Dockerfile (1827B)
1 # This Source Code Form is subject to the terms of the Mozilla Public 2 # License, v. 2.0. If a copy of the MPL was not distributed with this 3 # file, You can obtain one at http://mozilla.org/MPL/2.0/. 4 5 FROM golang:1.24 as skopeo 6 ARG ARCH=amd64 7 8 WORKDIR /go/src/ 9 COPY build-skopeo.sh /build-skopeo.sh 10 RUN /build-skopeo.sh $ARCH 11 12 FROM golang:1.24 as kaniko 13 ARG ARCH=amd64 14 15 WORKDIR /go/src/ 16 COPY build-kaniko.sh /build-kaniko.sh 17 RUN /build-kaniko.sh $ARCH 18 19 # Build the `build-image` command as a static binary using musl 20 # The setup is loosely based on a stripped down version of 21 # https://github.com/emk/rust-musl-builder/blob/master/Dockerfile 22 FROM debian:12 as build-image 23 ARG ARCH=amd64 24 25 COPY apt.conf /etc/apt/apt.conf.d/99taskcluster 26 COPY setup-build-image.sh /setup-build-image.sh 27 COPY build-build-image.sh /build-build-image.sh 28 29 RUN /setup-build-image.sh $ARCH 30 31 # Run all further code as user `rust`, and create our working directories 32 # as the appropriate user. 33 USER rust 34 35 # Expect our source code to live in /home/rust/src. We'll run the build as 36 # user `rust`, which will be uid 1000, gid 1000 outside the container. 37 WORKDIR /home/rust/src 38 # Add our source code. 39 ADD --chown=rust:rust build-image/ ./ 40 41 RUN /build-build-image.sh $ARCH 42 43 FROM scratch as empty 44 45 FROM scratch 46 47 COPY --from=skopeo /go/src/out/skopeo /kaniko-bootstrap/skopeo 48 COPY --from=kaniko /go/src/out/executor /kaniko-bootstrap/executor 49 COPY --from=build-image \ 50 /home/rust/src/bin/build-image \ 51 /kaniko-bootstrap/build-image 52 53 ADD https://mkcert.org/generate/ /kaniko-bootstrap/ssl/certs/ca-certificats.crt 54 ENV SSL_CERT_DIR=/kaniko/ssl/certs 55 56 ADD policy.json /kaniko-bootstrap/containers/policy.json 57 58 ENV HOME /root 59 ENV USER /root 60 WORKDIR /workspace 61 62 ENV PATH /usr/local/bin:/kaniko 63 64 VOLUME /workspace 65 ENTRYPOINT ["/kaniko-bootstrap/build-image"]