270 lines
7.3 KiB
HCL
270 lines
7.3 KiB
HCL
// ==== Baking Variables ====
|
|
|
|
// Set which cargo profile to use, dev or release for example
|
|
// Use the value provided in the Dockerfile as default
|
|
variable "CARGO_PROFILE" {
|
|
default = null
|
|
}
|
|
|
|
// Set which DB's (features) to enable
|
|
// Use the value provided in the Dockerfile as default
|
|
variable "DB" {
|
|
default = null
|
|
}
|
|
|
|
// The repository this build was triggered from
|
|
variable "SOURCE_REPOSITORY_URL" {
|
|
default = null
|
|
}
|
|
|
|
// The commit hash of the current commit this build was triggered on
|
|
variable "SOURCE_COMMIT" {
|
|
default = null
|
|
}
|
|
|
|
// The version of this build
|
|
// Typically the current exact tag of this commit,
|
|
// else the last tag and the first 8 characters of the source commit
|
|
variable "SOURCE_VERSION" {
|
|
default = null
|
|
}
|
|
|
|
// This can be used to overwrite SOURCE_VERSION
|
|
// It will be used during the build.rs building stage
|
|
variable "VW_VERSION" {
|
|
default = null
|
|
}
|
|
|
|
// The base tag(s) to use
|
|
// This can be a comma separated value like "testing,1.29.2"
|
|
variable "BASE_TAGS" {
|
|
default = "testing"
|
|
}
|
|
|
|
// Which container registries should be used for the tagging
|
|
// This can be a comma separated value
|
|
// Use a full URI like `ghcr.io/dani-garcia/vaultwarden,docker.io/vaultwarden/server`
|
|
variable "CONTAINER_REGISTRIES" {
|
|
default = "vaultwarden/server"
|
|
}
|
|
|
|
|
|
// ==== Baking Groups ====
|
|
|
|
group "default" {
|
|
targets = ["debian"]
|
|
}
|
|
|
|
|
|
// ==== Shared Baking ====
|
|
function "labels" {
|
|
params = []
|
|
result = {
|
|
"org.opencontainers.image.description" = "Unofficial Bitwarden compatible server written in Rust - ${SOURCE_VERSION}"
|
|
"org.opencontainers.image.licenses" = "AGPL-3.0-only"
|
|
"org.opencontainers.image.documentation" = "https://github.com/dani-garcia/vaultwarden/wiki"
|
|
"org.opencontainers.image.url" = "https://github.com/dani-garcia/vaultwarden"
|
|
"org.opencontainers.image.created" = "${formatdate("YYYY-MM-DD'T'hh:mm:ssZZZZZ", timestamp())}"
|
|
"org.opencontainers.image.source" = "${SOURCE_REPOSITORY_URL}"
|
|
"org.opencontainers.image.revision" = "${SOURCE_COMMIT}"
|
|
"org.opencontainers.image.version" = "${SOURCE_VERSION}"
|
|
}
|
|
}
|
|
|
|
target "_default_attributes" {
|
|
labels = labels()
|
|
args = {
|
|
DB = "${DB}"
|
|
CARGO_PROFILE = "${CARGO_PROFILE}"
|
|
VW_VERSION = "${VW_VERSION}"
|
|
}
|
|
}
|
|
|
|
|
|
// ==== Debian Baking ====
|
|
|
|
// Default Debian target, will build a container using the hosts platform architecture
|
|
target "debian" {
|
|
inherits = ["_default_attributes"]
|
|
dockerfile = "docker/Dockerfile.debian"
|
|
tags = generate_tags("", platform_tag())
|
|
output = ["type=docker"]
|
|
}
|
|
|
|
// Multi Platform target, will build one tagged manifest with all supported architectures
|
|
// This is mainly used by GitHub Actions to build and push new containers
|
|
target "debian-multi" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/amd64", "linux/arm64", "linux/arm/v7", "linux/arm/v6"]
|
|
tags = generate_tags("", "")
|
|
output = [join(",", flatten([["type=registry"], image_index_annotations()]))]
|
|
}
|
|
|
|
// Per platform targets, to individually test building per platform locally
|
|
target "debian-amd64" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/amd64"]
|
|
tags = generate_tags("", "-amd64")
|
|
}
|
|
|
|
target "debian-arm64" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/arm64"]
|
|
tags = generate_tags("", "-arm64")
|
|
}
|
|
|
|
target "debian-armv7" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/arm/v7"]
|
|
tags = generate_tags("", "-armv7")
|
|
}
|
|
|
|
target "debian-armv6" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/arm/v6"]
|
|
tags = generate_tags("", "-armv6")
|
|
}
|
|
|
|
// ==== Start of unsupported Debian architecture targets ===
|
|
// These are provided just to help users build for these rare platforms
|
|
// They will not be built by default
|
|
target "debian-386" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/386"]
|
|
tags = generate_tags("", "-386")
|
|
args = {
|
|
ARCH_OPENSSL_LIB_DIR = "/usr/lib/i386-linux-gnu"
|
|
ARCH_OPENSSL_INCLUDE_DIR = "/usr/include/i386-linux-gnu"
|
|
}
|
|
}
|
|
|
|
target "debian-ppc64le" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/ppc64le"]
|
|
tags = generate_tags("", "-ppc64le")
|
|
args = {
|
|
ARCH_OPENSSL_LIB_DIR = "/usr/lib/powerpc64le-linux-gnu"
|
|
ARCH_OPENSSL_INCLUDE_DIR = "/usr/include/powerpc64le-linux-gnu"
|
|
}
|
|
}
|
|
|
|
target "debian-s390x" {
|
|
inherits = ["debian"]
|
|
platforms = ["linux/s390x"]
|
|
tags = generate_tags("", "-s390x")
|
|
args = {
|
|
ARCH_OPENSSL_LIB_DIR = "/usr/lib/s390x-linux-gnu"
|
|
ARCH_OPENSSL_INCLUDE_DIR = "/usr/include/s390x-linux-gnu"
|
|
}
|
|
}
|
|
// ==== End of unsupported Debian architecture targets ===
|
|
|
|
// A Group to build all platforms individually for local testing
|
|
group "debian-all" {
|
|
targets = ["debian-amd64", "debian-arm64", "debian-armv7", "debian-armv6"]
|
|
}
|
|
|
|
|
|
// ==== Alpine Baking ====
|
|
|
|
// Default Alpine target, will build a container using the hosts platform architecture
|
|
target "alpine" {
|
|
inherits = ["_default_attributes"]
|
|
dockerfile = "docker/Dockerfile.alpine"
|
|
tags = generate_tags("-alpine", platform_tag())
|
|
output = ["type=docker"]
|
|
}
|
|
|
|
// Multi Platform target, will build one tagged manifest with all supported architectures
|
|
// This is mainly used by GitHub Actions to build and push new containers
|
|
target "alpine-multi" {
|
|
inherits = ["alpine"]
|
|
platforms = ["linux/amd64", "linux/arm64", "linux/arm/v7", "linux/arm/v6"]
|
|
tags = generate_tags("-alpine", "")
|
|
output = [join(",", flatten([["type=registry"], image_index_annotations()]))]
|
|
}
|
|
|
|
// Per platform targets, to individually test building per platform locally
|
|
target "alpine-amd64" {
|
|
inherits = ["alpine"]
|
|
platforms = ["linux/amd64"]
|
|
tags = generate_tags("-alpine", "-amd64")
|
|
}
|
|
|
|
target "alpine-arm64" {
|
|
inherits = ["alpine"]
|
|
platforms = ["linux/arm64"]
|
|
tags = generate_tags("-alpine", "-arm64")
|
|
}
|
|
|
|
target "alpine-armv7" {
|
|
inherits = ["alpine"]
|
|
platforms = ["linux/arm/v7"]
|
|
tags = generate_tags("-alpine", "-armv7")
|
|
}
|
|
|
|
target "alpine-armv6" {
|
|
inherits = ["alpine"]
|
|
platforms = ["linux/arm/v6"]
|
|
tags = generate_tags("-alpine", "-armv6")
|
|
}
|
|
|
|
// A Group to build all platforms individually for local testing
|
|
group "alpine-all" {
|
|
targets = ["alpine-amd64", "alpine-arm64", "alpine-armv7", "alpine-armv6"]
|
|
}
|
|
|
|
|
|
// ==== Bake everything locally ====
|
|
|
|
group "all" {
|
|
targets = ["debian-all", "alpine-all"]
|
|
}
|
|
|
|
|
|
// ==== Baking functions ====
|
|
|
|
// This will return the local platform as amd64, arm64 or armv7 for example
|
|
// It can be used for creating a local image tag
|
|
function "platform_tag" {
|
|
params = []
|
|
result = "-${replace(replace(BAKE_LOCAL_PLATFORM, "linux/", ""), "/", "")}"
|
|
}
|
|
|
|
|
|
function "get_container_registries" {
|
|
params = []
|
|
result = flatten(split(",", CONTAINER_REGISTRIES))
|
|
}
|
|
|
|
function "get_base_tags" {
|
|
params = []
|
|
result = flatten(split(",", BASE_TAGS))
|
|
}
|
|
|
|
function "generate_tags" {
|
|
params = [
|
|
suffix, // What to append to the BASE_TAG when needed, like `-alpine` for example
|
|
platform // the platform we are building for if needed
|
|
]
|
|
result = flatten([
|
|
for registry in get_container_registries() :
|
|
[for base_tag in get_base_tags() :
|
|
concat(
|
|
# If the base_tag contains latest, and the suffix contains `-alpine` add a `:alpine` tag too
|
|
base_tag == "latest" ? suffix == "-alpine" ? ["${registry}:alpine${platform}"] : [] : [],
|
|
# The default tagging strategy
|
|
["${registry}:${base_tag}${suffix}${platform}"]
|
|
)
|
|
]
|
|
])
|
|
}
|
|
|
|
function "image_index_annotations" {
|
|
params = []
|
|
result = flatten([
|
|
for key, value in labels() :
|
|
value != null ? formatlist("annotation-index.%s=%s", "${key}", "${value}") : []
|
|
])
|
|
}
|