diff --git a/.dockerignore b/.dockerignore index 607ec285..44e65111 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,6 @@ .git* boards +.packer_cache packer_cache scripts *.img diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 13f16db2..157d9e70 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -23,6 +23,10 @@ jobs: uses: actions/checkout@v3.1.0 - name: Set up QEMU + # Required only for the multi-arch container builds that are pushed to Dockerhub. + # Setting up QEMU during normal PRs prevents testing of the container included + # QEMU setup. + if: ${{ github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags') }} uses: docker/setup-qemu-action@v2 with: platforms: linux/amd64,linux/arm64 diff --git a/docker/Dockerfile b/docker/Dockerfile index 3be6ff15..d5e0a919 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,10 @@ -FROM tonistiigi/binfmt:qemu-v7.0.0 AS binfmt +# Source for qemu-user-static >7.0 +FROM public.ecr.aws/ubuntu/ubuntu:kinetic as qemu_binaries + +# hadolint ignore=DL3008 +RUN apt-get update -qq \ + && apt-get install -qqy --no-install-recommends qemu-user-static + FROM golang:1.19-bullseye AS builder # hadolint ignore=DL3008 @@ -49,7 +55,8 @@ WORKDIR /build COPY docker/entrypoint.sh /entrypoint.sh COPY --from=builder /build/packer-builder-arm /bin/packer /bin/ -COPY --from=binfmt /usr/bin/ /usr/bin +# Only copy relevant qemu binaries to save container space +COPY --from=qemu_binaries /usr/bin/qemu-arm-static /usr/bin/qemu-aarch64-static /usr/bin/ # Enable detailed logging ENV PACKER_LOG=1 diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index e3246815..8022f6d8 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -4,10 +4,34 @@ set -o errtrace -o nounset -o pipefail -o errexit echo "uname -a: $(uname -a)" -/usr/bin/binfmt --install all - PACKER=/bin/packer +setup_qemu() { + # See also: + # * https://github.com/qemu/qemu/blob/master/scripts/qemu-binfmt-conf.sh + # * https://github.com/tonistiigi/binfmt/blob/master/cmd/binfmt/main.go + # * https://docs.kernel.org/admin-guide/binfmt-misc.html + + # mount binfmt_misc to be able to register qemu binaries + mount binfmt_misc -t binfmt_misc /proc/sys/fs/binfmt_misc + + # reset + find /proc/sys/fs/binfmt_misc -type f -name 'qemu-*' -exec sh -c 'echo -1 > "$1"' shell {} \; + + uname_m="$(uname -m)" + if [ "$uname_m" != "aarch64" ]; then + echo "Register qemu-aarch64" + echo ":qemu-aarch64:M::\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-aarch64-static:F" > /proc/sys/fs/binfmt_misc/register + fi + echo "Register qemu-arm" + echo ":qemu-arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm-static:F" > /proc/sys/fs/binfmt_misc/register +} + +do_qemu_setup=${SETUP_QEMU:-true} +if [ "$do_qemu_setup" = true ]; then + setup_qemu +fi + declare -a EXTRA_SYSTEM_PACKAGES=() for arg do shift