Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(mojaloop/#3656): add support to arm64 docker image #250

Open
wants to merge 48 commits into
base: main
Choose a base branch
from
Open

feat(mojaloop/#3656): add support to arm64 docker image #250

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
f3d9de8
feat: Add support to arm64 docker image
aaronreynoza Nov 21, 2023
957d151
Update config.yml
aaronreynoza Nov 21, 2023
1ab77ca
upgrade deps and add vulnerability check
aaronreynoza Nov 21, 2023
112bbee
add support for multiple platforms
aaronreynoza Nov 21, 2023
0127c5b
list local image names
aaronreynoza Nov 21, 2023
8a2bcd8
build to local
aaronreynoza Nov 21, 2023
10a8895
import recently built image so pipeline works
aaronreynoza Nov 21, 2023
08f38f0
build and output as tar
aaronreynoza Nov 21, 2023
c2acea2
fix typo
aaronreynoza Nov 21, 2023
8b2ade0
fix typo2
aaronreynoza Nov 21, 2023
494455d
import locally created tar image
aaronreynoza Nov 21, 2023
43ee157
compile images individually
aaronreynoza Nov 21, 2023
40a979b
load image into docker
aaronreynoza Nov 21, 2023
88835f0
split images per platform
aaronreynoza Nov 21, 2023
093205b
fix: typo
aaronreynoza Nov 21, 2023
795d216
add image to publisher jobs
aaronreynoza Nov 21, 2023
dd73be8
combine images into single manifest
aaronreynoza Nov 23, 2023
70026b5
dep update
aaronreynoza Nov 23, 2023
0a14099
chore(snapshot): 17.1.0-snapshot.0
aaronreynoza Nov 23, 2023
cb33e19
inspect image
aaronreynoza Nov 23, 2023
982f930
add dockerfile ref to anchore
aaronreynoza Nov 23, 2023
036a19c
try to compile once
aaronreynoza Nov 23, 2023
cb5d061
compile and publish in same step
aaronreynoza Nov 24, 2023
bdfed01
add missing build command
aaronreynoza Nov 24, 2023
bc393ff
chore(snapshot): 17.1.0-snapshot.1
aaronreynoza Nov 24, 2023
1965475
chore(snapshot): 17.1.0-snapshot.2
aaronreynoza Nov 24, 2023
08b2650
chore(snapshot): 17.1.0-snapshot.4
aaronreynoza Nov 24, 2023
a92a6d1
readd image scan only on release/snapshots
aaronreynoza Nov 24, 2023
c9fb09d
chore(snapshot): 17.1.0-snapshot.5
aaronreynoza Nov 24, 2023
e88ec5e
chore(snapshot): 17.1.0-snapshot.1
aaronreynoza Nov 24, 2023
7199c6f
chore(snapshot): 17.1.0-snapshot.2
aaronreynoza Nov 24, 2023
31bc692
chore(snapshot): 17.1.0-snapshot.1
aaronreynoza Nov 24, 2023
390f779
chore(snapshot): 17.1.0-snapshot.2
aaronreynoza Nov 24, 2023
fb946a9
add missing NVMRC for build steps
aaronreynoza Nov 24, 2023
f90f358
chore(snapshot): 17.1.0-snapshot.3
aaronreynoza Nov 24, 2023
2365917
fix typo
aaronreynoza Nov 24, 2023
fec16c8
chore(snapshot): 17.1.0-snapshot.4
aaronreynoza Nov 24, 2023
bfa0d45
add NVMRC step
aaronreynoza Nov 24, 2023
2e5f4ee
chore(snapshot): 17.1.0-snapshot.5
aaronreynoza Nov 24, 2023
55cbe5e
more nvmrc
aaronreynoza Nov 24, 2023
8fb41ae
chore(snapshot): 17.1.0-snapshot.6
aaronreynoza Nov 24, 2023
18e3de8
set correct digest for built images
aaronreynoza Nov 24, 2023
82c14ca
chore(snapshot): 17.1.0-snapshot.7
aaronreynoza Nov 24, 2023
d0d8539
chore(snapshot): 17.1.0-snapshot.8
aaronreynoza Nov 29, 2023
c3a72f6
update deps and image name
aaronreynoza Nov 29, 2023
b4e96bf
chore(snapshot): 17.1.0-snapshot.9
aaronreynoza Nov 29, 2023
273cbcc
change tag reference
aaronreynoza Nov 29, 2023
da1adfd
chore(snapshot): 17.1.0-snapshot.10
aaronreynoza Nov 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 32 additions & 10 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -420,7 +420,8 @@ jobs:
docker build -t ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local --build-arg NODE_VERSION=$DOCKER_NODE_VERSION .
- run:
name: Save docker image to workspace
command: docker save -o /tmp/docker-image.tar ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local
command: |
docker save -o /tmp/docker-image.tar ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local
- persist_to_workspace:
root: /tmp
paths:
Expand Down Expand Up @@ -496,6 +497,10 @@ jobs:
command: |
echo "Pulling docker image: node:$NVMRC_VERSION-alpine"
docker pull node:$NVMRC_VERSION-alpine
- run:
name: inspect the docker image
command: |
docker image inspect ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local
## Analyze the base and derived image
## Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
- anchore/analyze_local_image:
Expand Down Expand Up @@ -609,6 +614,8 @@ jobs:
<<: *defaults_environment
steps:
- checkout
- run:
<<: *defaults_configure_nvmrc
- run:
name: Setup for LATEST release
command: |
Expand All @@ -617,6 +624,7 @@ jobs:

PACKAGE_VERSION=$(cat package-lock.json | jq -r .version)
echo "export PACKAGE_VERSION=${PACKAGE_VERSION}" >> $BASH_ENV
echo "export DOCKER_NODE_VERSION=$NVMRC_VERSION-alpine" >> $BASH_ENV
echo "PACKAGE_VERSION=${PACKAGE_VERSION}"
- run:
name: Setup Slack config
Expand All @@ -639,13 +647,19 @@ jobs:
name: Re-tag pre built image
command: |
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
name: Build Docker image for multiple platforms architectures and push to registry
command: |
echo "Publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker push ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
source ~/.profile
export DOCKER_NODE_VERSION="$NVMRC_VERSION-alpine"
echo "export DOCKER_NODE_VERSION=$NVMRC_VERSION-alpine" >> $BASH_ENV
echo "Setting up docker buildx environment"
docker buildx create --use --platform=linux/arm64,linux/amd64 --name multi-platform-builder
docker buildx inspect --bootstrap
echo "Building and publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker buildx build --progress plain --platform linux/amd64,linux/arm64 --push -t ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG --build-arg NODE_VERSION=$DOCKER_NODE_VERSION .
echo "Publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
docker push ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Set Image Digest
Expand All @@ -671,6 +685,8 @@ jobs:
<<: *defaults_environment
steps:
- checkout
- run:
<<: *defaults_configure_nvmrc
- run:
name: Setup for SNAPSHOT release
command: |
Expand Down Expand Up @@ -701,13 +717,19 @@ jobs:
name: Re-tag pre built image
command: |
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Publish Docker image $CIRCLE_TAG & Latest tag to Docker Hub
name: Build Docker image for multiple platforms architectures and push to registry
command: |
echo "Publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker push ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG
source ~/.profile
export DOCKER_NODE_VERSION="$NVMRC_VERSION-alpine"
echo "export DOCKER_NODE_VERSION=$NVMRC_VERSION-alpine" >> $BASH_ENV
echo "Setting up docker buildx environment"
docker buildx create --use --platform=linux/arm64,linux/amd64 --name multi-platform-builder
docker buildx inspect --bootstrap
echo "Building and publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG"
docker buildx build --progress plain --platform linux/amd64,linux/arm64 --push -t ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG --build-arg NODE_VERSION=$DOCKER_NODE_VERSION .
echo "Publishing ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG"
docker tag ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$CIRCLE_TAG ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
docker push ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:$RELEASE_TAG
- run:
name: Set Image Digest
Expand Down Expand Up @@ -934,4 +956,4 @@ workflows:
only: /v[0-9]+(\.[0-9]+)*\-snapshot+((\.[0-9]+)?)/
branches:
ignore:
- /.*/
- /.*/
5 changes: 4 additions & 1 deletion audit-ci.jsonc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@
"GHSA-qwph-4952-7xr6", // https://github.com/advisories/GHSA-qwph-4952-7xr6
// request-provise-native, no fix available
"GHSA-p8p7-x288-28g6", // https://github.com/advisories/GHSA-p8p7-x288-28g6
"GHSA-72xf-g2v4-qvf3" // https://github.com/advisories/GHSA-72xf-g2v4-qvf3
"GHSA-72xf-g2v4-qvf3", // https://github.com/advisories/GHSA-72xf-g2v4-qvf3
// babel vulnerable to arbitrary code execution - dev dependency
"GHSA-67hx-6x53-jw92" // https://github.com/advisories/GHSA-67hx-6x53-jw92

]
}
Loading