general purpose rootless container
This commit is contained in:
parent
b0aaffb661
commit
64137dcfb7
2 changed files with 28 additions and 31 deletions
35
Dockerfile
35
Dockerfile
|
@ -1,16 +1,37 @@
|
|||
FROM golang:1.21-alpine3.18 as builder
|
||||
FROM --platform=$BUILDPLATFORM tonistiigi/xx AS xx
|
||||
|
||||
FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21-alpine3.18 as build-env
|
||||
|
||||
#
|
||||
# Transparently cross compile for the target platform
|
||||
#
|
||||
COPY --from=xx / /
|
||||
ARG TARGETPLATFORM
|
||||
RUN apk --no-cache add clang lld
|
||||
RUN xx-apk --no-cache add gcc musl-dev
|
||||
RUN xx-go --wrap
|
||||
|
||||
# Do not remove `git` here, it is required for getting runner version when executing `make build`
|
||||
RUN apk add --no-cache make git
|
||||
RUN apk add --no-cache build-base git
|
||||
|
||||
COPY . /srv
|
||||
WORKDIR /srv
|
||||
|
||||
RUN make clean && make build
|
||||
|
||||
FROM alpine:3.18
|
||||
RUN apk add --no-cache git bash tini
|
||||
FROM docker.io/library/alpine:3.18
|
||||
LABEL maintainer="contact@forgejo.org"
|
||||
|
||||
COPY --from=builder /srv/forgejo-runner /bin/forgejo-runner
|
||||
COPY scripts/run.sh /opt/act/run.sh
|
||||
RUN apk add --no-cache git bash
|
||||
|
||||
ENTRYPOINT ["/sbin/tini","--","/opt/act/run.sh"]
|
||||
COPY --from=build-env /srv/forgejo-runner /bin/forgejo-runner
|
||||
|
||||
ENV HOME=/data
|
||||
|
||||
USER 1000:1000
|
||||
|
||||
WORKDIR /data
|
||||
|
||||
VOLUME ["/data"]
|
||||
|
||||
CMD ["/bin/forgejo-runner"]
|
||||
|
|
|
@ -1,24 +0,0 @@
|
|||
FROM golang:1.21-alpine3.18 as builder
|
||||
# Do not remove `git` here, it is required for getting runner version when executing `make build`
|
||||
RUN apk add --no-cache make git
|
||||
|
||||
COPY . /opt/src/forgejo-runner
|
||||
WORKDIR /opt/src/forgejo-runner
|
||||
|
||||
RUN make clean && make build
|
||||
|
||||
FROM docker:dind-rootless
|
||||
USER root
|
||||
RUN apk add --no-cache \
|
||||
git bash supervisor
|
||||
|
||||
COPY --from=builder /opt/src/forgejo-runner/forgejo-runner /usr/local/bin/forgejo-runner
|
||||
COPY /scripts/supervisord.conf /etc/supervisord.conf
|
||||
COPY /scripts/run.sh /opt/act/run.sh
|
||||
COPY /scripts/rootless.sh /opt/act/rootless.sh
|
||||
|
||||
RUN mkdir /data \
|
||||
&& chown rootless:rootless /data
|
||||
|
||||
USER rootless
|
||||
ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
|
Loading…
Reference in a new issue