feat: add harbor arm build parameters

Signed-off-by: Jeremy-boo <bozhu@alauda.io>

.github/workflows/CI.yml

@@ -13,6 +13,8 @@ env:
    REDIS_HOST: localhost
    REG_VERSION: v2.7.1-patch-2819-2553
    UI_BUILDER_VERSION: 1.6.0
+   ARCH: amd64
+
 
 on:
   pull_request:

Makefile

@@ -89,6 +89,9 @@ CHARTFLAG=false
 BUILDTARGET=build
 GEN_TLS=
 
+# harbor build target, defaults to x86-amd64.
+BUILD_TARGET=amd64
+
 # version prepare
 # for docker image tag
 VERSIONTAG=dev
@@ -123,13 +126,19 @@ CHARTMUSEUMVERSION=$(CHARTMUSEUM_SRC_TAG)-redis
 # version of registry for pulling the source code
 REGISTRY_SRC_TAG=v2.8.0
 
+# go build param
+CGO_ENABLED=0
+GOOS=linux
+GOARCH=amd64
+
 # dependency binaries
 CHARTURL=https://storage.googleapis.com/harbor-builds/bin/chartmuseum/release-${CHARTMUSEUMVERSION}/chartm
 NOTARYURL=https://storage.googleapis.com/harbor-builds/bin/notary/release-${NOTARYVERSION}/binary-bundle.tgz
 REGISTRYURL=https://storage.googleapis.com/harbor-builds/bin/registry/release-${REGISTRYVERSION}/registry
 TRIVY_DOWNLOAD_URL=https://github.com/aquasecurity/trivy/releases/download/$(TRIVYVERSION)/trivy_$(TRIVYVERSION:v%=%)_Linux-64bit.tar.gz
 TRIVY_ADAPTER_DOWNLOAD_URL=https://github.com/aquasecurity/harbor-scanner-trivy/releases/download/$(TRIVYADAPTERVERSION)/harbor-scanner-trivy_$(TRIVYADAPTERVERSION:v%=%)_Linux_x86_64.tar.gz
 
+
 define VERSIONS_FOR_PREPARE
 VERSION_TAG: $(VERSIONTAG)
 REGISTRY_VERSION: $(REGISTRYVERSION)
@@ -149,6 +158,17 @@ DOCKERSAVE=$(DOCKERCMD) save
 DOCKERCOMPOSECMD=$(shell which docker-compose)
 DOCKERTAG=$(DOCKERCMD) tag
 
+# according to the build platform, replace the relevant parameters.
+ifeq ($(BUILD_TARGET), arm64)
+	VERSIONTAG=dev-arm
+	BASEIMAGETAG=dev-arm
+	PKGVERSIONTAG=dev-arm
+	GOARCH=arm64
+	TRIVY_DOWNLOAD_URL=https://github.com/aquasecurity/trivy/releases/download/$(TRIVYVERSION)/trivy_$(TRIVYVERSION:v%=%)_Linux-ARM64.tar.gz
+	TRIVY_ADAPTER_DOWNLOAD_URL=https://github.com/aquasecurity/harbor-scanner-trivy/releases/download/$(TRIVYADAPTERVERSION)/harbor-scanner-trivy_$(TRIVYADAPTERVERSION:v%=%)_Linux_arm64.tar.gz
+	DOCKERBUILD=$(DOCKERCMD) buildx build --platform linux/arm64 --progress plain --output=type=docker
+endif
+
 # go parameters
 GOCMD=$(shell which go)
 GOBUILD=$(GOCMD) build
@@ -303,7 +323,7 @@ ifeq ($(CHARTFLAG), true)
 endif
 
 
-RUNCONTAINER=$(DOCKERCMD) run --rm -u $(shell id -u):$(shell id -g) -v $(BUILDPATH):$(BUILDPATH) -w $(BUILDPATH)
+RUNCONTAINER=$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -u $(shell id -u):$(shell id -g) -v $(BUILDPATH):$(BUILDPATH) -w $(BUILDPATH)
 
 # $1 the name of the docker image
 # $2 the tag of the docker image
@@ -373,27 +393,27 @@ check_environment:
 compile_core: gen_apis
 	@echo "compiling binary for core (golang image)..."
 	@echo $(GOBUILDPATHINCONTAINER)
-	@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_CORE) $(GOBUILDIMAGE) $(GOIMAGEBUILD_CORE) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_CORE)/$(CORE_BINARYNAME)
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_CORE) $(GOBUILDIMAGE) $(GOIMAGEBUILD_CORE) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_CORE)/$(CORE_BINARYNAME)
 	@echo "Done."
 
 compile_jobservice:
 	@echo "compiling binary for jobservice (golang image)..."
-	@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_JOBSERVICE) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_JOBSERVICE)/$(JOBSERVICEBINARYNAME)
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_JOBSERVICE) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_JOBSERVICE)/$(JOBSERVICEBINARYNAME)
 	@echo "Done."
 
 compile_registryctl:
 	@echo "compiling binary for harbor registry controller (golang image)..."
-	@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_REGISTRYCTL) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_REGISTRYCTL)/$(REGISTRYCTLBINARYNAME)
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_REGISTRYCTL) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_REGISTRYCTL)/$(REGISTRYCTLBINARYNAME)
 	@echo "Done."
 
 compile_notary_migrate_patch:
 	@echo "compiling binary for migrate patch (golang image)..."
-	@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_MIGRATEPATCH) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_NOTARY)/$(MIGRATEPATCHBINARYNAME)
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_MIGRATEPATCH) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_NOTARY)/$(MIGRATEPATCHBINARYNAME)
 	@echo "Done."
 
 compile_standalone_db_migrator:
 	@echo "compiling binary for standalone db migrator (golang image)..."
-	@$(DOCKERCMD) run --rm -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_STANDALONE_DB_MIGRATOR) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_STANDALONE_DB_MIGRATOR)/$(STANDALONE_DB_MIGRATOR_BINARYNAME)
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v $(BUILDPATH):$(GOBUILDPATHINCONTAINER) -w $(GOBUILDPATH_STANDALONE_DB_MIGRATOR) $(GOBUILDIMAGE) $(GOIMAGEBUILD_COMMON) -o $(GOBUILDPATHINCONTAINER)/$(GOBUILDMAKEPATH_STANDALONE_DB_MIGRATOR)/$(STANDALONE_DB_MIGRATOR_BINARYNAME)
 	@echo "Done."
 
 compile: check_environment versions_prepare compile_core compile_jobservice compile_registryctl compile_notary_migrate_patch
@@ -403,12 +423,12 @@ update_prepare_version:
 	@$(SEDCMDI) -e 's/goharbor\/prepare:.*[[:space:]]\+/goharbor\/prepare:$(VERSIONTAG) prepare /' $(MAKEPATH)/prepare ;
 
 gen_tls:
-	@$(DOCKERCMD) run --rm -v /:/hostfs:z $(IMAGENAMESPACE)/prepare:$(VERSIONTAG) gencert -p /etc/harbor/tls/internal
+	@$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v /:/hostfs:z $(IMAGENAMESPACE)/prepare:$(VERSIONTAG) gencert -p /etc/harbor/tls/internal
 
 prepare: update_prepare_version
 	@echo "preparing..."
 	@if [ -n "$(GEN_TLS)" ] ; then \
-		$(DOCKERCMD) run --rm -v /:/hostfs:z $(IMAGENAMESPACE)/prepare:$(VERSIONTAG) gencert -p /etc/harbor/tls/internal; \
+		$(DOCKERCMD) run --rm --env GOOS=$(GOOS) --env GOARCH=$(GOARCH) -v /:/hostfs:z $(IMAGENAMESPACE)/prepare:$(VERSIONTAG) gencert -p /etc/harbor/tls/internal; \
 	fi
 	@$(MAKEPATH)/$(PREPARECMD) $(PREPARECMD_PARA)
 

make/photon/chartserver/compile.sh

@@ -16,6 +16,12 @@ VERSION="$2"
 MAIN_GO_PATH="$3"
 BIN_NAME="$4"
 
+$ build param
+GO_OS="$5"
+GO_ARCH="$6"
+CGO_ENABLED="$7"
+
+
 #Get the source code
 git clone $GIT_PATH src_code
 ls
@@ -32,5 +38,5 @@ for p in $(ls /go/bin/*.patch); do
 done
 
 #Compile
-cd $SRC_PATH/$MAIN_GO_PATH && go build -a -o $BIN_NAME
+cd $SRC_PATH/$MAIN_GO_PATH && GOOS=$GO_OS GOARCH=$GO_ARCH CGO_ENABLED=$CGO_ENABLED  go build -a -o $BIN_NAME
 mv $BIN_NAME /go/bin/

make/photon/exporter/Dockerfile

@@ -1,12 +1,15 @@
 ARG build_image
 ARG harbor_base_image_version
 ARG harbor_base_namespace
+ARG cgo_enabled
+ARG go_os
+ARG go_arch
 
 FROM ${build_image} AS build
 
-ENV CGO_ENABLED=0
-ENV GOOS=linux
-ENV GOARCH=amd64
+ENV CGO_ENABLED=${cgo_enabled}
+ENV GOOS=${go_os}
+ENV GOARCH=${go_arch}
 
 COPY src /harbor/src
 WORKDIR /harbor/src/cmd/exporter

make/photon/notary/binary.Dockerfile

@@ -1,3 +1,7 @@
+ARG cgo_enabled
+ARG go_os
+ARG go_arch
+
 FROM golang:1.14.15
 
 ARG NOTARY_VERSION
@@ -7,6 +11,10 @@ RUN test -n "$MIGRATE_VERSION"
 ENV NOTARYPKG github.com/theupdateframework/notary
 ENV MIGRATEPKG github.com/golang-migrate/migrate
 
+ENV CGO_ENABLED=${cgo_enabled}
+ENV GOOS=${go_os}
+ENV GOARCH=${go_arch}
+
 RUN git clone -b $NOTARY_VERSION https://github.com/theupdateframework/notary.git /go/src/${NOTARYPKG}
 WORKDIR /go/src/${NOTARYPKG}
 

make/photon/registry/Dockerfile.binary

@@ -1,10 +1,19 @@
 FROM golang:1.18.8
+ARG cgo_enabled
+ARG go_os
+ARG go_arch
+
+FROM golang:1.18.7
 
 ENV DISTRIBUTION_DIR /go/src/github.com/docker/distribution
 ENV BUILDTAGS include_oss include_gcs
 ENV GO111MODULE auto
 
+ENV CGO_ENABLED=${cgo_enabled}
+ENV GOOS=${go_os}
+ENV GOARCH=${go_arch}
+
 WORKDIR $DISTRIBUTION_DIR
 COPY . $DISTRIBUTION_DIR
 
-RUN CGO_ENABLED=0 make PREFIX=/go clean binaries
+RUN make PREFIX=/go clean binaries

make/photon/trivy-adapter/Dockerfile.base

@@ -1,5 +1,4 @@
 FROM photon:4.0
-
 RUN tdnf install -y rpm shadow >> /dev/null \
     && tdnf clean all \
     && groupadd -r -g 10000 scanner \

make/photon/trivy-adapter/Dockerfile.binary

@@ -1,7 +1,11 @@
+ARG cgo_enabled
+ARG go_os
+ARG go_arch
+
 FROM golang:1.18.8
 
 ADD .   /go/src/github.com/aquasecurity/harbor-scanner-trivy/
 WORKDIR /go/src/github.com/aquasecurity/harbor-scanner-trivy/
 
-RUN export GOOS=linux GO111MODULE=on CGO_ENABLED=0 && \
+RUN export GOOS=${go_os} GO111MODULE=on CGO_ENABLED=${cgo_enabled} GOARCH=${go_arch} && \
 	go build -o scanner-trivy cmd/scanner-trivy/main.go

tests/ldapprepare.sh

@@ -8,7 +8,7 @@ docker run --env LDAP_ORGANISATION="Harbor." \
 --env LDAP_TLS_VERIFY_CLIENT="never" \
 -p 389:389 \
 -p 636:636 \
---detach --name $NAME osixia/openldap:1.1.7
+--detach --name $NAME osixia/openldap:1.5.0
 
 sleep 5
 docker cp ldap_test.ldif ldap_server:/

tools/mockery/Dockerfile

@@ -7,8 +7,27 @@ ARG MOCKERY_VERSION
 ENV XDG_CACHE_HOME /tmp
 ENV GO111MODULE auto
 
-RUN mkdir -p /tmp/mockery-${MOCKERY_VERSION} && \
+RUN ARCH= && dpkgArch="$(uname -m)" \
+  && case "${dpkgArch}" in \
+    x86_64) ARCH='x64'; mkdir -p /tmp/mockery-${MOCKERY_VERSION} && \
     curl -fsSL https://github.com/vektra/mockery/releases/download/${MOCKERY_VERSION}/mockery_${MOCKERY_VERSION#v}_Linux_x86_64.tar.gz | tar -xz -C /tmp/mockery-${MOCKERY_VERSION} && \
     mv /tmp/mockery-${MOCKERY_VERSION}/mockery /usr/local/bin && \
     chmod +x /usr/local/bin/mockery && \
-    rm -rf /tmp/mockery-${MOCKERY_VERSION}
+    rm -rf /tmp/mockery-${MOCKERY_VERSION}  ;; \
+
+    aarch64) ARCH='arm64'; mkdir -p /tmp/mockery-${MOCKERY_VERSION} && \
+    curl -fsSL https://github.com/vektra/mockery/releases/download/${MOCKERY_VERSION}/mockery_${MOCKERY_VERSION#v}_Linux_arm64.tar.gz | tar -xz -C /tmp/mockery-${MOCKERY_VERSION} && \
+    mv /tmp/mockery-${MOCKERY_VERSION}/mockery /usr/local/bin && \
+    chmod +x /usr/local/bin/mockery && \
+    rm -rf /tmp/mockery-${MOCKERY_VERSION}  ;; \
+
+    ppc64el) ARCH='ppc64le'; ;; \
+    s390x) ARCH='s390x'; ;; \
+    aarch64) ARCH='arm64'; mv /tmp/mockery /usr/local/bin && \
+    chmod +x /usr/local/bin/mockery && \
+    rm -rf /tmp/mockery ;; \
+
+    armhf) ARCH='armv7l'; ;; \
+    i386) ARCH='x86'; ;; \
+    *) echo "unsupported architecture"; exit 1 ;; \
+    esac

tools/swagger/Dockerfile

@@ -2,7 +2,18 @@ ARG GOLANG
 FROM ${GOLANG}
 
 ARG SWAGGER_VERSION
-RUN curl -fsSL -o /usr/bin/swagger https://github.com/go-swagger/go-swagger/releases/download/$SWAGGER_VERSION/swagger_linux_amd64 && chmod +x /usr/bin/swagger
+
+RUN ARCH= && dpkgArch="$(uname -m)" \
+  && case "${dpkgArch}" in \
+    x86_64) ARCH='x64'; curl -fsSL -o /usr/bin/swagger https://github.com/go-swagger/go-swagger/releases/download/$SWAGGER_VERSION/swagger_linux_amd64 && chmod +x /usr/bin/swagger  ;; \
+    aarch64) ARCH='arm64'; curl -fsSL -o /usr/bin/swagger https://github.com/go-swagger/go-swagger/releases/download/$SWAGGER_VERSION/swagger_linux_arm64 && chmod +x /usr/bin/swagger ;; \
+    ppc64el) ARCH='ppc64le' ;; \
+    s390x) ARCH='s390x' ;; \
+    arm64) ARCH='arm64'; curl -fsSL -o /usr/bin/swagger https://github.com/go-swagger/go-swagger/releases/download/$SWAGGER_VERSION/swagger_linux_amd64 && chmod +x /usr/bin/swagger ;; \
+    armhf) ARCH='armv7l' ;; \
+    i386) ARCH='x86' ;; \
+    *) echo "unsupported architecture"; exit 1 ;; \
+    esac
 
 ENTRYPOINT ["/usr/bin/swagger"]
 CMD ["--help"]