Allow release and Docker multiarch building

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2021-10-21 12:00:38 +02:00
parent 7c27ba4000
commit ef1e4124de
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
4 changed files with 128 additions and 14 deletions

View file

@ -29,6 +29,9 @@ variables:
PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}" PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}"
ARCH: "amd64" ARCH: "amd64"
EXPORT_FORMATS: "csv,ods,pdf" EXPORT_FORMATS: "csv,ods,pdf"
APP_VERSION: "${CI_COMMIT_REF_NAME}"
APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz"
CYPRESS_INSTALL_BINARY: 0
cache: cache:
key: "${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHORT_SHA}" key: "${CI_COMMIT_REF_SLUG}-${CI_COMMIT_SHORT_SHA}"
@ -177,15 +180,40 @@ pages:
.docker: &docker .docker: &docker
stage: docker stage: docker
image: docker:stable
variables:
DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
DOCKER_DRIVER: overlay2
services:
- docker:stable-dind
cache: {} cache: {}
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
before_script: before_script:
- mkdir -p /kaniko/.docker # Install buildx
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > /kaniko/.docker/config.json - wget https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
- mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.6.3.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env
- docker context create tls-environment
- docker buildx create --use tls-environment
# Install qemu/binfmt
- docker pull tonistiigi/binfmt:latest
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
# Login to DockerHub
- mkdir -p ~/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$CI_REGISTRY_AUTH\",\"email\":\"$CI_REGISTRY_EMAIL\"}}}" > ~/.docker/config.json
script: script:
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/docker/production/Dockerfile --destination $DOCKER_IMAGE_NAME --build-arg VCS_REF=$CI_VCS_REF --build-arg BUILD_DATE=$CI_JOB_TIMESTAMP - >
docker buildx build
--push
--platform linux/amd64,linux/arm64,linux/arm
-t framasoft/mobilizon:multiarch
-f docker/production/Dockerfile .
tags:
- "privileged"
build-docker-master: build-docker-master:
<<: *docker <<: *docker
@ -205,12 +233,11 @@ build-docker-tag:
variables: variables:
DOCKER_IMAGE_NAME: framasoft/mobilizon:$CI_COMMIT_TAG DOCKER_IMAGE_NAME: framasoft/mobilizon:$CI_COMMIT_TAG
# Packaging app for amd64
package-app: package-app:
stage: package stage: package
variables: &release-variables variables: &release-variables
MIX_ENV: "prod" MIX_ENV: "prod"
APP_VERSION: "${CI_COMMIT_TAG}"
APP_ASSET: "${CI_PROJECT_NAME}_${APP_VERSION}_${ARCH}.tar.gz"
script: &release-script script: &release-script
- mix local.hex --force - mix local.hex --force
- mix local.rebar --force - mix local.rebar --force
@ -240,17 +267,60 @@ package-app-dev:
paths: paths:
- ${APP_ASSET} - ${APP_ASSET}
# Packaging app for multi-arch
multi-arch-release:
stage: package
image: docker:stable
variables:
DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
DOCKER_DRIVER: overlay2
APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz"
services:
- docker:stable-dind
cache: {}
before_script:
# Install buildx
- wget https://github.com/docker/buildx/releases/download/v0.6.3/buildx-v0.6.3.linux-amd64
- mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.6.3.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env
- docker context create tls-environment
- docker buildx create --use tls-environment
# Install qemu/binfmt
- docker pull tonistiigi/binfmt:latest
- docker run --rm --privileged tonistiigi/binfmt:latest --install all
script:
- docker buildx build --platform linux/${ARCH} --output type=local,dest=releases --build-arg APP_ASSET=${APP_ASSET} -f docker/multiarch/Dockerfile .
- ls -alh releases/mobilizon/
- du -sh releases/mobilizon/${APP_ASSET}
tags:
- "privileged"
artifacts:
expire_in: 30 days
paths:
- releases/mobilizon/${APP_ASSET}
parallel:
matrix:
- ARCH: ["arm", "arm64"]
rules:
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
when: never
- if: '$CI_PIPELINE_SOURCE == "schedule"'
- if: $CI_COMMIT_TAG
# Release
release-upload: release-upload:
stage: upload stage: upload
image: framasoft/yakforms-assets-deploy:latest image: framasoft/yakforms-assets-deploy:latest
rules: *tag-rules rules: *tag-rules
variables:
APP_VERSION: "${CI_COMMIT_TAG}"
APP_ASSET: "${CI_PROJECT_NAME}_${APP_VERSION}_${ARCH}.tar.gz"
script: script:
- eval `ssh-agent -s` - eval `ssh-agent -s`
- ssh-add <(echo "${DEPLOYEMENT_KEY}" | base64 --decode -i) - ssh-add <(echo "${DEPLOYEMENT_KEY}" | base64 --decode -i)
- echo "put -r ${APP_ASSET}" | sftp -o "VerifyHostKeyDNS yes" ${DEPLOYEMENT_USER}@${DEPLOYEMENT_HOST}:public/ - echo "put -r mobilizon_*.tar.gz" | sftp -o "VerifyHostKeyDNS yes" ${DEPLOYEMENT_USER}@${DEPLOYEMENT_HOST}:public/
artifacts: artifacts:
expire_in: 1 day expire_in: 1 day
when: on_success when: on_success
@ -264,8 +334,6 @@ release-create:
before_script: before_script:
- apk --no-cache add gawk sed grep - apk --no-cache add gawk sed grep
script: | script: |
APP_VERSION="${CI_COMMIT_TAG}"
APP_ASSET="${CI_PROJECT_NAME}_${APP_VERSION}_${ARCH}.tar.gz"
CHANGELOG=$(awk -v version="$APP_VERSION" '/^## / { printit = $2 == version }; printit' CHANGELOG.md | grep -v "## $APP_VERSION" | sed '1{/^$/d}') CHANGELOG=$(awk -v version="$APP_VERSION" '/^## / { printit = $2 == version }; printit' CHANGELOG.md | grep -v "## $APP_VERSION" | sed '1{/^$/d}')
ENDPOINT="https://packages.joinmobilizon.org" ENDPOINT="https://packages.joinmobilizon.org"

View file

@ -0,0 +1,44 @@
FROM elixir as build
SHELL ["/bin/bash", "-c"]
ENV MIX_ENV prod
# ENV LANG en_US.UTF-8
ARG APP_ASSET
# Set the right versions
ENV ELIXIR_VERSION latest
ENV ERLANG_VERSION latest
ENV NODE_VERSION 16
# Install system dependencies
RUN apt-get update -yq && apt-get install -yq build-essential cmake postgresql-client git curl gnupg unzip exiftool webp imagemagick gifsicle
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# # Install Node & yarn
# RUN curl -sL https://deb.nodesource.com/setup_16.x | bash && apt-get install nodejs -yq
# RUN npm install -g yarn
# Install build tools
RUN source /root/.bashrc && \
mix local.rebar --force && \
mix local.hex -if-missing --force
RUN mkdir /mobilizon
COPY ./ /mobilizon
WORKDIR /mobilizon
# # Build front-end
# RUN yarn --cwd "js" install --frozen-lockfile
# RUN yarn --cwd "js" run build
# Elixir release
RUN source /root/.bashrc && \
mix deps.get --only prod && \
mix compile && \
mix phx.digest.clean --all && \
mix release --path release/mobilizon && \
cd release/mobilizon && \
ln -s lib/mobilizon-*/priv priv && \
cd ../../
# Make a release archive
RUN tar -zcf /mobilizon/${APP_ASSET} -C release mobilizon

View file

@ -0,0 +1 @@
Contains the Dockerfile used to generate multi-arch Elixir releases

1
docker/tests/README.md Normal file
View file

@ -0,0 +1 @@
Contains the Dockerfile for the image used to run the tests