From eea40403dc9292ecd571b7b09613b41b1615a2f2 Mon Sep 17 00:00:00 2001 From: andream16 <andrea@ocurity.com> Date: Wed, 11 Sep 2024 15:17:06 +0100 Subject: [PATCH 1/4] Allow building containers and binaries by specifying their platform for better compatibility on different machines. Defaulting to linux/amd64 and allowing for customization. --- Makefile | 21 +++++++++++---- containers/Dockerfile.draconctl | 6 ++++- scripts/build_component_binary.sh | 7 +++-- scripts/build_component_container.sh | 39 ++++++++++++++++++++-------- 4 files changed, 54 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index d177ec5d2..1d2288ed7 100644 --- a/Makefile +++ b/Makefile @@ -39,6 +39,14 @@ BASE_IMAGE=scratch DOCKER=docker PROTOC=protoc +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 + export ######################################## @@ -47,22 +55,25 @@ export .PHONY: components component-binaries cmd/draconctl/bin protos build publish-component-containers publish-containers draconctl-image draconctl-image-publish clean-protos clean $(component_binaries): - CGO_ENABLED=0 ./scripts/build_component_binary.sh $@ + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) ./scripts/build_component_binary.sh $@ component-binaries: $(component_binaries) $(component_containers): %/docker: %/bin - ./scripts/build_component_container.sh $@ + ./scripts/build_component_container.sh $@ $(CONTAINER_OS_ARCH) components: $(component_containers) cmd/draconctl/bin: - CGO_ENABLED=0 go build -o bin/cmd/draconctl cmd/draconctl/main.go + CGO_ENABLED=0 GOOS=$(GOOS) GOARCH=$(GOARCH) go build -o bin/cmd/$(GOOS)/$(GOARCH)/draconctl cmd/draconctl/main.go draconctl-image: cmd/draconctl/bin $(DOCKER) build -t "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}" \ + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - -f containers/Dockerfile.draconctl . + -f containers/Dockerfile.draconctl . \ + --platform=$(CONTAINER_OS_ARCH) draconctl-image-publish: draconctl-image $(DOCKER) push "${CONTAINER_REPO}/draconctl:${DRACON_VERSION}" @@ -282,7 +293,7 @@ dev-dracon: $(eval CONTAINER_REPO:=localhost:5000) $(eval DRACON_OSS_COMPONENTS_PACKAGE_URL:=./$(DRACON_OSS_COMPONENTS_NAME)-$(DRACON_VERSION).tgz) $(eval IN_CLUSTER_CONTAINER_REPO:=kind-registry:5000) - + $(MAKE) -j 16 publish-containers CONTAINER_REPO=$(CONTAINER_REPO) $(MAKE) -j 16 dev-build-oss-components CONTAINER_REPO=$(CONTAINER_REPO) diff --git a/containers/Dockerfile.draconctl b/containers/Dockerfile.draconctl index 01b66bdfe..091e725de 100644 --- a/containers/Dockerfile.draconctl +++ b/containers/Dockerfile.draconctl @@ -1,9 +1,13 @@ ARG BASE_MIGRATION_IMAGE + FROM ${BASE_MIGRATION_IMAGE:-scratch} +ARG GOOS=linux +ARG GOARCH=amd64 + LABEL org.opencontainers.image.description "Draconctl is a command line tool for interacting with Dracon, you can find documentation for it at github.com/ocurity/dracon" -COPY ./bin/cmd/draconctl /bin/draconctl +COPY ./bin/cmd/${GOOS}/${GOARCH}/draconctl /bin/draconctl COPY ./pkg/enrichment/migrations /etc/dracon/migrations/enrichment ENTRYPOINT [ "/bin/draconctl" ] diff --git a/scripts/build_component_binary.sh b/scripts/build_component_binary.sh index 64d97e651..9e415d74d 100755 --- a/scripts/build_component_binary.sh +++ b/scripts/build_component_binary.sh @@ -19,6 +19,9 @@ echo "${1}" | grep -Eq ^components/consumers/.*$ && executable="${executable}" | executable_src_path=$(dirname "${1}") executable_path=$(dirname $(dirname "${1}"))/"${executable}" -echo "building bin/${executable_path}/${executable}" > /dev/stderr +# Customised bin per OS/ARCH. +out_bin_path="bin/${executable_src_path}/${GOOS}/${GOARCH}/${executable}" -go build -o "bin/${executable_src_path}/${executable}" "./${executable_src_path}/main.go" +echo "building $out_bin_path" > /dev/stderr + +go build -o $out_bin_path "./${executable_src_path}/main.go" diff --git a/scripts/build_component_container.sh b/scripts/build_component_container.sh index 2ad5e8d9e..444c4cde9 100755 --- a/scripts/build_component_container.sh +++ b/scripts/build_component_container.sh @@ -4,35 +4,52 @@ set -e; source ./scripts/util.sh +# Sanity check for not arguments being passed. if [ "$#" -eq 0 ] then - util::error "No directory provided to build" + util::error "No arguments provided to build. Expected two." exit 1 fi -executable=$(basename $(dirname "${1}")) +if [ -z "$1" ] +then + util::error "No directory argument provided to build." + exit 1 +fi + +if [ -z "$2" ] +then + util::error "No build architecture argument provided to build." + exit 1 +fi + +dir_name="$1" +build_architecture="$2" + +executable=$(basename $(dirname ${dir_name})) -echo "${1}" | grep -Eq ^components/producers/.*$ && executable="${executable}-parser" || true -echo "${1}" | grep -Eq ^components/enrichers/.*$ && executable="${executable}" || true -echo "${1}" | grep -Eq ^components/consumers/.*$ && executable="${executable}" || true +echo ${dir_name} | grep -Eq ^components/producers/.*$ && executable="${executable}-parser" || true +echo ${dir_name} | grep -Eq ^components/enrichers/.*$ && executable="${executable}" || true +echo ${dir_name} | grep -Eq ^components/consumers/.*$ && executable="${executable}" || true -executable_src_path=$(dirname "${1}") -executable_path=$(dirname "${1}")/"${executable}" +executable_src_path=$(dirname $dir_name) +executable_path=$(dirname $dir_name)/${build_architecture}/"${executable}" if make -C "${executable_src_path}" --no-print-directory --dry-run container >/dev/null 2>&1 then make -C "${executable_src_path}" --no-print-directory --quiet container CONTAINER_REPO="${CONTAINER_REPO}" DRACON_VERSION="${DRACON_VERSION}" else dockerfile_template=" - FROM ${BASE_IMAGE:-scratch} \n - COPY ${executable_path} /app/${executable_path} \n - ENTRYPOINT ["/app/${executable_path}"] \n + FROM ${BASE_IMAGE:-scratch} \n + COPY ${executable_path} /app/${executable} \n + ENTRYPOINT ["/app/${executable}"] \n " dockerfile_path=$(mktemp) printf "${dockerfile_template}" > "${dockerfile_path}" docker build -t "${CONTAINER_REPO}/${executable_src_path}:${DRACON_VERSION}" \ $([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - -f "${dockerfile_path}" ./bin + -f "${dockerfile_path}" ./bin \ + --platform=${build_architecture} fi if make -C "${executable_src_path}" --no-print-directory --dry-run extras >/dev/null 2>&1 From e5a7905a4102979bb293e39d2b233c9048b0a246 Mon Sep 17 00:00:00 2001 From: andream16 <andrea@ocurity.com> Date: Wed, 11 Sep 2024 15:19:36 +0100 Subject: [PATCH 2/4] Allow customising components that define Dockerfiles and Makefiles with a platform for better compatibility. --- components/consumers/dependency-track/Dockerfile | 5 ++++- components/consumers/dependency-track/Makefile | 12 +++++++++++- components/consumers/jira/Dockerfile | 5 ++++- components/consumers/jira/Makefile | 12 +++++++++++- components/consumers/slack/Dockerfile | 7 +++++-- components/consumers/slack/Makefile | 12 +++++++++++- components/producers/aggregator/Dockerfile | 5 ++++- components/producers/aggregator/Makefile | 12 +++++++++++- components/producers/github-code-scanning/Dockerfile | 5 ++++- components/producers/github-code-scanning/Makefile | 12 +++++++++++- .../typescript-eslint/eslint-wrapper/Dockerfile | 7 +++++-- .../typescript-eslint/eslint-wrapper/Makefile | 12 +++++++++++- 12 files changed, 92 insertions(+), 14 deletions(-) diff --git a/components/consumers/dependency-track/Dockerfile b/components/consumers/dependency-track/Dockerfile index 17a6cd3ae..5f486c7fa 100644 --- a/components/consumers/dependency-track/Dockerfile +++ b/components/consumers/dependency-track/Dockerfile @@ -2,6 +2,9 @@ FROM alpine:3.20 RUN apk add --no-cache ca-certificates -COPY ./components/consumers/dependency-track/dependency-track /app/components/consumers/dependency-track/dependency-track +ARG GOOS=linux +ARG GOARCH=amd64 + +COPY ./components/consumers/dependency-track/${GOOS}/${GOARCH}/dependency-track /app/components/consumers/dependency-track/dependency-track ENTRYPOINT ["/app/components/consumers/dependency-track/dependency-track"] diff --git a/components/consumers/dependency-track/Makefile b/components/consumers/dependency-track/Makefile index b160f0073..c258a44b7 100644 --- a/components/consumers/dependency-track/Makefile +++ b/components/consumers/dependency-track/Makefile @@ -4,6 +4,13 @@ CONTAINER_REPO= DRACON_VERSION= SOURCE_CODE_REPO= PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -11,7 +18,10 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/dependency-track:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - ../../../bin 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + ../../../bin 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) publish: $(DOCKER) push $(CONTAINER_REPO)/components/consumers/dependency-track:$(DRACON_VERSION) 1>&2 diff --git a/components/consumers/jira/Dockerfile b/components/consumers/jira/Dockerfile index 003b59928..31c65eae0 100644 --- a/components/consumers/jira/Dockerfile +++ b/components/consumers/jira/Dockerfile @@ -2,6 +2,9 @@ FROM alpine:3.20 RUN apk add --no-cache ca-certificates -COPY ./components/consumers/jira/jira /app/components/consumers/jira/jira +ARG GOOS=linux +ARG GOARCH=amd64 + +COPY ./components/consumers/jira/${GOOS}/${GOARCH}/jira /app/components/consumers/jira/jira ENTRYPOINT ["/app/components/consumers/jira/jira"] diff --git a/components/consumers/jira/Makefile b/components/consumers/jira/Makefile index bb2408a88..6817a617f 100644 --- a/components/consumers/jira/Makefile +++ b/components/consumers/jira/Makefile @@ -4,6 +4,13 @@ CONTAINER_REPO= DRACON_VERSION= SOURCE_CODE_REPO= PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -11,7 +18,10 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/jira:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - ../../../bin 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + ../../../bin 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) publish: $(DOCKER) push $(CONTAINER_REPO)/components/consumers/jira:$(DRACON_VERSION) 1>&2 diff --git a/components/consumers/slack/Dockerfile b/components/consumers/slack/Dockerfile index 8d0a1774e..d693ad97f 100644 --- a/components/consumers/slack/Dockerfile +++ b/components/consumers/slack/Dockerfile @@ -2,6 +2,9 @@ FROM alpine:3.20 RUN apk add --no-cache ca-certificates -COPY ./components/consumers/slack/slack /app/components/consumers/slack/slack +ARG GOOS=linux +ARG GOARCH=amd64 -ENTRYPOINT ["/app/components/consumers/slack/slack"] \ No newline at end of file +COPY ./components/consumers/slack/${GOOS}/${GOARCH}/slack /app/components/consumers/slack/slack + +ENTRYPOINT ["/app/components/consumers/slack/slack"] diff --git a/components/consumers/slack/Makefile b/components/consumers/slack/Makefile index abf3c1326..7334f0157 100644 --- a/components/consumers/slack/Makefile +++ b/components/consumers/slack/Makefile @@ -4,6 +4,13 @@ CONTAINER_REPO= DRACON_VERSION= SOURCE_CODE_REPO= PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -11,7 +18,10 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/consumers/slack:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - ../../../bin 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + ../../../bin 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) publish: $(DOCKER) push $(CONTAINER_REPO)/components/consumers/slack:$(DRACON_VERSION) 1>&2 diff --git a/components/producers/aggregator/Dockerfile b/components/producers/aggregator/Dockerfile index 3f74d3b26..757138225 100644 --- a/components/producers/aggregator/Dockerfile +++ b/components/producers/aggregator/Dockerfile @@ -1,6 +1,9 @@ ARG PRODUCER_AGGREGATOR_BASE_IMAGE FROM ${PRODUCER_AGGREGATOR_BASE_IMAGE} -COPY ./components/producers/aggregator/aggregator-parser /app/components/producers/aggregator/tagger +ARG GOOS=linux +ARG GOARCH=amd64 + +COPY ./components/producers/aggregator/${GOOS}/${GOARCH}/aggregator-parser /app/components/producers/aggregator/tagger ENTRYPOINT ["/app/components/producers/aggregator/tagger"] diff --git a/components/producers/aggregator/Makefile b/components/producers/aggregator/Makefile index bc174363f..309a07064 100644 --- a/components/producers/aggregator/Makefile +++ b/components/producers/aggregator/Makefile @@ -4,6 +4,13 @@ CONTAINER_REPO= DRACON_VERSION= SOURCE_CODE_REPO= PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -11,7 +18,10 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/tagger:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - --build-arg PRODUCER_AGGREGATOR_BASE_IMAGE=$(PRODUCER_AGGREGATOR_BASE_IMAGE) ../../../bin 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + --build-arg PRODUCER_AGGREGATOR_BASE_IMAGE=$(PRODUCER_AGGREGATOR_BASE_IMAGE) ../../../bin 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) publish: $(DOCKER) push $(CONTAINER_REPO)/components/producers/tagger:$(DRACON_VERSION) 1>&2 diff --git a/components/producers/github-code-scanning/Dockerfile b/components/producers/github-code-scanning/Dockerfile index 8fe764be4..f8b81f8a2 100644 --- a/components/producers/github-code-scanning/Dockerfile +++ b/components/producers/github-code-scanning/Dockerfile @@ -1,7 +1,10 @@ FROM alpine:3.20 +ARG GOOS=linux +ARG GOARCH=amd64 + RUN apk add --no-cache ca-certificates -COPY ./components/producers/github-code-scanning/github-code-scanning-parser /app/components/producers/github-code-scanning/github-code-scanning-parser +COPY ./components/producers/github-code-scanning/${GOOS}/${GOARCH}/github-code-scanning-parser /app/components/producers/github-code-scanning/github-code-scanning-parser ENTRYPOINT ["/app/components/producers/github-code-scanning/github-code-scanning-parser"] diff --git a/components/producers/github-code-scanning/Makefile b/components/producers/github-code-scanning/Makefile index 949c455e1..eaf6d57bc 100644 --- a/components/producers/github-code-scanning/Makefile +++ b/components/producers/github-code-scanning/Makefile @@ -4,6 +4,13 @@ CONTAINER_REPO= DRACON_VERSION= SOURCE_CODE_REPO= PRODUCER_AGGREGATOR_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "scratch") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -11,7 +18,10 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/github-code-scanning:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - ../../../bin 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + ../../../bin 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) publish: $(DOCKER) push $(CONTAINER_REPO)/components/producers/github-code-scanning:$(DRACON_VERSION) 1>&2 diff --git a/components/producers/typescript-eslint/eslint-wrapper/Dockerfile b/components/producers/typescript-eslint/eslint-wrapper/Dockerfile index 134be31fd..1b1036a18 100644 --- a/components/producers/typescript-eslint/eslint-wrapper/Dockerfile +++ b/components/producers/typescript-eslint/eslint-wrapper/Dockerfile @@ -1,10 +1,13 @@ ARG ESLINT_WRAPPER_BASE_IMAGE FROM ${ESLINT_WRAPPER_BASE_IMAGE} +ARG GOOS=linux +ARG GOARCH=amd64 + WORKDIR /home/node/workspace COPY components/producers/typescript-eslint/eslint-wrapper/eslintrc.js /home/node/workspace COPY components/producers/typescript-eslint/eslint-wrapper/package.json /home/node/workspace -COPY bin/components/producers/typescript-eslint/eslint-wrapper/eslint-wrapper-parser /home/node/workspace/ +COPY bin/components/producers/typescript-eslint/eslint-wrapper/${GOOS}/${GOARCH}/eslint-wrapper-parser /home/node/workspace/ RUN npm uninstall --save bcrypt &&\ npm install --save-dev \ @@ -14,4 +17,4 @@ RUN npm uninstall --save bcrypt &&\ eslint-plugin-no-unsanitized \ eslint-plugin-security-node -ENTRYPOINT [ "/home/node/workspace/eslint-wrapper-parser"] +ENTRYPOINT ["/home/node/workspace/eslint-wrapper-parser"] diff --git a/components/producers/typescript-eslint/eslint-wrapper/Makefile b/components/producers/typescript-eslint/eslint-wrapper/Makefile index a4e344bfc..1c6858a05 100644 --- a/components/producers/typescript-eslint/eslint-wrapper/Makefile +++ b/components/producers/typescript-eslint/eslint-wrapper/Makefile @@ -3,6 +3,13 @@ CONTAINER_REPO= DRACON_VERSION= ESLINT_WRAPPER_BASE_IMAGE=$(shell test -e .custom_image && cat .custom_image || echo "node:lts") +# https://docs.docker.com/build/building/multi-platform/ +# Make sure to always build containers using AMD64 but allow to be overridden by users if need for cross-os compatibility. +CONTAINER_OS_ARCH=linux/amd64 +# Allow to independently customise go OS and ARCH flags. +# Defaulting to linux/amd64 as per CONTAINER_OS_ARCH. +GOOS=linux +GOARCH=amd64 DOCKER=docker @@ -10,4 +17,7 @@ container: $(DOCKER) build --tag $(CONTAINER_REPO)/components/producers/typescript-eslint/eslint-wrapper:$(DRACON_VERSION) \ --file Dockerfile \ $$([ "${SOURCE_CODE_REPO}" != "" ] && echo "--label=org.opencontainers.image.source=${SOURCE_CODE_REPO}" ) \ - --build-arg ESLINT_WRAPPER_BASE_IMAGE=$(ESLINT_WRAPPER_BASE_IMAGE) ../../../.. 1>&2 + --build-arg GOOS=$(GOOS) \ + --build-arg GOARCH=$(GOARCH) \ + --build-arg ESLINT_WRAPPER_BASE_IMAGE=$(ESLINT_WRAPPER_BASE_IMAGE) ../../../.. 1>&2 \ + --platform=$(CONTAINER_OS_ARCH) From c65ff6d3bd56b22d280add643ae37cb2ef7f02bc Mon Sep 17 00:00:00 2001 From: andream16 <andrea@ocurity.com> Date: Wed, 11 Sep 2024 15:19:56 +0100 Subject: [PATCH 3/4] Formatting pdf Dockerfile. --- components/consumers/pdf/Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/components/consumers/pdf/Dockerfile b/components/consumers/pdf/Dockerfile index 3946bbbef..b2ffb4a6b 100644 --- a/components/consumers/pdf/Dockerfile +++ b/components/consumers/pdf/Dockerfile @@ -1,11 +1,11 @@ FROM golang:latest WORKDIR /playwright -RUN go mod init github.com/ocurity/pdf-consumer &&\ - go get -u github.com/playwright-community/playwright-go &&\ - go run github.com/playwright-community/playwright-go/cmd/playwright@latest install --with-deps +RUN go mod init github.com/ocurity/pdf-consumer && \ + go get -u github.com/playwright-community/playwright-go && \ + go run github.com/playwright-community/playwright-go/cmd/playwright@latest install --with-deps ENV PATH="${PATH}:/go/pkg/mod/github.com/playwright-community" COPY components/consumers/pdf/pdf /playwright/pdf COPY components/consumers/pdf/default.html /playwright/default.html -ENTRYPOINT ["/playwright/pdf"] \ No newline at end of file +ENTRYPOINT ["/playwright/pdf"] From 2deb9e3747146e41257fb4b988b16c8f48105b2f Mon Sep 17 00:00:00 2001 From: andream16 <andrea@ocurity.com> Date: Wed, 11 Sep 2024 15:21:10 +0100 Subject: [PATCH 4/4] Extending docs with sections about custom container platform and OS/ARCH for building binaries. Bumping remark-cli to suppress errors and warnings on linting markdown files. --- docs/getting-started.md | 42 ++++++++++++++++++++++++++++++++++++++++- package-lock.json | 29 ++++++++++------------------ package.json | 2 +- 3 files changed, 52 insertions(+), 21 deletions(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index ce6903a55..d4b4a57c7 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -176,7 +176,8 @@ KiND cluster, that's not the case. Instead, the registry's host is deploy the pipelines and their image repositories will also have to be set to this value.* -*\*\*Make sure that you use the draconctl image that you pushed in the repository.* +*\*\*Make sure that you use the draconctl image that you pushed in the +repository.* #### Using a different base image for your images @@ -191,6 +192,45 @@ these components have their own Makefiles. In those cases you can place a `.custom_image` file in the directory with the base image you wish to use and that will be picked up by the Makefile and build the container. +#### Building binaries and images for non linux/amd64 architecture + +*\*Useful for Apple Silicon chips users.* + +###### Containers + +If you need your images to be built for non linux/amd64 architecture, +you can supply the flag `CONTAINER_OS_ARCH` for customisation of containers. + +This can be passed to the make commands used to build images, for example: + +```bash +make CONTAINER_OS_ARCH=linux/arm64 components +``` + +or: + +```bash +make CONTAINER_OS_ARCH=linux/arm64 publish-containers +``` + +By default, when `CONTAINER_ARCH` is not supplied, `linux/amd64` is used. + +###### Binaries + +`GOOS` and `GOARCH` can be supplied for customisation of the go binaries. + +These can be passed to the make commands used to build binaries, for example: + +```bash +make GOOS=linux GOARCH=arm64 component-binaries +``` + +By default `linux` and `amd64` are used. + +\**For Apple Silicon chips, you might want to use +`GOOS=darwin` and `GOARCH=arm64` when building binaries +locally for development.* + #### Deploying your custom Dracon components Helm package You can package your components into a Helm package by running the following diff --git a/package-lock.json b/package-lock.json index a7f7bfbf0..98cec1b1c 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4,9 +4,8 @@ "requires": true, "packages": { "": { - "name": "dracon", "devDependencies": { - "remark-cli": "^12.0.0", + "remark-cli": "^12.0.1", "remark-lint-list-item-indent": "^4.0.0", "remark-lint-no-shell-dollars": "^4.0.0", "remark-preset-lint-consistent": "^6.0.0", @@ -698,10 +697,11 @@ } }, "node_modules/import-meta-resolve": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/import-meta-resolve/-/import-meta-resolve-3.1.1.tgz", - "integrity": "sha512-qeywsE/KC3w9Fd2ORrRDUw6nS/nLwZpXgfrOc2IILvZYnCaEMd+D56Vfg9k4G29gIeVi3XKql1RQatME8iYsiw==", + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/import-meta-resolve/-/import-meta-resolve-4.1.0.tgz", + "integrity": "sha512-I6fiaX09Xivtk+THaMfAwnA3MVA5Big1WHF1Dfx9hFuvNIWpXnorlkzhcQf6ehrqQiiZECRt1poOAkPmer3ruw==", "dev": true, + "license": "MIT", "funding": { "type": "github", "url": "https://github.com/sponsors/wooorm" @@ -915,16 +915,6 @@ "url": "https://github.com/sponsors/wooorm" } }, - "node_modules/load-plugin/node_modules/import-meta-resolve": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/import-meta-resolve/-/import-meta-resolve-4.0.0.tgz", - "integrity": "sha512-okYUR7ZQPH+efeuMJGlq4f8ubUgO50kByRPyt/Cy1Io4PSRsPjxME+YlVaCOx+NIToW7hCsZNFJyTPFFKepRSA==", - "dev": true, - "funding": { - "type": "github", - "url": "https://github.com/sponsors/wooorm" - } - }, "node_modules/longest-streak": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/longest-streak/-/longest-streak-3.1.0.tgz", @@ -1838,12 +1828,13 @@ } }, "node_modules/remark-cli": { - "version": "12.0.0", - "resolved": "https://registry.npmjs.org/remark-cli/-/remark-cli-12.0.0.tgz", - "integrity": "sha512-IGxCo2VsXC/GS2YdlF7+S8DsUiyULyiauik01NFoiMIrOlbDhXjrKLD8hYazwQdD67nw2k7cwOBIxcK/cbNd9Q==", + "version": "12.0.1", + "resolved": "https://registry.npmjs.org/remark-cli/-/remark-cli-12.0.1.tgz", + "integrity": "sha512-2NAEOACoTgo+e+YAaCTODqbrWyhMVmlUyjxNCkTrDRHHQvH6+NbrnqVvQaLH/Q8Ket3v90A43dgAJmXv8y5Tkw==", "dev": true, + "license": "MIT", "dependencies": { - "import-meta-resolve": "^3.0.0", + "import-meta-resolve": "^4.0.0", "markdown-extensions": "^2.0.0", "remark": "^15.0.0", "unified-args": "^11.0.0" diff --git a/package.json b/package.json index 386220237..1def70236 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ ] }, "devDependencies": { - "remark-cli": "^12.0.0", + "remark-cli": "^12.0.1", "remark-lint-list-item-indent": "^4.0.0", "remark-lint-no-shell-dollars": "^4.0.0", "remark-preset-lint-consistent": "^6.0.0",