multiplatform building with buildx, not real image tagging anymore for the moment - sadly

.gitlab-ci.yml

@@ -1,77 +1,45 @@
-# This is a GitLab CI configuration to build the project as a docker image
-# The file is generic enough to be dropped in a project containing a working Dockerfile
-# Author: Florent CHAUVEAU <florent.chauveau@gmail.com>
-# Mentioned here: https://blog.callr.tech/building-docker-images-with-gitlab-ci-best-practices/
-
-# do not use "latest" here, if you want this to work in the future
 image: docker:19
-
+services:
+  - docker:19-dind
 variables:
   DOCKER_DRIVER: overlay
   DOCKER_TLS_CERTDIR: ""
-
 stages:
-  - build
+  - buildx
-  - push
+  - deploy
 
-# Use this if your GitLab runner does not use socket binding
+buildx:
-services:
+  image: docker:19-git
-   - docker:19-dind
+  stage: buildx
-
-before_script:
-  # docker login asks for the password to be passed through stdin for security
-  # we use $CI_JOB_TOKEN here which is a special token provided by GitLab
-  - echo -n $CI_JOB_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
-
-Build:
-  stage: build
-  script:
-    # fetches the latest image (not failing if image is not found)
-    - docker pull $CI_REGISTRY_IMAGE:latest || true
-    # builds the project, passing proxy variables, and vcs vars for LABEL
-    # notice the cache-from, which is going to use the image we just pulled locally
-    # the built image is tagged locally with the commit SHA, and then pushed to 
-    # the GitLab registry
-    - >
-      docker build
-      --pull
-      --build-arg VCS_REF=$CI_COMMIT_SHA
-      --build-arg VCS_URL=$CI_PROJECT_URL
-      --cache-from $CI_REGISTRY_IMAGE:latest
-      --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
-      .
-    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
-
-# Here, the goal is to tag the "main" branch as "latest"
-Push latest:
   variables:
-    # We are just playing with Docker here. 
-    # We do not need GitLab to clone the source code.
     GIT_STRATEGY: none
-  stage: push
+  artifacts:
-  only:
+    paths:
-    # Only "main" should be tagged "latest"
+      - buildx
-    - main
+    expire_in: 1 hour
+  services:
+    - docker:19-dind
   script:
-    # Because we have no guarantee that this job will be picked up by the same runner 
+    - export DOCKER_BUILDKIT=1
-    # that built the image in the previous step, we pull it again locally
+    - git clone git://github.com/docker/buildx ./docker-buildx
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
+    - docker build --platform=local -o . ./docker-buildx
-    # Then we tag it "latest"
+
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME $CI_REGISTRY_IMAGE:latest
+deploy:
-    # Annnd we push it.
+  image: docker:19
+  stage: deploy
+  services:
+    - name: docker:19-dind
+      command: ["--experimental"]
+  before_script:
+    - mkdir -p ~/.docker/cli-plugins
+    - mv buildx ~/.docker/cli-plugins/docker-buildx
+    - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+  variables:
+    IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
+  script:
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    - docker buildx create --use --name mybuilder
+    - docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 --push -t $IMAGE_TAG .
+    - docker pull $IMAGE_TAG
+    - docker tag $IMAGE_TAG $CI_REGISTRY_IMAGE:latest
     - docker push $CI_REGISTRY_IMAGE:latest
-
-# Finally, the goal here is to Docker tag any Git tag
-# GitLab will start a new pipeline everytime a Git tag is created, which is pretty awesome
-Push tag:
-  variables:
-    # Again, we do not need the source code here. Just playing with Docker.
-    GIT_STRATEGY: none
-  stage: push
-  only:
-    # We want this job to be run on tags only.
-    - tags
-  script:
-    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
-    - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
-    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME