From eec4fc3078c866aae8c1eef25ef152764f4f60ab Mon Sep 17 00:00:00 2001 From: Archisman Date: Fri, 3 Jan 2025 02:14:19 +0530 Subject: [PATCH 1/3] Supporting both ARM64 and AMD64 container images for backup-sealed-secrets-keys Signed-off-by: Archisman --- .github/workflows/backup-sealed-secrets-keys.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/backup-sealed-secrets-keys.yml b/.github/workflows/backup-sealed-secrets-keys.yml index f42da0b..0b59231 100644 --- a/.github/workflows/backup-sealed-secrets-keys.yml +++ b/.github/workflows/backup-sealed-secrets-keys.yml @@ -2,9 +2,9 @@ name: Build backup-sealed-secrets-keys on: push: - branches: [ "*" ] - paths: 'backup-sealed-secrets-keys/**' - tags: [ "v*" ] + branches: ["*"] + paths: "backup-sealed-secrets-keys/**" + tags: ["v*"] jobs: build-and-push: @@ -37,9 +37,12 @@ jobs: - name: Build & push container image id: docker_build - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v4 with: file: "./backup-sealed-secrets-keys/Dockerfile" + # NOTE : It takes pretty long to build container images for the ARM64 platform (even when + # using QEMU). + platforms: linux/amd64,linux/arm64 context: . labels: ${{ steps.meta.outputs.labels }} push: true From f87ba03fc54208a597ccc4ce19b34182ffc42036 Mon Sep 17 00:00:00 2001 From: Archisman Date: Fri, 3 Jan 2025 02:24:44 +0530 Subject: [PATCH 2/3] (fix/backup-sealed-secrets-keys) : Updating K8s version and repo location in the Dockerfile Signed-off-by: Archisman --- backup-sealed-secrets-keys/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backup-sealed-secrets-keys/Dockerfile b/backup-sealed-secrets-keys/Dockerfile index 94ddbd5..94321a6 100644 --- a/backup-sealed-secrets-keys/Dockerfile +++ b/backup-sealed-secrets-keys/Dockerfile @@ -10,8 +10,8 @@ RUN apt-get install -y jq gzip gnupg wget apt-transport-https ca-certificates un RUN apt-get dist-upgrade -y # Enable Google Kubernetes repo -RUN wget --quiet -O - https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - -RUN echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list +RUN echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /" | tee /etc/apt/sources.list.d/kubernetes.list +RUN curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg # Enable Azure repo RUN mkdir -p /etc/apt/keyrings @@ -43,4 +43,4 @@ RUN mkdir /home/script RUN chown 1000:1000 /home/script USER 1000:1000 -CMD ["/bin/bash", "/mnt/script"] \ No newline at end of file +CMD ["/bin/bash", "/mnt/script"] From ad336d2c7b24ca5fe332e30dee0f32f360e4ffdf Mon Sep 17 00:00:00 2001 From: Archisman Date: Fri, 3 Jan 2025 02:49:29 +0530 Subject: [PATCH 3/3] (fix/backup-sealed-secrets-keys) : Installing CPU architecture specific AWS CLI binary Signed-off-by: Archisman --- backup-sealed-secrets-keys/Dockerfile | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/backup-sealed-secrets-keys/Dockerfile b/backup-sealed-secrets-keys/Dockerfile index 94321a6..576395d 100644 --- a/backup-sealed-secrets-keys/Dockerfile +++ b/backup-sealed-secrets-keys/Dockerfile @@ -22,10 +22,11 @@ RUN apt-get update RUN apt-get install -y kubectl --no-install-recommends # Download and install AWS CLI v2 -RUN wget --quiet https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -RUN unzip awscli-exe-linux-x86_64.zip -RUN aws/install -RUN rm -fr aws/ awscli-exe-linux-x86_64.zip +RUN export CPU_ARCHITECTURE=$([ "$(uname -m)" = "x86_64" ] && echo "x86_64" || echo "aarch64") &&\ + wget https://awscli.amazonaws.com/awscli-exe-linux-"${CPU_ARCHITECTURE}".zip && \ + unzip awscli-exe-linux-"${CPU_ARCHITECTURE}".zip && \ + aws/install && \ + rm -fr aws/ awscli-exe-linux-"${CPU_ARCHITECTURE}".zip # Install AZURE cli RUN apt-get install -y azure-cli --no-install-recommends