feat(docker): build docker images with buildkit, add actions
This commit is contained in:
parent
b07b8b4d4b
commit
d91b325e76
|
@ -0,0 +1,37 @@
|
||||||
|
name: push-images-test
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: "0 0 */3 * *"
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
env:
|
||||||
|
REGISTRY: docker.io
|
||||||
|
IMAGE_NAME: initdc/cloudflared
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
buildx:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
|
- name: Login to DockerHub
|
||||||
|
uses: docker/login-action@v1
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.DOCKER_USERNAME }}
|
||||||
|
password: ${{ secrets.DOCKER_TOKEN }}
|
||||||
|
- name: Extract Docker metadata
|
||||||
|
id: meta
|
||||||
|
uses: docker/metadata-action@v3
|
||||||
|
with:
|
||||||
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||||
|
- name: Build and push Docker image
|
||||||
|
run: |
|
||||||
|
set -e
|
||||||
|
docker buildx ls
|
||||||
|
docker buildx build --platform linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 -t initdc/cloudflared:v$(TZ=Asia/Shanghai date +%Y.%m.%d) . --push
|
||||||
|
docker buildx build --platform linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 -t initdc/cloudflared:latest . --push
|
|
@ -0,0 +1,47 @@
|
||||||
|
name: push-images
|
||||||
|
|
||||||
|
on:
|
||||||
|
workflow_dispatch:
|
||||||
|
|
||||||
|
env:
|
||||||
|
REGISTRY: docker.io
|
||||||
|
IMAGE_NAME: ${{ secrets.DOCKER_USERNAME }}/cloudflared
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
buildx:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v1
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v1
|
||||||
|
- name: Login to DockerHub
|
||||||
|
uses: docker/login-action@v1
|
||||||
|
with:
|
||||||
|
username: ${{ secrets.DOCKER_USERNAME }}
|
||||||
|
password: ${{ secrets.DOCKER_TOKEN }}
|
||||||
|
- name: Extract Docker metadata
|
||||||
|
id: meta
|
||||||
|
uses: docker/metadata-action@v3
|
||||||
|
with:
|
||||||
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
|
||||||
|
- name: Build and push Docker image
|
||||||
|
uses: docker/build-push-action@v2
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
platforms: |
|
||||||
|
linux/amd64
|
||||||
|
linux/arm64
|
||||||
|
linux/riscv64
|
||||||
|
linux/ppc64le
|
||||||
|
linux/s390x
|
||||||
|
linux/386
|
||||||
|
linux/mips64le
|
||||||
|
linux/mips64
|
||||||
|
linux/arm/v7
|
||||||
|
linux/arm/v6
|
||||||
|
tags: |
|
||||||
|
${{ env.IMAGE_NAME }}:latest
|
||||||
|
labels: ${{ steps.meta.outputs.labels }}
|
47
Dockerfile
47
Dockerfile
|
@ -1,29 +1,40 @@
|
||||||
# use a builder image for building cloudflare
|
# syntax=docker/dockerfile:1
|
||||||
ARG TARGET_GOOS
|
FROM --platform=$BUILDPLATFORM golang:1.17.1 as build
|
||||||
ARG TARGET_GOARCH
|
ARG TARGETPLATFORM
|
||||||
FROM golang:1.17.1 as builder
|
ARG BUILDPLATFORM
|
||||||
|
|
||||||
ENV GO111MODULE=on \
|
ENV GO111MODULE=on \
|
||||||
CGO_ENABLED=0 \
|
CGO_ENABLED=0
|
||||||
TARGET_GOOS=${TARGET_GOOS} \
|
|
||||||
TARGET_GOARCH=${TARGET_GOARCH}
|
ENV FIPS=false
|
||||||
|
|
||||||
WORKDIR /go/src/github.com/cloudflare/cloudflared/
|
WORKDIR /go/src/github.com/cloudflare/cloudflared/
|
||||||
|
|
||||||
# copy our sources into the builder image
|
# build with github tags
|
||||||
|
#ADD https://github.com/cloudflare/cloudflared/archive/refs/tags/2022.4.0.zip
|
||||||
|
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
# compile cloudflared
|
# compile cloudflared
|
||||||
RUN make cloudflared
|
RUN set -e \
|
||||||
|
&& echo "Running on $BUILDPLATFORM, building for $TARGETPLATFORM" \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get install --no-install-recommends -y ruby \
|
||||||
|
&& ruby docker-env.rb
|
||||||
|
|
||||||
# use a distroless base image with glibc
|
FROM --platform=$TARGETPLATFORM alpine:edge
|
||||||
FROM gcr.io/distroless/base-debian10:nonroot
|
COPY --from=build /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/cloudflared
|
||||||
|
|
||||||
# copy our compiled binary
|
RUN set -e \
|
||||||
COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/
|
&& apk add --no-cache ca-certificates nano
|
||||||
|
|
||||||
# run as non-privileged user
|
WORKDIR /root
|
||||||
USER nonroot
|
|
||||||
|
|
||||||
# command / entrypoint of container
|
# ref: https://developers.cloudflare.com/1.1.1.1/encryption/dns-over-https/dns-over-https-client/
|
||||||
ENTRYPOINT ["cloudflared", "--no-autoupdate"]
|
EXPOSE 53/udp
|
||||||
CMD ["version"]
|
# ref: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/ports-and-ips/
|
||||||
|
EXPOSE 443
|
||||||
|
EXPOSE 7844
|
||||||
|
|
||||||
|
# Don't set entrypoint, user need edit config file
|
||||||
|
CMD ["/bin/sh"]
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
#!/usr/bin/ruby -w
|
||||||
|
|
||||||
|
TargetPlatform = ENV.fetch('TARGETPLATFORM')
|
||||||
|
TPArray = TargetPlatform.split('/')
|
||||||
|
|
||||||
|
# ref: https://github.com/containerd/containerd/blob/v1.4.3/platforms/defaults.go
|
||||||
|
OS = TPArray[0]
|
||||||
|
Architecture = TPArray[1]
|
||||||
|
Variant = TPArray[2].to_s[1]
|
||||||
|
|
||||||
|
puts "GOOS=#{OS} GOARCH=#{Architecture} GOARM=#{Variant}"
|
||||||
|
|
||||||
|
if Variant == ''
|
||||||
|
`GOOS=#{OS} GOARCH=#{Architecture} make cloudflared`
|
||||||
|
else
|
||||||
|
`GOOS=#{OS} GOARCH=#{Architecture} GOARM=#{Variant} make cloudflared`
|
||||||
|
end
|
Loading…
Reference in New Issue