-
Notifications
You must be signed in to change notification settings - Fork 2
/
Dockerfile
117 lines (96 loc) · 3.43 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
# ===================================
#
# Non-release images.
#
# ===================================
# devbuild compiles the binary
# -----------------------------------
FROM golang:latest AS devbuild
ARG BIN_NAME
ENV BIN_NAME=${BIN_NAME}
# Escape the GOPATH
WORKDIR /build
COPY . ./
RUN make dev
# ===================================
#
# Release images.
#
# ===================================
# default release image
# -----------------------------------
FROM alpine:latest AS release-default
ARG BIN_NAME
# Export BIN_NAME for the CMD below, it can't see ARGs directly.
ENV BIN_NAME=${BIN_NAME}
ARG PRODUCT_VERSION
ARG PRODUCT_REVISION
ARG PRODUCT_NAME=${BIN_NAME}
# TARGETARCH and TARGETOS are set automatically when --platform is provided.
ARG TARGETOS TARGETARCH
ENV PRODUCT_NAME=$BIN_NAME
LABEL name="Consul Telemetry Collector" \
maintainer="Consul Cloud Team <team-consul-cloud@hashicorp.com>" \
vendor="HashiCorp" \
version=${PRODUCT_VERSION} \
release=${PRODUCT_REVISION} \
revision=${PRODUCT_REVISION} \
description="Consul Telemetry Collector is a service mesh observability tool that collects and forwards service mesh information via open-telemetry" \
org.opencontainers.image.licenses="MPL-2.0"
# Create a non-root user to run the software.
RUN addgroup $PRODUCT_NAME && \
adduser -S -G $PRODUCT_NAME 100
COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
COPY LICENSE /usr/share/doc/$PRODUCT_NAME/LICENSE.txt
USER 100
COPY .github/docker/entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT [ "entrypoint.sh" ]
# dev runs the binary from devbuild
# -----------------------------------
FROM alpine:latest AS dev
ARG BIN_NAME
# Export BIN_NAME for the CMD below, it can't see ARGs directly.
ENV BIN_NAME=${BIN_NAME}
COPY --from=devbuild /build/${BIN_NAME} /bin/
COPY .github/docker/entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT [ "entrypoint.sh" ]
# Red Hat UBI-based image
# This image is based on the Red Hat UBI base image, and has the necessary
# labels, license file, and non-root user.
# -----------------------------------
FROM registry.access.redhat.com/ubi8/ubi:latest as release-ubi
ARG BIN_NAME
# Export BIN_NAME for the CMD below, it can't see ARGs directly.
ENV BIN_NAME=$BIN_NAME
ARG PRODUCT_VERSION
ARG PRODUCT_REVISION
ARG PRODUCT_NAME=$BIN_NAME
# TARGETARCH and TARGETOS are set automatically when --platform is provided.
ARG TARGETOS TARGETARCH
ENV PRODUCT_NAME=$BIN_NAME
LABEL name="Consul Telemetry Collector" \
maintainer="Consul Cloud Team <team-consul-cloud@hashicorp.com>" \
vendor="HashiCorp" \
version=${PRODUCT_VERSION} \
release=${PRODUCT_REVISION} \
revision=${PRODUCT_REVISION} \
description="Consul Telemetry Collector is a service mesh observability tools that collectors and forwards service mesh information via open-telemetry" \
org.opencontainers.image.licenses="MPL-2.0"
# Create a non-root user to run the software.
RUN groupadd --gid 1000 $PRODUCT_NAME && \
adduser --uid 100 --system -g $PRODUCT_NAME $PRODUCT_NAME && \
usermod -a -G root $PRODUCT_NAME
COPY dist/$TARGETOS/$TARGETARCH/$BIN_NAME /bin/
# copy license for redhat certification
COPY LICENSE /licenses/copyright.txt
COPY LICENSE /usr/share/doc/$PRODUCT_NAME/LICENSE.txt
USER 101
CMD /bin/$BIN_NAME
# ===================================
#
# Set default target to 'dev'.
#
# ===================================
FROM dev