fix(ci): Fix multi-arch build problem

Added build linux/arm64 binary to default ci
feat(ci): Improve drone pipeline configuration
2025-09-03 15:35:09 +00:00 · 2023-11-15 16:30:57 +08:00 · 2023-11-15 16:09:58 +08:00
7 changed files with 184 additions and 345 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,309 +1,165 @@
---
+type: docker
 kind: pipeline
-name: default-amd64
+name: push
 platform:
  os: linux
  arch: amd64
-steps:
+trigger:
- name: build
+  event:
-  pull: default
+    exclude:
-  image: rancher/dapper:v0.5.8
+      - promote
-  commands:
+    include:
-  - dapper ci
+      - push
-  privileged: true
+      - pull_request
  volumes:
  - name: docker
    path: /var/run/docker.sock
  when:
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
    - pull_request
 - name: release
  pull: default
  image: rancher/dapper:v0.5.8
  commands:
  - dapper ci
  privileged: true
  environment:
    CROSS: 1
  volumes:
  - name: docker
    path: /var/run/docker.sock
  when:
    event:
    - tag
 - name: stage-binaries-head
  image: rancher/dapper:v0.5.8
  commands:
  - "cp -r ./bin/kube-explorer ./package/"
  when:
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
 - name: stage-binaries
  image: rancher/dapper:v0.5.8
  commands:
  - "cp -r ./bin/kube-explorer-linux-amd64 ./package/kube-explorer"
  when:
    event:
    - tag
 - name: github_binary_release
  pull: default
  image: plugins/github-release
  settings:
    api_key:
      from_secret: github_token
    checksum:
    - sha256
    files:
    - "bin/*"
    title: "${DRONE_TAG}"
    overwrite: true
  when:
    event:
    - tag
 - name: docker-publish-head
  pull: default
  image: plugins/docker
  settings:
    dockerfile: package/Dockerfile
    context: package/
    password:
      from_secret: docker_password
    repo: cnrancher/kube-explorer
    tag: head-linux-amd64
    username:
      from_secret: docker_username
  when:
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
 - name: image-scan-head
  image: aquasec/trivy
  commands:
  - trivy image --no-progress --ignore-unfixed --severity HIGH,CRITICAL --scanners vuln --exit-code 1 cnrancher/kube-explorer:head-linux-amd64
  volumes:
  - name: docker
    path: /var/run/docker.sock
  when:
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
 - name: docker-publish
  pull: default
  image: plugins/docker
  settings:
    dockerfile: package/Dockerfile
    context: package/
    password:
      from_secret: docker_password
    repo: cnrancher/kube-explorer
    tag: ${DRONE_TAG}-linux-amd64
    username:
      from_secret: docker_username
  when:
    event:
    - tag
 volumes:
- name: docker
+  - name: docker
-  host:
+    host:
-    path: /var/run/docker.sock
+      path: /var/run/docker.sock
 node:
  instance: agent-amd64
 trigger:
  ref:
    include:
    - "refs/heads/main"
    - "refs/heads/v*"
    - "refs/tags/*"
  event:
    exclude:
    - promote
 ---
 kind: pipeline
 name: default-arm64
 platform:
  os: linux
  arch: arm64
 steps:
- name: build
+  - name: build
-  pull: default
+    image: rancher/dapper:v0.6.0
-  image: rancher/dapper:v0.5.8
+    commands:
-  commands:
+      - dapper ci
-  - dapper ci
+    environment:
-  privileged: true
+      CROSS: "${DRONE_BUILD_EVENT}"
-  volumes:
+    privileged: true
-  - name: docker
+    volumes:
-    path: /var/run/docker.sock
+      - name: docker
-  when:
+        path: /var/run/docker.sock
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
      - "refs/tags/*"
    event:
    - push
    - tag
- name: stage-binaries
+  - name: image-scan-head
-  image: rancher/dapper:v0.5.8
+    image: aquasec/trivy
-  commands:
+    commands:
-  - "cp -r ./bin/* ./package/"
+      - trivy image --no-progress --ignore-unfixed --severity HIGH,CRITICAL --scanners vuln --exit-code 1 cnrancher/kube-explorer:${DRONE_COMMIT:0:7}
-  when:
+    volumes:
-    ref:
+      - name: docker
-      include:
+        path: /var/run/docker.sock
-      - "refs/heads/main"
+    when:
-      - "refs/heads/v*"
+      event:
-      - "refs/tags/*"
+        - push
-    event:
+      ref:
-    - push
+        include:
-    - tag
+          - "refs/heads/main"
          - "refs/heads/v*"
- name: docker-publish-head
+  - name: install-buildx-support
-  pull: default
+    image: tonistiigi/binfmt
-  image: plugins/docker
+    privileged: true
-  settings:
+    entrypoint:
-    build_args:
+      - /usr/bin/binfmt
-    - ARCH=arm64
+    command:
-    dockerfile: package/Dockerfile
+      - --install
-    context: package/
+      - all
-    password:
+    when:
-      from_secret: docker_password
+      event:
-    repo: cnrancher/kube-explorer
+        - push
-    tag: head-linux-arm64
+      ref:
-    username:
+        include:
-      from_secret: docker_username
+          - "refs/heads/main"
-  when:
+          - "refs/heads/v*"
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
- name: docker-publish
+  - name: docker-publish
-  pull: default
+    image: thegeeklab/drone-docker-buildx
-  image: plugins/docker
+    privileged: true
-  settings:
+    settings:
-    build_args:
+      platforms: linux/amd64,linux/arm64/v8
-    - ARCH=arm64
+      dockerfile: package/Dockerfile
-    dockerfile: package/Dockerfile
+      repo: cnrancher/kube-explorer
-    context: package/
+      tag: latest
-    password:
+      username:
-      from_secret: docker_password
+        from_secret: docker_username
-    repo: cnrancher/kube-explorer
+      password:
-    tag: ${DRONE_TAG}-linux-arm64
+        from_secret: docker_password
-    username:
+    volumes:
-      from_secret: docker_username
+      - name: docker
-  when:
+        path: /var/run/docker.sock
-    event:
+    when:
-    - tag
+      event:
-
+        - push
-volumes:
+      ref:
- name: docker
+        include:
-  host:
+          - "refs/heads/main"
-    path: /var/run/docker.sock
+          - "refs/heads/v*"
 trigger:
  ref:
    include:
    - "refs/heads/main"
    - "refs/heads/v*"
    - "refs/tags/*"
  event:
    exclude:
    - promote
 node:
  instance: agent-arm64
 ---
 type: docker
 kind: pipeline
-name: manifest
+name: tag
 platform:
  os: linux
  arch: amd64
-steps:
+trigger:
- name: push-manifest-head
+  event:
-  image: plugins/manifest
+    exclude:
-  settings:
+      - promote
-    ignore_missing: true
+    include:
-    username:
+      - tag
-      from_secret: docker_username
+  ref:
-    password:
+    include:
-      from_secret: docker_password
+      - "refs/tags/*"
    spec: manifest-head.tmpl
  when:
    ref:
      include:
      - "refs/heads/main"
      - "refs/heads/v*"
    event:
    - push
 - name: push-manifest
  image: plugins/manifest
  settings:
    ignore_missing: true
    username:
      from_secret: docker_username
    password:
      from_secret: docker_password
    spec: manifest.tmpl
  when:
    event:
    - tag
 volumes:
- name: docker
+  - name: docker
-  host:
+    host:
-    path: /var/run/docker.sock
+      path: /var/run/docker.sock
 node:
  instance: agent-amd64
-trigger:
+steps:
-  ref:
+  - name: release
-    include:
+    image: rancher/dapper:v0.6.0
-    - "refs/heads/main"
+    commands:
-    - "refs/heads/v*"
+      - dapper ci
-    - "refs/tags/*"
+    privileged: true
-  event:
+    environment:
-    exclude:
+      CROSS: "${DRONE_BUILD_EVENT}"
-    - promote
+    volumes:
      - name: docker
        path: /var/run/docker.sock
-depends_on:
+  - name: install-buildx-support
- default-amd64
+    image: tonistiigi/binfmt
- default-arm64
+    privileged: true
    entrypoint:
      - /usr/bin/binfmt
    command:
      - --install
      - all
-...
+  - name: docker-publish
    image: thegeeklab/drone-docker-buildx
    privileged: true
    settings:
      platforms: linux/amd64,linux/arm64/v8
      dockerfile: package/Dockerfile
      repo: cnrancher/kube-explorer
      tag: ${DRONE_TAG}
      username:
        from_secret: docker_username
      password:
        from_secret: docker_password
    volumes:
      - name: docker
        path: /var/run/docker.sock
  - name: github_binary_release
    image: plugins/github-release
    settings:
      api_key:
        from_secret: github_token
      checksum:
        - sha256
      files:
        - "bin/*"
      title: "${DRONE_TAG}"
      overwrite: true
--- a/manifest-head.tmpl
+++ b/manifest-head.tmpl
@@ -1,12 +0,0 @@
 image: cnrancher/kube-explorer:latest
 manifests:
  -
    image: cnrancher/kube-explorer:head-linux-amd64
    platform:
      architecture: amd64
      os: linux
  -
    image: cnrancher/kube-explorer:head-linux-arm64
    platform:
      architecture: arm64
      os: linux
--- a/manifest.tmpl
+++ b/manifest.tmpl
@@ -1,12 +0,0 @@
 image: cnrancher/kube-explorer:{{build.tag}}
 manifests:
  -
    image: cnrancher/kube-explorer:{{build.tag}}-linux-amd64
    platform:
      architecture: amd64
      os: linux
  -
    image: cnrancher/kube-explorer:{{build.tag}}-linux-arm64
    platform:
      architecture: arm64
      os: linux
--- a/package/Dockerfile
+++ b/package/Dockerfile
@@ -1,4 +1,7 @@
 FROM registry.suse.com/bci/bci-minimal:15.5
-
+ARG TARGETARCH
-COPY kube-explorer entrypoint.sh /usr/bin/
+ARG TARGETOS
 ENV ARCH=${TARGETARCH:-"amd64"} OS=${TARGETOS:-"linux"}
 COPY package/entrypoint.sh /usr/bin/
 COPY bin/kube-explorer-${OS}-${ARCH} /usr/bin/kube-explorer
 ENTRYPOINT ["entrypoint.sh"]
--- a/scripts/build
+++ b/scripts/build
@@ -14,40 +14,53 @@ LD_INJECT_VALUES="-X github.com/rancher/steve/pkg/version.Version=$VERSION
 pushd $GIT_SOURCE
-if [ -n "$CROSS" ]; then
+case "$CROSS" in 
-    for ARCH in ${OS_ARCH_ARG_LINUX}; do
+    "push")
-        OUTPUT_BIN="bin/kube-explorer-linux-$ARCH"
+        for ARCH in ${OS_ARCH_ARG_LINUX}; do
-        echo "Building binary for linux/$ARCH..."
+            OUTPUT_BIN="bin/kube-explorer-linux-$ARCH"
-        GOARCH=$ARCH GOOS=linux CGO_ENABLED=0 go build -tags embed \
+            echo "Building binary for linux/$ARCH..."
-                -ldflags \
+            GOARCH=$ARCH GOOS=linux CGO_ENABLED=0 go build -tags embed \
-                "$LD_INJECT_VALUES $LINKFLAGS" \
+                    -ldflags \
-                -o ${OUTPUT_BIN}
+                    "$LD_INJECT_VALUES $LINKFLAGS" \
-    done
+                    -o ${OUTPUT_BIN}
        done
        ;;
    "tag")
        for ARCH in ${OS_ARCH_ARG_LINUX}; do
            OUTPUT_BIN="bin/kube-explorer-linux-$ARCH"
            echo "Building binary for linux/$ARCH..."
            GOARCH=$ARCH GOOS=linux CGO_ENABLED=0 go build -tags embed \
                    -ldflags \
                    "$LD_INJECT_VALUES $LINKFLAGS" \
                    -o ${OUTPUT_BIN}
        done
-    for ARCH in ${OS_ARCH_ARG_DARWIN}; do
+        for ARCH in ${OS_ARCH_ARG_DARWIN}; do
-        OUTPUT_BIN="bin/kube-explorer-darwin-$ARCH"
+            OUTPUT_BIN="bin/kube-explorer-darwin-$ARCH"
-        echo "Building binary for darwin/$ARCH..."
+            echo "Building binary for darwin/$ARCH..."
-        GOARCH=$ARCH GOOS=darwin CGO_ENABLED=0 go build -tags embed \
+            GOARCH=$ARCH GOOS=darwin CGO_ENABLED=0 go build -tags embed \
-                -ldflags \
+                    -ldflags \
-                "$LD_INJECT_VALUES" \
+                    "$LD_INJECT_VALUES" \
-                -o ${OUTPUT_BIN}
+                    -o ${OUTPUT_BIN}
-    done
+        done
-    for ARCH in ${OS_ARCH_ARG_WINDOWS}; do
+        for ARCH in ${OS_ARCH_ARG_WINDOWS}; do
-        OUTPUT_BIN="bin/kube-explorer-windows-$ARCH.exe"
+            OUTPUT_BIN="bin/kube-explorer-windows-$ARCH.exe"
-        echo "Building binary for windows/$ARCH..."
+            echo "Building binary for windows/$ARCH..."
-        GOARCH=$ARCH GOOS=windows CGO_ENABLED=0 go build -tags embed \
+            GOARCH=$ARCH GOOS=windows CGO_ENABLED=0 go build -tags embed \
-                -ldflags \
+                    -ldflags \
-                "$LD_INJECT_VALUES" \
+                    "$LD_INJECT_VALUES" \
-                -o ${OUTPUT_BIN}
+                    -o ${OUTPUT_BIN}
-    done
+        done
-else
+        ;;
-    # only build one for current platform
+    *)
-    CGO_ENABLED=0 go build -tags embed \
+        # only build one for current platform
-        -ldflags \
+        CGO_ENABLED=0 go build -tags embed \
-        "$LD_INJECT_VALUES $LINKFLAGS" \
+            -ldflags \
-        -o bin/kube-explorer
+            "$LD_INJECT_VALUES $LINKFLAGS" \
-fi
+            -o "bin/kube-explorer-$(uname | tr '[:upper:]' '[:lower:]')-${ARCH}"
        ;;
 esac
 mkdir -p $DAPPER_SOURCE/bin
--- a/scripts/package
+++ b/scripts/package
@@ -5,14 +5,6 @@ source $(dirname $0)/version
 pushd $DAPPER_SOURCE
-if [ -f bin/kube-explorer-linux-${ARCH} ]; then
+docker build -f package/Dockerfile -t cnrancher/kube-explorer:$VERSION .
    # For cross mode
    cp bin/kube-explorer-linux-${ARCH} package/kube-explorer
 else
    # For common mode
    cp bin/kube-explorer package/
 fi
 cd package
 docker build -f Dockerfile -t cnrancher/kube-explorer:$VERSION .
 popd
--- a/scripts/steve
+++ b/scripts/steve
Author	SHA1	Message	Date
Yuxing Deng	2b39db9f07	fix(ci): Fix multi-arch build problem Added build linux/arm64 binary to default ci	2023-11-15 16:30:57 +08:00
Yuxing Deng	4dc1acb1f2	feat(ci): Improve drone pipeline configuration - Separate push and tag pipeline - Use buildx to build and push multi-arch image	2023-11-15 16:09:58 +08:00