marco/plugin-barman-cloud
1
0
Fork 0
mirror of https://github.com/cloudnative-pg/plugin-barman-cloud.git synced 2026-03-09 12:12:21 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
dev/go-version-from-gomod
plugin-barman-cloud/containers/Dockerfile.sidecar
Marco Nenciarini e11f2a85b3 chore(ci): read Go version from go.mod toolchain directive 
Replace hardcoded Go version across the Taskfile and Dockerfiles with a
single GO_VERSION variable extracted from go.mod's toolchain directive.
This makes go.mod the single source of truth for the Go version,
removing the need to keep 3 Taskfile tasks and 2 Dockerfiles in sync
via Renovate's custom regex manager.

Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
2026-03-06 18:57:34 +01:00

113 lines
4.4 KiB
Docker
Raw Permalink Blame History

# Sidecar
# The container needs to provide and build two components:
# * barman-cloud
# * instance plugin
# Both components are built before going into a distroless container
# Build the manager binary
# GO_VERSION must be passed as a build arg (read from go.mod toolchain directive by Taskfile)
ARG GO_VERSION
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION} AS gobuilder
ARG TARGETOS
ARG TARGETARCH
WORKDIR /workspace
COPY ../go.mod go.mod
COPY ../go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download
ENV GOCACHE=/root/.cache/go-build
ENV GOMODCACHE=/go/pkg/mod
COPY ../cmd/manager/main.go cmd/manager/main.go
COPY ../api/ api/
COPY ../internal/ internal/
# Build Go binary for target platform (TARGETOS/TARGETARCH)
# Docker BuildKit sets these based on --platform flag or defaults to the build host platform
RUN --mount=type=cache,target=/go/pkg/mod --mount=type=cache,target=/root/.cache/go-build \
CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/manager/main.go
# Build Python virtualenv with all dependencies
FROM debian:trixie-slim AS pythonbuilder
WORKDIR /build
# Install postgresql-common and setup pgdg repository first
RUN apt-get update && \
apt-get install -y --no-install-recommends postgresql-common && \
/usr/share/postgresql-common/pgdg/apt.postgresql.org.sh -y
# Install build dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
python3 \
python3-venv \
python3-dev \
build-essential \
libpq-dev \
liblz4-dev \
libsnappy-dev
COPY containers/sidecar-requirements.txt .
# Create virtualenv and install dependencies
RUN python3 -m venv /venv && \
/venv/bin/pip install --upgrade pip setuptools wheel && \
/venv/bin/pip install --no-cache-dir -r sidecar-requirements.txt
# Download and extract runtime library packages and their dependencies
# Using apt-cache to automatically resolve dependencies, filtering out packages
# already present in the distroless base image.
# Distroless package list from: https://github.com/GoogleContainerTools/distroless/blob/main/base/config.bzl
# and https://github.com/GoogleContainerTools/distroless/blob/main/python3/config.bzl
RUN mkdir -p /dependencies /build/downloads && \
cd /build/downloads && \
DISTROLESS_PACKAGES="libc6 libssl3t64 libzstd1 zlib1g libgcc-s1 libstdc++6 \
libbz2-1.0 libdb5.3t64 libexpat1 liblzma5 libsqlite3-0 libuuid1 \
libncursesw6 libtinfo6 libcom-err2 libcrypt1 libgssapi-krb5-2 \
libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libnsl2 \
libreadline8t64 libtirpc3t64 libffi8 libpython3.13-minimal \
libpython3.13-stdlib python3.13-minimal python3.13-venv" && \
apt-cache depends --recurse --no-recommends --no-suggests \
--no-conflicts --no-breaks --no-replaces --no-enhances \
$DISTROLESS_PACKAGES 2>/dev/null | grep "^\w" | sort -u > /tmp/distroless.txt && \
apt-cache depends --recurse --no-recommends --no-suggests \
--no-conflicts --no-breaks --no-replaces --no-enhances \
libpq5 liblz4-1 libsnappy1v5 2>/dev/null | grep "^\w" | sort -u | \
grep -v -F -x -f /tmp/distroless.txt > /tmp/packages.txt && \
apt-get download $(cat /tmp/packages.txt) && \
for deb in *.deb; do \
dpkg -x "$deb" /dependencies; \
done
# Final sidecar image using distroless base for minimal size and fewer packages
FROM gcr.io/distroless/python3-debian13:nonroot
ENV SUMMARY="CloudNativePG Barman plugin" \
DESCRIPTION="Container image that provides the barman-cloud sidecar" \
PATH="/venv/bin:$PATH"
LABEL summary="$SUMMARY" \
description="$DESCRIPTION" \
io.k8s.display-name="$SUMMARY" \
io.k8s.description="$DESCRIPTION" \
name="CloudNativePG Barman plugin sidecar" \
vendor="CloudNativePG Contributors" \
url="https://cloudnative-pg.io/" \
version="" \
release="1"
COPY --from=pythonbuilder /venv /venv
COPY --from=pythonbuilder /dependencies/usr/lib /usr/lib
COPY --from=gobuilder /workspace/manager /manager
# Compile all Python bytecode as root to avoid runtime compilation
USER 0:0
RUN ["/venv/bin/python3", "-c", "import sysconfig, compileall; compileall.compile_dir(sysconfig.get_path('stdlib'), quiet=1); compileall.compile_dir('/venv', quiet=1)"]
USER 26:26
ENTRYPOINT ["/manager"]
Reference in New Issue View Git Blame Copy Permalink