com/argoproj/argo-workflows/argo-server.crt /home/argo/
COPY --from=argocli-build --chown=8737 /go/src/github.com/argoproj/argo-workflows/argo-server.key /home/argo/
COPY --from=argocli-build /go/src/github.com/argoproj/argo-workflows/dist/argo /bin/
ENTRYPOINT [ "argo" ]