artifact-fs/examples/Dockerfile at main · cloudflare/artifact-fs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# syntax=docker/dockerfile:1

# Builds artifact-fs and starts a FUSE-mounted git repo inside the container.
# The container needs --cap-add SYS_ADMIN --device /dev/fuse to use FUSE.
#
# Build:
#   docker build -t artifact-fs-example -f examples/Dockerfile .
#
# Run (public repo):
#   docker run --rm --cap-add SYS_ADMIN --device /dev/fuse artifact-fs-example
#
# Run (private repo):
#   docker run --rm --cap-add SYS_ADMIN --device /dev/fuse \
#     -e REPO_REMOTE_URL=https://<token>@github.com/org/private-repo.git \
#     artifact-fs-example
#
# On hosts with AppArmor (Ubuntu), add: --security-opt apparmor:unconfined

# ---- build stage ----
FROM golang:1.24 AS build
WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 go build -o /artifact-fs ./cmd/artifact-fs

# ---- runtime stage ----
FROM debian:bookworm-slim

RUN apt-get update && apt-get install -y --no-install-recommends \
    fuse3 git ca-certificates \
  && rm -rf /var/lib/apt/lists/*

COPY --from=build /artifact-fs /usr/local/bin/artifact-fs

ENV REPO_REMOTE_URL=https://github.com/cloudflare/workers-sdk.git
ENV REPO_BRANCH=main
ENV REPO_NAME=repo
ENV ARTIFACT_FS_ROOT=/var/lib/artifact-fs
ENV MOUNT_ROOT=/mnt

COPY examples/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

ENTRYPOINT ["/entrypoint.sh"]