From 124efa6fec80966db86e9eeb833b899123acea62 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 15 Jan 2023 16:20:14 +0100 Subject: [PATCH] refactor: use buildx for multiarch container builds (#86) --- .drone.jsonnet | 198 --------------------- .drone.yml | 214 +++-------------------- Dockerfile.amd64 => Dockerfile.multiarch | 10 +- manifest-quay.tmpl | 24 --- manifest.tmpl | 24 --- 5 files changed, 28 insertions(+), 442 deletions(-) delete mode 100644 .drone.jsonnet rename Dockerfile.amd64 => Dockerfile.multiarch (92%) delete mode 100644 manifest-quay.tmpl delete mode 100644 manifest.tmpl diff --git a/.drone.jsonnet b/.drone.jsonnet deleted file mode 100644 index 0f0183b..0000000 --- a/.drone.jsonnet +++ /dev/null @@ -1,198 +0,0 @@ -local PipelineTest = { - kind: 'pipeline', - name: 'test', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'markdownlint', - image: 'thegeeklab/markdownlint-cli', - commands: [ - "markdownlint 'README.md'", - ], - }, - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineBuildContainer(arch='amd64') = { - kind: 'pipeline', - name: 'build-container-' + std.split(arch, '_')[0], - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - name: 'tags', - image: 'thegeeklab/docker-autotag', - environment: { - DOCKER_AUTOTAG_FORCE_LATEST: 'True', - DOCKER_AUTOTAG_IGNORE_PRERELEASE: 'True', - DOCKER_AUTOTAG_OUTPUT_FILE: '.tags', - DOCKER_AUTOTAG_VERSION: '${DRONE_TAG}', - DOCKER_AUTOTAG_SUFFIX: std.split(arch, '_')[0], - }, - }, - { - name: 'dryrun', - image: 'thegeeklab/drone-docker-buildx:20', - pull: 'always', - settings: { - dry_run: true, - dockerfile: 'Dockerfile.' + std.split(arch, '_')[0], - platforms: [ - 'linux/' + std.strReplace(arch, '_', '/'), - ], - repo: 'thegeeklab/${DRONE_REPO_NAME}', - }, - depends_on: ['tags'], - when: { - ref: ['refs/pull/**'], - }, - }, - { - name: 'publish-dockerhub', - image: 'thegeeklab/drone-docker-buildx:20', - pull: 'always', - settings: { - dockerfile: 'Dockerfile.' + std.split(arch, '_')[0], - repo: 'thegeeklab/${DRONE_REPO_NAME}', - username: { from_secret: 'docker_username' }, - password: { from_secret: 'docker_password' }, - }, - when: { - ref: ['refs/heads/main', 'refs/tags/**'], - }, - depends_on: ['tags'], - }, - { - name: 'publish-quay', - image: 'thegeeklab/drone-docker-buildx:20', - pull: 'always', - settings: { - dockerfile: 'Dockerfile.' + std.split(arch, '_')[0], - registry: 'quay.io', - repo: 'quay.io/thegeeklab/${DRONE_REPO_NAME}', - username: { from_secret: 'quay_username' }, - password: { from_secret: 'quay_password' }, - }, - when: { - ref: ['refs/heads/main', 'refs/tags/**'], - }, - depends_on: ['tags'], - }, - ], - depends_on: [ - 'test', - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'], - }, -}; - -local PipelineNotifications = { - kind: 'pipeline', - name: 'notifications', - platform: { - os: 'linux', - arch: 'amd64', - }, - steps: [ - { - image: 'plugins/manifest', - name: 'manifest-dockerhub', - settings: { - ignore_missing: true, - username: { from_secret: 'docker_username' }, - password: { from_secret: 'docker_password' }, - spec: 'manifest.tmpl', - }, - when: { - status: ['success'], - }, - }, - { - image: 'plugins/manifest', - name: 'manifest-quay', - settings: { - ignore_missing: true, - username: { from_secret: 'quay_username' }, - password: { from_secret: 'quay_password' }, - spec: 'manifest-quay.tmpl', - }, - when: { - status: ['success'], - }, - }, - { - name: 'pushrm-dockerhub', - pull: 'always', - image: 'chko/docker-pushrm:1', - environment: { - DOCKER_PASS: { - from_secret: 'docker_password', - }, - DOCKER_USER: { - from_secret: 'docker_username', - }, - PUSHRM_FILE: 'README.md', - PUSHRM_SHORT: 'Rootless Alpine base image', - PUSHRM_TARGET: 'thegeeklab/${DRONE_REPO_NAME}', - }, - when: { - status: ['success'], - }, - }, - { - name: 'pushrm-quay', - pull: 'always', - image: 'chko/docker-pushrm:1', - environment: { - APIKEY__QUAY_IO: { - from_secret: 'quay_token', - }, - PUSHRM_FILE: 'README.md', - PUSHRM_TARGET: 'quay.io/thegeeklab/${DRONE_REPO_NAME}', - }, - when: { - status: ['success'], - }, - }, - { - name: 'matrix', - image: 'thegeeklab/drone-matrix', - settings: { - homeserver: { from_secret: 'matrix_homeserver' }, - roomid: { from_secret: 'matrix_roomid' }, - template: 'Status: **{{ build.Status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}
Message: {{ commit.Message.Title }}', - username: { from_secret: 'matrix_username' }, - password: { from_secret: 'matrix_password' }, - }, - when: { - status: ['success', 'failure'], - }, - }, - ], - depends_on: [ - 'build-container-amd64', - 'build-container-arm64', - 'build-container-arm', - ], - trigger: { - ref: ['refs/heads/main', 'refs/tags/**'], - status: ['success', 'failure'], - }, -}; - -[ - PipelineTest, - PipelineBuildContainer(arch='amd64'), - PipelineBuildContainer(arch='arm64_v8'), - PipelineBuildContainer(arch='arm_v7'), - PipelineNotifications, -] diff --git a/.drone.yml b/.drone.yml index 976ba43..f4224c8 100644 --- a/.drone.yml +++ b/.drone.yml @@ -20,7 +20,7 @@ trigger: --- kind: pipeline -name: build-container-amd64 +name: build-container platform: os: linux @@ -33,17 +33,19 @@ steps: DOCKER_AUTOTAG_FORCE_LATEST: True DOCKER_AUTOTAG_IGNORE_PRERELEASE: True DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_SUFFIX: amd64 DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - name: dryrun - pull: always image: thegeeklab/drone-docker-buildx:20 settings: - dockerfile: Dockerfile.amd64 + dockerfile: Dockerfile.multiarch dry_run: true platforms: - linux/amd64 + - linux/arm64 + - linux/arm/v7 + - linux/arm/v6 + provenance: false repo: thegeeklab/${DRONE_REPO_NAME} when: ref: @@ -52,89 +54,17 @@ steps: - tags - name: publish-dockerhub - pull: always image: thegeeklab/drone-docker-buildx:20 settings: - dockerfile: Dockerfile.amd64 + dockerfile: Dockerfile.multiarch password: from_secret: docker_password - repo: thegeeklab/${DRONE_REPO_NAME} - username: - from_secret: docker_username - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - tags - - - name: publish-quay - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.amd64 - password: - from_secret: quay_password - registry: quay.io - repo: quay.io/thegeeklab/${DRONE_REPO_NAME} - username: - from_secret: quay_username - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - tags - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - test - ---- -kind: pipeline -name: build-container-arm64 - -platform: - os: linux - arch: amd64 - -steps: - - name: tags - image: thegeeklab/docker-autotag - environment: - DOCKER_AUTOTAG_FORCE_LATEST: True - DOCKER_AUTOTAG_IGNORE_PRERELEASE: True - DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_SUFFIX: arm64 - DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - - - name: dryrun - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.arm64 - dry_run: true platforms: - - linux/arm64/v8 - repo: thegeeklab/${DRONE_REPO_NAME} - when: - ref: - - refs/pull/** - depends_on: - - tags - - - name: publish-dockerhub - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.arm64 - password: - from_secret: docker_password + - linux/amd64 + - linux/arm64 + - linux/arm/v7 + - linux/arm/v6 + provenance: false repo: thegeeklab/${DRONE_REPO_NAME} username: from_secret: docker_username @@ -143,92 +73,20 @@ steps: - refs/heads/main - refs/tags/** depends_on: - - tags + - dryrun - name: publish-quay - pull: always image: thegeeklab/drone-docker-buildx:20 settings: - dockerfile: Dockerfile.arm64 + dockerfile: Dockerfile.multiarch password: from_secret: quay_password - registry: quay.io - repo: quay.io/thegeeklab/${DRONE_REPO_NAME} - username: - from_secret: quay_username - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - tags - -trigger: - ref: - - refs/heads/main - - refs/tags/** - - refs/pull/** - -depends_on: - - test - ---- -kind: pipeline -name: build-container-arm - -platform: - os: linux - arch: amd64 - -steps: - - name: tags - image: thegeeklab/docker-autotag - environment: - DOCKER_AUTOTAG_FORCE_LATEST: True - DOCKER_AUTOTAG_IGNORE_PRERELEASE: True - DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_SUFFIX: arm - DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - - - name: dryrun - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.arm - dry_run: true platforms: + - linux/amd64 + - linux/arm64 - linux/arm/v7 - repo: thegeeklab/${DRONE_REPO_NAME} - when: - ref: - - refs/pull/** - depends_on: - - tags - - - name: publish-dockerhub - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.arm - password: - from_secret: docker_password - repo: thegeeklab/${DRONE_REPO_NAME} - username: - from_secret: docker_username - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - tags - - - name: publish-quay - pull: always - image: thegeeklab/drone-docker-buildx:20 - settings: - dockerfile: Dockerfile.arm - password: - from_secret: quay_password + - linux/arm/v6 + provenance: false registry: quay.io repo: quay.io/thegeeklab/${DRONE_REPO_NAME} username: @@ -238,7 +96,7 @@ steps: - refs/heads/main - refs/tags/** depends_on: - - tags + - dryrun trigger: ref: @@ -258,34 +116,7 @@ platform: arch: amd64 steps: - - name: manifest-dockerhub - image: plugins/manifest - settings: - ignore_missing: true - password: - from_secret: docker_password - spec: manifest.tmpl - username: - from_secret: docker_username - when: - status: - - success - - - name: manifest-quay - image: plugins/manifest - settings: - ignore_missing: true - password: - from_secret: quay_password - spec: manifest-quay.tmpl - username: - from_secret: quay_username - when: - status: - - success - - name: pushrm-dockerhub - pull: always image: chko/docker-pushrm:1 environment: DOCKER_PASS: @@ -300,7 +131,6 @@ steps: - success - name: pushrm-quay - pull: always image: chko/docker-pushrm:1 environment: APIKEY__QUAY_IO: @@ -337,12 +167,10 @@ trigger: - failure depends_on: - - build-container-amd64 - - build-container-arm64 - - build-container-arm + - build-container --- kind: signature -hmac: 9c09d6d4eaa2214ad7c36464ae602be8107ae7019c83f61d2ae5d01549d57230 +hmac: 763723dbed28f6faddbf969a8ee879dd78d437395e932d69650cd032e67de45f ... diff --git a/Dockerfile.amd64 b/Dockerfile.multiarch similarity index 92% rename from Dockerfile.amd64 rename to Dockerfile.multiarch index 3318039..8db4c2c 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.multiarch @@ -10,6 +10,10 @@ LABEL org.opencontainers.image.source="https://gitea.rknet.org/docker/alpine" LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/alpine" LABEL org.opencontainers.image.created="${DOCKER_IMAGE_CREATED}" +ARG TARGETOS +ARG TARGETARCH +ARG TARGETVARIANT + ARG GOMPLATE_VERSION ARG SUPERCRONIC_VERSION ARG URL_PARSER_VERSION @@ -31,9 +35,9 @@ RUN addgroup -g 101 -S app && \ adduser -S -D -H -u 101 -h /app -s /sbin/nologin -G app -g app app && \ apk --update add --virtual .build-deps curl && \ curl -SsfL "https://gitea.rknet.org/docker/container-library/releases/download/${CONTAINER_LIBRARY}/container-library.tar.gz" | tar xz -C / && \ - curl -SsfL -o /usr/local/bin/gomplate "https://github.com/hairyhenderson/gomplate/releases/download/${GOMPLATE_VERSION}/gomplate_linux-amd64" && \ - curl -SsfL -o /usr/local/bin/supercronic "https://github.com/aptible/supercronic/releases/download/${SUPERCRONIC_VERSION}/supercronic-linux-amd64" && \ - curl -SsfL -o /usr/local/bin/url-parser "https://github.com/thegeeklab/url-parser/releases/download/${URL_PARSER_VERSION}/url-parser-linux-amd64" && \ + curl -SsfL -o /usr/local/bin/gomplate "https://github.com/hairyhenderson/gomplate/releases/download/${GOMPLATE_VERSION}/gomplate_${TARGETOS}-${TARGETARCH}${TARGETVARIANT}" && \ + curl -SsfL -o /usr/local/bin/supercronic "https://github.com/aptible/supercronic/releases/download/${SUPERCRONIC_VERSION}/supercronic-${TARGETOS}-${TARGETARCH}" && \ + curl -SsfL -o /usr/local/bin/url-parser "https://github.com/thegeeklab/url-parser/releases/download/${URL_PARSER_VERSION}/url-parser-${TARGETOS}-${TARGETARCH}${TARGETVARIANT//v/-}" && \ curl -SsfL -o /usr/local/bin/wait-for "https://github.com/thegeeklab/wait-for/releases/download/${WAIT_FOR_VERSION}/wait-for" && \ chmod 755 /usr/local/bin/gomplate && \ chmod 755 /usr/local/bin/supercronic && \ diff --git a/manifest-quay.tmpl b/manifest-quay.tmpl deleted file mode 100644 index 54ac592..0000000 --- a/manifest-quay.tmpl +++ /dev/null @@ -1,24 +0,0 @@ -image: quay.io/thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - image: quay.io/thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64 - platform: - architecture: amd64 - os: linux - - - image: quay.io/thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64 - platform: - architecture: arm64 - os: linux - variant: v8 - - - image: quay.io/thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm - platform: - architecture: arm - os: linux - variant: v7 diff --git a/manifest.tmpl b/manifest.tmpl deleted file mode 100644 index 5741194..0000000 --- a/manifest.tmpl +++ /dev/null @@ -1,24 +0,0 @@ -image: thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - image: thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64 - platform: - architecture: amd64 - os: linux - - - image: thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64 - platform: - architecture: arm64 - os: linux - variant: v8 - - - image: thegeeklab/alpine:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm - platform: - architecture: arm - os: linux - variant: v7