iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(docker): Use docker buildx and Add ARM builds for dockerize and websocket (#25377)

This commit is contained in:
Aleksey Karpov 2023-09-25 23:08:21 +03:00 committed by GitHub
parent 0c083bdc1a
commit e1a91e2228
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 104 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/docker-release.yml vendored
View File

@ -29,6 +29,10 @@ jobs:
persist-credentials: false persist-credentials: false
submodules: recursive submodules: recursive
ref: ${{ github.ref }} ref: ${{ github.ref }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- shell: bash - shell: bash
env: env:
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }} DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}

14
.github/workflows/docker.yml vendored
View File

@ -35,7 +35,10 @@ jobs:
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:
persist-credentials: false persist-credentials: false
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- shell: bash - shell: bash
env: env:
DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }} DOCKERHUB_USER: ${{ secrets.DOCKERHUB_USER }}
@ -49,7 +52,14 @@ jobs:
mkdir -p ./build mkdir -p ./build
echo ${{ github.sha }} > ./build/SHA echo ${{ github.sha }} > ./build/SHA
echo ${{ github.event.pull_request.number }} > ./build/PR-NUM echo ${{ github.event.pull_request.number }} > ./build/PR-NUM
DOCKER_BUILDKIT=1 docker build --target ci -t ${{ github.sha }} -t "pr-${{ github.event.pull_request.number }}" . docker buildx build --target ci \
--load \
--cache-from=type=local,src=/tmp/superset \
-t ${{ github.sha }} \
-t "pr-${{ github.event.pull_request.number }}" \
--platform linux/amd64 \
--label "build_actor=${GITHUB_ACTOR}" \
.
docker save ${{ github.sha }} | gzip > ./build/${{ github.sha }}.tar.gz docker save ${{ github.sha }} | gzip > ./build/${{ github.sha }}.tar.gz
- name: Upload build artifacts - name: Upload build artifacts

81
.github/workflows/docker_build_push.sh vendored
View File

@ -43,13 +43,50 @@ cat<<EOF
- ${REPO_NAME}:${LATEST_TAG} - ${REPO_NAME}:${LATEST_TAG}
EOF EOF
if [ -z "${DOCKERHUB_TOKEN}" ]; then
# Skip if secrets aren't populated -- they're only visible for actions running in the repo (not on forks)
echo "Skipping Docker push"
# By default load it back
DOCKER_ARGS="--load"
ARCHITECTURE_FOR_BUILD="linux/amd64 linux/arm64"
else
# Login and push
docker logout
docker login --username "${DOCKERHUB_USER}" --password "${DOCKERHUB_TOKEN}"
DOCKER_ARGS="--push"
ARCHITECTURE_FOR_BUILD="linux/amd64,linux/arm64"
fi
set -x
#
# Build the dev image
#
docker buildx build --target dev \
$DOCKER_ARGS \
--cache-from=type=registry,ref=apache/superset:master-dev \
--cache-from=type=local,src=/tmp/superset \
--cache-to=type=local,ignore-error=true,dest=/tmp/superset \
-t "${REPO_NAME}:${SHA}-dev" \
-t "${REPO_NAME}:${REFSPEC}-dev" \
-t "${REPO_NAME}:${LATEST_TAG}-dev" \
--platform linux/amd64 \
--label "sha=${SHA}" \
--label "built_at=$(date)" \
--label "target=dev" \
--label "build_actor=${GITHUB_ACTOR}" \
.
# #
# Build the "lean" image # Build the "lean" image
# #
DOCKER_BUILDKIT=1 docker build --target lean \ docker buildx build --target lean \
$DOCKER_ARGS \
--cache-from=type=local,src=/tmp/superset \
--cache-to=type=local,ignore-error=true,dest=/tmp/superset \
-t "${REPO_NAME}:${SHA}" \ -t "${REPO_NAME}:${SHA}" \
-t "${REPO_NAME}:${REFSPEC}" \ -t "${REPO_NAME}:${REFSPEC}" \
-t "${REPO_NAME}:${LATEST_TAG}" \ -t "${REPO_NAME}:${LATEST_TAG}" \
--platform linux/amd64 \
--label "sha=${SHA}" \ --label "sha=${SHA}" \
--label "built_at=$(date)" \ --label "built_at=$(date)" \
--label "target=lean" \ --label "target=lean" \
@ -59,60 +96,48 @@ DOCKER_BUILDKIT=1 docker build --target lean \
# #
# Build the "lean310" image # Build the "lean310" image
# #
DOCKER_BUILDKIT=1 docker build --target lean \ docker buildx build --target lean \
$DOCKER_ARGS \
--cache-from=type=local,src=/tmp/superset \
--cache-to=type=local,ignore-error=true,dest=/tmp/superset \
-t "${REPO_NAME}:${SHA}-py310" \ -t "${REPO_NAME}:${SHA}-py310" \
-t "${REPO_NAME}:${REFSPEC}-py310" \ -t "${REPO_NAME}:${REFSPEC}-py310" \
-t "${REPO_NAME}:${LATEST_TAG}-py310" \ -t "${REPO_NAME}:${LATEST_TAG}-py310" \
--platform linux/amd64 \
--build-arg PY_VER="3.10-slim-bookworm"\ --build-arg PY_VER="3.10-slim-bookworm"\
--label "sha=${SHA}" \ --label "sha=${SHA}" \
--label "built_at=$(date)" \ --label "built_at=$(date)" \
--label "target=lean310" \ --label "target=lean310" \
--label "build_actor=${GITHUB_ACTOR}" \ --label "build_actor=${GITHUB_ACTOR}" \
. .
for BUILD_PLATFORM in $ARCHITECTURE_FOR_BUILD; do
# #
# Build the "websocket" image # Build the "websocket" image
# #
DOCKER_BUILDKIT=1 docker build \ docker buildx build \
$DOCKER_ARGS \
--cache-from=type=registry,ref=apache/superset:master-websocket \
-t "${REPO_NAME}:${SHA}-websocket" \ -t "${REPO_NAME}:${SHA}-websocket" \
-t "${REPO_NAME}:${REFSPEC}-websocket" \ -t "${REPO_NAME}:${REFSPEC}-websocket" \
-t "${REPO_NAME}:${LATEST_TAG}-websocket" \ -t "${REPO_NAME}:${LATEST_TAG}-websocket" \
--platform ${BUILD_PLATFORM} \
--label "sha=${SHA}" \ --label "sha=${SHA}" \
--label "built_at=$(date)" \ --label "built_at=$(date)" \
--label "target=websocket" \ --label "target=websocket" \
--label "build_actor=${GITHUB_ACTOR}" \ --label "build_actor=${GITHUB_ACTOR}" \
superset-websocket superset-websocket
#
# Build the dev image
#
DOCKER_BUILDKIT=1 docker build --target dev \
-t "${REPO_NAME}:${SHA}-dev" \
-t "${REPO_NAME}:${REFSPEC}-dev" \
-t "${REPO_NAME}:${LATEST_TAG}-dev" \
--label "sha=${SHA}" \
--label "built_at=$(date)" \
--label "target=dev" \
--label "build_actor=${GITHUB_ACTOR}" \
.
# #
# Build the dockerize image # Build the dockerize image
# #
DOCKER_BUILDKIT=1 docker build \ docker buildx build \
$DOCKER_ARGS \
--cache-from=type=registry,ref=apache/superset:dockerize \
-t "${REPO_NAME}:dockerize" \ -t "${REPO_NAME}:dockerize" \
--platform ${BUILD_PLATFORM} \
--label "sha=${SHA}" \ --label "sha=${SHA}" \
--label "built_at=$(date)" \ --label "built_at=$(date)" \
--label "build_actor=${GITHUB_ACTOR}" \ --label "build_actor=${GITHUB_ACTOR}" \
-f dockerize.Dockerfile \ -f dockerize.Dockerfile \
. .
done
if [ -z "${DOCKERHUB_TOKEN}" ]; then
# Skip if secrets aren't populated -- they're only visible for actions running in the repo (not on forks)
echo "Skipping Docker push"
else
# Login and push
docker logout
docker login --username "${DOCKERHUB_USER}" --password "${DOCKERHUB_TOKEN}"
docker push --all-tags "${REPO_NAME}"
fi

54
Dockerfile
View File

@ -22,16 +22,14 @@ ARG PY_VER=3.9-slim-bookworm
# if BUILDPLATFORM is null, set it to 'amd64' (or leave as is otherwise). # if BUILDPLATFORM is null, set it to 'amd64' (or leave as is otherwise).
ARG BUILDPLATFORM=${BUILDPLATFORM:-amd64} ARG BUILDPLATFORM=${BUILDPLATFORM:-amd64}
FROM --platform=${BUILDPLATFORM} node:16-slim AS superset-node FROM --platform=${BUILDPLATFORM} node:16-bookworm-slim AS superset-node
ARG NPM_BUILD_CMD="build" ARG NPM_BUILD_CMD="build"
RUN apt-get update -q \ RUN apt-get update -qq \
&& apt-get install -yq --no-install-recommends \ && apt-get install -yqq --no-install-recommends \
python3 \ build-essential \
make \ python3
gcc \
g++
ENV BUILD_CMD=${NPM_BUILD_CMD} \ ENV BUILD_CMD=${NPM_BUILD_CMD} \
PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
@ -41,8 +39,9 @@ WORKDIR /app/superset-frontend
RUN --mount=type=bind,target=/frontend-mem-nag.sh,src=./docker/frontend-mem-nag.sh \ RUN --mount=type=bind,target=/frontend-mem-nag.sh,src=./docker/frontend-mem-nag.sh \
/frontend-mem-nag.sh /frontend-mem-nag.sh
COPY superset-frontend/package*.json ./ RUN --mount=type=bind,target=./package.json,src=./superset-frontend/package.json \
RUN npm ci --mount=type=bind,target=./package-lock.json,src=./superset-frontend/package-lock.json \
npm ci
COPY ./superset-frontend ./ COPY ./superset-frontend ./
# This seems to be the most expensive step # This seems to be the most expensive step
@ -62,10 +61,11 @@ ENV LANG=C.UTF-8 \
SUPERSET_HOME="/app/superset_home" \ SUPERSET_HOME="/app/superset_home" \
SUPERSET_PORT=8088 SUPERSET_PORT=8088
RUN mkdir -p ${PYTHONPATH} superset/static superset-frontend apache_superset.egg-info requirements \ RUN --mount=target=/var/lib/apt/lists,type=cache \
--mount=target=/var/cache/apt,type=cache \
mkdir -p ${PYTHONPATH} superset/static superset-frontend apache_superset.egg-info requirements \
&& useradd --user-group -d ${SUPERSET_HOME} -m --no-log-init --shell /bin/bash superset \ && useradd --user-group -d ${SUPERSET_HOME} -m --no-log-init --shell /bin/bash superset \
&& apt-get update -q \ && apt-get update -qq && apt-get install -yqq --no-install-recommends \
&& apt-get install -yq --no-install-recommends \
build-essential \ build-essential \
curl \ curl \
default-libmysqlclient-dev \ default-libmysqlclient-dev \
@ -74,27 +74,30 @@ RUN mkdir -p ${PYTHONPATH} superset/static superset-frontend apache_superset.egg
libpq-dev \ libpq-dev \
libecpg-dev \ libecpg-dev \
libldap2-dev \ libldap2-dev \
&& apt-get autoremove -yqq --purge && rm -rf /var/lib/apt/lists/* /var/[log,tmp]/* /tmp/* && apt-get clean \
&& touch superset/static/version_info.json \ && touch superset/static/version_info.json \
&& chown -R superset:superset ./* && chown -R superset:superset ./*
COPY --chown=superset:superset ./requirements/*.txt requirements/
COPY --chown=superset:superset setup.py MANIFEST.in README.md ./ COPY --chown=superset:superset setup.py MANIFEST.in README.md ./
# setup.py uses the version information in package.json # setup.py uses the version information in package.json
COPY --chown=superset:superset superset-frontend/package.json superset-frontend/ COPY --chown=superset:superset superset-frontend/package.json superset-frontend/
RUN pip install --no-cache-dir -r requirements/local.txt RUN --mount=type=bind,target=./requirements/local.txt,src=./requirements/local.txt \
--mount=type=bind,target=./requirements/development.txt,src=./requirements/development.txt \
--mount=type=bind,target=./requirements/base.txt,src=./requirements/base.txt \
--mount=type=cache,target=/root/.cache/pip \
pip install -r requirements/local.txt
COPY --chown=superset:superset --from=superset-node /app/superset/static/assets superset/static/assets COPY --chown=superset:superset --from=superset-node /app/superset/static/assets superset/static/assets
## Lastly, let's install superset itself ## Lastly, let's install superset itself
COPY --chown=superset:superset superset superset COPY --chown=superset:superset superset superset
RUN pip install --no-cache-dir -e . \ RUN --mount=type=cache,target=/root/.cache/pip \
pip install -e . \
&& flask fab babel-compile --target superset/translations \ && flask fab babel-compile --target superset/translations \
&& chown -R superset:superset superset/translations && chown -R superset:superset superset/translations
COPY --chmod=755 ./docker/run-server.sh /usr/bin/ COPY --chmod=755 ./docker/run-server.sh /usr/bin/
USER superset USER superset
HEALTHCHECK CMD curl -f "http://localhost:$SUPERSET_PORT/health" HEALTHCHECK CMD curl -f "http://localhost:${SUPERSET_PORT}/health"
EXPOSE ${SUPERSET_PORT} EXPOSE ${SUPERSET_PORT}
@ -109,8 +112,9 @@ ARG GECKODRIVER_VERSION=v0.33.0 \
USER root USER root
RUN apt-get update -q \ RUN --mount=target=/var/lib/apt/lists,type=cache \
&& apt-get install -yq --no-install-recommends \ --mount=target=/var/cache/apt,type=cache \
apt-get install -yqq --no-install-recommends \
libnss3 \ libnss3 \
libdbus-glib-1-2 \ libdbus-glib-1-2 \
libgtk-3-0 \ libgtk-3-0 \
@ -119,14 +123,16 @@ RUN apt-get update -q \
libxtst6 \ libxtst6 \
wget \ wget \
# Install GeckoDriver WebDriver # Install GeckoDriver WebDriver
&& wget https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz -O - | tar xfz - -C /usr/local/bin \ && wget -q https://github.com/mozilla/geckodriver/releases/download/${GECKODRIVER_VERSION}/geckodriver-${GECKODRIVER_VERSION}-linux64.tar.gz -O - | tar xfz - -C /usr/local/bin \
# Install Firefox # Install Firefox
&& wget https://download-installer.cdn.mozilla.net/pub/firefox/releases/${FIREFOX_VERSION}/linux-x86_64/en-US/firefox-${FIREFOX_VERSION}.tar.bz2 -O - | tar xfj - -C /opt \ && wget -q https://download-installer.cdn.mozilla.net/pub/firefox/releases/${FIREFOX_VERSION}/linux-x86_64/en-US/firefox-${FIREFOX_VERSION}.tar.bz2 -O - | tar xfj - -C /opt \
&& ln -s /opt/firefox/firefox /usr/local/bin/firefox \ && ln -s /opt/firefox/firefox /usr/local/bin/firefox \
&& apt-get autoremove -yqq --purge wget && rm -rf /var/lib/apt/lists/* /var/[log,tmp]/* /tmp/* && apt-get clean && apt-get autoremove -yqq --purge wget && rm -rf /var/[log,tmp]/* /tmp/*
# Cache everything for dev purposes... # Cache everything for dev purposes...
RUN pip install --no-cache-dir -r requirements/docker.txt RUN --mount=type=bind,target=./requirements/base.txt,src=./requirements/base.txt \
--mount=type=bind,target=./requirements/docker.txt,src=./requirements/docker.txt \
--mount=type=cache,target=/root/.cache/pip \
pip install -r requirements/docker.txt
USER superset USER superset
###################################################################### ######################################################################

9
dockerize.Dockerfile
View File

@ -4,10 +4,11 @@ ARG DOCKERIZE_VERSION=v0.7.0
RUN apk update --no-cache \ RUN apk update --no-cache \
&& apk add --no-cache wget openssl \ && apk add --no-cache wget openssl \
&& wget -O - https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz | tar xzf - -C /usr/local/bin \ && case "$(apk --print-arch)" in \
x86_64) ARCH=amd64 ;; \
aarch64) ARCH=arm64 ;; \
esac \
&& wget -O - https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-${ARCH}-${DOCKERIZE_VERSION}.tar.gz | tar xzf - -C /usr/local/bin \
&& apk del wget && apk del wget
USER 10001 USER 10001
ENTRYPOINT ["dockerize"]
CMD ["--help"]