Browse code
Dockerfile: remove hardcoded platforms for vpnkit stage
Current Dockerfile downloads vpnkit for both linux/amd64
and linux/arm64 platforms even if target platform does not
match. This change will download vpnkit only if target
platform matches, otherwise it will just use a dummy scratch
stage.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
CrazyMax authored on 2022/11/18 08:23:20Showing 3 changed files
| ... | ... |
@@ -289,13 +289,18 @@ RUN --mount=type=tmpfs,target=/tmp/crun-build \ |
| 289 | 289 |
./configure --bindir=/build && \ |
| 290 | 290 |
make -j install |
| 291 | 291 |
|
| 292 |
-FROM --platform=amd64 djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-amd64
|
|
| 293 |
- |
|
| 294 |
-FROM --platform=arm64 djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-arm64
|
|
| 295 |
- |
|
| 296 |
-FROM scratch AS vpnkit |
|
| 297 |
-COPY --from=vpnkit-amd64 /vpnkit /build/vpnkit.x86_64 |
|
| 298 |
-COPY --from=vpnkit-arm64 /vpnkit /build/vpnkit.aarch64 |
|
| 292 |
+# vpnkit |
|
| 293 |
+# use dummy scratch stage to avoid build to fail for unsupported platforms |
|
| 294 |
+FROM scratch AS vpnkit-windows |
|
| 295 |
+FROM scratch AS vpnkit-linux-386 |
|
| 296 |
+FROM scratch AS vpnkit-linux-arm |
|
| 297 |
+FROM scratch AS vpnkit-linux-ppc64le |
|
| 298 |
+FROM scratch AS vpnkit-linux-riscv64 |
|
| 299 |
+FROM scratch AS vpnkit-linux-s390x |
|
| 300 |
+FROM djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-linux-amd64
|
|
| 301 |
+FROM djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit-linux-arm64
|
|
| 302 |
+FROM vpnkit-linux-${TARGETARCH} AS vpnkit-linux
|
|
| 303 |
+FROM vpnkit-${TARGETOS} AS vpnkit
|
|
| 299 | 304 |
|
| 300 | 305 |
# TODO: Some of this is only really needed for testing, it would be nice to split this up |
| 301 | 306 |
FROM runtime-dev AS dev-systemd-false |
| ... | ... |
@@ -369,7 +374,7 @@ COPY --from=shfmt /build/ /usr/local/bin/ |
| 369 | 369 |
COPY --from=runc /build/ /usr/local/bin/ |
| 370 | 370 |
COPY --from=containerd /build/ /usr/local/bin/ |
| 371 | 371 |
COPY --from=rootlesskit /build/ /usr/local/bin/ |
| 372 |
-COPY --from=vpnkit /build/ /usr/local/bin/ |
|
| 372 |
+COPY --from=vpnkit / /usr/local/bin/ |
|
| 373 | 373 |
COPY --from=crun /build/ /usr/local/bin/ |
| 374 | 374 |
COPY hack/dockerfile/etc/docker/ /etc/docker/ |
| 375 | 375 |
ENV PATH=/usr/local/cli:$PATH |
| ... | ... |
@@ -416,7 +421,7 @@ COPY --from=tini /build/ /usr/local/bin/ |
| 416 | 416 |
COPY --from=runc /build/ /usr/local/bin/ |
| 417 | 417 |
COPY --from=containerd /build/ /usr/local/bin/ |
| 418 | 418 |
COPY --from=rootlesskit /build/ /usr/local/bin/ |
| 419 |
-COPY --from=vpnkit /build/ /usr/local/bin/ |
|
| 419 |
+COPY --from=vpnkit / /usr/local/bin/ |
|
| 420 | 420 |
COPY --from=gowinres /build/ /usr/local/bin/ |
| 421 | 421 |
WORKDIR /go/src/github.com/docker/docker |
| 422 | 422 |
|
| ... | ... |
@@ -79,7 +79,6 @@ if [ -n "$DOCKER_ROOTLESS" ]; then |
| 79 | 79 |
echo >&2 '# DOCKER_ROOTLESS requires TEST_SKIP_INTEGRATION_CLI to be set' |
| 80 | 80 |
exit 1 |
| 81 | 81 |
fi |
| 82 |
- ln -sf "$(command -v vpnkit."$(uname -m)")" /usr/local/bin/vpnkit |
|
| 83 | 82 |
user="unprivilegeduser" |
| 84 | 83 |
uid=$(id -u $user) |
| 85 | 84 |
# shellcheck disable=SC2174 |
| ... | ... |
@@ -17,10 +17,10 @@ copy_binaries() {
|
| 17 | 17 |
for file in containerd containerd-shim-runc-v2 ctr runc docker-init rootlesskit rootlesskit-docker-proxy dockerd-rootless.sh dockerd-rootless-setuptool.sh; do |
| 18 | 18 |
cp -f "$(command -v "$file")" "$dir/" |
| 19 | 19 |
done |
| 20 |
- |
|
| 21 |
- # vpnkit is available for x86_64 and aarch64 |
|
| 22 |
- if command -v "vpnkit.$(uname -m)" 2>&1 > /dev/null; then |
|
| 23 |
- cp -f "$(command -v "vpnkit.$(uname -m)")" "$dir/vpnkit" |
|
| 20 |
+ # vpnkit might not be available for the target platform, see vpnkit stage in |
|
| 21 |
+ # the Dockerfile for more information. |
|
| 22 |
+ if command -v vpnkit > /dev/null 2>&1; then |
|
| 23 |
+ cp -f "$(command -v vpnkit)" "$dir/" |
|
| 24 | 24 |
fi |
| 25 | 25 |
} |
| 26 | 26 |
|