feat: 指定交叉编译的镜像架构，达到构建提速目的 #75

2025-09-29T14:32:05+08:00

eryajf commented

2025-09-29 14:32:05 +08:00

(Migrated from github.com)

换了个思路，实测即可达到加速目的，还不影响Dockerfile完整。

Summary by CodeRabbit

Chores
- Standardized container image builds to target linux/amd64, improving consistency and reliability on amd64 hosts and CI/CD runners.
- Reduces architecture-related runtime issues and ensures predictable deployments across environments.
- Provides a more consistent local development experience on Intel-based machines.
- No changes to application functionality or behavior.

换了个思路，实测即可达到加速目的，还不影响Dockerfile完整。  ## Summary by CodeRabbit * **Chores** * Standardized container image builds to target linux/amd64, improving consistency and reliability on amd64 hosts and CI/CD runners. * Reduces architecture-related runtime issues and ensures predictable deployments across environments. * Provides a more consistent local development experience on Intel-based machines. * No changes to application functionality or behavior.

coderabbitai[bot] commented

2025-09-29 14:32:12 +08:00

(Migrated from github.com)

Walkthrough

The Dockerfile’s builder stage now specifies an explicit build platform: linux/amd64. All other instructions remain unchanged.

Changes

Cohort / File(s)	Summary
Container build configuration `Dockerfile`	Added explicit platform to builder stage: `FROM --platform=linux/amd64 golang:1.25-alpine AS builder`; no other steps modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A carrot-colored cloud sails by my rig,
I pin my build to amd64—big!
Hop, hop, the layers stack just right,
Alpine winds, binaries light.
With platform set, I twitch my ear,
“Ship it!” thumps this happy hare engineer. 🥕🐇

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly describes the primary change by specifying the image architecture for cross-compilation to accelerate the build, which matches the Dockerfile modification introduced in the PR. It is concise, uses conventional commit style, and captures the main developer intent without unnecessary detail.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

Create PR with unit tests
Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

## Walkthrough The Dockerfile’s builder stage now specifies an explicit build platform: linux/amd64. All other instructions remain unchanged. ## Changes | Cohort / File(s) | Summary | |---|---| | **Container build configuration**<br>`Dockerfile` | Added explicit platform to builder stage: `FROM --platform=linux/amd64 golang:1.25-alpine AS builder`; no other steps modified. | ## Estimated code review effort 🎯 1 (Trivial) | ⏱️ ~2 minutes ## Poem > A carrot-colored cloud sails by my rig, > I pin my build to amd64—big! > Hop, hop, the layers stack just right, > Alpine winds, binaries light. > With platform set, I twitch my ear, > “Ship it!” thumps this happy hare engineer. 🥕🐇   ## Pre-merge checks and finishing touches <details> <summary>✅ Passed checks (3 passed)</summary> | Check name | Status | Explanation | | :----------------: | :------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Description Check | ✅ Passed | Check skipped - CodeRabbit’s high-level summary is enabled. | | Title Check | ✅ Passed | The title clearly describes the primary change by specifying the image architecture for cross-compilation to accelerate the build, which matches the Dockerfile modification introduced in the PR. It is concise, uses conventional commit style, and captures the main developer intent without unnecessary detail. | | Docstring Coverage | ✅ Passed | No functions found in the changes. Docstring coverage check skipped. | </details>   <details> <summary>✨ Finishing touches</summary> <details> <summary>🧪 Generate unit tests</summary> - [ ]  Create PR with unit tests - [ ]  Post copyable unit tests in a comment </details> </details>   --- Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. <details> <summary>❤️ Share</summary> - [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code) </details> <sub>Comment `@coderabbitai help` to get the list of available commands and usage tips.</sub>

coderabbitai[bot] (Migrated from github.com) reviewed 2025-09-29 14:34:21 +08:00

coderabbitai[bot] (Migrated from github.com) left a comment

Actionable comments posted: 0

🧹 Nitpick comments (2)

Dockerfile (2)
11-11: Harden cross‑compile env and trim apk caches

If TARGETARCH isn’t supplied (local docker build without buildx), GOARCH becomes an empty env var. Provide a sane default and avoid persisting apk indexes.
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} go build -ldflags="-s -w" -trimpath -o hubproxy . && upx -9 hubproxy
+RUN apk add --no-cache upx && \
+    CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH:-amd64} \
+    go build -ldflags="-s -w" -trimpath -o hubproxy . && \
+    upx -9 hubproxy
If you adopt the BUILDPLATFORM/TARGETPLATFORM pattern, prefer GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH}.

13-20: Propagate target platform, pin base, and drop root in runtime image

For smaller, safer runtime images and correct platform selection in multi‑arch builds:
-FROM alpine
+FROM --platform=$TARGETPLATFORM alpine:3.20

 WORKDIR /root/
 
-COPY --from=builder /app/hubproxy .
-COPY --from=builder /app/config.toml .
+# Create nonroot user and copy artifacts with ownership
+RUN adduser -D -u 65532 -H appuser
+COPY --from=builder --chown=65532:65532 /app/hubproxy .
+COPY --from=builder --chown=65532:65532 /app/config.toml .
+USER 65532:65532
Optional: if the binary is fully static (CGO_ENABLED=0), you can use FROM scratch and copy only the binary and config.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3f614e8011 and 234ddcf835.

📒 Files selected for processing (1)

Dockerfile (2 hunks)

🔇 Additional comments (2)

Dockerfile (2)
1-1: Use BuildKit’s platform args for true multi-arch builds
Replace the hard-coded amd64 builder with the standard BuildKit pattern and add the necessary ARGs:
+ARG BUILDPLATFORM
+ARG TARGETOS
+ARG TARGETARCH
-FROM --platform=linux/amd64 golang:1.25-alpine AS builder
+FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder
Ensure you propagate $TARGETPLATFORM in the final stage and manually verify with docker buildx build --platform linux/amd64,linux/arm64 … to confirm native builds for each architecture.

1-1: Sanity check base image tag availability
Please manually confirm that the golang:1.25-alpine image tag is published (e.g., via Docker Hub search or docker pull golang:1.25-alpine) to avoid CI failures.

**Actionable comments posted: 0** <details> <summary>🧹 Nitpick comments (2)</summary><blockquote> <details> <summary>Dockerfile (2)</summary><blockquote> `11-11`: **Harden cross‑compile env and trim apk caches** If TARGETARCH isn’t supplied (local docker build without buildx), GOARCH becomes an empty env var. Provide a sane default and avoid persisting apk indexes. ```diff -RUN CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} go build -ldflags="-s -w" -trimpath -o hubproxy . && upx -9 hubproxy +RUN apk add --no-cache upx && \ + CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH:-amd64} \ + go build -ldflags="-s -w" -trimpath -o hubproxy . && \ + upx -9 hubproxy ``` If you adopt the BUILDPLATFORM/TARGETPLATFORM pattern, prefer GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH}. --- `13-20`: **Propagate target platform, pin base, and drop root in runtime image** For smaller, safer runtime images and correct platform selection in multi‑arch builds: ```diff -FROM alpine +FROM --platform=$TARGETPLATFORM alpine:3.20 WORKDIR /root/ -COPY --from=builder /app/hubproxy . -COPY --from=builder /app/config.toml . +# Create nonroot user and copy artifacts with ownership +RUN adduser -D -u 65532 -H appuser +COPY --from=builder --chown=65532:65532 /app/hubproxy . +COPY --from=builder --chown=65532:65532 /app/config.toml . +USER 65532:65532 ``` Optional: if the binary is fully static (CGO_ENABLED=0), you can use `FROM scratch` and copy only the binary and config. </blockquote></details> </blockquote></details> <details> <summary>📜 Review details</summary> **Configuration used**: CodeRabbit UI **Review profile**: CHILL **Plan**: Pro <details> <summary>📥 Commits</summary> Reviewing files that changed from the base of the PR and between 3f614e8011223fe8cb0391938a317dce965d1344 and 234ddcf835eb75b0ace39177ad2395128ce9f2a9. </details> <details> <summary>📒 Files selected for processing (1)</summary> * `Dockerfile` (2 hunks) </details> <details> <summary>🔇 Additional comments (2)</summary><blockquote> <details> <summary>Dockerfile (2)</summary><blockquote> `1-1`: **Use BuildKit’s platform args for true multi-arch builds** Replace the hard-coded amd64 builder with the standard BuildKit pattern and add the necessary ARGs: ```diff +ARG BUILDPLATFORM +ARG TARGETOS +ARG TARGETARCH -FROM --platform=linux/amd64 golang:1.25-alpine AS builder +FROM --platform=$BUILDPLATFORM golang:1.25-alpine AS builder ``` Ensure you propagate `$TARGETPLATFORM` in the final stage and manually verify with `docker buildx build --platform linux/amd64,linux/arm64 …` to confirm native builds for each architecture. --- `1-1`: **Sanity check base image tag availability** Please manually confirm that the `golang:1.25-alpine` image tag is published (e.g., via Docker Hub search or `docker pull golang:1.25-alpine`) to avoid CI failures. </blockquote></details> </blockquote></details> </details>

sky22333 commented

2025-09-29 15:16:28 +08:00

(Migrated from github.com)

emm，感谢PR，不过我觉得不用优化到太极致，并且这个改动可能会对其他架构执行docker build时造成一些潜在的影响

emm，感谢PR，不过我觉得不用优化到太极致，并且这个改动可能会对其他架构执行`docker build`时造成一些潜在的影响

eryajf commented

2025-09-29 15:36:26 +08:00

(Migrated from github.com)

ok

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: 3344/hubproxy#75