add new workflow to help push applelink to github image registry #32
Conversation
remove section that uploads new images from pull_request Co-authored-by: Copilot <[email protected]> Signed-off-by: Sameer Kolhar <[email protected]>
.github/workflows/docker-publish.yml
Outdated
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@v3 |
There was a problem hiding this comment.
Why do we need to set up qemu? Docker works natively on linux no?
There was a problem hiding this comment.
Another good question! I added QEMU to support multi-arch builds (linux/amd64 and linux/arm64) for broader compatibility, thinking that we'd require the images to be used on Apple Silicon machines as well. That was a misunderstanding and I now understand that M1/M2 leveraging hardware doesn't need special images and can do just fine with the normal linux/amd64 images. I understand that, if needed, M1 devs can build natively. So yeah, we can certainly simplify and remove QEMU
Dockerfile
Outdated
| RUN apt-get update -qq && \ | ||
| apt-get install --no-install-recommends -y \ | ||
| curl \ | ||
| libjemalloc2 \ | ||
| gnupg2 \ | ||
| less \ | ||
| git \ | ||
| libnss3-tools && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* | ||
|
|
||
| FROM --platform=${BUILDPLATFORM:-linux/amd64} base AS builder | ||
|
|
||
| RUN apt-get update -qq && \ | ||
| apt-get install --no-install-recommends -y \ | ||
| build-essential \ | ||
| pkg-config \ | ||
| libvips-dev && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* | ||
|
|
||
| COPY Gemfile Gemfile.lock .ruby-version ./ | ||
|
|
||
| RUN gem install bundler -v 2.4.2 && \ | ||
| bundle config set --local without 'development test' && \ | ||
| bundle install --jobs=4 --retry=3 | ||
|
|
||
| COPY . . | ||
|
|
||
| FROM --platform=${TARGETPLATFORM:-linux/amd64} base | ||
|
|
||
| RUN apt-get update -qq && \ | ||
| apt-get install --no-install-recommends -y \ | ||
| libvips42 && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/* |
There was a problem hiding this comment.
Why run these apt-get installs and cleanups in 3 different sections?
Why not just install everything together in one place?
There was a problem hiding this comment.
Thanks for flagging this! I've now consolidated all system package installs into a single apt-get install block in a shared runtime base (runtime). This removes the visual repetition across stages while still using a multi-stage build to keep build-time deps isolated. Let me know if you'd prefer going back to a more aggressively stripped runtime image, happy to do that too!
This is related to the task which will eventually help us move staging away from render and into GCP