https://cnb.cool/examples/ecosystem/docker-buildx-multi-platform-example

go get -u cnb.cool/clife/devp/go-base-tcp@v0.0.1
go get -u cnb.cool/clife/devp/go-http@v0.0.26

docker buildx build  -t docker.cnb.cool/abber/i/applestore:latest --platform linux/amd64,linux/arm64 --push .

使用 go get 拉取私有仓库的凭据，需要配置在 $HOME/.netrc 文件中，文件格式如下：

machine cnb.cool
login cnb
password [YOUR CNB TOKEN]

go env -w GOPRIVATE=cnb.cool 完整 .cnb.yml 示例请参考仓库中的 .cnb.yml

function setenv() {
  export GOPRIVATE="$REPO_HOST"
  export GOPRIVATE="$REPO_HOST"
  cat > $HOME/.netrc << EOF
  machine $REPO_HOST
      login $GIT_USER
      password $GIT_TOKEN
EOF
  chmod 600 $HOME/.netrc
}

v1.0.*:
  tag_push:
    - stages:
        - name: echo tag name
          script: echo $CNB_BRANCH

$:
  tag_push:
    - <<: *stage_build_multi_platform

"**":
  web_trigger_build:
    - <<: *stage_build_multi_platform

.tigger_stage_build: &tigger_stage_build
  - name: 手动触发编译
    stages:
      - name: set output env
        script: |
          echo "##[set-output timestamp=$(date "+%Y-%m-%d %H:%M")]"
          build_version=$(date +"%Y%m%d%H%M%S")
          if [ "$CNB_BRANCH" != "master" ] && [ "$CNB_BRANCH" != "main" ]; then
            build_version=$CNB_BRANCH
          fi
          echo "build_version-2=====>build_version"
          echo "##[set-output version_arg=$build_version]"
        exports:
          version_arg: TEST_VAR1
          timestamp: TEST_VAR2
      - name: echo env
        script: |
          echo -e "TEST_VAR2 $TEST_VAR2"
          echo -e "BUILD_VERSION $TEST_VAR1"

传递变量，在下个阶段可使用IMAGE_TAG变量

.gen_image_tag: &gen_image_tag
  - name: 生成镜像版本
    script: |
      commit_id=$(git rev-parse HEAD)
      echo "##[set-output image_tag=${commit_id}]"
    exports:
      image_tag: IMAGE_TAG

.domain: &domain
  domain: cnb.cool
.go-env: &go-env
  GOPROXY: https://goproxy.cn,direct
main:
  push:
    - name: 部署 dev 并执行自动化测试
      services:
        - docker
      env:
        addLabel: "已发布至集成测试环境"
        <<: [*domain, *go-env]

config.yml:

server:
  port: 8080
  host: "0.0.0.0"
  timeout: 30
var1: hello world...

Stage构建任务引用：

.stage_test: &stage_test
  imports:
    - ./config.yml
  stages:
    - name: 打印变量
    script: |
      echo "----->${server_port}"
      echo "----->${server_host}"
      echo "----->${var1}"

.runner_build: &runner_build
  services:
    - docker
  docker:
    # 声明构建环境，可以在 dockerhub 上 https://hub.docker.com/_/maven 找到您需要maven和jdk版本
    # https://docker.aityp.com/i/search?search=maven%3A3.8.6-openjdk-8
    image: maven:3.8.6-openjdk-8
#    iamge: docker.io/maven:3.8.6-openjdk-8
  imports:
    - https://cnb.cool/clife/secret-repo/-/blob/itest/devops-platform-secret.yaml
    - ./config.yml
  stages:
    - name: 读取yaml文件
      script: |
        #!/bin/bash
        set -e
        echo "开始服务部署..." 2>&1
        echo "CNB_BRANCH:${CNB_BRANCH}"
        # 安装Python3和依赖
        apt-get update && apt-get install -y python3 curl gettext
        DEPLOY_FILE="./yml/deploy_release.yaml"
        # 读取并转义 YAML 内容
        KUBEYAML=$(python3 -c "import json; print(json.dumps(open('$DEPLOY_FILE').read()))")
        echo "KUBEYAML:${KUBEYAML}"

FROM alpine:latest as certs
# 安装 ca-certificates
RUN apk add --no-cache ca-certificates

FROM scratch

# 从构建阶段复制 CA 证书
COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/

# 声明构建参数（由buildx自动注入）
ARG TARGETOS
ARG TARGETARCH
ARG TARGETVARIANT
ARG REPO_NAME
COPY dist/${REPO_NAME}-${TARGETOS}-${TARGETARCH}${TARGETVARIANT:+-${TARGETVARIANT}} /main

# 设置入口点
ENTRYPOINT ["/main"]

FROM alpine AS runner
# 设置工作空间
WORKDIR /app
RUN apk add --no-cache bash ca-certificates su-exec tzdata
ENV TZ=Asia/Shanghai

# 声明构建参数（由buildx自动注入）
ARG TARGETOS
ARG TARGETARCH
ARG TARGETVARIANT
# 服务名称
ARG REPO_NAME
RUN pwd
RUN ls -lh ./
COPY config.yml entrypoint.sh ./
RUN chmod +x ./entrypoint.sh
# 更具不同操作系统，不同CPU架构复制到镜像
COPY dist/${REPO_NAME}-${TARGETOS}-${TARGETARCH}${TARGETVARIANT:+-${TARGETVARIANT}} ./main
ENV PUID=0 PGID=0 UMASK=022
RUN pwd
RUN ls -lh
# 设置入口点
CMD ["./entrypoint.sh"]

#FROM alpine:latest as certs
#RUN apk add --no-cache ca-certificates
#
#FROM golang:1.24-alpine AS builder
## 安装必要的构建工具
#RUN apk add --no-cache git ca-certificates tzdata

#FROM scratch
FROM alpine AS runner
# 设置工作空间
WORKDIR /app
# 复制 SSL 证书（如果需要 HTTPS 请求）
#COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
## 复制时区数据（如果需要）
#COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo
RUN apk add --no-cache bash ca-certificates su-exec tzdata
# 设置时区（可选）
ENV TZ=Asia/Shanghai

# 从构建阶段复制 CA 证书
#COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
# 声明构建参数（由buildx自动注入）
ARG TARGETOS
ARG TARGETARCH
ARG TARGETVARIANT
# 服务名称
ARG REPO_NAME
RUN pwd
RUN ls -lh ./
COPY config.yml entrypoint.sh ./
RUN chmod +x ./entrypoint.sh
# 更具不同操作系统，不同CPU架构复制到镜像
COPY dist/${REPO_NAME}-${TARGETOS}-${TARGETARCH}${TARGETVARIANT:+-${TARGETVARIANT}} ./main
ENV PUID=0 PGID=0 UMASK=022
RUN pwd
RUN ls -lh
# 设置入口点
#ENTRYPOINT ["/main"]
CMD ["./entrypoint.sh"]

方案	基础镜像	体积	调试便利性	生产推荐
Scratch	空镜像	1-2MB	⭐☆☆☆☆	⭐⭐⭐⭐☆
Distroless	最小安全镜像	2-3MB	⭐⭐☆☆☆	⭐⭐⭐⭐⭐
Busybox	最小Linux环境	3-4MB	⭐⭐⭐☆☆	⭐⭐⭐⭐☆
Alpine	最小发行版	5-7MB	⭐⭐⭐⭐☆	⭐⭐⭐☆☆

---

https://docker.aityp.com/i/search?search=maven%3A3.8.6-openjdk-8

• 提供CNB基础开发构建环境镜像，通过构建按钮指定构建，优雅且舒服
• dev-workflow-demo
• CNB 部署配置项目
• YAML 语法进阶
• 优秀镜像
• docker.cnb.cool/examples/language/java-8
• 私有化部署教程