From 38a2044c9b28c0b50384082215773c38353bcde7 Mon Sep 17 00:00:00 2001
From: Marco Franssen <marco.franssen@gmail.com>
Date: Tue, 29 Oct 2024 10:07:03 +0100
Subject: [PATCH] Refactor Dockerfile to use native docker features to target
 the specific image

Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
---
 .github/workflows/images.yaml | 22 +++++++++++++---------
 Dockerfile                    | 15 ++++++---------
 2 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml
index 1c6163fe53..da84758122 100644
--- a/.github/workflows/images.yaml
+++ b/.github/workflows/images.yaml
@@ -25,8 +25,10 @@ jobs:
     strategy:
       matrix:
         include:
-          - name: cilium-cli
+          - name: cilium-cli-ci
             dockerfile: ./Dockerfile
+            platforms: linux/amd64
+
     steps:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
@@ -62,19 +64,20 @@ jobs:
         with:
           context: .
           file: ${{ matrix.dockerfile }}
+          target: ${{ matrix.name }}
+          platforms: ${{ matrix.platforms }}
           push: true
-          platforms: linux/amd64
           tags: |
-            quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:latest
-            quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}
+            quay.io/${{ github.repository_owner }}/${{ matrix.name }}:latest
+            quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}
 
       - name: CI Image Releases digests
         if: ${{ github.event_name != 'pull_request_target' }}
         shell: bash
         run: |
           mkdir -p image-digest/
-          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:latest@${{ steps.docker_build_ci_main.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
-          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_main.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt
+          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}:latest@${{ steps.docker_build_ci_main.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
+          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_main.outputs.digest }}" >> image-digest/${{ matrix.name }}.txt
 
       # PR updates
       - name: CI Build ${{ matrix.name }}
@@ -84,17 +87,18 @@ jobs:
         with:
           context: .
           file: ${{ matrix.dockerfile }}
+          target: ${{ matrix.name }}
+          platforms: ${{ matrix.platforms }}
           push: true
-          platforms: linux/amd64
           tags: |
-            quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}
+            quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}
 
       - name: CI Image Releases digests
         if: ${{ github.event_name == 'pull_request_target' }}
         shell: bash
         run: |
           mkdir -p image-digest/
-          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}-ci:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_pr.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
+          echo "quay.io/${{ github.repository_owner }}/${{ matrix.name }}:${{ steps.tag.outputs.tag }}@${{ steps.docker_build_ci_pr.outputs.digest }}" > image-digest/${{ matrix.name }}.txt
 
       # Upload artifact digests
       - name: Upload artifact digests
diff --git a/Dockerfile b/Dockerfile
index 4c5c491e08..c7c7a292a0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,24 +3,25 @@
 # Copyright Authors of Cilium
 # SPDX-License-Identifier: Apache-2.0
 
-# FINAL_CONTAINER specifies the source for the output
-# cilium-cli-ci (default) is based on ubuntu with cloud CLIs
-# cilium-cli is from scratch only including cilium binaries
-ARG FINAL_CONTAINER="cilium-cli-ci"
-
 FROM docker.io/library/golang:1.23.3-alpine3.19@sha256:36cc30986d1f9bc46670526fe6553b078097e562e196344dea6a075e434f8341 AS builder
 WORKDIR /go/src/github.com/cilium/cilium-cli
 RUN apk add --no-cache curl git make ca-certificates
 COPY . .
 RUN make
 
+# cilium-cli is from scratch only including cilium binaries
 FROM scratch AS cilium-cli
 ENTRYPOINT ["cilium"]
+LABEL maintainer="maintainer@cilium.io"
+WORKDIR /root/app
 COPY --from=builder --chown=root:root --chmod=755 /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /go/src/github.com/cilium/cilium-cli/cilium /usr/local/bin/cilium
 
+# cilium-cli-ci is based on ubuntu with cloud CLIs
 FROM ubuntu:24.04@sha256:99c35190e22d294cdace2783ac55effc69d32896daaa265f0bbedbcde4fbe3e5 AS cilium-cli-ci
 ENTRYPOINT []
+LABEL maintainer="maintainer@cilium.io"
+WORKDIR /root/app
 COPY --from=builder /go/src/github.com/cilium/cilium-cli/cilium /usr/local/bin/cilium
 
 # Install cloud CLIs. Based on these instructions:
@@ -39,7 +40,3 @@ RUN apt-get update -y \
   && ./aws/install \
   && rm -r ./aws awscliv2.zip \
   && curl -sL https://aka.ms/InstallAzureCLIDeb | bash
-
-FROM ${FINAL_CONTAINER} 
-LABEL maintainer="maintainer@cilium.io"
-WORKDIR /root/app