Compare commits
5 Commits
02ef9b0228
...
5945be3325
| Author | SHA1 | Date |
|---|---|---|
 Lance Vick
|
5945be3325
|
|
|
Lance Vick
|
423feef065
|
|
|
Lance Vick
|
6ccd002aaa
|
|
|
Lance Vick
|
79b2160578
|
|
 Anton Livaja
|
1586443cd8
|
|
|
@ -20,30 +20,33 @@ RUN set -eux; \
|
|||
mv lrvick-live-bootstrap-* live-bootstrap
|
||||
WORKDIR live-bootstrap
|
||||
RUN ./download-distfiles.sh
|
||||
|
||||
FROM fetch as config
|
||||
RUN set -eux; \
|
||||
mkdir -p /rootfs/external; \
|
||||
mv steps seed/* /rootfs/; \
|
||||
mv distfiles /rootfs/external/
|
||||
RUN echo "\
|
||||
mv distfiles /rootfs/external/; \
|
||||
export CORES=$(nproc --all); \
|
||||
echo "\
|
||||
FORCE_TIMESTAMPS=False\n\
|
||||
CHROOT=True\n\
|
||||
UPDATE_CHECKSUMS=False\n\
|
||||
JOBS=10\n\
|
||||
JOBS=${CORES}\n\
|
||||
SWAP_SIZE=0\n\
|
||||
FINAL_JOBS=10\n\
|
||||
FINAL_JOBS=${CORES}\n\
|
||||
INTERNAL_CI=False\n\
|
||||
INTERACTIVE=False\n\
|
||||
BARE_METAL=False\n\
|
||||
EXTERNAL_SOURCES=True\n\
|
||||
DISK=sda1\n\
|
||||
KERNEL_BOOTSTRAP=False\n\
|
||||
BUILD_KERNELS=False\
|
||||
" > /rootfs/steps/bootstrap.cfg
|
||||
BUILD_KERNELS=False" \
|
||||
> /rootfs/steps/bootstrap.cfg
|
||||
RUN touch /rootfs/steps/lwext4-1.0.0-lb1/files/fiwix-file-list.txt
|
||||
|
||||
FROM scratch as build
|
||||
COPY --from=stage0 / .
|
||||
COPY --from=fetch /rootfs .
|
||||
COPY --from=config /rootfs .
|
||||
ENV ARCH_DIR=x86
|
||||
ENV ARCH=x86
|
||||
RUN ["/x86/bin/kaem","--verbose","--strict","--file","./after.kaem"]
|
||||
|
|
@ -53,6 +56,7 @@ ENV PATH=/bin:/usr/sbin:/usr/bin
|
|||
RUN set -eux; \
|
||||
rm -rf /usr/lib/python*/__pycache__; \
|
||||
mkdir -p /rootfs/etc /rootfs/home/user; \
|
||||
chown -R 1000:1000 /rootfs/home/user; \
|
||||
cp -R $(ls -d /etc/* | grep -v '\(resolv.conf\|hosts\)') /rootfs/etc/; \
|
||||
cp -R lib usr bin var /rootfs/; \
|
||||
echo "user:x:1000:" > /rootfs/etc/group; \
|
||||
|
|
|
|||
|
|
@ -32,6 +32,7 @@ define build
|
|||
-t $(REGISTRY)/$(NAME):$(VERSION) \
|
||||
--build-arg REGISTRY=$(REGISTRY) \
|
||||
--platform $(PLATFORM) \
|
||||
--network=host \
|
||||
--progress=plain \
|
||||
$(if $(filter latest,$(VERSION)),,--build-arg VERSION=$(VERSION)) \
|
||||
--target $(TARGET) \
|
||||
|
|
|
|||
|
|
@ -11,4 +11,9 @@ out/curl.tgz: \
|
|||
out/tofu.tgz: \
|
||||
out/busybox.tgz \
|
||||
out/go.tgz
|
||||
$(call build,tools,tofu)
|
||||
$(call build,tools,tofu)
|
||||
|
||||
out/sops.tgz: \
|
||||
out/busybox.tgz \
|
||||
out/go.tgz
|
||||
$(call build,tools,sops)
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
|
||||
ARG REGISTRY=local
|
||||
FROM ${REGISTRY}/go:latest as go
|
||||
FROM ${REGISTRY}/busybox:latest as busybox
|
||||
FROM ${REGISTRY}/ca-certificates:latest as ca-certificates
|
||||
|
||||
FROM busybox as base
|
||||
ENV VERSION=3.8.1
|
||||
ENV SRC_SITE=https://github.com/getsops/sops/archive/refs/tags
|
||||
ENV SRC_HASH=5ca70fb4f96797d09012c705a5bb935835896de7bcd063b98d498912b0e645a0
|
||||
RUN echo ${SRC_SITE}/${VERSION}.tar.gz
|
||||
|
||||
FROM base as fetch
|
||||
COPY --from=go . /
|
||||
COPY --from=ca-certificates . /
|
||||
|
||||
RUN set -eux; \
|
||||
wget ${SRC_SITE}/v${VERSION}.tar.gz; \
|
||||
echo "${SRC_HASH} v${VERSION}.tar.gz" | sha256sum -c;
|
||||
|
||||
FROM fetch as build
|
||||
RUN tar -xvf v${VERSION}.tar.gz
|
||||
WORKDIR sops-${VERSION}
|
||||
ENV PWD=/home/user/sops-${VERSION}
|
||||
ENV GOPATH=${PWD}/cache/go
|
||||
ENV GOCACHE=${PWD}/cache/
|
||||
ENV GOWORK=off
|
||||
ENV GOPROXY=https://proxy.golang.org,direct
|
||||
ENV GOSUMDB=sum.golang.org
|
||||
|
||||
ENV CGO_ENABLED=0
|
||||
ENV GOHOSTOS=linux
|
||||
ENV GOHOSTARCH=amd64
|
||||
ENV GOFLAGS=-trimpath
|
||||
RUN mkdir -p ${GOPATH}
|
||||
RUN go build -o bin/sops ./cmd/sops
|
||||
|
||||
from build as install
|
||||
USER 0:0
|
||||
RUN mkdir -p /rootfs/usr/bin/
|
||||
RUN cp bin/sops /rootfs/usr/bin/
|
||||
|
||||
FROM scratch as package
|
||||
COPY --from=install /rootfs/ /
|
||||
ENTRYPOINT ["/usr/bin/sops"]
|
||||
CMD ["--version"]
|
||||
Reference in New Issue