From 8b6836ffd9cfeb88efc1a7f71a97fdc568a5e9fe Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sun, 20 Oct 2024 17:28:12 -0400 Subject: [PATCH] Switch to encoding the full build process in the Dockerfile. New features added in buildkit enable us to encode the full build process in the Dockerfile which makes tekton no longer a hard dependency for building the homepage. --- docker/organic/Dockerfile | 7 ---- docker/organic/Makefile | 52 ------------------------------ docker/server/Dockerfile | 68 ++++++++++++++++++++++++++++++++++----- docker/server/Makefile | 2 +- 4 files changed, 61 insertions(+), 68 deletions(-) delete mode 100644 docker/organic/Dockerfile delete mode 100644 docker/organic/Makefile diff --git a/docker/organic/Dockerfile b/docker/organic/Dockerfile deleted file mode 100644 index dfb7a02..0000000 --- a/docker/organic/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM rustlang/rust:nightly-alpine3.20 - -RUN apk add --no-cache musl-dev make bash -RUN rustup target add wasm32-unknown-unknown -RUN cargo install wasm-bindgen-cli - -CMD ["make", "wasm"] diff --git a/docker/organic/Makefile b/docker/organic/Makefile deleted file mode 100644 index 7239a4b..0000000 --- a/docker/organic/Makefile +++ /dev/null @@ -1,52 +0,0 @@ -SHELL := bash -.ONESHELL: -.SHELLFLAGS := -eu -o pipefail -c -.DELETE_ON_ERROR: -MAKEFLAGS += --warn-undefined-variables -MAKEFLAGS += --no-builtin-rules -OS:=$(shell uname -s) - -ifeq ($(origin .RECIPEPREFIX), undefined) - $(error This Make does not support .RECIPEPREFIX. Please use GNU Make 4.0 or later) -endif -.RECIPEPREFIX = > - -IMAGE_NAME:=homepage-build-organic -# REMOTE_REPO:=harbor.fizz.buzz/private -TARGET := - -.PHONY: help -help: -> @grep -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -E 's/^([^:]*): *## */\1: /' - -.PHONY: build -build: ## Build the docker image. -> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../ - -.PHONY: push -push: ## Push the docker image to a remote repository. -ifdef REMOTE_REPO -> docker tag $(IMAGE_NAME) $(REMOTE_REPO)/$(IMAGE_NAME) -> docker push $(REMOTE_REPO)/$(IMAGE_NAME) -else -> @echo "REMOTE_REPO not defined, not pushing to a remote repo." -endif - -.PHONY: clean -clean: -> docker rmi $(IMAGE_NAME) -ifdef REMOTE_REPO -> docker rmi $(REMOTE_REPO)/$(IMAGE_NAME) -else -> @echo "REMOTE_REPO not defined, not removing from remote repo." -endif - -.PHONY: run -run: build -run: ## Launch the docker image -> docker run --rm -i -t $(IMAGE_NAME) - -.PHONY: shell -shell: ## Launch an interactive shell inside the docker image. -shell: build -> docker run --rm -i -t --entrypoint /bin/bash --mount type=tmpfs,destination=/tmp $(IMAGE_NAME) diff --git a/docker/server/Dockerfile b/docker/server/Dockerfile index 713f521..3f888ce 100644 --- a/docker/server/Dockerfile +++ b/docker/server/Dockerfile @@ -1,17 +1,69 @@ -FROM harbor.fizz.buzz/private/natter:latest AS builder +# syntax=docker/dockerfile:1 +ARG ALPINE_VERSION="3.20" -COPY . /source -RUN ls /source/ -RUN natter build --config /source/natter.toml -FROM alpine:3.20 AS server + +FROM scratch AS private +ADD git@code.fizz.buzz:talexander/homepage_private.git /homepage_private + + + +FROM scratch AS explorer +ADD https://code.fizz.buzz/talexander/organic_ast_explorer.git /organic_ast_explorer + + + +FROM scratch AS organic +ADD git@code.fizz.buzz:talexander/organic.git /organic + + + +FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS organic-build +RUN apk add --no-cache musl-dev make bash +RUN rustup target add wasm32-unknown-unknown +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install wasm-bindgen-cli +COPY --link --from=organic /organic /organic +WORKDIR /organic +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked make wasm + + + +FROM node:lts-alpine$ALPINE_VERSION AS explorer-build +COPY --link --from=explorer /organic_ast_explorer /organic_ast_explorer +COPY --link --from=organic-build /organic /organic +WORKDIR /organic_ast_explorer +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/npmcache,sharing=locked npm set cache /npmcache && npm install +RUN npm run release + + + + +FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS natter-build +RUN apk add --no-cache musl-dev +ADD git@code.fizz.buzz:talexander/natter.git /natter +WORKDIR /natter +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked CARGO_TARGET_DIR=/target cargo build --profile release-lto + + + +FROM alpine:$ALPINE_VERSION AS natter +COPY --link --from=natter-build /target/release-lto/natter /usr/bin/ +COPY --link . /source +COPY --link --from=private /homepage_private/static/* /source/static/ +COPY --link --from=explorer-build /organic_ast_explorer/dist/* /source/static/organic/ast_explorer/ +RUN --network=none --mount=type=tmpfs,target=/tmp natter build --config /source/natter.toml + + + + +FROM alpine:$ALPINE_VERSION AS server RUN apk add --no-cache bash nginx RUN addgroup web && adduser -D -G web web && install -d -D -o web -g web -m 700 /srv/http/public RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log -COPY --chown=web:web docker/server/nginx.conf /srv/http -COPY --chown=web:web docker/server/headers.include /srv/http -COPY --from=builder --chown=web:web /source/output/ /srv/http/public/ +COPY --link --chown=web:web docker/server/nginx.conf /srv/http +COPY --link --chown=web:web docker/server/headers.include /srv/http +COPY --link --from=natter --chown=web:web /source/output/ /srv/http/public/ ENTRYPOINT ["/usr/sbin/nginx", "-c", "/srv/http/nginx.conf", "-e", "stderr", "-g", "daemon off;"] diff --git a/docker/server/Makefile b/docker/server/Makefile index 539f791..fb40072 100644 --- a/docker/server/Makefile +++ b/docker/server/Makefile @@ -21,7 +21,7 @@ help: .PHONY: build build: ## Build the docker image. -> docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../ +> docker build --ssh default --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../../ .PHONY: push push: ## Push the docker image to a remote repository.