Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build multiarch protobuf Docker images #73

Closed
wants to merge 2 commits into from
Closed

Build multiarch protobuf Docker images #73

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
307734b
Build multiarch protobuf Docker images
yvrhdn Oct 8, 2021
89c92f8
Use secrets.DOCKER_PASSWORD
yvrhdn Oct 11, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 29 additions & 13 deletions .github/workflows/protobuf-dockerimage.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,21 +14,37 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Build the Docker image
run: docker build protobuf/. -t build-protobuf
- name: Push the Docker image
if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')
- uses: actions/checkout@v2

- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Determine tag
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might be able to replace this with docker/metadata-action. Basic seems to do what we want here: https://github.com/docker/metadata-action#basic

run: |
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_USERNAME }}" --password-stdin
function tag_and_push {
docker tag build-protobuf "otel/build-protobuf:${1}" && docker push "otel/build-protobuf:${1}"
function set_tag {
echo "DOCKER_TAG=${1}" >> $GITHUB_ENV
}
if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
tag_and_push "latest"
set_tag "latest"
elif [[ "${GITHUB_REF}" =~ refs/tags/v[0-9]+\.[0-9]+\.[0-9]+ ]]; then
TAG="${GITHUB_REF#"refs/tags/v"}"
tag_and_push "${TAG}"
set_tag "${GITHUB_REF#"refs/tags/v"}"
else
tag_and_push "${GITHUB_REF#"refs/tags/"}"
fi
set_tag "${GITHUB_REF#"refs/tags/"}"
fi

- name: Build and push the Docker image
uses: docker/build-push-action@v2
with:
builder: ${{ steps.buildx.outputs.name }}
context: ./protobuf/
platforms: linux/amd64,linux/arm64
push: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/') }}
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will always build the multiarch images, but only push if we are on main or building from a tag. Since this action only runs from main or a tag, this isn't necessary I think? Anyway, I copied the original logic for now.

tags: otel/build-protobuf:${{ env.DOCKER_TAG }}
12 changes: 7 additions & 5 deletions protobuf/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ ARG PROTOC_GEN_GO_GRPC_VERSION=1.36.0
ARG GRPC_JAVA_VERSION=1.36.0
# v1.3.2, using the version directly does not work: "tar: invalid magic"
ARG PROTOC_GEN_GOGO_VERSION=b03c65ea87cdc3521ede29f62fe3ce239267c1bc
ARG PROTOC_GEN_LINT_VERSION=0.2.1
ARG PROTOC_GEN_LINT_VERSION=0.2.4
ARG GRPC_GATEWAY_VERSION=1.16.0
ARG UPX_VERSION=3.96

Expand Down Expand Up @@ -102,12 +102,13 @@ RUN mkdir -p ${GOPATH}/src/github.com/gogo/protobuf && \
install -D ./gogoproto/gogo.proto /out/usr/include/github.com/gogo/protobuf/gogoproto/gogo.proto

ARG PROTOC_GEN_LINT_VERSION
ARG TARGETARCH
RUN cd / && \
curl -sSLO https://github.com/ckaznocha/protoc-gen-lint/releases/download/v${PROTOC_GEN_LINT_VERSION}/protoc-gen-lint_linux_amd64.zip && \
curl -sSLO https://github.com/ckaznocha/protoc-gen-lint/releases/download/v${PROTOC_GEN_LINT_VERSION}/protoc-gen-lint_linux_${TARGETARCH}.zip && \
mkdir -p /protoc-gen-lint-out && \
cd /protoc-gen-lint-out && \
unzip -q /protoc-gen-lint_linux_amd64.zip && \
install -Ds /protoc-gen-lint-out/protoc-gen-lint /out/usr/bin/protoc-gen-lint
unzip -q /protoc-gen-lint_linux_${TARGETARCH}.zip && \
install -D /protoc-gen-lint-out/protoc-gen-lint /out/usr/bin/protoc-gen-lint
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary to remove the -s flag?


ARG GRPC_GATEWAY_VERSION
RUN mkdir -p ${GOPATH}/src/github.com/grpc-ecosystem/grpc-gateway && \
Expand All @@ -129,7 +130,8 @@ FROM alpine:${ALPINE_VERSION} as packer
RUN apk add --no-cache curl

ARG UPX_VERSION
RUN mkdir -p /upx && curl -sSL https://github.com/upx/upx/releases/download/v${UPX_VERSION}/upx-${UPX_VERSION}-amd64_linux.tar.xz | tar xJ --strip 1 -C /upx && \
ARG TARGETARCH
RUN mkdir -p /upx && curl -sSL https://github.com/upx/upx/releases/download/v${UPX_VERSION}/upx-${UPX_VERSION}-${TARGETARCH}_linux.tar.xz | tar xJ --strip 1 -C /upx && \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are only building linux/amd64,linux/arm64, so, it should be fine, but I had problems before with binaries for macOS after going through upx. Do you know how big the image is before and after upx? Perhaps it's not worth the risk?

install -D /upx/upx /usr/local/bin/upx

# Use all output including headers and protoc from protoc_builder
Expand Down