Fossil SCM

fossil-scm / Dockerfile
Source Blame History 91 lines
79ac06a… wyoung 1 # syntax=docker/dockerfile:1.3
b0c9c26… wyoung 2 # See www/containers.md for documentation on how to use this file.
b0c9c26… wyoung 3
1da464e… wyoung 4 ## ---------------------------------------------------------------------
79ac06a… wyoung 5 ## STAGE 1: Build static Fossil binary
1da464e… wyoung 6 ## ---------------------------------------------------------------------
1da464e… wyoung 7
693c7b9… wyoung 8 ### We don't pin a more stable version of our base layer because we want
79ac06a… wyoung 9 ### to build with the latest tools and libraries available in case they
79ac06a… wyoung 10 ### fixed something that matters to us since the last build. Everything
79ac06a… wyoung 11 ### below depends on this layer, and so, alas, we toss this container's
79ac06a… wyoung 12 ### cache on Alpine's release schedule, roughly once a month.
f9bd627… wyoung 13 FROM alpine:latest AS bld
f9bd627… wyoung 14 WORKDIR /fsl
da545c9… wyoung 15
693c7b9… wyoung 16 ### Bake the build-time userland into a base layer so it only changes
79ac06a… wyoung 17 ### when the upstream image is updated or we change the package set.
b0c9c26… wyoung 18 RUN set -x \
1da464e… wyoung 19 && apk update \
1da464e… wyoung 20 && apk upgrade --no-cache \
1da464e… wyoung 21 && apk add --no-cache \
cda5d6a… wyoung 22 gcc make \
b0c9c26… wyoung 23 linux-headers musl-dev \
b0c9c26… wyoung 24 openssl-dev openssl-libs-static \
da545c9… wyoung 25 zlib-dev zlib-static
da545c9… wyoung 26
79ac06a… wyoung 27 ### Build Fossil as a separate layer so we don't have to rebuild the
693c7b9… wyoung 28 ### userland for each iteration of Fossil's dev cycle.
ec8ef57… wyoung 29 ###
79ac06a… wyoung 30 ### We must cope with a bizarre ADD misfeature here: it unpacks tarballs
79ac06a… wyoung 31 ### automatically when you give it a local file name but not if you give
79ac06a… wyoung 32 ### it a /tarball URL! It matters because we default to a URL in case
79ac06a… wyoung 33 ### you're building outside a Fossil checkout, but when building via the
693c7b9… wyoung 34 ### container-image target, we avoid a costly hit on fossil-scm.org by
693c7b9… wyoung 35 ### leveraging its DVCS nature via the "tarball" command and passing the
693c7b9… wyoung 36 ### resulting file's name in.
ec8ef57… wyoung 37 ARG FSLCFG=""
1da464e… wyoung 38 ARG FSLVER="trunk"
1da464e… wyoung 39 ARG FSLURL="https://fossil-scm.org/home/tarball/src?r=${FSLVER}"
f9bd627… wyoung 40 ENV FSLSTB=/fsl/src.tar.gz
1da464e… wyoung 41 ADD $FSLURL $FSLSTB
5b62bfe… wyoung 42 RUN set -x \
f9bd627… wyoung 43 && if [ -d $FSLSTB ] ; \
f9bd627… wyoung 44 then mv $FSLSTB/src . ; \
f9bd627… wyoung 45 else tar -xf src.tar.gz ; fi \
f9bd627… wyoung 46 && src/configure --static CFLAGS='-Os -s' $FSLCFG && make -j16
1da464e… wyoung 47
1da464e… wyoung 48
1da464e… wyoung 49 ## ---------------------------------------------------------------------
1da464e… wyoung 50 ## STAGE 2: Pare that back to the bare essentials.
1da464e… wyoung 51 ## ---------------------------------------------------------------------
1da464e… wyoung 52
cda5d6a… wyoung 53 FROM busybox AS os
b0c9c26… wyoung 54 ARG UID=499
1da464e… wyoung 55
1da464e… wyoung 56 ### Set up that base OS for our specific use without tying it to
1da464e… wyoung 57 ### anything likely to change often. So long as the user leaves
1da464e… wyoung 58 ### UID alone, this layer will be durable.
f9bd627… wyoung 59 RUN set -x \
f9bd627… wyoung 60 && mkdir e log museum \
f9bd627… wyoung 61 && echo "root:x:0:0:Admin:/:/false" > /e/passwd \
f9bd627… wyoung 62 && echo "root:x:0:root" > /e/group \
f9bd627… wyoung 63 && echo "fossil:x:${UID}:${UID}:User:/museum:/false" >> /e/passwd \
f9bd627… wyoung 64 && echo "fossil:x:${UID}:fossil" >> /e/group
79ac06a… wyoung 65
79ac06a… wyoung 66
79ac06a… wyoung 67 ## ---------------------------------------------------------------------
79ac06a… wyoung 68 ## STAGE 3: Drop BusyBox, too, now that we're done with its /bin/sh &c
79ac06a… wyoung 69 ## ---------------------------------------------------------------------
79ac06a… wyoung 70
79ac06a… wyoung 71 FROM scratch AS run
260efac… wyoung 72 COPY --from=bld --chmod=755 /fsl/fossil /bin/
f9bd627… wyoung 73 COPY --from=os --chmod=600 /e/* /etc/
f9bd627… wyoung 74 COPY --from=os --chmod=1777 /tmp /tmp/
f9bd627… wyoung 75 COPY --from=os --chown=fossil:fossil /log /log/
f9bd627… wyoung 76 COPY --from=os --chown=fossil:fossil /museum /museum/
81c30ab… wyoung 77
81c30ab… wyoung 78
81c30ab… wyoung 79 ## ---------------------------------------------------------------------
81c30ab… wyoung 80 ## RUN!
81c30ab… wyoung 81 ## ---------------------------------------------------------------------
81c30ab… wyoung 82
79ac06a… wyoung 83 ENV PATH "/bin"
81c30ab… wyoung 84 EXPOSE 8080/tcp
79ac06a… wyoung 85 USER fossil
7285993… wyoung 86 ENTRYPOINT [ "fossil", "server" ]
f9bd627… wyoung 87 CMD [ \
81c30ab… wyoung 88 "--create", \
81c30ab… wyoung 89 "--jsmode", "bundled", \
7285993… wyoung 90 "--user", "admin", \
7285993… wyoung 91 "museum/repo.fossil" ]

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button