MISP
/
misp-docker
mirror of https://github.com/MISP/misp-docker
2
0
Fork 0
Code Issues Releases Wiki Activity

Push multi-arch images

pull/1/head
Stefano Ortolani 2023-05-18 10:50:13 +01:00
parent f4ec130176
commit c634856c16
5 changed files with 83 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/release-latest.yml vendored
View File

@ -19,17 +19,16 @@ jobs:
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v1
- name: Build the Docker images - name: Build the Docker images and push
env: env:
GITHUB_CONTEXT: ${{ toJson(github) }} GITHUB_CONTEXT: ${{ toJson(github) }}
run: | run: |
docker compose --env-file template.env build --parallel # Initialize variables
# Tag the image with the commit SHA[0:7]
DOCKER_IMG_TAG=`echo "${{ github.sha }}" | cut -c 1-7` DOCKER_IMG_TAG=`echo "${{ github.sha }}" | cut -c 1-7`
docker tag ${{ secrets.DOCKER_USERNAME }}/misp-docker:core-latest ${{ secrets.DOCKER_USERNAME }}/misp-docker:core-$DOCKER_IMG_TAG DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}
docker tag ${{ secrets.DOCKER_USERNAME }}/misp-docker:modules-latest ${{ secrets.DOCKER_USERNAME }}/misp-docker:modules-$DOCKER_IMG_TAG # Login
- name: Push the Docker images to Docker Hub
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
docker push ${{ secrets.DOCKER_USERNAME }}/misp-docker --all-tags # Create the environment
sed -e '/^[[:space:]]*$/d' -e '/[#@]/d' -e 's/\(^[^=]*\)=\(.*\)/\1="\2"/' template.env > env.hcl
# Build and Push
DOCKER_IMG_TAG=$DOCKER_IMG_TAG DOCKER_USERNAME=$DOCKER_USERNAME docker buildx bake -f docker-bake.hcl -f env.hcl --push

14
.github/workflows/test-build-latest.yml vendored
View File

@ -19,6 +19,16 @@ jobs:
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1 uses: docker/setup-buildx-action@v1
- name: Build Docker images - name: Build the Docker images
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: | run: |
docker-compose --env-file template.env build --parallel # Initialize variables
DOCKER_IMG_TAG=`echo "${{ github.sha }}" | cut -c 1-7`
DOCKER_USERNAME=${{ secrets.DOCKER_USERNAME }}
# Login
echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
# Create the environment
sed -e '/^[[:space:]]*$/d' -e '/[#@]/d' -e 's/\(^[^=]*\)=\(.*\)/\1="\2"/' template.env > env.hcl
# Build and Push
DOCKER_IMG_TAG=$DOCKER_IMG_TAG DOCKER_USERNAME=$DOCKER_USERNAME docker buildx bake -f docker-bake.hcl -f env.hcl

1
.gitignore vendored
View File

@ -5,3 +5,4 @@
/public/ /public/
/ssl/ /ssl/
.env .env
env.hcl

61
docker-bake.hcl Normal file
View File

@ -0,0 +1,61 @@
variable "PLATFORMS" {
default = ["linux/amd64", "linux/arm64"]
}
variable "DOCKER_USERNAME" {
default = null
}
variable "DOCKER_IMG_TAG" {
default = null
}
variable "MODULES_TAG" {
default = ""
}
variable "MODULES_COMMIT" {
default = ""
}
variable "MISP_TAG" {
default = ""
}
variable "MISP_COMMIT" {
default = ""
}
variable "PHP_VER" {
default = null
}
group "default" {
targets = [
"misp-modules",
"misp",
]
}
target "misp-modules" {
context = "modules/."
dockerfile = "Dockerfile"
tags = ["${DOCKER_USERNAME}/misp-docker:modules-latest", "${DOCKER_USERNAME}/misp-docker:modules-${DOCKER_IMG_TAG}"]
args = {
"MODULES_TAG": "${MODULES_TAG}",
"MODULES_COMMIT": "${MODULES_COMMIT}"
}
platforms = "${PLATFORMS}"
}
target "misp" {
context = "server/."
dockerfile = "Dockerfile"
tags = ["${DOCKER_USERNAME}/misp-docker:core-latest", "${DOCKER_USERNAME}/misp-docker:core-${DOCKER_IMG_TAG}"]
args = {
"MISP_TAG": "${MISP_TAG}",
"MISP_COMMIT": "${MISP_COMMIT}",
"PHP_VER": "${PHP_VER}",
}
platforms = "${PLATFORMS}"
}

2
server/Dockerfile
View File

@ -7,7 +7,7 @@ FROM "${DOCKER_HUB_PROXY}composer:2.1.14" as composer-build
RUN composer install --ignore-platform-reqs && \ RUN composer install --ignore-platform-reqs && \
composer require jakub-onderka/openid-connect-php:1.0.0-rc1 --ignore-platform-reqs && \ composer require jakub-onderka/openid-connect-php:1.0.0-rc1 --ignore-platform-reqs && \
composer require --with-all-dependencies supervisorphp/supervisor:^4.0 \ composer require --with-all-dependencies supervisorphp/supervisor:^4.0 \
guzzlehttp/guzzle php-http/message lstrojny/fxmlrpc --ignore-platform-reqs && \ guzzlehttp/guzzle php-http/message php-http/message-factory lstrojny/fxmlrpc --ignore-platform-reqs && \
composer require --with-all-dependencies elasticsearch/elasticsearch:^8.7.0 aws/aws-sdk-php --ignore-platform-reqs composer require --with-all-dependencies elasticsearch/elasticsearch:^8.7.0 aws/aws-sdk-php --ignore-platform-reqs
FROM "${DOCKER_HUB_PROXY}debian:bullseye-slim" as php-build FROM "${DOCKER_HUB_PROXY}debian:bullseye-slim" as php-build