|
| 1 | +ARG GITOXIDE_VERSION=0.36.0 |
| 2 | + |
| 3 | +FROM rust:1-slim-bookworm AS bootstrap_os |
| 4 | + ENV DEBIAN_FRONTEND="noninteractive" |
| 5 | + |
| 6 | + # hadolint ignore=DL3008,DL3009 |
| 7 | + RUN apt-get update -y \ |
| 8 | + && apt-get upgrade -y --no-install-recommends --no-install-suggests ca-certificates \ |
| 9 | + && apt-get install -y --no-install-recommends libssl3 zlib1g \ |
| 10 | + && apt-mark showmanual > /tmp/runtime_apt_mark.txt |
| 11 | + |
| 12 | +FROM bootstrap_os AS bootstrap_build_deps |
| 13 | + # hadolint ignore=SC2046 |
| 14 | + RUN apt-mark auto '.*' > /dev/null \ |
| 15 | + && apt-get upgrade -y --no-install-recommends libssl-dev clang cmake make pkg-config \ |
| 16 | + && apt-mark manual $(cat /tmp/runtime_apt_mark.txt) > /dev/null |
| 17 | + |
| 18 | + |
| 19 | +FROM bootstrap_build_deps AS bootstrap_builder |
| 20 | + ARG GITOXIDE_VERSION |
| 21 | + |
| 22 | + ENV RUST_BACKTRACE=1 \ |
| 23 | + CC=clang \ |
| 24 | + CXX=clang++ \ |
| 25 | + MAKEOPTS="-j$(getconf _NPROCESSORS_ONLN)" |
| 26 | + |
| 27 | + RUN cargo install gitoxide --version "${GITOXIDE_VERSION}" --message-format short \ |
| 28 | + && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ |
| 29 | + && rm -rf /var/lib/apt/lists/* /tmp/runtime_apt_mark.txt |
| 30 | + |
| 31 | + |
| 32 | +# contain minimally required bits |
| 33 | +FROM debian:bookworm-slim |
| 34 | + COPY --from=bootstrap_os /etc/apt/sources.list.d/debian.mirrored.sources.list /etc/apt/sources.list.d/ |
| 35 | + COPY --from=bootstrap_os /tmp/runtime_apt_mark.txt /tmp |
| 36 | + |
| 37 | + ENV DEBIAN_FRONTEND="noninteractive" |
| 38 | + |
| 39 | + # hadolint ignore=DL3008,SC2016 |
| 40 | + RUN apt-get update -y \ |
| 41 | + && apt-get install -y --no-install-recommends --no-install-suggests ca-certificates \ |
| 42 | + && apt-mark manual $(cat /tmp/runtime_apt_mark.txt) > /dev/null \ |
| 43 | + && { \ |
| 44 | + echo '#!/bin/sh'; \ |
| 45 | + echo 'set -eu'; \ |
| 46 | + echo 'if [ "${#}" -gt 0 ] && [ "${1#-}" = "${1}" ] \'; \ |
| 47 | + echo ' && command -v "${1}" > "/dev/null" 2>&1; then'; \ |
| 48 | + echo ' exec "${@}"'; \ |
| 49 | + echo 'else exec /bin/shfmt "${@}"; fi'; \ |
| 50 | + echo 'exit 0'; \ |
| 51 | + } > /init && chmod +x /init |
| 52 | + |
| 53 | + COPY --from=bootstrap_builder /usr/local/cargo/bin/gix /usr/local/cargo/bin |
| 54 | + COPY --from=bootstrap_builder /usr/local/cargo/bin/ein /usr/local/cargo/bin |
| 55 | + |
| 56 | + WORKDIR /usr/local/cargo/bin |
| 57 | + |
| 58 | + SHELL [ "/bin/bash", "-e", "-o", "pipefail", "-c" ] |
| 59 | + |
| 60 | + # hadolint ignore=SC2046,DL3008 |
| 61 | + RUN find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' \ |
| 62 | + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \ |
| 63 | + | xargs -r dpkg-query --search | cut -d: -f1 | sort -u | xargs -r apt-mark manual \ |
| 64 | + && apt-get upgrade -y --no-install-recommends --no-install-suggests \ |
| 65 | + && rm -rf /var/lib/apt/lists/* /tmp/runtime_apt_mark.txt |
| 66 | + |
| 67 | + ENV PATH="/usr/local/cargo/bin:${PATH}" |
| 68 | + |
| 69 | + HEALTHCHECK --retries=1 --timeout=15s CMD gix help |
| 70 | + |
| 71 | + ENTRYPOINT [ "/init" ] |
| 72 | + |
| 73 | + |
| 74 | +FROM scratch |
| 75 | + COPY --from=bootstrap_builder /usr/local/cargo/bin/gix /bin/ |
| 76 | + COPY --from=bootstrap_builder /usr/local/cargo/bin/ein /bin/ |
| 77 | + |
| 78 | + ENTRYPOINT [ "/bin/gix" ] |
| 79 | + |
| 80 | + CMD [ "/bin/gix" ] |
| 81 | + |
| 82 | +# vi: nospell |
0 commit comments