Skip to content

Instantly share code, notes, and snippets.

@rizo
Last active Aug 27, 2018
Embed
What would you like to do?
FROM ocaml/opam2:alpine-3.7-ocaml-4.06
RUN sudo apk --no-cache add ca-certificates
RUN sudo apk add --update m4 openssh-client
# Setup SSH.
RUN mkdir -p ~/.ssh
ARG SSH_PRIVATE_KEY
RUN echo "${SSH_PRIVATE_KEY}" > ~/.ssh/id_rsa
RUN chmod 600 ~/.ssh/id_rsa
RUN printf "Host github.com\n\tStrictHostKeyChecking no\n" > ~/.ssh/config
# Setup git for private repos.
RUN git config --global url."git@github.com:".insteadOf "https://github.com/"
# Setup private repositories.
# RUN opam repo add remote --all-switches https://opam.ocaml.org/2.0
# RUN opam repo add private-repo --all-switches <repo-url>
# Install project dependencies.
COPY --chown=opam:nogroup Makefile *.opam /mnt/local/
WORKDIR /mnt/local
RUN opam config exec make install-deps
# Build the project.
COPY --chown=opam:nogroup . /mnt/local
RUN opam config exec make PROFILE=release build
# Install for export.
RUN mkdir -p /mnt/local/_export
RUN opam config exec make DESTDIR=/mnt/local/_export install
# Runner image.
FROM alpine:3.7
RUN apk --no-cache add ca-certificates
COPY --from=0 /mnt/local/_export /mnt/local
ENV PATH /mnt/local/bin:$PATH
WORKDIR /mnt/local
default: build
.PHONY: default
install-deps:
opam install -y --deps-only .
.PHONY: install-deps
build:
if test -n "${PROFILE}"; \
then dune build --profile="${PROFILE}" @install; \
else dune build @install; fi
.PHONY: build
test:
dune runtest
.PHONY: test
install:
# Will not be needed after <https://github.com/ocaml/dune/issues/946>.
if test -n "${DESTDIR}"; \
then dune install --prefix="${DESTDIR}"; \
else dune install; fi
.PHONY: install
uninstall:
if test -n "${DESTDIR}"; \
then dune uninstall --prefix="${DESTDIR}"; \
else dune uninstall; fi
.PHONY: uninstall
clean:
rm -rf _build
.PHONY: clean
docker-build:
docker build \
--build-arg SSH_PRIVATE_KEY="`vault read -field ssh-private-key PATH`" \
-t SOMETHING \
.
.PHONY: docker-build
docker-push: docker-build
docker push SOMETHING
.PHONY: docker-push
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment