diff --git a/.github/workflows/buildAndDeploy.yml b/.github/workflows/buildAndDeploy.yml index 910f28e..231db4f 100644 --- a/.github/workflows/buildAndDeploy.yml +++ b/.github/workflows/buildAndDeploy.yml @@ -9,12 +9,12 @@ jobs: name: Build Cass Config Builder Docker Image runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 if: github.event_name == 'pull_request' with: ref: ${{ github.event.pull_request.head.sha }} submodules: true - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 if: github.event_name != 'pull_request' with: submodules: true @@ -24,7 +24,7 @@ jobs: id: buildx uses: crazy-max/ghaction-docker-buildx@v3 - name: Cache Docker layers - uses: actions/cache@v2 + uses: actions/cache@v3 id: cache with: path: /tmp/.buildx-cache diff --git a/docker/Dockerfile b/docker/Dockerfile index 74d31c2..19750b2 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,6 +1,6 @@ # Copyright DataStax, Inc. # Please see the included license file for details. -FROM --platform=${BUILDPLATFORM} maven:3.9.2-eclipse-temurin-8 as builder +FROM --platform=${BUILDPLATFORM} maven:3.9-eclipse-temurin-8 as builder COPY . . @@ -8,11 +8,7 @@ RUN ./gradlew copyDockerBuildCtx # The datastax base image is not multiarch presently, so we use the openjdk # image as our base for arm builds instead. -FROM --platform=linux/arm64 eclipse-temurin:8u372-b07-jdk as base-arm64 - -FROM --platform=linux/amd64 datastax/ds-base-debian-openjdk-8:latest as base-amd64 - -FROM base-${TARGETARCH} as cass-config-builder +FROM eclipse-temurin:8-jdk as cass-config-builder ENV USER_UID=1001 \ USER_NAME=cass-operator \ @@ -83,3 +79,36 @@ USER cassandra:root ENV PATH=$PATH:/usr/local/bin ENTRYPOINT ["/usr/local/bin/entrypoint"] + +# Build the UBI8 image +FROM registry.access.redhat.com/ubi8/openjdk-8:1.18 as cass-config-builder-ubi-8 +LABEL maintainer="DataStax, Inc " +LABEL name="cass-config-builder" +LABEL vendor="DataStax, Inc" +LABEL release="1.0.0" +LABEL summary="Configuration templating engine for Apache Cassandra®." +LABEL description="Configuration templating engine for Apache Cassandra®. Powers the configuration of containers deployed via the DataStax Kubernetes Operator for Apache Cassandra." + +# Create user +USER root +RUN microdnf install shadow-utils && useradd -r -s /bin/false -U -G root cassandra + +# Install the uber jar +COPY --from=builder build/docker/*.jar /usr/local/bin/ + +# Install definition files +COPY --from=builder build/docker/definitions /definitions + +COPY --from=builder build/docker/bin/* /usr/local/bin/ + +COPY --from=builder build/docker/LICENSE /licenses/ + +# Fix permissions +RUN chown cassandra:root -Rv /usr/local/bin/* && \ + chmod -Rv g+x /usr/local/bin + +USER cassandra:root + +ENV PATH=$PATH:/usr/local/bin + +ENTRYPOINT ["/usr/local/bin/entrypoint"] diff --git a/scripts/build-push-images.sh b/scripts/build-push-images.sh index f0bce3a..ce77a08 100755 --- a/scripts/build-push-images.sh +++ b/scripts/build-push-images.sh @@ -17,6 +17,7 @@ GH_REPOSITORY="docker.pkg.github.com/${GITHUB_REPO_OWNER}/cass-config-builder/ca GH_TAGS=(--tag "${GH_REPOSITORY}:${RELEASE_VERSION}") GH_UBI_TAGS=(--tag "${GH_REPOSITORY}:${RELEASE_VERSION}-ubi7") +GH_UBI8_TAGS=(--tag "${GH_REPOSITORY}:${RELEASE_VERSION}-ubi8") GH_ARM64_TAGS=(--tag "${GH_REPOSITORY}:${RELEASE_VERSION}-arm64") LABELS=( @@ -44,6 +45,11 @@ UBI_ARGS=( --target cass-config-builder-ubi ) +UBI8_ARGS=( + "${COMMON_ARGS[@]}" + --target cass-config-builder-ubi-8 +) + # GitHub packages does not presently support multiarch images, so we # will have to create independent tags for each arch. This feature is # coming though: @@ -69,7 +75,13 @@ docker buildx build --load \ --platform linux/amd64 \ . -TAGS_TO_PUSH=("${GH_ARM64_TAGS[@]}" "${GH_TAGS[@]}" "${GH_UBI_TAGS[@]}") +docker buildx build --load \ + "${GH_UBI8_TAGS[@]}" \ + "${UBI8_ARGS[@]}" \ + --platform linux/amd64,linux/arm64 \ + . + +TAGS_TO_PUSH=("${GH_ARM64_TAGS[@]}" "${GH_TAGS[@]}" "${GH_UBI_TAGS[@]}" "${GH_UBI8_TAGS[@]}") echo "Pushing tags: " "${TAGS_TO_PUSH[@]}" # Note: Every even index of TAGS_TO_PUSH will be the string '--tag' diff --git a/scripts/push-release.sh b/scripts/push-release.sh index 8fe68c8..0afdc3b 100755 --- a/scripts/push-release.sh +++ b/scripts/push-release.sh @@ -23,6 +23,7 @@ fi DOCKERHUB_TAGS=(--tag "${DOCKERHUB_REPOSITORY}:${RELEASE_VERSION}" --tag "${DOCKERHUB_REPOSITORY}:${RELEASE_MINOR_VERSION}") DOCKERHUB_UBI_TAGS=(--tag "${DOCKERHUB_REPOSITORY}:${RELEASE_VERSION}-ubi7" --tag "${DOCKERHUB_REPOSITORY}:${RELEASE_MINOR_VERSION}-ubi7") +DOCKERHUB_UBI8_TAGS=(--tag "${DOCKERHUB_REPOSITORY}:${RELEASE_VERSION}-ubi8" --tag "${DOCKERHUB_REPOSITORY}:${RELEASE_MINOR_VERSION}-ubi8") LABELS=( --label "release=$RELEASE_VERSION" @@ -54,6 +55,11 @@ docker buildx build --push \ "${UBI_ARGS[@]}" \ --platform linux/amd64 . +docker buildx build --push \ + "${DOCKERHUB_UBI8_TAGS[@]}" \ + "${UBI_ARGS[@]}" \ + --platform linux/amd64,linux/arm64 . + docker buildx build --push \ "${DOCKERHUB_TAGS[@]}" \ "${STANDARD_ARGS[@]}" \