Add support for ARM container images

Question

Add support for ARM container images

Opened this issue 2 years ago · 4 comments

There is no arm container images available

docker pull kubesec/kubesec 
...
docker: no matching manifest for linux/arm64/v8 in the manifest list entries.

It will be good to have ones to use docker version on Apple M1/M2

Answer 1 · 2023-05-09T21:52:32.000Z

Looking forward to this one too.

Answer 2 · 2023-06-12T19:59:00.000Z

For folks can't wait, here is the cli steps:

cd /path/to/kubesec
docker buildx create --name mybuilder --driver docker-container --bootstrap
docker buildx use mybuilder
docker buildx build --platform linux/amd64,linux/arm64,linux/amd64/v2 -t your_name/kubesec --push .

I did fork kubesec repo and work on the github actions and have some success:

master...zanhsieh:kubesec:master
https://github.com/zanhsieh/kubesec/actions/runs/5261715705
https://hub.docker.com/repository/docker/zanhsieh/kubesec/tags?page=1&ordering=last_updated

Answer 3 · 2023-06-14T08:44:03.000Z

Thanks @zanhsieh

I'm obligated to say use 3rd party builds of kubesec at your own risk.

It's pretty trivial to do your own container build from source if your host is arm. Also if you don't want to build from source you can copy the specific arm release binary you need into a scratch container, see Dockerfile.scratch for inspiration

I wonder if you can do FROM --platform=linux/arm64 scratch then just COPY the aarch64 binary even on an amd64 host since it's not actually got any RUN commands etc. It might also need DOCKER_DEFAULT_PLATFORM to be set 🤔

I'll try and update the container builds in GHA soon so it publishes for different platforms
We're already using buildx so it might just be a case of telling it to build for the other platforms. Worst case it also needs a tiny bit of extra configuration

Answer 4 · 2023-06-14T13:17:51.000Z

I wonder if you can do FROM --platform=linux/arm64 scratch then just COPY the aarch64 binary even on an amd64 host since it's not actually got any RUN commands etc. It might also need DOCKER_DEFAULT_PLATFORM to be set 🤔

I just did fork and checkout master branch from this repo, docker buildx build without any specific FROM --platform=linux/arm64 scratch on my M1 MBP, and it succeeded. It actually surprised me.

Also docker buildx build with QEMU on the Github Action workflow did handle various platform build. Current the CodeQL problems resolved.