Created
June 6, 2017 19:57
-
-
Save tonistiigi/38ead7a4ed60565996d207a7d589d9c4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# deb mirror | |
ARG APT_MIRROR=deb.debian.org | |
ARG DOCKER_GITCOMMIT=unsupported | |
# When updating RUNC_COMMIT, also update runc in vendor.conf accordingly | |
ARG RUNC_COMMIT=9c2d8d184e5da67c95d601382adf14862e4f2228 | |
ARG CONTAINERD_COMMIT=9048e5e50717ea4497b757314bad98ea3763c145 | |
ARG TINI_COMMIT=949e6facb77383876aeff8a6944dde66b3089574 | |
ARG LIBNETWORK_COMMIT=7b2b1feb1de4817d522cc372af149ff48d25028e | |
ARG VNDR_COMMIT=c56e082291115e369f77601f9c071dd0b87c7120 | |
ARG BINDATA_COMMIT=a0ff2567cfb70903282db057e799fd826784d41d | |
# CLI | |
ARG DOCKERCLI_REPO=git://github.com/docker/cli | |
ARG DOCKERCLI_COMMIT=c3648a9c9400d45524cc71b8fca4085b192c626f | |
FROM debian:jessie AS base | |
# Allow overridding apt mirror | |
ARG APT_MIRROR | |
RUN sed -ri "s/(httpredir|deb).debian.org/$APT_MIRROR/g" /etc/apt/sources.list | |
RUN apt-get update && apt-get install -y \ | |
build-essential \ | |
clang \ | |
curl \ | |
git | |
# Get lvm2 source for compiling statically | |
FROM base AS lvm2 | |
ARG LVM2_VERSION=2.02.103 | |
WORKDIR /usr/local/src/lvm2 | |
RUN curl -fsSL "https://mirrors.kernel.org/sourceware/lvm2/LVM2.${LVM2_VERSION}.tgz" \ | |
| tar -xz --strip-components=1 | |
# See https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags | |
# Compile and install lvm2 | |
RUN ./configure \ | |
--prefix=/lvm2 \ | |
--build="$(gcc -print-multiarch)" \ | |
--enable-static_link \ | |
&& make device-mapper \ | |
&& make install_device-mapper | |
# See https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL | |
# EXPORT COPY --from=% /lvm2 /usr/local | |
# # Configure the container for OSX cross compilation | |
# # TODO: is this even needed now if cli is in docker/cli | |
# FROM base AS osxcross | |
# ARG OSX_SDK=MacOSX10.11.sdk | |
# ARG OSX_CROSS_COMMIT=a9317c18a3a457ca0a657f08cc4d0d43c6cf8953 | |
# | |
# | |
# | |
# RUN set -x \ | |
# && export OSXCROSS_PATH="/osxcross" \ | |
# && git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \ | |
# && ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \ | |
# && curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \ | |
# && UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh | |
# ENV PATH /osxcross/target/bin:$PATH | |
# Install seccomp: the version shipped upstream is too old | |
FROM base AS seccomp | |
ARG SECCOMP_VERSION=2.3.2 | |
WORKDIR /usr/local/src/seccomp | |
RUN curl -fsSL "https://github.com/seccomp/libseccomp/releases/download/v${SECCOMP_VERSION}/libseccomp-${SECCOMP_VERSION}.tar.gz" \ | |
| tar -xz --strip-components=1 \ | |
&& ./configure --prefix /seccomp \ | |
&& make \ | |
&& make install | |
# EXPORT COPY --from=% /seccomp /usr/local | |
# Install Go | |
# IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines | |
# will need updating, to avoid errors. Ping #docker-maintainers on IRC | |
# with a heads-up. | |
FROM base AS gobase | |
ARG GO_VERSION=1.7.5 | |
RUN curl -fsSL "https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz" \ | |
| tar -xzC /usr/local | |
ENV PATH /go/bin:/usr/local/go/bin:$PATH | |
ENV GOPATH /go | |
# golint | |
FROM gobase AS golint | |
ARG GO_TOOLS_COMMIT=823804e1ae08dbb14eb807afc7db9993bc9e3cc3 | |
RUN git clone https://github.com/golang/tools.git /go/src/golang.org/x/tools \ | |
&& (cd /go/src/golang.org/x/tools && git checkout -q $GO_TOOLS_COMMIT) | |
# Grab Go's lint tool | |
ARG GO_LINT_COMMIT=32a87160691b3c96046c0c678fe57c5bef761456 | |
RUN git clone https://github.com/golang/lint.git /go/src/github.com/golang/lint \ | |
&& (cd /go/src/github.com/golang/lint && git checkout -q $GO_LINT_COMMIT) \ | |
&& go install -v github.com/golang/lint/golint | |
# EXPORT COPY --from=% /go/bin/golint /usr/bin | |
# Install notary and notary-server | |
FROM gobase AS notary | |
ARG NOTARY_VERSION=v0.5.0 | |
WORKDIR /usr/local/src/notary | |
RUN git clone https://github.com/docker/notary.git "$GOPATH/src/github.com/docker/notary" \ | |
&& (cd "$GOPATH/src/github.com/docker/notary" && git checkout -q "$NOTARY_VERSION") \ | |
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \ | |
go build -o /notary/notary-server github.com/docker/notary/cmd/notary-server \ | |
&& GOPATH="$GOPATH/src/github.com/docker/notary/vendor:$GOPATH" \ | |
go build -o /notary/notary github.com/docker/notary/cmd/notary | |
# EXPORT COPY --from=% /notary /usr/local/bin | |
FROM gobase AS buildbase | |
RUN apt-get install -y \ | |
apparmor \ | |
btrfs-tools \ | |
libapparmor-dev \ | |
pkg-config \ | |
--no-install-recommends | |
COPY --from=lvm2 /lvm2 /usr/local | |
COPY --from=seccomp /seccomp /usr/local | |
FROM buildbase AS runc | |
# Do not build with ambient capabilities support | |
ARG RUNC_BUILDTAGS="seccomp apparmor selinux" | |
RUN git clone https://github.com/docker/runc.git "$GOPATH/src/github.com/opencontainers/runc" \ | |
&& cd "$GOPATH/src/github.com/opencontainers/runc" \ | |
&& git checkout -q "$RUNC_COMMIT" \ | |
&& make BUILDTAGS="$RUNC_BUILDTAGS" static | |
# EXPORT COPY --from=% /go/src/github.com/opencontainers/runc/runc /usr/local/bin/docker-runc | |
FROM debian:jessie AS dockerd-source | |
WORKDIR /src | |
COPY . . | |
RUN find . -not -path "./hack/*" -not -name "VERSION" -not -name "*.go" -not -name "*.s" -not -type d -delete | |
# EXPORT COPY --from=# /src /go/src/github.com/docker/docker | |
FROM buildbase AS dockerd | |
# Upload docker source | |
WORKDIR /go/src/github.com/docker/docker | |
ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux | |
COPY --from=dockerd-source /src /go/src/github.com/docker/docker | |
ARG DOCKER_GITCOMMIT | |
ENV DOCKER_GITCOMMIT=$DOCKER_GITCOMMIT | |
RUN hack/make.sh binary | |
# export COPY --from=dockerd /go/src/github.com/docker/docker/bundles/latest/binary-daemon/dockerd /usr/local/bin | |
FROM base AS dev | |
WORKDIR /root | |
COPY --from=golint /go/bin/golint /usr/bin | |
COPY --from=notary /notary /usr/local/bin | |
# Compile Go for cross compilation | |
ENV DOCKER_CROSSPLATFORMS \ | |
linux/386 linux/arm \ | |
darwin/amd64 \ | |
freebsd/amd64 freebsd/386 freebsd/arm \ | |
windows/amd64 windows/386 \ | |
solaris/amd64 | |
# Set user.email so crosbymichael's in-container merge commits go smoothly | |
RUN git config --global user.email 'docker-dummy@example.com' | |
# Add an unprivileged user to be used for tests which need it | |
RUN groupadd -r docker | |
RUN useradd --create-home --gid docker unprivilegeduser | |
COPY --from=dockerd /go/src/github.com/docker/docker/bundles/latest/binary-daemon/dockerd /usr/local/bin | |
COPY --from=runc /go/src/github.com/opencontainers/runc/runc /usr/local/bin/docker-runc | |
VOLUME /var/lib/docker |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment