Skip to content

[v14] oci: Parameterize Debian OCI Dockerfile for multiarch#34188

Merged
camscale merged 2 commits intobranch/v14from
bot/backport-33949-branch/v14
Nov 14, 2023
Merged

[v14] oci: Parameterize Debian OCI Dockerfile for multiarch#34188
camscale merged 2 commits intobranch/v14from
bot/backport-33949-branch/v14

Conversation

@camscale
Copy link
Copy Markdown
Contributor

@camscale camscale commented Nov 3, 2023

Parameterize the Debian OCI Dockerfile to take a .deb filename without
an architecture so we can use ${TARGETARCH} in a multi-architecture
build. ${DEB_PATH} still has precedence, but if not specified,
${DEB_BASE} can be provided to specify the .deb file to install into
the image without the architecture or .deb suffix.

This also fixes the ${DEB_PATH?} expansion which is not a valid
expansion in a Dockerfile.

With this change, a multi-architecture image can be built with

docker buildx build --platform p1,p2,p3 \
  --build-arg DEB_BASE=teleport-ent-v1.2.3 \
  ...

and docker will set ${TARGETARCH} to the architecture of each of the
platforms p1, p2 and p3 as it builds each, having us install the
correct architecture of teleport .deb file.

Issue: #20729
Backport: #33949

@camscale
oci: Parameterize Debian OCI Dockerfile for multiarch
03df832 
Parameterize the Debian OCI Dockerfile to take a `.deb` filename without
an architecture so we can use `${TARGETARCH}` in a multi-architecture
build. `${DEB_PATH}` still has precedence, but if not specified,
`${DEB_BASE}` can be provided to specify the `.deb` file to install into
the image without the architecture or `.deb` suffix.

This also fixes the `${DEB_PATH?}` expansion which is not a valid
expansion in a Dockerfile.

With this change, a multi-architecture image can be built with

    docker buildx build --platform p1,p2,p3 \
      --build-arg DEB_BASE=teleport-ent-v1.2.3 \
      ...

and docker will set `${TARGETARCH}` to the architecture of each of the
platforms `p1`, `p2` and `p3` as it builds each, having us install the
correct architecture of teleport `.deb` file.
@camscale
oci: Optimize OCI image size and build time
925d238 
Use `RUN --mount=target-/ctx` to mount the Docker build context to
access the `.deb` file to install instead of `COPY`ing it in. This saves
space on the image.

Separate the installation of the Teleport `.deb` file to come after
installing the prerequisites with `apt-get`. This allows that layer to
be cached so we can build the OSS and Enterprise images sharing that
base. This reduces the network traffic too and the risk of failure due
to transient network errors. The build time of a subsequent image is
seconds so we don't lose anything due to the removal of potential
parallelism.
@github-actions github-actions Bot requested review from fheinecke, r0mant and tcsc November 3, 2023 04:51
@camscale camscale added the no-changelog Indicates that a PR does not require a changelog entry label Nov 3, 2023
@public-teleport-github-review-bot public-teleport-github-review-bot Bot removed the request for review from fheinecke November 14, 2023 03:10
@camscale camscale added this pull request to the merge queue Nov 14, 2023
Merged via the queue into branch/v14 with commit 5ac0fc2 Nov 14, 2023
@camscale camscale deleted the bot/backport-33949-branch/v14 branch November 14, 2023 06:35
This was referenced Nov 15, 2023
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r0mant r0mant r0mant approved these changes

@tcsc tcsc tcsc approved these changes

Assignees

No one assigned

Labels

backport no-changelog Indicates that a PR does not require a changelog entry size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@camscale @r0mant @tcsc