1# Common builder 2ARG GO_IMAGE 3FROM ${GO_IMAGE} as builder 4 5COPY hack/dockerfile/install/tini.installer / 6COPY hack/dockerfile/install/proxy.installer / 7RUN apt-get update && apt-get install -y \ 8 bash \ 9 btrfs-tools \ 10 ca-certificates \ 11 cmake \ 12 gcc \ 13 git \ 14 libc-dev \ 15 libgcc-6-dev \ 16 libltdl-dev \ 17 libseccomp-dev \ 18 libtool \ 19 make 20RUN grep "_COMMIT=" /*.installer |cut -f2- -d: > /binaries-commits 21 22# dockerd 23FROM builder as dockerd-builder 24RUN apt-get install -y \ 25 libsystemd-dev 26WORKDIR /go/src/github.com/docker/docker 27COPY . /go/src/github.com/docker/docker 28ARG VERSION 29ARG GITCOMMIT 30ARG BUILDTIME 31ARG PLATFORM 32ARG PRODUCT 33ARG DEFAULT_PRODUCT_LICENSE 34ENV VERSION ${VERSION} 35ENV GITCOMMIT ${GITCOMMIT} 36ENV BUILDTIME ${BUILDTIME} 37ENV PLATFORM ${PLATFORM} 38ENV PRODUCT ${PRODUCT} 39ENV DEFAULT_PRODUCT_LICENSE ${DEFAULT_PRODUCT_LICENSE} 40# TODO The way we set the version could easily be simplified not to depend on hack/... 41RUN bash ./hack/make/.go-autogen 42RUN go build -o /sbin/dockerd \ 43 -tags 'autogen apparmor seccomp selinux journald exclude_graphdriver_devicemapper' \ 44 -i \ 45 -buildmode=pie \ 46 -a -ldflags '-w'\ 47 github.com/docker/docker/cmd/dockerd 48 49# docker-proxy 50# TODO if libnetwork folds into the docker tree this can be combined above 51FROM builder as proxy-builder 52RUN git clone https://github.com/docker/libnetwork.git /go/src/github.com/docker/libnetwork 53WORKDIR /go/src/github.com/docker/libnetwork 54RUN . /binaries-commits && \ 55 git checkout -q "$LIBNETWORK_COMMIT" && \ 56 CGO_ENABLED=0 go build -buildmode=pie -ldflags="$PROXY_LDFLAGS" \ 57 -o /sbin/docker-proxy \ 58 github.com/docker/libnetwork/cmd/proxy 59 60# docker-init - TODO move this out, last time we bumped was 2016! 61FROM builder as init-builder 62RUN git clone https://github.com/krallin/tini.git /tini 63WORKDIR /tini 64RUN . /binaries-commits && \ 65 git checkout -q "$TINI_COMMIT" && \ 66 cmake . && make tini-static && \ 67 cp tini-static /sbin/docker-init 68 69# runc 70FROM builder as runc-builder 71RUN apt-get install -y libseccomp-dev 72RUN git clone https://github.com/opencontainers/runc.git /go/src/github.com/opencontainers/runc 73WORKDIR /go/src/github.com/opencontainers/runc 74RUN . /binaries-commits && \ 75 git checkout -q "$RUNC_COMMIT" && \ 76 make BUILDTAGS='seccomp apparmor' static && make install 77 78# Final docker image 79FROM scratch 80ARG VERSION 81ARG GITCOMMIT 82ARG BUILDTIME 83ARG PLATFORM 84ARG ENGINE_IMAGE 85COPY --from=dockerd-builder /sbin/dockerd /bin/ 86COPY --from=proxy-builder /sbin/docker-proxy /bin/ 87COPY --from=init-builder /sbin/docker-init /bin/ 88COPY --from=runc-builder /usr/local/sbin/runc /bin/ 89 90LABEL \ 91 org.opencontainers.image.authors="Docker Inc." \ 92 org.opencontainers.image.created="${BUILDTIME}" \ 93 org.opencontainers.image.documentation="https://docs.docker.com/" \ 94 org.opencontainers.image.licenses="Apache-2.0" \ 95 org.opencontainers.image.revision="${GITCOMMIT}" \ 96 org.opencontainers.image.url="https://www.docker.com/products/docker-engine" \ 97 org.opencontainers.image.vendor="Docker Inc." \ 98 org.opencontainers.image.version="${VERSION}" \ 99 com.docker.distribution_based_engine="{\"platform\":\"${PLATFORM}\",\"engine_image\":\"${ENGINE_IMAGE}\",\"containerd_min_version\":\"1.2.0-beta.1\",\"runtime\":\"host_install\"}" 100 101ENTRYPOINT ["/bin/dockerd"] 102