fix(docker): fix Qemu segfaulting on arm64

Closes #1241 #1249

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2023-08-18 16:22:19 +02:00
parent 98470f3d8d
commit 8e3f90f713
No known key found for this signature in database
GPG key ID: A061B9DDE0CA0773
3 changed files with 28 additions and 29 deletions

View file

@ -207,7 +207,7 @@ pages:
.docker: &docker .docker: &docker
stage: docker stage: docker
image: docker:20.10.18 image: docker:24
variables: variables:
DOCKER_TLS_CERTDIR: "/certs" DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376 DOCKER_HOST: tcp://docker:2376
@ -215,13 +215,13 @@ pages:
DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client" DOCKER_CERT_PATH: "$DOCKER_TLS_CERTDIR/client"
DOCKER_DRIVER: overlay2 DOCKER_DRIVER: overlay2
services: services:
- docker:20.10.18-dind - docker:24-dind
cache: {} cache: {}
before_script: before_script:
# Install buildx # Install buildx
- wget https://github.com/docker/buildx/releases/download/v0.9.1/buildx-v0.9.1.linux-amd64 - wget https://github.com/docker/buildx/releases/download/v0.11.2/buildx-v0.11.2.linux-amd64
- mkdir -p ~/.docker/cli-plugins/ - mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.9.1.linux-amd64 ~/.docker/cli-plugins/docker-buildx - mv buildx-v0.11.2.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx - chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env # Create env
- docker context create tls-environment - docker context create tls-environment
@ -256,28 +256,17 @@ build-and-push-to-latest-docker-tag:
- > - >
docker buildx build docker buildx build
--push --push
--platform linux/amd64 --platform linux/${ARCH}
-t framasoft/mobilizon:$CI_COMMIT_TAG --build-arg="${ERL_FLAGS}"
-t framasoft/mobilizon:latest
-f docker/production/Dockerfile .
build-and-push-to-latest-docker-tag-cross:
<<: *docker
rules: &release-tag-rules
- if: '$CI_PROJECT_NAMESPACE != "framasoft"'
when: never
- if: $CI_COMMIT_TAG != null && $CI_COMMIT_TAG !~ /alpha|beta|rc/
when: on_success
timeout: 3 hours
allow_failure: true
script:
- >
docker buildx build
--push
--platform linux/arm, linux/arm64
-t framasoft/mobilizon:$CI_COMMIT_TAG -t framasoft/mobilizon:$CI_COMMIT_TAG
-t framasoft/mobilizon:latest -t framasoft/mobilizon:latest
-f docker/production/Dockerfile . -f docker/production/Dockerfile .
parallel:
matrix:
- ARCH: ["amd64"]
ERL_FLAGS: ["ERL_FLAGS="]
- ARCH: ["arm64"]
ERL_FLAGS: ["ERL_FLAGS=+JMsingle true"]
# Don't push to latest when building beta/rc tags # Don't push to latest when building beta/rc tags
@ -339,7 +328,7 @@ package-app-dev:
# Packaging app for multi-arch # Packaging app for multi-arch
multi-arch-release: multi-arch-release:
stage: package stage: package
image: docker:20.10.21 image: docker:24
variables: variables:
DOCKER_TLS_CERTDIR: "/certs" DOCKER_TLS_CERTDIR: "/certs"
DOCKER_HOST: tcp://docker:2376 DOCKER_HOST: tcp://docker:2376
@ -349,13 +338,13 @@ multi-arch-release:
APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz" APP_ASSET: "${CI_PROJECT_NAME}_${CI_COMMIT_REF_NAME}_${ARCH}.tar.gz"
OS: debian-buster OS: debian-buster
services: services:
- docker:20.10.21-dind - docker:24-dind
cache: {} cache: {}
before_script: before_script:
# Install buildx # Install buildx
- wget https://github.com/docker/buildx/releases/download/v0.9.1/buildx-v0.9.1.linux-amd64 - wget https://github.com/docker/buildx/releases/download/v0.11.2/buildx-v0.11.2.linux-amd64
- mkdir -p ~/.docker/cli-plugins/ - mkdir -p ~/.docker/cli-plugins/
- mv buildx-v0.9.1.linux-amd64 ~/.docker/cli-plugins/docker-buildx - mv buildx-v0.11.2.linux-amd64 ~/.docker/cli-plugins/docker-buildx
- chmod a+x ~/.docker/cli-plugins/docker-buildx - chmod a+x ~/.docker/cli-plugins/docker-buildx
# Create env # Create env
- docker context create tls-environment - docker context create tls-environment
@ -364,7 +353,7 @@ multi-arch-release:
- docker pull tonistiigi/binfmt:latest - docker pull tonistiigi/binfmt:latest
- docker run --rm --privileged tonistiigi/binfmt:latest --install all - docker run --rm --privileged tonistiigi/binfmt:latest --install all
script: script:
- docker buildx build --platform linux/${ARCH} --output type=local,dest=releases --build-arg APP_ASSET=${APP_ASSET} -f docker/multiarch/Dockerfile . - docker buildx build --platform linux/${ARCH} --output type=local,dest=releases --build-arg="ERL_FLAGS=+JMsingle true" --build-arg APP_ASSET=${APP_ASSET} -f docker/multiarch/Dockerfile .
- ls -alh releases/mobilizon/ - ls -alh releases/mobilizon/
- du -sh releases/mobilizon/${APP_ASSET} - du -sh releases/mobilizon/${APP_ASSET}
- mv releases/mobilizon/${APP_ASSET} . - mv releases/mobilizon/${APP_ASSET} .
@ -377,7 +366,7 @@ multi-arch-release:
- erl_crash.dump # if there's a memory issue - erl_crash.dump # if there's a memory issue
parallel: parallel:
matrix: matrix:
- ARCH: ["arm", "arm64"] - ARCH: ["arm64"]
rules: rules:
- if: '$CI_COMMIT_TAG != null || $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"' - if: '$CI_COMMIT_TAG != null || $CI_PIPELINE_SOURCE == "schedule" || $CI_PIPELINE_TRIGGERED == "true"'
timeout: 3h timeout: 3h

View file

@ -4,6 +4,11 @@ ENV MIX_ENV prod
# ENV LANG en_US.UTF-8 # ENV LANG en_US.UTF-8
ARG APP_ASSET ARG APP_ASSET
# Fix qemu segfault on arm64
# See https://github.com/plausible/analytics/pull/2879 and https://github.com/erlang/otp/pull/6340
ARG ERL_FLAGS=""
ENV ERL_FLAGS=$ERL_FLAGS
# Set the right versions # Set the right versions
ENV ELIXIR_VERSION latest ENV ELIXIR_VERSION latest
ENV ERLANG_VERSION latest ENV ERLANG_VERSION latest

View file

@ -12,6 +12,11 @@ RUN yarn install --network-timeout 100000 \
# Then, build the application binary # Then, build the application binary
FROM elixir:1.14-alpine AS builder FROM elixir:1.14-alpine AS builder
# Fix qemu segfault on arm64
# See https://github.com/plausible/analytics/pull/2879 and https://github.com/erlang/otp/pull/6340
ARG ERL_FLAGS=""
ENV ERL_FLAGS=$ERL_FLAGS
RUN apk add --no-cache build-base git cmake RUN apk add --no-cache build-base git cmake
COPY mix.exs mix.lock ./ COPY mix.exs mix.lock ./