diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 86f2411..798b498 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,11 +1,12 @@ variables: DOCKER_TLS_CERTDIR: "/certs" + DOCKER_DRIVER: overlay2 services: - - docker:20.10.0-dind + - docker:dind .build: &build - image: docker:20.10.0 + image: docker:latest stage: build script: - docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" "${CI_REGISTRY}" @@ -15,6 +16,25 @@ services: - docker push "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}" - if [[ "${CI_COMMIT_REF_SLUG}" == "main" ]]; then docker tag "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}" "${CI_REGISTRY_IMAGE}/${NAME}:latest" && docker push "${CI_REGISTRY_IMAGE}/${NAME}:latest"; fi +.docker-multiarch-image: &docker-multiarch-image + image: jdrouet/docker-with-buildx:stable + stage: build + tags: [docker-builder] + before_script: # per recommendations from https://github.com/docker/buildx/issues/495#issuecomment-754200673 + - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - docker buildx create --name cibuilder --driver docker-container --use + - docker buildx inspect --bootstrap + - docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" "${CI_REGISTRY}" + script: + - docker buildx build --platform "${PLATFORM}" -f "${DOCKERFILE}" -t "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}" -t "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}" --push . + - if [[ "${CI_COMMIT_REF_SLUG}" == "main" ]]; then docker buildx build --platform "${PLATFORM}" -f "${DOCKERFILE}" -t "${CI_REGISTRY_IMAGE}/${NAME}:latest" --push . ; fi + parallel: + matrix: + - PLATFORM: + - linux/amd64 + - linux/arm64/v8 + - linux/arm/v7 + signal-server: image: docker:20.10.0 stage: build @@ -52,22 +72,20 @@ test-helper: NAME: "test-helper" allow_failure: true -builder-image:x86: +signal-cross-builder: <<: *build variables: - DOCKERFILE: "signald-builder.Dockerfile" - NAME: "signald-builder-x86" + DOCKERFILE: "signald-cross-builder.Dockerfile" + NAME: "signald-cross-builder" -builder-image:aarch64: - <<: *build - tags: [arm-docker-builder] - variables: - DOCKERFILE: "signald-builder.Dockerfile" - NAME: "signald-builder-arm" - -builder-image-alpine:aarch64: - <<: *build - tags: [arm-docker-builder] +builder-image-alpine: + <<: *docker-multiarch-image variables: DOCKERFILE: "signald-builder-alpine.Dockerfile" NAME: "signald-builder-alpine-arm" + +signald-builder: + <<: *docker-multiarch-image + variables: + DOCKERFILE: "signald-builder.Dockerfile" + NAME: "signald-builder" \ No newline at end of file diff --git a/signald-builder.Dockerfile b/signald-builder.Dockerfile index f4907ed..b5ae21d 100644 --- a/signald-builder.Dockerfile +++ b/signald-builder.Dockerfile @@ -1,6 +1,6 @@ FROM debian:latest -RUN dpkg --add-architecture armhf && dpkg --add-architecture arm64 ADD apt-signing-key.asc /tmp/apt-signing-key.asc +RUN for p in dpkg-split dpkg-deb tar rm; do ln -s /usr/bin/$p /usr/sbin/$p; done RUN apt-get update && apt-get install -y \ gpg \ dpkg-dev \ @@ -16,8 +16,6 @@ RUN apt-get update && apt-get install -y \ jq \ aptly \ build-essential \ - crossbuild-essential-armhf \ - crossbuild-essential-arm64 \ && rm -rf /var/lib/apt/lists/* COPY deb-scripts/release-deb.sh /usr/bin/release-deb diff --git a/signald-cross-builder.Dockerfile b/signald-cross-builder.Dockerfile new file mode 100644 index 0000000..f4907ed --- /dev/null +++ b/signald-cross-builder.Dockerfile @@ -0,0 +1,29 @@ +FROM debian:latest +RUN dpkg --add-architecture armhf && dpkg --add-architecture arm64 +ADD apt-signing-key.asc /tmp/apt-signing-key.asc +RUN apt-get update && apt-get install -y \ + gpg \ + dpkg-dev \ + apt-utils \ + wget \ + dh-make \ + debhelper \ + javahelper \ + gradle \ + default-jdk-headless \ + git-buildpackage \ + gradle-debian-helper \ + jq \ + aptly \ + build-essential \ + crossbuild-essential-armhf \ + crossbuild-essential-arm64 \ + && rm -rf /var/lib/apt/lists/* + +COPY deb-scripts/release-deb.sh /usr/bin/release-deb +COPY deb-scripts/get-component.sh /usr/bin/get-component +COPY deb-scripts/repo-cron.sh /usr/bin/repo-cron + +RUN adduser signald +USER signald +RUN gpg --no-default-keyring --keyring trustedkeys.gpg --import /tmp/apt-signing-key.asc