add ARM builds
This commit is contained in:
sebthom
parent
4a76493e27
commit
313f378023
|
|
@ -72,31 +72,31 @@ jobs:
|
||||||
|
|
||||||
- name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ env.DOCKER_IMAGE_TAG }}
|
- name: Build ${{ env.DOCKER_IMAGE_REPO }}:${{ env.DOCKER_IMAGE_TAG }}
|
||||||
env:
|
env:
|
||||||
DOCKER_REGISTRY: docker.io
|
|
||||||
DOCKER_REGISTRY_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
||||||
DOCKER_REGISTRY_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
|
|
||||||
DOCKER_IMAGE_TAG: ${{ matrix.DOCKER_IMAGE_TAG }}
|
DOCKER_IMAGE_TAG: ${{ matrix.DOCKER_IMAGE_TAG }}
|
||||||
DOCKER_FILE: ${{ matrix.DOCKER_FILE }}
|
DOCKER_FILE: ${{ matrix.DOCKER_FILE }}
|
||||||
TRIVY_GITHUB_TOKEN: ${{ github.token }}
|
TRIVY_GITHUB_TOKEN: ${{ github.token }}
|
||||||
run: |
|
run: bash build-image.sh
|
||||||
set -eu
|
|
||||||
if [[ $GITHUB_REF_NAME == "main" && $GITHUB_EVENT_NAME != "pull_request" && ${ACT:-} != "true" ]]; then
|
- name: Publish Docker image to docker.io registry
|
||||||
export DOCKER_PUSH=1
|
if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps
|
||||||
echo "$DOCKER_REGISTRY_TOKEN" | docker login -u="$DOCKER_REGISTRY_USERNAME" "$DOCKER_REGISTRY" --password-stdin
|
uses: truemark/skopeo-copy-action@v1 # https://github.com/truemark/skopeo-copy-action
|
||||||
fi
|
# alternative for skopeo is https://github.com/regclient/regclient via iarekylew00t/regctl-installer
|
||||||
bash build-image.sh
|
with:
|
||||||
|
src-image: "docker://${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}"
|
||||||
|
dest-image: "docker://docker.io/${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}"
|
||||||
|
dest-username: "${{ secrets.DOCKER_HUB_USERNAME }}"
|
||||||
|
dest-password: "${{ secrets.DOCKER_HUB_TOKEN }}"
|
||||||
|
multi-arch: "all"
|
||||||
|
|
||||||
- name: Publish Docker image to GH registry
|
- name: Publish Docker image to GH registry
|
||||||
if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps
|
if: ${{ github.ref_name == 'main' && github.event_name != 'pull_request' && !env.ACT }} # https://github.com/nektos/act#skipping-steps
|
||||||
env:
|
uses: truemark/skopeo-copy-action@v1 # https://github.com/truemark/skopeo-copy-action
|
||||||
DOCKER_IMAGE_TAG: ${{ matrix.DOCKER_IMAGE_TAG }}
|
with:
|
||||||
run: |
|
src-image: "docker://${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}"
|
||||||
set -eux
|
dest-image: "docker://ghcr.io/${{ env.DOCKER_IMAGE_REPO }}:${{ matrix.DOCKER_IMAGE_TAG }}"
|
||||||
|
dest-username: "${{ github.actor }}"
|
||||||
echo "${{ github.token }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin
|
dest-password: "${{ github.token }}"
|
||||||
|
multi-arch: "all"
|
||||||
docker image tag $DOCKER_IMAGE_REPO:$DOCKER_IMAGE_TAG ghcr.io/$DOCKER_IMAGE_REPO:$DOCKER_IMAGE_TAG
|
|
||||||
docker push ghcr.io/$DOCKER_IMAGE_REPO:$DOCKER_IMAGE_TAG
|
|
||||||
|
|
||||||
- name: Delete untagged images
|
- name: Delete untagged images
|
||||||
uses: actions/github-script@v6
|
uses: actions/github-script@v6
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@
|
||||||
# SPDX-FileContributor: Sebastian Thomschke
|
# SPDX-FileContributor: Sebastian Thomschke
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
# SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-gitea-act-runner
|
# SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-gitea-act-runner
|
||||||
#
|
|
||||||
|
|
||||||
shared_lib="$(dirname $0)/.shared"
|
shared_lib="$(dirname $0)/.shared"
|
||||||
[ -e "$shared_lib" ] || curl -sSf https://raw.githubusercontent.com/vegardit/docker-shared/v1/download.sh?_=$(date +%s) | bash -s v1 "$shared_lib" || exit 1
|
[ -e "$shared_lib" ] || curl -sSf https://raw.githubusercontent.com/vegardit/docker-shared/v1/download.sh?_=$(date +%s) | bash -s v1 "$shared_lib" || exit 1
|
||||||
|
|
@ -15,7 +14,7 @@ source "$shared_lib/lib/build-image-init.sh"
|
||||||
# specify target docker registry/repo
|
# specify target docker registry/repo
|
||||||
#################################################
|
#################################################
|
||||||
docker_registry=${DOCKER_REGISTRY:-docker.io}
|
docker_registry=${DOCKER_REGISTRY:-docker.io}
|
||||||
image_repo=${DOCKER_REPO:-vegardit/gitea-act-runner}
|
image_repo=${DOCKER_IMAGE_REPO:-vegardit/gitea-act-runner}
|
||||||
image_name=$image_repo:${DOCKER_IMAGE_TAG:-latest}
|
image_name=$image_repo:${DOCKER_IMAGE_TAG:-latest}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -27,7 +26,11 @@ if [[ $OSTYPE == "cygwin" || $OSTYPE == "msys" ]]; then
|
||||||
project_root=$(cygpath -w "$project_root")
|
project_root=$(cygpath -w "$project_root")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
DOCKER_BUILDKIT=1 docker build "$project_root" \
|
# https://github.com/docker/buildx/#building-multi-platform-images
|
||||||
|
docker run --privileged --rm tonistiigi/binfmt --install all
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL=enabled # prevents "docker: 'buildx' is not a docker command."
|
||||||
|
docker buildx create --use # prevents: error: multiple platforms feature is currently not supported for docker driver. Please switch to a different driver (eg. "docker buildx create --use")
|
||||||
|
docker buildx build "$project_root" \
|
||||||
--file "image/$DOCKER_FILE" \
|
--file "image/$DOCKER_FILE" \
|
||||||
--progress=plain \
|
--progress=plain \
|
||||||
--pull \
|
--pull \
|
||||||
|
|
@ -39,9 +42,12 @@ DOCKER_BUILDKIT=1 docker build "$project_root" \
|
||||||
--build-arg GIT_COMMIT_DATE="$(date -d @$(git log -1 --format='%at') --utc +'%Y-%m-%d %H:%M:%S UTC')" \
|
--build-arg GIT_COMMIT_DATE="$(date -d @$(git log -1 --format='%at') --utc +'%Y-%m-%d %H:%M:%S UTC')" \
|
||||||
--build-arg GIT_COMMIT_HASH="$(git rev-parse --short HEAD)" \
|
--build-arg GIT_COMMIT_HASH="$(git rev-parse --short HEAD)" \
|
||||||
--build-arg GIT_REPO_URL="$(git config --get remote.origin.url)" \
|
--build-arg GIT_REPO_URL="$(git config --get remote.origin.url)" \
|
||||||
--build-arg ACT_RUNNER_DOWNLOAD_URL=$(curl -sSfL https://gitea.com/gitea/act_runner/releases | grep -oP "https://gitea.com/gitea/act_runner/releases/download/.*-linux-amd64" | head -1) \
|
--platform linux/amd64,linux/arm64,linux/arm/v7 \
|
||||||
-t $image_name \
|
-t $image_name \
|
||||||
|
$(if [[ "${DOCKER_PUSH:-0}" == "1" ]]; then echo -n "--push"; fi) \
|
||||||
"$@"
|
"$@"
|
||||||
|
docker buildx stop
|
||||||
|
docker image pull $image_name
|
||||||
|
|
||||||
|
|
||||||
#################################################
|
#################################################
|
||||||
|
|
@ -59,13 +65,3 @@ echo
|
||||||
if [[ "${DOCKER_AUDIT_IMAGE:-1}" == 1 ]]; then
|
if [[ "${DOCKER_AUDIT_IMAGE:-1}" == 1 ]]; then
|
||||||
bash "$shared_lib/cmd/audit-image.sh" $image_name
|
bash "$shared_lib/cmd/audit-image.sh" $image_name
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
#################################################
|
|
||||||
# push image with tags to remote docker image registry
|
|
||||||
#################################################
|
|
||||||
if [[ "${DOCKER_PUSH:-0}" == "1" ]]; then
|
|
||||||
docker image tag $image_name $docker_registry/$image_name
|
|
||||||
|
|
||||||
docker push $docker_registry/$image_name
|
|
||||||
fi
|
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,6 @@ ARG LC_ALL=C
|
||||||
|
|
||||||
ARG INSTALL_SUPPORT_TOOLS=0
|
ARG INSTALL_SUPPORT_TOOLS=0
|
||||||
|
|
||||||
ARG ACT_RUNNER_DOWNLOAD_URL
|
|
||||||
ARG UPX_COMPRESS=true
|
ARG UPX_COMPRESS=true
|
||||||
|
|
||||||
ARG BASE_LAYER_CACHE_KEY
|
ARG BASE_LAYER_CACHE_KEY
|
||||||
|
|
@ -57,7 +56,7 @@ RUN --mount=type=bind,source=.shared,target=/mnt/shared <<EOF
|
||||||
mkdir /opt/upx
|
mkdir /opt/upx
|
||||||
upx_download_url=$(curl -fsSL https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep amd64_linux.tar.xz | cut "-d\"" -f4)
|
upx_download_url=$(curl -fsSL https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep amd64_linux.tar.xz | cut "-d\"" -f4)
|
||||||
echo "Downloading [$upx_download_url]..."
|
echo "Downloading [$upx_download_url]..."
|
||||||
curl -fL "$upx_download_url" | tar Jxv -C /opt/upx --strip-components=1
|
curl -fsSL "$upx_download_url" | tar Jxv -C /opt/upx --strip-components=1
|
||||||
/opt/upx/upx --version
|
/opt/upx/upx --version
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -66,7 +65,15 @@ RUN --mount=type=bind,source=.shared,target=/mnt/shared <<EOF
|
||||||
echo "#################################################"
|
echo "#################################################"
|
||||||
echo "Downloading Gitea act runner..."
|
echo "Downloading Gitea act runner..."
|
||||||
echo "#################################################"
|
echo "#################################################"
|
||||||
curl -fsSL "$ACT_RUNNER_DOWNLOAD_URL" -o /usr/local/bin/act_runner
|
arch=$(dpkg --print-architecture)
|
||||||
|
case $arch in
|
||||||
|
armhf) arch=arm-7 ;;
|
||||||
|
amd64|arm64) ;;
|
||||||
|
*) echo "Unsupported arch: $arch"; exit 1;;
|
||||||
|
esac
|
||||||
|
act_runner_download_url=$(curl -sSfL https://gitea.com/gitea/act_runner/releases | grep -oP "https://gitea.com/gitea/act_runner/releases/download/.*-linux-${arch}" | head -1)
|
||||||
|
echo "Downloading [$act_runner_download_url]..."
|
||||||
|
curl -fsSL "$act_runner_download_url" -o /usr/local/bin/act_runner
|
||||||
chmod 755 /usr/local/bin/act_runner
|
chmod 755 /usr/local/bin/act_runner
|
||||||
minimize /usr/local/bin/act_runner
|
minimize /usr/local/bin/act_runner
|
||||||
act_runner --version
|
act_runner --version
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,6 @@ ARG LC_ALL=C
|
||||||
|
|
||||||
ARG INSTALL_SUPPORT_TOOLS=0
|
ARG INSTALL_SUPPORT_TOOLS=0
|
||||||
|
|
||||||
ARG ACT_RUNNER_DOWNLOAD_URL
|
|
||||||
ARG UPX_COMPRESS=true
|
ARG UPX_COMPRESS=true
|
||||||
|
|
||||||
ARG BASE_LAYER_CACHE_KEY
|
ARG BASE_LAYER_CACHE_KEY
|
||||||
|
|
@ -57,7 +56,7 @@ RUN --mount=type=bind,source=.shared,target=/mnt/shared <<EOF
|
||||||
mkdir /opt/upx
|
mkdir /opt/upx
|
||||||
upx_download_url=$(curl -fsSL https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep amd64_linux.tar.xz | cut "-d\"" -f4)
|
upx_download_url=$(curl -fsSL https://api.github.com/repos/upx/upx/releases/latest | grep browser_download_url | grep amd64_linux.tar.xz | cut "-d\"" -f4)
|
||||||
echo "Downloading [$upx_download_url]..."
|
echo "Downloading [$upx_download_url]..."
|
||||||
curl -fL "$upx_download_url" | tar Jxv -C /opt/upx --strip-components=1
|
curl -fsSL "$upx_download_url" | tar Jxv -C /opt/upx --strip-components=1
|
||||||
/opt/upx/upx --version
|
/opt/upx/upx --version
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -66,7 +65,15 @@ RUN --mount=type=bind,source=.shared,target=/mnt/shared <<EOF
|
||||||
echo "#################################################"
|
echo "#################################################"
|
||||||
echo "Downloading Gitea act runner..."
|
echo "Downloading Gitea act runner..."
|
||||||
echo "#################################################"
|
echo "#################################################"
|
||||||
curl -fsSL "$ACT_RUNNER_DOWNLOAD_URL" -o /usr/local/bin/act_runner
|
arch=$(dpkg --print-architecture)
|
||||||
|
case $arch in
|
||||||
|
armhf) arch=arm-7 ;;
|
||||||
|
amd64|arm64) ;;
|
||||||
|
*) echo "Unsupported arch: $arch"; exit 1;;
|
||||||
|
esac
|
||||||
|
act_runner_download_url=$(curl -sSfL https://gitea.com/gitea/act_runner/releases | grep -oP "https://gitea.com/gitea/act_runner/releases/download/.*-linux-${arch}" | head -1)
|
||||||
|
echo "Downloading [$act_runner_download_url]..."
|
||||||
|
curl -fsSL "$act_runner_download_url" -o /usr/local/bin/act_runner
|
||||||
chmod 755 /usr/local/bin/act_runner
|
chmod 755 /usr/local/bin/act_runner
|
||||||
minimize /usr/local/bin/act_runner
|
minimize /usr/local/bin/act_runner
|
||||||
act_runner --version
|
act_runner --version
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue