cmd/pubsubhelper: change Dockerfile to FROM scratch Before: REPOSITORY SIZE gcr.io/go-dashboard-dev/pubsubhelper 834MB After: REPOSITORY SIZE gcr.io/go-dashboard-dev/pubsubhelper 12.3MB Updates golang/go#18817 Change-Id: Ibf1f33a04043c0defddd7fe6b8d0455092044ac0 Reviewed-on: https://go-review.googlesource.com/40574 Reviewed-by: Kevin Burke <kev@inburke.com>

commit: 91d8933a2fde086865c31d82da9c2226aa00918e [log] [tgz]
author: Jess Frazelle <me@jessfraz.com> Thu Apr 13 14:38:14 2017 +0000
committer: Brad Fitzpatrick <bradfitz@golang.org> Mon Apr 17 18:41:56 2017 +0000
tree: 1af613267a396cfc2a467729d24a9ab6157368f2
parent: b8a13cafd83e4ca0bdc84e8e659338030cdc5ba8 [diff]
diff --git a/cmd/pubsubhelper/.gitignore b/cmd/pubsubhelper/.gitignore
new file mode 100644
index 0000000..06ee9ac
--- /dev/null
+++ b/cmd/pubsubhelper/.gitignore

@@ -0,0 +1,2 @@
+pubsubhelper
+ca-certificates.crt

diff --git a/cmd/pubsubhelper/Dockerfile b/cmd/pubsubhelper/Dockerfile
index 16d2ecb..402677d 100644
--- a/cmd/pubsubhelper/Dockerfile
+++ b/cmd/pubsubhelper/Dockerfile

@@ -1,50 +1,9 @@
 # Copyright 2017 The Go Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style
 # license that can be found in the LICENSE file.
-
-# Note that OpenSSH 6.5+ is required for the Github SSH private key, which requires
-# at least Debian Jessie (not Wheezy). This uses Jessie:
-FROM golang:1.8
+FROM scratch
 LABEL maintainer "golang-dev@googlegroups.com"
 
-# TODO(bradfitz): remove duplication between this, gitmirror, and coordinator?
-# Maybe make both derive FROM "golang_org:buildbase" or something. But
-# then I want to make sure that FROM base is rebuilt always when things in
-# x/build change.
-
-COPY /cmd/gitmirror/install-apt-deps.sh /scripts/install-apt-deps.sh
-RUN  /scripts/install-apt-deps.sh
-
-RUN go get -d cloud.google.com/go/compute/metadata && \
-    cd /go/src/cloud.google.com/go/compute/metadata && \
-    git reset --hard cd0da878c66091060d2e7403abd62192b3e387e0
-
-RUN go get -d golang.org/x/time/rate && \
-    cd /go/src/golang.org/x/time/rate && \
-    git reset --hard f51c12702a4d776e4c1fa9b0fabab841babae631
-
-RUN go get -d golang.org/x/oauth2 && \
-    cd /go/src/golang.org/x/oauth2 && \
-    git reset --hard 314dd2c0bf3ebd592ec0d20847d27e79d0dbe8dd
-
-RUN go get -d github.com/bradfitz/go-smtpd/smtpd && \
-    cd /go/src/github.com/bradfitz/go-smtpd/smtpd && \
-    git reset --hard deb6d623762522f8ad4a55b952001e4215a76cf4
-
-RUN go get -d github.com/jellevandenhooff/dkim && \
-    cd /go/src/github.com/jellevandenhooff/dkim && \
-    git reset --hard f50fe3d243e1a9c9369eea29813517f3af190518
-
-RUN go get -d golang.org/x/crypto/acme/autocert && \
-    cd /go/src/golang.org/x/crypto/acme/autocert && \
-    git reset --hard 573951cbe80bb6352881271bb276f48749eab6f4
-
-RUN go get -d go4.org/types && \
-    cd /go/src/go4.org && \
-    git reset --hard d7e10a7752d55a1f81e384fe49a6a5b417a9a6dd
-
-COPY . /go/src/golang.org/x/build/
-
-RUN go install golang.org/x/build/cmd/pubsubhelper
-
-ENTRYPOINT ["/go/bin/pubsubhelper"]
+COPY ca-certificates.crt /etc/ssl/certs/
+COPY pubsubhelper /
+ENTRYPOINT ["/pubsubhelper"]

diff --git a/cmd/pubsubhelper/Dockerfile.0 b/cmd/pubsubhelper/Dockerfile.0
new file mode 100644
index 0000000..44aad9e
--- /dev/null
+++ b/cmd/pubsubhelper/Dockerfile.0

@@ -0,0 +1,41 @@
+# Copyright 2017 The Go Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style
+# license that can be found in the LICENSE file.
+FROM golang:1.8
+LABEL maintainer "golang-dev@googlegroups.com"
+
+RUN go get -d cloud.google.com/go/compute/metadata && \
+    cd /go/src/cloud.google.com/go/compute/metadata && \
+    git reset --hard cd0da878c66091060d2e7403abd62192b3e387e0
+
+RUN go get -d golang.org/x/time/rate && \
+    cd /go/src/golang.org/x/time/rate && \
+    git reset --hard f51c12702a4d776e4c1fa9b0fabab841babae631
+
+RUN go get -d golang.org/x/oauth2 && \
+    cd /go/src/golang.org/x/oauth2 && \
+    git reset --hard 314dd2c0bf3ebd592ec0d20847d27e79d0dbe8dd
+
+RUN go get -d github.com/bradfitz/go-smtpd/smtpd && \
+    cd /go/src/github.com/bradfitz/go-smtpd/smtpd && \
+    git reset --hard deb6d623762522f8ad4a55b952001e4215a76cf4
+
+RUN go get -d github.com/jellevandenhooff/dkim && \
+    cd /go/src/github.com/jellevandenhooff/dkim && \
+    git reset --hard f50fe3d243e1a9c9369eea29813517f3af190518
+
+RUN go get -d golang.org/x/crypto/acme/autocert && \
+    cd /go/src/golang.org/x/crypto/acme/autocert && \
+    git reset --hard 573951cbe80bb6352881271bb276f48749eab6f4
+
+RUN go get -d go4.org/types && \
+    cd /go/src/go4.org && \
+    git reset --hard d7e10a7752d55a1f81e384fe49a6a5b417a9a6dd
+
+RUN go get -d github.com/googleapis/gax-go && \
+	cd /go/src/github.com/googleapis/gax-go && \
+	git reset --hard 9af46dd5a1713e8b5cd71106287eba3cefdde50b
+
+COPY . /go/src/golang.org/x/build/
+
+RUN go install -ldflags "-linkmode=external -extldflags '-static -pthread'" golang.org/x/build/cmd/pubsubhelper

diff --git a/cmd/pubsubhelper/Makefile b/cmd/pubsubhelper/Makefile
index 920b160..1c67b5b 100644
--- a/cmd/pubsubhelper/Makefile
+++ b/cmd/pubsubhelper/Makefile

@@ -2,14 +2,34 @@
 # Use of this source code is governed by a BSD-style
 # license that can be found in the LICENSE file.
 
-VERSION=v1
+VERSION=v2
+DOCKER_IMAGE_STAGE0=stage0/pubsubhelper:latest
+DOCKER_CTR_STAGE0=pubsubhelper-stage0
 
-docker-prod: Dockerfile
-	docker build -f Dockerfile --tag=gcr.io/symbolic-datum-552/pubsubhelper:$(VERSION)  ../..
-docker-dev: Dockerfile
-	docker build -f Dockerfile --tag=gcr.io/go-dashboard-dev/pubsubhelper:latest  ../..
+stage0: *.go Dockerfile.0
+	docker build --force-rm -f Dockerfile.0 --tag=$(DOCKER_IMAGE_STAGE0) ../..
+
+pubsubhelper: stage0
+	docker create --name $(DOCKER_CTR_STAGE0) $(DOCKER_IMAGE_STAGE0)
+	docker cp $(DOCKER_CTR_STAGE0):/go/bin/$@ $@
+	docker rm $(DOCKER_CTR_STAGE0)
+
+ca-certificates.crt:
+	docker create --name $(DOCKER_CTR_STAGE0) $(DOCKER_IMAGE_STAGE0)
+	docker cp $(DOCKER_CTR_STAGE0):/etc/ssl/certs/$@ $@
+	docker rm $(DOCKER_CTR_STAGE0)
+
+docker-prod: Dockerfile pubsubhelper ca-certificates.crt
+	docker build --force-rm --tag=gcr.io/symbolic-datum-552/pubsubhelper:$(VERSION) .
+docker-dev: Dockerfile pubsubhelper ca-certificates.crt
+	docker build --force-rm --tag=gcr.io/go-dashboard-dev/pubsubhelper:latest .
 
 push-prod: docker-prod
 	gcloud docker -- push gcr.io/symbolic-datum-552/pubsubhelper:$(VERSION)
 push-dev: docker-dev
 	gcloud docker -- push gcr.io/go-dashboard-dev/pubsubhelper:latest
+
+.PHONY: clean
+clean:
+	$(RM) pubsubhelper
+	$(RM) ca-certificates.crt

diff --git a/cmd/pubsubhelper/README b/cmd/pubsubhelper/README
new file mode 100644
index 0000000..d20742b
--- /dev/null
+++ b/cmd/pubsubhelper/README

@@ -0,0 +1,7 @@
+## Running with Docker locally
+
+docker run --rm -it \
+    -p 80:80 \
+    -p 25:25 \
+    -p 443:443 \
+    gcr.io/go-dashboard-dev/pubsubhelper:latest [any additional pubsubhelper flags]

diff --git a/cmd/pubsubhelper/install-apt-deps.sh b/cmd/pubsubhelper/install-apt-deps.sh
deleted file mode 100755
index e685de2..0000000
--- a/cmd/pubsubhelper/install-apt-deps.sh
+++ /dev/null

@@ -1,11 +0,0 @@
-# Copyright 2017 The Go Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style
-# license that can be found in the LICENSE file.
-
-set -ex
-
-apt-get update
-apt-get install -y --no-install-recommends ca-certificates
-
-apt-get clean
-rm -fr /var/lib/apt/lists
commit	91d8933a2fde086865c31d82da9c2226aa00918e	[log] [tgz]
author	Jess Frazelle <me@jessfraz.com>	Thu Apr 13 14:38:14 2017 +0000
committer	Brad Fitzpatrick <bradfitz@golang.org>	Mon Apr 17 18:41:56 2017 +0000
tree	1af613267a396cfc2a467729d24a9ab6157368f2
parent	b8a13cafd83e4ca0bdc84e8e659338030cdc5ba8 [diff]