-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
94 lines (66 loc) · 2.38 KB
/
Dockerfile
File metadata and controls
94 lines (66 loc) · 2.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# syntax=docker/dockerfile:1
FROM node:22 AS node-base
SHELL ["bash", "-euo", "pipefail", "-c"]
WORKDIR /build
FROM node-base AS node-modules
COPY package.json package-lock.json .npmrc .
RUN --mount=type=cache,target=/root/.npm npm ci
FROM node-base AS lint
RUN --mount=from=,source=.,target=.,rw \
--mount=from=node-modules,src=/build/node_modules,target=/build/node_modules \
npm run lint
FROM node-base AS prettier
RUN --mount=from=,source=.,target=.,rw \
--mount=from=node-modules,src=/build/node_modules,target=/build/node_modules \
npm run prettier
FROM node-base AS typecheck
RUN --mount=from=,source=.,target=.,rw \
--mount=from=node-modules,src=/build/node_modules,target=/build/node_modules \
npm run typecheck
FROM node-base AS test
RUN --mount=from=,source=.,target=.,rw \
--mount=from=node-modules,src=/build/node_modules,target=/build/node_modules \
npm run test
FROM node-base AS build-base
RUN apt-get update && apt-get install -y zip
FROM build-base AS build
# ARG BUILDKIT_SBOM_SCAN_STAGE=true
ARG BROWSER RELEASE
RUN --mount=from=,source=.,target=.,rw \
--mount=from=node-modules,src=/build/node_modules,target=/build/node_modules \
VAULTONOMY_BROWSER=${BROWSER:?} \
VAULTONOMY_RELEASE=${RELEASE:?} \
npm run build -- --emptyOutDir --outDir /dist
FROM scratch AS built-files
COPY --from=build /dist/ .
FROM build AS package
ARG BROWSER RELEASE SOURCE_DATE_EPOCH=0 BUILD_TAG=
RUN <<EOF
set -x
build_id=
if [[ $BUILD_TAG ]]; then build_id="_${BUILD_TAG:?}"; fi
if [[ $BUILD_TAG && $RELEASE == production ]]; then build_target=${BROWSER:?}
else build_target="${BROWSER:?}-${RELEASE:?}"; fi
mkdir /packaged
cd /dist
find . -type f -exec \
touch --no-dereference --date="@${SOURCE_DATE_EPOCH:-0}" {} + -print \
| sort \
| zip -9 -X -@ "/packaged/vaultonomy_${build_target:?}${build_id?}.zip"
EOF
FROM scratch AS packaged-files
COPY --from=package /packaged/* .
FROM node-base AS lint-web-ext-base
ARG BROWSER WEB_EXT_VERSION=^8
RUN <<EOF
if [[ ${BROWSER:?} != firefox ]]; then
echo "Error: web-ext-lint browser target must be firefox: BROWSER=${BROWSER@Q}" >&2
exit 1
fi
EOF
RUN npm i -g "web-ext@${WEB_EXT_VERSION:?}"
RUN apt-get update && apt-get install -y jq
FROM lint-web-ext-base AS lint-web-ext
RUN --mount=from=,source=scripts,target=scripts,rw \
--mount=from=built-files,target=/web-ext \
scripts/web-ext-lint.sh /web-ext