Feature: Docker multiarch image (amd64 & arm64) dynamic tags and ghcr repositoy (#400)
* Enabled multiarch build with buildx, qemu and also enabled ghcr, improved tagging - Enabled multiarch build with buildx, qemu and also enabled ghcr - Improved image tagging - Getting rid unknown/unknonw architecture in ghcr - https://github.com/docker/build-push-action - https://docs.docker.com/build/attestations/slsa-provenance/ - https://github.com/docker/build-push-action/issues/820 * Switched to lukechannings/deno docke rimage as proposed in #136 - silverbulletmd/silverbullet/issues/136 (cherry picked from commit 176b70f5481dbbef9744818662f47617903de209) * Added tini, condensed Dockerfile Run to one step, cleaning up image - tini is missing in new base image, so I added it manually, as documented in https://github.com/krallin/tini (cherry picked from commit 4d549b8f5b45bcc9ea04a0e7a4fdc3c82cdd7f5c) * Using TARGETARCH for downloading tini (cherry picked from commit 23a6019da00115b34c3bd09eb0c733172edcebbc)pull/401/head
parent
f57f4d1342
commit
c8d0b2df14
|
@ -2,9 +2,17 @@ name: Docker
|
|||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
tags:
|
||||
- '*'
|
||||
|
||||
- "**"
|
||||
env:
|
||||
DENO_VERSION: v1.32.5
|
||||
# Docker & Registries
|
||||
ARCHITECTURES: linux/amd64,linux/arm64
|
||||
IMAGE_NAME: silverbullet
|
||||
NAMESPACE_GITHUB: silverbulletmd
|
||||
NAMESPACE_DOCKER: zefhemel
|
||||
jobs:
|
||||
docker-build-push:
|
||||
runs-on: ubuntu-latest
|
||||
|
@ -13,10 +21,20 @@ jobs:
|
|||
- name: Setup repo
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU for multi-arch builds with buildx
|
||||
uses: docker/setup-qemu-action@v2
|
||||
with:
|
||||
platforms: ${{ env.ARCHITECTURES }}
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
with:
|
||||
platforms: ${{ env.ARCHITECTURES }}
|
||||
|
||||
- name: Setup Deno
|
||||
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
|
||||
with:
|
||||
deno-version: v1.32.5
|
||||
deno-version: ${{ env.DENO_VERSION }}
|
||||
|
||||
- name: Run bundle build
|
||||
run: |
|
||||
|
@ -29,11 +47,42 @@ jobs:
|
|||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
|
||||
- name: Build and push
|
||||
uses: docker/build-push-action@v3
|
||||
- name: Log in to the ghcr Container registry
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.actor }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
#
|
||||
# MetaData Extract Docu: <https://github.com/docker/metadata-action>
|
||||
#
|
||||
- name: Extract metadata (tags, labels) for Docker
|
||||
id: meta
|
||||
uses: docker/metadata-action@v4.4.0
|
||||
with:
|
||||
images: |
|
||||
# Set the different image names(paces) for docker-hub & ghcr
|
||||
${{ env.NAMESPACE_DOCKER }}/${{ env.IMAGE_NAME }}
|
||||
ghcr.io/${{ env.NAMESPACE_GITHUB }}/${{ env.IMAGE_NAME }}
|
||||
tags: |
|
||||
# <https://github.com/docker/metadata-action#typeref>
|
||||
# minimal (short sha), enable f desired
|
||||
# type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=short
|
||||
# set latest tag for default branch
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
#
|
||||
# tag w/ full tag part of git tag: <https://github.com/docker/metadata-action#typesemver>
|
||||
# only present for `on.push.tags` !
|
||||
type=semver,pattern={{raw}},enable=true
|
||||
# type=edge,branch=develop # usually this would be the develop branch
|
||||
|
||||
- name: Build and push Docker images
|
||||
uses: docker/build-push-action@v4.0.0
|
||||
with:
|
||||
context: .
|
||||
platforms: ${{ env.ARCHITECTURES }}
|
||||
push: true
|
||||
tags: |
|
||||
zefhemel/silverbullet:latest
|
||||
zefhemel/silverbullet:${{ github.ref_name }}
|
||||
# Disable to get rid of unknown architecture in ghcr
|
||||
provenance: false
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
|
|
26
Dockerfile
26
Dockerfile
|
@ -1,5 +1,4 @@
|
|||
FROM denoland/deno:alpine-1.33.2
|
||||
|
||||
FROM lukechannings/deno:v1.33.2
|
||||
# The volume that will keep the space data
|
||||
# Create a volume first:
|
||||
# docker volume create myspace
|
||||
|
@ -7,12 +6,29 @@ FROM denoland/deno:alpine-1.33.2
|
|||
# docker run -v myspace:/space -it zefhemel/silverbullet
|
||||
VOLUME /space
|
||||
|
||||
# Accept TARGETARCH as argument
|
||||
ARG TARGETARCH
|
||||
|
||||
# Adding tini manually, as it's not included anymore in the new baseimage
|
||||
ENV TINI_VERSION v0.19.0
|
||||
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
|
||||
|
||||
# Copy the bundled version of silverbullet into the container
|
||||
ADD ./dist/silverbullet.js /silverbullet.js
|
||||
|
||||
# Make sure the deno user has access to the space volume
|
||||
RUN mkdir -p /space
|
||||
RUN chown -R deno:deno /space
|
||||
RUN mkdir -p /space \
|
||||
&& chown -R deno:deno /space \
|
||||
&& chmod +x /tini \
|
||||
&& echo "**** cleanup ****" \
|
||||
&& apt-get -y autoremove \
|
||||
&& apt-get clean \
|
||||
&& rm -rf \
|
||||
/tmp/* \
|
||||
/var/lib/apt/lists/* \
|
||||
/var/tmp/* \
|
||||
/var/log/* \
|
||||
/usr/share/man
|
||||
|
||||
# deno user id is 1000 in alpine image
|
||||
USER deno
|
||||
|
@ -23,4 +39,4 @@ EXPOSE 3000
|
|||
|
||||
# Run the server, allowing to pass in additional argument at run time, e.g.
|
||||
# docker run -p 3002:3000 -v myspace:/space -it zefhemel/silverbullet --user me:letmein
|
||||
ENTRYPOINT ["/tini", "--", "deno", "run", "-A", "--unstable", "/silverbullet.js", "--hostname", "0.0.0.0", "/space"]
|
||||
ENTRYPOINT ["/tini", "--", "deno", "run", "-A", "--unstable", "/silverbullet.js", "--hostname", "0.0.0.0", "/space"]
|
||||
|
|
Loading…
Reference in New Issue