lifecycle: build binary dependencies which link against SSL directly (#12724)

* lifecycle: install binary dependencies in dockerfile directly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * install ua-parser-builtins manually as its only distributed as binary Signed-off-by: Jens Langhammer <jens@goauthentik.io> * build duo_client from scratch, sigh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * deps for kadmin Signed-off-by: Jens Langhammer <jens@goauthentik.io> * ok fine Signed-off-by: Jens Langhammer <jens@goauthentik.io> * run on arm runner? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix yaml format Signed-off-by: Jens Langhammer <jens@goauthentik.io> * rewrite release pipeline to use re-usable workflows Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix typo Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-usable multi-arch build? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * also add suffix for amd64 Signed-off-by: Jens Langhammer <jens@goauthentik.io> * parameterise image name Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-use workflow for CI images...? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix missing checkout Signed-off-by: Jens Langhammer <jens@goauthentik.io> * inherit secrets Signed-off-by: Jens Langhammer <jens@goauthentik.io> * temp build directly Signed-off-by: Jens Langhammer <jens@goauthentik.io> * get cache-to from python script Signed-off-by: Jens Langhammer <jens@goauthentik.io> * better name? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * matrix for merging images? Signed-off-by: Jens Langhammer <jens@goauthentik.io> * re-add build dep Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use multi-image tag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * include arch in buildcache Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2025-01-21 15:36:25 +01:00
parent 90a85abf9d
commit faab182404
11 changed files with 261 additions and 146 deletions
--- a/.github/actions/docker-push-variables/push_vars.py
+++ b/.github/actions/docker-push-variables/push_vars.py
@ -2,6 +2,7 @@

 import configparser
 import os
+from json import dumps
 from time import time

 parser = configparser.ConfigParser()
@ -48,7 +49,7 @@ if is_release:
            ]
 else:
    suffix = ""
-    if image_arch and image_arch != "amd64":
+    if image_arch:
        suffix = f"-{image_arch}"
    for name in image_names:
        image_tags += [
@ -70,12 +71,23 @@ def get_attest_image_names(image_with_tags: list[str]):
    return ",".join(set(image_tags))


+# Generate `cache-to` param
+cache_to = ""
+if should_push:
+    _cache_tag = "buildcache"
+    if image_arch:
+        _cache_tag += f"-{image_arch}"
+    cache_to = f"type=registry,ref={get_attest_image_names(image_tags)}:{_cache_tag},mode=max"
+
+
 with open(os.environ["GITHUB_OUTPUT"], "a+", encoding="utf-8") as _output:
    print(f"shouldPush={str(should_push).lower()}", file=_output)
    print(f"sha={sha}", file=_output)
    print(f"version={version}", file=_output)
    print(f"prerelease={prerelease}", file=_output)
    print(f"imageTags={','.join(image_tags)}", file=_output)
+    print(f"imageTagsJSON={dumps(image_tags)}", file=_output)
    print(f"attestImageNames={get_attest_image_names(image_tags)}", file=_output)
    print(f"imageMainTag={image_main_tag}", file=_output)
    print(f"imageMainName={image_tags[0]}", file=_output)
+    print(f"cacheTo={cache_to}", file=_output)