general purpose rootless container

Dockerfile

@@ -1,16 +1,37 @@
-FROM golang:1.21-alpine3.18 as builder
+FROM --platform=$BUILDPLATFORM tonistiigi/xx AS xx
+
+FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21-alpine3.18 as build-env
+
+#
+# Transparently cross compile for the target platform
+#
+COPY --from=xx / /
+ARG TARGETPLATFORM
+RUN apk --no-cache add clang lld
+RUN xx-apk --no-cache add gcc musl-dev
+RUN xx-go --wrap
+
 # Do not remove `git` here, it is required for getting runner version when executing `make build`
-RUN apk add --no-cache make git
+RUN apk add --no-cache build-base git
 
 COPY . /srv
 WORKDIR /srv
 
 RUN make clean && make build
 
-FROM alpine:3.18
-RUN apk add --no-cache git bash tini
+FROM docker.io/library/alpine:3.18
+LABEL maintainer="contact@forgejo.org"
 
-COPY --from=builder /srv/forgejo-runner /bin/forgejo-runner
-COPY scripts/run.sh /opt/act/run.sh
+RUN apk add --no-cache git bash
 
-ENTRYPOINT ["/sbin/tini","--","/opt/act/run.sh"]
+COPY --from=build-env /srv/forgejo-runner /bin/forgejo-runner
+
+ENV HOME=/data
+
+USER 1000:1000
+
+WORKDIR /data
+
+VOLUME ["/data"]
+
+CMD ["/bin/forgejo-runner"]

Dockerfile.rootless

@@ -1,24 +0,0 @@
-FROM golang:1.21-alpine3.18 as builder
-# Do not remove `git` here, it is required for getting runner version when executing `make build`
-RUN apk add --no-cache make git
-
-COPY . /opt/src/forgejo-runner
-WORKDIR /opt/src/forgejo-runner
-
-RUN make clean && make build
-
-FROM docker:dind-rootless
-USER root
-RUN apk add --no-cache \
-  git bash supervisor
-
-COPY --from=builder /opt/src/forgejo-runner/forgejo-runner /usr/local/bin/forgejo-runner
-COPY /scripts/supervisord.conf /etc/supervisord.conf
-COPY /scripts/run.sh /opt/act/run.sh
-COPY /scripts/rootless.sh /opt/act/rootless.sh
-
-RUN mkdir /data \
-    && chown rootless:rootless /data
-
-USER rootless
-ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]