Skip to content

Fix ContainerfilesDirect build instead of make targets to catch failures #180

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-bot merged 3 commits into from
Apr 16, 2026
+62 −10
Merged

Fix ContainerfilesDirect build instead of make targets to catch failures #180

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
10bc90d
Fix ContainerfilesDirect build instead of make targets to catch failures
Joeavaikath Apr 16, 2026
daf8465
Fix sha256 path issue
Joeavaikath Apr 16, 2026
ec8a9d6
-x CLI binaries
Joeavaikath Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 33 additions & 7 deletions Containerfile.download
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,47 @@ RUN go mod download && go mod verify

COPY . .

RUN make release-binaries && \
# Version information
ARG VERSION=dev
ARG GIT_COMMIT=unknown

# Build release binaries for all platforms as direct executables
# with clean names for direct curl/wget download.
RUN set -e && \
mkdir -p /archives && \
for platform in linux/amd64 linux/arm64 darwin/amd64 darwin/arm64 windows/amd64 windows/arm64; do \
os=$(echo $platform | cut -d'/' -f1) && \
arch=$(echo $platform | cut -d'/' -f2) && \
if [ "$os" = "windows" ]; then \
output="kubectl-oadp_${os}_${arch}.exe"; \
else \
output="kubectl-oadp_${os}_${arch}"; \
fi && \
echo "Building $output..." && \
CGO_ENABLED=0 GOOS=$os GOARCH=$arch \
go build -trimpath \
-ldflags="-s -w \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.Version=${VERSION} \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitSHA=${GIT_COMMIT} \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitTreeState=clean" \
-o /archives/$output \
. && \
(cd /archives && sha256sum $output > $output.sha256); \
done && \
chmod -x /archives/kubectl-oadp_* && \
cp LICENSE /archives/LICENSE && \
rm -rf /root/.cache/go-build /tmp/*

# Build the download server for the TARGET platform (the arch this container will run on)
RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -o download-server ./cmd/downloads/ && \
RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \
go build -trimpath -o /usr/local/bin/download-server ./cmd/downloads/ && \
go clean -cache -modcache -testcache && \
rm -rf /root/.cache/go-build /go/pkg

FROM registry.access.redhat.com/ubi9/ubi-minimal:latest

# Copy binaries, checksums, and LICENSE
COPY --from=builder /app/release-binaries /archives

# Copy the download server
COPY --from=builder /app/download-server /usr/local/bin/download-server
COPY --from=builder /archives /archives
COPY --from=builder /usr/local/bin/download-server /usr/local/bin/download-server

EXPOSE 8080

Expand Down
32 changes: 29 additions & 3 deletions konflux.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,40 @@ FROM brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_golang_1.25
COPY . /workspace
WORKDIR /workspace

# Version information
ARG VERSION=dev
ARG GIT_COMMIT=unknown

# Build release binaries for all platforms (CGO_ENABLED=0 for cross-platform
# portability — CLI binaries run on user machines outside the FIPS boundary)
RUN make release-binaries && \
RUN set -e && \
mkdir -p /archives && \
for platform in linux/amd64 linux/arm64 darwin/amd64 darwin/arm64 windows/amd64 windows/arm64; do \
os=$(echo $platform | cut -d'/' -f1) && \
arch=$(echo $platform | cut -d'/' -f2) && \
if [ "$os" = "windows" ]; then \
output="kubectl-oadp_${os}_${arch}.exe"; \
else \
output="kubectl-oadp_${os}_${arch}"; \
fi && \
echo "Building $output..." && \
CGO_ENABLED=0 GOOS=$os GOARCH=$arch \
go build -trimpath -mod=mod \
-ldflags="-s -w \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.Version=${VERSION} \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitSHA=${GIT_COMMIT} \
-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitTreeState=clean" \
-o /archives/$output \
. && \
(cd /archives && sha256sum $output > $output.sha256); \
done && \
chmod -x /archives/kubectl-oadp_* && \
cp LICENSE /archives/LICENSE && \
rm -rf /root/.cache/go-build /tmp/*

# Build the download server (FIPS-compliant, runs in-cluster on RHEL)
RUN CGO_ENABLED=1 GOEXPERIMENT=strictfipsruntime GOOS=linux \
go build -mod=readonly -a -tags strictfipsruntime \
go build -trimpath -mod=mod -a -tags strictfipsruntime \
-o /workspace/bin/download-server ./cmd/downloads/ && \
go clean -cache -modcache -testcache && \
rm -rf /root/.cache/go-build /go/pkg
Expand All @@ -23,7 +49,7 @@ FROM registry.redhat.io/ubi9/ubi:latest

RUN dnf -y install openssl && dnf -y reinstall tzdata && dnf clean all

COPY --from=builder /workspace/release-binaries /archives
COPY --from=builder /archives /archives
COPY --from=builder /workspace/bin/download-server /usr/local/bin/download-server
COPY LICENSE /licenses/

Expand Down
Loading