Source
FROM stagex/pallet-cgo AS base
COPY --from=stagex/user-libseccomp . /
ARG VERSION
ENV CGO_ENABLED=1
ENV GO11MODULE=on
FROM base AS build-dockerd
ADD fetch/docker-${VERSION}.tar.gz .
WORKDIR /moby-${VERSION}
COPY <<-EOF go.mod
module github.com/docker/docker
go 1.22.0
EOF
RUN <<-EOF
go mod tidy -modfile=vendor.mod
go mod vendor -modfile=vendor.mod
EOF
RUN --network=none <<-EOF
set -eux
go build \
-mod=vendor \
-modfile=vendor.mod \
-o /build/dockerd \
-tags seccomp \
-gcflags='' \
-ldflags " \
${GO_LDFLAGS} \
-X \"github.com/docker/docker/dockerversion.Version=${VERSION}\" \
-X \"github.com/docker/docker/dockerversion.GitCommit=${VERSION}\" \
-X \"github.com/docker/docker/dockerversion.BuildTime=\" \
" \
github.com/docker/docker/cmd/dockerd
go build \
-mod=vendor \
-modfile=vendor.mod \
-o /build/docker-proxy \
-tags seccomp \
-gcflags='' \
-ldflags " \
${GO_LDFLAGS} \
-X \"github.com/docker/docker/dockerversion.Version=${VERSION}\" \
-X \"github.com/docker/docker/dockerversion.GitCommit=${VERSION}\" \
-X \"github.com/docker/docker/dockerversion.BuildTime=\" \
" \
github.com/docker/docker/cmd/docker-proxy
EOF
FROM base AS build-docker
ADD fetch/docker-cli-${VERSION}.tar.gz .
WORKDIR /cli-${VERSION}
ENV GO_LINKMODE=dynamic
COPY <<-EOF go.mod
module github.com/docker/cli
go 1.22.0
EOF
RUN <<-EOF
go mod tidy -modfile=vendor.mod
go mod vendor -modfile=vendor.mod
EOF
RUN --network=none <<-EOF
set -eux
go build \
-mod=vendor \
-modfile=vendor.mod \
-o /build/docker \
-tags ' pkcs11' \
-ldflags " \
${GO_LDFLAGS} \
-buildmode=pie \
-X \"github.com/docker/cli/cli/version.Version=${VERSION}\" \
-X \"github.com/docker/cli/cli/version.GitCommit=${VERSION}\" \
-X \"github.com/docker/cli/cli/version.BuildTime=\" \
" \
github.com/docker/cli/cmd/docker
EOF
FROM base AS install
COPY --from=build-docker /build/ /build/
COPY --from=build-dockerd /build/ /build/
WORKDIR /
RUN <<-EOF
set -eux
install -Dm755 /build/docker /rootfs/usr/bin/docker
install -Dm755 -t /rootfs/usr/bin /build/dockerd /build/docker-proxy
# symlink externally provided tini-static binary
ln -sf /sbin/tini-static /rootfs/usr/bin/docker-init
EOF
FROM stagex/core-filesystem AS package
COPY --from=install /rootfs/ /