diff --git a/Dockerfile b/Dockerfile index 31a77d2..82a8d3f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -46,17 +46,20 @@ ENV \ GO111MODULE=on RUN set -eux && \ apk add --no-cache \ - build-base \ - git + binutils \ + gcc \ + git \ + libc-dev \ + musl-dev ARG PROTOC_GEN_GO_VERSION RUN --mount=type=cache,target=/go/pkg/mod --mount=type=cache,target=/root/.cache \ set -eux && \ - GOBIN="${OUTDIR}/usr/local/bin" go install -v -tags='osusergo,netgo,static,static_build' -buildmode=pie -ldflags='-s -w -d -linkmode external "-extldflags=-static-pie"' -installsuffix='netgo' \ + GOBIN="${OUTDIR}/usr/local/bin" go install -v -tags='osusergo,netgo,static,static_build' -buildmode=pie -ldflags='-s -w -d -linkmode external -buildid= "-extldflags=-static-pie"' -installsuffix='netgo' \ google.golang.org/protobuf/cmd/protoc-gen-go@${PROTOC_GEN_GO_VERSION} ARG PROTOC_GEN_GO_GRPC_VERSION RUN --mount=type=cache,target=/go/pkg/mod --mount=type=cache,target=/root/.cache \ set -eux && \ - GOBIN="${OUTDIR}/usr/local/bin" go install -v -tags='osusergo,netgo,static,static_build' -buildmode=pie -ldflags='-s -w -d -linkmode external "-extldflags=-static-pie"' -installsuffix='netgo' \ + GOBIN="${OUTDIR}/usr/local/bin" go install -v -tags='osusergo,netgo,static,static_build' -buildmode=pie -ldflags='-s -w -d -linkmode external -buildid= "-extldflags=-static-pie"' -installsuffix='netgo' \ google.golang.org/grpc/cmd/protoc-gen-go-grpc@${PROTOC_GEN_GO_GRPC_VERSION} FROM gcr.io/distroless/base:nonroot AS golang diff --git a/cloudbuild.yaml b/cloudbuild.yaml index 9b1a8b8..47dde65 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -1,143 +1,159 @@ steps: - - id: docker + - id: buildkit name: docker:20.10 + env: + - "DOCKER_BUILDKIT=1" + entrypoint: "docker" args: + - image - build - - --target=docker - --build-arg=DOCKER_VERSION=${_DOCKER_VERSION} - - --build-arg=BUILDX_DIGEST=${_BUILDX_DIGEST} - - --tag=docker-buildx:cloudbuild - - --file=hack/dockerfiles/buildx.dockerfile - - hack/dockerfiles - env: - - "DOCKER_BUILDKIT=1" - waitFor: ["-"] + - --build-arg=BUILDKIT_VERSION=${_BUILDKIT_VERSION} + - -t + - buildkit:cloudbuild + - --target=buildkit + - --file=./hack/dockerfiles/buildkit.dockerfile + - ./hack/dockerfiles + waitFor: + - "-" + + - id: bootstrap_buildkitd + name: buildkit:cloudbuild + entrypoint: "docker" + args: + - container + - run + - --detach + - --privileged + - --name=buildkitd + - --network=cloudbuild + - moby/buildkit:${_BUILDKIT_VERSION} + waitFor: + - "buildkit" - id: protoc-builder - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=protoc-builder - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --allow=network.host - - --network=host - - . - waitFor: ["docker"] + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=protoc-builder + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --export-cache=type=inline + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/protoc-builder:cloudbuild_cache + waitFor: + - "bootstrap_buildkitd" - id: protoc - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=protoc - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION},push=false - - --allow=network.host - - --network=host - - . + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=protoc + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION},push=true,oci-mediatypes=true,compression=estargz + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/protoc-builder:cloudbuild_cache waitFor: - "protoc-builder" - id: protoc-debug - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=protoc-debug - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION}-debug,push=false - - --allow=network.host - - --network=host - - . + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=protoc-debug + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION}-debug,push=true,oci-mediatypes=true,compression=estargz + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/protoc-builder:cloudbuild_cache waitFor: - "protoc-builder" - id: golang-builder - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=golang-builder - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --build-arg=PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} - - --build-arg=PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} - - --allow=network.host - - --network=host - - . - waitFor: - - "protoc" - - "protoc-debug" + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=golang-builder + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} + - --export-cache=type=inline + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/protoc-builder:cloudbuild_cache - id: golang - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=golang - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --build-arg=PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} - - --build-arg=PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} - - --tag=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION} - - --tag=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION} - - --allow=network.host - - --network=host - - . + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=golang + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} + - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION},push=true,oci-mediatypes=true,compression=estargz + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/cache/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION}:cloudbuild_cache waitFor: + - "protoc" - "golang-builder" - id: golang-debug - name: docker-buildx:cloudbuild + name: buildkit:cloudbuild + entrypoint: "buildctl" args: - - buildx + - --addr=docker-container://buildkitd - build - - --target=golang-debug - - --build-arg=BUILDKIT_INLINE_CACHE=1 - - --build-arg=PROTOC_VERSION=${_PROTOC_VERSION} - - --build-arg=GOLANG_VERSION=${_GOLANG_VERSION} - - --build-arg=ALPINE_VERSION=${_ALPINE_VERSION} - - --build-arg=PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} - - --build-arg=PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} - - --tag=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION}-debug - - --tag=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-debug - - --allow=network.host - - --network=host - - . + - --frontend=dockerfile.v0 + - --local=context=/workspace + - --local=dockerfile=/workspace + - --opt=target=golang-debug + - --opt=build-arg:PROTOC_VERSION=${_PROTOC_VERSION} + - --opt=build-arg:GOLANG_VERSION=${_GOLANG_VERSION} + - --opt=build-arg:ALPINE_VERSION=${_ALPINE_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_VERSION=${_PROTOC_GEN_GO_VERSION} + - --opt=build-arg:PROTOC_GEN_GO_GRPC_VERSION=${_PROTOC_GEN_GO_GRPC_VERSION} + - --output=type=image,name=gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION}-debug,push=true,oci-mediatypes=true,compression=estargz + - --import-cache=type=registry,ref=gcr.io/$PROJECT_ID/protoc/protoc-builder:cloudbuild_cache waitFor: + - "protoc-debug" - "golang-builder" substitutions: _DOCKER_VERSION: "20.10" - _BUILDX_DIGEST: "2ec838c5f74e1cdd5e6ea4e789c0c0f5573807550b50b2ddc6deb2c2033a286b" # https://github.com/docker/buildx/tree/084b6c0a95ce, https://github.com/docker/buildx/runs/3947339794 - _PROTOC_VERSION: "3.19.0" # https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.0 + _BUILDKIT_VERSION: "v0.10.0" + _PROTOC_VERSION: "3.19.4" # https://github.com/protocolbuffers/protobuf/releases/tag/v3.19.0 _GOLANG_VERSION: "1.17" - _ALPINE_VERSION: "3.14" + _ALPINE_VERSION: "3.15" _PROTOC_GEN_GO_VERSION: "v1.27.1" # https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.27.1 _PROTOC_GEN_GO_GRPC_VERSION: "9c668aeab869" # https://github.com/grpc/grpc-go/tree/9c668aeab869 -images: - - "gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION}" - - "gcr.io/$PROJECT_ID/protoc/protoc:${_PROTOC_VERSION}-debug" - - "gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION}" - - "gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}" - - "gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-${_GOLANG_VERSION}-debug" - - "gcr.io/$PROJECT_ID/protoc/golang:${_PROTOC_VERSION}-debug" - tags: - "protoc.protoc" - "protoc.golang" diff --git a/hack/dockerfiles/buildkit.dockerfile b/hack/dockerfiles/buildkit.dockerfile new file mode 100644 index 0000000..58e0c4b --- /dev/null +++ b/hack/dockerfiles/buildkit.dockerfile @@ -0,0 +1,9 @@ +# syntax=docker.io/docker/dockerfile:1.4.0-labs + +ARG BUILDKIT_VERSION +ARG DOCKER_VERSION + +FROM --platform=$BUILDPLATFORM docker:${DOCKER_VERSION} AS docker + +FROM --platform=$BUILDPLATFORM moby/buildkit:${BUILDKIT_VERSION} AS buildkit +COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker diff --git a/hack/dockerfiles/buildx.dockerfile b/hack/dockerfiles/buildx.dockerfile index ca6fedb..241ce66 100644 --- a/hack/dockerfiles/buildx.dockerfile +++ b/hack/dockerfiles/buildx.dockerfile @@ -1,10 +1,14 @@ # syntax=docker/dockerfile:1.3 ARG DOCKER_VERSION -ARG BUILDX_DIGEST +ARG BUILDX_VERSION +ARG BUILDKIT_VERSION -FROM --platform=$BUILDPLATFORM docker/buildx-bin@sha256:${BUILDX_DIGEST} AS buildx +FROM --platform=$BUILDPLATFORM docker/buildx-bin:${BUILDX_VERSION} AS buildx + +FROM --platform=$BUILDPLATFORM moby/buildkit:${BUILDKIT_VERSION} as buildkit FROM --platform=$BUILDPLATFORM docker:${DOCKER_VERSION} AS docker COPY --from=buildx /buildx /usr/libexec/docker/cli-plugins/docker-buildx +COPY --from=buildkit /usr/bin/buildctl /usr/bin/buildctl RUN docker buildx version