chore: cross-compile docker images with buildx (#3503)
This commit is contained in:
parent
8e92dd62ab
commit
1ccf69f731
|
@ -386,9 +386,10 @@ jobs:
|
||||||
- name: Remove release packages and test artifacts
|
- name: Remove release packages and test artifacts
|
||||||
run: rm -rf ./release-packages ./test/test-results
|
run: rm -rf ./release-packages ./test/test-results
|
||||||
|
|
||||||
docker-amd64:
|
# Builds both amd64 and arm64 images
|
||||||
|
docker-images:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: package-linux-amd64
|
needs: [package-linux-amd64, package-linux-arm64]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
|
@ -398,34 +399,16 @@ jobs:
|
||||||
name: release-packages
|
name: release-packages
|
||||||
path: ./release-packages
|
path: ./release-packages
|
||||||
|
|
||||||
- name: Run ./ci/steps/build-docker-image.sh
|
- name: Set up QEMU
|
||||||
run: ./ci/steps/build-docker-image.sh
|
uses: docker/setup-qemu-action@v1
|
||||||
|
|
||||||
- name: Upload release image
|
- name: Set up Docker Buildx
|
||||||
uses: actions/upload-artifact@v2
|
uses: docker/setup-buildx-action@v1
|
||||||
with:
|
|
||||||
name: release-images
|
|
||||||
path: ./release-images
|
|
||||||
|
|
||||||
# TODO: this is the last place where we use our self-hosted arm64 runner.
|
|
||||||
# In the future, consider switching to docker buildx + qemu,
|
|
||||||
# thus removing the requirement for us to maintain the runner.
|
|
||||||
docker-arm64:
|
|
||||||
runs-on: ubuntu-arm64-latest
|
|
||||||
needs: package-linux-arm64
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
|
|
||||||
- name: Download release package
|
|
||||||
uses: actions/download-artifact@v2
|
|
||||||
with:
|
|
||||||
name: release-packages
|
|
||||||
path: ./release-packages
|
|
||||||
|
|
||||||
- name: Run ./ci/steps/build-docker-image.sh
|
- name: Run ./ci/steps/build-docker-image.sh
|
||||||
run: ./ci/steps/build-docker-image.sh
|
run: ./ci/steps/build-docker-image.sh
|
||||||
|
|
||||||
- name: Upload release image
|
- name: Upload release images
|
||||||
uses: actions/upload-artifact@v2
|
uses: actions/upload-artifact@v2
|
||||||
with:
|
with:
|
||||||
name: release-images
|
name: release-images
|
||||||
|
@ -433,7 +416,7 @@ jobs:
|
||||||
|
|
||||||
trivy-scan-image:
|
trivy-scan-image:
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
needs: docker-amd64
|
needs: docker-images
|
||||||
# NOTE@jsjoeio: disabling due to a memory issue upstream
|
# NOTE@jsjoeio: disabling due to a memory issue upstream
|
||||||
# See: https://github.com/github/codeql-action/issues/528
|
# See: https://github.com/github/codeql-action/issues/528
|
||||||
if: 1 == 2
|
if: 1 == 2
|
||||||
|
@ -466,6 +449,7 @@ jobs:
|
||||||
uses: github/codeql-action/upload-sarif@v1
|
uses: github/codeql-action/upload-sarif@v1
|
||||||
with:
|
with:
|
||||||
sarif_file: "trivy-image-results.sarif"
|
sarif_file: "trivy-image-results.sarif"
|
||||||
|
|
||||||
# We have to use two trivy jobs
|
# We have to use two trivy jobs
|
||||||
# because GitHub only allows
|
# because GitHub only allows
|
||||||
# codeql/upload-sarif action per job
|
# codeql/upload-sarif action per job
|
||||||
|
|
|
@ -54,7 +54,7 @@ VS Code v0.00.0
|
||||||
|
|
||||||
### Development
|
### Development
|
||||||
|
|
||||||
- item
|
- chore: cross-compile docker images with buildx #3166 @oxy
|
||||||
|
|
||||||
## 3.10.2
|
## 3.10.2
|
||||||
|
|
||||||
|
|
|
@ -100,8 +100,8 @@ You can disable minification by setting `MINIFY=`.
|
||||||
|
|
||||||
This directory contains the release docker container image.
|
This directory contains the release docker container image.
|
||||||
|
|
||||||
- [./release-image/build.sh](./release-image/build.sh)
|
- [./ci/steps/build-docker-image.sh](./ci/steps/build-docker-image.sh)
|
||||||
- Builds the release container with the tag `codercom/code-server-$ARCH:$VERSION`.
|
- Builds the release containers with tags `codercom/code-server-$ARCH:$VERSION` for amd64 and arm64 with `docker buildx`.
|
||||||
- Assumes debian releases are ready in `./release-packages`.
|
- Assumes debian releases are ready in `./release-packages`.
|
||||||
|
|
||||||
## images
|
## images
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
set -euo pipefail
|
|
||||||
|
|
||||||
main() {
|
|
||||||
cd "$(dirname "$0")/../.."
|
|
||||||
source ./ci/lib.sh
|
|
||||||
|
|
||||||
docker build -t "codercom/code-server-$ARCH:$VERSION" -f ./ci/release-image/Dockerfile .
|
|
||||||
}
|
|
||||||
|
|
||||||
main "$@"
|
|
|
@ -0,0 +1,25 @@
|
||||||
|
# Use this file from the top of the repo, with `-f ci/release-image/docker-bake.hcl`
|
||||||
|
|
||||||
|
# Uses env var VERSION if set;
|
||||||
|
# normally, this is set by ci/lib.sh
|
||||||
|
variable "VERSION" {
|
||||||
|
default = "latest"
|
||||||
|
}
|
||||||
|
|
||||||
|
group "default" {
|
||||||
|
targets = ["code-server-amd64", "code-server-arm64"]
|
||||||
|
}
|
||||||
|
|
||||||
|
target "code-server-amd64" {
|
||||||
|
dockerfile = "ci/release-image/Dockerfile"
|
||||||
|
tags = ["docker.io/codercom/code-server-amd64:${VERSION}"]
|
||||||
|
platforms = ["linux/amd64"]
|
||||||
|
output = ["type=tar,dest=./release-images/code-server-amd64-${VERSION}.tar"]
|
||||||
|
}
|
||||||
|
|
||||||
|
target "code-server-arm64" {
|
||||||
|
dockerfile = "ci/release-image/Dockerfile"
|
||||||
|
tags = ["docker.io/codercom/code-server-arm64:${VERSION}"]
|
||||||
|
platforms = ["linux/arm64"]
|
||||||
|
output = ["type=tar,dest=./release-images/code-server-arm64-${VERSION}.tar"]
|
||||||
|
}
|
|
@ -5,10 +5,8 @@ main() {
|
||||||
cd "$(dirname "$0")/../.."
|
cd "$(dirname "$0")/../.."
|
||||||
source ./ci/lib.sh
|
source ./ci/lib.sh
|
||||||
|
|
||||||
./ci/release-image/build.sh
|
|
||||||
|
|
||||||
mkdir -p release-images
|
mkdir -p release-images
|
||||||
docker save "codercom/code-server-$ARCH:$VERSION" >"release-images/code-server-$ARCH-$VERSION.tar"
|
docker buildx bake -f ci/release-image/docker-bake.hcl
|
||||||
}
|
}
|
||||||
|
|
||||||
main "$@"
|
main "$@"
|
||||||
|
|
Loading…
Reference in New Issue