docker-agent/Dockerfile at main · docker/docker-agent · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# syntax=docker/dockerfile:1

ARG GO_VERSION="1.26.0"
ARG ALPINE_VERSION="3.22"
ARG XX_VERSION="1.9.0"

# xx is a helper for cross-compilation
FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx

# osxcross contains the MacOSX cross toolchain for xx
FROM crazymax/osxcross:15.5-debian AS osxcross

FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine${ALPINE_VERSION} AS builder-base
COPY --from=xx / /
RUN apk add --no-cache clang zig
WORKDIR /src
RUN --mount=type=cache,target=/go/pkg/mod \
    --mount=type=bind,source=go.mod,target=go.mod \
    --mount=type=bind,source=go.sum,target=go.sum \
    go mod download
ENV CGO_ENABLED=1

FROM builder-base AS builder
ARG TARGETPLATFORM
ARG TARGETOS
ARG TARGETARCH
RUN --mount=type=cache,target=/var/cache/apk,id=apk-$TARGETPLATFORM,sharing=locked \
    xx-apk add musl-dev
COPY . ./
ARG GIT_TAG
ARG GIT_COMMIT
RUN --mount=type=bind,from=osxcross,src=/osxsdk,target=/xx-sdk \
    --mount=type=cache,target=/root/.cache/go-build,id=go-build-$TARGETPLATFORM \
    --mount=type=cache,target=/go/pkg/mod <<EOT
    set -ex
    if [ "$TARGETOS" != "darwin" ]; then
      export XX_GO_PREFER_C_COMPILER=zig
    fi
    xx-go build -trimpath -tags no_audio -ldflags "-s -w -linkmode=external -X 'github.com/docker/docker-agent/pkg/version.Version=$GIT_TAG' -X 'github.com/docker/docker-agent/pkg/version.Commit=$GIT_COMMIT'" -o /binaries/docker-agent-$TARGETOS-$TARGETARCH .
    xx-verify --static /binaries/docker-agent-$TARGETOS-$TARGETARCH
    if [ "$TARGETOS" = "windows" ]; then
      mv /binaries/docker-agent-$TARGETOS-$TARGETARCH /binaries/docker-agent-$TARGETOS-$TARGETARCH.exe
    fi
EOT

FROM scratch AS local
ARG TARGETOS TARGETARCH
COPY --from=builder /binaries/docker-agent-$TARGETOS-$TARGETARCH* docker-agent

FROM scratch AS cross
COPY --from=builder /binaries .

FROM alpine:${ALPINE_VERSION}
RUN apk add --no-cache ca-certificates docker-cli && \
    addgroup -S docker-agent && adduser -S -G docker-agent docker-agent && \
    mkdir /data /work && chmod 777 /data /work
ARG TARGETOS TARGETARCH
ENV DOCKER_MCP_IN_CONTAINER=1
ENV TERM=xterm-256color
COPY --from=docker/mcp-gateway:v2 /docker-mcp /usr/local/lib/docker/cli-plugins/
COPY --from=builder /binaries/docker-agent-$TARGETOS-$TARGETARCH /docker-agent
USER docker-agent
WORKDIR /work
ENTRYPOINT ["/docker-agent"]