Skip to content

Multi-stage Docker build for Drone

The compilation of an unrestricted version of Drone CI is effectively achieved using a multi-stage Docker build^[drone.md]. This technique separates the build environment from the runtime environment, resulting in a smaller and more secure final image.

Build Process

The process is typically divided into three distinct stages within a single Dockerfile^[drone.md]:

  1. Builder Stage: This stage uses a Golang base image (e.g., golang:1.18-alpine) to compile the Drone server binary. It includes steps to download the source code—such as v2.15.0—and build the application with specific tags like nolimit to remove functional restrictions^[drone.md].
  2. Certs Stage: An intermediate stage using Alpine Linux is utilized solely to generate and install SSL certificates, ensuring the final image has necessary security assets^[drone.md].
  3. Final Stage: The production stage starts with a fresh Alpine image. It copies the compiled binary from the Builder stage and the certificates from the Certs stage into this clean environment^[drone.md].

Configuration

The final Docker image configures the Drone server by setting environment variables for the database driver (SQLite), data storage paths, and server ports^[drone.md]. Volume exposure for persistent data is also defined in this stage^[drone.md].

Sources

^[drone.md]

  • [[Docker]]
  • CI/CD
  • [[Containerization]]