From 60b6dd850a472077da947cddcb51e665f0d1034d Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Sun, 14 Nov 2021 17:50:12 +0000 Subject: [PATCH 1/3] Fix docker build and push for all platforms --- Makefile | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index d0368ebf..f159655f 100644 --- a/Makefile +++ b/Makefile @@ -41,36 +41,38 @@ $(BINARY): DOCKER_BUILD_PLATFORM ?= linux/amd64,linux/arm64,linux/arm/v6 DOCKER_BUILDX_ARGS ?= -DOCKER_BUILD := docker build --build-arg VERSION=${VERSION} -DOCKER_BUILDX := docker buildx build ${DOCKER_BUILDX_ARGS} --platform ${DOCKER_BUILD_PLATFORM} --build-arg VERSION=${VERSION} +DOCKER_BUILDX := docker buildx build ${DOCKER_BUILDX_ARGS} --build-arg VERSION=${VERSION} +DOCKER_BUILDX_X_PLATFORM := $(DOCKER_BUILDX) --platform ${DOCKER_BUILD_PLATFORM} +DOCKER_BUILDX_PUSH := docker buildx build --push +DOCKER_BUILDX_PUSH_X_PLATFORM := $(DOCKER_BUILDX_PUSH) --platform ${DOCKER_BUILD_PLATFORM} .PHONY: docker docker: - $(DOCKER_BUILDX) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:latest . + $(DOCKER_BUILDX_X_PLATFORM) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:latest . .PHONY: docker-all docker-all: docker - $(DOCKER_BUILD) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:latest-amd64 . - $(DOCKER_BUILD) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION} . - $(DOCKER_BUILD) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . - $(DOCKER_BUILD) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . - $(DOCKER_BUILD) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . - $(DOCKER_BUILD) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . - $(DOCKER_BUILD) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . + $(DOCKER_BUILDX) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:latest-amd64 . + $(DOCKER_BUILDX_X_PLATFORM) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION} . + $(DOCKER_BUILDX) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . + $(DOCKER_BUILDX) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . + $(DOCKER_BUILDX) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . + $(DOCKER_BUILDX) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . + $(DOCKER_BUILDX) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . .PHONY: docker-push docker-push: - docker buildx build --push --platform ${DOCKER_BUILD_PLATFORM} -t $(REGISTRY)/oauth2-proxy:latest . + $(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest . .PHONY: docker-push-all docker-push-all: docker-push - docker push $(REGISTRY)/oauth2-proxy:latest-amd64 - docker push $(REGISTRY)/oauth2-proxy:${VERSION} - docker push $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 - docker push $(REGISTRY)/oauth2-proxy:latest-arm64 - docker push $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 - docker push $(REGISTRY)/oauth2-proxy:latest-armv6 - docker push $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 + $(DOCKER_BUILDX_PUSH) -t $(REGISTRY)/oauth2-proxy:latest-amd64 . + $(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:${VERSION} . + $(DOCKER_BUILDX_PUSH) -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . + $(DOCKER_BUILDX_PUSH) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . + $(DOCKER_BUILDX_PUSH) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . + $(DOCKER_BUILDX_PUSH) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . + $(DOCKER_BUILDX_PUSH) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . .PHONY: generate generate: From 8dea8134eb7b45fab3493fdc03bddcc40002ebe2 Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Sun, 14 Nov 2021 17:57:46 +0000 Subject: [PATCH 2/3] Drop old makefiles in favour of buildx --- Dockerfile.arm64 | 32 -------------------------------- Dockerfile.armv6 | 32 -------------------------------- Makefile | 24 ++++++++++++------------ 3 files changed, 12 insertions(+), 76 deletions(-) delete mode 100644 Dockerfile.arm64 delete mode 100644 Dockerfile.armv6 diff --git a/Dockerfile.arm64 b/Dockerfile.arm64 deleted file mode 100644 index 998a07d6..00000000 --- a/Dockerfile.arm64 +++ /dev/null @@ -1,32 +0,0 @@ -FROM golang:1.16-buster AS builder - -# Copy sources -WORKDIR $GOPATH/src/github.com/oauth2-proxy/oauth2-proxy - -# Fetch dependencies -COPY go.mod go.sum ./ -RUN GO111MODULE=on go mod download - -# Now pull in our code -COPY . . - -ARG VERSION - -# Build binary and make sure there is at least an empty key file. -# This is useful for GCP App Engine custom runtime builds, because -# you cannot use multiline variables in their app.yaml, so you have to -# build the key into the container and then tell it where it is -# by setting OAUTH2_PROXY_JWT_KEY_FILE=/etc/ssl/private/jwt_signing_key.pem -# in app.yaml instead. -RUN VERSION=${VERSION} GOARCH=arm64 make build && touch jwt_signing_key.pem - -# Copy binary to alpine -FROM arm64v8/alpine:3.14 -COPY nsswitch.conf /etc/nsswitch.conf -COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt -COPY --from=builder /go/src/github.com/oauth2-proxy/oauth2-proxy/oauth2-proxy /bin/oauth2-proxy -COPY --from=builder /go/src/github.com/oauth2-proxy/oauth2-proxy/jwt_signing_key.pem /etc/ssl/private/jwt_signing_key.pem - -USER 2000:2000 - -ENTRYPOINT ["/bin/oauth2-proxy"] diff --git a/Dockerfile.armv6 b/Dockerfile.armv6 deleted file mode 100644 index cebc5402..00000000 --- a/Dockerfile.armv6 +++ /dev/null @@ -1,32 +0,0 @@ -FROM golang:1.16-buster AS builder - -# Copy sources -WORKDIR $GOPATH/src/github.com/oauth2-proxy/oauth2-proxy - -# Fetch dependencies -COPY go.mod go.sum ./ -RUN GO111MODULE=on go mod download - -# Now pull in our code -COPY . . - -ARG VERSION - -# Build binary and make sure there is at least an empty key file. -# This is useful for GCP App Engine custom runtime builds, because -# you cannot use multiline variables in their app.yaml, so you have to -# build the key into the container and then tell it where it is -# by setting OAUTH2_PROXY_JWT_KEY_FILE=/etc/ssl/private/jwt_signing_key.pem -# in app.yaml instead. -RUN VERSION=${VERSION} GOARCH=arm GOARM=6 make build && touch jwt_signing_key.pem - -# Copy binary to alpine -FROM arm32v6/alpine:3.14 -COPY nsswitch.conf /etc/nsswitch.conf -COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt -COPY --from=builder /go/src/github.com/oauth2-proxy/oauth2-proxy/oauth2-proxy /bin/oauth2-proxy -COPY --from=builder /go/src/github.com/oauth2-proxy/oauth2-proxy/jwt_signing_key.pem /etc/ssl/private/jwt_signing_key.pem - -USER 2000:2000 - -ENTRYPOINT ["/bin/oauth2-proxy"] diff --git a/Makefile b/Makefile index f159655f..5d1f51a7 100644 --- a/Makefile +++ b/Makefile @@ -52,13 +52,13 @@ docker: .PHONY: docker-all docker-all: docker - $(DOCKER_BUILDX) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:latest-amd64 . + $(DOCKER_BUILDX) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 . $(DOCKER_BUILDX_X_PLATFORM) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION} . - $(DOCKER_BUILDX) -f Dockerfile -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . - $(DOCKER_BUILDX) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . - $(DOCKER_BUILDX) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . - $(DOCKER_BUILDX) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . - $(DOCKER_BUILDX) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . + $(DOCKER_BUILDX) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . + $(DOCKER_BUILDX) --platform linux/arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . + $(DOCKER_BUILDX) --platform linux/arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . + $(DOCKER_BUILDX) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . + $(DOCKER_BUILDX) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . .PHONY: docker-push docker-push: @@ -66,13 +66,13 @@ docker-push: .PHONY: docker-push-all docker-push-all: docker-push - $(DOCKER_BUILDX_PUSH) -t $(REGISTRY)/oauth2-proxy:latest-amd64 . + $(DOCKER_BUILDX_PUSH) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 . $(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:${VERSION} . - $(DOCKER_BUILDX_PUSH) -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . - $(DOCKER_BUILDX_PUSH) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . - $(DOCKER_BUILDX_PUSH) -f Dockerfile.arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . - $(DOCKER_BUILDX_PUSH) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . - $(DOCKER_BUILDX_PUSH) -f Dockerfile.armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . + $(DOCKER_BUILDX_PUSH) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . + $(DOCKER_BUILDX_PUSH) --platform linux/arm64 -t $(REGISTRY)/oauth2-proxy:latest-arm64 . + $(DOCKER_BUILDX_PUSH) --platform linux/arm64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-arm64 . + $(DOCKER_BUILDX_PUSH) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 . + $(DOCKER_BUILDX_PUSH) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . .PHONY: generate generate: From ceb015ee22037beeac9863a6d363e8b2ffa3b3ee Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Sun, 14 Nov 2021 18:01:16 +0000 Subject: [PATCH 3/3] Update changelog for docker fixes --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 98d64d5b..8defa4f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ ## Changes since v7.2.0 +- [#1447](https://github.com/oauth2-proxy/oauth2-proxy/pull/1447) Fix docker build/push issues found during last release (@JoelSpeed) - [#1433](https://github.com/oauth2-proxy/oauth2-proxy/pull/1433) Let authentication fail when session validation fails (@stippi2) - [#1445](https://github.com/oauth2-proxy/oauth2-proxy/pull/1445) Fix docker container multi arch build issue by passing GOARCH details to make build (@jkandasa) - [#1444](https://github.com/oauth2-proxy/oauth2-proxy/pull/1444) Update LinkedIn provider validate URL (@jkandasa)