github.com/letsencrypt/boulder@v0.20251208.0/Containerfile (about)

     1  # This builds Boulder in a Docker container, then creates an image
     2  # containing just the built Boulder binaries plus some ancillary
     3  # files that are useful for predeployment testing.
     4  FROM docker.io/ubuntu:24.04 AS builder
     5  
     6  ARG COMMIT_ID
     7  ARG GO_VERSION
     8  ARG VERSION
     9  
    10  ENV DEBIAN_FRONTEND=noninteractive
    11  RUN apt-get --assume-yes --no-install-recommends --update install \
    12      ca-certificates curl gcc git gnupg2 libc6-dev
    13  
    14  COPY tools/fetch-and-verify-go.sh /tmp
    15  RUN /tmp/fetch-and-verify-go.sh ${GO_VERSION}
    16  RUN tar -C /opt -xzf go.tar.gz
    17  ENV PATH="/opt/go/bin:${PATH}"
    18  
    19  COPY . /opt/boulder
    20  WORKDIR /opt/boulder
    21  
    22  ENV GOBIN=/opt/boulder/bin/
    23  RUN go install \
    24      -buildvcs=false \
    25      -ldflags="-X \"github.com/letsencrypt/boulder/core.BuildID=${COMMIT_ID}\" -X \"github.com/letsencrypt/boulder/core.BuildTime=$(date -u)\"" \
    26      -mod=vendor \
    27      ./...
    28  
    29  FROM docker.io/ubuntu:24.04
    30  
    31  ARG VERSION
    32  
    33  LABEL org.opencontainers.image.authors="Internet Security Research Group, https://letsencrypt.org/"
    34  LABEL org.opencontainers.image.created="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
    35  LABEL org.opencontainers.image.description="Boulder is an ACME-compatible X.509 Certificate Authority"
    36  LABEL org.opencontainers.image.documentation="https://github.com/letsencrypt/boulder"
    37  LABEL org.opencontainers.image.licenses="MPL-2.0"
    38  LABEL org.opencontainers.image.source="https://github.com/letsencrypt/boulder"
    39  LABEL org.opencontainers.image.title="Boulder"
    40  LABEL org.opencontainers.image.url="https://github.com/letsencrypt/boulder"
    41  LABEL org.opencontainers.image.vendor="Internet Security Research Group"
    42  LABEL org.opencontainers.image.version="${VERSION}"
    43  
    44  COPY --from=builder \
    45      /opt/boulder/bin/admin \
    46      /opt/boulder/bin/boulder \
    47      /opt/boulder/bin/chall-test-srv \
    48      /opt/boulder/bin/ct-test-srv \
    49      /opt/boulder/bin/pardot-test-srv \
    50      /opt/boulder/bin/zendesk-test-srv \
    51      /opt/boulder/bin/
    52  COPY --from=builder /opt/boulder/data /opt/boulder/data
    53  COPY --from=builder /opt/boulder/sa/db /opt/boulder/sa/db
    54  COPY --from=builder /opt/boulder/test/config /opt/boulder/test/config
    55  
    56  ENV PATH="/opt/boulder/bin:${PATH}"