-
Notifications
You must be signed in to change notification settings - Fork 552
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Dockerfile for Debian bookworm pipelines
- Loading branch information
Paul Belt
committed
May 28, 2024
1 parent
4780fbc
commit e36a7d5
Showing
1 changed file
with
69 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| FROM rust:1-slim-bookworm AS bootstrap_os | ||
| ENV DEBIAN_FRONTEND="noninteractive" | ||
|
|
||
| RUN apt-get update -y \ | ||
| && apt-get upgrade -y --no-install-recommends --no-install-suggests ca-certificates \ | ||
| && apt-get install -y --no-install-recommends libssl3 zlib1g \ | ||
| && apt-mark showmanual > /tmp/runtime_apt_mark.txt | ||
|
|
||
|
|
||
| FROM bootstrap_os AS bootstrap_build_deps | ||
| RUN apt-mark auto '.*' > /dev/null \ | ||
| && apt-get upgrade -y --no-install-recommends libssl-dev clang pkg-config \ | ||
| && apt-mark manual $(cat /tmp/runtime_apt_mark.txt) > /dev/null | ||
|
|
||
|
|
||
| FROM bootstrap_build_deps AS bootstrap_builder | ||
| ENV RUST_BACKTRACE=1 \ | ||
| CC=clang \ | ||
| CXX=clang++ \ | ||
| MAKEOPTS="-j$(getconf _NPROCESSORS_ONLN)" | ||
|
|
||
| RUN cargo install sccache --message-format short \ | ||
| && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
|
|
||
| FROM debian:bookworm-slim AS pipeline | ||
| COPY --from=bootstrap_os /tmp/runtime_apt_mark.txt /tmp | ||
|
|
||
| ENV DEBIAN_FRONTEND="noninteractive" | ||
|
|
||
| RUN apt-get update -y \ | ||
| && apt-get install -y --no-install-recommends --no-install-suggests ca-certificates \ | ||
| && apt-mark manual $(cat /tmp/runtime_apt_mark.txt) > /dev/null \ | ||
| && { \ | ||
| echo '#!/bin/sh'; \ | ||
| echo 'set -eu'; \ | ||
| echo 'if [ "${#}" -gt 0 ] && [ "${1#-}" = "${1}" ] \'; \ | ||
| echo ' && command -v "${1}" > "/dev/null" 2>&1; then'; \ | ||
| echo ' exec "${@}"'; \ | ||
| echo 'else exec /bin/shfmt "${@}"; fi'; \ | ||
| echo 'exit 0'; \ | ||
| } > /init && chmod +x /init | ||
|
|
||
| COPY --from=bootstrap_builder /usr/local/cargo/bin/sccache /usr/local/cargo/bin/ | ||
|
|
||
| WORKDIR /usr/local/cargo/bin | ||
|
|
||
| RUN find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ | ||
| | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ | ||
| | xargs -r dpkg-query --search | cut -d: -f1 | sort -u | xargs -r apt-mark manual \ | ||
| && apt-get upgrade -y --no-install-recommends --no-install-suggests \ | ||
| && rm -rf /var/lib/apt/lists/* /tmp/runtime_apt_mark.txt | ||
|
|
||
| ENV PATH="/usr/local/cargo/bin:${PATH}" | ||
|
|
||
| HEALTHCHECK --retries=1 --timeout=15s CMD /usr/local/cargo/bin/sccache --version | ||
|
|
||
| ENTRYPOINT [ "/init" ] | ||
|
|
||
|
|
||
| FROM scratch | ||
| COPY --from=bootstrap_builder /usr/local/cargo/bin/sccache /bin/ | ||
|
|
||
| ENTRYPOINT [ "/bin/sccache" ] | ||
|
|
||
| CMD [ "/bin/sccache" ] | ||
|
|
||
| # vi: nospell |