From f48f5a008d1fe4d2245fe02cb2b1c5982a000a8a Mon Sep 17 00:00:00 2001 From: Carlos Panato Date: Sun, 5 Dec 2021 09:48:33 +0100 Subject: [PATCH] build binaries and image for arm64 and arm Signed-off-by: Carlos Panato --- .circleci/config.yml | 38 +++++++++++++++-- .goreleaser.yml | 98 ++++++++++++++++++++++++++++++++++++-------- Dockerfile | 16 +------- Makefile | 6 ++- 4 files changed, 123 insertions(+), 35 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ecf4bf3520..ab0c253f29 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -67,11 +67,41 @@ jobs: docker push public.ecr.aws/falcosecurity/falcosidekick:latest release: - executor: - name: default + machine: + image: ubuntu-2004:202111-01 + environment: + DOCKER_BUILDKIT: 1 + BUILDX_PLATFORMS: linux/amd64,linux/arm64,linux/arm/v7 steps: - checkout - - setup_remote_docker + - run: + name: Update Go + command: | + GOLANG_URL="https://go.dev/dl/go1.16.11.linux-amd64.tar.gz" + + curl --output go1.16.11.linux-amd64.tar.gz \ + --silent --show-error --location --fail --retry 3 \ + "$GOLANG_URL" + + sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.16.11.linux-amd64.tar.gz + go version + - run: + name: Install buildx + command: | + BUILDX_BINARY_URL="https://github.com/docker/buildx/releases/download/v0.7.0/buildx-v0.7.0.linux-amd64" + + curl --output docker-buildx \ + --silent --show-error --location --fail --retry 3 \ + "$BUILDX_BINARY_URL" + + mkdir -p ~/.docker/cli-plugins + + mv docker-buildx ~/.docker/cli-plugins/ + chmod a+x ~/.docker/cli-plugins/docker-buildx + + docker buildx install + # Run binfmt + docker run --rm --privileged tonistiigi/binfmt:latest --install "$BUILDX_PLATFORMS" - run: name: Install pre-requisites command: | @@ -81,7 +111,7 @@ jobs: ./aws/install -i $HOME/.local/aws-cli -b $HOME/.local/bin popd && rm -r $DIR - run: - name: Prepare env + name: Login Registries command: | echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin aws ecr-public get-login-password --region us-east-1 | \ diff --git a/.goreleaser.yml b/.goreleaser.yml index 08a055e05f..956b4e1fdc 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,46 +1,112 @@ project_name: falcosidekick + +snapshot: + name_template: '{{ incpatch .Version }}-next' + +checksum: + name_template: 'checksums.txt' + builds: - id: "falcosidekick" goos: - - linux + - linux goarch: - - amd64 + - amd64 + - arm64 + - arm + goarm: + - '7' asmflags: - all=-trimpath={{.Env.GOPATH}} gcflags: - all=-trimpath={{.Env.GOPATH}} env: - CGO_ENABLED=0 + flags: + - -trimpath binary: falcosidekick dockers: - goos: linux goarch: amd64 dockerfile: Dockerfile + use: buildx + image_templates: + - "falcosecurity/falcosidekick:stable-amd64" + - "falcosecurity/falcosidekick:{{ .Version }}-amd64" + - "public.ecr.aws/falcosecurity/falcosidekick:stable-amd64" + - "public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-amd64" + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.name={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--platform=linux/amd64" + extra_files: + - LICENSE + + - goos: linux + goarch: arm64 + dockerfile: Dockerfile + use: buildx + image_templates: + - "falcosecurity/falcosidekick:stable-arm64" + - "falcosecurity/falcosidekick:{{ .Version }}-arm64" + - "public.ecr.aws/falcosecurity/falcosidekick:stable-arm64" + - "public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-arm64" + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.name={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--platform=linux/arm64" + extra_files: + - LICENSE + + - goos: linux + goarch: arm + goarm: '7' + dockerfile: Dockerfile + use: buildx image_templates: - - "falcosecurity/falcosidekick:stable" - - "falcosecurity/falcosidekick:{{ .Version }}" - - "public.ecr.aws/falcosecurity/falcosidekick:stable" - - "public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}" + - "falcosecurity/falcosidekick:stable-armv7" + - "falcosecurity/falcosidekick:{{ .Version }}-armv7" + - "public.ecr.aws/falcosecurity/falcosidekick:stable-armv7" + - "public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-armv7" build_flag_templates: - "--pull" - "--label=org.opencontainers.image.created={{.Date}}" - "--label=org.opencontainers.image.name={{.ProjectName}}" - "--label=org.opencontainers.image.revision={{.FullCommit}}" - "--label=org.opencontainers.image.version={{.Version}}" + - "--platform=linux/arm/v7" extra_files: - - outputs - - types - - config.go - - handlers.go - - main.go - - stats_prometheus.go - - stats.go - - go.mod - - go.sum - - Makefile - LICENSE +docker_manifests: +- name_template: 'falcosecurity/falcosidekick:stable' + image_templates: + - 'falcosecurity/falcosidekick:stable-amd64' + - 'falcosecurity/falcosidekick:stable-arm64' + - 'falcosecurity/falcosidekick:stable-armv7' +- name_template: 'falcosecurity/falcosidekick:{{ .Version }}' + image_templates: + - 'falcosecurity/falcosidekick:{{ .Version }}-amd64' + - 'falcosecurity/falcosidekick:{{ .Version }}-arm64' + - 'falcosecurity/falcosidekick:{{ .Version }}-armv7' +- name_template: 'public.ecr.aws/falcosecurity/falcosidekick:stable' + image_templates: + - 'public.ecr.aws/falcosecurity/falcosidekick:stable-amd64' + - 'public.ecr.aws/falcosecurity/falcosidekick:stable-arm64' + - 'public.ecr.aws/falcosecurity/falcosidekick:stable-armv7' +- name_template: 'public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}' + image_templates: + - 'public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-amd64' + - 'public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-arm64' + - 'public.ecr.aws/falcosecurity/falcosidekick:{{ .Version }}-armv7' + release: github: prerelease: auto diff --git a/Dockerfile b/Dockerfile index 5be8697ee3..529ac538ae 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,4 @@ -ARG BUILDER_IMAGE=golang:1.16-buster ARG BASE_IMAGE=alpine:3.12 - -FROM ${BUILDER_IMAGE} AS build-stage - -ENV CGO_ENABLED=0 - -WORKDIR /src -COPY . . - -RUN go mod download -RUN make falcosidekick - # Final Docker image FROM ${BASE_IMAGE} AS final-stage LABEL MAINTAINER "Thomas Labarussias " @@ -24,8 +12,8 @@ RUN addgroup -S falcosidekick && adduser -u 1234 -S falcosidekick -G falcosideki USER 1234 WORKDIR ${HOME}/app -COPY --from=build-stage /src/LICENSE . -COPY --from=build-stage /src/falcosidekick . +COPY LICENSE . +COPY falcosidekick . EXPOSE 2801 diff --git a/Makefile b/Makefile index 7caf8f2ffc..8a7beda475 100644 --- a/Makefile +++ b/Makefile @@ -34,8 +34,12 @@ GOLANGCI_LINT := $(TOOLS_BIN_DIR)/$(GOLANGCI_LINT_BIN)-$(GOLANGCI_LINT_VER) falcosidekick: $(GO) build -gcflags all=-trimpath=/src -asmflags all=-trimpath=/src -a -installsuffix cgo -o $@ . +.PHONY: falcosidekick-linux-amd64 +falcosidekick-linux-amd64: + GOOS=linux GOARCH=amd64 $(GO) build -gcflags all=-trimpath=/src -asmflags all=-trimpath=/src -a -installsuffix cgo -o $@ . + .PHONY: build-image -build-image: +build-image: falcosidekick-linux-amd64 $(DOCKER) build . -t falcosecurity/falcosidekick:latest ## --------------------------------------