-
Notifications
You must be signed in to change notification settings - Fork 9
/
Dockerfile.orchestrator
61 lines (45 loc) · 1.91 KB
/
Dockerfile.orchestrator
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# syntax=docker/dockerfile:1.9.0
# Allow the Go version to be configured
ARG GO_VERSION
ARG SB_GIT_COMMIT_SHA
# Builder base image
FROM ghcr.io/superblocksteam/golang:${GO_VERSION}-bookworm as builder
LABEL org.opencontainers.image.description "The Superblocks Orchestrator"
# https://github.com/rogchap/v8go/issues/381#issuecomment-1660576038
ENV DEBIAN_FRONTEND=noninteractive
# Set a directory to work from
WORKDIR /go/src/github.com/superblocksteam/orchestrator
# Install dependencies
RUN apt-get update && \
apt-get upgrade -y && \
apt-get install -y build-essential gcc
# Copy everything in and compile
# There may be cache optimizations we can make
COPY . .
# Build our binary.
ARG SERVICE_VERSION
ARG EXTRA_GO_OPTIONS
RUN make build-go SERVICE_VERSION=${SERVICE_VERSION} EXTRA_GO_OPTIONS=${EXTRA_GO_OPTIONS}
# Build the final image
FROM ghcr.io/superblocksteam/ubuntu:24.04 AS base
# Install CA certificates
RUN apt-get update \
&& apt-get install ca-certificates -y \
&& update-ca-certificates \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
FROM base
ARG SB_GIT_COMMIT_SHA
# Create and switch to a non-root user
RUN useradd -m -u 1001 orchestrator
USER orchestrator
# Copy in our compiled binary
COPY --from=builder /go/src/github.com/superblocksteam/orchestrator/orchestrator /orchestrator
COPY --from=builder /go/src/github.com/superblocksteam/orchestrator/buckets.json /buckets.json
COPY --from=builder /go/src/github.com/superblocksteam/orchestrator/buckets.minimal.json /buckets.minimal.json
COPY --from=builder /go/src/github.com/superblocksteam/orchestrator/buckets.minimal.json /buckets.minimal.json
COPY --from=builder /go/src/github.com/superblocksteam/orchestrator/flags.json /flags.json
ENV SB_GIT_REPOSITORY_URL "https://github.com/superblocksteam/orchestrator"
ENV SB_GIT_COMMIT_SHA ${SB_GIT_COMMIT_SHA}
# Start the service
ENTRYPOINT ["/orchestrator"]