Skip to content

Commit

Permalink
enable hermetic builds
Browse files Browse the repository at this point in the history
additionally adding prefetch-input but commenting it out due to pre-fetch dependencies go 1.21 dependency
  • Loading branch information
Gregory-Pereira committed Nov 30, 2023
1 parent edba5d3 commit bc18fdb
Show file tree
Hide file tree
Showing 8 changed files with 39 additions and 18 deletions.
1 change: 0 additions & 1 deletion .dockerignore

This file was deleted.

4 changes: 4 additions & 0 deletions .tekton/backfill-redis-1-0-gamma-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ spec:
value: '{{revision}}'
- name: build-source-image
value: "true"
- name: hermetic
value: "true"
- name: prefetch-input
value: [{"path": ".", "type": "gomod"}, {"path": "./hack/tools", "type": "gomod"}]
pipelineSpec:
finally:
- name: show-sbom
Expand Down
4 changes: 4 additions & 0 deletions .tekton/backfill-redis-1-0-gamma-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@ spec:
value: '{{revision}}'
- name: build-source-image
value: "true"
- name: hermetic
value: "true"
- name: prefetch-input
value: [{"path": ".", "type": "gomod"}, {"path": "./hack/tools", "type": "gomod"}]
pipelineSpec:
finally:
- name: show-sbom
Expand Down
4 changes: 4 additions & 0 deletions .tekton/rekor-server-1-0-gamma-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ spec:
value: '{{revision}}'
- name: build-source-image
value: "true"
- name: hermetic
value: "true"
- name: prefetch-input
value: [{"path": ".", "type": "gomod"}, {"path": "./hack/tools", "type": "gomod"}]
pipelineSpec:
finally:
- name: show-sbom
Expand Down
4 changes: 4 additions & 0 deletions .tekton/rekor-server-1-0-gamma-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@ spec:
value: '{{revision}}'
- name: build-source-image
value: "true"
- name: hermetic
value: "true"
- name: prefetch-input
value: [{"path": ".", "type": "gomod"}, {"path": "./hack/tools", "type": "gomod"}]
pipelineSpec:
finally:
- name: show-sbom
Expand Down
15 changes: 9 additions & 6 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -13,23 +13,26 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.21@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env

RUN mkdir /opt/app-root && mkdir /opt/app-root/src && mkdir /opt/app-root/src/cmd && mkdir /opt/app-root/src/pkg && git config --global --add safe.directory /opt/app-root/src

ENV APP_ROOT=/opt/app-root
ENV GOPATH=$APP_ROOT


WORKDIR $APP_ROOT/src/
ADD go.mod go.sum $APP_ROOT/src/
RUN CGO_ENABLED=0 go mod download

# Add source code
ADD ./cmd/ $APP_ROOT/src/cmd/
ADD ./pkg/ $APP_ROOT/src/pkg/

RUN go mod tidy && go mod vendor

ARG SERVER_LDFLAGS
RUN go build -ldflags "${SERVER_LDFLAGS}" ./cmd/rekor-server
RUN CGO_ENABLED=0 go build -gcflags "all=-N -l" -ldflags "${SERVER_LDFLAGS}" -o rekor-server_debug ./cmd/rekor-server
RUN go test -c -ldflags "${SERVER_LDFLAGS}" -cover -covermode=count -coverpkg=./... -o rekor-server_test ./cmd/rekor-server
RUN go build -ldflags "${SERVER_LDFLAGS}" -mod=readonly ./cmd/rekor-server
RUN CGO_ENABLED=0 go build -gcflags "all=-N -l" -ldflags "${SERVER_LDFLAGS}" -o rekor-server_debug -mod=readonly ./cmd/rekor-server
RUN go test -c -ldflags "${SERVER_LDFLAGS}" -cover -covermode=count -coverpkg=./... -o rekor-server_test -mod=readonly ./cmd/rekor-server

# debug compile options & debugger
FROM registry.access.redhat.com/ubi9/go-toolset@sha256:c3a9c5c7fb226f6efcec2424dd30c38f652156040b490c9eca5ac5b61d8dc3ca as debug
Expand Down
20 changes: 12 additions & 8 deletions Dockerfile.backfill-redis
Original file line number Diff line number Diff line change
@@ -1,15 +1,19 @@
#Build stage
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
# Build stage

FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.21@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
USER root
ENV APP_ROOT=/opt/app-root
RUN mkdir /opt/app-root && mkdir /opt/app-root/src && git config --global --add safe.directory /opt/app-root/src

WORKDIR /opt/app-root/src/
COPY . .

RUN CGO_ENABLED=0 go mod download

WORKDIR $APP_ROOT/src/

RUN git config --global --add safe.directory /opt/app-root/src
ADD . .
RUN go mod tidy && go mod vendor && make backfill-redis
ARG SERVER_LDFLAGS
RUN CGO_ENABLED=0 go build -mod=readonly -trimpath -ldflags "$(SERVER_LDFLAGS)" -o backfill-redis ./cmd/backfill-redis

#Install stage
# Install stage
FROM registry.access.redhat.com/ubi9/ubi-minimal@sha256:7d1ea7ac0c6f464dac7bae6994f1658172bf6068229f40778a513bc90f47e624
COPY --from=build-env /opt/app-root/src/backfill-redis /usr/local/bin/backfill-redis
WORKDIR /opt/app-root/src/home
Expand Down
5 changes: 2 additions & 3 deletions Dockerfile.cli
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
#Build stage
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.21@sha256:98a0ff138c536eee98704d6909699ad5d0725a20573e2c510a60ef462b45cce0 AS build-env
USER root

RUN mkdir /opt/app-root && mkdir /opt/app-root/src
RUN mkdir /opt/app-root && mkdir /opt/app-root/src && git config --global --add safe.directory /opt/app-root/src

WORKDIR /opt/app-root/src

RUN git config --global --add safe.directory /opt/app-root/src
COPY . .

WORKDIR /opt/app-root/src/hack/tools
Expand Down

0 comments on commit bc18fdb

Please sign in to comment.