From b37103e9542a298ff32511a73298216a5e5c856e Mon Sep 17 00:00:00 2001 From: Shahid Date: Tue, 10 Jan 2023 19:27:54 +0530 Subject: [PATCH 1/3] Add support to multi architecture docker image using a github action --- .github/workflows/docker-builds.yml | 42 +++++++++++++++++++++++++++++ Dockerfile | 6 +++-- Makefile | 4 +-- 3 files changed, 48 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/docker-builds.yml diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml new file mode 100644 index 000000000..18fb6d8d2 --- /dev/null +++ b/.github/workflows/docker-builds.yml @@ -0,0 +1,42 @@ +name: Build and publish cfssl docker image + +on: + push: + tags: + - 'v*.*.*' + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Get tag + id: cfssl + run: echo "::set-output name=tag::$(git describe --tags HEAD)" + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Log in to the Docker hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v3 + with: + context: . + platforms: linux/amd64,linux/arm64,linux/s390x + push: true + tags: cfssl:${{ steps.cfssl.outputs.tag }} diff --git a/Dockerfile b/Dockerfile index 615e6d1fd..192d59d65 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,13 @@ -FROM golang:1.16.15@sha256:35fa3cfd4ec01a520f6986535d8f70a5eeef2d40fb8019ff626da24989bdd4f1 +FROM --platform=${BUILDPLATFORM} golang:1.19.3@sha256:d388153691a825844ebb3586dd04d1c60a2215522cc445701424205dffc8a83e + +ARG TARGETOS TARGETARCH WORKDIR /workdir COPY . /workdir RUN git clone https://github.com/cloudflare/cfssl_trust.git /etc/cfssl && \ make clean && \ - make all && cp bin/* /usr/bin/ + GOOS=${TARGETOS} GOARCH=${TARGETARCH} make all && cp bin/* /usr/bin/ EXPOSE 8888 diff --git a/Makefile b/Makefile index 06641982f..366b7b1cd 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ all: bin/cfssl bin/cfssl-bundle bin/cfssl-certinfo bin/cfssl-newkey bin/cfssl-sc bin/%: $(shell find . -type f -name '*.go') @mkdir -p $(dir $@) - go build -ldflags $(LDFLAGS) -o $@ ./cmd/$(@F) + GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) go build -ldflags $(LDFLAGS) -o $@ ./cmd/$(@F) .PHONY: install install: install-cfssl install-cfssl-bundle install-cfssl-certinfo install-cfssl-newkey install-cfssl-scan install-cfssljson install-mkbundle install-multirootca @@ -25,7 +25,7 @@ serve: bin/goose: $(shell find vendor -type f -name '*.go') @mkdir -p $(dir $@) - go build -o $@ ./vendor/bitbucket.org/liamstask/goose/cmd/goose + GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) go build -o $@ ./vendor/bitbucket.org/liamstask/goose/cmd/goose .PHONY: clean clean: From 8467879cdfaede36ab545bf873deb8497d41f3e5 Mon Sep 17 00:00:00 2001 From: Shahid Date: Tue, 7 Feb 2023 14:05:24 +0530 Subject: [PATCH 2/3] Update Makefile Adding check before using `GOOS` and `GOARCH` variables in `go build` command. Ref. https://github.com/cloudflare/cfssl/pull/1267#discussion_r1083938333 --- Makefile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Makefile b/Makefile index 366b7b1cd..6c72dc03b 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,11 @@ all: bin/cfssl bin/cfssl-bundle bin/cfssl-certinfo bin/cfssl-newkey bin/cfssl-sc bin/%: $(shell find . -type f -name '*.go') @mkdir -p $(dir $@) +ifneq ($(and $(TARGETOS),$(TARGETARCH)),) GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) go build -ldflags $(LDFLAGS) -o $@ ./cmd/$(@F) +else + go build -ldflags $(LDFLAGS) -o $@ ./cmd/$(@F) +endif .PHONY: install install: install-cfssl install-cfssl-bundle install-cfssl-certinfo install-cfssl-newkey install-cfssl-scan install-cfssljson install-mkbundle install-multirootca @@ -25,7 +29,11 @@ serve: bin/goose: $(shell find vendor -type f -name '*.go') @mkdir -p $(dir $@) +ifneq ($(and $(TARGETOS),$(TARGETARCH)),) GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) go build -o $@ ./vendor/bitbucket.org/liamstask/goose/cmd/goose +else + go build -o $@ ./vendor/bitbucket.org/liamstask/goose/cmd/goose +endif .PHONY: clean clean: From cf63dcbff72726324f0370afa8bae0194a5681ad Mon Sep 17 00:00:00 2001 From: Shahid Date: Tue, 7 Feb 2023 14:08:43 +0530 Subject: [PATCH 3/3] Update Dockerfile Incorporating review comments https://github.com/cloudflare/cfssl/pull/1267#discussion_r1083943730 and https://github.com/cloudflare/cfssl/pull/1267#discussion_r1083963991 --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 192d59d65..d22bf1946 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ -FROM --platform=${BUILDPLATFORM} golang:1.19.3@sha256:d388153691a825844ebb3586dd04d1c60a2215522cc445701424205dffc8a83e +FROM --platform=${BUILDPLATFORM} golang:1.19.3 -ARG TARGETOS TARGETARCH +ARG TARGETOS +ARG TARGETARCH WORKDIR /workdir COPY . /workdir