add multi arch docker build (#5808)

* Add multi arch container build Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> * using label from github action * dont remove static labels and split docker readme in seperate action * pin 3rd party action to a commit * enable pushing to dockerhub * Update .github/workflows/build-images.yml Co-authored-by: EdJoPaTo <github@edjopato.de> * remove not needed checkout * set github token permissions * Update .github/workflows/push-dockerhub-readme.yml * update docker readme to match new tags * Apply suggestions from code review * fix suffix for alpine image * fix suffix for alpine image * push images only at upstream repo * push images only at upstream repo * push images only at upstream repo * tag latest-alpine as alpine * tag latest-alpine as alpine * remove no needed falvor * keep falvor for build * Clean more things * Rename action To use same default name than https://github.com/actions/starter-workflows/blob/main/ci/docker-publish.yml * Rename readme action To use same default name than https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml * Use default name for dockerhub-description https://github.com/peter-evans/dockerhub-description/blob/main/.github/workflows/dockerhub-description.yml Plus minor wording * Experiment with build-args * Debug * Add checkout back * Revert back to metadata-action * Remove quotes in version * Try to fix variables * Experiment with automatic label values again * Delete last Docker Hub hooks * Use only git SHA for org.opencontainers.image.revision https://specs.opencontainers.org/image-spec/annotations/#pre-defined-annotation-keys * Comment out semver for now Might be enabled later if desired * Enable major semver --------- Co-authored-by: EdJoPaTo <rfc-conform-git-commit-email@funny-long-domain-label-everyone-hates-as-it-is-too-long.edjopato.de> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Co-authored-by: EdJoPaTo <github@edjopato.de>
author: Benjamin Reich <Benni-Reich@hotmail.de> 2023-11-05 22:46:01 +0100
committer: GitHub <noreply@github.com> 2023-11-05 22:46:01 +0100
commit: 8f07199777a2a3a6e233f858e110dbb0cfad6fad (patch)
tree: b904c32c8112bd5fc00b52f2c653710cb23e4e0a /Docker
parent: 3b2e66051bcf1f11c9b1f0ffe45cdfc5b766952f (diff)
9 files changed, 11 insertions, 150 deletions
diff --git a/Docker/Dockerfile b/Docker/Dockerfile
index 239a0e067..0379be6c6 100644
--- a/Docker/Dockerfile
+++ b/Docker/Dockerfile
@@ -20,7 +20,6 @@ COPY . /var/www/FreshRSS
 COPY ./Docker/*.Apache.conf /etc/apache2/sites-available/
 
 ARG FRESHRSS_VERSION
-ARG SOURCE_BRANCH
 ARG SOURCE_COMMIT
 
 LABEL \
@@ -28,7 +27,7 @@ LABEL \
 	org.opencontainers.image.description="A self-hosted RSS feed aggregator" \
 	org.opencontainers.image.documentation="https://freshrss.github.io/FreshRSS/" \
 	org.opencontainers.image.licenses="AGPL-3.0" \
-	org.opencontainers.image.revision="${SOURCE_BRANCH}.${SOURCE_COMMIT}" \
+	org.opencontainers.image.revision="${SOURCE_COMMIT}" \
 	org.opencontainers.image.source="https://github.com/FreshRSS/FreshRSS" \
 	org.opencontainers.image.title="FreshRSS" \
 	org.opencontainers.image.url="https://freshrss.org/" \
diff --git a/Docker/Dockerfile-Alpine b/Docker/Dockerfile-Alpine
index 1da380f81..29dadda0d 100644
--- a/Docker/Dockerfile-Alpine
+++ b/Docker/Dockerfile-Alpine
@@ -17,7 +17,6 @@ COPY . /var/www/FreshRSS
 COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/
 
 ARG FRESHRSS_VERSION
-ARG SOURCE_BRANCH
 ARG SOURCE_COMMIT
 
 LABEL \
@@ -25,7 +24,7 @@ LABEL \
 	org.opencontainers.image.description="A self-hosted RSS feed aggregator" \
 	org.opencontainers.image.documentation="https://freshrss.github.io/FreshRSS/" \
 	org.opencontainers.image.licenses="AGPL-3.0" \
-	org.opencontainers.image.revision="${SOURCE_BRANCH}.${SOURCE_COMMIT}" \
+	org.opencontainers.image.revision="${SOURCE_COMMIT}" \
 	org.opencontainers.image.source="https://github.com/FreshRSS/FreshRSS" \
 	org.opencontainers.image.title="FreshRSS" \
 	org.opencontainers.image.url="https://freshrss.org/" \
diff --git a/Docker/Dockerfile-Newest b/Docker/Dockerfile-Newest
index 159f244f6..68a23e553 100644
--- a/Docker/Dockerfile-Newest
+++ b/Docker/Dockerfile-Newest
@@ -18,7 +18,6 @@ COPY . /var/www/FreshRSS
 COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/
 
 ARG FRESHRSS_VERSION
-ARG SOURCE_BRANCH
 ARG SOURCE_COMMIT
 
 LABEL \
@@ -26,7 +25,7 @@ LABEL \
 	org.opencontainers.image.description="A self-hosted RSS feed aggregator" \
 	org.opencontainers.image.documentation="https://freshrss.github.io/FreshRSS/" \
 	org.opencontainers.image.licenses="AGPL-3.0" \
-	org.opencontainers.image.revision="${SOURCE_BRANCH}.${SOURCE_COMMIT}" \
+	org.opencontainers.image.revision="${SOURCE_COMMIT}" \
 	org.opencontainers.image.source="https://github.com/FreshRSS/FreshRSS" \
 	org.opencontainers.image.title="FreshRSS" \
 	org.opencontainers.image.url="https://freshrss.org/" \
diff --git a/Docker/Dockerfile-Oldest b/Docker/Dockerfile-Oldest
index b2d915571..2ed2e1a38 100644
--- a/Docker/Dockerfile-Oldest
+++ b/Docker/Dockerfile-Oldest
@@ -17,7 +17,6 @@ COPY . /var/www/FreshRSS
 COPY ./Docker/*.Apache.conf /etc/apache2/conf.d/
 
 ARG FRESHRSS_VERSION
-ARG SOURCE_BRANCH
 ARG SOURCE_COMMIT
 
 LABEL \
@@ -25,7 +24,7 @@ LABEL \
 	org.opencontainers.image.description="A self-hosted RSS feed aggregator" \
 	org.opencontainers.image.documentation="https://freshrss.github.io/FreshRSS/" \
 	org.opencontainers.image.licenses="AGPL-3.0" \
-	org.opencontainers.image.revision="${SOURCE_BRANCH}.${SOURCE_COMMIT}" \
+	org.opencontainers.image.revision="${SOURCE_COMMIT}" \
 	org.opencontainers.image.source="https://github.com/FreshRSS/FreshRSS" \
 	org.opencontainers.image.title="FreshRSS" \
 	org.opencontainers.image.url="https://freshrss.org/" \
diff --git a/Docker/Dockerfile-QEMU-ARM b/Docker/Dockerfile-QEMU-ARM
deleted file mode 100644
index 48ce56345..000000000
--- a/Docker/Dockerfile-QEMU-ARM
+++ /dev/null
@@ -1,81 +0,0 @@
-# Only relevant for Docker Hub or QEMU multi-architecture builds.
-# Prefer the normal `Dockerfile` if you are building manually on the targeted architecture.
-
-FROM arm32v7/debian:12-slim
-
-# Requires ./hooks/*
-COPY ./Docker/qemu-arm-* /usr/bin/
-
-ENV TZ UTC
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-ARG DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && \
-	apt-get install --no-install-recommends -y \
-	ca-certificates cron \
-	apache2 libapache2-mod-php \
-	libapache2-mod-auth-openidc \
-	php-curl php-gmp php-intl php-mbstring php-xml php-zip \
-	php-sqlite3 php-mysql php-pgsql && \
-	rm -rf /var/lib/apt/lists/*
-
-RUN mkdir -p /var/www/FreshRSS/ /run/apache2/
-WORKDIR /var/www/FreshRSS
-
-COPY . /var/www/FreshRSS
-COPY ./Docker/*.Apache.conf /etc/apache2/sites-available/
-
-ARG FRESHRSS_VERSION
-ARG SOURCE_BRANCH
-ARG SOURCE_COMMIT
-
-LABEL \
-	org.opencontainers.image.authors="Alkarex" \
-	org.opencontainers.image.description="A self-hosted RSS feed aggregator" \
-	org.opencontainers.image.documentation="https://freshrss.github.io/FreshRSS/" \
-	org.opencontainers.image.licenses="AGPL-3.0" \
-	org.opencontainers.image.revision="${SOURCE_BRANCH}.${SOURCE_COMMIT}" \
-	org.opencontainers.image.source="https://github.com/FreshRSS/FreshRSS" \
-	org.opencontainers.image.title="FreshRSS" \
-	org.opencontainers.image.url="https://freshrss.org/" \
-	org.opencontainers.image.vendor="FreshRSS" \
-	org.opencontainers.image.version="$FRESHRSS_VERSION"
-
-RUN a2dismod -q -f alias autoindex negotiation status && \
-	a2dismod -q auth_openidc && \
-	a2enmod -q deflate expires headers mime remoteip setenvif && \
-	a2disconf -q '*' && \
-	a2dissite -q '*' && \
-	a2ensite -q 'FreshRSS*'
-
-RUN sed -r -i "/^\s*(CustomLog|ErrorLog|Listen) /s/^/#/" /etc/apache2/apache2.conf && \
-	sed -r -i "/^\s*Listen /s/^/#/" /etc/apache2/ports.conf && \
-	# Disable built-in updates when using Docker, as the full image is supposed to be updated instead.
-	sed -r -i "\\#disable_update#s#^.*#\t'disable_update' => true,#" ./config.default.php && \
-	touch /var/www/FreshRSS/Docker/env.txt && \
-	echo "17,47 * * * * . /var/www/FreshRSS/Docker/env.txt; \
-		su www-data -s /bin/sh -c 'php /var/www/FreshRSS/app/actualize_script.php' \
-		2>> /proc/1/fd/2 > /tmp/FreshRSS.log"  > /etc/crontab.freshrss.default
-
-# Seems needed for arm32v7/ubuntu on Docker Hub
-RUN update-ca-certificates -f
-
-# Useful with the `--squash` build option
-RUN rm /usr/bin/qemu-* /var/www/FreshRSS/Docker/qemu-*
-
-ENV COPY_LOG_TO_SYSLOG On
-ENV COPY_SYSLOG_TO_STDERR On
-ENV CRON_MIN ''
-ENV DATA_PATH ''
-ENV FRESHRSS_ENV ''
-ENV LISTEN ''
-ENV OIDC_ENABLED ''
-ENV TRUSTED_PROXY ''
-
-ENTRYPOINT ["./Docker/entrypoint.sh"]
-
-EXPOSE 80
-# hadolint ignore=DL3025
-CMD ([ -z "$CRON_MIN" ] || cron) && \
-	. /etc/apache2/envvars && \
-	exec apache2 -D FOREGROUND $([ -n "$OIDC_ENABLED" ] && [ "$OIDC_ENABLED" -ne 0 ] && echo '-D OIDC_ENABLED')
diff --git a/Docker/README.md b/Docker/README.md
index 01d2e59a6..39885b0e3 100644
--- a/Docker/README.md
+++ b/Docker/README.md
@@ -66,13 +66,16 @@ The [tags](https://hub.docker.com/r/freshrss/freshrss/tags) correspond to FreshR
 
 * `:latest` (default) is the [latest stable release](https://github.com/FreshRSS/FreshRSS/releases/latest)
 * `:edge` is the rolling release, same than our [git `edge` branch](https://github.com/FreshRSS/FreshRSS/tree/edge)
-* `:x.y.z` are [specific FreshRSS releases](https://github.com/FreshRSS/FreshRSS/releases)
-* `:arm` or `:*-arm` are the ARM `arm32v7` versions (e.g., for Raspberry Pi).
+* `:x.y.z` tags correspond to [specific FreshRSS releases](https://github.com/FreshRSS/FreshRSS/releases), allowing you to target a precise version for deployment
+* `:x.y` tags are tied to a specific major version and minor version number. For example, `:1.23` will automatically receive updates for any `1.23.x` releases, but will not update to `1.24.x`
+* `:x` tags track the latest release within a major version series. For instance, `:1` will update to include any `1.x` releases, but will exclude versions beyond `2.x`
+* `*-alpine` use Linux Alpine as base-image instead of Debian
+* Our Docker images are designed with multi-architecture support, accommodating a variety of Linux platforms including `linux/arm/v7`, `linux/arm64`, and `linux/amd64`.
   * For other platforms, see the [custom build section](#build-custom-docker-image)
 
 ### Linux: Debian vs. Alpine
 
-Our default image is based on [Debian](https://www.debian.org/). We offer an alternative based on [Alpine](https://alpinelinux.org/) (with the `:alpine` or `*-alpine` tag suffix).
+Our default image is based on [Debian](https://www.debian.org/). We offer an alternative based on [Alpine](https://alpinelinux.org/) (with the `*-alpine` tag suffix).
 In [our tests](https://github.com/FreshRSS/FreshRSS/pull/2205) (2019), Alpine was slower,
 while Alpine is smaller on disk (and much faster to build),
 and with newer packages in general (Apache, PHP).
@@ -108,7 +111,7 @@ docker rm freshrss_old
 ## Build custom Docker image
 
 Building your own Docker image is especially relevant for platforms not available on our Docker Hub,
-which is currently limited to `x64` (Intel, AMD) and `arm32v7`.
+which is currently limited to `x64` (Intel, AMD), `arm32v7`, `arm64`.
 
 > ℹ️ If you try to run an image for the wrong platform, you might get an error message like *exec format error*.
 
@@ -395,27 +398,6 @@ docker-compose down --remove-orphans --volumes
 
 > ℹ️ You can combine it with `-f docker-compose-db.yml` to spin a PostgreSQL database.
 
-### Docker Compose and ARM64
-
-If you’re working or want to host on an ARM64 system (such as Apple Silicon (M1/M2)) you’ll need to use the `arm` tag in your `docker-compose.yml` file:
-```yaml
-image: freshrss/freshrss:arm
-```
-
-If you then get this error message when running `docker compose up`:
-
-> The requested image’s platform (linux/arm/v7) does not match the detected host platform (linux/arm64/v8) and no specific platform was requested
-
-… you will also need to specify the platform in the `service` part:
-
-```yaml
-services:
-  freshrss:
-    image: freshrss/freshrss:arm
-    platform: linux/arm/v7
-    container_name: freshrss
- ```
-
 ## Run in production
 
 For production, it is a good idea to use a reverse proxy on your host server, providing HTTPS.
diff --git a/Docker/hooks/build b/Docker/hooks/build
deleted file mode 100755
index 427151e6f..000000000
--- a/Docker/hooks/build
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-cd ..
-FRESHRSS_VERSION=$(grep "'FRESHRSS_VERSION'" constants.php | cut -d "'" -f4)
-echo "$FRESHRSS_VERSION"
-
-if [[ $DOCKERFILE_PATH == *-ARM ]]; then
-	#TODO: Add --squash --platform arm options when Docker Hub daemon supports them
-	docker build \
-		--build-arg FRESHRSS_VERSION="$FRESHRSS_VERSION" \
-		--build-arg SOURCE_BRANCH="$SOURCE_BRANCH" \
-		--build-arg SOURCE_COMMIT="$SOURCE_COMMIT" \
-		-f "$DOCKERFILE_PATH" -t "$IMAGE_NAME" .
-else
-	#TODO: Add --squash option when Docker Hub daemon supports it
-	docker build \
-		--build-arg FRESHRSS_VERSION="$FRESHRSS_VERSION" \
-		--build-arg SOURCE_BRANCH="$SOURCE_BRANCH" \
-		--build-arg SOURCE_COMMIT="$SOURCE_COMMIT" \
-		-f "$DOCKERFILE_PATH" -t "$IMAGE_NAME" .
-fi
diff --git a/Docker/hooks/post_checkout b/Docker/hooks/post_checkout
deleted file mode 100644
index b33c941e5..000000000
--- a/Docker/hooks/post_checkout
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/bash
-
-mv ../README.md ../README.en.md
-mv README.md ../
diff --git a/Docker/hooks/pre_build b/Docker/hooks/pre_build
deleted file mode 100755
index b2cda0e48..000000000
--- a/Docker/hooks/pre_build
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-
-if [[ $DOCKERFILE_PATH == *-ARM ]]; then
-	# https://github.com/balena-io/qemu
-	# Download a local copy of QEMU on Docker Hub build machine
-	curl -LSs 'https://github.com/balena-io/qemu/releases/download/v3.0.0%2Bresin/qemu-3.0.0+resin-arm.tar.gz' | tar -xzv --strip-components=1 --wildcards '*/qemu-*'
-
-	# https://github.com/multiarch/qemu-user-static
-	# Register qemu-*-static for all supported processors except the current one, but also remove all registered binfmt_misc before
-	docker run --rm --privileged multiarch/qemu-user-static:register --reset
-fi
author	Benjamin Reich <Benni-Reich@hotmail.de>	2023-11-05 22:46:01 +0100
committer	GitHub <noreply@github.com>	2023-11-05 22:46:01 +0100
commit	8f07199777a2a3a6e233f858e110dbb0cfad6fad (patch)
tree	b904c32c8112bd5fc00b52f2c653710cb23e4e0a /Docker
parent	3b2e66051bcf1f11c9b1f0ffe45cdfc5b766952f (diff)