From 549b67bccdd5ac289b1185024afd2f493aab0be7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?MI=E2=84=82H=CE=9B=CE=9EL=20F=D1=B2R=D0=98=CE=9BR=D1=B2?= <20387402+xUnholy@users.noreply.github.com> Date: Mon, 28 Sep 2020 07:47:39 +1000 Subject: [PATCH] Adding architecture support for arm/arm64/amd64 docker images (#1781) add multi-arch image support for armv7/arm64/amd64 architectures --- .github/workflows/ci.yml | 51 ++++++++++++++++++++++++++------ .github/workflows/release.yml | 55 +++++++++++++++++++++++++++++------ Dockerfile | 22 +++++++++++--- 3 files changed, 106 insertions(+), 22 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 58dc557c..2592a4b7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -90,20 +90,53 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Determine tag + - name: Get Version + id: info + run: | + echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') + + - name: Determine Docker Tag uses: haya14busa/action-cond@v1 id: imagetag with: cond: ${{ github.event_name == 'pull_request' }} if_true: ${{ github.sha }} - if_false: "master" + if_false: 'master' - - name: Build - uses: docker/build-push-action@v1 + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - repository: dexidp/dex - tags: ${{ steps.imagetag.outputs.value }} - add_git_labels: true + platforms: all + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + with: + install: true + version: latest + # TODO: Remove driver-opts once fix is released docker/buildx#386 + driver-opts: image=moby/buildkit:master + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Build and Push + uses: docker/build-push-action@v2 + with: + context: . + file: Dockerfile + platforms: linux/amd64,linux/arm/v7,linux/arm64 push: ${{ github.event_name == 'push' }} + tags: dexidp/dex:${{ steps.imagetag.outputs.value }} + labels: | + org.opencontainers.image.title=${{ github.event.repository.name }} + org.opencontainers.image.description=${{ github.event.repository.description }} + org.opencontainers.image.url=${{ github.event.repository.html_url }} + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.version=${{ steps.imagetag.outputs.value }} + org.opencontainers.image.created=${{ steps.info.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fbc3a20a..9ada0f05 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,7 +3,7 @@ name: Release on: push: tags: - - "v[0-9]+.[0-9]+.[0-9]+" + - 'v[0-9]+.[0-9]+.[0-9]+' jobs: docker: @@ -13,12 +13,49 @@ jobs: - name: Checkout code uses: actions/checkout@v2 - - name: Build and push image - uses: docker/build-push-action@v1 + - name: Get Version + id: info + run: | + VERSION=$(shell ./scripts/git-version) + echo ::set-output name=version::${VERSION} + echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') + + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - repository: dexidp/dex - tags: latest - tag_with_ref: true - add_git_labels: true + platforms: all + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + with: + install: true + version: latest + # TODO: Remove driver-opts once fix is released docker/buildx#386 + driver-opts: image=moby/buildkit:master + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_PASSWORD }} + + - name: Build and Push + uses: docker/build-push-action@v2 + with: + context: . + file: Dockerfile + platforms: linux/amd64,linux/arm/v7,linux/arm64 + push: true + tags: | + dexidp/dex:latest + dexidp/dex:${{ steps.info.outputs.version }} + labels: | + org.opencontainers.image.title=${{ github.event.repository.name }} + org.opencontainers.image.description=${{ github.event.repository.description }} + org.opencontainers.image.url=${{ github.event.repository.html_url }} + org.opencontainers.image.source=${{ github.event.repository.clone_url }} + org.opencontainers.image.version=${{ steps.info.outputs.version }} + org.opencontainers.image.created=${{ steps.info.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} + org.opencontainers.image.licenses=${{ github.event.repository.license.spdx_id }} diff --git a/Dockerfile b/Dockerfile index b0116145..3dedb9d2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,25 @@ FROM golang:1.14-alpine +ARG TARGETOS +ARG TARGETARCH +ARG TARGETVARIANT="" + +WORKDIR /go/src/github.com/dexidp/dex + +ENV GOOS=${TARGETOS} \ + GOARCH=${TARGETARCH} \ + GOARM=${TARGETVARIANT} + RUN apk add --no-cache --update alpine-sdk -COPY . /go/src/github.com/dexidp/dex -RUN cd /go/src/github.com/dexidp/dex && make release-binary +COPY . . + +RUN make release-binary FROM alpine:3.12 + +WORKDIR / + # Dex connectors, such as GitHub and Google logins require root certificates. # Proper installations should manage those certificates, but it's a bad user # experience when this doesn't work out of the box. @@ -14,12 +28,12 @@ FROM alpine:3.12 RUN apk add --update ca-certificates openssl USER 1001:1001 + COPY --from=0 /go/bin/dex /usr/local/bin/dex # Import frontend assets and set the correct CWD directory so the assets # are in the default path. -COPY web /web -WORKDIR / +COPY web . ENTRYPOINT ["dex"]