From 212fa9b3624174302e89ef053e74c90bb0f86203 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wojtek=20=C5=9Awi=C4=99to=C5=84?= Date: Fri, 10 Mar 2023 09:20:22 +0100 Subject: [PATCH] ACS-4137 Produce Multi-Arch Docker images (#1656) * ACS-4137 Update pom.xml to use buildx * ACS-4137 Update travis.yml to use buildx * ACS-4137 Update travis.yml to use buildx, newest docker version * ACS-4137 reverted unnecessary changes in travis.yml file * ACS-4137 Change deprecated property to . Moved section from subpoms to global pom. * ACS-4137 POM indentation fixes * ACS-4137 Fix building a multiarch image (#1697) * ACS-4137 Test wih GHA [ags][tas] * ACS-4137 Test wih GHA [ags][tas] * ACS-4137 Fix setting network [ags][tas] * ACS-4137 Fix creating builder [ags][tas] * ACS-4137 Change image tag [ags][tas] * ACS-4137 Fix starting the registry [ags][tas] * ACS-4137 Refactor code [ags][tas] * ACS-4137 Uncomment all jobs [tas][ags] * ACS-4137 Improve prepare_buildx.sh [tas][ags] * ACS-4137 Implement timeout + remove hardcoded base image tag [tas][ags] * ACS-4137 Added exec-maven-plugin to build-push-image for alfresco-governance-repository-community-base image * ACS-4137 Generalize prepare_buildx.sh + increase registry timeout * ACS-4137 merged local.registry.host and local.registry.port. Builder name changed to entitled-builder. In prepare_builder script added localhost registry checking * ACS-4137 added build-multiarch-docker-images maven profile * ACS-4137 added arg to build-docker-images profile * ACS-4137 added combine.self="override" attribute to configuration in build-docker-images profile to not use buildx. Delete redundant base.image.tag * ACS-4137 Push docker images to local repository * ACS-4137 Remove useless scripts * ACS-4137 Move builder.name and local.registry properties to main pom.xml * ACS-4137 Remove useless properties definitions --------- Co-authored-by: Damian.Ujma@hyland.com Co-authored-by: Damian Ujma <92095156+damianujma@users.noreply.github.com> --- .../rm-community/rm-community-repo/Dockerfile | 3 +- .../rm-community/rm-community-repo/pom.xml | 118 ++++++++++++++++-- packaging/docker-alfresco/pom.xml | 62 ++++++++- pom.xml | 17 +++ scripts/prepare_buildx.sh | 21 ++++ 5 files changed, 210 insertions(+), 11 deletions(-) create mode 100755 scripts/prepare_buildx.sh diff --git a/amps/ags/rm-community/rm-community-repo/Dockerfile b/amps/ags/rm-community/rm-community-repo/Dockerfile index bdb137fdbc..e00c30b734 100644 --- a/amps/ags/rm-community/rm-community-repo/Dockerfile +++ b/amps/ags/rm-community/rm-community-repo/Dockerfile @@ -1,3 +1,4 @@ +ARG BASE_IMAGE # BUILD STAGE AGS FROM debian:11-slim AS AGSBUILDER @@ -12,7 +13,7 @@ RUN unzip -q /build/gs-api-explorer-*.war -d /build/gs-api-explorer && \ chmod -R g-w,o= /build # ACTUAL IMAGE -FROM alfresco/alfresco-community-repo-base:${image.tag} +FROM ${BASE_IMAGE} # Alfresco user does not have permissions to modify webapps or configuration. Switch to root. # The access will be fixed after all operations are done. diff --git a/amps/ags/rm-community/rm-community-repo/pom.xml b/amps/ags/rm-community/rm-community-repo/pom.xml index 8a854b6e13..a00a61d6f8 100644 --- a/amps/ags/rm-community/rm-community-repo/pom.xml +++ b/amps/ags/rm-community/rm-community-repo/pom.xml @@ -15,6 +15,8 @@ ${project.build.directory}/${project.build.finalName}-war alfresco/alfresco-governance-repository-community-base + alfresco/alfresco-community-repo-base + ${project.parent.parent.parent.parent.basedir}/scripts @@ -537,9 +539,43 @@ + + build-docker-images + + + + + io.fabric8 + docker-maven-plugin + + + + ${image.name}:${image.tag} + + + ${base.image}:${image.tag} + + ${project.basedir} + + + + + + + build-image + package + + build + + + + + + + + - build-docker-images - + build-multiarch-docker-images @@ -548,20 +584,51 @@ - ${image.name}:${image.tag} + ${local.registry}/${image.name}:${image.tag} + + + ${builder.name} + + + ${local.registry}/${base.image}:${image.tag} + + - build-image - package + build-push-image + install build + push + + exec-maven-plugin + org.codehaus.mojo + + + prepare-buildx + generate-sources + + exec + + + ${scripts.directory}/prepare_buildx.sh + + ${builder.name} + ${image.registry} + ${image.name} + ${image.tag} + + + + + @@ -578,12 +645,27 @@ - ${image.name}:${image.tag} - ${image.registry} + ${image.registry}/${image.name}:${image.tag} + + + ${builder.name} + + + ${local.registry}/${base.image}:${image.tag} + + ${image.name}:${image.tag} + + + ${builder.name} + + + ${local.registry}/${base.image}:${image.tag} + + @@ -598,6 +680,28 @@ + + exec-maven-plugin + org.codehaus.mojo + + + prepare-buildx + generate-sources + + exec + + + ${scripts.directory}/prepare_buildx.sh + + ${builder.name} + ${image.registry} + ${image.name} + ${image.tag} + + + + + diff --git a/packaging/docker-alfresco/pom.xml b/packaging/docker-alfresco/pom.xml index a65e920840..53a772663b 100644 --- a/packaging/docker-alfresco/pom.xml +++ b/packaging/docker-alfresco/pom.xml @@ -12,6 +12,7 @@ alfresco/alfresco-community-repo-base + ${project.parent.parent.basedir}/scripts @@ -135,7 +136,7 @@ io.fabric8 docker-maven-plugin - + ${image.name}:${image.tag} @@ -156,6 +157,62 @@ + + build-multiarch-docker-images + + + + io.fabric8 + docker-maven-plugin + + + + ${local.registry}/${image.name}:${image.tag} + + + ${builder.name} + + + + + + + + build-push-image + install + + build + push + + + + + + exec-maven-plugin + org.codehaus.mojo + + + prepare-buildx + generate-sources + + exec + + + ${scripts.directory}/prepare_buildx.sh + + ${builder.name} + ${image.registry} + ${image.name} + ${image.tag} + + + + + + + + + push-docker-images @@ -168,8 +225,7 @@ - ${image.name}:${image.tag} - ${image.registry} + ${image.registry}/${image.name}:${image.tag} diff --git a/pom.xml b/pom.xml index 08345fda8a..d933ca448d 100644 --- a/pom.xml +++ b/pom.xml @@ -35,6 +35,8 @@ local latest quay.io + entitled-builder + 127.0.0.1:5000 11 ${java.version} @@ -917,6 +919,21 @@ io.fabric8 docker-maven-plugin 0.42.0 + + + + + + + linux/amd64 + linux/arm64 + + + ${project.basedir} + + + + maven-surefire-plugin diff --git a/scripts/prepare_buildx.sh b/scripts/prepare_buildx.sh new file mode 100755 index 0000000000..377b916371 --- /dev/null +++ b/scripts/prepare_buildx.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +BUILDER_NAME="${1}" +TARGET_REGISTRY="${2}" +TARGET_IMAGE="${3}" +IMAGE_TAG="${4}" + +#Create a `docker-container` builder with host networking and required flags (quay.io) +docker --config target/docker/"${TARGET_REGISTRY}"/"${TARGET_IMAGE}"/"${IMAGE_TAG}"/docker \ +buildx create --use --name "${BUILDER_NAME}" --driver-opt network=host \ +--buildkitd-flags '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host' + +#Create a `docker-container` builder with host networking and required flags (docker.io) +docker --config target/docker/"${TARGET_IMAGE}"/"${IMAGE_TAG}"/docker \ +buildx create --use --name "${BUILDER_NAME}" --driver-opt network=host \ +--buildkitd-flags '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host' + +#Create a `docker-container` builder with host networking and required flags (local registry) +docker --config target/docker/127.0.0.1/5000/"${TARGET_IMAGE}"/"${IMAGE_TAG}"/docker \ +buildx create --use --name "${BUILDER_NAME}" --driver-opt network=host \ +--buildkitd-flags '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host' \ No newline at end of file