Build multi-arch images based on Debian

Author: cimnine

.github/workflows/push.yml

@@ -13,12 +13,15 @@ jobs:
     runs-on: ubuntu-latest
     name: Checks syntax of our code
     steps:
-    - uses: actions/checkout@v2
+    -
+      uses: actions/checkout@v2
       with:
         # Full git history is needed to get a proper list of changed files within `super-linter`
         fetch-depth: 0
-    - uses: actions/setup-python@v2
-    - name: Lint Code Base
+    -
+      uses: actions/setup-python@v2
+    -
+      name: Lint Code Base
       uses: github/super-linter@v4
       env:
         DEFAULT_BRANCH: develop
@@ -35,32 +38,49 @@ jobs:
         PYTHON_BLACK_CONFIG_FILE: pyproject.toml
         PYTHON_FLAKE8_CONFIG_FILE: .flake8
         PYTHON_ISORT_CONFIG_FILE: pyproject.toml
+
   build:
-    continue-on-error: ${{ matrix.docker_from == 'alpine:edge' }}
+    continue-on-error: ${{ matrix.build_cmd != './build-latest.sh' }}
     strategy:
       matrix:
         build_cmd:
         - ./build-latest.sh
         - PRERELEASE=true ./build-latest.sh
         - ./build.sh feature
         - ./build.sh develop
-        docker_from:
-        - '' # use the default of the build script
-        - alpine:edge
+        platform:
+        - linux/amd64
+        - linux/arm64
       fail-fast: false
     runs-on: ubuntu-latest
     name: Builds new NetBox Docker Images
     steps:
-    - id: git-checkout
+    -
       name: Checkout
       uses: actions/checkout@v2
-    - id: docker-build
-      name: Build the image from '${{ matrix.docker_from }}' with '${{ matrix.build_cmd }}'
+    -
+      name: Get Version of NetBox Docker
+      run: |
+        echo "::set-output name=version::$(cat VERSION)"
+      shell: bash
+    -
+      name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    -
+      id: buildx-setup
+      name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+      with:
+        install: true
+    -
+      id: docker-build
+      name: Build the image with '${{ matrix.build_cmd }}'
       run: ${{ matrix.build_cmd }}
       env:
-        DOCKER_FROM: ${{ matrix.docker_from }}
         GH_ACTION: enable
-    - id: docker-test
+        BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }}
+        BUILDX_PLATFORMS: ${{ matrix.platform }}
+    -
       name: Test the image
       run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh
       if: steps.docker-build.outputs.skipped != 'true'

.github/workflows/release.yml

@@ -1,9 +1,9 @@
 name: release
 
 on:
-  push:
-    branches:
-      - release
+  release:
+    types:
+      - published
   schedule:
     - cron: '45 5 * * *'
 
@@ -16,68 +16,88 @@ jobs:
         - PRERELEASE=true ./build-latest.sh
         - ./build.sh feature
         - ./build.sh develop
+        platform:
+        - linux/amd64,linux/arm64
       fail-fast: false
     runs-on: ubuntu-latest
     name: Builds new NetBox Docker Images
     steps:
-    - id: git-checkout
+    -
       name: Checkout
       uses: actions/checkout@v2
-    - id: docker-build
+    -
+      name: Get Version of NetBox Docker
+      run: |
+        echo "::set-output name=version::$(cat VERSION)"
+      shell: bash
+    -
+      name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    -
+      id: buildx-setup
+      name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+      with:
+        install: true
+    -
+      name: Available platforms
+      run: echo ${{ steps.buildx-setup.outputs.platforms }}
+    -
+      id: docker-build
       name: Build the image with '${{ matrix.build_cmd }}'
       run: ${{ matrix.build_cmd }}
       env:
         GH_ACTION: enable
-    - id: docker-test
+        BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }}
+        BUILDX_PLATFORMS: ${{ matrix.platform }}
+    -
       name: Test the image
       run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-login
-      name: Login to the Docker Registry
-      run: |
-        echo "::add-mask::$DOCKERHUB_USERNAME"
-        echo "::add-mask::$DOCKERHUB_PASSWORD"
-        docker login -u "$DOCKERHUB_USERNAME" --password "${DOCKERHUB_PASSWORD}" "${DOCKER_REGISTRY}"
-      env:
-        DOCKERHUB_USERNAME: ${{ secrets.dockerhub_username }}
-        DOCKERHUB_PASSWORD: ${{ secrets.dockerhub_password }}
+    -
+      name: Login to docker.io
+      uses: docker/login-action@v1
+      with:
+        registry: docker.io
+        username: ${{ secrets.dockerhub_username }}
+        password: ${{ secrets.dockerhub_password }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-push
-      name: Push the image
+    -
+      name: Push the image to docker.io
       run: ${{ matrix.build_cmd }} --push-only
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: registry-logout
-      name: Logout of the Docker Registry
-      run: docker logout "${DOCKER_REGISTRY}"
-      if: steps.docker-build.outputs.skipped != 'true'
 
-    # Quay.io
-    - id: quayio-docker-build
-      name: Build the image with '${{ matrix.build_cmd }}'
-      run: ${{ matrix.build_cmd }}
+    # quay.io
+    -
+      name: Login to Quay.io
+      uses: docker/login-action@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.quayio_username }}
+        password: ${{ secrets.quayio_password }}
+      if: steps.docker-build.outputs.skipped != 'true'
+    -
+      name: Build and push the image with '${{ matrix.build_cmd }}'
+      run: ${{ matrix.build_cmd }} --push
       env:
         DOCKER_REGISTRY: quay.io
         GH_ACTION: enable
-    - id: quayio-registry-login
-      name: Login to the Quay.io Registry
-      run: |
-        echo "::add-mask::$QUAYIO_USERNAME"
-        echo "::add-mask::$QUAYIO_PASSWORD"
-        docker login -u "$QUAYIO_USERNAME" --password "${QUAYIO_PASSWORD}" "${DOCKER_REGISTRY}"
-      env:
-        DOCKER_REGISTRY: quay.io
-        QUAYIO_USERNAME: ${{ secrets.quayio_username }}
-        QUAYIO_PASSWORD: ${{ secrets.quayio_password }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: quayio-registry-push
-      name: Push the image
-      run: ${{ matrix.build_cmd }} --push-only
-      env:
-        DOCKER_REGISTRY: quay.io
+
+    # ghcr.io
+    -
+      name: Login to GitHub Container Registry
+      uses: docker/login-action@v1
+      with:
+        registry: ghcr.io
+        username: ${{ github.repository_owner }}
+        password: ${{ secrets.GITHUB_TOKEN }}
       if: steps.docker-build.outputs.skipped != 'true'
-    - id: quayio-registry-logout
-      name: Logout of the Docker Registry
-      run: docker logout "${DOCKER_REGISTRY}"
+    -
+      name: Build and push the image with '${{ matrix.build_cmd }}'
+      run: ${{ matrix.build_cmd }} --push
       env:
-        DOCKER_REGISTRY: quay.io
+        DOCKER_REGISTRY: ghcr.io
+        DOCKER_ORG: netbox-community
+        GH_ACTION: enable
       if: steps.docker-build.outputs.skipped != 'true'

.gitignore

@@ -13,3 +13,4 @@ configuration/ldap/*
 !configuration/plugins.py
 prometheus.yml
 super-linter.log
+.buildx-cache

Dockerfile

@@ -1,44 +1,31 @@
 ARG FROM
 FROM ${FROM} as builder
 
-RUN apk add --no-cache \
-      bash \
-      build-base \
-      cargo \
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update -qq \
+  && apt-get install \
+      --yes -qq --no-install-recommends \
+      build-essential \
       ca-certificates \
-      cmake \
-      cyrus-sasl-dev \
-      git \
       graphviz \
-      jpeg-dev \
       libevent-dev \
       libffi-dev \
-      libxslt-dev \
-      make \
-      musl-dev \
-      openldap-dev \
-      postgresql-dev \
-      py3-pip \
+      libjpeg-dev \
+      libldap-dev \
+      libsasl2-dev \
+      libxslt1-dev \
+      libxml2-dev \
+      postgresql-13 \
       python3-dev \
+      python3-pip \
+      python3-venv \
   && python3 -m venv /opt/netbox/venv \
   && /opt/netbox/venv/bin/python3 -m pip install --upgrade \
       pip \
       setuptools \
       wheel
 
-# Build libcrc32c for google-crc32c python module
-RUN git clone https://github.com/google/crc32c \
-    && cd crc32c \
-    && git submodule update --init --recursive \
-    && mkdir build \
-    && cd build \
-    && cmake \
-        -DCMAKE_BUILD_TYPE=Release \
-        -DCRC32C_BUILD_TESTS=no \
-        -DCRC32C_BUILD_BENCHMARKS=no \
-        -DBUILD_SHARED_LIBS=yes \
-        .. \
-    && make all install
+WORKDIR /opt/netbox/
 
 ARG NETBOX_PATH
 COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt /
@@ -53,34 +40,39 @@ RUN /opt/netbox/venv/bin/pip install \
 ARG FROM
 FROM ${FROM} as main
 
-RUN apk add --no-cache \
-      bash \
+ENV DEBIAN_FRONTEND=noninteractive
+RUN . /etc/os-release \
+  && apt-get update -qq \
+  && apt-get upgrade \
+      --yes -qq --no-install-recommends \
+  && apt-get install \
+      --yes -qq --no-install-recommends \
       ca-certificates \
       curl \
-      graphviz \
-      libevent \
-      libffi \
-      libjpeg-turbo \
-      libxslt \
       openssl \
-      postgresql-libs \
-      py3-pip \
       python3 \
-      tini \
+      python3-distutils \
+  && curl -sL https://nginx.org/keys/nginx_signing.key | \
+    tee /etc/apt/trusted.gpg.d/nginx.asc \
+  && echo "deb https://packages.nginx.org/unit/debian/ ${VERSION_CODENAME} unit" | \
+    tee /etc/apt/sources.list.d/unit.list \
+  && apt-get update -qq \
+  && apt-get install \
+      --yes -qq --no-install-recommends \
       unit \
-      unit-python3
+      unit-python3.9 \
+      tini \
+  && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /opt
 
-COPY --from=builder /usr/local/lib/libcrc32c.* /usr/local/lib/
-COPY --from=builder /usr/local/include/crc32c /usr/local/include
-COPY --from=builder /usr/local/lib/cmake/Crc32c /usr/local/lib/cmake/
 COPY --from=builder /opt/netbox/venv /opt/netbox/venv
 
 ARG NETBOX_PATH
 COPY ${NETBOX_PATH} /opt/netbox
 
 COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py
+COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py
 COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh
 COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh
 COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh
@@ -89,36 +81,25 @@ COPY initializers/ /opt/netbox/initializers/
 COPY configuration/ /etc/netbox/config/
 COPY docker/nginx-unit.json /etc/unit/
 
-WORKDIR /opt/netbox/netbox
+WORKDIR /opt/netbox
 
 # Must set permissions for '/opt/netbox/netbox/media' directory
 # to g+w so that pictures can be uploaded to netbox.
 RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \
-      && chmod -R g+w media /opt/unit/ \
-      && cd /opt/netbox/ && /opt/netbox/venv/bin/python -m mkdocs build \
+      && chmod -R g+w /opt/netbox/netbox/media /opt/unit/ \
+      && /opt/netbox/venv/bin/python -m mkdocs build \
           --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \
       && SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input
 
-ENTRYPOINT [ "/sbin/tini", "--" ]
+WORKDIR /opt/netbox/netbox
+ENTRYPOINT [ "/usr/bin/tini", "--" ]
 
 CMD [ "/opt/netbox/docker-entrypoint.sh", "/opt/netbox/launch-netbox.sh" ]
 
 LABEL ORIGINAL_TAG="" \
       NETBOX_GIT_BRANCH="" \
       NETBOX_GIT_REF="" \
       NETBOX_GIT_URL="" \
-# See http://label-schema.org/rc1/#build-time-labels
-# Also https://microbadger.com/labels
-      org.label-schema.schema-version="1.0" \
-      org.label-schema.build-date="" \
-      org.label-schema.name="NetBox Docker" \
-      org.label-schema.description="A container based distribution of NetBox, the free and open IPAM and DCIM solution." \
-      org.label-schema.vendor="The netbox-docker contributors." \
-      org.label-schema.url="https://github.com/netbox-community/netbox-docker" \
-      org.label-schema.usage="https://github.com/netbox-community/netbox-docker/wiki" \
-      org.label-schema.vcs-url="https://github.com/netbox-community/netbox-docker.git" \
-      org.label-schema.vcs-ref="" \
-      org.label-schema.version="snapshot" \
 # See https://github.com/opencontainers/image-spec/blob/master/annotations.md#pre-defined-annotation-keys
       org.opencontainers.image.created="" \
       org.opencontainers.image.title="NetBox Docker" \
@@ -131,16 +112,3 @@ LABEL ORIGINAL_TAG="" \
       org.opencontainers.image.source="https://github.com/netbox-community/netbox-docker.git" \
       org.opencontainers.image.revision="" \
       org.opencontainers.image.version="snapshot"
-
-#####
-## LDAP specific configuration
-#####
-
-FROM main as ldap
-
-RUN apk add --no-cache \
-      libsasl \
-      libldap \
-      util-linux
-
-COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py