goharbor · kariya-mitsuru · Jun 19, 2024 · Aug 7, 2024 · Aug 7, 2024 · Aug 7, 2024
@@ -178,7 +178,7 @@ _build_registry:
 		rm -rf $(DOCKERFILEPATH_REG)/binary && mkdir -p $(DOCKERFILEPATH_REG)/binary && \
 		$(call _get_binary, $(REGISTRYURL), $(DOCKERFILEPATH_REG)/binary/registry); \
 	else \
-		cd $(DOCKERFILEPATH_REG) && $(DOCKERFILEPATH_REG)/builder $(REGISTRY_SRC_TAG) && cd - ; \
+		$(DOCKERFILEPATH_REG)/builder $(REGISTRY_SRC_TAG) ; \
 	fi
 	@echo "building registry container for photon..."
 	@chmod 655 $(DOCKERFILEPATH_REG)/binary/registry && $(DOCKERBUILD_WITH_PULL_PARA) --build-arg harbor_base_image_version=$(BASEIMAGETAG) --build-arg harbor_base_namespace=$(BASEIMAGENAMESPACE) -f $(DOCKERFILEPATH_REG)/$(DOCKERFILENAME_REG) -t $(DOCKERIMAGENAME_REG):$(VERSIONTAG) .

@@ -2,14 +2,9 @@ ARG harbor_base_image_version
 ARG harbor_base_namespace
 FROM ${harbor_base_namespace}/harbor-registry-base:${harbor_base_image_version}
 
-COPY ./make/photon/common/install_cert.sh /home/harbor
-COPY ./make/photon/registry/entrypoint.sh /home/harbor
-COPY ./make/photon/registry/binary/registry /usr/bin/registry_DO_NOT_USE_GC
-
-RUN chown -R harbor:harbor /etc/pki/tls/certs \
-    && chown harbor:harbor /home/harbor/entrypoint.sh && chmod u+x /home/harbor/entrypoint.sh \
-    && chown harbor:harbor /home/harbor/install_cert.sh && chmod u+x /home/harbor/install_cert.sh \
-    && chown harbor:harbor /usr/bin/registry_DO_NOT_USE_GC && chmod u+x /usr/bin/registry_DO_NOT_USE_GC
+COPY --link --chown=10000:10000 --chmod=755 ./make/photon/common/install_cert.sh /home/harbor/
+COPY --link --chown=10000:10000 --chmod=744 ./make/photon/registry/entrypoint.sh /home/harbor/
+COPY --link --chown=10000:10000 --chmod=755 ./make/photon/registry/binary/registry /usr/bin/registry_DO_NOT_USE_GC
 
 HEALTHCHECK CMD curl --fail -s http://localhost:5000 || curl -k --fail -s https://localhost:5443 || exit 1
 

diff --git a/make/photon/registry/Dockerfile.base b/make/photon/registry/Dockerfile.base
@@ -3,4 +3,5 @@ FROM photon:5.0
 RUN tdnf install -y shadow >> /dev/null \
     && tdnf clean all \
     && mkdir -p /etc/registry \
-    && groupadd -r -g 10000 harbor && useradd --no-log-init -m -g 10000 -u 10000 harbor
+    && groupadd -r -g 10000 harbor && useradd --no-log-init -m -g 10000 -u 10000 harbor \
+    && chown -R harbor:harbor /etc/pki/tls/certs
@@ -1,4 +1,4 @@
-FROM golang:1.22.3
+FROM golang:1.22.3 as build
 
 ENV DISTRIBUTION_DIR /go/src/github.com/docker/distribution
 ENV BUILDTAGS include_oss include_gcs
@@ -7,4 +7,7 @@ ENV GO111MODULE auto
 WORKDIR $DISTRIBUTION_DIR
 COPY . $DISTRIBUTION_DIR
 
-RUN CGO_ENABLED=0 make PREFIX=/go clean binaries
+RUN CGO_ENABLED=0 make clean bin/registry
+
+FROM scratch
+COPY --from=build /go/src/github.com/docker/distribution/bin/registry /
@@ -1,44 +1,32 @@
 #!/bin/bash
 
-set +e
+set -e
 
 if [ -z $1 ]; then
-  error "Please set the 'version' variable"
+  echo "Please set the 'version' variable"
   exit 1
 fi
 
 VERSION="$1"
 
-set -e
-
 # the temp folder to store binary file...
 mkdir -p binary
 rm -rf binary/registry || true
 
 cd `dirname $0`
-cur=$PWD
 
 # the temp folder to store distribution source code...
 TEMP=`mktemp -d ${TMPDIR-/tmp}/distribution.XXXXXX`
-git clone -b $VERSION https://github.com/distribution/distribution.git $TEMP
+git clone -b $VERSION --depth 1 https://github.com/distribution/distribution.git $TEMP
 
 # add patch redis
 cd $TEMP
-git apply $cur/redis.patch
-cd $cur
+git apply ~-/redis.patch
+cd -
 
 echo 'build the registry binary ...'
-cp Dockerfile.binary $TEMP
-docker build -f $TEMP/Dockerfile.binary -t registry-golang $TEMP
-
-echo 'copy the registry binary to local...'
-ID=$(docker create registry-golang)
-docker cp $ID:/go/src/github.com/docker/distribution/bin/registry binary/registry
-
-docker rm -f $ID
-docker rmi -f registry-golang
+docker build -f Dockerfile.binary -o binary/ $TEMP
 
 echo "Build registry binary success, then to build photon image..."
-cd $cur
 cp $TEMP/cmd/registry/config-example.yml config.yml
 rm -rf $TEMP