From 194c1a2fcc13c686fcbb43bfaf22f39418e4e739 Mon Sep 17 00:00:00 2001 From: Marc 'risson' Schmitt Date: Mon, 12 Aug 2024 18:09:54 +0200 Subject: [PATCH] root: fix docker build warnings (#10881) Signed-off-by: Marc 'risson' Schmitt --- .github/workflows/release-publish.yml | 4 ++++ Dockerfile | 21 ++++++++++++--------- ldap.Dockerfile | 10 +++++----- proxy.Dockerfile | 13 +++++++------ rac.Dockerfile | 11 ++++++----- radius.Dockerfile | 11 ++++++----- 6 files changed, 40 insertions(+), 30 deletions(-) diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml index baecfeab67..bb8949650e 100644 --- a/.github/workflows/release-publish.yml +++ b/.github/workflows/release-publish.yml @@ -51,6 +51,8 @@ jobs: secrets: | GEOIPUPDATE_ACCOUNT_ID=${{ secrets.GEOIPUPDATE_ACCOUNT_ID }} GEOIPUPDATE_LICENSE_KEY=${{ secrets.GEOIPUPDATE_LICENSE_KEY }} + build-args: | + VERSION=${{ github.ref }} tags: ${{ steps.ev.outputs.imageTags }} platforms: linux/amd64,linux/arm64 - uses: actions/attest-build-provenance@v1 @@ -111,6 +113,8 @@ jobs: id: push with: push: true + build-args: | + VERSION=${{ github.ref }} tags: ${{ steps.ev.outputs.imageTags }} file: ${{ matrix.type }}.Dockerfile platforms: linux/amd64,linux/arm64 diff --git a/Dockerfile b/Dockerfile index 19898dce56..76156ccbd8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Stage 1: Build website -FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 as website-builder +FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 AS website-builder ENV NODE_ENV=production @@ -20,7 +20,7 @@ COPY ./SECURITY.md /work/ RUN npm run build-bundled # Stage 2: Build webui -FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 as web-builder +FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 AS web-builder ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH @@ -80,7 +80,7 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ go build -o /go/authentik ./cmd/server # Stage 4: MaxMind GeoIP -FROM --platform=${BUILDPLATFORM} ghcr.io/maxmind/geoipupdate:v7.0.1 as geoip +FROM --platform=${BUILDPLATFORM} ghcr.io/maxmind/geoipupdate:v7.0.1 AS geoip ENV GEOIPUPDATE_EDITION_IDS="GeoLite2-City GeoLite2-ASN" ENV GEOIPUPDATE_VERBOSE="1" @@ -96,6 +96,9 @@ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \ # Stage 5: Python dependencies FROM ghcr.io/goauthentik/fips-python:3.12.5-slim-bookworm-fips-full AS python-deps +ARG TARGETARCH +ARG TARGETVARIANT + WORKDIR /ak-root/poetry ENV VENV_PATH="/ak-root/venv" \ @@ -123,15 +126,15 @@ RUN --mount=type=bind,target=./pyproject.toml,src=./pyproject.toml \ # Stage 6: Run FROM ghcr.io/goauthentik/fips-python:3.12.5-slim-bookworm-fips-full AS final-image -ARG GIT_BUILD_HASH ARG VERSION +ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH -LABEL org.opencontainers.image.url https://goauthentik.io -LABEL org.opencontainers.image.description goauthentik.io Main server image, see https://goauthentik.io for more info. -LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik -LABEL org.opencontainers.image.version ${VERSION} -LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} +LABEL org.opencontainers.image.url=https://goauthentik.io +LABEL org.opencontainers.image.description="goauthentik.io Main server image, see https://goauthentik.io for more info." +LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version=${VERSION} +LABEL org.opencontainers.image.revision=${GIT_BUILD_HASH} WORKDIR / diff --git a/ldap.Dockerfile b/ldap.Dockerfile index 44347e6738..df9d737067 100644 --- a/ldap.Dockerfile +++ b/ldap.Dockerfile @@ -36,11 +36,11 @@ FROM ghcr.io/goauthentik/fips-debian:bookworm-slim-fips ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH -LABEL org.opencontainers.image.url https://goauthentik.io -LABEL org.opencontainers.image.description goauthentik.io LDAP outpost, see https://goauthentik.io for more info. -LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik -LABEL org.opencontainers.image.version ${VERSION} -LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} +LABEL org.opencontainers.image.url=https://goauthentik.io +LABEL org.opencontainers.image.description="goauthentik.io LDAP outpost, see https://goauthentik.io for more info." +LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version=${VERSION} +LABEL org.opencontainers.image.revision=${GIT_BUILD_HASH} COPY --from=builder /go/ldap / diff --git a/proxy.Dockerfile b/proxy.Dockerfile index 26bca36d56..e223e5266b 100644 --- a/proxy.Dockerfile +++ b/proxy.Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # Stage 1: Build web -FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 as web-builder +FROM --platform=${BUILDPLATFORM} docker.io/library/node:22 AS web-builder ENV NODE_ENV=production WORKDIR /static @@ -49,14 +49,15 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ # Stage 3: Run FROM ghcr.io/goauthentik/fips-debian:bookworm-slim-fips +ARG VERSION ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH -LABEL org.opencontainers.image.url https://goauthentik.io -LABEL org.opencontainers.image.description goauthentik.io Proxy outpost image, see https://goauthentik.io for more info. -LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik -LABEL org.opencontainers.image.version ${VERSION} -LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} +LABEL org.opencontainers.image.url=https://goauthentik.io +LABEL org.opencontainers.image.description="goauthentik.io Proxy outpost image, see https://goauthentik.io for more info." +LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version=${VERSION} +LABEL org.opencontainers.image.revision=${GIT_BUILD_HASH} COPY --from=builder /go/proxy / COPY --from=web-builder /static/robots.txt /web/robots.txt diff --git a/rac.Dockerfile b/rac.Dockerfile index 2ce3d9d7ed..87b214408e 100644 --- a/rac.Dockerfile +++ b/rac.Dockerfile @@ -33,14 +33,15 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ # Stage 2: Run FROM ghcr.io/beryju/guacd:1.5.5-fips +ARG VERSION ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH -LABEL org.opencontainers.image.url https://goauthentik.io -LABEL org.opencontainers.image.description goauthentik.io RAC outpost, see https://goauthentik.io for more info. -LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik -LABEL org.opencontainers.image.version ${VERSION} -LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} +LABEL org.opencontainers.image.url=https://goauthentik.io +LABEL org.opencontainers.image.description="goauthentik.io RAC outpost, see https://goauthentik.io for more info." +LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version=${VERSION} +LABEL org.opencontainers.image.revision=${GIT_BUILD_HASH} COPY --from=builder /go/rac / diff --git a/radius.Dockerfile b/radius.Dockerfile index f1e0f8dceb..e19b682f98 100644 --- a/radius.Dockerfile +++ b/radius.Dockerfile @@ -33,14 +33,15 @@ RUN --mount=type=cache,sharing=locked,target=/go/pkg/mod \ # Stage 2: Run FROM ghcr.io/goauthentik/fips-debian:bookworm-slim-fips +ARG VERSION ARG GIT_BUILD_HASH ENV GIT_BUILD_HASH=$GIT_BUILD_HASH -LABEL org.opencontainers.image.url https://goauthentik.io -LABEL org.opencontainers.image.description goauthentik.io Radius outpost, see https://goauthentik.io for more info. -LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik -LABEL org.opencontainers.image.version ${VERSION} -LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} +LABEL org.opencontainers.image.url=https://goauthentik.io +LABEL org.opencontainers.image.description="goauthentik.io Radius outpost, see https://goauthentik.io for more info." +LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version=${VERSION} +LABEL org.opencontainers.image.revision=${GIT_BUILD_HASH} COPY --from=builder /go/radius /