Use tonistiigi/xx for multi-arch builds

Signed-off-by: Stefan Prodan <[email protected]>
CEO-CGS · Oct 21, 2021 · 0771a59 · 0771a59
1 parent 693ffa9
commit 0771a59
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 6 deletions.
diff --git a/.cosign/README.md b/.cosign/README.md
@@ -15,7 +15,7 @@ Verify a podinfo release with cosign CLI:
 
 ```sh
 cosign verify -key https://raw.githubusercontent.com/stefanprodan/podinfo/master/cosign/cosign.pub \
-ghcr.io/stefanprodan/podinfo-config:latest
+ghcr.io/stefanprodan/podinfo-deploy:latest
 ```
 
 ## Download the artifacts with crane

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -46,7 +46,7 @@ jobs:
           push: true
           builder: ${{ steps.buildx.outputs.name }}
           context: .
-          file: ./Dockerfile
+          file: ./Dockerfile.xx
           platforms: linux/amd64,linux/arm/v7,linux/arm64
           tags: |
             docker.io/stefanprodan/podinfo:${{ steps.prep.outputs.VERSION }}
@@ -77,14 +77,14 @@ jobs:
         run: |
           cd kustomize
           tar -cf config.tar * --numeric-owner --owner=0 --group=0
-          crane append -f config.tar -t ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }}
-          crane tag ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }} latest
+          crane append -f config.tar -t ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }}
+          crane tag ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }} latest
           rm config.tar
       - name: Sign config artifact
         run: |
           echo "$COSIGN_KEY" > /tmp/cosign.key
-          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-config:${{ steps.prep.outputs.VERSION }}
-          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-config:latest
+          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }}
+          cosign sign -key /tmp/cosign.key ghcr.io/stefanprodan/podinfo-deploy:latest
         env:
           COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}
           COSIGN_KEY: ${{secrets.COSIGN_KEY}}

diff --git a/Dockerfile.xx b/Dockerfile.xx
@@ -0,0 +1,52 @@
+ARG XX_VERSION=1.0.0-rc.2
+
+FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx
+
+FROM --platform=$BUILDPLATFORM golang:1.16-alpine as builder
+
+# Copy the build utilities.
+COPY --from=xx / /
+
+ARG TARGETPLATFORM
+ARG REVISION
+
+RUN mkdir -p /podinfo/
+
+WORKDIR /podinfo
+
+COPY . .
+
+RUN go mod download
+
+ENV CGO_ENABLED=0
+RUN xx-go build -ldflags "-s -w \
+    -X github.com/stefanprodan/podinfo/pkg/version.REVISION=${REVISION}" \
+    -a -o bin/podinfo cmd/podinfo/*
+
+RUN xx-go build -ldflags "-s -w \
+    -X github.com/stefanprodan/podinfo/pkg/version.REVISION=${REVISION}" \
+    -a -o bin/podcli cmd/podcli/*
+
+FROM alpine:3.14
+
+ARG BUILD_DATE
+ARG VERSION
+ARG REVISION
+
+LABEL maintainer="stefanprodan"
+
+RUN addgroup -S app \
+    && adduser -S -G app app \
+    && apk --no-cache add \
+    ca-certificates curl netcat-openbsd
+
+WORKDIR /home/app
+
+COPY --from=builder /podinfo/bin/podinfo .
+COPY --from=builder /podinfo/bin/podcli /usr/local/bin/podcli
+COPY ./ui ./ui
+RUN chown -R app:app ./
+
+USER app
+
+CMD ["./podinfo"]
diff --git a/Makefile b/Makefile
@@ -34,6 +34,13 @@ build-charts:
 build-container:
 	docker build -t $(DOCKER_IMAGE_NAME):$(VERSION) .
 
+build-xx:
+	docker buildx build \
+	--platform=linux/amd64 \
+	-t $(DOCKER_IMAGE_NAME):$(VERSION) \
+	--load \
+	-f Dockerfile.xx .
+
 build-base:
 	docker build -f Dockerfile.base -t $(DOCKER_REPOSITORY)/podinfo-base:latest .