From 967f93aa63790858c1eff3534473655e1c545082 Mon Sep 17 00:00:00 2001 From: Alex Gustafsson Date: Mon, 26 May 2025 17:36:54 +0200 Subject: [PATCH] Use recommended GitHub actions to build image - The redhat actions no longer provide anything not provided by the official docker action - The redhat action creates OCI images that are not following best practices from the OCI specification --- .github/workflows/pull_requests.yml | 14 +++++------ .github/workflows/releases.yml | 36 ++++++++++++++--------------- Dockerfile | 5 +--- 3 files changed, 25 insertions(+), 30 deletions(-) diff --git a/.github/workflows/pull_requests.yml b/.github/workflows/pull_requests.yml index 296e60b9..4cb40950 100644 --- a/.github/workflows/pull_requests.yml +++ b/.github/workflows/pull_requests.yml @@ -34,20 +34,20 @@ jobs: if: success() run: npx grunt prod + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Production Image Build if: success() id: build-image - uses: redhat-actions/buildah-build@v2 + uses: docker/build-push-action@v6 with: # Not being uploaded to any registry, use a simple name to allow Buildah to build correctly. image: cyberchef - containerfiles: ./Dockerfile platforms: linux/amd64 - oci: true - # Webpack seems to use a lot of open files, increase the max open file limit to accomodate. - extra-args: | - --ulimit nofile=10000 - - name: UI Tests if: success() run: | diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml index a77f4984..52e81f2c 100644 --- a/.github/workflows/releases.yml +++ b/.github/workflows/releases.yml @@ -45,6 +45,12 @@ jobs: sudo apt-get install xvfb xvfb-run --server-args="-screen 0 1200x800x24" npx grunt testui + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Image Metadata id: image-metadata uses: docker/metadata-action@v4 @@ -55,30 +61,22 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{version}} - - name: Production Image Build - id: build-image - uses: redhat-actions/buildah-build@v2 + - name: Log in to GHCR + uses: docker/login-action@v3 with: - tags: ${{ steps.image-metadata.outputs.tags }} - labels: ${{ steps.image-metadata.outputs.labels }} - containerfiles: ./Dockerfile - platforms: linux/amd64,linux/arm64 - oci: true - # enable build layer caching between platforms - layers: true - # Webpack seems to use a lot of open files, increase the max open file limit to accomodate. - extra-args: | - --ulimit nofile=10000 - - - name: Publish to GHCR - uses: redhat-actions/push-to-registry@v2 - with: - image: ${{ steps.build-image.outputs.image }} - tags: ${{ steps.build-image.outputs.tags }} registry: ${{ env.REGISTRY }} username: ${{ env.REGISTRY_USER }} password: ${{ env.REGISTRY_PASSWORD }} + - name: Publish to GHCR + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.image-metadata.outputs.tags }} + labels: ${{ steps.image-metadata.outputs.labels }} + platforms: linux/amd64,linux/arm64 + - name: Upload Release Assets id: upload-release-assets uses: svenstaro/upload-release-action@v2 diff --git a/Dockerfile b/Dockerfile index ba605fd7..2184a294 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,9 +27,6 @@ RUN npm run build ######################################### # Package static build files into nginx # ######################################### -# We are using Github Actions: redhat-actions/buildah-build@v2 which needs manual selection of arch in base image -# Remove TARGETARCH if docker buildx is supported in the CI release as --platform=$TARGETPLATFORM will be automatically set -ARG TARGETPLATFORM -FROM --platform=${TARGETPLATFORM} nginx:stable-alpine AS cyberchef +FROM nginx:stable-alpine AS cyberchef COPY --from=builder /app/build/prod /usr/share/nginx/html/