Switch to encoding the full build process in the Dockerfile.
New features added in buildkit enable us to encode the full build process in the Dockerfile which makes tekton no longer a hard dependency for building the homepage.
This commit is contained in:
Tom Alexander
@@ -1,17 +1,69 @@
|
||||
FROM harbor.fizz.buzz/private/natter:latest AS builder
|
||||
# syntax=docker/dockerfile:1
|
||||
ARG ALPINE_VERSION="3.20"
|
||||
|
||||
COPY . /source
|
||||
RUN ls /source/
|
||||
RUN natter build --config /source/natter.toml
|
||||
|
||||
FROM alpine:3.20 AS server
|
||||
|
||||
FROM scratch AS private
|
||||
ADD git@code.fizz.buzz:talexander/homepage_private.git /homepage_private
|
||||
|
||||
|
||||
|
||||
FROM scratch AS explorer
|
||||
ADD https://code.fizz.buzz/talexander/organic_ast_explorer.git /organic_ast_explorer
|
||||
|
||||
|
||||
|
||||
FROM scratch AS organic
|
||||
ADD git@code.fizz.buzz:talexander/organic.git /organic
|
||||
|
||||
|
||||
|
||||
FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS organic-build
|
||||
RUN apk add --no-cache musl-dev make bash
|
||||
RUN rustup target add wasm32-unknown-unknown
|
||||
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install wasm-bindgen-cli
|
||||
COPY --link --from=organic /organic /organic
|
||||
WORKDIR /organic
|
||||
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked make wasm
|
||||
|
||||
|
||||
|
||||
FROM node:lts-alpine$ALPINE_VERSION AS explorer-build
|
||||
COPY --link --from=explorer /organic_ast_explorer /organic_ast_explorer
|
||||
COPY --link --from=organic-build /organic /organic
|
||||
WORKDIR /organic_ast_explorer
|
||||
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/npmcache,sharing=locked npm set cache /npmcache && npm install
|
||||
RUN npm run release
|
||||
|
||||
|
||||
|
||||
|
||||
FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS natter-build
|
||||
RUN apk add --no-cache musl-dev
|
||||
ADD git@code.fizz.buzz:talexander/natter.git /natter
|
||||
WORKDIR /natter
|
||||
RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked CARGO_TARGET_DIR=/target cargo build --profile release-lto
|
||||
|
||||
|
||||
|
||||
FROM alpine:$ALPINE_VERSION AS natter
|
||||
COPY --link --from=natter-build /target/release-lto/natter /usr/bin/
|
||||
COPY --link . /source
|
||||
COPY --link --from=private /homepage_private/static/* /source/static/
|
||||
COPY --link --from=explorer-build /organic_ast_explorer/dist/* /source/static/organic/ast_explorer/
|
||||
RUN --network=none --mount=type=tmpfs,target=/tmp natter build --config /source/natter.toml
|
||||
|
||||
|
||||
|
||||
|
||||
FROM alpine:$ALPINE_VERSION AS server
|
||||
|
||||
RUN apk add --no-cache bash nginx
|
||||
RUN addgroup web && adduser -D -G web web && install -d -D -o web -g web -m 700 /srv/http/public
|
||||
RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log
|
||||
|
||||
COPY --chown=web:web docker/server/nginx.conf /srv/http
|
||||
COPY --chown=web:web docker/server/headers.include /srv/http
|
||||
COPY --from=builder --chown=web:web /source/output/ /srv/http/public/
|
||||
COPY --link --chown=web:web docker/server/nginx.conf /srv/http
|
||||
COPY --link --chown=web:web docker/server/headers.include /srv/http
|
||||
COPY --link --from=natter --chown=web:web /source/output/ /srv/http/public/
|
||||
|
||||
ENTRYPOINT ["/usr/sbin/nginx", "-c", "/srv/http/nginx.conf", "-e", "stderr", "-g", "daemon off;"]
|
||||
|
||||
Reference in New Issue
Block a user