From 58afea45a104dd15ec93c2231ac47ce5d5e9d069 Mon Sep 17 00:00:00 2001 From: Kirill Shklyaev Date: Wed, 8 Apr 2026 12:11:13 +0300 Subject: [PATCH] Simplify Docker build to use pre-compiled binaries - Convert multi-stage Dockerfile to use pre-compiled binaries instead of building in Docker - Update release workflow to extract and pass Linux binaries to Docker build context - Remove build-arg parameters from docker/build-push-action - Add sparse checkout for Dockerfile and binary extraction steps - Add job names for better workflow visibility - Set provenance: false for reproducible builds --- .github/workflows/release.yml | 40 +++++++++++++++++---------- Dockerfile | 52 ++++------------------------------- 2 files changed, 31 insertions(+), 61 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a9e934c..02d2d19 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,6 +13,7 @@ permissions: jobs: build-all-platforms: + name: Build all platforms runs-on: macos-15 outputs: @@ -128,6 +129,7 @@ jobs: anytype-cli-*.zip create-release: + name: Create GitHub release needs: build-all-platforms runs-on: ubuntu-latest outputs: @@ -180,11 +182,6 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - name: Set deploy-platforms run: | echo "DEPLOY_PLATFORMS=linux/amd64,linux/arm64" >> $GITHUB_ENV @@ -197,6 +194,26 @@ jobs: ver="${tag#v}" echo "RELEASE_VERSION=${ver}" >> "$GITHUB_OUTPUT" + - name: Checkout Dockerfile + uses: actions/checkout@v6 + with: + sparse-checkout: Dockerfile + sparse-checkout-cone-mode: false + + - name: Download release artifacts + uses: actions/download-artifact@v8 + with: + name: anytype-cli-releases + path: artifacts + + - name: Extract linux binaries + run: | + tar -xzf artifacts/anytype-cli-${{ needs.build-all-platforms.outputs.version }}-linux-amd64.tar.gz + mv anytype anytype-linux-amd64 + tar -xzf artifacts/anytype-cli-${{ needs.build-all-platforms.outputs.version }}-linux-arm64.tar.gz + mv anytype anytype-linux-arm64 + ls -la anytype-linux-* + - name: Set up QEMU uses: docker/setup-qemu-action@v4 @@ -217,11 +234,7 @@ jobs: file: Dockerfile platforms: ${{ env.DEPLOY_PLATFORMS }} push: true - build-args: | - VERSION=${{ needs.build-all-platforms.outputs.version }} - COMMIT=${{ needs.build-all-platforms.outputs.commit }} - BUILD_TIME=${{ needs.build-all-platforms.outputs['build-time'] }} - GIT_STATE=clean + provenance: false tags: | ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:${{ needs.build-all-platforms.outputs.version }} @@ -247,11 +260,7 @@ jobs: file: Dockerfile platforms: ${{ env.DEPLOY_PLATFORMS }} push: true - build-args: | - VERSION=${{ needs.build-all-platforms.outputs.version }} - COMMIT=${{ needs.build-all-platforms.outputs.commit }} - BUILD_TIME=${{ needs.build-all-platforms.outputs['build-time'] }} - GIT_STATE=clean + provenance: false tags: | docker.io/${{ github.repository }}:latest docker.io/${{ github.repository }}:${{ needs.build-all-platforms.outputs.version }} @@ -264,6 +273,7 @@ jobs: org.opencontainers.image.revision=${{ github.sha }} notify: + name: Notify Slack needs: - build-all-platforms - create-release diff --git a/Dockerfile b/Dockerfile index 64cc233..fe9ecf0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,57 +1,17 @@ # syntax=docker/dockerfile:1 -# ============================================================================= -# Build stage -# ============================================================================= -FROM golang:1.25-alpine AS builder - -WORKDIR /app - -# Install build dependencies -# - build-base: gcc, musl-dev (required for CGO/tantivy linking) -# - curl: for downloading the tantivy library -# - make: to use Makefile build -RUN apk add --no-cache build-base curl make - -# Copy dependency files first for better layer caching -COPY go.mod go.sum ./ -RUN go mod download && go mod verify - -# Copy source code -COPY . . - -# Build arguments for version info (pass via --build-arg) -ARG VERSION=unknown -ARG COMMIT=unknown -ARG BUILD_TIME=unknown -ARG GIT_STATE=unknown -ARG TARGETARCH - -# Build a statically-linked binary via Makefile -RUN CGO_ENABLED=1 \ - GOOS=linux \ - GOARCH="${TARGETARCH}" \ - BUILD_TAGS="noheic" \ - EXTRA_LDFLAGS="-linkmode external -extldflags '-static'" \ - OUTPUT=/app/anytype \ - VERSION="${VERSION}" \ - COMMIT="${COMMIT}" \ - BUILD_TIME="${BUILD_TIME}" \ - GIT_STATE="${GIT_STATE}" \ - make build - -# ============================================================================= -# Production stage -# ============================================================================= -FROM alpine:3.23 AS production +FROM alpine:3.23 WORKDIR /app # Install ca-certificates for TLS and netcat for health checks RUN apk add --no-cache ca-certificates netcat-openbsd -# Copy binary from builder -COPY --from=builder /app/anytype /app/anytype +# Pre-compiled binary is provided in build context as anytype-linux-{arch} +# TARGETARCH is set automatically by docker buildx (amd64 or arm64) +ARG TARGETARCH +COPY anytype-linux-${TARGETARCH} /app/anytype +RUN chmod +x /app/anytype # Note: Running as root to avoid volume permission issues in docker-compose