3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 10:56:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

deployment: enable multi-arch release images (#1643)

Browse source
This commit is contained in:
Travis Groth 2020-12-03 11:07:15 -05:00 committed by GitHub
parent 0571754f0c
commit 23249c8df9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 23 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/Dockerfile-release vendored
View file

@ -1,7 +1,9 @@
ARG ARCH
FROM busybox:latest as build FROM busybox:latest as build
RUN touch /config.yaml RUN touch /config.yaml
FROM gcr.io/distroless/base FROM gcr.io/distroless/base-debian10:latest-${ARCH}
ENV AUTOCERT_DIR /data/autocert ENV AUTOCERT_DIR /data/autocert
WORKDIR /pomerium WORKDIR /pomerium
COPY pomerium* /bin/ COPY pomerium* /bin/

12
.github/Dockerfile-release.arm32v6 vendored
View file

@ -1,12 +0,0 @@
FROM busybox:latest as build
RUN touch /config.yaml
FROM arm32v7/alpine
ENV AUTOCERT_DIR /data/autocert
WORKDIR /pomerium
COPY --from=multiarch/qemu-user-static /usr/bin/qemu-aarch64-static /usr/bin/
RUN apk --no-cache add ca-certificates
COPY pomerium* /bin/
COPY --from=build /config.yaml /pomerium/config.yaml
ENTRYPOINT [ "/bin/pomerium" ]
CMD ["-config","/pomerium/config.yaml"]

12
.github/Dockerfile-release.arm32v7 vendored
View file

@ -1,12 +0,0 @@
FROM busybox:latest as build
RUN touch /config.yaml
FROM arm32v7/alpine
ENV AUTOCERT_DIR /data/autocert
WORKDIR /pomerium
COPY --from=multiarch/qemu-user-static /usr/bin/qemu-aarch64-static /usr/bin/
RUN apk --no-cache add ca-certificates
COPY pomerium* /bin/
COPY --from=build /config.yaml /pomerium/config.yaml
ENTRYPOINT [ "/bin/pomerium" ]
CMD ["-config","/pomerium/config.yaml"]

12
.github/Dockerfile-release.arm64v8 vendored
View file

@ -1,12 +0,0 @@
FROM busybox:latest as build
RUN touch /config.yaml
FROM arm64v8/alpine
ENV AUTOCERT_DIR /data/autocert
WORKDIR /pomerium
COPY --from=multiarch/qemu-user-static /usr/bin/qemu-aarch64-static /usr/bin/
RUN apk --no-cache add ca-certificates
COPY pomerium* /bin/
COPY --from=build /config.yaml /pomerium/config.yaml
ENTRYPOINT [ "/bin/pomerium" ]
CMD ["-config","/pomerium/config.yaml"]

12
.github/goreleaser.yaml vendored
View file

@ -101,13 +101,14 @@ snapshot:
dockers: dockers:
- image_templates: - image_templates:
- "pomerium/pomerium:{{ .Tag }}" - "pomerium/pomerium:amd64-{{ .Tag }}"
dockerfile: .github/Dockerfile-release dockerfile: .github/Dockerfile-release
binaries: binaries:
- pomerium - pomerium
- pomerium-cli - pomerium-cli
build_flag_templates: build_flag_templates:
- "--pull" - "--pull"
- "--build-arg=ARCH=amd64"
- "--label=org.opencontainers.image.created={{.Date}}" - "--label=org.opencontainers.image.created={{.Date}}"
- "--label=org.opencontainers.image.name={{.ProjectName}}" - "--label=org.opencontainers.image.name={{.ProjectName}}"
- "--label=org.opencontainers.image.revision={{.FullCommit}}" - "--label=org.opencontainers.image.revision={{.FullCommit}}"
@ -134,12 +135,13 @@ dockers:
- goarch: arm64 - goarch: arm64
image_templates: image_templates:
- "pomerium/pomerium:arm64v8-{{ .Tag }}" - "pomerium/pomerium:arm64v8-{{ .Tag }}"
dockerfile: .github/Dockerfile-release.arm64v8 dockerfile: .github/Dockerfile-release
binaries: binaries:
- pomerium - pomerium
- pomerium-cli - pomerium-cli
build_flag_templates: build_flag_templates:
- "--pull" - "--pull"
- "--build-arg=ARCH=arm64"
- "--label=org.opencontainers.image.created={{.Date}}" - "--label=org.opencontainers.image.created={{.Date}}"
- "--label=org.opencontainers.image.name={{.ProjectName}}" - "--label=org.opencontainers.image.name={{.ProjectName}}"
- "--label=org.opencontainers.image.revision={{.FullCommit}}" - "--label=org.opencontainers.image.revision={{.FullCommit}}"
@ -148,6 +150,12 @@ dockers:
- "--label=repository=http://github.com/pomerium/pomerium" - "--label=repository=http://github.com/pomerium/pomerium"
- "--label=homepage=http://www.pomerium.io" - "--label=homepage=http://www.pomerium.io"
docker_manifests:
- name_template: "pomerium/pomerium:{{ .Tag }}"
image_templates:
- pomerium/pomerium:arm64v8-{{ .Tag }}
- pomerium/pomerium:amd64-{{ .Tag }}
brews: brews:
- # Name template of the recipe - # Name template of the recipe
name: pomerium-cli name: pomerium-cli

4
.github/workflows/release.yaml vendored
View file

@ -8,11 +8,15 @@ on:
jobs: jobs:
goreleaser: goreleaser:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v2 uses: actions/checkout@v2
- name: Unshallow - name: Unshallow
run: git fetch --prune --unshallow run: git fetch --prune --unshallow
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v2 uses: actions/setup-go@v2
with: with:

6
docs/docs/upgrading.md
View file

@ -18,6 +18,12 @@ With the v0.11.0 release, user impersonation by administrators is now disabled b
The `cache_service_url` parameter has been deprecated since v0.10.0 and is now removed. Please replace it with `databroker_service_url` in your yaml configuration, or `DATABROKER_SERVICE_URL` as an environment variable. The `cache_service_url` parameter has been deprecated since v0.10.0 and is now removed. Please replace it with `databroker_service_url` in your yaml configuration, or `DATABROKER_SERVICE_URL` as an environment variable.
## New
### Docker Multi-Arch Images
With the v0.11.0 release, Pomerium docker images are multi-arch for `arm64` and `amd64`. Individual images for each architecture will continue to be published.
# Since 0.9.0 # Since 0.9.0
## Breaking ## Breaking