-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
switch to buildx and gcr.io/distroless/base image
- Loading branch information
Showing
8 changed files
with
654 additions
and
203 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
name: deploy | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
- 'releases/**' | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: install | ||
run: curl -fsSL get.docker.com | sh | ||
|
||
- name: checkout | ||
uses: actions/checkout@v1 | ||
|
||
- name: build | ||
run: make build DOCKER_REPO=${{ secrets.DOCKER_REPO }} | ||
|
||
- name: login | ||
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin | ||
|
||
- name: buildx | ||
run: make buildx DOCKER_REPO=${{ secrets.DOCKER_REPO }} BUILD_OPTIONS=--push | ||
|
||
- name: inspect | ||
run: make inspect DOCKER_REPO=${{ secrets.DOCKER_REPO }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,95 +1,46 @@ | ||
DOCKER_REPO := klutchell/dnscrypt-proxy | ||
ARCH := amd64 | ||
TAG := 2.0.28 | ||
BUILD_OPTIONS += | ||
PLATFORM := linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7 | ||
BUILD_OPTIONS += --pull | ||
|
||
BUILD_DATE := $(strip $(shell docker run --rm busybox date -u +'%Y-%m-%dT%H:%M:%SZ')) | ||
BUILD_VERSION := ${TAG}-$(strip $(shell git describe --tags --always --dirty)) | ||
VCS_REF := $(strip $(shell git rev-parse HEAD)) | ||
|
||
DOCKER_CLI_EXPERIMENTAL := enabled | ||
|
||
.EXPORT_ALL_VARIABLES: | ||
|
||
.DEFAULT_GOAL := build | ||
|
||
.PHONY: build push clean all build-all push-all clean-all manifest help | ||
.PHONY: build buildx inspect help | ||
|
||
build: qemu-user-static ## Build an image with the provided ARCH | ||
build: ## build and test on the host OS architecture | ||
docker build ${BUILD_OPTIONS} \ | ||
--build-arg ARCH \ | ||
--build-arg BUILD_VERSION \ | ||
--build-arg BUILD_DATE \ | ||
--build-arg VCS_REF \ | ||
--tag ${DOCKER_REPO}:${ARCH}-${TAG} . | ||
docker run --rm --entrypoint /bin/sh ${DOCKER_REPO}:${ARCH}-${TAG} \ | ||
-c '(/entrypoint.sh &) && sleep 10 \ | ||
&& drill -p 5053 sigok.verteiltesysteme.net @127.0.0.1 | grep NOERROR' | ||
|
||
push: ## Push an image with the provided ARCH (requires docker login) | ||
docker push ${DOCKER_REPO}:${ARCH}-${TAG} | ||
|
||
clean: ## Remove cached image with the provided ARCH | ||
-docker image rm ${DOCKER_REPO}:${ARCH}-${TAG} | ||
|
||
all: build-all | ||
--tag ${DOCKER_REPO} . | ||
docker run --rm ${DOCKER_REPO} --check | ||
|
||
build-all: ## Build images for all supported architectures | ||
make build ARCH=amd64 | ||
make build ARCH=arm32v6 | ||
make build ARCH=arm32v7` | ||
make build ARCH=arm64v8 | ||
make build ARCH=i386 | ||
make build ARCH=ppc64le | ||
|
||
push-all: ## Push images for all supported architectures (requires docker login) | ||
make push ARCH=amd64 | ||
make push ARCH=arm32v6 | ||
make push ARCH=arm32v7 | ||
make push ARCH=arm64v8 | ||
make push ARCH=i386 | ||
make push ARCH=ppc64le | ||
buildx: builder ## cross-build multiarch manifest(s) with configured platforms | ||
docker buildx build ${BUILD_OPTIONS} \ | ||
--platform ${PLATFORM} \ | ||
--build-arg BUILD_VERSION \ | ||
--build-arg BUILD_DATE \ | ||
--build-arg VCS_REF \ | ||
--tag ${DOCKER_REPO}:${TAG} \ | ||
--tag ${DOCKER_REPO}:latest . | ||
|
||
clean-all: ## Clean images for all supported architectures | ||
make clean ARCH=amd64 | ||
make clean ARCH=arm32v6 | ||
make clean ARCH=arm32v7 | ||
make clean ARCH=arm64v8 | ||
make clean ARCH=i386 | ||
make clean ARCH=ppc64le | ||
inspect: ## inspect manifest contents | ||
docker buildx imagetools inspect ${DOCKER_REPO}:${TAG} | ||
|
||
manifest: ## Create and push a multiarch manifest to the docker repo (requires docker login) | ||
-docker manifest push --purge ${DOCKER_REPO}:${TAG} | ||
docker manifest create ${DOCKER_REPO}:${TAG} \ | ||
${DOCKER_REPO}:amd64-${TAG} \ | ||
${DOCKER_REPO}:arm32v6-${TAG} \ | ||
${DOCKER_REPO}:arm32v7-${TAG} \ | ||
${DOCKER_REPO}:arm64v8-${TAG} \ | ||
${DOCKER_REPO}:i386-${TAG} \ | ||
${DOCKER_REPO}:ppc64le-${TAG} | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:amd64-${TAG} --os linux --arch amd64 | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:arm32v6-${TAG} --os linux --arch arm --variant v6 | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:arm32v7-${TAG} --os linux --arch arm --variant v7 | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:arm64v8-${TAG} --os linux --arch arm64 --variant v8 | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:i386-${TAG} --os linux --arch 386 | ||
docker manifest annotate ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:ppc64le-${TAG} --os linux --arch ppc64le | ||
docker manifest push --purge ${DOCKER_REPO}:${TAG} | ||
-docker manifest push --purge ${DOCKER_REPO}:latest | ||
docker manifest create ${DOCKER_REPO}:latest \ | ||
${DOCKER_REPO}:amd64-${TAG} \ | ||
${DOCKER_REPO}:arm32v6-${TAG} \ | ||
${DOCKER_REPO}:arm32v7-${TAG} \ | ||
${DOCKER_REPO}:arm64v8-${TAG} \ | ||
${DOCKER_REPO}:i386-${TAG} \ | ||
${DOCKER_REPO}:ppc64le-${TAG} | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:amd64-${TAG} --os linux --arch amd64 | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:arm32v6-${TAG} --os linux --arch arm --variant v6 | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:arm32v7-${TAG} --os linux --arch arm --variant v7 | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:arm64v8-${TAG} --os linux --arch arm64 --variant v8 | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:i386-${TAG} --os linux --arch 386 | ||
docker manifest annotate ${DOCKER_REPO}:latest ${DOCKER_REPO}:ppc64le-${TAG} --os linux --arch ppc64le | ||
docker manifest push --purge ${DOCKER_REPO}:latest | ||
builder: binfmt | ||
-docker buildx create --use --name ci | ||
docker buildx inspect --bootstrap | ||
|
||
qemu-user-static: | ||
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | ||
binfmt: | ||
docker run --rm --privileged docker/binfmt:66f9012c56a8316f9244ffd7622d7c21c1f6f28d | ||
|
||
help: ## Display available commands | ||
help: ## display available commands | ||
@grep -E '^[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.