beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #40180 from cpuguy83/no_more_dev_tools

Browse source 
Build binaries with minimal deps and remove autogen code
This commit is contained in:
Tõnis Tiigi 2019-12-12 11:29:30 -08:00 committed by GitHub
commit 550d5f9d43
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 61 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.dockerignore
View file

@ -1,6 +1,8 @@
bundles .dockerignore
.gopath
vendor/pkg
.go-pkg-cache
.git .git
.go-pkg-cache
.gopath
bundles
Dockerfile
vendor/pkg

2
.gitignore vendored
View file

@ -17,8 +17,6 @@ autogen/
bundles/ bundles/
cmd/dockerd/dockerd cmd/dockerd/dockerd
contrib/builder/rpm/*/changelog contrib/builder/rpm/*/changelog
dockerversion/version_autogen.go
dockerversion/version_autogen_unix.go
vendor/pkg/ vendor/pkg/
go-test-report.json go-test-report.json
profile.out profile.out

56
Dockerfile
View file

@ -4,6 +4,7 @@ ARG CROSS="false"
ARG GO_VERSION=1.13.4 ARG GO_VERSION=1.13.4
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
ARG VPNKIT_DIGEST=e508a17cfacc8fd39261d5b4e397df2b953690da577e2c987a47630cd0c42f8e ARG VPNKIT_DIGEST=e508a17cfacc8fd39261d5b4e397df2b953690da577e2c987a47630cd0c42f8e
ARG DOCKER_BUILDTAGS="apparmor seccomp selinux"
FROM golang:${GO_VERSION}-stretch AS base FROM golang:${GO_VERSION}-stretch AS base
RUN echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache RUN echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
@ -111,10 +112,16 @@ ARG DEBIAN_FRONTEND
RUN --mount=type=cache,sharing=locked,id=moby-cross-false-aptlib,target=/var/lib/apt \ RUN --mount=type=cache,sharing=locked,id=moby-cross-false-aptlib,target=/var/lib/apt \
--mount=type=cache,sharing=locked,id=moby-cross-false-aptcache,target=/var/cache/apt \ --mount=type=cache,sharing=locked,id=moby-cross-false-aptcache,target=/var/cache/apt \
apt-get update && apt-get install -y --no-install-recommends \ apt-get update && apt-get install -y --no-install-recommends \
binutils-mingw-w64 \
btrfs-tools \
g++-mingw-w64-x86-64 \
libapparmor-dev \ libapparmor-dev \
libseccomp-dev libdevmapper-dev \
libseccomp-dev \
libsystemd-dev \
libudev-dev
FROM --platform=linux/amd64 cross-true AS runtime-dev-cross-true FROM --platform=linux/amd64 runtime-dev-cross-false AS runtime-dev-cross-true
ARG DEBIAN_FRONTEND ARG DEBIAN_FRONTEND
# These crossbuild packages rely on gcc-<arch>, but this doesn't want to install # These crossbuild packages rely on gcc-<arch>, but this doesn't want to install
# on non-amd64 systems. # on non-amd64 systems.
@ -128,11 +135,7 @@ RUN --mount=type=cache,sharing=locked,id=moby-cross-true-aptlib,target=/var/lib/
libapparmor-dev:armhf \ libapparmor-dev:armhf \
libseccomp-dev:arm64 \ libseccomp-dev:arm64 \
libseccomp-dev:armel \ libseccomp-dev:armel \
libseccomp-dev:armhf \ libseccomp-dev:armhf
# install this arches seccomp here due to compat issues with the v0 builder
# This is as opposed to inheriting from runtime-dev-cross-false
libapparmor-dev \
libseccomp-dev
FROM runtime-dev-cross-${CROSS} AS runtime-dev FROM runtime-dev-cross-${CROSS} AS runtime-dev
@ -261,19 +264,13 @@ RUN --mount=type=cache,sharing=locked,id=moby-dev-aptlib,target=/var/lib/apt \
apparmor \ apparmor \
aufs-tools \ aufs-tools \
bash-completion \ bash-completion \
binutils-mingw-w64 \
btrfs-tools \
bzip2 \ bzip2 \
g++-mingw-w64-x86-64 \
iptables \ iptables \
jq \ jq \
libcap2-bin \ libcap2-bin \
libdevmapper-dev \
libnet1 \ libnet1 \
libnl-3-200 \ libnl-3-200 \
libprotobuf-c1 \ libprotobuf-c1 \
libsystemd-dev \
libudev-dev \
net-tools \ net-tools \
pigz \ pigz \
python3-pip \ python3-pip \
@ -304,18 +301,15 @@ COPY --from=containerd /build/ /usr/local/bin/
COPY --from=rootlesskit /build/ /usr/local/bin/ COPY --from=rootlesskit /build/ /usr/local/bin/
COPY --from=vpnkit /vpnkit /usr/local/bin/vpnkit.x86_64 COPY --from=vpnkit /vpnkit /usr/local/bin/vpnkit.x86_64
COPY --from=proxy /build/ /usr/local/bin/ COPY --from=proxy /build/ /usr/local/bin/
ENV PATH=/usr/local/cli:$PATH ENV PATH=/usr/local/cli:$PATH
ENV DOCKER_BUILDTAGS apparmor seccomp selinux ARG DOCKER_BUILDTAGS
ENV DOCKER_BUILDTAGS="${DOCKER_BUILDTAGS}"
WORKDIR /go/src/github.com/docker/docker WORKDIR /go/src/github.com/docker/docker
VOLUME /var/lib/docker VOLUME /var/lib/docker
# Wrap all commands in the "docker-in-docker" script to allow nested containers # Wrap all commands in the "docker-in-docker" script to allow nested containers
ENTRYPOINT ["hack/dind"] ENTRYPOINT ["hack/dind"]
FROM dev AS src FROM runtime-dev AS binary-base
COPY . /go/src/github.com/docker/docker
FROM src AS binary-base
ARG DOCKER_GITCOMMIT=HEAD ARG DOCKER_GITCOMMIT=HEAD
ENV DOCKER_GITCOMMIT=${DOCKER_GITCOMMIT} ENV DOCKER_GITCOMMIT=${DOCKER_GITCOMMIT}
ARG VERSION ARG VERSION
@ -326,27 +320,43 @@ ARG PRODUCT
ENV PRODUCT=${PRODUCT} ENV PRODUCT=${PRODUCT}
ARG DEFAULT_PRODUCT_LICENSE ARG DEFAULT_PRODUCT_LICENSE
ENV DEFAULT_PRODUCT_LICENSE=${DEFAULT_PRODUCT_LICENSE} ENV DEFAULT_PRODUCT_LICENSE=${DEFAULT_PRODUCT_LICENSE}
ARG DOCKER_BUILDTAGS
ENV DOCKER_BUILDTAGS="${DOCKER_BUILDTAGS}"
ENV PREFIX=/build
# TODO: This is here because hack/make.sh binary copies these extras binaries
# from $PATH into the bundles dir.
# It would be nice to handle this in a different way.
COPY --from=tini /build/ /usr/local/bin/
COPY --from=runc /build/ /usr/local/bin/
COPY --from=containerd /build/ /usr/local/bin/
COPY --from=rootlesskit /build/ /usr/local/bin/
COPY --from=proxy /build/ /usr/local/bin/
WORKDIR /go/src/github.com/docker/docker
FROM binary-base AS build-binary FROM binary-base AS build-binary
RUN --mount=type=cache,target=/root/.cache/go-build \ RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=bind,target=/go/src/github.com/docker/docker \
hack/make.sh binary hack/make.sh binary
FROM binary-base AS build-dynbinary FROM binary-base AS build-dynbinary
RUN --mount=type=cache,target=/root/.cache/go-build \ RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=bind,target=/go/src/github.com/docker/docker \
hack/make.sh dynbinary hack/make.sh dynbinary
FROM binary-base AS build-cross FROM binary-base AS build-cross
ARG DOCKER_CROSSPLATFORMS ARG DOCKER_CROSSPLATFORMS
RUN --mount=type=cache,target=/root/.cache/go-build \ RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=bind,target=/go/src/github.com/docker/docker \
hack/make.sh cross hack/make.sh cross
FROM scratch AS binary FROM scratch AS binary
COPY --from=build-binary /go/src/github.com/docker/docker/bundles/ / COPY --from=build-binary /build/bundles/ /
FROM scratch AS dynbinary FROM scratch AS dynbinary
COPY --from=build-dynbinary /go/src/github.com/docker/docker/bundles/ / COPY --from=build-dynbinary /build/ /
FROM scratch AS cross FROM scratch AS cross
COPY --from=build-cross /go/src/github.com/docker/docker/bundles/ / COPY --from=build-cross /build/ /
FROM src AS final FROM dev AS final
COPY . /go/src/github.com/docker/docker

4
dockerversion/version_lib.go
View file

@ -4,8 +4,8 @@
package dockerversion // import "github.com/docker/docker/dockerversion" package dockerversion // import "github.com/docker/docker/dockerversion"
// Default build-time variable for library-import. // Default build-time variable for library-import.
// This file is overridden on build with build-time information. // These variables are overridden on build with build-time information.
const ( var (
GitCommit = "library-import" GitCommit = "library-import"
Version = "library-import" Version = "library-import"
BuildTime = "library-import" BuildTime = "library-import"

15
hack/make.sh
View file

@ -113,7 +113,7 @@ LDFLAGS_STATIC=''
EXTLDFLAGS_STATIC='-static' EXTLDFLAGS_STATIC='-static'
# ORIG_BUILDFLAGS is necessary for the cross target which cannot always build # ORIG_BUILDFLAGS is necessary for the cross target which cannot always build
# with options like -race. # with options like -race.
ORIG_BUILDFLAGS=( -tags "autogen netgo osusergo static_build $DOCKER_BUILDTAGS" -installsuffix netgo ) ORIG_BUILDFLAGS=( -tags "netgo osusergo static_build $DOCKER_BUILDTAGS" -installsuffix netgo )
# see https://github.com/golang/go/issues/9369#issuecomment-69864440 for why -installsuffix is necessary here # see https://github.com/golang/go/issues/9369#issuecomment-69864440 for why -installsuffix is necessary here
BUILDFLAGS=( ${BUILDFLAGS} "${ORIG_BUILDFLAGS[@]}" ) BUILDFLAGS=( ${BUILDFLAGS} "${ORIG_BUILDFLAGS[@]}" )
@ -140,12 +140,17 @@ bundle() {
} }
main() { main() {
bundle_dir="bundles"
if [ -n "${PREFIX}" ]; then
bundle_dir="${PREFIX}/${bundle_dir}"
fi
if [ -z "${KEEPBUNDLE-}" ]; then if [ -z "${KEEPBUNDLE-}" ]; then
echo "Removing bundles/" echo "Removing ${bundle_dir}/"
rm -rf bundles/* rm -rf "${bundle_dir}"/*
echo echo
fi fi
mkdir -p bundles mkdir -p "${bundle_dir}"
if [ $# -lt 1 ]; then if [ $# -lt 1 ]; then
bundles=(${DEFAULT_BUNDLES[@]}) bundles=(${DEFAULT_BUNDLES[@]})
@ -153,7 +158,7 @@ main() {
bundles=($@) bundles=($@)
fi fi
for bundle in ${bundles[@]}; do for bundle in ${bundles[@]}; do
export DEST="bundles/$(basename "$bundle")" export DEST="${bundle_dir}/$(basename "$bundle")"
# Cygdrive paths don't play well with go build -o. # Cygdrive paths don't play well with go build -o.
if [[ "$(uname -s)" == CYGWIN* ]]; then if [[ "$(uname -s)" == CYGWIN* ]]; then
export DEST="$(cygpath -mw "$DEST")" export DEST="$(cygpath -mw "$DEST")"

45
hack/make/.go-autogen
View file

@ -6,41 +6,16 @@ source hack/dockerfile/install/runc.installer
source hack/dockerfile/install/tini.installer source hack/dockerfile/install/tini.installer
source hack/dockerfile/install/containerd.installer source hack/dockerfile/install/containerd.installer
cat > dockerversion/version_autogen.go <<DVEOF LDFLAGS="${LDFALGS} \
// +build autogen -X github.com/docker/docker/dockerversion.Version=${VERSION} \
-X github.com/docker/docker/dockerversion.GitCommit=${GITCOMMIT} \
// Package dockerversion is auto-generated at build-time -X github.com/docker/docker/dockerversion.BuildTime=${BUILDTIME} \
package dockerversion -X github.com/docker/docker/dockerversion.IAmStatic=${IAMSTATIC:-true} \
-X github.com/docker/docker/dockerversion.PlatformName=${PLATFORM} \
// Default build-time variable for library-import. -X github.com/docker/docker/dockerversion.ProductName=${PRODUCT} \
// This file is overridden on build with build-time information. -X github.com/docker/docker/dockerversion.DefaultProductLicense=${DEFAULT_PRODUCT_LICENSE} \
const ( -X github.com/docker/docker/dockerversion.InitCommitID=${TINI_COMMIT} \
GitCommit string = "$GITCOMMIT" "
Version string = "$VERSION"
BuildTime string = "$BUILDTIME"
IAmStatic string = "${IAMSTATIC:-true}"
PlatformName string = "${PLATFORM}"
ProductName string = "${PRODUCT}"
DefaultProductLicense string = "${DEFAULT_PRODUCT_LICENSE}"
)
// Code generated by hack/make/.go-autogen. DO NOT EDIT.
DVEOF
cat > dockerversion/version_autogen_unix.go <<DVEOF
// +build autogen,!windows
// Package dockerversion is auto-generated at build-time
package dockerversion
// Default build-time variable for library-import.
// This file is overridden on build with build-time information.
const (
InitCommitID string = "${TINI_COMMIT}"
)
// Code generated by hack/make/.go-autogen. DO NOT EDIT.
DVEOF
# Compile the Windows resources into the sources # Compile the Windows resources into the sources
if [ "$(go env GOOS)" = "windows" ]; then if [ "$(go env GOOS)" = "windows" ]; then