Skip to content

Commit

Permalink
adds arm64 support (#92)
Browse files Browse the repository at this point in the history
  • Loading branch information
ngeorger authored Apr 10, 2024
1 parent 055d3d4 commit 27f7b0b
Show file tree
Hide file tree
Showing 7 changed files with 337 additions and 133 deletions.
30 changes: 0 additions & 30 deletions .dockerignore

This file was deleted.

54 changes: 20 additions & 34 deletions .github/workflows/build-custom-image.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ name: Build and push image to DockerHub and GitHub Container Registry

on:
push:
branches:
- main
tags:
- 'v*'
pull_request:
Expand All @@ -12,7 +14,7 @@ on:
manual-tag:
description: 'Manual Tag'
required: false
default: 'main'
default: 'custom'
type: string
ghost_version:
description: 'Ghost version'
Expand All @@ -36,15 +38,11 @@ jobs:
with:
fetch-depth: 1

- name: Install Cosign
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
uses: sigstore/cosign-installer@v3.4.0

-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64
# -
# name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# with:
# platforms: linux/amd64

-
name: Set up Docker Buildx
Expand All @@ -53,6 +51,7 @@ jobs:
driver-opts: |
network=host
image=moby/buildkit:master
driver: docker

-
name: Set up GHOST_VERSION and MANUAL_TAG values, depending on event type (push or workflow_dispatch)
Expand Down Expand Up @@ -85,7 +84,7 @@ jobs:
tags: |
type=ref,event=branch
type=ref,event=tag
type=raw,value=${{ steps.versions.outputs.GHOST_VERSION }}
type=raw,value=main
-
name: Docker meta for workflow_dispatch
id: meta-workflow-dispatch
Expand All @@ -99,7 +98,7 @@ jobs:
tags: |
type=ref,event=branch
type=raw,value=${{ steps.versions.outputs.MANUAL_TAG }}
type=raw,value=${{ steps.versions.outputs.GHOST_VERSION }}
type=raw,value=v${{ steps.versions.outputs.GHOST_VERSION }}
-
name: Login to DockerHub
Expand Down Expand Up @@ -128,21 +127,21 @@ jobs:
password: ${{ secrets.QUAY_PASS }}

-
name: Build and push
name: Build and push version tag
uses: docker/build-push-action@v5
id: build-and-push
if: github.event_name == 'push' || github.head_ref == 'v*' || github.head_ref == 'main'
if: ${{ github.event_name == 'push' || github.head_ref == 'v*' || github.head_ref == 'main' }}
with:
context: .
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: true
sbom: true
push: true
tags: ${{ steps.meta-push.outputs.tags }}
labels: ${{ steps.meta-push.outputs.labels }}
build-args: |
GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}
build-args: GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}

-
name: Build and push
Expand All @@ -154,25 +153,13 @@ jobs:
platforms: linux/amd64
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: true
sbom: true
push: true
tags: ${{ steps.meta-workflow-dispatch.outputs.tags }}
labels: ${{ steps.meta-workflow-dispatch.outputs.labels }}
build-args: |
GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}
build-args: GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}

- name: Sign the images with GitHub OIDC Token
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
continue-on-error: true
env:
DIGEST: ${{ steps.build-and-push.outputs.digest || steps.build-and-push-workflow-dispatch.outputs.digest }}
TAGS: ${{ steps.meta-push.outputs.tags || steps.meta-workflow-dispatch.outputs.tags }}
COSIGN_EXPERIMENTAL: 1
run: |
images=""
for tag in ${TAGS}; do
images+="${tag}@${DIGEST} "
done
cosign sign --yes ${images}
-
name: Build pull request
uses: docker/build-push-action@v5
Expand All @@ -184,5 +171,4 @@ jobs:
cache-from: type=gha
cache-to: type=gha,mode=max
push: false
build-args: |
GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}
build-args: GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}
164 changes: 164 additions & 0 deletions .github/workflows/multi-build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,164 @@
name: amd64-arm64 to ghcr.io

on:
push:
tags:
- "v*"
branches:
- "main"
paths-ignore:
- "**.md"
- "deploy/**"
# paths:
# - "Dockerfile"
workflow_dispatch:
inputs:
manual-tag:
description: 'Manual Tag'
required: false
default: 'main'
type: string
ghost_version:
description: 'Ghost version'
required: false
default: '5.81.1'
type: string

permissions: write-all

env:
REGISTRY_IMAGE: ghcr.io/${{ github.repository }}


jobs:
build:
runs-on: ubuntu-22.04
strategy:
fail-fast: true
matrix:
platform:
- linux/arm64
- linux/amd64
steps:
-
name: Prepare
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
name: Checkout
uses: actions/checkout@v4
-
name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: amd64,arm64

-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: |
network=host
platforms: linux/amd64,linux/arm64

-
name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Set up GHOST_VERSION and MANUAL_TAG values, depending on event type (push or workflow_dispatch)
id: versions
env:
GITHUB_EVENT_NAME: ${{ github.event_name }}
run: |
if [ ${{ env.GITHUB_EVENT_NAME }} == workflow_dispatch ]; then
echo "GHOST_VERSION=${{ github.event.inputs.ghost_version }}" >> $GITHUB_OUTPUT
echo "MANUAL_TAG=${{ github.event.inputs.manual-tag }}" >> $GITHUB_OUTPUT
else
echo "GHOST_VERSION=$(curl -s https://api.github.com/repos/tryghost/ghost/releases/latest | jq '.name' | sed 's/\"//g')" >> $GITHUB_OUTPUT
fi
-
name: Show Ghost version
run: |
echo "GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}"
echo "MANUAL_TAG=${{ steps.versions.outputs.MANUAL_TAG }}"
-
name: Build and push by digest
id: build
uses: docker/build-push-action@v5
with:
context: .
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
build-args: GHOST_VERSION=${{ steps.versions.outputs.GHOST_VERSION }}
outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha
cache-to: type=gha,mode=max
-
name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
-
name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1

merge:
runs-on: ubuntu-22.04
needs:
- build
steps:
-
name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: |
network=host
platforms: linux/amd64,linux/arm64
-
name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY_IMAGE }}
-
name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Create manifest list and pushs
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
-
name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}
22 changes: 18 additions & 4 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,26 @@
# The image is based on the official Node.js image and uses the Distroless base image for security and minimalism.

# Stage 1: Build Environment
FROM node:hydrogen-bookworm-slim AS build-env
FROM node:hydrogen AS build-env

ENV NODE_ENV production
ENV DEBIAN_FRONTEND noninteractive


# Set the NODE_ENV environment variable to "production"
ENV NODE_ENV production
# ENV NODE_ENV production
USER root

RUN apt-get update && apt-get install --no-install-recommends --no-install-suggests -y libvips-dev ca-certificates && \
update-ca-certificates
# && \
# rm -rf /var/lib/apt/lists/*

# Install the latest version of Ghost CLI globally and clean the npm cache
RUN npm install -g "ghost-cli@latest"
RUN yarn config set network-timeout 60000 && \
npm config set fetch-timeout 60000 && \
yarn global add ghost-cli@latest || npm install -g ghost-cli@latest
#RUN yarn cache clean --force && npm cache clean --force

# Define the GHOST_VERSION build argument and set it as an environment variable
ARG GHOST_VERSION
Expand All @@ -29,7 +41,9 @@ USER node
# WORKDIR /home/node

# Install Ghost with the specified version, using MySQL as the database, and configure it without prompts, stack traces, setup, and in the specified installation directory
RUN ghost install $GHOST_VERSION --db mysql --dbhost mysql --no-prompt --no-stack --no-setup --dir $GHOST_INSTALL
RUN yarn config set network-timeout 180000 && \
yarn config set verbose true && \
ghost install $GHOST_VERSION --db mysql --dbhost mysql --no-prompt --no-stack --no-setup --dir $GHOST_INSTALL

# Switch back to the root user
USER root
Expand Down
Loading

0 comments on commit 27f7b0b

Please sign in to comment.