forked from argoproj/argo-cd
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathDockerfile
More file actions
135 lines (113 loc) · 5.34 KB
/
Dockerfile
File metadata and controls
135 lines (113 loc) · 5.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
FROM docker.io/library/redis:8.2.3@sha256:7cb87cb4aa89150d17589e35f74162e64736843401675f6bd3c1ef68bbbe7889 AS redis
# There are libraries we will want to copy from here in the final stage of the
# build, but the COPY directive does not have a way to determine system
# architecture, so we create a symlink here to facilitate copying.
RUN ln -s /usr/lib/$(uname -m)-linux-gnu /usr/lib/linux-gnu
# Please make sure to also check the contained yarn version and update the references below when upgrading this image's version
FROM docker.io/library/node:22.9.0@sha256:8398ea18b8b72817c84af283f72daed9629af2958c4f618fe6db4f453c5c9328 AS node
FROM docker.io/library/golang:1.25.1@sha256:d7098379b7da665ab25b99795465ec320b1ca9d4addb9f77409c4827dc904211 AS golang
FROM docker.io/library/registry:3.0@sha256:cd92709b4191c5779cd7215ccd695db6c54652e7a62843197e367427efb84d0e AS registry
FROM docker.io/bitnamilegacy/kubectl:1.32@sha256:9524faf8e3cefb47fa28244a5d15f95ec21a73d963273798e593e61f80712333 AS kubectl
FROM docker.io/library/ubuntu:25.10@sha256:5922638447b1e3ba114332c896a2c7288c876bb94adec923d70d58a17d2fec5e
ENV DEBIAN_FRONTEND=noninteractive
# NOTE: binutils-gold contains the gold linker, which was recently removed
# from binutils, but is still nesessary for building lint-tools on arm64 only
# until this Golang issue is fixed: https://github.com/golang/go/issues/22040
RUN apt-get update && apt-get install --fix-missing -y \
ca-certificates \
curl \
openssh-server \
nginx \
fcgiwrap \
git \
git-lfs \
gpg \
jq \
make \
wget \
gcc \
g++ \
sudo \
tini \
zip && \
if [ "$(uname -m)" = "aarch64" ]; then \
apt-get install --fix-missing -y binutils-gold; \
fi && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --from=golang /usr/local/go /usr/local/go
COPY --from=kubectl /opt/bitnami/kubectl/bin/kubectl /usr/local/bin/kubectl
ENV PATH=/dist:/go/bin:/usr/local/go/bin:/go/src/github.com/argoproj/argo-cd/dist:$PATH
ENV GOROOT=/usr/local/go
ENV GOPATH=/go
# Install build and test dependencies
COPY hack/install.sh hack/tool-versions.sh go.* ./
COPY hack/installers installers
COPY gitops-engine/go.* ./gitops-engine/
RUN ./install.sh helm && \
./install.sh kustomize && \
./install.sh codegen-tools && \
./install.sh codegen-go-tools && \
./install.sh lint-tools && \
./install.sh gotestsum && \
./install.sh git-lfs && \
go install github.com/mattn/goreman@latest && \
go install github.com/kisielk/godepgraph@latest && \
go install github.com/jstemmer/go-junit-report@latest && \
rm -rf /tmp/dl && \
rm -rf /tmp/helm && \
rm -rf /tmp/ks_*
# These are required for running end-to-end tests
COPY ./test/fixture/testrepos/id_rsa.pub /root/.ssh/authorized_keys
COPY ./test/fixture/testrepos/nginx.conf /etc/nginx/nginx.conf
COPY ./test/fixture/testrepos/sudoers.conf /etc/sudoers
COPY ./test/fixture/testrepos/ssh_host_*_key* /etc/ssh/
# Copy redis binaries to the image
COPY --from=redis /usr/local/bin/* /usr/local/bin/
# Copy redis dependencies/shared libraries
# Ubuntu 22.04+ has moved to OpenSSL3 and no longer provides these libraries
COPY --from=redis /usr/lib/linux-gnu/libssl.so.3 /usr/lib/linux-gnu/
COPY --from=redis /usr/lib/linux-gnu/libcrypto.so.3 /usr/lib/linux-gnu/
RUN mv /usr/lib/linux-gnu/libssl.so.3 /usr/lib/$(uname -m)-linux-gnu/ && \
mv /usr/lib/linux-gnu/libcrypto.so.3 /usr/lib/$(uname -m)-linux-gnu/ && \
rm -rf /usr/lib/linux-gnu/
# Copy registry binaries to the image
COPY --from=registry /bin/registry /usr/local/bin/
COPY --from=registry /etc/distribution/config.yml /etc/docker/registry/config.yml
# Copy node binaries
COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
COPY --from=node /usr/local/bin/node /usr/local/bin
COPY --from=node /opt/yarn-v1.22.22 /opt/yarn-v1.22.22
# Entrypoint is required for container's user management
COPY ./test/container/entrypoint.sh /usr/local/bin
ARG UID
# Prepare user configuration & build environments
RUN userdel -r ubuntu && \
useradd -l -u ${UID} -d /home/user -s /bin/bash user && \
echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/user && \
mkdir -p /home/user/.kube && \
mkdir -p /home/user/.cache && \
chown -R user /home/user && \
chgrp -R user /home/user && \
mkdir -p /go/src/github.com/gogo && \
mkdir -p /go/src/k8s.io && \
chown -R user /go && \
HOME=/home/user git config --global user.name "ArgoCD Test User" && \
HOME=/home/user git config --global user.email "noreply@example.com" && \
HOME=/home/user git config --global --add safe.directory '*' && \
mkdir -p /go/src && \
mkdir -p /go/pkg && \
chown -R user:user /go && \
mkdir -p /var/run/sshd && \
mkdir -p /root/.ssh && \
chown root /etc/ssh/ssh_host_*_key* && \
chmod 0600 /etc/ssh/ssh_host_*_key && \
mkdir -p /tmp/go-build-cache && \
chown -R user:user /tmp/go-build-cache && \
ln -s /usr/local/bin/node /usr/local/bin/nodejs && \
ln -s /usr/local/lib/node_modules/npm/bin/npm-cli.js /usr/local/bin/npm && \
ln -s /usr/local/lib/node_modules/npm/bin/npx-cli.js /usr/local/bin/npx && \
ln -s /opt/yarn-v1.22.22/bin/yarn /usr/local/bin/yarn && \
ln -s /opt/yarn-v1.22.22/bin/yarnpkg /usr/local/bin/yarnpkg && \
mkdir -p /var/lib/registry
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]