From 2e1c7299c4e5c57b01e5f093d0497827d17f00df Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 10 Jan 2021 23:06:23 +0100 Subject: [PATCH] chore(docker): use buildx to build multiarch images --- .drone.jsonnet | 70 ++++-------------- .drone.yml | 195 +++++++++++++------------------------------------ 2 files changed, 65 insertions(+), 200 deletions(-) diff --git a/.drone.jsonnet b/.drone.jsonnet index abc17b4..f0caa53 100644 --- a/.drone.jsonnet +++ b/.drone.jsonnet @@ -28,22 +28,23 @@ local PipelineBuildContainer(arch='amd64') = { }, steps: [ { - name: 'wait-for', - image: 'thegeeklab/wait-for', - commands: [ - 'wait-for dind-' + arch + ':2376', - ], + name: 'tags', + image: 'thegeeklab/docker-autotag', environment: { - WAITFOR_TIMEOUT: 60, + DOCKER_AUTOTAG_FORCE_LATEST: 'True', + DOCKER_AUTOTAG_IGNORE_PRERELEASE: 'True', + DOCKER_AUTOTAG_OUTPUT_FILE: '.tags', + DOCKER_AUTOTAG_VERSION: '${DRONE_TAG}', + DOCKER_AUTOTAG_SUFFIX: std.split(arch, '_')[0], }, }, { name: 'dryrun', image: 'thegeeklab/drone-docker-buildx', + privileged: true, settings: { - config: { from_secret: 'docker_config' }, dry_run: true, - dockerfile: 'docker/Dockerfile.' + std.split(arch, '_')[0], + dockerfile: 'Dockerfile.' + std.split(arch, '_')[0], platforms: [ 'linux/' + std.strReplace(arch, '_', '/'), ], @@ -51,63 +52,26 @@ local PipelineBuildContainer(arch='amd64') = { username: { from_secret: 'docker_username' }, password: { from_secret: 'docker_password' }, }, - depends_on: ['wait-for'], + depends_on: ['tags'], when: { ref: ['refs/pull/**'], }, }, - { - name: 'tags', - image: 'thegeeklab/docker-autotag', - environment: { - DOCKER_AUTOTAG_FORCE_LATEST: 'True', - DOCKER_AUTOTAG_IGNORE_PRERELEASE: 'True', - DOCKER_AUTOTAG_OUTPUT_FILE: '.tags', - DOCKER_AUTOTAG_VERSION: '${DRONE_TAG}', - }, - depends_on: ['wait-for'], - when: { - ref: ['refs/heads/main', 'refs/tags/**'], - }, - }, { name: 'publish-dockerhub', - image: 'jdrouet/docker-with-buildx:stable', - commands: [ - 'docker login -u "$$DOCKER_USERNAME" -p "$$DOCKER_PASSWORD"', - 'docker buildx create --use', - 'docker buildx build --push --platform linux/' + std.strReplace(arch, '_', '/') + ' --tag thegeeklab/buildx-alpine:' + std.split(arch, '_')[0] + ' -f "$$DOCKERFILE" .', - ], - environment: { - DOCKER_PASSWORD: { from_secret: 'docker_password' }, - DOCKER_USERNAME: { from_secret: 'docker_username' }, - DOCKERFILE: 'Dockerfile.' + std.split(arch, '_')[0], + image: 'thegeeklab/drone-docker-buildx', + settings: { + dockerfile: 'Dockerfile.' + std.split(arch, '_')[0], + repo: 'thegeeklab/buildx-alpine', + username: { from_secret: 'docker_username' }, + password: { from_secret: 'docker_password' }, }, - volumes: [{ - name: 'dockersock-' + arch, - path: '/var/run', - }], when: { ref: ['refs/heads/main', 'refs/tags/**'], }, depends_on: ['tags'], }, ], - services: [ - { - name: 'dind-' + arch, - image: 'docker:dind', - privileged: true, - volumes: [{ - name: 'dockersock-' + arch, - path: '/var/run', - }], - }, - ], - volumes: [{ - name: 'dockersock-' + arch, - temp: {}, - }], depends_on: [ 'test', ], @@ -118,7 +82,6 @@ local PipelineBuildContainer(arch='amd64') = { local PipelineNotifications = { kind: 'pipeline', - image_pull_secrets: ['docker_config'], name: 'notifications', platform: { os: 'linux', @@ -130,7 +93,6 @@ local PipelineNotifications = { name: 'manifest-dockerhub', settings: { ignore_missing: true, - auto_tag: true, username: { from_secret: 'docker_username' }, password: { from_secret: 'docker_password' }, spec: 'manifest.tmpl', diff --git a/.drone.yml b/.drone.yml index 967867f..4464f2b 100644 --- a/.drone.yml +++ b/.drone.yml @@ -27,19 +27,19 @@ platform: arch: amd64 steps: -- name: wait-for - image: thegeeklab/wait-for - commands: - - wait-for dind-amd64:2376 +- name: tags + image: thegeeklab/docker-autotag environment: - WAITFOR_TIMEOUT: 60 + DOCKER_AUTOTAG_FORCE_LATEST: True + DOCKER_AUTOTAG_IGNORE_PRERELEASE: True + DOCKER_AUTOTAG_OUTPUT_FILE: .tags + DOCKER_AUTOTAG_SUFFIX: amd64 + DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - name: dryrun image: thegeeklab/drone-docker-buildx settings: - config: - from_secret: docker_config - dockerfile: docker/Dockerfile.amd64 + dockerfile: Dockerfile.amd64 dry_run: true password: from_secret: docker_password @@ -48,41 +48,22 @@ steps: repo: thegeeklab/buildx-alpine username: from_secret: docker_username + privileged: true when: ref: - refs/pull/** depends_on: - - wait-for - -- name: tags - image: thegeeklab/docker-autotag - environment: - DOCKER_AUTOTAG_FORCE_LATEST: True - DOCKER_AUTOTAG_IGNORE_PRERELEASE: True - DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - wait-for + - tags - name: publish-dockerhub - image: jdrouet/docker-with-buildx:stable - commands: - - docker login -u "$$DOCKER_USERNAME" -p "$$DOCKER_PASSWORD" - - docker buildx create --use - - docker buildx build --push --platform linux/amd64 --tag thegeeklab/buildx-alpine:amd64 -f "$$DOCKERFILE" . - environment: - DOCKERFILE: Dockerfile.amd64 - DOCKER_PASSWORD: + image: thegeeklab/drone-docker-buildx + settings: + dockerfile: Dockerfile.amd64 + password: from_secret: docker_password - DOCKER_USERNAME: + repo: thegeeklab/buildx-alpine + username: from_secret: docker_username - volumes: - - name: dockersock-amd64 - path: /var/run when: ref: - refs/heads/main @@ -90,18 +71,6 @@ steps: depends_on: - tags -services: -- name: dind-amd64 - image: docker:dind - privileged: true - volumes: - - name: dockersock-amd64 - path: /var/run - -volumes: -- name: dockersock-amd64 - temp: {} - trigger: ref: - refs/heads/main @@ -120,19 +89,19 @@ platform: arch: amd64 steps: -- name: wait-for - image: thegeeklab/wait-for - commands: - - wait-for dind-arm64_v8:2376 +- name: tags + image: thegeeklab/docker-autotag environment: - WAITFOR_TIMEOUT: 60 + DOCKER_AUTOTAG_FORCE_LATEST: True + DOCKER_AUTOTAG_IGNORE_PRERELEASE: True + DOCKER_AUTOTAG_OUTPUT_FILE: .tags + DOCKER_AUTOTAG_SUFFIX: arm64 + DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - name: dryrun image: thegeeklab/drone-docker-buildx settings: - config: - from_secret: docker_config - dockerfile: docker/Dockerfile.arm64 + dockerfile: Dockerfile.arm64 dry_run: true password: from_secret: docker_password @@ -141,41 +110,22 @@ steps: repo: thegeeklab/buildx-alpine username: from_secret: docker_username + privileged: true when: ref: - refs/pull/** depends_on: - - wait-for - -- name: tags - image: thegeeklab/docker-autotag - environment: - DOCKER_AUTOTAG_FORCE_LATEST: True - DOCKER_AUTOTAG_IGNORE_PRERELEASE: True - DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - wait-for + - tags - name: publish-dockerhub - image: jdrouet/docker-with-buildx:stable - commands: - - docker login -u "$$DOCKER_USERNAME" -p "$$DOCKER_PASSWORD" - - docker buildx create --use - - docker buildx build --push --platform linux/arm64/v8 --tag thegeeklab/buildx-alpine:arm64 -f "$$DOCKERFILE" . - environment: - DOCKERFILE: Dockerfile.arm64 - DOCKER_PASSWORD: + image: thegeeklab/drone-docker-buildx + settings: + dockerfile: Dockerfile.arm64 + password: from_secret: docker_password - DOCKER_USERNAME: + repo: thegeeklab/buildx-alpine + username: from_secret: docker_username - volumes: - - name: dockersock-arm64_v8 - path: /var/run when: ref: - refs/heads/main @@ -183,18 +133,6 @@ steps: depends_on: - tags -services: -- name: dind-arm64_v8 - image: docker:dind - privileged: true - volumes: - - name: dockersock-arm64_v8 - path: /var/run - -volumes: -- name: dockersock-arm64_v8 - temp: {} - trigger: ref: - refs/heads/main @@ -213,19 +151,19 @@ platform: arch: amd64 steps: -- name: wait-for - image: thegeeklab/wait-for - commands: - - wait-for dind-arm_v7:2376 +- name: tags + image: thegeeklab/docker-autotag environment: - WAITFOR_TIMEOUT: 60 + DOCKER_AUTOTAG_FORCE_LATEST: True + DOCKER_AUTOTAG_IGNORE_PRERELEASE: True + DOCKER_AUTOTAG_OUTPUT_FILE: .tags + DOCKER_AUTOTAG_SUFFIX: arm + DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - name: dryrun image: thegeeklab/drone-docker-buildx settings: - config: - from_secret: docker_config - dockerfile: docker/Dockerfile.arm + dockerfile: Dockerfile.arm dry_run: true password: from_secret: docker_password @@ -234,41 +172,22 @@ steps: repo: thegeeklab/buildx-alpine username: from_secret: docker_username + privileged: true when: ref: - refs/pull/** depends_on: - - wait-for - -- name: tags - image: thegeeklab/docker-autotag - environment: - DOCKER_AUTOTAG_FORCE_LATEST: True - DOCKER_AUTOTAG_IGNORE_PRERELEASE: True - DOCKER_AUTOTAG_OUTPUT_FILE: .tags - DOCKER_AUTOTAG_VERSION: ${DRONE_TAG} - when: - ref: - - refs/heads/main - - refs/tags/** - depends_on: - - wait-for + - tags - name: publish-dockerhub - image: jdrouet/docker-with-buildx:stable - commands: - - docker login -u "$$DOCKER_USERNAME" -p "$$DOCKER_PASSWORD" - - docker buildx create --use - - docker buildx build --push --platform linux/arm/v7 --tag thegeeklab/buildx-alpine:arm -f "$$DOCKERFILE" . - environment: - DOCKERFILE: Dockerfile.arm - DOCKER_PASSWORD: + image: thegeeklab/drone-docker-buildx + settings: + dockerfile: Dockerfile.arm + password: from_secret: docker_password - DOCKER_USERNAME: + repo: thegeeklab/buildx-alpine + username: from_secret: docker_username - volumes: - - name: dockersock-arm_v7 - path: /var/run when: ref: - refs/heads/main @@ -276,18 +195,6 @@ steps: depends_on: - tags -services: -- name: dind-arm_v7 - image: docker:dind - privileged: true - volumes: - - name: dockersock-arm_v7 - path: /var/run - -volumes: -- name: dockersock-arm_v7 - temp: {} - trigger: ref: - refs/heads/main @@ -309,7 +216,6 @@ steps: - name: manifest-dockerhub image: plugins/manifest settings: - auto_tag: true ignore_missing: true password: from_secret: docker_password @@ -352,9 +258,6 @@ steps: - success - failure -image_pull_secrets: -- docker_config - trigger: ref: - refs/heads/main @@ -370,6 +273,6 @@ depends_on: --- kind: signature -hmac: 0d15eda6b01d23551b72f8e12348bb1028d19c0b30cf28be2f38e737a3f9a51d +hmac: c11c306a6ff27ebe6ffe119cda6ec0afd5b8426ccb72c3a71cd6209782634451 ...