Skip to content

Commit 2636921

Browse files
shaun-nxshaun-nx
committed
Move base dockerfiles back to root build dir
1 parent 42a3505 commit 2636921

File tree

3 files changed

+110
-0
lines changed

3 files changed

+110
-0
lines changed

build/Dockerfile

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
# syntax=docker/dockerfile:1.18
2+
FROM golang:1.25 AS builder
3+
4+
WORKDIR /go/src/github.com/nginx/nginx-gateway-fabric
5+
6+
COPY go.mod go.sum /go/src/github.com/nginx/nginx-gateway-fabric/
7+
RUN go mod download
8+
9+
COPY . /go/src/github.com/nginx/nginx-gateway-fabric
10+
RUN make build
11+
12+
FROM golang:1.25 AS ca-certs-provider
13+
14+
FROM scratch AS common
15+
# CA certs are needed for telemetry report so that NGF can verify the server's certificate.
16+
COPY --from=ca-certs-provider --link /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
17+
USER 101:1001
18+
ARG BUILD_AGENT
19+
ENV BUILD_AGENT=${BUILD_AGENT}
20+
ENTRYPOINT [ "/usr/bin/gateway" ]
21+
22+
FROM common AS container
23+
COPY --from=builder /go/src/github.com/nginxinc/nginx-gateway-fabric/build/out/gateway /usr/bin/
24+
25+
FROM common AS local
26+
COPY ./build/out/gateway /usr/bin/
27+
28+
FROM common AS goreleaser
29+
ARG TARGETARCH
30+
COPY dist/gateway_linux_$TARGETARCH*/gateway /usr/bin/

build/Dockerfile.nginx

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
# syntax=docker/dockerfile:1.18
2+
FROM scratch AS nginx-files
3+
4+
# the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>
5+
ADD --link --chown=101:1001 https://cs.nginx.com/static/keys/nginx_signing.rsa.pub nginx_signing.rsa.pub
6+
7+
FROM nginx:1.29.1-alpine-otel
8+
9+
# renovate: datasource=github-tags depName=nginx/agent
10+
ARG NGINX_AGENT_VERSION=v3.3.1
11+
ARG NJS_DIR
12+
ARG NGINX_CONF_DIR
13+
ARG BUILD_AGENT
14+
15+
RUN --mount=type=bind,from=nginx-files,src=nginx_signing.rsa.pub,target=/etc/apk/keys/nginx_signing.rsa.pub \
16+
printf "%s\n" "https://packages.nginx.org/nginx-agent/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
17+
&& apk add --no-cache nginx-agent=${NGINX_AGENT_VERSION#v}
18+
19+
RUN apk add --no-cache bash \
20+
&& mkdir -p /usr/lib/nginx/modules \
21+
# forward request and error logs to docker log collector
22+
&& ln -sf /dev/stdout /var/log/nginx/access.log \
23+
&& ln -sf /dev/stderr /var/log/nginx/error.log
24+
25+
COPY build/entrypoint.sh /agent/entrypoint.sh
26+
COPY ${NJS_DIR}/httpmatches.js /usr/lib/nginx/modules/njs/httpmatches.js
27+
COPY ${NGINX_CONF_DIR}/nginx.conf /etc/nginx/nginx.conf
28+
COPY ${NGINX_CONF_DIR}/grpc-error-locations.conf /etc/nginx/grpc-error-locations.conf
29+
COPY ${NGINX_CONF_DIR}/grpc-error-pages.conf /etc/nginx/grpc-error-pages.conf
30+
31+
RUN chown -R 101:1001 /etc/nginx /var/cache/nginx
32+
33+
LABEL org.nginx.ngf.image.build.agent="${BUILD_AGENT}"
34+
35+
USER 101:1001
36+
37+
ENTRYPOINT ["/agent/entrypoint.sh"]

build/Dockerfile.nginxplus

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
# syntax=docker/dockerfile:1.18
2+
FROM scratch AS nginx-files
3+
4+
# the following links can be replaced with local files if needed, i.e. ADD --chown=101:1001 <local_file> <container_file>
5+
ADD --link --chown=101:1001 https://cs.nginx.com/static/keys/nginx_signing.rsa.pub nginx_signing.rsa.pub
6+
7+
FROM alpine:3.22
8+
9+
ARG NGINX_PLUS_VERSION=R35
10+
# renovate: datasource=github-tags depName=nginx/agent
11+
ARG NGINX_AGENT_VERSION=v3.3.1
12+
ARG NJS_DIR
13+
ARG NGINX_CONF_DIR
14+
ARG BUILD_AGENT
15+
16+
RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
17+
--mount=type=secret,id=nginx-repo.key,dst=/etc/apk/cert.key,mode=0644 \
18+
--mount=type=bind,from=nginx-files,src=nginx_signing.rsa.pub,target=/etc/apk/keys/nginx_signing.rsa.pub \
19+
addgroup -g 1001 -S nginx \
20+
&& adduser -S -D -H -u 101 -h /var/cache/nginx -s /sbin/nologin -G nginx -g nginx nginx \
21+
&& printf "%s\n" "https://pkgs.nginx.com/plus/${NGINX_PLUS_VERSION}/alpine/v$(grep -E -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
22+
&& printf "%s\n" "https://pkgs.nginx.com/nginx-agent/alpine/v$(egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release)/main" >> /etc/apk/repositories \
23+
&& apk add --no-cache nginx-plus nginx-plus-module-njs nginx-plus-module-otel nginx-agent=${NGINX_AGENT_VERSION#v}
24+
25+
RUN apk add --no-cache bash \
26+
&& mkdir -p /usr/lib/nginx/modules \
27+
# forward request and error logs to docker log collector
28+
&& ln -sf /dev/stdout /var/log/nginx/access.log \
29+
&& ln -sf /dev/stderr /var/log/nginx/error.log
30+
31+
COPY build/entrypoint.sh /agent/entrypoint.sh
32+
COPY ${NJS_DIR}/httpmatches.js /usr/lib/nginx/modules/njs/httpmatches.js
33+
COPY ${NGINX_CONF_DIR}/nginx-plus.conf /etc/nginx/nginx.conf
34+
COPY ${NGINX_CONF_DIR}/grpc-error-locations.conf /etc/nginx/grpc-error-locations.conf
35+
COPY ${NGINX_CONF_DIR}/grpc-error-pages.conf /etc/nginx/grpc-error-pages.conf
36+
37+
RUN chown -R 101:1001 /etc/nginx /var/cache/nginx /var/lib/nginx
38+
39+
USER 101:1001
40+
41+
LABEL org.nginx.ngf.image.build.agent="${BUILD_AGENT}"
42+
43+
ENTRYPOINT ["/agent/entrypoint.sh"]

0 commit comments

Comments
 (0)