From 64137dcfb73ecc8e39578bf61ef5ee086c27a1b5 Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Wed, 23 Aug 2023 21:57:06 +0200
Subject: [PATCH] general purpose rootless container

---
 Dockerfile          | 35 ++++++++++++++++++++++++++++-------
 Dockerfile.rootless | 24 ------------------------
 2 files changed, 28 insertions(+), 31 deletions(-)
 delete mode 100644 Dockerfile.rootless

diff --git a/Dockerfile b/Dockerfile
index bd931fa..ce36d7a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,16 +1,37 @@
-FROM golang:1.21-alpine3.18 as builder
+FROM --platform=$BUILDPLATFORM tonistiigi/xx AS xx
+
+FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.21-alpine3.18 as build-env
+
+#
+# Transparently cross compile for the target platform
+#
+COPY --from=xx / /
+ARG TARGETPLATFORM
+RUN apk --no-cache add clang lld
+RUN xx-apk --no-cache add gcc musl-dev
+RUN xx-go --wrap
+
 # Do not remove `git` here, it is required for getting runner version when executing `make build`
-RUN apk add --no-cache make git
+RUN apk add --no-cache build-base git
 
 COPY . /srv
 WORKDIR /srv
 
 RUN make clean && make build
 
-FROM alpine:3.18
-RUN apk add --no-cache git bash tini
+FROM docker.io/library/alpine:3.18
+LABEL maintainer="contact@forgejo.org"
 
-COPY --from=builder /srv/forgejo-runner /bin/forgejo-runner
-COPY scripts/run.sh /opt/act/run.sh
+RUN apk add --no-cache git bash
 
-ENTRYPOINT ["/sbin/tini","--","/opt/act/run.sh"]
+COPY --from=build-env /srv/forgejo-runner /bin/forgejo-runner
+
+ENV HOME=/data
+
+USER 1000:1000
+
+WORKDIR /data
+
+VOLUME ["/data"]
+
+CMD ["/bin/forgejo-runner"]
diff --git a/Dockerfile.rootless b/Dockerfile.rootless
deleted file mode 100644
index a2cb0cf..0000000
--- a/Dockerfile.rootless
+++ /dev/null
@@ -1,24 +0,0 @@
-FROM golang:1.21-alpine3.18 as builder
-# Do not remove `git` here, it is required for getting runner version when executing `make build`
-RUN apk add --no-cache make git
-
-COPY . /opt/src/forgejo-runner
-WORKDIR /opt/src/forgejo-runner
-
-RUN make clean && make build
-
-FROM docker:dind-rootless
-USER root
-RUN apk add --no-cache \
-  git bash supervisor
-
-COPY --from=builder /opt/src/forgejo-runner/forgejo-runner /usr/local/bin/forgejo-runner
-COPY /scripts/supervisord.conf /etc/supervisord.conf
-COPY /scripts/run.sh /opt/act/run.sh
-COPY /scripts/rootless.sh /opt/act/rootless.sh
-
-RUN mkdir /data \
-    && chown rootless:rootless /data
-
-USER rootless
-ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]