new(docker,scripts): port all docker images to be multiarch ready #1990
Conversation
They can be pushed with `docker buildx` for various architectures. Moreover, updated falco-driver-loader to support multiple architectures. Signed-off-by: Federico Di Pierro <[email protected]>
| ENV FALCO_VERSION= | ||
| ENV BUILD_TYPE=release | ||
|
|
||
| ADD https://github.com/fullstorydev/grpcurl/releases/download/v1.6.0/grpcurl_1.6.0_linux_x86_64.tar.gz / | ||
| RUN if [ "$TARGETARCH" = "amd64" ] ; then curl -L -o grpcurl.tar.gz \ | ||
| https://github.com/fullstorydev/grpcurl/releases/download/v1.8.6/grpcurl_1.8.6_linux_x86_64.tar.gz; \ |
There was a problem hiding this comment.
grpcurl was bumped to 1.8.6 because 1.6.0 was not released for arm64.
Therefore, bumped it to the latest version.
|
|
||
| RUN apt update -y | ||
| RUN apt install dkms -y | ||
|
|
||
| ADD falco-${FALCO_VERSION}-x86_64.deb / | ||
| RUN dpkg -i /falco-${FALCO_VERSION}-x86_64.deb | ||
| ADD falco-${FALCO_VERSION}-*.deb / |
There was a problem hiding this comment.
Since ADD does not support any conditional (based on TARGETARCH), we just add any package (same is being done for rpm and binary packages), and then only install the right one for our architecture in the RUN command.
It should not really matter because docker/tester/root/usr/bin/entrypoint will only copy correct architecture one into runner-rootfs.
FedeDP
changed the title
…uild multiplatform images. Signed-off-by: Federico Di Pierro <[email protected]>
FedeDP
force-pushed
the
new/arm64_docker_images
branch
from
f05490e to
e79706b
Compare
| @@ -389,74 +389,80 @@ jobs: | |||
| # Publish docker packages | |||
| "publish/docker-dev": | |||
| docker: | |||
| - image: docker:stable | |||
| - image: cimg/base:stable | |||
There was a problem hiding this comment.
Switched to cimg/base:stable as it already provides docker buildx command for us, when a 20.10.x version of docker is requested.
| URL=$(echo "${DRIVERS_REPO}/${DRIVER_VERSION}/${FALCO_KERNEL_MODULE_FILENAME}" | sed s/+/%2B/g) | ||
| if [ "${ARCH}" == "x86_64" ]; then | ||
| # x86_64 still uses root | ||
| URL=$(echo "${DRIVERS_REPO}/${DRIVER_VERSION}/${FALCO_KERNEL_MODULE_FILENAME}" | sed s/+/%2B/g) |
There was a problem hiding this comment.
We will leave x86_64 drivers in their root folder, where they are now, to retain backward compatibility.
New archs will instead go below $arch subfolder.
…ti arch. Signed-off-by: Federico Di Pierro <[email protected]>
|
I just ported Publish-rpm was locally tested, while publish-deb was tested on same docker image used by circleCI: Of course, in both test, i disabled aws s3/cloudfron download and sync. Publish-deb was the harder one; basically, i fixed the publsih-deb script and then tested adding the new local repo to apt sources, and double checked that apt could actually update and install from the repo. |
|
I think we don't have enough time to test this. Moving to the next milestone. |
|
You are right jason! Thanks! |
|
This one too I think! #1589 |
|
LGTM label has been added. Git tree hash: 518aa4f397f3917a81a9be1675bf1f27c06e936d
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP, jasondellaluce The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
Any specific area of the project related to this PR?
/area build
What this PR does / why we need it:
New dockerfiles are multiplatform ready: they can be pushed with
docker buildxfor various architectures.Moreover, updated falco-driver-loader to support multiple architectures.
Which issue(s) this PR fixes:
Fixes #1813
Fixes #1589
Special notes for your reviewer:
Does this PR introduce a user-facing change?: