From 805bcb5dd8277ac87073d6a250247ac38411f447 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 13:41:30 -0500 Subject: [PATCH 01/23] Add basic builder-24 config --- builder-24/builder.toml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 builder-24/builder.toml diff --git a/builder-24/builder.toml b/builder-24/builder.toml new file mode 100644 index 00000000..7e1287b4 --- /dev/null +++ b/builder-24/builder.toml @@ -0,0 +1,13 @@ +description = "Heroku-24 (Ubuntu 24.04) base image with buildpacks that support amd and arm architectures" + +[stack] +id = "heroku-24" +build-image = "heroku/heroku:24-build" +run-image = "heroku/heroku:24" + +[lifecycle] +version = "0.19.3" + +[[buildpacks]] + id = "heroku/procfile" + uri = "docker://docker.io/heroku/buildpack-procfile@sha256:c4dd6aa0043c326f91f921a5ceab4ea6a892a5b4042b46d3f35ac975fa6562ca" From c024a4a29404dc9221974ebc3bdfef55ac5be098 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 13:41:41 -0500 Subject: [PATCH 02/23] Update test matrix to include builder-24 --- .github/workflows/build-test-publish.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 637da791..db3f2ea3 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -21,11 +21,15 @@ defaults: jobs: create: - runs-on: ubuntu-22.04 + runs-on: ${{ matrix.platform == 'linux/arm64' && 'pub-hk-ubuntu-22.04-arm-large' || ubuntu-22.04 }} strategy: fail-fast: false matrix: - builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22", "salesforce-functions"] + builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22", "salesforce-functions", "builder-24"] + platform: ["linux/amd64"], + include: + - builder: "builder-24" + platform: "linux/arm64" steps: - name: Checkout uses: actions/checkout@v4 From f5b6d23309dc4506a1eb2025119416c39e928d6e Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 13:43:37 -0500 Subject: [PATCH 03/23] Drop trailing comma --- .github/workflows/build-test-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index db3f2ea3..6e1b71da 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -26,7 +26,7 @@ jobs: fail-fast: false matrix: builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22", "salesforce-functions", "builder-24"] - platform: ["linux/amd64"], + platform: ["linux/amd64"] include: - builder: "builder-24" platform: "linux/arm64" From 24771b1d31cea61514cd46714e9e8fcdb29552b3 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 13:45:43 -0500 Subject: [PATCH 04/23] Wrap ubuntu-22.04 in quotes --- .github/workflows/build-test-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 6e1b71da..f174ad35 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -21,7 +21,7 @@ defaults: jobs: create: - runs-on: ${{ matrix.platform == 'linux/arm64' && 'pub-hk-ubuntu-22.04-arm-large' || ubuntu-22.04 }} + runs-on: ${{ matrix.platform == 'linux/arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} strategy: fail-fast: false matrix: From 3fea13b9ba71d4fead13abef06dfbed4f3ce8f11 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 13:57:57 -0500 Subject: [PATCH 05/23] s/platform/arch/ --- .github/workflows/build-test-publish.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index f174ad35..117769b2 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -21,15 +21,15 @@ defaults: jobs: create: - runs-on: ${{ matrix.platform == 'linux/arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} + runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} strategy: fail-fast: false matrix: builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22", "salesforce-functions", "builder-24"] - platform: ["linux/amd64"] + arch: ["amd64"] include: - builder: "builder-24" - platform: "linux/arm64" + arch: "arm64" steps: - name: Checkout uses: actions/checkout@v4 From 011dd8118ed26f5938184405cf39791e425ee012 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 14:05:30 -0500 Subject: [PATCH 06/23] Setup docker on arm64 --- .github/workflows/build-test-publish.yml | 11 +- setup_docker_ci | 746 +++++++++++++++++++++++ 2 files changed, 755 insertions(+), 2 deletions(-) create mode 100644 setup_docker_ci diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 117769b2..08b9d95f 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -28,11 +28,18 @@ jobs: builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22", "salesforce-functions", "builder-24"] arch: ["amd64"] include: - - builder: "builder-24" - arch: "arm64" + - builder: "builder-24" + arch: "arm64" steps: - name: Checkout uses: actions/checkout@v4 + - name: Setup Docker + if: ${{ matrix.arch == 'arm64' }} + run: | + bin/setup_docker_ci + sudo usermod -aG docker $USER + sudo apt-get install acl + sudo setfacl --modify user:$USER:rw /var/run/docker.sock - name: Install Pack CLI uses: buildpacks/github-actions/setup-pack@v5.6.0 - name: Create builder image diff --git a/setup_docker_ci b/setup_docker_ci new file mode 100644 index 00000000..c6c72ab4 --- /dev/null +++ b/setup_docker_ci @@ -0,0 +1,746 @@ +#!/bin/sh + +# From https://get.docker.com/?_gl=1*1tp079*_ga*MTgyMzQ5NDI1Ni4xNzA2NjQwNjg1*_ga_XJWPQMJYHQ*MTcxMTQ5OTE4OS4xMC4xLjE3MTE0OTkzODcuNTkuMC4w + +set -e +# Docker Engine for Linux installation script. +# +# This script is intended as a convenient way to configure docker's package +# repositories and to install Docker Engine, This script is not recommended +# for production environments. Before running this script, make yourself familiar +# with potential risks and limitations, and refer to the installation manual +# at https://docs.docker.com/engine/install/ for alternative installation methods. +# +# The script: +# +# - Requires `root` or `sudo` privileges to run. +# - Attempts to detect your Linux distribution and version and configure your +# package management system for you. +# - Doesn't allow you to customize most installation parameters. +# - Installs dependencies and recommendations without asking for confirmation. +# - Installs the latest stable release (by default) of Docker CLI, Docker Engine, +# Docker Buildx, Docker Compose, containerd, and runc. When using this script +# to provision a machine, this may result in unexpected major version upgrades +# of these packages. Always test upgrades in a test environment before +# deploying to your production systems. +# - Isn't designed to upgrade an existing Docker installation. When using the +# script to update an existing installation, dependencies may not be updated +# to the expected version, resulting in outdated versions. +# +# Source code is available at https://github.com/docker/docker-install/ +# +# Usage +# ============================================================================== +# +# To install the latest stable versions of Docker CLI, Docker Engine, and their +# dependencies: +# +# 1. download the script +# +# $ curl -fsSL https://get.docker.com -o install-docker.sh +# +# 2. verify the script's content +# +# $ cat install-docker.sh +# +# 3. run the script with --dry-run to verify the steps it executes +# +# $ sh install-docker.sh --dry-run +# +# 4. run the script either as root, or using sudo to perform the installation. +# +# $ sudo sh install-docker.sh +# +# Command-line options +# ============================================================================== +# +# --version +# Use the --version option to install a specific version, for example: +# +# $ sudo sh install-docker.sh --version 23.0 +# +# --channel +# +# Use the --channel option to install from an alternative installation channel. +# The following example installs the latest versions from the "test" channel, +# which includes pre-releases (alpha, beta, rc): +# +# $ sudo sh install-docker.sh --channel test +# +# Alternatively, use the script at https://test.docker.com, which uses the test +# channel as default. +# +# --mirror +# +# Use the --mirror option to install from a mirror supported by this script. +# Available mirrors are "Aliyun" (https://mirrors.aliyun.com/docker-ce), and +# "AzureChinaCloud" (https://mirror.azure.cn/docker-ce), for example: +# +# $ sudo sh install-docker.sh --mirror AzureChinaCloud +# +# ============================================================================== + + +# Git commit from https://github.com/docker/docker-install when +# the script was uploaded (Should only be modified by upload job): +SCRIPT_COMMIT_SHA="e5543d473431b782227f8908005543bb4389b8de" + +# strip "v" prefix if present +VERSION="${VERSION#v}" + +# The channel to install from: +# * stable +# * test +# * edge (deprecated) +# * nightly (deprecated) +DEFAULT_CHANNEL_VALUE="stable" +if [ -z "$CHANNEL" ]; then + CHANNEL=$DEFAULT_CHANNEL_VALUE +fi + +DEFAULT_DOWNLOAD_URL="https://download.docker.com" +if [ -z "$DOWNLOAD_URL" ]; then + DOWNLOAD_URL=$DEFAULT_DOWNLOAD_URL +fi + +DEFAULT_REPO_FILE="docker-ce.repo" +if [ -z "$REPO_FILE" ]; then + REPO_FILE="$DEFAULT_REPO_FILE" +fi + +mirror='' +DRY_RUN=${DRY_RUN:-} +while [ $# -gt 0 ]; do + case "$1" in + --channel) + CHANNEL="$2" + shift + ;; + --dry-run) + DRY_RUN=1 + ;; + --mirror) + mirror="$2" + shift + ;; + --version) + VERSION="${2#v}" + shift + ;; + --*) + echo "Illegal option $1" + ;; + esac + shift $(( $# > 0 ? 1 : 0 )) +done + +case "$mirror" in + Aliyun) + DOWNLOAD_URL="https://mirrors.aliyun.com/docker-ce" + ;; + AzureChinaCloud) + DOWNLOAD_URL="https://mirror.azure.cn/docker-ce" + ;; + "") + ;; + *) + >&2 echo "unknown mirror '$mirror': use either 'Aliyun', or 'AzureChinaCloud'." + exit 1 + ;; +esac + +case "$CHANNEL" in + stable|test) + ;; + edge|nightly) + >&2 echo "DEPRECATED: the $CHANNEL channel has been deprecated and is no longer supported by this script." + exit 1 + ;; + *) + >&2 echo "unknown CHANNEL '$CHANNEL': use either stable or test." + exit 1 + ;; +esac + +command_exists() { + command -v "$@" > /dev/null 2>&1 +} + +# version_gte checks if the version specified in $VERSION is at least the given +# SemVer (Maj.Minor[.Patch]), or CalVer (YY.MM) version.It returns 0 (success) +# if $VERSION is either unset (=latest) or newer or equal than the specified +# version, or returns 1 (fail) otherwise. +# +# examples: +# +# VERSION=23.0 +# version_gte 23.0 // 0 (success) +# version_gte 20.10 // 0 (success) +# version_gte 19.03 // 0 (success) +# version_gte 21.10 // 1 (fail) +version_gte() { + if [ -z "$VERSION" ]; then + return 0 + fi + eval version_compare "$VERSION" "$1" +} + +# version_compare compares two version strings (either SemVer (Major.Minor.Path), +# or CalVer (YY.MM) version strings. It returns 0 (success) if version A is newer +# or equal than version B, or 1 (fail) otherwise. Patch releases and pre-release +# (-alpha/-beta) are not taken into account +# +# examples: +# +# version_compare 23.0.0 20.10 // 0 (success) +# version_compare 23.0 20.10 // 0 (success) +# version_compare 20.10 19.03 // 0 (success) +# version_compare 20.10 20.10 // 0 (success) +# version_compare 19.03 20.10 // 1 (fail) +version_compare() ( + set +x + + yy_a="$(echo "$1" | cut -d'.' -f1)" + yy_b="$(echo "$2" | cut -d'.' -f1)" + if [ "$yy_a" -lt "$yy_b" ]; then + return 1 + fi + if [ "$yy_a" -gt "$yy_b" ]; then + return 0 + fi + mm_a="$(echo "$1" | cut -d'.' -f2)" + mm_b="$(echo "$2" | cut -d'.' -f2)" + + # trim leading zeros to accommodate CalVer + mm_a="${mm_a#0}" + mm_b="${mm_b#0}" + + if [ "${mm_a:-0}" -lt "${mm_b:-0}" ]; then + return 1 + fi + + return 0 +) + +is_dry_run() { + if [ -z "$DRY_RUN" ]; then + return 1 + else + return 0 + fi +} + +is_wsl() { + case "$(uname -r)" in + *microsoft* ) true ;; # WSL 2 + *Microsoft* ) true ;; # WSL 1 + * ) false;; + esac +} + +is_darwin() { + case "$(uname -s)" in + *darwin* ) true ;; + *Darwin* ) true ;; + * ) false;; + esac +} + +deprecation_notice() { + distro=$1 + distro_version=$2 + echo + printf "\033[91;1mDEPRECATION WARNING\033[0m\n" + printf " This Linux distribution (\033[1m%s %s\033[0m) reached end-of-life and is no longer supported by this script.\n" "$distro" "$distro_version" + echo " No updates or security fixes will be released for this distribution, and users are recommended" + echo " to upgrade to a currently maintained version of $distro." + echo + printf "Press \033[1mCtrl+C\033[0m now to abort this script, or wait for the installation to continue." + echo + sleep 10 +} + +get_distribution() { + lsb_dist="" + # Every system that we officially support has /etc/os-release + if [ -r /etc/os-release ]; then + lsb_dist="$(. /etc/os-release && echo "$ID")" + fi + # Returning an empty string here should be alright since the + # case statements don't act unless you provide an actual value + echo "$lsb_dist" +} + +echo_docker_as_nonroot() { + if is_dry_run; then + return + fi + if command_exists docker && [ -e /var/run/docker.sock ]; then + ( + set -x + $sh_c 'docker version' + ) || true + fi + + # intentionally mixed spaces and tabs here -- tabs are stripped by "<<-EOF", spaces are kept in the output + echo + echo "================================================================================" + echo + if version_gte "20.10"; then + echo "To run Docker as a non-privileged user, consider setting up the" + echo "Docker daemon in rootless mode for your user:" + echo + echo " dockerd-rootless-setuptool.sh install" + echo + echo "Visit https://docs.docker.com/go/rootless/ to learn about rootless mode." + echo + fi + echo + echo "To run the Docker daemon as a fully privileged service, but granting non-root" + echo "users access, refer to https://docs.docker.com/go/daemon-access/" + echo + echo "WARNING: Access to the remote API on a privileged Docker daemon is equivalent" + echo " to root access on the host. Refer to the 'Docker daemon attack surface'" + echo " documentation for details: https://docs.docker.com/go/attack-surface/" + echo + echo "================================================================================" + echo +} + +# Check if this is a forked Linux distro +check_forked() { + + # Check for lsb_release command existence, it usually exists in forked distros + if command_exists lsb_release; then + # Check if the `-u` option is supported + set +e + lsb_release -a -u > /dev/null 2>&1 + lsb_release_exit_code=$? + set -e + + # Check if the command has exited successfully, it means we're in a forked distro + if [ "$lsb_release_exit_code" = "0" ]; then + # Print info about current distro + cat <<-EOF + You're using '$lsb_dist' version '$dist_version'. + EOF + + # Get the upstream release info + lsb_dist=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'id' | cut -d ':' -f 2 | tr -d '[:space:]') + dist_version=$(lsb_release -a -u 2>&1 | tr '[:upper:]' '[:lower:]' | grep -E 'codename' | cut -d ':' -f 2 | tr -d '[:space:]') + + # Print info about upstream distro + cat <<-EOF + Upstream release is '$lsb_dist' version '$dist_version'. + EOF + else + if [ -r /etc/debian_version ] && [ "$lsb_dist" != "ubuntu" ] && [ "$lsb_dist" != "raspbian" ]; then + if [ "$lsb_dist" = "osmc" ]; then + # OSMC runs Raspbian + lsb_dist=raspbian + else + # We're Debian and don't even know it! + lsb_dist=debian + fi + dist_version="$(sed 's/\/.*//' /etc/debian_version | sed 's/\..*//')" + case "$dist_version" in + 12) + dist_version="bookworm" + ;; + 11) + dist_version="bullseye" + ;; + 10) + dist_version="buster" + ;; + 9) + dist_version="stretch" + ;; + 8) + dist_version="jessie" + ;; + esac + fi + fi + fi +} + +do_install() { + echo "# Executing docker install script, commit: $SCRIPT_COMMIT_SHA" + + if command_exists docker; then + cat >&2 <<-'EOF' + Warning: the "docker" command appears to already exist on this system. + + If you already have Docker installed, this script can cause trouble, which is + why we're displaying this warning and provide the opportunity to cancel the + installation. + + If you installed the current Docker package using this script and are using it + again to update Docker, you can safely ignore this message. + + You may press Ctrl+C now to abort this script. + EOF + ( set -x; sleep 20 ) + fi + + user="$(id -un 2>/dev/null || true)" + + sh_c='sh -c' + if [ "$user" != 'root' ]; then + if command_exists sudo; then + sh_c='sudo -E sh -c' + elif command_exists su; then + sh_c='su -c' + else + cat >&2 <<-'EOF' + Error: this installer needs the ability to run commands as root. + We are unable to find either "sudo" or "su" available to make this happen. + EOF + exit 1 + fi + fi + + if is_dry_run; then + sh_c="echo" + fi + + # perform some very rudimentary platform detection + lsb_dist=$( get_distribution ) + lsb_dist="$(echo "$lsb_dist" | tr '[:upper:]' '[:lower:]')" + + if is_wsl; then + echo + echo "WSL DETECTED: We recommend using Docker Desktop for Windows." + echo "Please get Docker Desktop from https://www.docker.com/products/docker-desktop/" + echo + cat >&2 <<-'EOF' + + You may press Ctrl+C now to abort this script. + EOF + ( set -x; sleep 20 ) + fi + + case "$lsb_dist" in + + ubuntu) + if command_exists lsb_release; then + dist_version="$(lsb_release --codename | cut -f2)" + fi + if [ -z "$dist_version" ] && [ -r /etc/lsb-release ]; then + dist_version="$(. /etc/lsb-release && echo "$DISTRIB_CODENAME")" + fi + ;; + + debian|raspbian) + dist_version="$(sed 's/\/.*//' /etc/debian_version | sed 's/\..*//')" + case "$dist_version" in + 12) + dist_version="bookworm" + ;; + 11) + dist_version="bullseye" + ;; + 10) + dist_version="buster" + ;; + 9) + dist_version="stretch" + ;; + 8) + dist_version="jessie" + ;; + esac + ;; + + centos|rhel|sles) + if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then + dist_version="$(. /etc/os-release && echo "$VERSION_ID")" + fi + ;; + + *) + if command_exists lsb_release; then + dist_version="$(lsb_release --release | cut -f2)" + fi + if [ -z "$dist_version" ] && [ -r /etc/os-release ]; then + dist_version="$(. /etc/os-release && echo "$VERSION_ID")" + fi + ;; + + esac + + # Check if this is a forked Linux distro + check_forked + + # Print deprecation warnings for distro versions that recently reached EOL, + # but may still be commonly used (especially LTS versions). + case "$lsb_dist.$dist_version" in + debian.stretch|debian.jessie) + deprecation_notice "$lsb_dist" "$dist_version" + ;; + raspbian.stretch|raspbian.jessie) + deprecation_notice "$lsb_dist" "$dist_version" + ;; + ubuntu.xenial|ubuntu.trusty) + deprecation_notice "$lsb_dist" "$dist_version" + ;; + ubuntu.impish|ubuntu.hirsute|ubuntu.groovy|ubuntu.eoan|ubuntu.disco|ubuntu.cosmic) + deprecation_notice "$lsb_dist" "$dist_version" + ;; + fedora.*) + if [ "$dist_version" -lt 36 ]; then + deprecation_notice "$lsb_dist" "$dist_version" + fi + ;; + esac + + # Run setup for each distro accordingly + case "$lsb_dist" in + ubuntu|debian|raspbian) + pre_reqs="apt-transport-https ca-certificates curl" + if ! command -v gpg > /dev/null; then + pre_reqs="$pre_reqs gnupg" + fi + apt_repo="deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] $DOWNLOAD_URL/linux/$lsb_dist $dist_version $CHANNEL" + ( + if ! is_dry_run; then + set -x + fi + $sh_c 'apt-get update -qq >/dev/null' + $sh_c "DEBIAN_FRONTEND=noninteractive apt-get install -y -qq $pre_reqs >/dev/null" + $sh_c 'install -m 0755 -d /etc/apt/keyrings' + $sh_c "curl -fsSL \"$DOWNLOAD_URL/linux/$lsb_dist/gpg\" | gpg --dearmor --yes -o /etc/apt/keyrings/docker.gpg" + $sh_c "chmod a+r /etc/apt/keyrings/docker.gpg" + $sh_c "echo \"$apt_repo\" > /etc/apt/sources.list.d/docker.list" + $sh_c 'apt-get update -qq >/dev/null' + ) + pkg_version="" + if [ -n "$VERSION" ]; then + if is_dry_run; then + echo "# WARNING: VERSION pinning is not supported in DRY_RUN" + else + # Will work for incomplete versions IE (17.12), but may not actually grab the "latest" if in the test channel + pkg_pattern="$(echo "$VERSION" | sed 's/-ce-/~ce~.*/g' | sed 's/-/.*/g')" + search_command="apt-cache madison docker-ce | grep '$pkg_pattern' | head -1 | awk '{\$1=\$1};1' | cut -d' ' -f 3" + pkg_version="$($sh_c "$search_command")" + echo "INFO: Searching repository for VERSION '$VERSION'" + echo "INFO: $search_command" + if [ -z "$pkg_version" ]; then + echo + echo "ERROR: '$VERSION' not found amongst apt-cache madison results" + echo + exit 1 + fi + if version_gte "18.09"; then + search_command="apt-cache madison docker-ce-cli | grep '$pkg_pattern' | head -1 | awk '{\$1=\$1};1' | cut -d' ' -f 3" + echo "INFO: $search_command" + cli_pkg_version="=$($sh_c "$search_command")" + fi + pkg_version="=$pkg_version" + fi + fi + ( + pkgs="docker-ce${pkg_version%=}" + if version_gte "18.09"; then + # older versions didn't ship the cli and containerd as separate packages + pkgs="$pkgs docker-ce-cli${cli_pkg_version%=} containerd.io" + fi + if version_gte "20.10"; then + pkgs="$pkgs docker-compose-plugin docker-ce-rootless-extras$pkg_version" + fi + if version_gte "23.0"; then + pkgs="$pkgs docker-buildx-plugin" + fi + if ! is_dry_run; then + set -x + fi + $sh_c "DEBIAN_FRONTEND=noninteractive apt-get install -y -qq $pkgs >/dev/null" + ) + echo_docker_as_nonroot + exit 0 + ;; + centos|fedora|rhel) + if [ "$(uname -m)" != "s390x" ] && [ "$lsb_dist" = "rhel" ]; then + echo "Packages for RHEL are currently only available for s390x." + exit 1 + fi + if [ "$lsb_dist" = "fedora" ]; then + pkg_manager="dnf" + config_manager="dnf config-manager" + enable_channel_flag="--set-enabled" + disable_channel_flag="--set-disabled" + pre_reqs="dnf-plugins-core" + pkg_suffix="fc$dist_version" + else + pkg_manager="yum" + config_manager="yum-config-manager" + enable_channel_flag="--enable" + disable_channel_flag="--disable" + pre_reqs="yum-utils" + pkg_suffix="el" + fi + repo_file_url="$DOWNLOAD_URL/linux/$lsb_dist/$REPO_FILE" + ( + if ! is_dry_run; then + set -x + fi + $sh_c "$pkg_manager install -y -q $pre_reqs" + $sh_c "$config_manager --add-repo $repo_file_url" + + if [ "$CHANNEL" != "stable" ]; then + $sh_c "$config_manager $disable_channel_flag 'docker-ce-*'" + $sh_c "$config_manager $enable_channel_flag 'docker-ce-$CHANNEL'" + fi + $sh_c "$pkg_manager makecache" + ) + pkg_version="" + if [ -n "$VERSION" ]; then + if is_dry_run; then + echo "# WARNING: VERSION pinning is not supported in DRY_RUN" + else + pkg_pattern="$(echo "$VERSION" | sed 's/-ce-/\\\\.ce.*/g' | sed 's/-/.*/g').*$pkg_suffix" + search_command="$pkg_manager list --showduplicates docker-ce | grep '$pkg_pattern' | tail -1 | awk '{print \$2}'" + pkg_version="$($sh_c "$search_command")" + echo "INFO: Searching repository for VERSION '$VERSION'" + echo "INFO: $search_command" + if [ -z "$pkg_version" ]; then + echo + echo "ERROR: '$VERSION' not found amongst $pkg_manager list results" + echo + exit 1 + fi + if version_gte "18.09"; then + # older versions don't support a cli package + search_command="$pkg_manager list --showduplicates docker-ce-cli | grep '$pkg_pattern' | tail -1 | awk '{print \$2}'" + cli_pkg_version="$($sh_c "$search_command" | cut -d':' -f 2)" + fi + # Cut out the epoch and prefix with a '-' + pkg_version="-$(echo "$pkg_version" | cut -d':' -f 2)" + fi + fi + ( + pkgs="docker-ce$pkg_version" + if version_gte "18.09"; then + # older versions didn't ship the cli and containerd as separate packages + if [ -n "$cli_pkg_version" ]; then + pkgs="$pkgs docker-ce-cli-$cli_pkg_version containerd.io" + else + pkgs="$pkgs docker-ce-cli containerd.io" + fi + fi + if version_gte "20.10"; then + pkgs="$pkgs docker-compose-plugin docker-ce-rootless-extras$pkg_version" + fi + if version_gte "23.0"; then + pkgs="$pkgs docker-buildx-plugin" + fi + if ! is_dry_run; then + set -x + fi + $sh_c "$pkg_manager install -y -q $pkgs" + ) + echo_docker_as_nonroot + exit 0 + ;; + sles) + if [ "$(uname -m)" != "s390x" ]; then + echo "Packages for SLES are currently only available for s390x" + exit 1 + fi + if [ "$dist_version" = "15.3" ]; then + sles_version="SLE_15_SP3" + else + sles_minor_version="${dist_version##*.}" + sles_version="15.$sles_minor_version" + fi + repo_file_url="$DOWNLOAD_URL/linux/$lsb_dist/$REPO_FILE" + pre_reqs="ca-certificates curl libseccomp2 awk" + ( + if ! is_dry_run; then + set -x + fi + $sh_c "zypper install -y $pre_reqs" + $sh_c "zypper addrepo $repo_file_url" + if ! is_dry_run; then + cat >&2 <<-'EOF' + WARNING!! + openSUSE repository (https://download.opensuse.org/repositories/security:SELinux) will be enabled now. + Do you wish to continue? + You may press Ctrl+C now to abort this script. + EOF + ( set -x; sleep 30 ) + fi + opensuse_repo="https://download.opensuse.org/repositories/security:SELinux/$sles_version/security:SELinux.repo" + $sh_c "zypper addrepo $opensuse_repo" + $sh_c "zypper --gpg-auto-import-keys refresh" + $sh_c "zypper lr -d" + ) + pkg_version="" + if [ -n "$VERSION" ]; then + if is_dry_run; then + echo "# WARNING: VERSION pinning is not supported in DRY_RUN" + else + pkg_pattern="$(echo "$VERSION" | sed 's/-ce-/\\\\.ce.*/g' | sed 's/-/.*/g')" + search_command="zypper search -s --match-exact 'docker-ce' | grep '$pkg_pattern' | tail -1 | awk '{print \$6}'" + pkg_version="$($sh_c "$search_command")" + echo "INFO: Searching repository for VERSION '$VERSION'" + echo "INFO: $search_command" + if [ -z "$pkg_version" ]; then + echo + echo "ERROR: '$VERSION' not found amongst zypper list results" + echo + exit 1 + fi + search_command="zypper search -s --match-exact 'docker-ce-cli' | grep '$pkg_pattern' | tail -1 | awk '{print \$6}'" + # It's okay for cli_pkg_version to be blank, since older versions don't support a cli package + cli_pkg_version="$($sh_c "$search_command")" + pkg_version="-$pkg_version" + fi + fi + ( + pkgs="docker-ce$pkg_version" + if version_gte "18.09"; then + if [ -n "$cli_pkg_version" ]; then + # older versions didn't ship the cli and containerd as separate packages + pkgs="$pkgs docker-ce-cli-$cli_pkg_version containerd.io" + else + pkgs="$pkgs docker-ce-cli containerd.io" + fi + fi + if version_gte "20.10"; then + pkgs="$pkgs docker-compose-plugin docker-ce-rootless-extras$pkg_version" + fi + if version_gte "23.0"; then + pkgs="$pkgs docker-buildx-plugin" + fi + if ! is_dry_run; then + set -x + fi + $sh_c "zypper -q install -y $pkgs" + ) + echo_docker_as_nonroot + exit 0 + ;; + *) + if [ -z "$lsb_dist" ]; then + if is_darwin; then + echo + echo "ERROR: Unsupported operating system 'macOS'" + echo "Please get Docker Desktop from https://www.docker.com/products/docker-desktop" + echo + exit 1 + fi + fi + echo + echo "ERROR: Unsupported distribution '$lsb_dist'" + echo + exit 1 + ;; + esac + exit 1 +} + +# wrapped up in a function so that we have some protection against only getting +# half the file during "curl | sh" +do_install From 1e39bcfdc65e31f43ba5212e7d82057e24068552 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 14:08:50 -0500 Subject: [PATCH 07/23] Move setup docker to the right place --- setup_docker_ci => bin/setup_docker_ci | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename setup_docker_ci => bin/setup_docker_ci (100%) mode change 100644 => 100755 diff --git a/setup_docker_ci b/bin/setup_docker_ci old mode 100644 new mode 100755 similarity index 100% rename from setup_docker_ci rename to bin/setup_docker_ci From 05874a5e1f6719edef5eb3faa063b706ff420cae Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 14:21:21 -0500 Subject: [PATCH 08/23] Scope actions cache by arch --- .github/workflows/build-test-publish.yml | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 08b9d95f..ac0deeda 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -60,7 +60,7 @@ jobs: - name: Save Docker images to the cache uses: actions/cache/save@v4 with: - key: ${{ github.run_id}}-${{ matrix.builder }} + key: ${{ github.run_id}}-${{ matrix.builder }}-${{ matrix.arch }} path: images.tar.zst test-guides: @@ -71,9 +71,11 @@ jobs: matrix: builder: ["buildpacks-20", "builder-classic-22", "builder-20", "builder-22"] language: ["go", "gradle", "java", "node-js", "php", "python", "ruby", "scala"] + arch: ["amd64"] include: - builder: builder-classic-22 language: clojure + arch: amd64 steps: - name: Checkout getting started guide uses: actions/checkout@v4 @@ -86,7 +88,7 @@ jobs: uses: actions/cache/restore@v4 with: fail-on-cache-miss: true - key: ${{ github.run_id}}-${{ matrix.builder }} + key: ${{ github.run_id}}-${{ matrix.builder }}-${{ matrix.arch }} path: images.tar.zst env: SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 @@ -117,6 +119,7 @@ jobs: matrix: builder: ["salesforce-functions"] language: ["java", "javascript", "typescript"] + arch: ["amd64"] steps: - name: Checkout uses: actions/checkout@v4 @@ -132,7 +135,7 @@ jobs: uses: actions/cache/restore@v4 with: fail-on-cache-miss: true - key: ${{ github.run_id}}-${{ matrix.builder }} + key: ${{ github.run_id}}-${{ matrix.builder }}-${{ matrix.arch }} path: images.tar.zst env: SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 @@ -163,20 +166,31 @@ jobs: include: - builder: buildpacks-20 tag_public: heroku/buildpacks:20 + arch: amd64 - builder: builder-classic-22 tag_public: heroku/builder-classic:22 + arch: amd64 - builder: builder-20 tag_public: heroku/builder:20 + arch: amd64 - builder: builder-22 tag_public: heroku/builder:22 + arch: amd64 - builder: salesforce-functions tag_private: heroku-22:builder-functions + arch: amd64 + - builder: builder-24 + tag_public: heroku/builder:24_linux-amd64 + arch: amd64 + - builder: builder-24 + tag_public: heroku/builder:24_linux-arm64 + arch: arm64 steps: - name: Restore Docker images from the cache uses: actions/cache/restore@v4 with: fail-on-cache-miss: true - key: ${{ github.run_id}}-${{ matrix.builder }} + key: ${{ github.run_id}}-${{ matrix.builder }}-${{ matrix.arch }} path: images.tar.zst env: SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 From d552ee3cbff95d2d6c4930a102644355273eb206 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 14:37:49 -0500 Subject: [PATCH 09/23] Setup docker on arm runners when publishing --- .github/workflows/build-test-publish.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index ac0deeda..d80228cc 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -158,7 +158,7 @@ jobs: publish: runs-on: ubuntu-22.04 - if: success() && github.ref == 'refs/heads/main' + if: success() && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/builder-24') needs: ["test-guides", "test-functions"] strategy: fail-fast: false @@ -186,6 +186,13 @@ jobs: tag_public: heroku/builder:24_linux-arm64 arch: arm64 steps: + - name: Setup Docker + if: ${{ matrix.arch == 'arm64' }} + run: | + bin/setup_docker_ci + sudo usermod -aG docker $USER + sudo apt-get install acl + sudo setfacl --modify user:$USER:rw /var/run/docker.sock - name: Restore Docker images from the cache uses: actions/cache/restore@v4 with: From 8570dac67a0eb4c7bbe83f9993707003e5e411a4 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 15:04:07 -0500 Subject: [PATCH 10/23] Add a new publish step for manifest lists --- .github/workflows/build-test-publish.yml | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index d80228cc..3490d05d 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -156,8 +156,8 @@ jobs: exit 1 fi - publish: - runs-on: ubuntu-22.04 + publish-image-manifests: + runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} if: success() && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/builder-24') needs: ["test-guides", "test-functions"] strategy: @@ -230,3 +230,23 @@ jobs: set -x docker tag '${{ matrix.builder }}' "${PRIVATE_IMAGE_URI}" docker push "${PRIVATE_IMAGE_URI}" + + publish-image-manifest-lists: + runs-on: ubuntu-22.04 + needs: publish-image-manifests + matrix: + include: + - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" + tag_public: "heroku/builder:24" + steps: + - name: Setup Docker + if: ${{ matrix.arch == 'arm64' }} + run: | + bin/setup_docker_ci + sudo usermod -aG docker $USER + sudo apt-get install acl + sudo setfacl --modify user:$USER:rw /var/run/docker.sock + - name: Create and push manifest lists + run: | + docker manifest create "${{ matrix.tag_public }}" ${{ matrix.manifests }} + docker manifest push "${{ matrix.tag_public }}" From 10cbc705c20cba5f14cc52c66dac130989e2fa09 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 15:29:33 -0500 Subject: [PATCH 11/23] Fix workflow syntax --- .github/workflows/build-test-publish.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 3490d05d..fd3842eb 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -234,10 +234,12 @@ jobs: publish-image-manifest-lists: runs-on: ubuntu-22.04 needs: publish-image-manifests - matrix: - include: - - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" - tag_public: "heroku/builder:24" + strategy: + fail-fast: false + matrix: + include: + - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" + tag_public: "heroku/builder:24" steps: - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} From c71c409e0b8e80685cc088e06310bd0c17871c2d Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 15:35:02 -0500 Subject: [PATCH 12/23] Don't setup docker on ubuntu-22.04 --- .github/workflows/build-test-publish.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index fd3842eb..ccb6073d 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -238,16 +238,9 @@ jobs: fail-fast: false matrix: include: - - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" - tag_public: "heroku/builder:24" + - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" + tag_public: "heroku/builder:24" steps: - - name: Setup Docker - if: ${{ matrix.arch == 'arm64' }} - run: | - bin/setup_docker_ci - sudo usermod -aG docker $USER - sudo apt-get install acl - sudo setfacl --modify user:$USER:rw /var/run/docker.sock - name: Create and push manifest lists run: | docker manifest create "${{ matrix.tag_public }}" ${{ matrix.manifests }} From 4b3b45c15147ffa399ff14d83ee1b9f2939a73e5 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 15:49:05 -0500 Subject: [PATCH 13/23] Run publish for now --- .github/workflows/build-test-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index ccb6073d..c59d09a0 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -158,7 +158,7 @@ jobs: publish-image-manifests: runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} - if: success() && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/builder-24') + if: success() # && github.ref == 'refs/heads/main' needs: ["test-guides", "test-functions"] strategy: fail-fast: false From 1ea18b2755c01c0b9ddda076bf9b583b09f0cc3c Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 16:18:15 -0500 Subject: [PATCH 14/23] Checkout code on arm64 for docker setup --- .github/workflows/build-test-publish.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index c59d09a0..0acf173e 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -186,6 +186,10 @@ jobs: tag_public: heroku/builder:24_linux-arm64 arch: arm64 steps: + # Checkout is needed for the setup_docker_ci script + - name: Checkout + uses: actions/checkout@v4 + if: ${{ matrix.arch == 'arm64' }} - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} run: | From 41e4bd82919acab5e6b27f57fc6c88244e938ed5 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 16:31:31 -0500 Subject: [PATCH 15/23] Login to dockerhub when publishing manifests --- .github/workflows/build-test-publish.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 0acf173e..35731d31 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -245,6 +245,9 @@ jobs: - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" tag_public: "heroku/builder:24" steps: + - name: Log into Docker Hub + if: matrix.tag_public != '' + run: echo '${{ secrets.DOCKER_HUB_TOKEN }}' | docker login -u '${{ secrets.DOCKER_HUB_USER }}' --password-stdin - name: Create and push manifest lists run: | docker manifest create "${{ matrix.tag_public }}" ${{ matrix.manifests }} From 4fb62a2971d350904513c91a2d91f676d8087c1e Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 17:31:11 -0500 Subject: [PATCH 16/23] Add go buildpack --- builder-24/builder.toml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/builder-24/builder.toml b/builder-24/builder.toml index 7e1287b4..f99ee10b 100644 --- a/builder-24/builder.toml +++ b/builder-24/builder.toml @@ -10,4 +10,17 @@ version = "0.19.3" [[buildpacks]] id = "heroku/procfile" - uri = "docker://docker.io/heroku/buildpack-procfile@sha256:c4dd6aa0043c326f91f921a5ceab4ea6a892a5b4042b46d3f35ac975fa6562ca" + uri = "docker://docker.io/heroku/buildpack-procfile@sha256:2de0917544af55f26631a5a9e3f812b1da6c05067abfd75dc9a87a1da7172586" + +[[buildpacks]] + id = "heroku/go" + uri = "docker://docker.io/heroku/buildpack-go@sha256:5e5d1f7507dd37dadf625fe897e3f45ee39151e8dc9755e8e1f852e30a6cc3b9" + +[[order]] + [[order.group]] + id = "heroku/go" + version = "0.2.1" + [[order.group]] + id = "heroku/procfile" + version = "3.0.1" + optional = true From b509ba548dbb5f2fe1b3a8309d0c223ec0c3ea83 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 17:34:08 -0500 Subject: [PATCH 17/23] Update buildpack version numbers --- builder-24/builder.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/builder-24/builder.toml b/builder-24/builder.toml index f99ee10b..1aeca24c 100644 --- a/builder-24/builder.toml +++ b/builder-24/builder.toml @@ -19,8 +19,8 @@ version = "0.19.3" [[order]] [[order.group]] id = "heroku/go" - version = "0.2.1" + version = "0.3.0" [[order.group]] id = "heroku/procfile" - version = "3.0.1" + version = "3.1.1" optional = true From ab45e217615dd129353cfd32425cc7a25b8db5da Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 17:55:24 -0500 Subject: [PATCH 18/23] Add tests for go on heroku-24 --- .github/workflows/build-test-publish.yml | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 35731d31..9a506013 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -64,7 +64,7 @@ jobs: path: images.tar.zst test-guides: - runs-on: ubuntu-22.04 + runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} needs: create strategy: fail-fast: false @@ -76,12 +76,25 @@ jobs: - builder: builder-classic-22 language: clojure arch: amd64 + - builder: builder-24 + language: go + arch: amd64 + - builder: builder-24 + language: go + arch: arm64 steps: - name: Checkout getting started guide uses: actions/checkout@v4 with: ref: main repository: heroku/${{ matrix.language }}-getting-started.git + - name: Setup Docker + if: ${{ matrix.arch == 'arm64' }} + run: | + bin/setup_docker_ci + sudo usermod -aG docker $USER + sudo apt-get install acl + sudo setfacl --modify user:$USER:rw /var/run/docker.sock - name: Install Pack CLI uses: buildpacks/github-actions/setup-pack@v5.6.0 - name: Restore Docker images from the cache From 33159723e77a0a465b3869b205eb2fce2760fd6a Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Thu, 2 May 2024 18:00:43 -0500 Subject: [PATCH 19/23] Checkout repo if on arm (to install docker script) --- .github/workflows/build-test-publish.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 9a506013..967e4d35 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -83,11 +83,10 @@ jobs: language: go arch: arm64 steps: - - name: Checkout getting started guide + # Checkout is needed for the setup_docker_ci script + - name: Checkout uses: actions/checkout@v4 - with: - ref: main - repository: heroku/${{ matrix.language }}-getting-started.git + if: ${{ matrix.arch == 'arm64' }} - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} run: | @@ -95,6 +94,11 @@ jobs: sudo usermod -aG docker $USER sudo apt-get install acl sudo setfacl --modify user:$USER:rw /var/run/docker.sock + - name: Checkout getting started guide + uses: actions/checkout@v4 + with: + ref: main + repository: heroku/${{ matrix.language }}-getting-started.git - name: Install Pack CLI uses: buildpacks/github-actions/setup-pack@v5.6.0 - name: Restore Docker images from the cache From f70affdcd396beff2d14dfc94b25dffd89253b74 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Fri, 3 May 2024 09:50:30 -0500 Subject: [PATCH 20/23] Job cleanup and comments --- .github/workflows/build-test-publish.yml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index 967e4d35..a398b085 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -33,6 +33,7 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + # Docker is not installed on GHA arm runners - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} run: | @@ -83,10 +84,11 @@ jobs: language: go arch: arm64 steps: - # Checkout is needed for the setup_docker_ci script + # Checkout is needed only for the setup_docker_ci script - name: Checkout uses: actions/checkout@v4 if: ${{ matrix.arch == 'arm64' }} + # Docker is not installed on GHA arm runners - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} run: | @@ -136,7 +138,6 @@ jobs: matrix: builder: ["salesforce-functions"] language: ["java", "javascript", "typescript"] - arch: ["amd64"] steps: - name: Checkout uses: actions/checkout@v4 @@ -152,7 +153,7 @@ jobs: uses: actions/cache/restore@v4 with: fail-on-cache-miss: true - key: ${{ github.run_id}}-${{ matrix.builder }}-${{ matrix.arch }} + key: ${{ github.run_id}}-${{ matrix.builder }}-amd64 path: images.tar.zst env: SEGMENT_DOWNLOAD_TIMEOUT_MINS: 1 @@ -173,7 +174,7 @@ jobs: exit 1 fi - publish-image-manifests: + publish-images: runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} if: success() # && github.ref == 'refs/heads/main' needs: ["test-guides", "test-functions"] @@ -203,10 +204,11 @@ jobs: tag_public: heroku/builder:24_linux-arm64 arch: arm64 steps: - # Checkout is needed for the setup_docker_ci script + # Checkout is needed only for the setup_docker_ci script - name: Checkout uses: actions/checkout@v4 if: ${{ matrix.arch == 'arm64' }} + # Docker is not installed on GHA arm runners - name: Setup Docker if: ${{ matrix.arch == 'arm64' }} run: | @@ -252,9 +254,9 @@ jobs: docker tag '${{ matrix.builder }}' "${PRIVATE_IMAGE_URI}" docker push "${PRIVATE_IMAGE_URI}" - publish-image-manifest-lists: + publish-indices: runs-on: ubuntu-22.04 - needs: publish-image-manifests + needs: publish-images strategy: fail-fast: false matrix: @@ -262,7 +264,7 @@ jobs: - manifests: "heroku/builder:24_linux-amd64 heroku/builder:24_linux-arm64" tag_public: "heroku/builder:24" steps: - - name: Log into Docker Hub + - name: Log in to Docker Hub if: matrix.tag_public != '' run: echo '${{ secrets.DOCKER_HUB_TOKEN }}' | docker login -u '${{ secrets.DOCKER_HUB_USER }}' --password-stdin - name: Create and push manifest lists From a227a2076db38c55cb71e49fbc7f000d054a0d65 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Fri, 3 May 2024 10:04:18 -0500 Subject: [PATCH 21/23] Add readme entry for heroku-24 --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 1ef0dc59..5e5c6711 100644 --- a/README.md +++ b/README.md @@ -20,13 +20,14 @@ For more information, see: [What is a builder?](https://buildpacks.io/docs/for-p > since they use classic Heroku buildpacks shimmed for compatibility with the CNB specification, > rather than Heroku's next-generation Cloud Native Buildpacks. -| Builder Image | Base Build Image | Base Run Image | Lifecycle Version | Buildpack Types | Status | -|-----------------------------------------------------|---------------------------------------------|---------------------------------------|-------------------|------------------|-------------| -| [`heroku/buildpacks:18`][buildpacks-tags] | [`heroku/heroku:18-cnb-build`][heroku-tags] | [`heroku/heroku:18-cnb`][heroku-tags] | 0.16.1 | Shimmed + Native | End-of-life | -| [`heroku/buildpacks:20`][buildpacks-tags] | [`heroku/heroku:20-cnb-build`][heroku-tags] | [`heroku/heroku:20-cnb`][heroku-tags] | 0.17.6 | Shimmed + Native | End-of-life | -| [`heroku/builder-classic:22`][builder-classic-tags] | [`heroku/heroku:22-cnb-build`][heroku-tags] | [`heroku/heroku:22-cnb`][heroku-tags] | 0.17.6 | Shimmed | End-of-life | -| [`heroku/builder:20`][builder-tags] | [`heroku/heroku:20-cnb-build`][heroku-tags] | [`heroku/heroku:20-cnb`][heroku-tags] | 0.19.3 | Native | Available | -| [`heroku/builder:22`][builder-tags] | [`heroku/heroku:22-cnb-build`][heroku-tags] | [`heroku/heroku:22-cnb`][heroku-tags] | 0.19.3 | Native | Recommended | +| Builder Image | Base Build Image | Base Run Image | Lifecycle Version | Buildpack Types | Status | +|-----------------------------------------------------|---------------------------------------------|---------------------------------------|-------------------|------------------|----------------| +| [`heroku/buildpacks:18`][buildpacks-tags] | [`heroku/heroku:18-cnb-build`][heroku-tags] | [`heroku/heroku:18-cnb`][heroku-tags] | 0.16.1 | Shimmed + Native | End-of-life | +| [`heroku/buildpacks:20`][buildpacks-tags] | [`heroku/heroku:20-cnb-build`][heroku-tags] | [`heroku/heroku:20-cnb`][heroku-tags] | 0.17.6 | Shimmed + Native | End-of-life | +| [`heroku/builder-classic:22`][builder-classic-tags] | [`heroku/heroku:22-cnb-build`][heroku-tags] | [`heroku/heroku:22-cnb`][heroku-tags] | 0.17.6 | Shimmed | End-of-life | +| [`heroku/builder:20`][builder-tags] | [`heroku/heroku:20-cnb-build`][heroku-tags] | [`heroku/heroku:20-cnb`][heroku-tags] | 0.19.3 | Native | Available | +| [`heroku/builder:22`][builder-tags] | [`heroku/heroku:22-cnb-build`][heroku-tags] | [`heroku/heroku:22-cnb`][heroku-tags] | 0.19.3 | Native | Recommended | +| [`heroku/builder:24`][builder-tags] | [`heroku/heroku:24-build`][heroku-tags] | [`heroku/heroku:24`][heroku-tags] | 0.19.3 | Native | In Development | The builder images above include buildpack support for the following languages: Go, Java, Node.js, PHP, Python, Ruby & Scala. The `heroku/builder-classic:22` builder image variant additionally supports Clojure. From 679588e335432cc92e626b3d3c84bd420832cbd2 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Fri, 3 May 2024 10:07:05 -0500 Subject: [PATCH 22/23] Simplify if expressions --- .github/workflows/build-test-publish.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index a398b085..adaf3e3b 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -35,7 +35,7 @@ jobs: uses: actions/checkout@v4 # Docker is not installed on GHA arm runners - name: Setup Docker - if: ${{ matrix.arch == 'arm64' }} + if: matrix.arch == 'arm64' run: | bin/setup_docker_ci sudo usermod -aG docker $USER @@ -87,10 +87,10 @@ jobs: # Checkout is needed only for the setup_docker_ci script - name: Checkout uses: actions/checkout@v4 - if: ${{ matrix.arch == 'arm64' }} + if: matrix.arch == 'arm64' # Docker is not installed on GHA arm runners - name: Setup Docker - if: ${{ matrix.arch == 'arm64' }} + if: matrix.arch == 'arm64' run: | bin/setup_docker_ci sudo usermod -aG docker $USER @@ -207,10 +207,10 @@ jobs: # Checkout is needed only for the setup_docker_ci script - name: Checkout uses: actions/checkout@v4 - if: ${{ matrix.arch == 'arm64' }} + if: matrix.arch == 'arm64' # Docker is not installed on GHA arm runners - name: Setup Docker - if: ${{ matrix.arch == 'arm64' }} + if: matrix.arch == 'arm64' run: | bin/setup_docker_ci sudo usermod -aG docker $USER From 1d09f898a4023b60b27ec32310d5ef00bd8d5290 Mon Sep 17 00:00:00 2001 From: Josh W Lewis Date: Fri, 3 May 2024 10:15:09 -0500 Subject: [PATCH 23/23] Disable publish on branches again --- .github/workflows/build-test-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-publish.yml b/.github/workflows/build-test-publish.yml index adaf3e3b..8f96a6a4 100644 --- a/.github/workflows/build-test-publish.yml +++ b/.github/workflows/build-test-publish.yml @@ -176,7 +176,7 @@ jobs: publish-images: runs-on: ${{ matrix.arch == 'arm64' && 'pub-hk-ubuntu-22.04-arm-large' || 'ubuntu-22.04' }} - if: success() # && github.ref == 'refs/heads/main' + if: success() && github.ref == 'refs/heads/main' needs: ["test-guides", "test-functions"] strategy: fail-fast: false