-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
135 lines (119 loc) · 5 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#syntax=docker/dockerfile:1.12.1
FROM ghcr.io/uniget-org/tools/goreleaser:2.5.1@sha256:447e7a414dd121ddeaf633723ef50782789e12a5f1485946ae26049603c70c81 AS uniget-goreleaser
FROM ghcr.io/uniget-org/tools/cosign:2.4.1@sha256:e03414a126cadad52a0af26325b879945533beb3c48c40c5dfe952c09da00827 AS uniget-cosign
FROM ghcr.io/uniget-org/tools/syft:1.18.1@sha256:d79131ceae4ba49aacccaf2108200db5ef41425068e6655dce178e02d4b026bc AS uniget-syft
FROM ghcr.io/uniget-org/tools/gh:2.64.0@sha256:488d0c020d42f4cb3626959ceeb73b617f1d20f2c229a920d4dbfeec9cc4fc5a AS uniget-gh
FROM ghcr.io/uniget-org/tools/gosec:2.21.4@sha256:40d6182efd001843aba8a74fc778dfad2cb0fb4d1c89ec25e3424a8ed2f63f66 AS uniget-gosec
FROM ghcr.io/uniget-org/tools/golangci-lint:1.63.4@sha256:0fbf6af165633030827e37136259b55f79c98dd2f439169229482d2cedfa8d44 AS lint-base
FROM golang:1.23.4@sha256:7ea4c9dcb2b97ff8ee80a67db3d44f98c8ffa0d191399197007d8459c1453041 AS latest-golang
FROM alpine:3.21.0@sha256:21dc6063fd678b478f57c0e13f47560d0ea4eeba26dfc947b2a4f81f686b9f45 AS latest-alpine
FROM ubuntu:24.04@sha256:80dd3c3b9c6cecb9f1667e9290b3bc61b78c2678c02cbdae5f0fea92cc6734ab AS latest-ubuntu
FROM --platform=${BUILDPLATFORM} latest-golang AS base
SHELL [ "/bin/sh", "-o", "errexit", "-c" ]
WORKDIR /src
COPY go.* .
RUN --mount=type=cache,target=/go/pkg/mod \
go mod download
FROM base AS build
ARG TARGETOS
ARG TARGETARCH
ARG GOOS=${TARGETOS}
ARG GOARCH=${TARGETARCH}
WORKDIR /go/src/github.com/uniget-org/cli
RUN --mount=target=.,readwrite \
--mount=from=uniget-goreleaser,src=/bin/goreleaser,target=/usr/local/bin/goreleaser \
--mount=from=uniget-cosign,src=/bin/cosign,target=/usr/local/bin/cosign \
--mount=from=uniget-syft,src=/bin/syft,target=/usr/local/bin/syft \
--mount=from=uniget-gh,src=/bin/gh,target=/usr/local/bin/gh \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
goreleaser healthcheck
goreleaser build \
--single-target \
--snapshot
mkdir -p /out
find dist -type f -executable -exec cp {} /out/uniget \;
EOF
FROM base AS publish
ARG GITHUB_TOKEN
ARG ACTIONS_ID_TOKEN_REQUEST_URL
ARG ACTIONS_ID_TOKEN_REQUEST_TOKEN
ARG GITHUB_REF_NAME
WORKDIR /go/src/github.com/uniget-org/cli
RUN --mount=target=.,readwrite \
--mount=from=uniget-goreleaser,src=/bin/goreleaser,target=/usr/local/bin/goreleaser \
--mount=from=uniget-cosign,src=/bin/cosign,target=/usr/local/bin/cosign \
--mount=from=uniget-syft,src=/bin/syft,target=/usr/local/bin/syft \
--mount=from=uniget-gh,src=/bin/gh,target=/usr/local/bin/gh \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
goreleaser healthcheck
goreleaser release
bash scripts/release-notes.sh >release-notes.md
echo "Updating release ${GITHUB_REF_NAME} with release notes"
gh release edit "${GITHUB_REF_NAME}" --notes-file release-notes.md
EOF
FROM base AS unit-test
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
mkdir -p /out
go test \
-v \
-coverprofile=/out/cover.out \
./...
EOF
FROM base AS cli-test
COPY --from=build /out/uniget /usr/local/bin/
RUN --mount=target=. \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build <<EOF
bash scripts/test.sh
EOF
FROM base AS lint
RUN --mount=target=. \
--mount=from=lint-base,src=/bin/golangci-lint,target=/usr/local/bin/golangci-lint \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/root/.cache/golangci-lint <<EOF
golangci-lint run
EOF
FROM scratch AS unit-test-coverage
COPY --from=unit-test /out/cover.out /cover.out
FROM scratch AS bin-unix
COPY --from=build /out/uniget /
FROM bin-unix AS bin-linux
FROM bin-unix AS bin-darwin
FROM scratch AS bin-windows
COPY --from=build /out/uniget /uniget.exe
FROM bin-${TARGETOS} AS bin
FROM latest-alpine AS ca-certificates
RUN <<EOF
apk update
apk add ca-certificates
EOF
FROM ca-certificates AS uniget
COPY --from=bin /uniget /usr/local/bin/uniget
ENTRYPOINT [ "/usr/local/bin/uniget"]
FROM scratch AS scratch-uniget
COPY --from=ca-certificates /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=bin /uniget /uniget
ENTRYPOINT [ "/uniget"]
FROM ghcr.io/uniget-org/images/systemd:ubuntu24.04@sha256:bd5f50c78925fad8024fe3b06f77ca0d336770c7cdbfcc7546a2f6d33b3be687 AS systemd-uniget
ARG version
ARG TARGETARCH
RUN <<EOF
case "${TARGETARCH}" in
amd64) ARCH="x86_64" ;;
arm64) ARCH="aarch64" ;;
*) ARCH="${TARGETARCH}" ;;
esac
curl --silent --show-error --location --fail \
"https://github.com/uniget-org/cli/releases/download/v${version}/uniget_Linux_${ARCH}.tar.gz" \
| tar --extract --gzip --directory=/usr/local/bin uniget
EOF
LABEL \
org.opencontainers.image.source="https://github.com/uniget-org/cli" \
org.opencontainers.image.title="uniget CLI" \
org.opencontainers.image.description="The universal installer and updater for (container) tools" \
org.opencontainers.image.version="${version}"