diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..e660fd93 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +bin/ diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 22d16e74..7da7e640 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -87,7 +87,6 @@ jobs: draft: true files: | bin/*.tar.gz - bin/*.zip bin/*.sha256 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Dockerfile b/Dockerfile index 8aed01d6..aab0a961 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,49 +1,58 @@ -# syntax=docker/dockerfile:1.3 +# syntax=docker/dockerfile:1 ARG GO_VERSION=1.17 -ARG GORELEASER_XX_VERSION=1.2.5 +ARG XX_VERSION=1.1.0 -FROM --platform=$BUILDPLATFORM crazymax/goreleaser-xx:${GORELEASER_XX_VERSION} AS goreleaser-xx +FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS base -COPY --from=goreleaser-xx / / -RUN apk add --no-cache file git -WORKDIR /go/src/github.com/docker/distribution - -FROM base AS build +COPY --from=xx / / +RUN apk add --no-cache bash coreutils file git ENV GO111MODULE=auto ENV CGO_ENABLED=0 -# GIT_REF is used by goreleaser-xx to handle the proper git ref when available. -# It will fallback to the working tree info if empty and use "git tag --points-at" -# or "git describe" to define the version info. -ARG GIT_REF -ARG TARGETPLATFORM +WORKDIR /go/src/github.com/docker/distribution + +FROM base AS version ARG PKG="github.com/docker/distribution" +RUN --mount=target=. \ + VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always --tags) REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi); \ + echo "-X ${PKG}/version.Version=${VERSION#v} -X ${PKG}/version.Revision=${REVISION} -X ${PKG}/version.Package=${PKG}" | tee /tmp/.ldflags; \ + echo -n "${VERSION}" | tee /tmp/.version; + +FROM base AS build +ARG TARGETPLATFORM +ARG LDFLAGS="-s -w" ARG BUILDTAGS="include_oss include_gcs" RUN --mount=type=bind,target=/go/src/github.com/docker/distribution,rw \ --mount=type=cache,target=/root/.cache/go-build \ --mount=target=/go/pkg/mod,type=cache \ - goreleaser-xx --debug \ - --name="registry" \ - --dist="/out" \ - --main="./cmd/registry" \ - --flags="-v" \ - --ldflags="-s -w -X '$PKG/version.Version={{.Version}}' -X '$PKG/version.Revision={{.Commit}}' -X '$PKG/version.Package=$PKG'" \ - --tags="$BUILDTAGS" \ - --files="LICENSE" \ - --files="README.md" - -FROM scratch AS artifact -COPY --from=build /out/*.tar.gz / -COPY --from=build /out/*.zip / -COPY --from=build /out/*.sha256 / + --mount=type=bind,source=/tmp/.ldflags,target=/tmp/.ldflags,from=version \ + set -x ; xx-go build -trimpath -ldflags "$(cat /tmp/.ldflags) ${LDFLAGS}" -o /usr/bin/registry ./cmd/registry \ + && xx-verify --static /usr/bin/registry FROM scratch AS binary -COPY --from=build /usr/local/bin/registry* / +COPY --from=build /usr/bin/registry / + +FROM base AS releaser +ARG TARGETOS +ARG TARGETARCH +ARG TARGETVARIANT +WORKDIR /work +RUN --mount=from=binary,target=/build \ + --mount=type=bind,target=/src \ + --mount=type=bind,source=/tmp/.version,target=/tmp/.version,from=version \ + VERSION=$(cat /tmp/.version) \ + && mkdir -p /out \ + && cp /build/registry /src/README.md /src/LICENSE . \ + && tar -czvf "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.tgz" * \ + && sha256sum -z "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.tgz" | awk '{ print $1 }' > "/out/registry_${VERSION#v}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.tgz.sha256" + +FROM scratch AS artifact +COPY --from=releaser /out / FROM alpine:3.16 RUN apk add --no-cache ca-certificates COPY cmd/registry/config-dev.yml /etc/docker/registry/config.yml -COPY --from=build /usr/local/bin/registry /bin/registry +COPY --from=binary /registry /bin/registry VOLUME ["/var/lib/registry"] EXPOSE 5000 ENTRYPOINT ["registry"] diff --git a/docker-bake.hcl b/docker-bake.hcl index 4dd5a100..91686e60 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,15 +1,3 @@ -// GITHUB_REF is the actual ref that triggers the workflow -// https://docs.github.com/en/actions/learn-github-actions/environment-variables#default-environment-variables -variable "GITHUB_REF" { - default = "" -} - -target "_common" { - args = { - GIT_REF = GITHUB_REF - } -} - group "default" { targets = ["image-local"] } @@ -20,13 +8,11 @@ target "docker-metadata-action" { } target "binary" { - inherits = ["_common"] target = "binary" output = ["./bin"] } target "artifact" { - inherits = ["_common"] target = "artifact" output = ["./bin"] } @@ -43,8 +29,13 @@ target "artifact-all" { ] } +// Special target: https://github.com/docker/metadata-action#bake-definition +target "docker-metadata-action" { + tags = ["registry:local"] +} + target "image" { - inherits = ["_common", "docker-metadata-action"] + inherits = ["docker-metadata-action"] } target "image-local" {