talos/Dockerfile

ARG KERNEL_IMAGE
ARG TOOLCHAIN_IMAGE
ARG ROOTFS_IMAGE
ARG INITRAMFS_IMAGE

# The proto target generates code from protobuf service definitions.

ARG TOOLCHAIN_IMAGE
FROM ${TOOLCHAIN_IMAGE} AS proto-build
WORKDIR /osd
COPY ./internal/app/osd/proto ./proto
RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto
WORKDIR /trustd
COPY ./internal/app/trustd/proto ./proto
RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto
WORKDIR /init
COPY ./internal/app/init/proto ./proto
RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto

FROM scratch AS proto
COPY --from=proto-build /osd/proto/api.pb.go /internal/app/osd/proto/
COPY --from=proto-build /trustd/proto/api.pb.go /internal/app/trustd/proto/
COPY --from=proto-build /init/proto/api.pb.go /internal/app/init/proto/

# The base provides a common image to build the Talos source code.

ARG TOOLCHAIN_IMAGE
FROM ${TOOLCHAIN_IMAGE} AS base
ENV GOPATH /toolchain/gopath
RUN mkdir -p ${GOPATH}
ENV GO111MODULE on
ENV CGO_ENABLED 0
WORKDIR /src
COPY ./go.mod ./
COPY ./go.sum ./
RUN go mod download
RUN go mod verify
COPY ./cmd ./cmd
COPY ./pkg ./pkg
COPY ./internal ./internal
COPY --from=proto /internal/app ./internal/app
RUN go list -mod=readonly all >/dev/null

# The osd target builds the osd binary.

FROM base AS osd-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/osd
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osd
RUN chmod +x /osd

FROM scratch AS osd
COPY --from=osd-build /osd /osd
ENTRYPOINT ["/osd"]

# The osctl targets build the osctl binaries.

FROM base AS osctl-linux-amd64-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/cmd/osctl
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=1 go build -a -ldflags "-s -w -linkmode external -extldflags \"-static\" -X ${VERSION_PKG}.Name=Client -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osctl-linux-amd64
RUN chmod +x /osctl-linux-amd64

FROM scratch AS osctl-linux-amd64
COPY --from=osctl-linux-amd64-build /osctl-linux-amd64 /osctl-linux-amd64

FROM base AS osctl-darwin-amd64-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/cmd/osctl
RUN GOOS=darwin GOARCH=amd64 go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Client -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osctl-darwin-amd64
RUN chmod +x /osctl-darwin-amd64

FROM scratch AS osctl-darwin-amd64
COPY --from=osctl-darwin-amd64-build /osctl-darwin-amd64 /osctl-darwin-amd64

# The trustd target builds the trustd image.

FROM base AS trustd-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/trustd
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /trustd
RUN chmod +x /trustd

FROM scratch AS trustd
COPY --from=trustd-build /trustd /trustd
ENTRYPOINT ["/trustd"]

# The proxyd target builds the proxyd image.

FROM base AS proxyd-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/proxyd
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /proxyd
RUN chmod +x /proxyd

FROM scratch AS proxyd
COPY --from=proxyd-build /proxyd /proxyd
ENTRYPOINT ["/proxyd"]

# The ntpd target builds the ntpd image.

FROM base AS ntpd-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/ntpd
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /ntpd
RUN chmod +x /ntpd

FROM scratch AS ntpd
COPY --from=ntpd-build /ntpd /ntpd
ENTRYPOINT ["/ntpd"]

# The udevd target builds the udevd image.

FROM base AS udevd-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/udevd
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /udevd
RUN chmod +x /udevd

FROM scratch AS udevd
COPY --from=udevd-build /udevd /udevd
ENTRYPOINT ["/udevd"]

# The binaries target allows for parallel compilation of all binaries.

FROM scratch AS binaries-build
COPY --from=init / /
COPY --from=osd / /
COPY --from=trustd / /
COPY --from=proxyd / /
COPY --from=ntpd / /
COPY --from=udevd / /
COPY --from=osctl-linux-amd64 / /
COPY --from=osctl-darwin-amd64 / /

FROM scratch AS binaries
COPY --from=binaries-build /osctl-linux-amd64 /osctl-linux-amd64
COPY --from=binaries-build /osctl-darwin-amd64 /osctl-darwin-amd64

# The kernel target is the linux kernel.

ARG KERNEL_IMAGE
FROM ${KERNEL_IMAGE} as kernel

# The initramfs target creates the compressed initramfs.

FROM base AS init-build
ARG SHA
ARG TAG
ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"
WORKDIR /src/internal/app/init
RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Talos -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /init
RUN chmod +x /init

FROM scratch AS init
COPY --from=init-build /init /init

ARG INITRAMFS_IMAGE
FROM ${INITRAMFS_IMAGE} AS initramfs-build
WORKDIR /
COPY --from=init-build /init /init

ARG TOOLCHAIN_IMAGE
FROM ${TOOLCHAIN_IMAGE} AS initramfs-archive
COPY --from=initramfs-build / /initramfs
WORKDIR /initramfs
RUN set -o pipefail && find . 2>/dev/null | cpio -H newc -o | xz -v -C crc32 -0 -e -T 0 -z >/initramfs.xz

FROM scratch AS initramfs
COPY --from=initramfs-archive /initramfs.xz /initramfs.xz

# The rootfs target creates the root filesystem archive.

ARG ROOTFS_IMAGE
FROM ${ROOTFS_IMAGE} AS rootfs-build
COPY --from=kernel /modules /lib/modules
COPY images /usr/images

ARG TOOLCHAIN_IMAGE
FROM ${TOOLCHAIN_IMAGE} AS rootfs-archive
COPY --from=rootfs-build / /rootfs
WORKDIR /rootfs
RUN tar -cvpzf /rootfs.tar.gz .

FROM scratch AS rootfs
COPY --from=rootfs-archive /rootfs.tar.gz /rootfs.tar.gz

# The test target performs tests on the source code.

FROM base AS test
COPY --from=rootfs-build / /rootfs
ENV PATH /rootfs/bin:$PATH
COPY hack/golang/test.sh /bin

# The lint target performs linting on the codebase.

FROM base AS lint
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b /toolchain/bin v1.16.0
COPY hack/golang/golangci-lint.yaml .
RUN golangci-lint run --config golangci-lint.yaml

# The talos target generates a docker image that can be used to run Talos
# in containers.

ARG TOOLCHAIN_IMAGE
FROM ${TOOLCHAIN_IMAGE} AS talos-build
COPY --from=rootfs-build / /rootfs
# A workaround docker overwriting our /etc symlink.
RUN rm /rootfs/etc
RUN mv /rootfs/var/etc /rootfs/etc
RUN ln -s /etc /rootfs/var/etc

FROM scratch AS talos
COPY --from=talos-build /rootfs /
COPY --from=init-build /init /init
ENTRYPOINT ["/init"]

# The installer target generates an image that can be used to install Talos to
# various environments.
# The kernel target is the linux kernel.

ARG KERNEL_IMAGE
FROM ${KERNEL_IMAGE} as kernel


FROM alpine:3.8 AS installer
RUN apk --update add bash curl gzip e2fsprogs tar cdrkit parted syslinux util-linux xfsprogs xz sgdisk sfdisk qemu-img unzip
WORKDIR /usr/local/src/syslinux
RUN curl -L https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.xz | tar --strip-components=1 -xJ
WORKDIR /
COPY --from=kernel /vmlinuz /generated/boot/vmlinuz
COPY --from=rootfs /rootfs.tar.gz /generated/rootfs.tar.gz
COPY --from=initramfs /initramfs.xz /generated/boot/initramfs.xz
RUN curl -L https://releases.hashicorp.com/packer/1.3.1/packer_1.3.1_linux_amd64.zip -o /tmp/packer.zip \
    && unzip -d /tmp /tmp/packer.zip \
    && mv /tmp/packer /bin \
    && rm /tmp/packer.zip
COPY hack/installer/packer.json /packer.json
COPY hack/installer/entrypoint.sh /bin/entrypoint.sh
ARG TAG
ENV VERSION ${TAG}
ENTRYPOINT ["entrypoint.sh"]
chore: add travis config (#321) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-23 15:48:02 -08:00			`ARG KERNEL_IMAGE`
			`ARG TOOLCHAIN_IMAGE`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`ARG ROOTFS_IMAGE`
			`ARG INITRAMFS_IMAGE`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The proto target generates code from protobuf service definitions.`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00
chore: use protobuf compiler from the toolchain image (#468) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-03-28 02:33:03 +03:00			`ARG TOOLCHAIN_IMAGE`
			`FROM ${TOOLCHAIN_IMAGE} AS proto-build`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`WORKDIR /osd`
			`COPY ./internal/app/osd/proto ./proto`
			`RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto`
			`WORKDIR /trustd`
			`COPY ./internal/app/trustd/proto ./proto`
			`RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto`
feat(init): implement init gRPC API, forward reboot to init (#579) This implements insecure over-file-socket gRPC API for init with two first simplest APIs: reboot and shutdown (poweroff). File socket is mounted only to `osd` service, so it is the only service which can access init API. Osd forwards reboot/shutdown already implemented APIs to init which actually executes these. This enables graceful shutdown/reboot with service shutdown, sync, etc. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-04-26 23:04:24 +03:00			`WORKDIR /init`
			`COPY ./internal/app/init/proto ./proto`
			`RUN protoc -I/usr/local/include -I./proto --go_out=plugins=grpc:proto proto/api.proto`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00
chore: use protobuf compiler from the toolchain image (#468) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-03-28 02:33:03 +03:00			`FROM scratch AS proto`
			`COPY --from=proto-build /osd/proto/api.pb.go /internal/app/osd/proto/`
			`COPY --from=proto-build /trustd/proto/api.pb.go /internal/app/trustd/proto/`
feat(init): implement init gRPC API, forward reboot to init (#579) This implements insecure over-file-socket gRPC API for init with two first simplest APIs: reboot and shutdown (poweroff). File socket is mounted only to `osd` service, so it is the only service which can access init API. Osd forwards reboot/shutdown already implemented APIs to init which actually executes these. This enables graceful shutdown/reboot with service shutdown, sync, etc. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-04-26 23:04:24 +03:00			`COPY --from=proto-build /init/proto/api.pb.go /internal/app/init/proto/`
chore: use protobuf compiler from the toolchain image (#468) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-03-28 02:33:03 +03:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The base provides a common image to build the Talos source code.`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00
chore: add travis config (#321) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-23 15:48:02 -08:00			`ARG TOOLCHAIN_IMAGE`
			`FROM ${TOOLCHAIN_IMAGE} AS base`
chore(tools): use Go compiler from toolchain image (#460) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-03-22 15:46:33 +03:00			`ENV GOPATH /toolchain/gopath`
feat: update gcc to 8.3.0, drop gcompat (#433) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-03-01 23:48:49 +03:00			`RUN mkdir -p ${GOPATH}`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`ENV GO111MODULE on`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00			`ENV CGO_ENABLED 0`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`WORKDIR /src`
chore: use buildkitd for builds (#320) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-19 01:58:26 -08:00			`COPY ./go.mod ./`
			`COPY ./go.sum ./`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`RUN go mod download`
			`RUN go mod verify`
chore: enforce go.mod completeness and better buildkit cache (#520) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-04-11 02:50:56 +03:00			`COPY ./cmd ./cmd`
			`COPY ./pkg ./pkg`
			`COPY ./internal ./internal`
			`COPY --from=proto /internal/app ./internal/app`
refactor: add stub unit-tests to non-trivial Go packages (#556) Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com> 2019-04-17 23:25:22 +03:00			`RUN go list -mod=readonly all >/dev/null`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00			`# The osd target builds the osd binary.`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`FROM base AS osd-build`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`WORKDIR /src/internal/app/osd`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osd`
			`RUN chmod +x /osd`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`FROM scratch AS osd`
			`COPY --from=osd-build /osd /osd`
			`ENTRYPOINT ["/osd"]`

chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The osctl targets build the osctl binaries.`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`FROM base AS osctl-linux-amd64-build`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: expose userdata and osctl client packages (#471) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-02 17:11:17 -07:00			`WORKDIR /src/cmd/osctl`
fix(osctl): compile static binary with CGO enabeld (#328) Without CGO, on linux/amd64, we cannot lookup the current user. Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-24 21:40:49 -08:00			`RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=1 go build -a -ldflags "-s -w -linkmode external -extldflags \"-static\" -X ${VERSION_PKG}.Name=Client -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osctl-linux-amd64`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`RUN chmod +x /osctl-linux-amd64`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00
chore: use buildkitd for builds (#320) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-19 01:58:26 -08:00			`FROM scratch AS osctl-linux-amd64`
			`COPY --from=osctl-linux-amd64-build /osctl-linux-amd64 /osctl-linux-amd64`

chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`FROM base AS osctl-darwin-amd64-build`
chore: use buildkitd for builds (#320) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-19 01:58:26 -08:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: expose userdata and osctl client packages (#471) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-02 17:11:17 -07:00			`WORKDIR /src/cmd/osctl`
chore: use buildkitd for builds (#320) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-19 01:58:26 -08:00			`RUN GOOS=darwin GOARCH=amd64 go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Client -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /osctl-darwin-amd64`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`RUN chmod +x /osctl-darwin-amd64`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00
chore: use buildkitd for builds (#320) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-19 01:58:26 -08:00			`FROM scratch AS osctl-darwin-amd64`
			`COPY --from=osctl-darwin-amd64-build /osctl-darwin-amd64 /osctl-darwin-amd64`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The trustd target builds the trustd image.`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`FROM base AS trustd-build`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`WORKDIR /src/internal/app/trustd`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /trustd`
			`RUN chmod +x /trustd`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`FROM scratch AS trustd`
			`COPY --from=trustd-build /trustd /trustd`
			`ENTRYPOINT ["/trustd"]`

chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The proxyd target builds the proxyd image.`
chore: use the toolchain for go builds (#317) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-01-18 06:26:12 -08:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`FROM base AS proxyd-build`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`WORKDIR /src/internal/app/proxyd`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /proxyd`
			`RUN chmod +x /proxyd`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00
chore: use buildkit for builds (#295) 2018-12-19 22:22:05 -08:00			`FROM scratch AS proxyd`
			`COPY --from=proxyd-build /proxyd /proxyd`
			`ENTRYPOINT ["/proxyd"]`

chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The ntpd target builds the ntpd image.`

			`FROM base AS ntpd-build`
			`ARG SHA`
			`ARG TAG`
			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
			`WORKDIR /src/internal/app/ntpd`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /ntpd`
			`RUN chmod +x /ntpd`

			`FROM scratch AS ntpd`
			`COPY --from=ntpd-build /ntpd /ntpd`
			`ENTRYPOINT ["/ntpd"]`

			`# The udevd target builds the udevd image.`

			`FROM base AS udevd-build`
			`ARG SHA`
			`ARG TAG`
			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
			`WORKDIR /src/internal/app/udevd`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Server -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /udevd`
			`RUN chmod +x /udevd`

			`FROM scratch AS udevd`
			`COPY --from=udevd-build /udevd /udevd`
			`ENTRYPOINT ["/udevd"]`
feat: add osinstall cli utility (#368) 2019-02-23 15:18:52 -06:00
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`# The binaries target allows for parallel compilation of all binaries.`

			`FROM scratch AS binaries-build`
			`COPY --from=init / /`
			`COPY --from=osd / /`
			`COPY --from=trustd / /`
			`COPY --from=proxyd / /`
			`COPY --from=ntpd / /`
			`COPY --from=udevd / /`
			`COPY --from=osctl-linux-amd64 / /`
			`COPY --from=osctl-darwin-amd64 / /`

			`FROM scratch AS binaries`
			`COPY --from=binaries-build /osctl-linux-amd64 /osctl-linux-amd64`
			`COPY --from=binaries-build /osctl-darwin-amd64 /osctl-darwin-amd64`

			`# The kernel target is the linux kernel.`

			`ARG KERNEL_IMAGE`
			`FROM ${KERNEL_IMAGE} as kernel`

			`# The initramfs target creates the compressed initramfs.`

			`FROM base AS init-build`
feat: add basic ntp implementation (#459) Signed-off-by: Brad Beam <brad.beam@b-rad.info> 2019-03-23 17:58:13 -05:00			`ARG SHA`
			`ARG TAG`
chore: update org to new name (#480) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-03 18:29:21 -07:00			`ARG VERSION_PKG="github.com/talos-systems/talos/internal/pkg/version"`
chore: use the rootfs-base and initramfs-base images for builds (#558) Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com> 2019-04-18 19:31:43 -07:00			`WORKDIR /src/internal/app/init`
			`RUN go build -a -ldflags "-s -w -X ${VERSION_PKG}.Name=Talos -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /init`
			`RUN chmod +x /init`

			`FROM scratch AS init`
			`COPY --from=init-build /init /init`

			`ARG INITRAMFS_IMAGE`
			`FROM ${INITRAMFS_IMAGE} AS initramfs-build`
			`WORKDIR /`
			`COPY --from=init-build /init /init`

			`ARG TOOLCHAIN_IMAGE`
			`FROM ${TOOLCHAIN_IMAGE} AS initramfs-archive`
			`COPY --from=initramfs-build / /initramfs`
			`WORKDIR /initramfs`
			`RUN set -o pipefail && find . 2>/dev/null \| cpio -H newc -o \| xz -v -C crc32 -0 -e -T 0 -z >/initramfs.xz`

			`FROM scratch AS initramfs`
			`COPY --from=initramfs-archive /initramfs.xz /initramfs.xz`

			`# The rootfs target creates the root filesystem archive.`

			`ARG ROOTFS_IMAGE`
			`FROM ${ROOTFS_IMAGE} AS rootfs-build`
			`COPY --from=kernel /modules /lib/modules`
			`COPY images /usr/images`

			`ARG TOOLCHAIN_IMAGE`
			`FROM ${TOOLCHAIN_IMAGE} AS rootfs-archive`
			`COPY --from=rootfs-build / /rootfs`
			`WORKDIR /rootfs`
			`RUN tar -cvpzf /rootfs.tar.gz .`

			`FROM scratch AS rootfs`
			`COPY --from=rootfs-archive /rootfs.tar.gz /rootfs.tar.gz`

			`# The test target performs tests on the source code.`

			`FROM base AS test`
			`COPY --from=rootfs-build / /rootfs`
			`ENV PATH /rootfs/bin:$PATH`
			`COPY hack/golang/test.sh /bin`

			`# The lint target performs linting on the codebase.`

			`FROM base AS lint`
			`RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh \| bash -s -- -b /toolchain/bin v1.16.0`
			`COPY hack/golang/golangci-lint.yaml .`
			`RUN golangci-lint run --config golangci-lint.yaml`

			`# The talos target generates a docker image that can be used to run Talos`
			`# in containers.`

			`ARG TOOLCHAIN_IMAGE`
			`FROM ${TOOLCHAIN_IMAGE} AS talos-build`
			`COPY --from=rootfs-build / /rootfs`
			`# A workaround docker overwriting our /etc symlink.`
			`RUN rm /rootfs/etc`
			`RUN mv /rootfs/var/etc /rootfs/etc`
			`RUN ln -s /etc /rootfs/var/etc`

			`FROM scratch AS talos`
			`COPY --from=talos-build /rootfs /`
			`COPY --from=init-build /init /init`
			`ENTRYPOINT ["/init"]`

			`# The installer target generates an image that can be used to install Talos to`
			`# various environments.`
			`# The kernel target is the linux kernel.`

			`ARG KERNEL_IMAGE`
			`FROM ${KERNEL_IMAGE} as kernel`


			`FROM alpine:3.8 AS installer`
			`RUN apk --update add bash curl gzip e2fsprogs tar cdrkit parted syslinux util-linux xfsprogs xz sgdisk sfdisk qemu-img unzip`
			`WORKDIR /usr/local/src/syslinux`
			`RUN curl -L https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.xz \| tar --strip-components=1 -xJ`
			`WORKDIR /`
			`COPY --from=kernel /vmlinuz /generated/boot/vmlinuz`
			`COPY --from=rootfs /rootfs.tar.gz /generated/rootfs.tar.gz`
			`COPY --from=initramfs /initramfs.xz /generated/boot/initramfs.xz`
			`RUN curl -L https://releases.hashicorp.com/packer/1.3.1/packer_1.3.1_linux_amd64.zip -o /tmp/packer.zip \`
			`&& unzip -d /tmp /tmp/packer.zip \`
			`&& mv /tmp/packer /bin \`
			`&& rm /tmp/packer.zip`
			`COPY hack/installer/packer.json /packer.json`
			`COPY hack/installer/entrypoint.sh /bin/entrypoint.sh`
			`ARG TAG`
			`ENV VERSION ${TAG}`
			`ENTRYPOINT ["entrypoint.sh"]`