Fixes #344; also gets docker buildx working on both darwin & linux

This commit is contained in:
Carl Tashian 2020-08-12 19:50:47 -07:00
parent 393f3efe69
commit 9815a38a2c
2 changed files with 30 additions and 11 deletions

View file

@ -1,12 +1,19 @@
FROM golang:alpine AS builder
RUN mkdir /src
ADD . /src
RUN apk add --no-cache make git curl && \
cd /src && \
make V=1 bin/step-ca
FROM smallstep/step-cli:latest FROM smallstep/step-cli:latest
ARG BINPATH="bin/step-ca" COPY --from=builder /src/bin/step-ca /usr/local/bin/step-ca
ENV CONFIGPATH="/home/step/config/ca.json" ENV CONFIGPATH="/home/step/config/ca.json"
ENV PWDPATH="/home/step/secrets/password" ENV PWDPATH="/home/step/secrets/password"
COPY $BINPATH "/usr/local/bin/step-ca"
USER root USER root
RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca RUN apk add --no-cache libcap && setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/step-ca
USER step USER step

View file

@ -6,18 +6,32 @@
# binary is copied to a new image that is optimized for size. # binary is copied to a new image that is optimized for size.
######################################### #########################################
# Testing: output images to out/ with -o out, like this:
# docker buildx build . --progress plain -t step-ca:master -f docker/Dockerfile --platform linux/amd64,linux/arm/v7,linux/386,linux/arm64 -o out
ifeq (, $(shell which docker))
DOCKER_CLIENT_OS := linux
else
DOCKER_CLIENT_OS := $(strip $(shell docker version -f '{{.Client.Os}}'))
endif
DOCKER_PLATFORMS = linux/amd64,linux/386,linux/arm,linux/arm64
DOCKER_IMAGE_NAME = smallstep/step-ca
docker-prepare: docker-prepare:
# Ensure, we can build for ARM architecture # Ensure, we can build for ARM architecture
ifeq (linux,$(DOCKER_CLIENT_OS))
[ -f /proc/sys/fs/binfmt_misc/qemu-arm ] || docker run --rm --privileged docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64 [ -f /proc/sys/fs/binfmt_misc/qemu-arm ] || docker run --rm --privileged docker/binfmt:a7996909642ee92942dcd6cff44b9b95f08dad64
endif
# Register buildx builder # Register buildx builder
mkdir -p $$HOME/.docker/cli-plugins mkdir -p $$HOME/.docker/cli-plugins
wget -O $$HOME/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.3.1/buildx-v0.3.1.linux-amd64 docker buildx >/dev/null || \
chmod +x $$HOME/.docker/cli-plugins/docker-buildx wget -O $$HOME/.docker/cli-plugins/docker-buildx https://github.com/docker/buildx/releases/download/v0.4.1/buildx-v0.4.1.$(DOCKER_CLIENT_OS)-amd64 && \
chmod +x $$HOME/.docker/cli-plugins/docker-buildx
$$HOME/.docker/cli-plugins/docker-buildx create --name mybuilder --platform amd64 --platform arm || true docker buildx create --use --name mybuilder --platform="$(DOCKER_PLATFORMS)" || true
$$HOME/.docker/cli-plugins/docker-buildx use mybuilder
.PHONY: docker-prepare .PHONY: docker-prepare
@ -39,13 +53,11 @@ docker-login:
# Targets for different type of builds # Targets for different type of builds
################################################# #################################################
DOCKER_IMAGE_NAME = smallstep/step-ca
PLATFORMS = --platform amd64 --platform 386 --platform arm --platform arm64
define DOCKER_BUILDX define DOCKER_BUILDX
# $(1) -- Image Tag # $(1) -- Image Tag
# $(2) -- Push (empty is no push | --push will push to dockerhub) # $(2) -- Push (empty is no push | --push will push to dockerhub)
$$HOME/.docker/cli-plugins/docker-buildx build . --progress plain -t $(DOCKER_IMAGE_NAME):$(1) -f docker/Dockerfile.step-ca $(PLATFORMS) $(2) docker buildx build . --progress plain -t $(DOCKER_IMAGE_NAME):$(1) -f docker/Dockerfile.step-ca --platform="$(DOCKER_PLATFORMS)" $(2)
DOCKER_IMAGE_NAME = smallstep/step-cli
endef endef
# For non-master builds don't build the docker containers. # For non-master builds don't build the docker containers.