Skip to content

Multiarch images #432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
+117 −55
Open

Multiarch images #432

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
aaa6374
Leave docker alone
BowlesCR Sep 3, 2025
0ca7eae
Build and push by digest, merge into multiarch image
BowlesCR Sep 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
172 changes: 117 additions & 55 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,11 @@ defaults:
run:
shell: bash

jobs:
env:
DOCKERHUB_REPO: postgis/postgis
GITHUB_REPO: postgis/docker-postgis

jobs:
make-docker-images:
strategy:
matrix:
Expand Down Expand Up @@ -67,71 +70,130 @@ jobs:
env:
VERSION: ${{ matrix.postgres }}-${{ matrix.postgis }}
VARIANT: ${{ matrix.variant }}
DOCKER_APT_PKG_VER: '5:28.3.3-1~ubuntu.24.04~noble'

steps:
- name: Install/config specific version of Docker packages
- name: Checkout source
uses: actions/checkout@v5

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build Docker image for ${{ env.VERSION }} ${{ env.VARIANT }}
id: build
uses: docker/build-push-action@v5
with:
context: ${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '/alpine' || ''}}
file: ${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '/alpine' || ''}}/Dockerfile
load: true
push: false # don't push until after testing

- name: Check out official-images repo
uses: actions/checkout@v5
with:
repository: docker-library/official-images
path: official-images
sparse-checkout: |
test

- name: Run official-images test script
run: |
echo "***** Removing any currently installed conflicting packages..."
for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done
echo "***** Setting up Docker's APT repo..."
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
echo "***** Check available docker-ce versions ."
sudo apt policy docker-ce
echo "***** Installing Docker packages..."
sudo apt-get install docker-ce=${{ env.DOCKER_APT_PKG_VER }} docker-ce-cli=${{ env.DOCKER_APT_PKG_VER }} containerd.io docker-buildx-plugin docker-compose-plugin
echo "***** Verifying initial Docker installation..."
docker run hello-world
echo "***** Displaying Docker information..."
docker info
echo "***** Configuring Docker for containerd image store and builder keepStorage..."
echo "{ \"features\": { \"containerd-snapshotter\": true }}" | sudo tee /etc/docker/daemon.json
echo $'{
"features": {
"containerd-snapshotter": true
},
"builder": {
"gc": {
"defaultKeepStorage": "20GB",
"enabled": true
}
}
}' | sudo tee /etc/docker/daemon.json
sudo systemctl restart docker
docker info -f '{{ .DriverStatus }}'

- name: Load binfmt platforms for QEMU
./official-images/test/run.sh -c ./official-images/test/config.sh -c test/postgis-config.sh ${{ steps.build.outputs.imageid }}

- name: Login to dockerhub
id: login-dockerhub
uses: docker/login-action@v3
if: ${{ (github.repository == env.GITHUB_REPO) && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}

- name: Push image by digest
id: push
uses: docker/build-push-action@v5 # Build is cached, this is really just a push
if: ${{ (github.repository == env.GITHUB_REPO) && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
with:
context: ${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '/alpine' || ''}}
file: ${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '/alpine' || ''}}/Dockerfile
outputs: type=image,"name=${{ env.DOCKERHUB_REPO }}",push-by-digest=true,name-canonical=true,push=true

- name: Export digest
run: |
docker run --privileged --rm tonistiigi/binfmt --install all
docker images --tree
mkdir -p ${{ runner.temp }}/digests
digest="${{ steps.push.outputs.digest }}"
touch "${{ runner.temp }}/digests/${digest#sha256:}"

- name: Checkout source
uses: actions/checkout@v4
- name: Upload digests
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.VERSION }}-${{ env.VARIANT }}-${{ matrix.runner-platform }}
path: ${{ runner.temp }}/digests/*
if-no-files-found: error
retention-days: 1

- name: Build docker image for ${{ env.VERSION }} ${{ env.VARIANT }}
run: make test
merge-manifests:
name: Merge manifests and push to DockerHub
needs: make-docker-images
runs-on: ubuntu-24.04-arm # Always on arm, because why not
if: ${{ (github.repository == env.GITHUB_REPO) && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
env:
VERSION: ${{ matrix.postgres }}-${{ matrix.postgis }}
VARIANT: ${{ matrix.variant }}
strategy:
matrix:
# Copy from above, minus the runner-platform
postgres: [13, 14, 15, 16, 17]
postgis: ['3.5']
variant: [default, alpine]
include:
- postgres: 16
postgis: master
variant: default
- postgres: 17
postgis: master
variant: default
- postgres: 17
postgis: '3.6'
variant: alpine
- postgres: 18
postgis: '3.6'
variant: alpine
- postgres: 18
postgis: '3.6'
variant: default

steps:
- name: Login to dockerhub
id: login-dockerhub
uses: docker/login-action@v3
if: ${{ (github.repository == 'postgis/docker-postgis') && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}

- name: Push docker image to dockerhub
# !!!! ONLY push the images when built on ubuntu-24.04 x86 runner for now, NOT for ubuntu-24.04-arm runners
if: ${{ (github.repository == 'postgis/docker-postgis') && (github.ref == 'refs/heads/master') && (github.event_name != 'pull_request') && ( matrix.runner-platform == 'ubuntu-24.04' ) }}
env:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_ACCESS_TOKEN: ${{ secrets.DOCKERHUB_ACCESS_TOKEN }}
run: make push
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Download digests
uses: actions/download-artifact@v4
with:
path: ${{ runner.temp }}/digests
pattern: digests-${{ env.VERSION }}-${{ env.VARIANT }}-*
merge-multiple: true

- name: Docker Metadata
uses: docker/metadata-action@v5
with:
images: |
${{ env.DOCKERHUB_REPO }}
tags: |
type=raw,value=${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '-alpine' || ''}}

- name: Create manifest list and push
working-directory: ${{ runner.temp }}/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.DOCKERHUB_REPO }}@sha256:%s ' *)

- name: Inspect image # Purely for debugging
run: |
sleep 5
docker buildx imagetools inspect ${{ env.DOCKERHUB_REPO }}:${{ env.VERSION }}${{ env.VARIANT == 'alpine' && '-alpine' || ''}}