-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile.musl
81 lines (65 loc) · 3.02 KB
/
Dockerfile.musl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
ARG GRAALVM_TAG
# Set up a default build environment for our components
FROM ghcr.io/graalvm/graalvm-ce:${GRAALVM_TAG}
# Versions to install here
ARG MUSL_VERSION=1.2.3
ARG MAVEN_VERSION=3.8.7
ARG LIBSTDC_VERSION=11
ARG UPX_VERSION=4.0.0
ARG ZLIB_VERSION=1.2.11
# Install xz (for use with UPX) and other utilities
RUN microdnf install -y xz jq zip \
&& microdnf clean all
# ---------------------------------------------------------------------
# Maven
# ---------------------------------------------------------------------
ENV M2_HOME=/opt/maven
ENV MAVEN_HOME=${M2_HOME}
ENV PATH=${MAVEN_HOME}/bin:${PATH}
WORKDIR ${MAVEN_HOME}
RUN MAVEN_BASE_URL="https://archive.apache.org/dist/maven/maven-3/${MAVEN_VERSION}/binaries/" \
&& MAVEN_DOWNLOAD="/tmp/apache-maven.tar.gz" \
&& curl -s -o ${MAVEN_DOWNLOAD} ${MAVEN_BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
&& tar -xzf ${MAVEN_DOWNLOAD} -C ${MAVEN_HOME} --strip-components=1
RUN gu install native-image
# ---------------------------------------------------------------------
# Musl
# ---------------------------------------------------------------------
ENV TOOLCHAIN_DIR="/opt/build"
ENV PATH="${TOOLCHAIN_DIR}/bin:${PATH}"
WORKDIR ${TOOLCHAIN_DIR}
ADD rootfs/ /
# Install musl-gcc to compile statically against
WORKDIR /opt/musl
RUN MUSL_DOWNLOAD="/tmp/musl.tar.gz" \
&& ARCH=$(arch) \
&& curl -s -L -o ${MUSL_DOWNLOAD} https://musl.libc.org/releases/musl-${MUSL_VERSION}.tar.gz \
&& tar -xvzf ${MUSL_DOWNLOAD} --strip-components 1 \
&& ./configure --disable-shared --prefix=${TOOLCHAIN_DIR} \
&& make install \
&& ln -s ${BUILD_TOOL_DIR}/bin/musl-gcc ${TOOLCHAIN_DIR}/bin/$(arch)-linux-musl-gcc \
&& ln -s ${BUILD_TOOL_DIR}/bin/musl-gcc ${TOOLCHAIN_DIR}/bin/gcc
ENV CC="${TOOLCHAIN_DIR}/bin/gcc"
# ---------------------------------------------------------------------
# Zlib
# ---------------------------------------------------------------------
# Use the container's libstdc++ (it works as well as using Alpine's)
RUN echo "System's libstdc version: $(ls /usr/lib/gcc/*-redhat-linux/)" \
&& cp /usr/lib/gcc/*-redhat-linux/${LIBSTDC_VERSION}/libstdc++.a ${TOOLCHAIN_DIR}/lib/
# Setup static zlib library
RUN cp /usr/lib64/libz.a ${TOOLCHAIN_DIR}/lib/
# ---------------------------------------------------------------------
# UPX
# ---------------------------------------------------------------------
# Install UPX for optional compression of the application
WORKDIR /opt/upx
RUN UPX_DOWNLOAD="/tmp/upx.tar.xz" \
&& UPX_BASE_URL="https://github.com/upx/upx/releases/download" \
&& curl -s -L -o ${UPX_DOWNLOAD} ${UPX_BASE_URL}/v${UPX_VERSION}/upx-${UPX_VERSION}-$(download-arch)_linux.tar.xz \
&& tar -xvf ${UPX_DOWNLOAD} --strip-components 1 \
&& mv upx ${TOOLCHAIN_DIR}/bin
# Put GraalVM's cacerts in a predictable place so they can be copied
RUN ln -s /etc/pki/java/cacerts /etc/default/cacerts
# Clean up build artifacts and set a default working directory
WORKDIR /
RUN rm -rf ${UPX_DOWNLOAD} /opt/upx ${MUSL_DOWNLOAD} /opt/musl ${MAVEN_DOWNLOAD}