Skip to content

Commit

Permalink
Introduce multi-arch container image build (#2)
Browse files Browse the repository at this point in the history
  • Loading branch information
@doganulus
doganulus authored Feb 3, 2025
1 parent c6fb02e commit 7a41edd
Show file tree
Hide file tree
Showing 12 changed files with 467 additions and 82 deletions.
4 changes: 3 additions & 1 deletion .devcontainer/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,4 @@
FROM ${ESMINI_IMAGE_NAME}:${ESMINI_VERSION}-builder AS esmini-devel
ARG ESMINI_IMAGE_NAME=ghcr.io/bounverif/esmini
ARG ESMINI_VERSION=latest
FROM ${ESMINI_IMAGE_NAME}:${ESMINI_VERSION}-devel AS devcontainer
ARG TARGETARCH TARGETOS TARGETPLATFORM TARGETVARIANT
2 changes: 1 addition & 1 deletion .devcontainer/devcontainer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"ESMINI_IMAGE_NAME": "ghcr.io/bounverif/esmini",
"ESMINI_VERSION": "latest"
},
"target": "esmini-devel"
"target": "devcontainer"
},
"remoteUser": "ubuntu"
}
170 changes: 143 additions & 27 deletions .github/workflows/buildah-build-builder.yml
View file
Original file line number Diff line number Diff line change
@@ -1,50 +1,73 @@
name: buildah-build-builder
on:
workflow_dispatch:
schedule:
- cron: "19 19 * * 0" # 19:19 UTC every Sunday
push:
paths:
- .github/workflows/buildah-build-builder.yml # Self-trigger
- containers/esmini-builder/Dockerfile

workflow_dispatch:
inputs:
esmini_version:
description: ESMINI_VERSION
type: string
required: true
default: latest

env:
REGISTRY: ghcr.io/bounverif
IMAGE_NAME: esmini
PODMAN_ARCH: amd64
PLATFORM: linux-amd64
ESMINI_VERSION: latest
CONTAINERS_ROOT: /home/runner/.local/share/containers
TMPDIR: /home/runner/.local/share/containers/tmp
ESMINI_LATEST_VERSION: latest
# CONTAINERS_ROOT: /home/runner/.local/share/containers
# TMPDIR: /home/runner/.local/share/containers/tmp

permissions:
contents: read
packages: write

jobs:
buildah-build-builder:
runs-on: ubuntu-24.04
buildah-build:
name: Build container images
strategy:
fail-fast: false
matrix:
os: [ubuntu-24.04, ubuntu-24.04-arm]
runs-on: ${{ matrix.os }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}
cancel-in-progress: true

steps:
- name: Maximize build space
uses: easimon/maximize-build-space@v10
with:
root-reserve-mb: 2048 # Reserve disk space for repository
remove-dotnet: "true"
remove-android: "true"
remove-haskell: "true"
remove-codeql: "true"
remove-docker-images: "true"
build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build
- name: Install container tools
run: sudo apt-get install podman buildah jq

- run: mkdir -p $TMPDIR
# - name: Maximize build space
# uses: easimon/maximize-build-space@v10
# with:
# root-reserve-mb: 2048 # Reserve disk space for repository
# remove-dotnet: "true"
# remove-android: "true"
# remove-haskell: "true"
# remove-codeql: "true"
# remove-docker-images: "true"
# build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build
# - run: mkdir -p $TMPDIR

- name: Prepare environment variables
run: |
echo "PODMAN_ARCH=$(podman info --format='{{.Host.Arch}}')" >> $GITHUB_ENV
echo "PLATFORM=$(podman info --format='{{.Version.OsArch}}' | sed 's/\//-/g')" >> $GITHUB_ENV
if [ "${{ env.ESMINI_VERSION }}" == "latest" ]; then
echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
fi
echo "ESMINI_LATEST_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4

- name: Set current date as the version
run: echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV

- name: Log in to the GitHub Container registry
uses: redhat-actions/podman-login@v1
with:
Expand All @@ -56,25 +79,118 @@ jobs:
id: build-builder
uses: redhat-actions/buildah-build@v2
with:
platforms: linux/amd64
context: ./containers
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.ESMINI_VERSION }}-builder latest-builder
image: esmini
tags: |
${{ env.ESMINI_VERSION }}-builder
${{ env.ESMINI_VERSION }}-builder-${{ env.PODMAN_ARCH }}
layers: true
oci: true
build-args: |
ESMINI_IMAGE_NAME=${{env.REGISTRY}}}/${{ env.IMAGE_NAME }}
ESMINI_VERSION=${{ env.ESMINI_VERSION }}
extra-args: |
--target esmini-builder
containerfiles: |
./containers/esmini-builder/Dockerfile
- name: Build devel container image
id: build-devel
uses: redhat-actions/buildah-build@v2
with:
context: ./containers
image: esmini
tags: ${{ env.ESMINI_VERSION }}-devel ${{ env.ESMINI_VERSION }}-devel-${{ env.PODMAN_ARCH }}
layers: true
oci: true
build-args: |
ESMINI_VERSION=${{ env.ESMINI_VERSION }}
extra-args: |
--target esmini-devel
containerfiles: |
./containers/esmini-builder/Dockerfile
- name: Push to GitHub Container Repository
if: github.ref == 'refs/heads/main'
id: push-builder-ghcr
uses: redhat-actions/push-to-registry@v2
with:
registry: ${{ env.REGISTRY }}
image: ${{ steps.build-builder.outputs.image }}
tags: ${{ steps.build-builder.outputs.tags }}
tags: ${{ env.ESMINI_VERSION }}-builder-${{ env.PODMAN_ARCH }}
digestfile: ${{ runner.temp }}/digest-esmini-builder-${{ env.ESMINI_VERSION }}-${{ env.PLATFORM }}

- name: Push to GitHub Container Repository
if: github.ref == 'refs/heads/main'
id: push-devel-ghcr
uses: redhat-actions/push-to-registry@v2
with:
registry: ${{ env.REGISTRY }}
image: ${{ steps.build-devel.outputs.image }}
tags: ${{ env.ESMINI_VERSION }}-devel-${{ env.PODMAN_ARCH }}
digestfile: ${{ runner.temp }}/digest-esmini-devel-${{ env.ESMINI_VERSION }}-${{ env.PLATFORM }}

- name: Upload digests
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v4
with:
name: digest-esmini-${{ env.ESMINI_VERSION }}-${{ env.PLATFORM }}
path: ${{ runner.temp }}/digest-*
if-no-files-found: error
retention-days: 1
compression-level: 0 # no compression

buildah-merge:
name: Merge container images
runs-on: ubuntu-24.04
needs: buildah-build
if: github.ref == 'refs/heads/main' && always()
steps:
# - run: mkdir -p $TMPDIR
- name: Download digests
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/digests
pattern: digest-*
merge-multiple: true

- name: Log in to the GitHub Container registry
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Prepare environment variables
run: |
if [ "${{ env.ESMINI_VERSION }}" == "latest" ]; then
echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
fi
echo "ESMINI_LATEST_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
- name: Create and push manifest list for esmini-builder
run: |
MANIFEST=esmini-builder
FULL_IMAGE_NAME=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
buildah manifest create $MANIFEST
for digest in ${{ runner.temp }}/digests/digest-esmini-builder-*; do
echo "Adding $(cat $digest)"
buildah manifest add $MANIFEST $FULL_IMAGE_NAME@$(cat $digest)
done
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:${{ env.ESMINI_VERSION }}-builder
if [ "${{ env.ESMINI_VERSION }}" == "${{ env.ESMINI_LATEST_VERSION }}" ]; then
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest-builder
fi
- name: Create and push manifest list for esmini-devel
run: |
MANIFEST=esmini-devel
FULL_IMAGE_NAME=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
buildah manifest create $MANIFEST
for digest in ${{ runner.temp }}/digests/digest-esmini-devel-*; do
echo "Adding $(cat $digest)"
buildah manifest add $MANIFEST $FULL_IMAGE_NAME@$(cat $digest)
done
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:${{ env.ESMINI_VERSION }}-devel
if [ "${{ env.ESMINI_VERSION }}" == "${{ env.ESMINI_LATEST_VERSION }}" ]; then
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest-devel
fi
118 changes: 94 additions & 24 deletions .github/workflows/buildah-build-runtime.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,40 +11,57 @@ on:
env:
REGISTRY: ghcr.io/bounverif
IMAGE_NAME: esmini
PODMAN_ARCH: amd64
PLATFORM: linux-amd64
ESMINI_VERSION: latest
CONTAINERS_ROOT: /home/runner/.local/share/containers
TMPDIR: /home/runner/.local/share/containers/tmp
ESMINI_LATEST_VERSION: latest
# CONTAINERS_ROOT: /home/runner/.local/share/containers
# TMPDIR: /home/runner/.local/share/containers/tmp

permissions:
contents: read
packages: write

jobs:
buildah-build-runtime:
runs-on: ubuntu-24.04
buildah-build:
name: Build container images
strategy:
fail-fast: false
matrix:
os: [ubuntu-24.04, ubuntu-24.04-arm]
runs-on: ${{ matrix.os }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}
cancel-in-progress: true

steps:
- name: Maximize build space
uses: easimon/maximize-build-space@v10
with:
root-reserve-mb: 2048 # Reserve disk space for repository
remove-dotnet: "true"
remove-android: "true"
remove-haskell: "true"
remove-codeql: "true"
remove-docker-images: "true"
build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build
- name: Install container tools
run: sudo apt-get install podman buildah jq

- run: mkdir -p $TMPDIR
# - name: Maximize build space
# uses: easimon/maximize-build-space@v10
# with:
# root-reserve-mb: 2048 # Reserve disk space for repository
# remove-dotnet: "true"
# remove-android: "true"
# remove-haskell: "true"
# remove-codeql: "true"
# remove-docker-images: "true"
# build-mount-path: ${{ env.CONTAINERS_ROOT }} # The remaining space only for container build
# - run: mkdir -p $TMPDIR

- name: Prepare environment variables
run: |
echo "PODMAN_ARCH=$(podman info --format='{{.Host.Arch}}')" >> $GITHUB_ENV
echo "PLATFORM=$(podman info --format='{{.Version.OsArch}}' | sed 's/\//-/g')" >> $GITHUB_ENV
if [ "${{ env.ESMINI_VERSION }}" == "latest" ]; then
echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
fi
echo "ESMINI_LATEST_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4

- name: Set current date as the version
run: echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV

- name: Log in to the GitHub Container registry
uses: redhat-actions/podman-login@v1
with:
Expand All @@ -56,10 +73,9 @@ jobs:
id: build-runtime
uses: redhat-actions/buildah-build@v2
with:
platforms: linux/amd64
context: ./containers
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.ESMINI_VERSION }}-runtime latest-runtime latest
tags: ${{ env.ESMINI_VERSION }}-runtime ${{ env.ESMINI_VERSION }}-runtime-${{ env.PODMAN_ARCH }} ${{ env.ESMINI_VERSION }}-${{ env.PODMAN_ARCH }}
layers: true
oci: true
build-args: |
Expand All @@ -71,10 +87,64 @@ jobs:
./containers/esmini-runtime/Dockerfile
- name: Push to GitHub Container Repository
if: github.ref == 'refs/heads/main'
if: github.ref == 'refs/heads/multiarch-image'
id: push-runtime-ghcr
uses: redhat-actions/push-to-registry@v2
with:
registry: ${{ env.REGISTRY }}
image: ${{ steps.build-runtime.outputs.image }}
tags: ${{ steps.build-runtime.outputs.tags }}
tags: ${{ env.ESMINI_VERSION }}-runtime-${{ env.PODMAN_ARCH }} ${{ env.ESMINI_VERSION }}-${{ env.PODMAN_ARCH }}
digestfile: ${{ runner.temp }}/digest-esmini-runtime-${{ env.PLATFORM }}

- name: Upload digests
if: github.ref == 'refs/heads/multiarch-image'
uses: actions/upload-artifact@v4
with:
name: digest-esmini-${{ env.ESMINI_VERSION }}-${{ env.PLATFORM }}
path: ${{ runner.temp }}/digest-*
if-no-files-found: error
retention-days: 1
compression-level: 0 # no compression

buildah-merge:
name: Merge container images
runs-on: ubuntu-24.04
needs: buildah-build
if: github.ref == 'refs/heads/multiarch-image' && always()
steps:
# - run: mkdir -p $TMPDIR
- name: Download digests
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/digests
pattern: digest-*
merge-multiple: true

- name: Log in to the GitHub Container registry
uses: redhat-actions/podman-login@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Prepare environment variables
run: |
if [ "${{ env.ESMINI_VERSION }}" == "latest" ]; then
echo "ESMINI_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
fi
echo "ESMINI_LATEST_VERSION=$(curl -sL "https://api.github.com/repos/esmini/esmini/releases/latest" | jq -r '.tag_name')" >> $GITHUB_ENV
- name: Create and push manifest list for esmini-builder
run: |
MANIFEST=esmini-runtime
FULL_IMAGE_NAME=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
buildah manifest create $MANIFEST
for digest in ${{ runner.temp }}/digests/digest-esmini-runtime-*; do
echo "Adding $(cat $digest)"
buildah manifest add $MANIFEST $FULL_IMAGE_NAME@$(cat $digest)
done
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:${{ env.ESMINI_VERSION }}-runtime
if [ "${{ env.ESMINI_VERSION }}" == "${{ env.ESMINI_LATEST_VERSION }}" ]; then
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest-runtime
buildah manifest push --all $MANIFEST docker://$FULL_IMAGE_NAME:latest
fi
Loading

0 comments on commit 7a41edd

Please sign in to comment.