From 89ae2b89fd20fa31851a31fe44f514294fbcd688 Mon Sep 17 00:00:00 2001 From: Yassine Doghri Date: Mon, 16 Feb 2026 13:08:10 +0000 Subject: [PATCH] fix(docker): create optimized builder with docker-container driver for arm64 builds closes #580 --- docker/production/.gitlab-ci.yml | 65 +++++++++++++++++++++++++++----- docker/production/Dockerfile | 2 +- 2 files changed, 57 insertions(+), 10 deletions(-) diff --git a/docker/production/.gitlab-ci.yml b/docker/production/.gitlab-ci.yml index 3f467900..a4372f54 100644 --- a/docker/production/.gitlab-ci.yml +++ b/docker/production/.gitlab-ci.yml @@ -12,12 +12,35 @@ docker-build-rolling: DOCKER_BUILDKIT: 1 DOCKER_HOST: tcp://docker:2376 DOCKER_TLS_CERTDIR: "/certs" - script: + before_script: + # ensure the Docker config directory exists - mkdir -p /root/.docker + # copy credentials to authenticate against registry - cp ${DOCKER_HUB_CONFIG} /root/.docker/config.json + - docker context create tls-environment - - docker buildx create --use tls-environment - - docker buildx build --secret id=maxmind-licence-key,env=MAXMIND_LICENCE_KEY --push --platform=linux/amd64 --file=docker/production/Dockerfile --tag=${DOCKER_IMAGE_CASTOPOD}:${TAG} . + + # Create and use builder with optimized settings + - docker buildx create + --name fast-multiplatform + --driver docker-container + --driver-opt network=host + --driver-opt image=moby/buildkit:v0.27.1 + --use + tls-environment + + # initialize and boot fast-multiplatform builder + # configure BuildKit features that aren't enabled by default + - docker buildx inspect --bootstrap + script: + - docker buildx build + --target production + --secret id=maxmind-licence-key,env=MAXMIND_LICENCE_KEY + --platform linux/amd64 + --file docker/production/Dockerfile + --push + --tag ${DOCKER_IMAGE_CASTOPOD}:${TAG} + . rules: - if: $CI_COMMIT_BRANCH == 'develop' @@ -31,18 +54,42 @@ docker-build-release: DOCKER_BUILDKIT: 1 DOCKER_HOST: tcp://docker:2376 DOCKER_TLS_CERTDIR: "/certs" - script: + before_script: + # ensure the Docker config directory exists - mkdir -p /root/.docker + # copy credentials to authenticate against registry - cp ${DOCKER_HUB_CONFIG} /root/.docker/config.json + # extract Castopod version from tag (remove "v" prefix) - export CP_VERSION=$(echo "$CI_COMMIT_TAG" | sed 's/^v//') # extract pre release identifier (eg. alpha, beta, next, ...) from CP_VERSION or "latest" if none exists - export CP_TAG=$(echo "$CP_VERSION" | sed 's/^[^-]*-\([^.]*\)\..*/\1/; t; s/.*/latest/') + - docker context create tls-environment - - docker buildx create --use tls-environment - - docker buildx build --secret id=maxmind-licence-key,env=MAXMIND_LICENCE_KEY --push --platform=linux/amd64 --file=docker/production/Dockerfile --tag=${DOCKER_IMAGE_CASTOPOD}:${CP_VERSION} --tag=${DOCKER_IMAGE_CASTOPOD}:${CP_TAG} . - # when --platform=linux/amd64,linux/arm64: amd64 image takes too long to be pushed as it needs to wait for arm64 to be built - # --> build and push amd64 image first, then overwrite manifest after building arm64 - - docker buildx build --secret id=maxmind-licence-key,env=MAXMIND_LICENCE_KEY --push --platform=linux/amd64,linux/arm64 --file=docker/production/Dockerfile --tag=${DOCKER_IMAGE_CASTOPOD}:${CP_VERSION} --tag=${DOCKER_IMAGE_CASTOPOD}:${CP_TAG} . + + # Create and use builder with optimized settings + - docker buildx create + --name fast-multiplatform + --driver docker-container + --driver-opt network=host + --driver-opt image=moby/buildkit:v0.27.1 + --use + tls-environment + + # initialize and boot fast-multiplatform builder + # configure BuildKit features that aren't enabled by default + - docker buildx inspect --bootstrap + script: + # build multiplatform image for amd64 and arm64 + - docker buildx build + --target production + --secret id=maxmind-licence-key,env=MAXMIND_LICENCE_KEY + --platform linux/amd64,linux/arm64 + --file docker/production/Dockerfile + --push + --tag ${DOCKER_IMAGE_CASTOPOD}:${CP_VERSION} + --tag ${DOCKER_IMAGE_CASTOPOD}:${CP_TAG} + --progress=plain + . rules: - if: $CI_COMMIT_TAG diff --git a/docker/production/Dockerfile b/docker/production/Dockerfile index 5088228f..b33a4cc1 100644 --- a/docker/production/Dockerfile +++ b/docker/production/Dockerfile @@ -56,7 +56,7 @@ RUN \ # Define production image based on FrankenPHP / # Debian with services managed by s6-overlay #--------------------------------------------------- -FROM serversideup/php:${PHP_VERSION}-frankenphp-trixie AS build +FROM serversideup/php:${PHP_VERSION}-frankenphp-trixie AS production LABEL maintainer="Yassine Doghri "