Support arm64 architecture (#1036)

* Support arm64 architecture * remove .github/workflows/test_docker.yml Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
3 years ago · beaad3bab2
parent 4bcad83f09
commit beaad3bab2
3 changed files with 14 additions and 24 deletions
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@ -52,9 +52,11 @@ jobs:
        uses: docker/build-push-action@v2
        with:
          context: .
-          platforms: linux/amd64
+          platforms: linux/amd64,linux/arm64
          builder: ${{ steps.buildx.outputs.name }}
          push: true
+          build-args: |
+            KUBEBENCH_VERSION=${{ steps.get_version.outputs.version }}
          tags: |
            ${{ env.DOCKERHUB_ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}
            public.ecr.aws/${{ env.ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}
--- a/5
+++ b/5
@ -1,14 +1,13 @@
 FROM golang:1.17.2 AS build
 WORKDIR /go/src/github.com/aquasecurity/kube-bench/
+COPY makefile makefile
 COPY go.mod go.sum ./
 COPY main.go .
 COPY check/ check/
 COPY cmd/ cmd/
 COPY internal/ internal/
 ARG KUBEBENCH_VERSION
-ARG GOOS=linux
-ARG GOARCH=amd64
-RUN GO111MODULE=on CGO_ENABLED=0 GOOS=$GOOS GOARCH=$GOARCH go build -a -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=${KUBEBENCH_VERSION} -w" -o /go/bin/kube-bench
+RUN make build && cp kube-bench /go/bin/kube-bench

 FROM alpine:3.14.2 AS run
 WORKDIR /opt/kube-bench/
--- a/29
+++ b/29
@ -7,7 +7,8 @@ IMAGE_NAME ?= $(DOCKER_ORG)/$(BINARY):$(VERSION)
 GOOS ?= linux
 BUILD_OS := linux
 uname := $(shell uname -s)
-ARCHS ?= amd64 arm64
+BUILDX_PLATFORM ?= linux/amd64,linux/arm64,linux/arm
+DOCKER_ORGS ?= aquasec public.ecr.aws/aquasecurity
 GOARCH ?= $@

 ifneq ($(findstring Microsoft,$(shell uname -r)),)
@ -25,29 +26,17 @@ KIND_IMAGE ?= kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618

 # build a multi-arch image and push to Docker hub
 .PHONY: docker
-docker: publish manifests
-
-# build and push an arch-specific image
-.PHONY: $(ARCHS) manifests publish
-publish: $(ARCHS)
-$(ARCHS):
-	@echo "Building Docker image for $@"
-	docker build -t ${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION} \
-	--build-arg GOOS=$(GOOS) --build-arg GOARCH=$(GOARCH) ./
-	@echo "Push $@ Docker image to ${DOCKER_ORG}/${BINARY}"
-	docker push ${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}
-	docker manifest create --amend "${DOCKER_ORG}/${BINARY}:${VERSION}" "${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}"
-	docker manifest annotate "${DOCKER_ORG}/${BINARY}:${VERSION}" "${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}" --os=$(GOOS) --arch=$(GOARCH)
-
-# push the multi-arch manifest
-manifests:
-	@echo "Push manifest for ${DOCKER_ORG}/${BINARY}:${VERSION}"
-	docker manifest push "${DOCKER_ORG}/${BINARY}:${VERSION}"
+docker:
+	set -xe; \
+	for org in $(DOCKER_ORGS); do \
+		docker buildx build --tag $${org}/kube-bench:${VERSION} \
+		--platform $(BUILDX_PLATFORM) --push . ; \
+	done

 build: $(BINARY)

 $(BINARY): $(SOURCES)
-	GOOS=$(GOOS) go build -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) .
+	GOOS=$(GOOS) CGO_ENABLED=0 go build -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) .

 # builds the current dev docker version
 build-docker: