From 6f50f007efcc9dedee16a3e0475e8998440788c2 Mon Sep 17 00:00:00 2001 From: Helio Chissini de Castro Date: Thu, 2 Nov 2023 13:46:43 +0100 Subject: [PATCH] feat(docker): Rename images to new defaults - ORT main image is now called ort alone. Is based on previous ort-extended image. - A new image called ort-minimal is created based on original ort image. - Language component images now have named version with hash addition to chek if contents of the image changed without changing core language. Signed-off-by: Helio Chissini de Castro --- .github/actions/ortdocker/action.yml | 140 ++++++------ .github/actions/ortdocker/check_image.py | 9 +- .github/workflows/docker-ort-runtime-ext.yml | 202 ------------------ ...{docker-ort-runtime.yml => docker-ort.yml} | 194 ++++++++++++++++- Dockerfile | 75 ++++++- Dockerfile-extended | 85 -------- scripts/custom_docker.sh | 4 +- scripts/docker_build.sh | 24 ++- 8 files changed, 355 insertions(+), 378 deletions(-) delete mode 100644 .github/workflows/docker-ort-runtime-ext.yml rename .github/workflows/{docker-ort-runtime.yml => docker-ort.yml} (54%) delete mode 100644 Dockerfile-extended diff --git a/.github/actions/ortdocker/action.yml b/.github/actions/ortdocker/action.yml index d4ff3ac196f47..9f703b74e5574 100644 --- a/.github/actions/ortdocker/action.yml +++ b/.github/actions/ortdocker/action.yml @@ -20,81 +20,83 @@ description: "Check and create Docker image for ORT components" author: "The ORT Project Authors" inputs: - registry: - description: "GitHub container registry" - default: "ghcr.io" - token: - description: "GitHub token" - required: true - name: - description: "Image name" - required: true - version: - description: "Image version" - required: true - build-args: - description: "List of build-time variables" - required: false + registry: + description: "GitHub container registry" + default: "ghcr.io" + token: + description: "GitHub token" + required: true + name: + description: "Image name" + required: true + version: + description: "Image version" + required: true + build-args: + description: "List of build-time variables" + required: false runs: - using: "composite" + using: "composite" - steps: - - name: Install Python - uses: actions/setup-python@v4 - with: - python-version: '3.10' - cache: 'pip' + steps: + - name: Install Python + uses: actions/setup-python@v4 + with: + python-version: "3.10" + cache: "pip" - - name: Check if Docker image tag exists - id: check_image - shell: bash - env: - INPUT_REGISTRY: ${{ inputs.registry }} - INPUT_TOKEN: ${{ inputs.token }} - INPUT_NAME: ${{ inputs.name }} - INPUT_VERSION: ${{ inputs.version }} - run: | - pip install -q -U pip requests + - name: Check if Docker image tag exists + id: check_image + shell: bash + env: + INPUT_REGISTRY: ${{ inputs.registry }} + INPUT_TOKEN: ${{ inputs.token }} + INPUT_NAME: ${{ inputs.name }} + INPUT_VERSION: ${{ inputs.version }} + BUILD_ARGS: ${{ inputs.build-args }} + run: | + pip install -q -U pip requests - result=$(python ./.github/actions/ortdocker/check_image.py) - echo $result - echo "result=$result" >> $GITHUB_OUTPUT + result=$(python ./.github/actions/ortdocker/check_image.py) + echo $result + echo "result=$result" >> $GITHUB_OUTPUT - - name: Set up Docker build - if: steps.check_image.outputs.result != 'found' - uses: docker/setup-buildx-action@v3 + - name: Set up Docker build + if: steps.check_image.outputs.result != 'found' + uses: docker/setup-buildx-action@v3 - - name: Login to GitHub container registry - if: steps.check_image.outputs.result != 'found' - uses: docker/login-action@v3 - with: - registry: ${{ inputs.registry }} - username: ${{ github.actor }} - password: ${{ inputs.token }} + - name: Login to GitHub container registry + if: steps.check_image.outputs.result != 'found' + uses: docker/login-action@v3 + with: + registry: ${{ inputs.registry }} + username: ${{ github.actor }} + password: ${{ inputs.token }} - - name: Extract components metadata (tags, labels) - if: steps.check_image.outputs.result != 'found' - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ${{ env.REGISTRY }}/${{ github.repository }}/${{ inputs.name }} - tags: - type=raw,value=${{ inputs.version }} + - name: Extract components metadata (tags, labels) + if: steps.check_image.outputs.result != 'found' + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.REGISTRY }}/${{ github.repository }}/${{ inputs.name }} + tags: | + type=raw,value=${{ inputs.version }} + type=raw,value=${{ steps.check_image.outputs.result }} - - name: Build image - if: steps.check_image.outputs.result != 'found' - uses: docker/build-push-action@v5 - with: - context: . - target: ${{ inputs.name }} - push: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }} - load: false - build-args: ${{ inputs.build-args }} - tags: | - ${{ steps.meta.outputs.tags }} - ${{ env.REGISTRY }}/${{ github.repository }}/${{ inputs.name }}:latest - labels: ${{ steps.meta.outputs.labels }} - build-contexts: | - base=docker-image://${{ inputs.registry }}/${{ github.repository }}/base:latest + - name: Build image + if: steps.check_image.outputs.result != 'found' + uses: docker/build-push-action@v5 + with: + context: . + target: ${{ inputs.name }} + push: ${{ github.event_name == 'push' || github.event_name == 'workflow_dispatch' }} + load: false + build-args: ${{ inputs.build-args }} + tags: | + ${{ steps.meta.outputs.tags }} + ${{ env.REGISTRY }}/${{ github.repository }}/${{ inputs.name }}:latest + labels: ${{ steps.meta.outputs.labels }} + build-contexts: | + base=docker-image://${{ inputs.registry }}/${{ github.repository }}/base:latest diff --git a/.github/actions/ortdocker/check_image.py b/.github/actions/ortdocker/check_image.py index 31af107f11752..55b3b396cfd4d 100644 --- a/.github/actions/ortdocker/check_image.py +++ b/.github/actions/ortdocker/check_image.py @@ -15,6 +15,7 @@ # SPDX-License-Identifier: Apache-2.0 # License-Filename: LICENSE +import hashlib import os import requests @@ -26,7 +27,11 @@ token = os.getenv("INPUT_TOKEN") org = os.getenv("GITHUB_REPOSITORY_OWNER") name = os.getenv("INPUT_NAME") -version = os.getenv("INPUT_VERSION") +base_version = os.getenv("INPUT_VERSION") +unique_id = hashlib.sha256(os.getenv("BUILD_ARGS").encode()).hexdigest() + +# We base the version on the base_version and the unique_id +version = f"{base_version}-{unique_id[:8]}" url = f"https://api.github.com/orgs/{org}/packages/container/ort%2F{name}/versions" @@ -47,4 +52,4 @@ if version in versions: print("found") else: - print("none") + print(version) diff --git a/.github/workflows/docker-ort-runtime-ext.yml b/.github/workflows/docker-ort-runtime-ext.yml deleted file mode 100644 index 2a63ca5b68dd9..0000000000000 --- a/.github/workflows/docker-ort-runtime-ext.yml +++ /dev/null @@ -1,202 +0,0 @@ -# Copyright (C) 2023 The ORT Project Authors (see ) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# License-Filename: LICENSE - -name: Docker extended runtime image - -on: - workflow_dispatch: - workflow_run: - workflows: - - 'Docker runtime image' - types: - - completed - -env: - REGISTRY: ghcr.io - -permissions: write-all - -jobs: - android_image: - name: Android image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Android image - uses: ./.github/actions/ortdocker - with: - name: android - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.ANDROID_CMD_VERSION }}" - build-args: | - ANDROID_CMD_VERSION=${{ env.ANDROID_CMD_VERSION }} - - dart_image: - name: Dart image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Dart image - uses: ./.github/actions/ortdocker - with: - name: dart - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.DART_VERSION }}" - build-args: | - DART_VERSION=${{ env.DART_VERSION }} - - dotnet_image: - name: Dotnet image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Dotnet image - uses: ./.github/actions/ortdocker - with: - name: dotnet - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.DOTNET_VERSION }}" - build-args: | - DOTNET_VERSION=${{ env.DOTNET_VERSION }} - NUGET_INSPECTOR_VERSION=${{ env.NUGET_INSPECTOR_VERSION }} - - haskell_image: - name: Haskell image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Haskell image - uses: ./.github/actions/ortdocker - with: - name: haskell - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.HASKELL_STACK_VERSION }}" - build-args: | - HASKELL_STACK_VERSION=${{ env.HASKELL_STACK_VERSION }} - - scala_image: - name: Scala image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Scala image - uses: ./.github/actions/ortdocker - with: - name: scala - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.SBT_VERSION }}" - build-args: | - SBT_VERSION=${{ env.SBT_VERSION }} - - swift_image: - name: Swift image - runs-on: ubuntu-22.04 - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - - name: Set environment variables - run: | - cat .versions >> $GITHUB_ENV - - name: Build Swift image - uses: ./.github/actions/ortdocker - with: - name: swift - token: ${{ secrets.GITHUB_TOKEN }} - version: "${{ env.SWIFT_VERSION }}" - build-args: | - SWIFT_VERSION=${{ env.SWIFT_VERSION }} - - runtime_extended_image: - name: Build ORT extended image - needs: [ android_image, dart_image, dotnet_image, haskell_image, scala_image, swift_image ] - runs-on: ubuntu-22.04 - permissions: - contents: read - packages: write - - steps: - - name: Checkout default branch - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Get ORT current version - run: | - ORT_VERSION=$(./gradlew -q properties --property version | sed -nr "s/version: (.+)/\1/p") - echo "ORT_VERSION=${ORT_VERSION}" >> $GITHUB_ENV - - - name: Set up Docker build - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub container registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract components metadata (tags, labels) - id: meta-ort - uses: docker/metadata-action@v5 - with: - images: | - ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-extended - tags: | - type=schedule,pattern={{date 'YYYYMMDD'}} - type=schedule,pattern=snapshot - type=pep440,pattern={{version}} - type=raw,value=${{ env.ORT_VERSION }} - type=ref,event=tag - - - name: Build ORT extended runtime image - uses: docker/build-push-action@v5 - with: - context: . - file: Dockerfile-extended - push: true - load: false - tags: | - ${{ steps.meta-ort.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - build-contexts: | - ort=docker-image://${{ env.REGISTRY }}/${{ github.repository_owner }}/ort:${{ env.ORT_VERSION }} - android=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/android:latest - swift=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/swift:latest - scala=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/scala:latest - dart=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/dart:latest - dotnet=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/dotnet:latest - haskell=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/haskell:latest diff --git a/.github/workflows/docker-ort-runtime.yml b/.github/workflows/docker-ort.yml similarity index 54% rename from .github/workflows/docker-ort-runtime.yml rename to .github/workflows/docker-ort.yml index dc147e089957b..1ee29bc89ef0c 100644 --- a/.github/workflows/docker-ort-runtime.yml +++ b/.github/workflows/docker-ort.yml @@ -15,7 +15,7 @@ # SPDX-License-Identifier: Apache-2.0 # License-Filename: LICENSE -name: Docker runtime image +name: ORT Docker Image on: workflow_dispatch: @@ -25,7 +25,7 @@ on: paths: - '.versions' - 'Dockerfile' - - '.github/workflows/docker-ort-runtime.yml' + - '.github/workflows/docker-ort.yml' push: tags: - '*' @@ -162,9 +162,126 @@ jobs: GO_DEP_VERSION=${{ env.GO_DEP_VERSION }} GO_VERSION=${{ env.GO_VERSION }} - runtime_image: + android_image: + name: Android image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Android image + uses: ./.github/actions/ortdocker + with: + name: android + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.ANDROID_CMD_VERSION }}" + build-args: | + ANDROID_CMD_VERSION=${{ env.ANDROID_CMD_VERSION }} + + dart_image: + name: Dart image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Dart image + uses: ./.github/actions/ortdocker + with: + name: dart + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.DART_VERSION }}" + build-args: | + DART_VERSION=${{ env.DART_VERSION }} + + dotnet_image: + name: Dotnet image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Dotnet image + uses: ./.github/actions/ortdocker + with: + name: dotnet + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.DOTNET_VERSION }}" + build-args: | + DOTNET_VERSION=${{ env.DOTNET_VERSION }} + NUGET_INSPECTOR_VERSION=${{ env.NUGET_INSPECTOR_VERSION }} + + haskell_image: + name: Haskell image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Haskell image + uses: ./.github/actions/ortdocker + with: + name: haskell + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.HASKELL_STACK_VERSION }}" + build-args: | + HASKELL_STACK_VERSION=${{ env.HASKELL_STACK_VERSION }} + + scala_image: + name: Scala image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Scala image + uses: ./.github/actions/ortdocker + with: + name: scala + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.SBT_VERSION }}" + build-args: | + SBT_VERSION=${{ env.SBT_VERSION }} + + swift_image: + name: Swift image + needs: [ base_image ] + runs-on: ubuntu-22.04 + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + - name: Set environment variables + run: | + cat .versions >> $GITHUB_ENV + - name: Build Swift image + uses: ./.github/actions/ortdocker + with: + name: swift + token: ${{ secrets.GITHUB_TOKEN }} + version: "${{ env.SWIFT_VERSION }}" + build-args: | + SWIFT_VERSION=${{ env.SWIFT_VERSION }} + + # Minimal Runtime ORT image + # ------------------------- + minimal_image: needs: [ base_image, nodejs_image, python_image, rust_image, ruby_image, golang_image ] - name: Build ORT runtime image + name: Build ORT minimal image runs-on: ubuntu-22.04 permissions: contents: read @@ -200,7 +317,7 @@ jobs: uses: docker/metadata-action@v5 with: images: | - ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort + ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-minimal tags: | type=schedule,pattern={{date 'YYYYMMDD'}} type=schedule,pattern=snapshot @@ -208,11 +325,11 @@ jobs: type=raw,value=${{ env.ORT_VERSION }} type=ref,event=tag - - name: Build ORT runtime image + - name: Build ORT minimal image uses: docker/build-push-action@v5 with: context: . - target: run + target: minimal push: true load: false build-args: | @@ -228,3 +345,66 @@ jobs: rust=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/rust:latest ruby=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/ruby:latest golang=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/golang:latest + + # Full Runtime ORT image + # ---------------------- + ort_image: + name: Build ORT image + needs: [ minimal_image, android_image, dart_image, dotnet_image, haskell_image, scala_image, swift_image ] + runs-on: ubuntu-22.04 + permissions: + contents: read + packages: write + + steps: + - name: Checkout default branch + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Get ORT current version + run: | + ORT_VERSION=$(./gradlew -q properties --property version | sed -nr "s/version: (.+)/\1/p") + echo "ORT_VERSION=${ORT_VERSION}" >> $GITHUB_ENV + + - name: Set up Docker build + uses: docker/setup-buildx-action@v3 + + - name: Login to GitHub container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract components metadata (tags, labels) + id: meta-ort + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.REGISTRY }}/${{ github.repository_owner }}/ort + tags: | + type=schedule,pattern={{date 'YYYYMMDD'}} + type=schedule,pattern=snapshot + type=pep440,pattern={{version}} + type=raw,value=${{ env.ORT_VERSION }} + type=ref,event=tag + + - name: Build ORT extended runtime image + uses: docker/build-push-action@v5 + with: + context: . + target: run + push: true + load: false + tags: | + ${{ steps.meta-ort.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + build-contexts: | + ort-minimal=docker-image://${{ env.REGISTRY }}/${{ github.repository_owner }}/ort-minimal:${{ env.ORT_VERSION }} + android=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/android:latest + swift=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/swift:latest + scala=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/scala:latest + dart=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/dart:latest + dotnet=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/dotnet:latest + haskell=docker-image://${{ env.REGISTRY }}/${{ github.repository }}/haskell:latest \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 07443d068e3fb..df6c92cbe8c11 100644 --- a/Dockerfile +++ b/Dockerfile @@ -432,8 +432,8 @@ FROM scratch AS ortbin COPY --from=ortbuild /opt/ort /opt/ort #------------------------------------------------------------------------ -# Main Minimal Runtime container -FROM base as run +# Minimal Runtime container +FROM base as minimal # Remove ort build scripts RUN [ -d /etc/scripts ] && sudo rm -rf /etc/scripts @@ -493,3 +493,74 @@ WORKDIR $HOME RUN mkdir -p "$HOME/.ort" ENTRYPOINT ["/opt/ort/bin/ort"] + +#------------------------------------------------------------------------ +# Full Runtime container +FROM minimal as run + +# Repo and Android +ENV ANDROID_HOME=/opt/android-sdk +ENV ANDROID_USER_HOME=$HOME/.android +ENV PATH=$PATH:$ANDROID_HOME/cmdline-tools/latest/bin:$ANDROID_HOME/cmdline-tools/bin +ENV PATH=$PATH:$ANDROID_HOME/platform-tools +COPY --from=android --chown=$USER:$USER $ANDROID_HOME $ANDROID_HOME +RUN sudo chmod -R o+rw $ANDROID_HOME + +RUN syft $ANDROID_HOME -o spdx-json --file /usr/share/doc/ort/ort-android.spdx.json + +# Swift +ENV SWIFT_HOME=/opt/swift +ENV PATH=$PATH:$SWIFT_HOME/bin +COPY --from=swift --chown=$USER:$USER $SWIFT_HOME $SWIFT_HOME + +RUN syft $SWIFT_HOME -o spdx-json --file /usr/share/doc/ort/ort-swift.spdx.json + + +# Scala +ENV SBT_HOME=/opt/sbt +ENV PATH=$PATH:$SBT_HOME/bin +COPY --from=scala --chown=$USER:$USER $SBT_HOME $SBT_HOME + +RUN syft $SBT_HOME -o spdx-json --file /usr/share/doc/ort/ort-sbt.spdx.json + +# Dart +ENV DART_SDK=/opt/dart-sdk +ENV PATH=$PATH:$DART_SDK/bin +COPY --from=dart --chown=$USER:$USER $DART_SDK $DART_SDK + +RUN syft $DART_SDK -o spdx-json --file /usr/share/doc/ort/ort-golang.dart.json + +# Dotnet +ENV DOTNET_HOME=/opt/dotnet +ENV NUGET_INSPECTOR_HOME=$DOTNET_HOME +ENV PATH=$PATH:$DOTNET_HOME:$DOTNET_HOME/tools:$DOTNET_HOME/bin + +COPY --from=dotnet --chown=$USER:$USER $DOTNET_HOME $DOTNET_HOME + +RUN syft $DOTNET_HOME -o spdx-json --file /usr/share/doc/ort/ort-dotnet.spdx.json + +# PHP +ARG PHP_VERSION=8.1 +ARG COMPOSER_VERSION=2.2 + +RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ + --mount=type=cache,target=/var/lib/apt,sharing=locked \ + sudo apt-get update && \ + DEBIAN_FRONTEND=noninteractive sudo apt-get install -y --no-install-recommends \ + php${PHP_VERSION} \ + && sudo rm -rf /var/lib/apt/lists/* + +RUN mkdir -p /opt/php/bin \ + && curl -ksS https://getcomposer.org/installer | php -- --install-dir=/opt/php/bin --filename=composer --$COMPOSER_VERSION + +ENV PATH=$PATH:/opt/php/bin + +RUN syft /opt/php -o spdx-json --file /usr/share/doc/ort/ort-php.spdx.json + +# Haskell +ENV HASKELL_HOME=/opt/haskell +ENV PATH=$PATH:$HASKELL_HOME/bin + +COPY --from=haskell /opt/haskell /opt/haskell + +RUN syft /opt/haskell -o spdx-json --file /usr/share/doc/ort/ort-haskell.spdx.json \ No newline at end of file diff --git a/Dockerfile-extended b/Dockerfile-extended deleted file mode 100644 index 3a878f1bb1e4f..0000000000000 --- a/Dockerfile-extended +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright (C) 2023 The ORT Project Authors (see ) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# License-Filename: LICENSE - -FROM ort - -# Repo and Android -ENV ANDROID_HOME=/opt/android-sdk -ENV ANDROID_USER_HOME=$HOME/.android -ENV PATH=$PATH:$ANDROID_HOME/cmdline-tools/latest/bin:$ANDROID_HOME/cmdline-tools/bin -ENV PATH=$PATH:$ANDROID_HOME/platform-tools -COPY --from=android --chown=$USER:$USER $ANDROID_HOME $ANDROID_HOME -RUN sudo chmod -R o+rw $ANDROID_HOME - -RUN syft $ANDROID_HOME -o spdx-json --file /usr/share/doc/ort/ort-android.spdx.json - -# Swift -ENV SWIFT_HOME=/opt/swift -ENV PATH=$PATH:$SWIFT_HOME/bin -COPY --from=swift --chown=$USER:$USER $SWIFT_HOME $SWIFT_HOME - -RUN syft $SWIFT_HOME -o spdx-json --file /usr/share/doc/ort/ort-swift.spdx.json - - -# Scala -ENV SBT_HOME=/opt/sbt -ENV PATH=$PATH:$SBT_HOME/bin -COPY --from=scala --chown=$USER:$USER $SBT_HOME $SBT_HOME - -RUN syft $SBT_HOME -o spdx-json --file /usr/share/doc/ort/ort-sbt.spdx.json - -# Dart -ENV DART_SDK=/opt/dart-sdk -ENV PATH=$PATH:$DART_SDK/bin -COPY --from=dart --chown=$USER:$USER $DART_SDK $DART_SDK - -RUN syft $DART_SDK -o spdx-json --file /usr/share/doc/ort/ort-golang.dart.json - -# Dotnet -ENV DOTNET_HOME=/opt/dotnet -ENV NUGET_INSPECTOR_HOME=$DOTNET_HOME -ENV PATH=$PATH:$DOTNET_HOME:$DOTNET_HOME/tools:$DOTNET_HOME/bin - -COPY --from=dotnet --chown=$USER:$USER $DOTNET_HOME $DOTNET_HOME - -RUN syft $DOTNET_HOME -o spdx-json --file /usr/share/doc/ort/ort-dotnet.spdx.json - -# PHP -ARG PHP_VERSION=8.1 -ARG COMPOSER_VERSION=2.2 - -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ - --mount=type=cache,target=/var/lib/apt,sharing=locked \ - sudo apt-get update && \ - DEBIAN_FRONTEND=noninteractive sudo apt-get install -y --no-install-recommends \ - php${PHP_VERSION} \ - && sudo rm -rf /var/lib/apt/lists/* - -RUN mkdir -p /opt/php/bin \ - && curl -ksS https://getcomposer.org/installer | php -- --install-dir=/opt/php/bin --filename=composer --$COMPOSER_VERSION - -ENV PATH=$PATH:/opt/php/bin - -RUN syft /opt/php -o spdx-json --file /usr/share/doc/ort/ort-php.spdx.json - -# Haskell -ENV HASKELL_HOME=/opt/haskell -ENV PATH=$PATH:$HASKELL_HOME/bin - -COPY --from=haskell /opt/haskell /opt/haskell - -RUN syft /opt/haskell -o spdx-json --file /usr/share/doc/ort/ort-haskell.spdx.json diff --git a/scripts/custom_docker.sh b/scripts/custom_docker.sh index 0e08cefe4d50a..c6c8776df8ace 100755 --- a/scripts/custom_docker.sh +++ b/scripts/custom_docker.sh @@ -27,10 +27,10 @@ DOCKER_IMAGE_ROOT="${DOCKER_IMAGE_ROOT:-ghcr.io/oss-review-toolkit}" valid_components=("android" "swift" "sbt" "dart" "dotnet" "php" "haskell") # Define the Dockerfile template -dockerfile_template="FROM ghcr.io/oss-review-toolkit/ort\n" +dockerfile_template="FROM ${DOCKER_IMAGE_ROOT}/ort-minimal\n" # Default output file -output_file="Dockerfile.custom" +output_file="Dockerfile-custom" function usage() { echo "Usage: $0 -c [ ...] -o " diff --git a/scripts/docker_build.sh b/scripts/docker_build.sh index 91320671fe105..20af898b3689c 100755 --- a/scripts/docker_build.sh +++ b/scripts/docker_build.sh @@ -45,13 +45,17 @@ image_build() { shift docker buildx build \ - -f "$GIT_ROOT/Dockerfile" \ + -f "$GIT_ROOT/Dockerfile-minimal" \ --target "$target" \ --tag "${DOCKER_IMAGE_ROOT}/$name:$version" \ --tag "${DOCKER_IMAGE_ROOT}/$name:latest" \ "$@" . } +# Minimimal ORT image +# This is the base image for ORT and contains the minimal +# set of tools required to run ORT including main binaries. + # Base image_build base ort/base "${JAVA_VERSION}-jdk-${UBUNTU_VERSION}" \ --build-arg UBUNTU_VERSION="$UBUNTU_VERSION" \ @@ -104,6 +108,8 @@ image_build golang ort/golang "$GO_VERSION" \ image_build run ort "$ORT_VERSION" \ --build-arg ORT_VERSION="$ORT_VERSION" \ --build-arg NODEJS_VERSION="$NODEJS_VERSION" \ + --tag "ort-minimal:$ORT_VERSION" \ + --tag "ort-minimal:latest" \ --build-context "base=docker-image://${DOCKER_IMAGE_ROOT}/ort/base:latest" \ --build-context "python=docker-image://${DOCKER_IMAGE_ROOT}/ort/python:latest" \ --build-context "nodejs=docker-image://${DOCKER_IMAGE_ROOT}/ort/nodejs:latest" \ @@ -112,9 +118,6 @@ image_build run ort "$ORT_VERSION" \ --build-context "ruby=docker-image://${DOCKER_IMAGE_ROOT}/ort/ruby:latest" \ "$@" -# Build adjacent language containers if ALL_LANGUAGES is set. -[ -z "$ALL_LANGUAGES" ] && exit 0 - # Android # shellcheck disable=SC1091 image_build android ort/android "$ANDROID_CMD_VERSION" \ @@ -153,11 +156,15 @@ image_build haskell ort/haskell "$HASKELL_STACK_VERSION" \ --build-context "base=docker-image://${DOCKER_IMAGE_ROOT}/ort/base:latest" \ "$@" -# Runtime extended ORT image +# Main runtime ORT image +# This not using the image_build function as it needs to build +# from multiple images docker buildx build \ - --file Dockerfile-extended \ - --tag "${DOCKER_IMAGE_ROOT}/ort-extended:$ORT_VERSION" \ - --tag "${DOCKER_IMAGE_ROOT}/ort-extended:latest" \ + --file Dockerfile \ + --tag "${DOCKER_IMAGE_ROOT}/ort:$ORT_VERSION" \ + --tag "${DOCKER_IMAGE_ROOT}/ort:latest" \ + --tag "ort:$ORT_VERSION" \ + --tag "ort:latest" \ --build-arg ORT_VERSION="$ORT_VERSION" \ --build-context "ort=docker-image://${DOCKER_IMAGE_ROOT}/ort:${ORT_VERSION}" \ --build-context "sbt=docker-image://${DOCKER_IMAGE_ROOT}/ort/sbt:latest" \ @@ -168,4 +175,3 @@ docker buildx build \ --build-context "haskell=docker-image://${DOCKER_IMAGE_ROOT}/ort/haskell:latest" \ --build-context "scala=docker-image://${DOCKER_IMAGE_ROOT}/ort/scala:latest" \ "$@" . -