feat: use dind in Dockerfile (#14)

Because - The `mgmt-backend` Dockerfiles had been copied and used as base but: - the `pipeline-backend` and `model-backend` versions are more recent - `mgmt-backend` overrides the code while the other two don't, so they fit better as a base This commit - Reworks Dockerfiles with `pipeline-backend` as a model
instill-ai · Apr 16, 2024 · d95aa68 · d95aa68
1 parent a41db43
commit d95aa68
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 13 deletions.
diff --git a/.env b/.env
@@ -4,7 +4,7 @@ K6_VERSION=0.42.0
 
 # service
 SERVICE_NAME=artifact-backend
-SERVICE_PORT=8085
+SERVICE_PORT=8082
 
 # container build
 DOCKER_BUILDKIT=1

diff --git a/Dockerfile b/Dockerfile
@@ -11,20 +11,19 @@ ARG SERVICE_NAME TARGETOS TARGETARCH
 RUN --mount=target=. --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 go build -o /${SERVICE_NAME} ./cmd/main
 RUN --mount=target=. --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOOS=$TARGETOS GOARCH=$TARGETARCH CGO_ENABLED=0 go build -o /${SERVICE_NAME}-migrate ./cmd/migration
 
-FROM gcr.io/distroless/base:nonroot
+FROM golang:${GOLANG_VERSION}
 
-USER nonroot:nonroot
+USER nobody:nogroup
 
 ARG SERVICE_NAME
 
 WORKDIR /${SERVICE_NAME}
 
-COPY --from=busybox:stable-musl --chown=nonroot:nonroot /bin/sh /bin/sh
-COPY --from=busybox:stable-musl --chown=nonroot:nonroot /bin/wget /bin/wget
+COPY --from=docker:dind-rootless --chown=nobody:nogroup /usr/local/bin/docker /usr/local/bin
 
-COPY --from=build --chown=nonroot:nonroot /src/config ./config
-COPY --from=build --chown=nonroot:nonroot /src/release-please ./release-please
-COPY --from=build --chown=nonroot:nonroot /src/pkg/db/migration ./pkg/db/migration
+COPY --from=build --chown=nobody:nogroup /src/config ./config
+COPY --from=build --chown=nobody:nogroup /src/release-please ./release-please
+COPY --from=build --chown=nobody:nogroup /src/pkg/db/migration ./pkg/db/migration
 
-COPY --from=build --chown=nonroot:nonroot /${SERVICE_NAME} ./
-COPY --from=build --chown=nonroot:nonroot /${SERVICE_NAME}-migrate ./
+COPY --from=build --chown=nobody:nogroup /${SERVICE_NAME}-migrate ./
+COPY --from=build --chown=nobody:nogroup /${SERVICE_NAME} ./
diff --git a/Dockerfile.dev b/Dockerfile.dev
@@ -5,6 +5,10 @@ ARG SERVICE_NAME
 
 WORKDIR /${SERVICE_NAME}
 
+# -- DinD
+
+COPY --from=docker:dind-rootless --chown=nobody:nogroup /usr/local/bin/docker /usr/local/bin
+
 # -- install 3rd-party
 
 ARG TARGETOS TARGETARCH K6_VERSION

diff --git a/Makefile b/Makefile
@@ -16,12 +16,10 @@ dev: ## Run dev container
  echo "Run dev container ${SERVICE_NAME}. To stop it, run \"make stop\"."
  @docker run -d --rm \
  -v $(PWD):/${SERVICE_NAME} \
- -p ${PUBLIC_SERVICE_PORT}:${PUBLIC_SERVICE_PORT} \
- -p ${PRIVATE_SERVICE_PORT}:${PRIVATE_SERVICE_PORT} \
  -p ${SERVICE_PORT}:${SERVICE_PORT} \
  --network instill-network \
  --name ${SERVICE_NAME} \
- instill/${SERVICE_NAME}:dev >/dev/null 2>&1
+ instill/${SERVICE_NAME}:dev
 
 .PHONY: logs
 logs: ## Tail service container logs with -n 10