Feature: Docker multiarch image (amd64 & arm64) dynamic tags and ghcr repositoy (#400)
* Enabled multiarch build with buildx, qemu and also enabled ghcr, improved tagging - Enabled multiarch build with buildx, qemu and also enabled ghcr - Improved image tagging - Getting rid unknown/unknonw architecture in ghcr - https://github.com/docker/build-push-action - https://docs.docker.com/build/attestations/slsa-provenance/ - https://github.com/docker/build-push-action/issues/820 * Switched to lukechannings/deno docke rimage as proposed in #136 - silverbulletmd/silverbullet/issues/136 (cherry picked from commit 176b70f5481dbbef9744818662f47617903de209) * Added tini, condensed Dockerfile Run to one step, cleaning up image - tini is missing in new base image, so I added it manually, as documented in https://github.com/krallin/tini (cherry picked from commit 4d549b8f5b45bcc9ea04a0e7a4fdc3c82cdd7f5c) * Using TARGETARCH for downloading tini (cherry picked from commit 23a6019da00115b34c3bd09eb0c733172edcebbc)pull/401/head
parent
f57f4d1342
commit
c8d0b2df14
|
@ -2,9 +2,17 @@ name: Docker
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
|
branches:
|
||||||
|
- "main"
|
||||||
tags:
|
tags:
|
||||||
- '*'
|
- "**"
|
||||||
|
env:
|
||||||
|
DENO_VERSION: v1.32.5
|
||||||
|
# Docker & Registries
|
||||||
|
ARCHITECTURES: linux/amd64,linux/arm64
|
||||||
|
IMAGE_NAME: silverbullet
|
||||||
|
NAMESPACE_GITHUB: silverbulletmd
|
||||||
|
NAMESPACE_DOCKER: zefhemel
|
||||||
jobs:
|
jobs:
|
||||||
docker-build-push:
|
docker-build-push:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@ -13,10 +21,20 @@ jobs:
|
||||||
- name: Setup repo
|
- name: Setup repo
|
||||||
uses: actions/checkout@v3
|
uses: actions/checkout@v3
|
||||||
|
|
||||||
|
- name: Set up QEMU for multi-arch builds with buildx
|
||||||
|
uses: docker/setup-qemu-action@v2
|
||||||
|
with:
|
||||||
|
platforms: ${{ env.ARCHITECTURES }}
|
||||||
|
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v2
|
||||||
|
with:
|
||||||
|
platforms: ${{ env.ARCHITECTURES }}
|
||||||
|
|
||||||
- name: Setup Deno
|
- name: Setup Deno
|
||||||
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
|
uses: denoland/setup-deno@d4873ceeec10de6275fecd1f94b6985369d40231
|
||||||
with:
|
with:
|
||||||
deno-version: v1.32.5
|
deno-version: ${{ env.DENO_VERSION }}
|
||||||
|
|
||||||
- name: Run bundle build
|
- name: Run bundle build
|
||||||
run: |
|
run: |
|
||||||
|
@ -29,11 +47,42 @@ jobs:
|
||||||
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
||||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||||
|
|
||||||
- name: Build and push
|
- name: Log in to the ghcr Container registry
|
||||||
uses: docker/build-push-action@v3
|
uses: docker/login-action@v2
|
||||||
|
with:
|
||||||
|
registry: ghcr.io
|
||||||
|
username: ${{ github.actor }}
|
||||||
|
password: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
#
|
||||||
|
# MetaData Extract Docu: <https://github.com/docker/metadata-action>
|
||||||
|
#
|
||||||
|
- name: Extract metadata (tags, labels) for Docker
|
||||||
|
id: meta
|
||||||
|
uses: docker/metadata-action@v4.4.0
|
||||||
|
with:
|
||||||
|
images: |
|
||||||
|
# Set the different image names(paces) for docker-hub & ghcr
|
||||||
|
${{ env.NAMESPACE_DOCKER }}/${{ env.IMAGE_NAME }}
|
||||||
|
ghcr.io/${{ env.NAMESPACE_GITHUB }}/${{ env.IMAGE_NAME }}
|
||||||
|
tags: |
|
||||||
|
# <https://github.com/docker/metadata-action#typeref>
|
||||||
|
# minimal (short sha), enable f desired
|
||||||
|
# type=sha,enable=true,priority=100,prefix=commit-,suffix=,format=short
|
||||||
|
# set latest tag for default branch
|
||||||
|
type=raw,value=latest,enable={{is_default_branch}}
|
||||||
|
#
|
||||||
|
# tag w/ full tag part of git tag: <https://github.com/docker/metadata-action#typesemver>
|
||||||
|
# only present for `on.push.tags` !
|
||||||
|
type=semver,pattern={{raw}},enable=true
|
||||||
|
# type=edge,branch=develop # usually this would be the develop branch
|
||||||
|
|
||||||
|
- name: Build and push Docker images
|
||||||
|
uses: docker/build-push-action@v4.0.0
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
|
platforms: ${{ env.ARCHITECTURES }}
|
||||||
push: true
|
push: true
|
||||||
tags: |
|
# Disable to get rid of unknown architecture in ghcr
|
||||||
zefhemel/silverbullet:latest
|
provenance: false
|
||||||
zefhemel/silverbullet:${{ github.ref_name }}
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
|
|
26
Dockerfile
26
Dockerfile
|
@ -1,5 +1,4 @@
|
||||||
FROM denoland/deno:alpine-1.33.2
|
FROM lukechannings/deno:v1.33.2
|
||||||
|
|
||||||
# The volume that will keep the space data
|
# The volume that will keep the space data
|
||||||
# Create a volume first:
|
# Create a volume first:
|
||||||
# docker volume create myspace
|
# docker volume create myspace
|
||||||
|
@ -7,12 +6,29 @@ FROM denoland/deno:alpine-1.33.2
|
||||||
# docker run -v myspace:/space -it zefhemel/silverbullet
|
# docker run -v myspace:/space -it zefhemel/silverbullet
|
||||||
VOLUME /space
|
VOLUME /space
|
||||||
|
|
||||||
|
# Accept TARGETARCH as argument
|
||||||
|
ARG TARGETARCH
|
||||||
|
|
||||||
|
# Adding tini manually, as it's not included anymore in the new baseimage
|
||||||
|
ENV TINI_VERSION v0.19.0
|
||||||
|
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-${TARGETARCH} /tini
|
||||||
|
|
||||||
# Copy the bundled version of silverbullet into the container
|
# Copy the bundled version of silverbullet into the container
|
||||||
ADD ./dist/silverbullet.js /silverbullet.js
|
ADD ./dist/silverbullet.js /silverbullet.js
|
||||||
|
|
||||||
# Make sure the deno user has access to the space volume
|
# Make sure the deno user has access to the space volume
|
||||||
RUN mkdir -p /space
|
RUN mkdir -p /space \
|
||||||
RUN chown -R deno:deno /space
|
&& chown -R deno:deno /space \
|
||||||
|
&& chmod +x /tini \
|
||||||
|
&& echo "**** cleanup ****" \
|
||||||
|
&& apt-get -y autoremove \
|
||||||
|
&& apt-get clean \
|
||||||
|
&& rm -rf \
|
||||||
|
/tmp/* \
|
||||||
|
/var/lib/apt/lists/* \
|
||||||
|
/var/tmp/* \
|
||||||
|
/var/log/* \
|
||||||
|
/usr/share/man
|
||||||
|
|
||||||
# deno user id is 1000 in alpine image
|
# deno user id is 1000 in alpine image
|
||||||
USER deno
|
USER deno
|
||||||
|
@ -23,4 +39,4 @@ EXPOSE 3000
|
||||||
|
|
||||||
# Run the server, allowing to pass in additional argument at run time, e.g.
|
# Run the server, allowing to pass in additional argument at run time, e.g.
|
||||||
# docker run -p 3002:3000 -v myspace:/space -it zefhemel/silverbullet --user me:letmein
|
# docker run -p 3002:3000 -v myspace:/space -it zefhemel/silverbullet --user me:letmein
|
||||||
ENTRYPOINT ["/tini", "--", "deno", "run", "-A", "--unstable", "/silverbullet.js", "--hostname", "0.0.0.0", "/space"]
|
ENTRYPOINT ["/tini", "--", "deno", "run", "-A", "--unstable", "/silverbullet.js", "--hostname", "0.0.0.0", "/space"]
|
||||||
|
|
Loading…
Reference in New Issue