1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-24 17:08:14 +00:00

Support arm64 architecture (#1036)

* Support arm64 architecture

* remove .github/workflows/test_docker.yml

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
This commit is contained in:
Huang Huang 2021-11-08 20:06:44 +08:00 committed by GitHub
parent 4bcad83f09
commit beaad3bab2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 14 additions and 24 deletions

View File

@ -52,9 +52,11 @@ jobs:
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
context: . context: .
platforms: linux/amd64 platforms: linux/amd64,linux/arm64
builder: ${{ steps.buildx.outputs.name }} builder: ${{ steps.buildx.outputs.name }}
push: true push: true
build-args: |
KUBEBENCH_VERSION=${{ steps.get_version.outputs.version }}
tags: | tags: |
${{ env.DOCKERHUB_ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }} ${{ env.DOCKERHUB_ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}
public.ecr.aws/${{ env.ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }} public.ecr.aws/${{ env.ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}

View File

@ -1,14 +1,13 @@
FROM golang:1.17.2 AS build FROM golang:1.17.2 AS build
WORKDIR /go/src/github.com/aquasecurity/kube-bench/ WORKDIR /go/src/github.com/aquasecurity/kube-bench/
COPY makefile makefile
COPY go.mod go.sum ./ COPY go.mod go.sum ./
COPY main.go . COPY main.go .
COPY check/ check/ COPY check/ check/
COPY cmd/ cmd/ COPY cmd/ cmd/
COPY internal/ internal/ COPY internal/ internal/
ARG KUBEBENCH_VERSION ARG KUBEBENCH_VERSION
ARG GOOS=linux RUN make build && cp kube-bench /go/bin/kube-bench
ARG GOARCH=amd64
RUN GO111MODULE=on CGO_ENABLED=0 GOOS=$GOOS GOARCH=$GOARCH go build -a -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=${KUBEBENCH_VERSION} -w" -o /go/bin/kube-bench
FROM alpine:3.14.2 AS run FROM alpine:3.14.2 AS run
WORKDIR /opt/kube-bench/ WORKDIR /opt/kube-bench/

View File

@ -7,7 +7,8 @@ IMAGE_NAME ?= $(DOCKER_ORG)/$(BINARY):$(VERSION)
GOOS ?= linux GOOS ?= linux
BUILD_OS := linux BUILD_OS := linux
uname := $(shell uname -s) uname := $(shell uname -s)
ARCHS ?= amd64 arm64 BUILDX_PLATFORM ?= linux/amd64,linux/arm64,linux/arm
DOCKER_ORGS ?= aquasec public.ecr.aws/aquasecurity
GOARCH ?= $@ GOARCH ?= $@
ifneq ($(findstring Microsoft,$(shell uname -r)),) ifneq ($(findstring Microsoft,$(shell uname -r)),)
@ -25,29 +26,17 @@ KIND_IMAGE ?= kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618
# build a multi-arch image and push to Docker hub # build a multi-arch image and push to Docker hub
.PHONY: docker .PHONY: docker
docker: publish manifests docker:
set -xe; \
# build and push an arch-specific image for org in $(DOCKER_ORGS); do \
.PHONY: $(ARCHS) manifests publish docker buildx build --tag $${org}/kube-bench:${VERSION} \
publish: $(ARCHS) --platform $(BUILDX_PLATFORM) --push . ; \
$(ARCHS): done
@echo "Building Docker image for $@"
docker build -t ${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION} \
--build-arg GOOS=$(GOOS) --build-arg GOARCH=$(GOARCH) ./
@echo "Push $@ Docker image to ${DOCKER_ORG}/${BINARY}"
docker push ${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}
docker manifest create --amend "${DOCKER_ORG}/${BINARY}:${VERSION}" "${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}"
docker manifest annotate "${DOCKER_ORG}/${BINARY}:${VERSION}" "${DOCKER_ORG}/${BINARY}:$(GOOS)-$(GOARCH)-${VERSION}" --os=$(GOOS) --arch=$(GOARCH)
# push the multi-arch manifest
manifests:
@echo "Push manifest for ${DOCKER_ORG}/${BINARY}:${VERSION}"
docker manifest push "${DOCKER_ORG}/${BINARY}:${VERSION}"
build: $(BINARY) build: $(BINARY)
$(BINARY): $(SOURCES) $(BINARY): $(SOURCES)
GOOS=$(GOOS) go build -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) . GOOS=$(GOOS) CGO_ENABLED=0 go build -ldflags "-X github.com/aquasecurity/kube-bench/cmd.KubeBenchVersion=$(KUBEBENCH_VERSION)" -o $(BINARY) .
# builds the current dev docker version # builds the current dev docker version
build-docker: build-docker: