From 36e91be7ee1493d079c0f85630bc4a61cfa5a102 Mon Sep 17 00:00:00 2001 From: Piotr Kazmierczak <470696+pkazmierczak@users.noreply.github.com> Date: Mon, 14 Apr 2025 09:27:17 +0200 Subject: [PATCH] build: use nomad-builder docker image to build Nomad (#25626) This introduces a docker image based off of ubuntu:bionic that can be used to compile Nomad binary against glibc 2.27. The image cannot build JS assets, which must be created before we compile the Go binary. --- .github/nomad-builder/Dockerfile | 28 +++++++++++++++++++++++++++ .github/workflows/build.yml | 33 +++++++++++++++++--------------- 2 files changed, 46 insertions(+), 15 deletions(-) create mode 100644 .github/nomad-builder/Dockerfile diff --git a/.github/nomad-builder/Dockerfile b/.github/nomad-builder/Dockerfile new file mode 100644 index 000000000..2cc766747 --- /dev/null +++ b/.github/nomad-builder/Dockerfile @@ -0,0 +1,28 @@ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: BUSL-1.1 + +FROM ubuntu:bionic + +ENV DEBIAN_FRONTEND=noninteractive + +ARG GO_VERSION + +RUN apt-get update && apt-get install -y --no-install-recommends \ + bash \ + build-essential \ + ca-certificates \ + crossbuild-essential-arm64 \ + curl \ + gcc-aarch64-linux-gnu \ + git \ + xz-utils \ + zip + +# Get Go and get Going ;) +RUN curl -L https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz | tar -C /opt -zxv + +ENV PATH="/root/go/bin:/opt/go/bin:$PATH" + +RUN git config --global --add safe.directory /build + +WORKDIR /build diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2096ebbd1..256b265f6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -149,6 +149,11 @@ jobs: build-linux: needs: [get-go-version, get-product-version] runs-on: custom-linux-xxl-nomad-20.04 + services: + registry: + image: registry:2 + ports: + - 5000:5000 strategy: matrix: goos: [linux] @@ -161,6 +166,9 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.inputs.build-ref }} + + # even though we build inside the container, go tooling is still needed + # for make prerelease - name: Setup go uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0 with: @@ -183,20 +191,15 @@ jobs: run: make prerelease if: ${{ github.event_name != 'workflow_dispatch' || github.event.inputs.make-prerelease == 'true' }} - - name: Install Linux build utilties - run: | - sudo apt-get update - sudo apt-get install -y software-properties-common - sudo apt-get update - sudo apt-get install -y \ - binutils-aarch64-linux-gnu \ - gcc-aarch64-linux-gnu - - - name: Set gcc - run: | - if [ "${{ matrix.goarch }}" == "arm64" ]; then - echo "CC=aarch64-linux-gnu-gcc" >> "$GITHUB_ENV" - fi + - name: Build nomad-builder image + uses: docker/build-push-action@548776e8d0d44ea63feed0c8a944e6235fc63eee # v6 + with: + platforms: linux/amd64 # we only ever build amd64 images because we always run on amd64 runners and cross-compile inside the container if needed + context: .github/nomad-builder/ + build-args: | + GO_VERSION=${{ needs.get-go-version.outputs.go-version }} + push: true + tags: localhost:5000/nomad-builder:${{ github.sha }} - name: Build env: @@ -206,7 +209,7 @@ jobs: CGO_ENABLED: 1 run: | go clean -cache - make pkg/${{ matrix.goos }}_${{ matrix.goarch }}.zip + docker run --user "$(id --user):$(id --group)" --env HOME=/tmp -v "$(pwd)":/build localhost:5000/nomad-builder:${{ github.sha }} make pkg/${{ matrix.goos }}_${{ matrix.goarch }}.zip mv pkg/${{ matrix.goos }}_${{ matrix.goarch }}.zip ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: