ci(docker): add Alpine 3.21 multi-arch image variant#778
Conversation
Adds a parallel Alpine-based image alongside the existing Ubuntu images. Reuses the static musl pktvisord/pktvisor-reader binaries already produced by build_cross.yml for x86_64 and aarch64, so the new image inherits the existing cross-build pipeline without any toolchain or recipe changes. New files: - docker/Dockerfile.alpine: alpine:3.21 runtime, no crashpad (musl static binaries are built without sentry-crashpad per conanfile.py's libc==musl guard). - docker/alpine/entry.sh + run.sh: POSIX sh equivalents of the bash-based entry-cp.sh / run.sh, dropping the crashpad flags from pktvisord's invocation. Workflow: - build_cross.yml gains package-alpine (matrix on x86_64/aarch64) and merge-alpine jobs. They consume the existing pkvisor matrix artifacts, build pktvisor-cli inline, push per-arch images by digest, and merge into a single develop-alpine manifest. - Gated on push to develop only — PR runs still produce only the binary artifacts. Release tag (<version>-alpine) is intentionally deferred; that will touch build-release.yml as a follow-up. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: d221cb7b91
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
Adds an Alpine 3.21 multi-arch (linux/amd64 + linux/arm64) variant of the pktvisor Docker image that reuses the existing static musl binaries built by build_cross.yml. The new image omits crashpad (since the static builds exclude it) and is published as netboxlabs/pktvisor:develop-alpine only on pushes to develop.
Changes:
- Adds
docker/Dockerfile.alpineplus POSIX-shentry.sh/run.sh(no bash, no--cp-*flags) for the Alpine runtime. - Adds
package-alpine(per-arch build/push by digest) andmerge-alpine(multi-arch manifest) jobs tobuild_cross.yml, gated on push-to-develop. - Builds
pktvisor-cliinline for each arch from the downloaded static-binary artifacts, then assembles the per-arch image.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| docker/Dockerfile.alpine | New Alpine 3.21 runtime image; copies the pre-built static binaries, geo DB, and IANA CSV. |
| docker/alpine/entry.sh | POSIX-sh entry point mirroring entry-cp.sh but without crashpad handling. |
| docker/alpine/run.sh | POSIX-sh pktvisord launcher without --cp-* flags. |
| .github/workflows/build_cross.yml | Adds package-alpine and merge-alpine jobs to build/push the Alpine multi-arch image. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Two review fixes for package-alpine: 1. Add the cmake configure step that expands `golang/pkg/client/ version.go.in` into `version.go` before staging it for the Go build. The repo only ships the .in template; without this step, `cp golang/pkg/client/version.go .` fails on a fresh checkout (matches the existing pattern in the pkvisor-cli job). 2. Add `docker/setup-qemu-action` before `docker/setup-buildx-action` so the aarch64 matrix entry can execute Dockerfile RUN steps under linux/arm64 emulation on the x86_64 runner. The same pattern is already used in build-develop.yml and build-release.yml. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
@codex review |
LCOV of commit
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1115fd1424
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Broadens the package-alpine and merge-alpine `if:` gates so the images get built and pushed to Docker Hub from the current PR run, letting us pull and test :develop-alpine before merging. To be reverted before merge — the inline comment above each gate documents the original condition. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Reverts the temporary `|| github.head_ref == 'chore/alpine-image'` clause used to publish the image from this PR for validation. package-alpine and merge-alpine now fire only on `push` to `refs/heads/develop`, as designed. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Summary
Parallel Alpine-based pktvisor image alongside the existing Ubuntu ones. Reuses the static musl binaries that
build_cross.ymlalready builds for x86_64 and aarch64 — no toolchain, recipe, or build-system changes.Files
docker/Dockerfile.alpine—FROM alpine:3.21runtime. No crashpad (musl static binaries are built without it).docker/alpine/entry.sh— POSIX-sh entry point (Alpine has no bash by default).docker/alpine/run.sh— pktvisord launcher without--cp-*flags.Workflow (
build_cross.yml)package-alpine(matrix x86_64/aarch64): downloads the existingpktvisord-linux-<arch>-staticandpktvisor-reader-linux-<arch>-staticartifacts, buildspktvisor-cliinline, builds + pushes per-arch image by digest.merge-alpine: assembles the multi-arch manifest taggednetboxlabs/pktvisor:develop-alpine.pushtodeveloponly; PR runs still produce only the binary artifacts.Out of scope (follow-ups)
<version>-alpinerelease tag → touchesbuild-release.yml.Test plan
pkvisor (x86_64)+pkvisor (aarch64)pair, thenalpine-x86_64/alpine-aarch64, thenmerge-alpine.docker pull netboxlabs/pktvisor:develop-alpinesucceeds on both linux/amd64 and linux/arm64.docker run netboxlabs/pktvisor:develop-alpine pktvisord --helpprints help.docker run netboxlabs/pktvisor:develop-alpine pktvisor-reader --helpprints help.pktvisor:latest-developtag is unaffected.