compose/Dockerfile

# syntax=docker/dockerfile:1


#   Copyright 2020 Docker Compose CLI authors

#   Licensed under the Apache License, Version 2.0 (the "License");
#   you may not use this file except in compliance with the License.
#   You may obtain a copy of the License at

#       http://www.apache.org/licenses/LICENSE-2.0

#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.

ARG GO_VERSION=1.20.7
ARG XX_VERSION=1.2.1
ARG GOLANGCI_LINT_VERSION=v1.53.2
ARG ADDLICENSE_VERSION=v1.0.0

ARG BUILD_TAGS="e2e"
ARG DOCS_FORMATS="md,yaml"
ARG LICENSE_FILES=".*\(Dockerfile\|Makefile\|\.go\|\.hcl\|\.sh\)"

# xx is a helper for cross-compilation
FROM --platform=${BUILDPLATFORM} tonistiigi/xx:${XX_VERSION} AS xx

# osxcross contains the MacOSX cross toolchain for xx
FROM crazymax/osxcross:11.3-alpine AS osxcross

FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine AS golangci-lint
FROM ghcr.io/google/addlicense:${ADDLICENSE_VERSION} AS addlicense

FROM --platform=${BUILDPLATFORM} golang:${GO_VERSION}-alpine AS base
COPY --from=xx / /
RUN apk add --no-cache \
      clang \
      docker \
      file \
      findutils \
      git \
      make \
      protoc \
      protobuf-dev
WORKDIR /src
ENV CGO_ENABLED=0

FROM base AS build-base
COPY go.* .
RUN --mount=type=cache,target=/go/pkg/mod \
    --mount=type=cache,target=/root/.cache/go-build \
    go mod download

FROM build-base AS vendored
RUN --mount=type=bind,target=.,rw \
    --mount=type=cache,target=/go/pkg/mod \
    go mod tidy && mkdir /out && cp go.mod go.sum /out

FROM scratch AS vendor-update
COPY --from=vendored /out /

FROM vendored AS vendor-validate
RUN --mount=type=bind,target=.,rw <<EOT
  set -e
  git add -A
  cp -rf /out/* .
  diff=$(git status --porcelain -- go.mod go.sum)
  if [ -n "$diff" ]; then
    echo >&2 'ERROR: Vendor result differs. Please vendor your package with "make go-mod-tidy"'
    echo "$diff"
    exit 1
  fi
EOT

FROM build-base AS build
ARG BUILD_TAGS
ARG BUILD_FLAGS
ARG TARGETPLATFORM
RUN --mount=type=bind,target=. \
    --mount=type=cache,target=/root/.cache \
    --mount=type=cache,target=/go/pkg/mod \
    --mount=type=bind,from=osxcross,src=/osxsdk,target=/xx-sdk \
    xx-go --wrap && \
    if [ "$(xx-info os)" == "darwin" ]; then export CGO_ENABLED=1; fi && \
    make build GO_BUILDTAGS="$BUILD_TAGS" DESTDIR=/out && \
    xx-verify --static /out/docker-compose

FROM build-base AS lint
ARG BUILD_TAGS
RUN --mount=type=bind,target=. \
    --mount=type=cache,target=/root/.cache \
    --mount=type=cache,target=/go/pkg/mod \
    --mount=from=golangci-lint,source=/usr/bin/golangci-lint,target=/usr/bin/golangci-lint \
    golangci-lint run --build-tags "$BUILD_TAGS" ./...

FROM build-base AS test
ARG CGO_ENABLED=0
ARG BUILD_TAGS
RUN --mount=type=bind,target=. \
    --mount=type=cache,target=/root/.cache \
    --mount=type=cache,target=/go/pkg/mod \
    rm -rf /tmp/coverage && \
    mkdir -p /tmp/coverage && \
    go test -tags "$BUILD_TAGS" -v -cover -covermode=atomic $(go list  $(TAGS) ./... | grep -vE 'e2e') -args -test.gocoverdir="/tmp/coverage" && \
    go tool covdata percent -i=/tmp/coverage

FROM scratch AS test-coverage
COPY --from=test --link /tmp/coverage /

FROM base AS license-set
ARG LICENSE_FILES
RUN --mount=type=bind,target=.,rw \
    --mount=from=addlicense,source=/app/addlicense,target=/usr/bin/addlicense \
    find . -regex "${LICENSE_FILES}" | xargs addlicense -c 'Docker Compose CLI' -l apache && \
    mkdir /out && \
    find . -regex "${LICENSE_FILES}" | cpio -pdm /out

FROM scratch AS license-update
COPY --from=set /out /

FROM base AS license-validate
ARG LICENSE_FILES
RUN --mount=type=bind,target=. \
    --mount=from=addlicense,source=/app/addlicense,target=/usr/bin/addlicense \
    find . -regex "${LICENSE_FILES}" | xargs addlicense -check -c 'Docker Compose CLI' -l apache -ignore validate -ignore testdata -ignore resolvepath -v

FROM base AS docsgen
WORKDIR /src
RUN --mount=target=. \
    --mount=target=/root/.cache,type=cache \
    --mount=type=cache,target=/go/pkg/mod \
    go build -o /out/docsgen ./docs/yaml/main/generate.go

FROM --platform=${BUILDPLATFORM} alpine AS docs-build
RUN apk add --no-cache rsync git
WORKDIR /src
COPY --from=docsgen /out/docsgen /usr/bin
ARG DOCS_FORMATS
RUN --mount=target=/context \
    --mount=target=.,type=tmpfs <<EOT
  set -e
  rsync -a /context/. .
  docsgen --formats "$DOCS_FORMATS" --source "docs/reference"
  mkdir /out
  cp -r docs/reference /out
EOT

FROM scratch AS docs-update
COPY --from=docs-build /out /out

FROM docs-build AS docs-validate
RUN --mount=target=/context \
    --mount=target=.,type=tmpfs <<EOT
  set -e
  rsync -a /context/. .
  git add -A
  rm -rf docs/reference/*
  cp -rf /out/* ./docs/
  if [ -n "$(git status --porcelain -- docs/reference)" ]; then
    echo >&2 'ERROR: Docs result differs. Please update with "make docs"'
    git status --porcelain -- docs/reference
    exit 1
  fi
EOT

FROM scratch AS binary-unix
COPY --link --from=build /out/docker-compose /
FROM binary-unix AS binary-darwin
FROM binary-unix AS binary-linux
FROM scratch AS binary-windows
COPY --link --from=build /out/docker-compose /docker-compose.exe
FROM binary-$TARGETOS AS binary
# enable scanning for this stage
ARG BUILDKIT_SBOM_SCAN_STAGE=true

FROM --platform=$BUILDPLATFORM alpine AS releaser
WORKDIR /work
ARG TARGETOS
ARG TARGETARCH
ARG TARGETVARIANT
RUN --mount=from=binary \
    mkdir -p /out && \
    # TODO: should just use standard arch
    TARGETARCH=$([ "$TARGETARCH" = "amd64" ] && echo "x86_64" || echo "$TARGETARCH"); \
    TARGETARCH=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "$TARGETARCH"); \
    cp docker-compose* "/out/docker-compose-${TARGETOS}-${TARGETARCH}${TARGETVARIANT}$(ls docker-compose* | sed -e 's/^docker-compose//')"

FROM scratch AS release
COPY --from=releaser /out/ /

# docs-reference is a target used as remote context to update docs on release
# with latest changes on docs.docker.com.
# see open-pr job in .github/workflows/docs.yml for more details
FROM scratch AS docs-reference
COPY docs/reference/*.yaml .
ci: use latest stable dockerfile syntax & rename docs Dockerfile (#9711) * update dockerfiles to use latest stable syntax Some Dockerfiles were pinned to a minor release, which meant they wouldn't be updated to get the latest stable syntax (and fixes), and one Dockerfile used the "labs" variant to use the HEREDOC syntax, which has now been promoted to the stable syntax. * docs: rename Dockerfile There's no other Dockerfiles in the same path, so the "docs" prefix was redundant. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2022-08-03 22:36:13 +02:00			`# syntax=docker/dockerfile:1`
Update or add license header which are not valid Signed-off-by: Guillaume Lours <guillaume.lours@docker.com> 2020-08-17 16:20:02 +02:00

Update copyright Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-22 12:13:00 +02:00			`# Copyright 2020 Docker Compose CLI authors`
Add license headers 2020-06-18 16:13:24 +02:00
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`

			`# http://www.apache.org/licenses/LICENSE-2.0`

			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
Update copyright Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-22 12:13:00 +02:00
update to go1.20.7 Includes a fix for CVE-2023-29409 go1.20.7 (released 2023-08-01) includes a security fix to the crypto/tls package, as well as bug fixes to the assembler and the compiler. See the Go 1.20.7 milestone on our issue tracker for details: - https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved - full diff: https://github.com/golang/go/compare/go1.20.6...go1.20.7 From the mailing list announcement: [security] Go 1.20.7 and Go 1.19.12 are released Hello gophers, We have just released Go versions 1.20.7 and 1.19.12, minor point releases. These minor releases include 1 security fixes following the security policy: - crypto/tls: restrict RSA keys in certificates to <= 8192 bits Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. Limit this by restricting the size of RSA keys transmitted during handshakes to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable. Thanks to Mateusz Poliwczak for reporting this issue. View the release notes for more information: https://go.dev/doc/devel/release#go1.20.7 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> 2023-08-02 00:22:13 +02:00			`ARG GO_VERSION=1.20.7`
ci: bump Go to 1.20.3 and various dependencies Use latest Go minor release. Note: this release included fixes for several CVEs, but they do not impact Compose. Small errors have been fixed to keep the linter happy. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-04-04 21:10:01 +02:00			`ARG XX_VERSION=1.2.1`
ci: bump golangci-lint to v1.53.x (#10659) Requires some changes for depguard config Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-06 22:31:41 +02:00			`ARG GOLANGCI_LINT_VERSION=v1.53.2`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`ARG ADDLICENSE_VERSION=v1.0.0`

Remove unused kube tag Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com> 2023-01-09 12:37:55 +01:00			`ARG BUILD_TAGS="e2e"`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`ARG DOCS_FORMATS="md,yaml"`
			`ARG LICENSE_FILES=".*\(Dockerfile\\|Makefile\\|\.go\\|\.hcl\\|\.sh\)"`

			`# xx is a helper for cross-compilation`
			`FROM --platform=${BUILDPLATFORM} tonistiigi/xx:${XX_VERSION} AS xx`

use CGO to enable fsevent on OSX Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2023-02-07 14:57:45 +01:00			`# osxcross contains the MacOSX cross toolchain for xx`
			`FROM crazymax/osxcross:11.3-alpine AS osxcross`

Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine AS golangci-lint`
			`FROM ghcr.io/google/addlicense:${ADDLICENSE_VERSION} AS addlicense`

			`FROM --platform=${BUILDPLATFORM} golang:${GO_VERSION}-alpine AS base`
			`COPY --from=xx / /`
			`RUN apk add --no-cache \`
use CGO to enable fsevent on OSX Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2023-02-07 14:57:45 +01:00			`clang \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`docker \`
			`file \`
adjust code and dependencies Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2023-01-30 11:58:55 +01:00			`findutils \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`git \`
Makefile: mutualize local and Dockerfile build opts (#9776) Ensure that everything works nicely for `docker-ce-packaging` as well as local development. Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-26 22:06:24 +02:00			`make \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`protoc \`
			`protobuf-dev`
			`WORKDIR /src`
			`ENV CGO_ENABLED=0`

			`FROM base AS build-base`
More Dockerfile best practices * Use mounts for RUN commands to avoid creating extra layers * Use built-in platform support Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2020-05-29 11:30:12 +02:00			`COPY go.* .`
build: Use BuildKit cache for modules Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-23 17:13:27 +02:00			`RUN --mount=type=cache,target=/go/pkg/mod \`
build: Include go cache where module cache is used Signed-off-by: Chris Crone <christopher.crone@docker.com> 2021-05-19 16:59:21 +02:00			`--mount=type=cache,target=/root/.cache/go-build \`
build: Use BuildKit cache for modules Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-23 17:13:27 +02:00			`go mod download`
Use go modules on build 2020-05-04 23:49:40 +02:00
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM build-base AS vendored`
			`RUN --mount=type=bind,target=.,rw \`
build: Use BuildKit cache for modules Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-23 17:13:27 +02:00			`--mount=type=cache,target=/go/pkg/mod \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`go mod tidy && mkdir /out && cp go.mod go.sum /out`

			`FROM scratch AS vendor-update`
			`COPY --from=vendored /out /`

			`FROM vendored AS vendor-validate`
			`RUN --mount=type=bind,target=.,rw <<EOT`
			`set -e`
			`git add -A`
			`cp -rf /out/* .`
			`diff=$(git status --porcelain -- go.mod go.sum)`
			`if [ -n "$diff" ]; then`
			`echo >&2 'ERROR: Vendor result differs. Please vendor your package with "make go-mod-tidy"'`
			`echo "$diff"`
			`exit 1`
			`fi`
			`EOT`

			`FROM build-base AS build`
Build example and local backend conditionaly * `make` will build the cli with all backends exnabled * `make cross` will cross build without the example and local backend You can still cross compile with all backends by doing ```console $ BUILD_TAGS=example,local make cross ``` Signed-off-by: Djordje Lukic <djordje.lukic@docker.com> 2020-06-15 17:41:59 +02:00			`ARG BUILD_TAGS`
use go 1.20 -cover support Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2023-03-10 10:08:24 +01:00			`ARG BUILD_FLAGS`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`ARG TARGETPLATFORM`
			`RUN --mount=type=bind,target=. \`
			`--mount=type=cache,target=/root/.cache \`
build: Use BuildKit cache for modules Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-23 17:13:27 +02:00			`--mount=type=cache,target=/go/pkg/mod \`
use CGO to enable fsevent on OSX Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2023-02-07 14:57:45 +01:00			`--mount=type=bind,from=osxcross,src=/osxsdk,target=/xx-sdk \`
			`xx-go --wrap && \`
			`if [ "$(xx-info os)" == "darwin" ]; then export CGO_ENABLED=1; fi && \`
ci: merge Go coverage reports before upload (#10666) Attempting to fix the state of codecov action checks right now, which are behaving very erratically. Using the new functionality in Go 1.20 to merge multiple reports, so now the unit & E2E coverage data reports are stored as artifacts and then downloaded, merged, and finally uploaded to codecov as a new job. Additionally, add a `codecov.yml` config and try to turn down the aggressiveness of it for CI checks. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-08 20:58:21 +02:00			`make build GO_BUILDTAGS="$BUILD_TAGS" DESTDIR=/out && \`
			`xx-verify --static /out/docker-compose`
split compose-cli "docker" and composeV2 cli-plugin release processes Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com> 2021-05-27 12:10:37 +02:00
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM build-base AS lint`
			`ARG BUILD_TAGS`
			`RUN --mount=type=bind,target=. \`
			`--mount=type=cache,target=/root/.cache \`
ci: speed up a couple Dockerfile targets w/ cache mount The local Go package module path was missing from a couple of jobs, which made them slower than needed since they were re-downloading a bunch of dependencies. In particular, this makes `make lint` waaaay faster! Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-07-10 18:26:16 +02:00			`--mount=type=cache,target=/go/pkg/mod \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`--mount=from=golangci-lint,source=/usr/bin/golangci-lint,target=/usr/bin/golangci-lint \`
			`golangci-lint run --build-tags "$BUILD_TAGS" ./...`
Dockerize build and proto gen Signed-off-by: Ulysses Souza <ulyssessouza@gmail.com> 2020-04-22 10:04:11 +02:00
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM build-base AS test`
			`ARG CGO_ENABLED=0`
build: Set version when building with Docker Signed-off-by: Christopher Crone <christopher.crone@docker.com> 2020-07-07 15:48:09 +02:00			`ARG BUILD_TAGS`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`RUN --mount=type=bind,target=. \`
			`--mount=type=cache,target=/root/.cache \`
build: Use BuildKit cache for modules Signed-off-by: Chris Crone <christopher.crone@docker.com> 2020-09-23 17:13:27 +02:00			`--mount=type=cache,target=/go/pkg/mod \`
ci: merge Go coverage reports before upload (#10666) Attempting to fix the state of codecov action checks right now, which are behaving very erratically. Using the new functionality in Go 1.20 to merge multiple reports, so now the unit & E2E coverage data reports are stored as artifacts and then downloaded, merged, and finally uploaded to codecov as a new job. Additionally, add a `codecov.yml` config and try to turn down the aggressiveness of it for CI checks. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-08 20:58:21 +02:00			`rm -rf /tmp/coverage && \`
			`mkdir -p /tmp/coverage && \`
			`go test -tags "$BUILD_TAGS" -v -cover -covermode=atomic $(go list $(TAGS) ./... \| grep -vE 'e2e') -args -test.gocoverdir="/tmp/coverage" && \`
			`go tool covdata percent -i=/tmp/coverage`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00
			`FROM scratch AS test-coverage`
ci: merge Go coverage reports before upload (#10666) Attempting to fix the state of codecov action checks right now, which are behaving very erratically. Using the new functionality in Go 1.20 to merge multiple reports, so now the unit & E2E coverage data reports are stored as artifacts and then downloaded, merged, and finally uploaded to codecov as a new job. Additionally, add a `codecov.yml` config and try to turn down the aggressiveness of it for CI checks. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-08 20:58:21 +02:00			`COPY --from=test --link /tmp/coverage /`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00
			`FROM base AS license-set`
			`ARG LICENSE_FILES`
			`RUN --mount=type=bind,target=.,rw \`
			`--mount=from=addlicense,source=/app/addlicense,target=/usr/bin/addlicense \`
			`find . -regex "${LICENSE_FILES}" \| xargs addlicense -c 'Docker Compose CLI' -l apache && \`
			`mkdir /out && \`
			`find . -regex "${LICENSE_FILES}" \| cpio -pdm /out`

			`FROM scratch AS license-update`
			`COPY --from=set /out /`

			`FROM base AS license-validate`
			`ARG LICENSE_FILES`
			`RUN --mount=type=bind,target=. \`
			`--mount=from=addlicense,source=/app/addlicense,target=/usr/bin/addlicense \`
			`find . -regex "${LICENSE_FILES}" \| xargs addlicense -check -c 'Docker Compose CLI' -l apache -ignore validate -ignore testdata -ignore resolvepath -v`

			`FROM base AS docsgen`
			`WORKDIR /src`
Add CI step to check license headers Signed-off-by: Guillaume Lours <guillaume.lours@docker.com> 2020-08-17 15:18:47 +02:00			`RUN --mount=target=. \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`--mount=target=/root/.cache,type=cache \`
ci: speed up a couple Dockerfile targets w/ cache mount The local Go package module path was missing from a couple of jobs, which made them slower than needed since they were re-downloading a bunch of dependencies. In particular, this makes `make lint` waaaay faster! Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-07-10 18:26:16 +02:00			`--mount=type=cache,target=/go/pkg/mod \`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`go build -o /out/docsgen ./docs/yaml/main/generate.go`

			`FROM --platform=${BUILDPLATFORM} alpine AS docs-build`
			`RUN apk add --no-cache rsync git`
			`WORKDIR /src`
			`COPY --from=docsgen /out/docsgen /usr/bin`
			`ARG DOCS_FORMATS`
			`RUN --mount=target=/context \`
			`--mount=target=.,type=tmpfs <<EOT`
			`set -e`
			`rsync -a /context/. .`
			`docsgen --formats "$DOCS_FORMATS" --source "docs/reference"`
			`mkdir /out`
			`cp -r docs/reference /out`
			`EOT`

			`FROM scratch AS docs-update`
			`COPY --from=docs-build /out /out`

			`FROM docs-build AS docs-validate`
			`RUN --mount=target=/context \`
			`--mount=target=.,type=tmpfs <<EOT`
			`set -e`
			`rsync -a /context/. .`
			`git add -A`
			`rm -rf docs/reference/*`
			`cp -rf /out/* ./docs/`
			`if [ -n "$(git status --porcelain -- docs/reference)" ]; then`
			`echo >&2 'ERROR: Docs result differs. Please update with "make docs"'`
			`git status --porcelain -- docs/reference`
			`exit 1`
			`fi`
			`EOT`

			`FROM scratch AS binary-unix`
ci: merge Go coverage reports before upload (#10666) Attempting to fix the state of codecov action checks right now, which are behaving very erratically. Using the new functionality in Go 1.20 to merge multiple reports, so now the unit & E2E coverage data reports are stored as artifacts and then downloaded, merged, and finally uploaded to codecov as a new job. Additionally, add a `codecov.yml` config and try to turn down the aggressiveness of it for CI checks. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-08 20:58:21 +02:00			`COPY --link --from=build /out/docker-compose /`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM binary-unix AS binary-darwin`
			`FROM binary-unix AS binary-linux`
			`FROM scratch AS binary-windows`
ci: merge Go coverage reports before upload (#10666) Attempting to fix the state of codecov action checks right now, which are behaving very erratically. Using the new functionality in Go 1.20 to merge multiple reports, so now the unit & E2E coverage data reports are stored as artifacts and then downloaded, merged, and finally uploaded to codecov as a new job. Additionally, add a `codecov.yml` config and try to turn down the aggressiveness of it for CI checks. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2023-06-08 20:58:21 +02:00			`COPY --link --from=build /out/docker-compose /docker-compose.exe`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00			`FROM binary-$TARGETOS AS binary`
build and push binaries images when a PR is merged or a tag pushed Signed-off-by: Guillaume Lours <705411+glours@users.noreply.github.com> 2023-03-14 11:08:04 +01:00			`# enable scanning for this stage`
			`ARG BUILDKIT_SBOM_SCAN_STAGE=true`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00
			`FROM --platform=$BUILDPLATFORM alpine AS releaser`
			`WORKDIR /work`
			`ARG TARGETOS`
			`ARG TARGETARCH`
			`ARG TARGETVARIANT`
			`RUN --mount=from=binary \`
			`mkdir -p /out && \`
			`# TODO: should just use standard arch`
			`TARGETARCH=$([ "$TARGETARCH" = "amd64" ] && echo "x86_64" \|\| echo "$TARGETARCH"); \`
			`TARGETARCH=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" \|\| echo "$TARGETARCH"); \`
ci: fix checksums file Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-14 22:29:57 +02:00			`cp docker-compose* "/out/docker-compose-${TARGETOS}-${TARGETARCH}${TARGETVARIANT}$(ls docker-compose* \| sed -e 's/^docker-compose//')"`
Better sandboxed workflow and enhanced cross compilation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-08-12 15:05:52 +02:00
			`FROM scratch AS release`
			`COPY --from=releaser /out/ /`
ci: release workflow to open a PR on docs repo with latest changes Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-06-24 18:40:04 +02:00
			`# docs-reference is a target used as remote context to update docs on release`
ci: update docs repo path The Docker docs now live at `docker/docs` instead of `docker/docker.github.io`. Signed-off-by: Milas Bowman <milas.bowman@docker.com> 2022-09-29 19:09:25 +02:00			`# with latest changes on docs.docker.com.`
ci: release workflow to open a PR on docs repo with latest changes Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2022-06-24 18:40:04 +02:00			`# see open-pr job in .github/workflows/docs.yml for more details`
			`FROM scratch AS docs-reference`
			`COPY docs/reference/*.yaml .`