blob: 1ce71a4de6c7d7ec9fe14f1f3ad6ecfa3a3ecea4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
# syntax=docker/dockerfile:1.12.0@sha256:db1ff77fb637a5955317c7a3a62540196396d565f3dd5742e76dddbb6d75c4c5
ARG BASE_IMAGE_TYPE=slim
# --------------------------------------
# slim image
# --------------------------------------
FROM ghcr.io/renovatebot/base-image:9.11.2@sha256:89eacab8b8a325cab4999dda4546cd781659dd86d1573c4ef9142fa385c87927 AS slim-base
# --------------------------------------
# full image
# --------------------------------------
FROM ghcr.io/renovatebot/base-image:9.11.2-full@sha256:675c100b2fca833c952cbfeb3c4d1621107615e38da679f0fd90dfc9e3be3179 AS full-base
ENV RENOVATE_BINARY_SOURCE=global
# --------------------------------------
# build image
# --------------------------------------
FROM --platform=$BUILDPLATFORM ghcr.io/renovatebot/base-image:9.11.2@sha256:89eacab8b8a325cab4999dda4546cd781659dd86d1573c4ef9142fa385c87927 AS build
# We want a specific node version here
# renovate: datasource=node-version
RUN install-tool node 22.11.0
WORKDIR /usr/local/renovate
ARG TARGETPLATFORM
ARG TARGETARCH
ARG BUILDPLATFORM
RUN set -ex; \
echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM"; \
uname -a; \
true
# replace `amd64` with `x86_64` for `node`
ENV ARCH=${TARGETARCH/amd64/x86_64}
ENV ARCH=${ARCH/arm64/aarch64}
# fetch static node binary
RUN set -ex; \
ver=$(node --version); ver=${ver:1} \
temp_dir="$(mktemp -d)"; \
curl -fsSL "https://github.com/containerbase/node-prebuild/releases/download/${ver}/node-${ver}-${ARCH}.tar.xz" -o ${temp_dir}/node.tar.xz; \
bsdtar --strip 1 -C ${temp_dir} -xf ${temp_dir}/node.tar.xz; \
cp ${temp_dir}/bin/node ./node; \
true
# fetch npm packages
ENV CI=1 npm_config_modules_cache_max_age=0 \
npm_config_loglevel=info
# replace `amd64` with `x64` for `node`
ENV ARCH=${TARGETARCH/amd64/x64}
COPY --link pnpm-lock.yaml ./
# set `npm_config_arch` for `prebuild-install`
# set `npm_config_platform_arch` for `install-artifact-from-github`
# only fetch deps from lockfile https://pnpm.io/cli/fetch
RUN set -ex; \
export npm_config_arch=${ARCH} npm_config_platform_arch=${ARCH}; \
corepack pnpm fetch --prod; \
true
COPY --link . ./
# install npm packages
RUN set -ex; \
corepack pnpm install --prod --offline --ignore-scripts; \
true
# --------------------------------------
# final image
# --------------------------------------
FROM ${BASE_IMAGE_TYPE}-base
LABEL name="renovate"
LABEL org.opencontainers.image.source="https://github.com/renovatebot/renovate" \
org.opencontainers.image.url="https://renovatebot.com" \
org.opencontainers.image.licenses="AGPL-3.0-only"
WORKDIR /usr/src/app
COPY tools/docker/bin/ /usr/local/sbin/
ENTRYPOINT ["/usr/local/sbin/renovate-entrypoint.sh"]
CMD ["renovate"]
ARG RENOVATE_VERSION
COPY --link --from=build --chown=root:root /usr/local/renovate/ /usr/local/renovate/
# make our node binary available as last in path
RUN ln -sf /usr/local/renovate/node /bin/node
# ensure default base and cache directories exist.
RUN mkdir -p /tmp/renovate/cache && \
chmod -R 777 /tmp/renovate
# test
RUN set -ex; \
renovate --version; \
pushd /usr/local/renovate/; \
node -e "new require('re2')('.*').exec('test');new require('better-sqlite3')(':memory:')"; \
true
LABEL \
org.opencontainers.image.version="${RENOVATE_VERSION}" \
org.label-schema.version="${RENOVATE_VERSION}"
# Numeric user ID for the ubuntu user. Used to indicate a non-root user to OpenShift
USER 12021
|
