chore(build): add support for multiarch build (#5)

* added support for multiarch image with the following supported platforms (amd64, arm64, armv7, ppc64le)
* removed arm64 and ppc64le from travis builds
* remove pushing image from travis. Image will be pushed from github actions
* refactored build script to add new targets to make use of docker buildx
* added the following workflows into github actions
  - release
  - ci
  - build
* remove v prefix from image names
* push to quay only from travis.

Signed-off-by: Akhil Mohan <[email protected]>

.github/workflows/build.yml

@@ -0,0 +1,51 @@
+# Copyright 2018-2020 The OpenEBS Authors. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+name: build
+
+on: ['push']
+
+jobs:
+  linux-utils:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set tag
+        run: |
+          BRANCH="${GITHUB_REF##*/}"
+          CI_TAG=${BRANCH#v}-ci
+          if [ ${BRANCH} = "master" ]; then
+            CI_TAG="ci"
+          fi
+          echo "::set-env name=TAG::${CI_TAG}"
+          echo "::set-env name=BRANCH::{BRANCH}"
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: crazy-max/ghaction-docker-buildx@v1
+        with:
+          buildx-version: latest
+
+      - name: Login to GitHub Docker Registry
+        run: echo "${DOCKERHUB_PASSWORD}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      - name: Build & Push Image
+        run: |
+          make buildx.image
+          make buildx.push
+

.github/workflows/pull_request.yml

@@ -0,0 +1,40 @@
+# Copyright 2018-2020 The OpenEBS Authors. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: ci
+
+on:
+  pull_request:
+    branches:
+      # on pull requests to master and release branches
+      - master
+      - 'v*'
+
+jobs:
+  linux-utils:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: crazy-max/ghaction-docker-buildx@v1
+        with:
+          buildx-version: latest
+
+      - name: Build Image
+        env:
+          IMG_RESULT: cache
+        run: make buildx.image

.github/workflows/release.yml

@@ -0,0 +1,48 @@
+# Copyright 2018-2020 The OpenEBS Authors. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+name: release
+
+on:
+  create:
+    tags:
+      - 'v*'
+
+jobs:
+  linux-utils:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+
+      - name: Set Tag
+        run: |
+          echo "::set-env name=TAG::${GITHUB_REF#refs/*/v}"
+          echo "::set-env name=RELEASE_TAG::${TAG}"
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: crazy-max/ghaction-docker-buildx@v1
+        with:
+          version: latest
+
+      - name: Login to GitHub Docker Registry
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
+        run: echo "${DOCKERHUB_PASSWORD}" | docker login -u "${DOCKERHUB_USERNAME}" --password-stdin
+
+      - name: Build & Push Image
+        run: |
+          make buildx.image
+          make buildx.push

.travis.yml

@@ -13,37 +13,23 @@ jobs:
         - IMAGE_REPO="linux-utils"
         - TRIVYARCH="64bit"
         - RELEASE_TAG_DOWNSTREAM=1
-    - os: linux
-      arch: arm64
-      env:
-        - IMAGE_REPO="linux-utils-arm64"
-        - TRIVYARCH="ARM64"
-        - RELEASE_TAG_DOWNSTREAM=0
-    - os: linux
-      arch: ppc64le
-      env:
-        - IMAGE_REPO="linux-utils-ppc64le"
-        - RELEASE_TAG_DOWNSTREAM=0
 
 before_install:
   - if [ -z $IMAGE_ORG ]; then
       IMAGE_ORG="openebs";
       export IMAGE_ORG;
     fi
   - export DIMAGE="${IMAGE_ORG}/${IMAGE_REPO}"
-  - if [ "$TRAVIS_CPU_ARCH" != "ppc64le" ]; then
-      export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/');
-      wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz;
-      tar zxvf trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz;
-    fi  
+  - export VERSION=$(curl --silent "https://api.github.com/repos/aquasecurity/trivy/releases/latest" | grep '"tag_name":' | sed -E 's/.*"v([^"]+)".*/\1/')
+  - wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+  - tar zxvf trivy_${VERSION}_Linux-${TRIVYARCH}.tar.gz
+
 
 script:
   - make image
   - make test
-  - if [ "$TRAVIS_CPU_ARCH" != "ppc64le" ]; then
-      ./trivy --exit-code 0 --severity HIGH --no-progress ${DIMAGE}:ci;
-      ./trivy --exit-code 1 --severity CRITICAL --no-progress ${DIMAGE}:ci;
-    fi
+  - ./trivy --exit-code 0 --severity HIGH --no-progress ${DIMAGE}:ci
+  - ./trivy --exit-code 1 --severity CRITICAL --no-progress ${DIMAGE}:ci
   - make push
   # If this build is running due to travis release tag, and
   # this job indicates to push the release downstream, then

Makefile

@@ -18,17 +18,18 @@
 # set the shell to bash in case some environments use sh
 SHELL:=/bin/bash
 
+# Default behaviour is to use buildx only for github actions, until the Travis workflow is deprecated.
+BUILDX:=false
+
+ifeq (${IMAGE_ORG}, )
+  IMAGE_ORG="openebs"
+  export IMAGE_ORG
+endif
 
 # Determine the DIMAGE associated with given arch/os 
 ifeq (${DIMAGE}, )
   #Default image name
   DIMAGE:=openebs/linux-utils
-  XC_ARCH:=$(shell uname -m)
-  ifeq (${XC_ARCH},aarch64)
-    DIMAGE="openebs/linux-utils-arm64"
-  else ifeq (${XC_ARCH},ppc64le)
-    DIMAGE="openebs/linux-utils-ppc64le"
-  endif
   export DIMAGE
 endif
 
@@ -81,3 +82,5 @@ test:
 .PHONY: push
 push: 
 	./buildscripts/push;
+
+include Makefile.buildx.mk

Makefile.buildx.mk

@@ -0,0 +1,51 @@
+# Copyright 2018-2020 The OpenEBS Authors. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ifeq (${TAG}, )
+  export TAG=ci
+endif
+
+# default list of platforms for which multiarch image is built
+ifeq (${PLATFORMS}, )
+	export PLATFORMS="linux/amd64,linux/arm64,linux/arm/v7,linux/ppc64le"
+endif
+
+# if IMG_RESULT is unspecified, by default the image will be pushed to registry
+ifeq (${IMG_RESULT}, load)
+	export PUSH_ARG="--load"
+    # if load is specified, image will be built only for the build machine architecture.
+    export PLATFORMS="local"
+else ifeq (${IMG_RESULT}, cache)
+	# if cache is specified, image will only be available in the build cache, it won't be pushed or loaded
+	# therefore no PUSH_ARG will be specified
+else
+	export PUSH_ARG="--push"
+endif
+
+DOCKERX_IMAGE=${IMAGE_ORG}/linux-utils:${TAG}
+
+.PHONY: buildx.image
+buildx.image:
+	@if ! docker buildx ls | grep -q container-builder; then\
+		docker buildx create --platform ${PLATFORMS} --name container-builder --use;\
+	fi
+	@docker buildx build --platform ${PLATFORMS} \
+		-t "$(DOCKERX_IMAGE)" ${DBUILD_ARGS} -f Dockerfile \
+		. ${PUSH_ARG}
+	@echo "--> Build docker image: $(DOCKERX_IMAGE)"
+	@echo
+
+.PHONY: buildx.push
+buildx.push:
+	BUILDX=true DIMAGE=${IMAGE_ORG}/linux-utils ./buildscripts/push

buildscripts/push

@@ -22,6 +22,30 @@ then
   exit 1
 fi
 
+function pushBuildx() {
+  BUILD_TAG="latest"
+  TARGET_IMG=${DIMAGE}
+
+# TODO Currently ci builds with commit tag will not be generated,
+# since buildx does not support multiple repo
+  # if not a release build set the tag and ci image
+  if [ -z "${RELEASE_TAG}" ]; then
+    return
+#    BUILD_ID=$(git describe --tags --always)
+#    BUILD_TAG="${BRANCH}-${BUILD_ID}"
+#    TARGET_IMG="${DIMAGE}-ci"
+  fi
+
+  echo "Tagging and pushing ${DIMAGE}:${TAG} as ${TARGET_IMG}:${BUILD_TAG}"
+  docker buildx imagetools create "${DIMAGE}:${TAG}" -t "${TARGET_IMG}:${BUILD_TAG}"
+}
+
+# if the push is for a buildx build
+if [[ ${BUILDX} ]]; then
+  pushBuildx
+  exit 0
+fi
+
 IMAGEID=$( sudo docker images -q ${DIMAGE}:ci )
 echo "${DIMAGE}:ci -> $IMAGEID"
 if [ -z ${IMAGEID} ];
@@ -55,7 +79,11 @@ echo "Set the build/unique image tag as: ${BUILD_TAG}"
 
 function TagAndPushImage() {
   REPO="$1"
-  TAG="$2"
+  # Trim the `v` from the TAG if it exists
+  # Example: v1.10.0 maps to 1.10.0
+  # Example: 1.10.0 maps to 1.10.0
+  # Example: v1.10.0-custom maps to 1.10.0-custom
+  TAG="${2#v}"
 
   #Add an option to specify a custom TAG_SUFFIX 
   #via environment variable. Default is no tag.
@@ -83,11 +111,7 @@ then
     # Push with different tags if tagged as a release
     # When github is tagged with a release, then Travis will
     # set the release tag in env TRAVIS_TAG
-    # Trim the `v` from the TRAVIS_TAG if it exists
-    # Example: v1.10.0 maps to 1.10.0
-    # Example: 1.10.0 maps to 1.10.0
-    # Example: v1.10.0-custom maps to 1.10.0-custom
-    TagAndPushImage "${DIMAGE}" "${TRAVIS_TAG#v}"
+    TagAndPushImage "${DIMAGE}" "${TRAVIS_TAG}"
     TagAndPushImage "${DIMAGE}" "latest"
   fi;
 else
@@ -108,7 +132,7 @@ then
     # When github is tagged with a release, then Travis will
     # set the release tag in env TRAVIS_TAG
     # Trim the `v` from the TRAVIS_TAG if it exists
-    TagAndPushImage "quay.io/${DIMAGE}" "${TRAVIS_TAG#v}"
+    TagAndPushImage "quay.io/${DIMAGE}" "${TRAVIS_TAG}"
     TagAndPushImage "quay.io/${DIMAGE}" "latest"
   fi;
 else