Created
September 21, 2022 22:47
-
-
Save tsibley/873d5ccfe2b57a5675936c54349c6a1e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From 74384936ab3b9354a57baf3291462c9fdd57d90a Mon Sep 17 00:00:00 2001 | |
| From: Thomas Sibley <tsibley@fredhutch.org> | |
| Date: Wed, 21 Sep 2022 15:45:11 -0700 | |
| Subject: [PATCH] wip! footing | |
| --- | |
| Dockerfile | 10 ++++++++-- | |
| devel/build | 21 +++++++++++++++++++-- | |
| devel/pull | 4 +++- | |
| devel/push | 15 ++++++++++----- | |
| devel/tag-latest | 6 ++++-- | |
| 5 files changed, 44 insertions(+), 12 deletions(-) | |
| diff --git a/Dockerfile b/Dockerfile | |
| index 84637c2..f0465ea 100644 | |
| --- a/Dockerfile | |
| +++ b/Dockerfile | |
| @@ -130,7 +130,7 @@ RUN cd /nextstrain/auspice && npm update && npm install && npm run build && npm | |
| # ———————————————————————————————————————————————————————————————————— # | |
| # Now build the final image. | |
| -FROM python:3.7-slim-buster | |
| +FROM python:3.7-slim-buster AS footing | |
| # Add system runtime deps | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| @@ -256,13 +256,19 @@ RUN useradd nextstrain \ | |
| --shell /bin/bash \ | |
| --home-dir /nextstrain \ | |
| --no-log-init | |
| -USER nextstrain:nextstrain | |
| # The host should bind mount the pathogen build dir into /nextstrain/build. | |
| WORKDIR /nextstrain/build | |
| ENTRYPOINT ["/sbin/entrypoint"] | |
| + | |
| +# Construct our foundation (base) on the footing | |
| +FROM footing | |
| + | |
| +# Switch to the non-root user for normal operations | |
| +USER nextstrain:nextstrain | |
| + | |
| # Finally, add metadata at the end so it doesn't bust cached layers. | |
| # | |
| # Optionally passed in during build. Used by a label below. | |
| diff --git a/devel/build b/devel/build | |
| index 66b1f57..d0e7549 100755 | |
| --- a/devel/build | |
| +++ b/devel/build | |
| @@ -1,7 +1,7 @@ | |
| #!/bin/bash | |
| # | |
| -# Builds the nextstrain/base and nextstrain/base-builder images with useful | |
| -# caching. | |
| +# Builds the nextstrain/base, nextstrain/base-footing, and | |
| +# nextstrain/base-builder images with useful caching. | |
| # | |
| # By default this tags images using "latest", but you can provide a custom tag | |
| # name. | |
| @@ -40,6 +40,7 @@ if ! docker buildx inspect "$builder" &>/dev/null; then | |
| fi | |
| BASE_IMAGE="nextstrain/base" | |
| +BASE_FOOTING_IMAGE="nextstrain/base-footing" | |
| BASE_BUILDER_IMAGE="nextstrain/base-builder" | |
| docker buildx build \ | |
| @@ -48,6 +49,7 @@ docker buildx build \ | |
| --build-arg CACHE_DATE \ | |
| --build-arg GIT_REVISION \ | |
| --cache-from $BASE_BUILDER_IMAGE \ | |
| + --cache-from $BASE_FOOTING_IMAGE \ | |
| --cache-from $BASE_IMAGE \ | |
| --cache-to type=inline \ | |
| --tag $BASE_BUILDER_IMAGE:$tag \ | |
| @@ -61,6 +63,21 @@ docker buildx build \ | |
| --build-arg CACHE_DATE \ | |
| --build-arg GIT_REVISION \ | |
| --cache-from $BASE_BUILDER_IMAGE \ | |
| + --cache-from $BASE_FOOTING_IMAGE \ | |
| + --cache-from $BASE_IMAGE \ | |
| + --cache-to type=inline \ | |
| + --tag $BASE_FOOTING_IMAGE:$tag \ | |
| + --load \ | |
| + --target footing \ | |
| + . | |
| + | |
| +docker buildx build \ | |
| + --builder "$builder" \ | |
| + --platform $platform \ | |
| + --build-arg CACHE_DATE \ | |
| + --build-arg GIT_REVISION \ | |
| + --cache-from $BASE_BUILDER_IMAGE \ | |
| + --cache-from $BASE_FOOTING_IMAGE \ | |
| --cache-from $BASE_IMAGE \ | |
| --cache-to type=inline \ | |
| --tag $BASE_IMAGE:$tag \ | |
| diff --git a/devel/pull b/devel/pull | |
| index 3a9585b..60094d0 100755 | |
| --- a/devel/pull | |
| +++ b/devel/pull | |
| @@ -1,6 +1,7 @@ | |
| #!/bin/bash | |
| # | |
| -# Pull the nextstrain/base and nextstrain/base-builder images from Docker Hub. | |
| +# Pull the nextstrain/base, nextstrain/base-footing, nextstrain/base-builder | |
| +# images from Docker Hub. | |
| # | |
| # By default this fetches the "latest" tag, but you can provide other tags in | |
| # addition to or instead of "latest". | |
| @@ -14,5 +15,6 @@ fi | |
| for tag in "$@"; do | |
| docker pull nextstrain/base-builder:$tag | |
| + docker pull nextstrain/base-footing:$tag | |
| docker pull nextstrain/base:$tag | |
| done | |
| diff --git a/devel/push b/devel/push | |
| index 9facf42..018107c 100755 | |
| --- a/devel/push | |
| +++ b/devel/push | |
| @@ -1,6 +1,7 @@ | |
| #!/bin/bash | |
| # | |
| -# Push the nextstrain/base and nextstrain/base-builder images to Docker Hub. | |
| +# Push the nextstrain/base, nextstrain/base-footing, and | |
| +# nextstrain/base-builder images to Docker Hub. | |
| # | |
| # By default this publishes the "latest" tag, but you can provide other tags in | |
| # addition to or instead of "latest". | |
| @@ -15,16 +16,20 @@ if [[ $# -eq 0 ]]; then | |
| fi | |
| BASE_IMAGE="nextstrain/base" | |
| +BASE_FOOTING_IMAGE="nextstrain/base-footing" | |
| BASE_BUILDER_IMAGE="nextstrain/base-builder" | |
| for tag in "$@"; do | |
| - if [[ $(docker image inspect --format "{{.RepoDigests}}" $BASE_IMAGE:$tag) != '[]' || $(docker image inspect --format "{{.RepoDigests}}" $BASE_BUILDER_IMAGE:$tag) != '[]' ]]; then | |
| - echo "At least one of $BASE_IMAGE:$tag and $BASE_BUILDER_IMAGE:$tag has already been pushed. This can happen if the newly built image is not available in the local registry." >&2 | |
| - exit 1 | |
| - fi | |
| + for image in $BASE_IMAGE $BASE_FOOTING_IMAGE $BASE_BUILDER_IMAGE; do | |
| + if [[ $(docker image inspect --format "{{.RepoDigests}}" $image:$tag) != '[]' ]]; then | |
| + echo "$image:$tag has already been pushed. This can happen if the newly built image is not available in the local registry." >&2 | |
| + exit 1 | |
| + fi | |
| + done | |
| done | |
| for tag in "$@"; do | |
| docker push $BASE_BUILDER_IMAGE:$tag | |
| + docker push $BASE_FOOTING_IMAGE:$tag | |
| docker push $BASE_IMAGE:$tag | |
| done | |
| diff --git a/devel/tag-latest b/devel/tag-latest | |
| index cf53b1a..7ccc2ae 100755 | |
| --- a/devel/tag-latest | |
| +++ b/devel/tag-latest | |
| @@ -1,7 +1,7 @@ | |
| #!/bin/bash | |
| # | |
| -# Assign the latest tag to the nextstrain/base:$tag and | |
| -# nextstrain/base-builder:$tag images. | |
| +# Assign the latest tag to the nextstrain/base:$tag, | |
| +# nextstrain/base-footing:$tag, and nextstrain/base-builder:$tag images. | |
| # | |
| set -euo pipefail | |
| @@ -13,7 +13,9 @@ fi | |
| tag=$1 | |
| BASE_IMAGE="nextstrain/base" | |
| +BASE_FOOTING_IMAGE="nextstrain/base-footing" | |
| BASE_BUILDER_IMAGE="nextstrain/base-builder" | |
| docker tag $BASE_BUILDER_IMAGE:{$tag,latest} | |
| +docker tag $BASE_FOOTING_IMAGE:{$tag,latest} | |
| docker tag $BASE_IMAGE:{$tag,latest} | |
| -- | |
| 2.37.2 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment