cli/Dockerfile

# syntax=docker/dockerfile:1

ARG BASE_VARIANT=alpine
ARG GO_VERSION=1.20.8
ARG ALPINE_VERSION=3.17
ARG XX_VERSION=1.2.1
ARG GOVERSIONINFO_VERSION=v1.3.0
ARG GOTESTSUM_VERSION=v1.10.0
ARG BUILDX_VERSION=0.11.2

FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx

FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS build-base-alpine
COPY --link --from=xx / /
RUN apk add --no-cache bash clang lld llvm file git
WORKDIR /go/src/github.com/docker/cli

FROM build-base-alpine AS build-alpine
ARG TARGETPLATFORM
# gcc is installed for libgcc only
RUN xx-apk add --no-cache musl-dev gcc

FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-bullseye
COPY --link --from=xx / /
RUN apt-get update && apt-get install --no-install-recommends -y bash clang lld llvm file
WORKDIR /go/src/github.com/docker/cli

FROM build-base-bullseye AS build-bullseye
ARG TARGETPLATFORM
RUN xx-apt-get install --no-install-recommends -y libc6-dev libgcc-10-dev
# workaround for issue with llvm 11 for darwin/amd64 platform:
#  # github.com/docker/cli/cmd/docker
#  /usr/local/go/pkg/tool/linux_amd64/link: /usr/local/go/pkg/tool/linux_amd64/link: running strip failed: exit status 1
#  llvm-strip: error: unsupported load command (cmd=0x5)
# more info: https://github.com/docker/cli/pull/3717
# FIXME: remove once llvm 12 available on debian
RUN [ "$TARGETPLATFORM" != "darwin/amd64" ] || ln -sfnT /bin/true /usr/bin/llvm-strip

FROM build-base-${BASE_VARIANT} AS goversioninfo
ARG GOVERSIONINFO_VERSION
RUN --mount=type=cache,target=/root/.cache/go-build \
    --mount=type=cache,target=/go/pkg/mod \
    GOBIN=/out GO111MODULE=on go install "github.com/josephspurrier/goversioninfo/cmd/goversioninfo@${GOVERSIONINFO_VERSION}"

FROM build-base-${BASE_VARIANT} AS gotestsum
ARG GOTESTSUM_VERSION
RUN --mount=type=cache,target=/root/.cache/go-build \
    --mount=type=cache,target=/go/pkg/mod \
    GOBIN=/out GO111MODULE=on go install "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" \
    && /out/gotestsum --version

FROM build-${BASE_VARIANT} AS build
# GO_LINKMODE defines if static or dynamic binary should be produced
ARG GO_LINKMODE=static
# GO_BUILDTAGS defines additional build tags
ARG GO_BUILDTAGS
# GO_STRIP strips debugging symbols if set
ARG GO_STRIP
# CGO_ENABLED manually sets if cgo is used
ARG CGO_ENABLED
# VERSION sets the version for the produced binary
ARG VERSION
# PACKAGER_NAME sets the company that produced the windows binary
ARG PACKAGER_NAME
COPY --link --from=goversioninfo /out/goversioninfo /usr/bin/goversioninfo
# in bullseye arm64 target does not link with lld so configure it to use ld instead
RUN [ ! -f /etc/alpine-release ] && xx-info is-cross && [ "$(xx-info arch)" = "arm64" ] && XX_CC_PREFER_LINKER=ld xx-clang --setup-target-triple || true
RUN --mount=type=bind,target=.,ro \
    --mount=type=cache,target=/root/.cache \
    --mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \
    --mount=type=tmpfs,target=cli/winresources \
    # override the default behavior of go with xx-go
    xx-go --wrap && \
    # export GOCACHE=$(go env GOCACHE)/$(xx-info)$([ -f /etc/alpine-release ] && echo "alpine") && \
    TARGET=/out ./scripts/build/binary && \
    xx-verify $([ "$GO_LINKMODE" = "static" ] && echo "--static") /out/docker

FROM build-${BASE_VARIANT} AS test
COPY --link --from=gotestsum /out/gotestsum /usr/bin/gotestsum
ENV GO111MODULE=auto
RUN --mount=type=bind,target=.,rw \
    --mount=type=cache,target=/root/.cache \
    --mount=type=cache,target=/go/pkg/mod \
    gotestsum -- -coverprofile=/tmp/coverage.txt $(go list ./... | grep -vE '/vendor/|/e2e/')

FROM scratch AS test-coverage
COPY --from=test /tmp/coverage.txt /coverage.txt

FROM build-${BASE_VARIANT} AS build-plugins
ARG GO_LINKMODE=static
ARG GO_BUILDTAGS
ARG GO_STRIP
ARG CGO_ENABLED
ARG VERSION
RUN --mount=ro --mount=type=cache,target=/root/.cache \
    --mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \
    xx-go --wrap && \
    TARGET=/out ./scripts/build/plugins e2e/cli-plugins/plugins/*

FROM build-base-alpine AS e2e-base-alpine
RUN apk add --no-cache build-base curl docker-compose openssl openssh-client

FROM build-base-bullseye AS e2e-base-bullseye
RUN apt-get update && apt-get install -y build-essential curl openssl openssh-client
ARG COMPOSE_VERSION=1.29.2
RUN curl -fsSL https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose && \
    chmod +x /usr/local/bin/docker-compose

FROM docker/buildx-bin:${BUILDX_VERSION} AS buildx

FROM e2e-base-${BASE_VARIANT} AS e2e
ARG NOTARY_VERSION=v0.6.1
ADD --chmod=0755 https://github.com/theupdateframework/notary/releases/download/${NOTARY_VERSION}/notary-Linux-amd64 /usr/local/bin/notary
COPY --link e2e/testdata/notary/root-ca.cert /usr/share/ca-certificates/notary.cert
RUN echo 'notary.cert' >> /etc/ca-certificates.conf && update-ca-certificates
COPY --link --from=gotestsum /out/gotestsum /usr/bin/gotestsum
COPY --link --from=build /out ./build/
COPY --link --from=build-plugins /out ./build/
COPY --link --from=buildx /buildx /usr/libexec/docker/cli-plugins/docker-buildx
COPY --link . .
ENV DOCKER_BUILDKIT=1
ENV PATH=/go/src/github.com/docker/cli/build:$PATH
CMD ./scripts/test/e2e/entry

FROM build-base-${BASE_VARIANT} AS dev
COPY --link . .

FROM scratch AS plugins
COPY --from=build-plugins /out .

FROM scratch AS binary
COPY --from=build /out .
Dockerfile: use syntax=docker/dockerfile:1 Now that HEREDOC is included in the stable Dockerfile syntax, we can use the latest stable syntax for all Dockerfiles. The recommendation for the stable syntax is to use `:1` (which is equivalent to "latest" stable syntax. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-03-17 12:37:08 +03:00			`# syntax=docker/dockerfile:1`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00
			`ARG BASE_VARIANT=alpine`
update to go1.20.8 go1.20.8 (released 2023-09-06) includes two security fixes to the html/template package, as well as bug fixes to the compiler, the go command, the runtime, and the crypto/tls, go/types, net/http, and path/filepath packages. See the Go 1.20.8 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.20.8+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.20.7...go1.20.8 From the security mailing: [security] Go 1.21.1 and Go 1.20.8 are released Hello gophers, We have just released Go versions 1.21.1 and 1.20.8, minor point releases. These minor releases include 4 security fixes following the security policy: - cmd/go: go.mod toolchain directive allows arbitrary execution The go.mod toolchain directive, introduced in Go 1.21, could be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2023-39320 and Go issue https://go.dev/issue/62198. - html/template: improper handling of HTML-like comments within script contexts The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack. Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this issue. This is CVE-2023-39318 and Go issue https://go.dev/issue/62196. - html/template: improper handling of special tags within script contexts The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack. Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this issue. This is CVE-2023-39319 and Go issue https://go.dev/issue/62197. - crypto/tls: panic when processing post-handshake message on QUIC connections Processing an incomplete post-handshake message for a QUIC connection caused a panic. Thanks to Marten Seemann for reporting this issue. This is CVE-2023-39321 and CVE-2023-39322 and Go issue https://go.dev/issue/62266. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-09-11 16:49:14 +03:00			`ARG GO_VERSION=1.20.8`
Dockerfile: update ALPINE_VERSION to 3.17 Official Golang images are now only available for 3.18 and 3.17; 3.18 doesn't look to play well with gotestsum, so sticking to an older version. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-06-14 14:30:40 +03:00			`ARG ALPINE_VERSION=3.17`
Dockerfile: update to xx 1.2.1 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-07-10 14:09:07 +03:00			`ARG XX_VERSION=1.2.1`
Use goversioninfo to create Windows Version Info Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-10-11 17:54:09 +03:00			`ARG GOVERSIONINFO_VERSION=v1.3.0`
Dockerfile: update gotestsum to v1.10.0 full diff: https://github.com/gotestyourself/gotestsum/compare/v1.8.2...v1.10.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-06-14 21:57:02 +03:00			`ARG GOTESTSUM_VERSION=v1.10.0`
Dockerfile: update buildx to v0.11.2 release notes: https://github.com/docker/buildx/releases/tag/v0.11.2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-07-19 01:24:18 +03:00			`ARG BUILDX_VERSION=0.11.2`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00
Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-09-15 13:47:50 +03:00			`FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00
Dockerfile: add ALPINE_VERSION build-arg This allows us to pin to a specific version of Alpine, in case the golang:alpine image switches to a newer version, which may at times be incompatible, e.g. see https://github.com/moby/moby/issues/44570 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-12-04 16:01:30 +03:00			`FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS build-base-alpine`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link --from=xx / /`
GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`RUN apk add --no-cache bash clang lld llvm file git`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`WORKDIR /go/src/github.com/docker/cli`

			`FROM build-base-alpine AS build-alpine`
			`ARG TARGETPLATFORM`
			`# gcc is installed for libgcc only`
			`RUN xx-apk add --no-cache musl-dev gcc`

Update to debian bullseye Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-12-09 19:16:50 +03:00			`FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-bullseye`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link --from=xx / /`
dockerfile: llvm needed on debian for cross comp Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-07-28 23:49:02 +03:00			`RUN apt-get update && apt-get install --no-install-recommends -y bash clang lld llvm file`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`WORKDIR /go/src/github.com/docker/cli`

Update to debian bullseye Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-12-09 19:16:50 +03:00			`FROM build-base-bullseye AS build-bullseye`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`ARG TARGETPLATFORM`
Update to debian bullseye Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-12-09 19:16:50 +03:00			`RUN xx-apt-get install --no-install-recommends -y libc6-dev libgcc-10-dev`
dockerfile: llvm needed on debian for cross comp Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-07-28 23:49:02 +03:00			`# workaround for issue with llvm 11 for darwin/amd64 platform:`
			`# # github.com/docker/cli/cmd/docker`
			`# /usr/local/go/pkg/tool/linux_amd64/link: /usr/local/go/pkg/tool/linux_amd64/link: running strip failed: exit status 1`
			`# llvm-strip: error: unsupported load command (cmd=0x5)`
			`# more info: https://github.com/docker/cli/pull/3717`
			`# FIXME: remove once llvm 12 available on debian`
			`RUN [ "$TARGETPLATFORM" != "darwin/amd64" ] \|\| ln -sfnT /bin/true /usr/bin/llvm-strip`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00
ci: github actions test workflow Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-12-07 16:50:16 +03:00			`FROM build-base-${BASE_VARIANT} AS goversioninfo`
			`ARG GOVERSIONINFO_VERSION`
			`RUN --mount=type=cache,target=/root/.cache/go-build \`
			`--mount=type=cache,target=/go/pkg/mod \`
			`GOBIN=/out GO111MODULE=on go install "github.com/josephspurrier/goversioninfo/cmd/goversioninfo@${GOVERSIONINFO_VERSION}"`

			`FROM build-base-${BASE_VARIANT} AS gotestsum`
			`ARG GOTESTSUM_VERSION`
			`RUN --mount=type=cache,target=/root/.cache/go-build \`
			`--mount=type=cache,target=/go/pkg/mod \`
			`GOBIN=/out GO111MODULE=on go install "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" \`
			`&& /out/gotestsum --version`

dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`FROM build-${BASE_VARIANT} AS build`
			`# GO_LINKMODE defines if static or dynamic binary should be produced`
			`ARG GO_LINKMODE=static`
			`# GO_BUILDTAGS defines additional build tags`
			`ARG GO_BUILDTAGS`
			`# GO_STRIP strips debugging symbols if set`
			`ARG GO_STRIP`
			`# CGO_ENABLED manually sets if cgo is used`
			`ARG CGO_ENABLED`
			`# VERSION sets the version for the produced binary`
			`ARG VERSION`
Change "COMPANY_NAME" to "PACKAGER_NAME" The COMPANY_NAME currently sets the "CompanyName" field in the metadata of Windows binaries. Our intent of this field is this field to contain information about the company/party that produced the binary. Also from [FileVersionInfo.CompanyName][FileVersionInfo.CompanyName]: > Gets the name of the company that produced the file Based on the above, "PACKAGER_NAME" is a bit more generic, and clearer on intent, and we may at some point re-use this same information to propagate equivalent fields on other platforms (rpms, debs) [FileVersionInfo.CompanyName]: https://docs.microsoft.com/en-us/dotnet/api/system.diagnostics.fileversioninfo.companyname Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-03-27 11:09:50 +03:00			`# PACKAGER_NAME sets the company that produced the windows binary`
			`ARG PACKAGER_NAME`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link --from=goversioninfo /out/goversioninfo /usr/bin/goversioninfo`
Dockerfile: prefer ld for cross-compiling arm64 in bullseye Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2022-03-28 02:52:53 +03:00			`# in bullseye arm64 target does not link with lld so configure it to use ld instead`
			`RUN [ ! -f /etc/alpine-release ] && xx-info is-cross && [ "$(xx-info arch)" = "arm64" ] && XX_CC_PREFER_LINKER=ld xx-clang --setup-target-triple \|\| true`
Use goversioninfo to create Windows Version Info Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-10-11 17:54:09 +03:00			`RUN --mount=type=bind,target=.,ro \`
			`--mount=type=cache,target=/root/.cache \`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`--mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \`
update windows resources generation New solution is not hardcoded to amd64 but integrates with the cross toolchain and support creating arm binaries. Go has been updated so that ASLR works Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-05 11:56:55 +03:00			`--mount=type=tmpfs,target=cli/winresources \`
Use goversioninfo to create Windows Version Info Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-10-11 17:54:09 +03:00			`# override the default behavior of go with xx-go`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00			`xx-go --wrap && \`
			`# export GOCACHE=$(go env GOCACHE)/$(xx-info)$([ -f /etc/alpine-release ] && echo "alpine") && \`
			`TARGET=/out ./scripts/build/binary && \`
			`xx-verify $([ "$GO_LINKMODE" = "static" ] && echo "--static") /out/docker`

ci: github actions test workflow Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-12-07 16:50:16 +03:00			`FROM build-${BASE_VARIANT} AS test`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link --from=gotestsum /out/gotestsum /usr/bin/gotestsum`
ci: github actions test workflow Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-12-07 16:50:16 +03:00			`ENV GO111MODULE=auto`
			`RUN --mount=type=bind,target=.,rw \`
Dockerfile: prefer ld for cross-compiling arm64 in bullseye Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2022-03-28 02:52:53 +03:00			`--mount=type=cache,target=/root/.cache \`
			`--mount=type=cache,target=/go/pkg/mod \`
			`gotestsum -- -coverprofile=/tmp/coverage.txt $(go list ./... \| grep -vE '/vendor/\|/e2e/')`
ci: github actions test workflow Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-12-07 16:50:16 +03:00
			`FROM scratch AS test-coverage`
			`COPY --from=test /tmp/coverage.txt /coverage.txt`

GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`FROM build-${BASE_VARIANT} AS build-plugins`
			`ARG GO_LINKMODE=static`
			`ARG GO_BUILDTAGS`
			`ARG GO_STRIP`
			`ARG CGO_ENABLED`
			`ARG VERSION`
			`RUN --mount=ro --mount=type=cache,target=/root/.cache \`
			`--mount=from=dockercore/golang-cross:xx-sdk-extras,target=/xx-sdk,src=/xx-sdk \`
			`xx-go --wrap && \`
			`TARGET=/out ./scripts/build/plugins e2e/cli-plugins/plugins/*`

			`FROM build-base-alpine AS e2e-base-alpine`
			`RUN apk add --no-cache build-base curl docker-compose openssl openssh-client`

Update to debian bullseye Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2021-12-09 19:16:50 +03:00			`FROM build-base-bullseye AS e2e-base-bullseye`
GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`RUN apt-get update && apt-get install -y build-essential curl openssl openssh-client`
			`ARG COMPOSE_VERSION=1.29.2`
			`RUN curl -fsSL https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose && \`
			`chmod +x /usr/local/bin/docker-compose`

Set buildx as default builder Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-02-03 12:37:55 +03:00			`FROM docker/buildx-bin:${BUILDX_VERSION} AS buildx`

GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`FROM e2e-base-${BASE_VARIANT} AS e2e`
			`ARG NOTARY_VERSION=v0.6.1`
			`ADD --chmod=0755 https://github.com/theupdateframework/notary/releases/download/${NOTARY_VERSION}/notary-Linux-amd64 /usr/local/bin/notary`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link e2e/testdata/notary/root-ca.cert /usr/share/ca-certificates/notary.cert`
GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`RUN echo 'notary.cert' >> /etc/ca-certificates.conf && update-ca-certificates`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link --from=gotestsum /out/gotestsum /usr/bin/gotestsum`
			`COPY --link --from=build /out ./build/`
			`COPY --link --from=build-plugins /out ./build/`
			`COPY --link --from=buildx /buildx /usr/libexec/docker/cli-plugins/docker-buildx`
			`COPY --link . .`
GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`ENV DOCKER_BUILDKIT=1`
			`ENV PATH=/go/src/github.com/docker/cli/build:$PATH`
			`CMD ./scripts/test/e2e/entry`

			`FROM build-base-${BASE_VARIANT} AS dev`
Dockerfile: use COPY --link where possible Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-25 02:56:35 +03:00			`COPY --link . .`
dockerfile based binary building Using cross compilation toolchains that work from any platform Adds darwin/arm64 support and bake targets. Static and dynamic binary targets are available, both with glibc and musl. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> 2021-03-03 10:03:02 +03:00
GitHub Actions e2e tests Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-11-17 19:18:15 +03:00			`FROM scratch AS plugins`
			`COPY --from=build-plugins /out .`
Dockerfile: build binary if no target specified Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2023-03-24 23:14:29 +03:00
			`FROM scratch AS binary`
			`COPY --from=build /out .`