Automatically build container on release and push to our registry.
Now that Tor's gitlab has the container registry enabled, we can build a snowflake container on release, and push the built container to the snowflake registry.
This is accomplished without using privileged gitlab runners, via kaniko.
This would speed up snowflake updates for people running the docker container. It would also mean that the 'docker-snowflake-proxy' project would no longer need to exist.
This particular MR only builds for the architectures that we have runners for. The existing architecture set that is provided at docker-hub is much more expansive. There are some ways that all of the architectures could be built, but they get very complicated in the CI environment.
Fixes tpo/anti-censorship/docker-snowflake-proxy#10 (closed) and tpo/anti-censorship/docker-snowflake-proxy#13 (closed)
You can see the result of the multi-arch image as follows:
$ podman manifest inspect --verbose containers.torproject.org/micah/snowflake:latest
{
"schemaVersion": 2,
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 753,
"digest": "sha256:918d191ab8e0a261c18621d30bd53ef2db339d3a8d0537c9caf98dbae36e55ad",
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 753,
"digest": "sha256:838c7fadd31871f12b4d597d8ffd6b8da54fba999ea4eba9b11a42a49c99d709",
"platform": {
"architecture": "arm64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"size": 753,
"digest": "sha256:8e8119d7739f6aa1f4ec69be7b79bf1413c21580dd54b39c4b863857300b609d",
"platform": {
"architecture": "s390x",
"os": "linux"
}
}
]
}