neil/silverbullet
1
0
Fork 0
Code

Feature: Docker multiarch image (amd64 & arm64) dynamic tags and ghcr repositoy (#400)

Browse Source 
* Enabled multiarch build with buildx, qemu and also enabled ghcr, improved tagging

- Enabled multiarch build with buildx, qemu and also enabled ghcr
- Improved image tagging
- Getting rid unknown/unknonw architecture in ghcr
    - https://github.com/docker/build-push-action
    - https://docs.docker.com/build/attestations/slsa-provenance/
    - https://github.com/docker/build-push-action/issues/820

* Switched to lukechannings/deno docke rimage as proposed in #136

- silverbulletmd/silverbullet/issues/136

(cherry picked from commit 176b70f5481dbbef9744818662f47617903de209)

* Added tini, condensed Dockerfile Run to one step, cleaning up image

- tini is missing in new base image, so I added it manually, as
  documented in https://github.com/krallin/tini

(cherry picked from commit 4d549b8f5b45bcc9ea04a0e7a4fdc3c82cdd7f5c)

* Using TARGETARCH for downloading tini

(cherry picked from commit 23a6019da00115b34c3bd09eb0c733172edcebbc)
This commit is contained in:
me|kor 2023-05-09 15:31:40 +02:00 committed by GitHub
parent f57f4d1342
commit c8d0b2df14
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 78 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
.github/workflows/docker.yml vendored
View File

@ -2,9 +2,17 @@ name: Docker
on: on:
push: push:
branches:
- "main"
tags: tags:
- '*' - "**"
env:
DENO_VERSION: v1.32.5
# Docker & Registries
ARCHITECTURES: linux/amd64,linux/arm64
IMAGE_NAME: silverbullet
NAMESPACE_GITHUB: silverbulletmd
NAMESPACE_DOCKER: zefhemel
jobs: jobs:
docker-build-push: docker-build-push:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -13,10 +21,20 @@ jobs:
- name: Setup repo - name: Setup repo
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Set up QEMU for multi-arch builds with buildx
uses: docker/setup-qemu-action@v2
with:
platforms: ${{ env.ARCHITECTURES }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
platforms: ${{ env.ARCHITECTURES }}
- name: Setup Deno - name: Setup Deno
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231 uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
with: with:
deno-version: v1.32.5 deno-version: ${{ env.DENO_VERSION }}
- name: Run bundle build - name: Run bundle build
run: | run: |
@ -29,11 +47,42 @@ jobs:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push - name: Log in to the ghcr Container registry
uses: docker/build-push-action@v3 uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
#
# MetaData Extract Docu: <https://github.com/docker/metadata-action>
#
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4.4.0
with:
images: |
# Set the different image names(paces) for docker-hub & ghcr
${{ env.NAMESPACE_DOCKER }}/${{ env.IMAGE_NAME }}
ghcr.io/${{ env.NAMESPACE_GITHUB }}/${{ env.IMAGE_NAME }}
tags: |
# <https://github.com/docker/metadata-action#typeref>
# minimal (short sha), enable f desired
# type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=short
# set latest tag for default branch
type=raw,value=latest,enable={{is_default_branch}}
#
# tag w/ full tag part of git tag: <https://github.com/docker/metadata-action#typesemver>
# only present for `on.push.tags` !
type=semver,pattern={{raw}},enable=true
# type=edge,branch=develop # usually this would be the develop branch
- name: Build and push Docker images
uses: docker/build-push-action@v4.0.0
with: with:
context: . context: .
platforms: ${{ env.ARCHITECTURES }}
push: true push: true
tags: | # Disable to get rid of unknown architecture in ghcr
zefhemel/silverbullet:latest provenance: false
zefhemel/silverbullet:${{ github.ref_name }} tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

24
Dockerfile
View File

@ -1,5 +1,4 @@
FROM denoland/deno:alpine-1.33.2 FROM lukechannings/deno:v1.33.2
# The volume that will keep the space data # The volume that will keep the space data
# Create a volume first: # Create a volume first:
# docker volume create myspace # docker volume create myspace
@ -7,12 +6,29 @@ FROM denoland/deno:alpine-1.33.2
# docker run -v myspace:/space -it zefhemel/silverbullet # docker run -v myspace:/space -it zefhemel/silverbullet
VOLUME /space VOLUME /space
# Accept TARGETARCH as argument
ARG TARGETARCH
# Adding tini manually, as it's not included anymore in the new baseimage
ENV TINI_VERSION v0.19.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
# Copy the bundled version of silverbullet into the container # Copy the bundled version of silverbullet into the container
ADD ./dist/silverbullet.js /silverbullet.js ADD ./dist/silverbullet.js /silverbullet.js
# Make sure the deno user has access to the space volume # Make sure the deno user has access to the space volume
RUN mkdir -p /space RUN mkdir -p /space \
RUN chown -R deno:deno /space && chown -R deno:deno /space \
&& chmod +x /tini \
&& echo "**** cleanup ****" \
&& apt-get -y autoremove \
&& apt-get clean \
&& rm -rf \
/tmp/* \
/var/lib/apt/lists/* \
/var/tmp/* \
/var/log/* \
/usr/share/man
# deno user id is 1000 in alpine image # deno user id is 1000 in alpine image
USER deno USER deno