Download static cURL into release Docker image for all supported architectures (#20424)

Download static cURL into release Docker image for all supported architectures. Currently, the static cURL executable is only downloaded for the `amd64` architecture. However, `arm64` and `ppc64le` variants are also [available](https://github.com/moparisthebest/static-curl/releases/tag/v8.7.1).
2024-09-12 08:45:19 -07:00 · 2024-09-12 08:45:19 -07:00 · e36b1146d6
parent c28a4beeb7
commit e36b1146d6
2 changed files with 28 additions and 6 deletions
--- a/Dockerfile.release
+++ b/Dockerfile.release
@ -6,9 +6,12 @@ ARG RELEASE
 ENV GOPATH=/go
 ENV CGO_ENABLED=0

+WORKDIR /build
+
 # Install curl and minisign
 RUN apk add -U --no-cache ca-certificates && \
    apk add -U --no-cache curl && \
+    apk add -U --no-cache bash && \
    go install aead.dev/minisign/cmd/minisign@v0.2.1

 # Download minio binary and signature files
@ -23,15 +26,14 @@ RUN curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc -o /go
    curl -s -q https://dl.min.io/client/mc/release/linux-${TARGETARCH}/mc.sha256sum -o /go/bin/mc.sha256sum && \
    chmod +x /go/bin/mc

-RUN if [ "$TARGETARCH" = "amd64" ]; then \
-       curl -L -s -q https://github.com/moparisthebest/static-curl/releases/latest/download/curl-${TARGETARCH} -o /go/bin/curl; \
-       chmod +x /go/bin/curl; \
-    fi
-
 # Verify binary signature using public key "RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGavRUN"
 RUN minisign -Vqm /go/bin/minio -x /go/bin/minio.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav && \
    minisign -Vqm /go/bin/mc -x /go/bin/mc.minisig -P RWTx5Zr1tiHQLwG9keckT0c45M3AGeHD6IvimQHpyRywVWGbP1aVSGav

+COPY dockerscripts/download-static-curl.sh /build/download-static-curl
+RUN chmod +x /build/download-static-curl && \
+    /build/download-static-curl
+
 FROM registry.access.redhat.com/ubi9/ubi-micro:latest

 ARG RELEASE
@ -58,7 +60,7 @@ RUN chmod 1777 /usr/bin
 COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=build /go/bin/minio* /usr/bin/
 COPY --from=build /go/bin/mc* /usr/bin/
-COPY --from=build /go/bin/cur* /usr/bin/
+COPY --from=build /go/bin/curl* /usr/bin/

 COPY CREDITS /licenses/CREDITS
 COPY LICENSE /licenses/LICENSE
--- a/dockerscripts/download-static-curl.sh
+++ b/dockerscripts/download-static-curl.sh
@ -0,0 +1,20 @@
+#!/bin/bash
+
+function download_arch_specific_executable {
+	curl -f -L -s -q \
+		https://github.com/moparisthebest/static-curl/releases/latest/download/curl-$1 \
+		-o /go/bin/curl || exit 1
+	chmod +x /go/bin/curl
+}
+
+case $TARGETARCH in
+"arm64")
+	download_arch_specific_executable aarch64
+	;;
+"s390x")
+	echo "Not downloading static cURL because it does not exist for the $TARGETARCH architecture."
+	;;
+*)
+	download_arch_specific_executable "$TARGETARCH"
+	;;
+esac