diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index bf48614e81..0000000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: Publish image - -on: - release: - types: [released] - -jobs: - build: - env: - IMAGE_NAME: gcr.io/kaniko-project/executor - - runs-on: ubuntu-latest - steps: - - name: Get latest release tag - uses: oprypin/find-latest-tag@v1 - with: - repository: GoogleContainerTools/kaniko # The repository to scan. - releases-only: true # We know that all relevant tags have a GitHub release for them. - id: kaniko - - - name: Clone source code - uses: actions/checkout@v2 - with: - ref: ${{ steps.kaniko.outputs.tag }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - with: - platforms: all - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v1 - with: - version: latest - - - name: Available platforms - run: echo ${{ steps.buildx.outputs.platforms }} - - - name: Setup gcloud CLI - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master - with: - service_account_key: ${{ secrets.GCR_DEVOPS_SERVICE_ACCOUNT_KEY }} - project_id: kaniko-project - export_default_credentials: true - - - name: Build and push image - run: | - gcloud auth configure-docker -q - IMAGE_VERSION="$(git describe --tags --abbrev=0)" - SHORT_SHA1=$(git rev-parse --short HEAD) - PLATFORMS="linux/amd64,linux/ppc64le,linux/arm64" - echo "Building and pushing version ${IMAGE_VERSION} of image ${IMAGE_NAME}" - docker buildx build --platform "${PLATFORMS}" -t "${IMAGE_NAME}:${IMAGE_VERSION}" -t "${IMAGE_NAME}:latest" -f ./deploy/Dockerfile \ - --push . - diff --git a/.travis.yml b/.travis.yml index a4cd99b5a8..bc5aa7fc4f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -37,27 +37,3 @@ jobs: script: - make integration-test-misc - - name: bazel amd64 - arch: amd64 - env: CPU=k8 - before_install: &before_install_multiarch - - export PATH=$PATH:$HOME/bin && mkdir -p $HOME/bin - - eval $(go env) - # install bazelisk as bazel to install the appropriate bazel version - - wget https://github.com/bazelbuild/bazelisk/releases/download/v1.6.1/bazelisk-linux-${GOARCH} && chmod +x bazelisk-linux-${GOARCH} && mv bazelisk-linux-${GOARCH} $HOME/bin/bazel - script: &script_multiarch - # Generate BUILD.bazel files (we do not check them in) - - bazel run //:gazelle - - bazel build --cpu=${CPU} --curses=no //integration:all - # Build all targets tagged with our architecture: - - bazel build --cpu=${CPU} --curses=no $(bazel query 'attr("tags", "'${GOARCH}'", "//...")') - # Run all tests not tagged as "manual": - - bazel test --cpu=${CPU} --curses=no --test_output=errors --test_timeout=900 //integration:all - # Run all tests tagged with our architecture: - - bazel test --cpu=${CPU} --curses=no --test_output=errors --test_timeout=900 $(bazel query 'attr("tags", "'${GOARCH}'", "//...")') - - - name: bazel arm64 - arch: arm64 - env: CPU=aarch64 - before_install: *before_install_multiarch - script: *script_multiarch \ No newline at end of file diff --git a/BUILD b/BUILD deleted file mode 100644 index 83716bc4f8..0000000000 --- a/BUILD +++ /dev/null @@ -1,4 +0,0 @@ -load("@bazel_gazelle//:def.bzl", "gazelle") - -# gazelle:prefix github.com/GoogleContainerTools/kaniko -gazelle(name = "gazelle") diff --git a/WORKSPACE b/WORKSPACE deleted file mode 100644 index 6300cbfa75..0000000000 --- a/WORKSPACE +++ /dev/null @@ -1,53 +0,0 @@ -workspace(name = "kaniko") - -load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") - -http_archive( - name = "io_bazel_rules_go", - sha256 = "b725e6497741d7fc2d55fcc29a276627d10e43fa5d0bb692692890ae30d98d00", - urls = [ - "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.24.3/rules_go-v0.24.3.tar.gz", - "https://github.com/bazelbuild/rules_go/releases/download/v0.24.3/rules_go-v0.24.3.tar.gz", - ], -) - -http_archive( - name = "bazel_gazelle", - sha256 = "b85f48fa105c4403326e9525ad2b2cc437babaa6e15a3fc0b1dbab0ab064bc7c", - urls = [ - "https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.22.2/bazel-gazelle-v0.22.2.tar.gz", - "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.22.2/bazel-gazelle-v0.22.2.tar.gz", - ], -) - -load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies") -load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies") - -go_rules_dependencies() - -go_register_toolchains() - -gazelle_dependencies() - -# Docker rules. -http_archive( - name = "io_bazel_rules_docker", - sha256 = "cf53839c398e464b10ec2fbeb11aedb446f078c28e3b4ce372461bb105ef435c", - strip_prefix = "rules_docker-f8478e57ab7457e403fda474f06ac0bb120d92a7", - urls = ["https://github.com/bazelbuild/rules_docker/archive/f8478e57ab7457e403fda474f06ac0bb120d92a7.tar.gz"], -) - -load( - "@io_bazel_rules_docker//repositories:repositories.bzl", - container_repositories = "repositories", -) - -container_repositories() - -load("@io_bazel_rules_docker//repositories:deps.bzl", container_deps = "deps") - -container_deps() - -load("@io_bazel_rules_docker//repositories:pip_repositories.bzl", "pip_deps") - -pip_deps() diff --git a/cmd/executor/BUILD b/cmd/executor/BUILD deleted file mode 100644 index 7c58a3657d..0000000000 --- a/cmd/executor/BUILD +++ /dev/null @@ -1,61 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") -load("@io_bazel_rules_docker//container:container.bzl", "container_image") - -go_library( - name = "executor_lib", - srcs = ["main.go"], - importpath = "github.com/GoogleContainerTools/kaniko/cmd/executor", - visibility = ["//visibility:private"], - deps = ["//cmd/executor/cmd"], -) - -go_binary( - name = "executor", - embed = [":executor_lib"], - pure = "on", - visibility = ["//visibility:public"], -) - -ARCHITECTURES = [ - "amd64", - "arm64", - "s390x", -] - -[ - go_binary( - name = "executor_" + arch, - embed = [":executor_lib"], - goarch = arch, - goos = "linux", - pure = "on", - visibility = ["//visibility:public"], - ) - for arch in ARCHITECTURES -] - -[ - container_image( - name = "image_" + arch, - architecture = arch, - base = "//files:image", - directory = "/kaniko", - entrypoint = ["/kaniko/executor_" + arch], - env = { - "HOME": "/root", - "USER": "root", - "PATH": "/usr/local/bin:/kaniko", - "SSL_CERT_DIR": "/kaniko/ssl/certs", - "DOCKER_CONFIG": "/kaniko/.docker/", - }, - files = [ - ":executor_" + arch, - ], - symlinks = { - "/kaniko/executor": "/kaniko/executor_" + arch, - }, - visibility = ["//visibility:public"], - workdir = "/workspace", - ) - for arch in ARCHITECTURES -] diff --git a/deploy/Dockerfile b/deploy/Dockerfile index 2438fb4629..bde869405a 100644 --- a/deploy/Dockerfile +++ b/deploy/Dockerfile @@ -17,7 +17,6 @@ FROM golang:1.14 ARG GOARCH=amd64 WORKDIR /go/src/github.com/GoogleContainerTools/kaniko - RUN echo $GOARCH > /goarch #This arg is passed by docker buildx & contains the platform info in the form linux/amd64, linux/ppc64le etc. @@ -25,6 +24,7 @@ ARG TARGETPLATFORM #Capture ARCH has write to /goarch RUN [ ! "x" = "x$TARGETPLATFORM" ] && `echo $TARGETPLATFORM | awk '{split($0,a,"/"); print a[2]}' > /goarch` || echo "$GOARCH" +RUN echo "I am runninng $TARGETPLATFORM with with $(cat /goarch)" # Get GCR credential helper RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \ @@ -33,13 +33,13 @@ RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \ git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ make deps OUT_DIR=/usr/local/bin && \ - go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go + go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go # Get Amazon ECR credential helper RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper -# ACR docker credential helper +# Azure docker credential helper COPY ./acr.patch / RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/Azure || true) && \ cd /go/src/github.com/Azure && \ @@ -48,8 +48,8 @@ RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/Azure || true) && \ git checkout a79b541f3ee761f6cc4511863ed41fb038c19464 && \ git apply < /acr.patch && \ make && cp -f bin/linux/${GOARCH}/docker-credential-acr-linux /usr/local/bin/docker-credential-acr-linux - -#ACR docker env credential helper + +# ACR docker env credential helper RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/chrismellard || true) && \ cd /go/src/github.com/chrismellard && \ git clone https://github.com/chrismellard/docker-credential-acr-env && \ @@ -60,7 +60,7 @@ RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/chrismellard || true) RUN mkdir -p /kaniko/.docker COPY . . -RUN make GOARCH=$(cat /goarch.txt) +RUN make GOARCH=$(cat /goarch) FROM scratch COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/executor /kaniko/executor diff --git a/deploy/Dockerfile_debug b/deploy/Dockerfile_debug index aa32ae4954..26520280fd 100644 --- a/deploy/Dockerfile_debug +++ b/deploy/Dockerfile_debug @@ -17,32 +17,60 @@ # Stage 0: Build the executor binary and get credential helpers FROM golang:1.14 ARG GOARCH=amd64 +RUN echo $GOARCH > /goarch + +#This arg is passed by docker buildx & contains the platform info in the form linux/amd64, linux/ppc64le etc. +ARG TARGETPLATFORM + +#Capture ARCH has write to /goarch +RUN [ ! "x" = "x$TARGETPLATFORM" ] && `echo $TARGETPLATFORM | awk '{split($0,a,"/"); print a[2]}' > /goarch` || echo "$GOARCH" +RUN echo "I am runninng $TARGETPLATFORM with with $(cat /goarch)" +RUN cat /goarch + WORKDIR /go/src/github.com/GoogleContainerTools/kaniko + # Get GCR credential helper -ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.2/docker-credential-gcr_linux_amd64-2.0.2.tar.gz /usr/local/bin/ -RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-2.0.2.tar.gz +RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \ + (mkdir -p /go/src/github.com/GoogleCloudPlatform || true) && \ + cd /go/src/github.com/GoogleCloudPlatform && \ + git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ + cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ + make deps OUT_DIR=/usr/local/bin && \ + go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go + # Get Amazon ECR credential helper -RUN go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login -RUN make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper linux-amd64 +RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ + make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper + # ACR docker credential helper -ADD https://aadacr.blob.core.windows.net/acr-docker-credential-helper/docker-credential-acr-linux-amd64.tar.gz /usr/local/bin -RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-acr-linux-amd64.tar.gz -# ACR docker env credential helper -ADD https://github.com/chrismellard/docker-credential-acr-env/releases/download/0.6.0/docker-credential-acr-env_0.6.0_Linux_x86_64.tar.gz /usr/local/bin/ -RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-acr-env_0.6.0_Linux_x86_64.tar.gz +COPY ./acr.patch / +RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/Azure || true) && \ + cd /go/src/github.com/Azure && \ + git clone https://github.com/Azure/acr-docker-credential-helper && \ + cd /go/src/github.com/Azure/acr-docker-credential-helper && \ + git checkout a79b541f3ee761f6cc4511863ed41fb038c19464 && \ + git apply < /acr.patch && \ + make && cp -f bin/linux/${GOARCH}/docker-credential-acr-linux /usr/local/bin/docker-credential-acr-linux + +#ACR docker env credential helper +RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/chrismellard || true) && \ + cd /go/src/github.com/chrismellard && \ + git clone https://github.com/chrismellard/docker-credential-acr-env && \ + cd docker-credential-acr-env && \ + make build && cp -f ./build/docker-credential-acr-env /usr/local/bin # Add .docker config dir RUN mkdir -p /kaniko/.docker COPY . . -RUN make GOARCH=${GOARCH} && make out/warmer +RUN make GOARCH=$(cat /goarch) && make GOARCH=$(cat /goarch.txt) out/warmer FROM scratch COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/* /kaniko/ +COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/warmer /kaniko/warmer COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr -COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/linux-amd64/docker-credential-ecr-login /kaniko/docker-credential-ecr-login +COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/local/docker-credential-ecr-login /kaniko/docker-credential-ecr-login COPY --from=0 /usr/local/bin/docker-credential-acr-linux /kaniko/docker-credential-acr -COPY --from=0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env COPY --from=amd64/busybox:1.32.0 /bin /busybox # Declare /busybox as a volume to get it automatically in the path to ignore diff --git a/deploy/Dockerfile_slim b/deploy/Dockerfile_slim new file mode 100644 index 0000000000..919578c0a5 --- /dev/null +++ b/deploy/Dockerfile_slim @@ -0,0 +1,42 @@ +# Copyright 2020 Google, Inc. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Builds the static Go image to execute in a Kubernetes job +FROM golang:1.14 as build_env +ARG GOARCH=amd64 +RUN echo $GOARCH > /goarch + +#This arg is passed by docker buildx & contains the platform info in the form linux/amd64, linux/ppc64le etc. +ARG TARGETPLATFORM + +#Capture ARCH has write to /goarch +RUN [ ! "x" = "x$TARGETPLATFORM" ] && `echo $TARGETPLATFORM | awk '{split($0,a,"/"); print a[2]}' > /goarch` || echo "$GOARCH" +RUN echo "I am runninng $TARGETPLATFORM with $(cat /goarch)" + +WORKDIR /go/src/github.com/GoogleContainerTools/kaniko +COPY . . + +RUN make GOARCH=$(cat /goarch) + +FROM scratch +COPY --from=build_env /go/src/github.com/GoogleContainerTools/kaniko/out/executor /kaniko/executor +COPY files/nsswitch.conf /etc/nsswitch.conf +COPY files/ca-certificates.crt /kaniko/ssl/certs/ +ENV HOME /root +ENV USER root +ENV PATH /usr/local/bin:/kaniko +ENV SSL_CERT_DIR=/kaniko/ssl/certs + +ENTRYPOINT ["/kaniko/executor"] + diff --git a/deploy/Dockerfile_warmer b/deploy/Dockerfile_warmer index 4f76cdbcc8..9e349f83b8 100644 --- a/deploy/Dockerfile_warmer +++ b/deploy/Dockerfile_warmer @@ -17,25 +17,55 @@ FROM golang:1.14 ARG GOARCH=amd64 WORKDIR /go/src/github.com/GoogleContainerTools/kaniko +RUN echo $GOARCH > /goarch + +#This arg is passed by docker buildx & contains the platform info in the form linux/amd64, linux/ppc64le etc. +ARG TARGETPLATFORM + +#Capture ARCH has write to /goarch +RUN [ ! "x" = "x$TARGETPLATFORM" ] && `echo $TARGETPLATFORM | awk '{split($0,a,"/"); print a[2]}' > /goarch` || echo "$GOARCH" +RUN echo "I am runninng $TARGETPLATFORM with $(cat /goarch)" + # Get GCR credential helper -ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.1/docker-credential-gcr_linux_amd64-2.0.1.tar.gz /usr/local/bin/ -RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-2.0.1.tar.gz +RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \ + (mkdir -p /go/src/github.com/GoogleCloudPlatform || true) && \ + cd /go/src/github.com/GoogleCloudPlatform && \ + git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ + cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ + make deps OUT_DIR=/usr/local/bin && \ + go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go + # Get Amazon ECR credential helper -RUN go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login -RUN make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper linux-amd64 -# ACR docker credential helper -ADD https://aadacr.blob.core.windows.net/acr-docker-credential-helper/docker-credential-acr-linux-amd64.tar.gz /usr/local/bin -RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-acr-linux-amd64.tar.gz +RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ + make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper + +# Azure docker credential helper +COPY ./acr.patch / +RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/Azure || true) && \ + cd /go/src/github.com/Azure && \ + git clone https://github.com/Azure/acr-docker-credential-helper && \ + cd /go/src/github.com/Azure/acr-docker-credential-helper && \ + git checkout a79b541f3ee761f6cc4511863ed41fb038c19464 && \ + git apply < /acr.patch && \ + make && cp -f bin/linux/${GOARCH}/docker-credential-acr-linux /usr/local/bin/docker-credential-acr-linux + +# ACR docker env credential helper +RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/chrismellard || true) && \ + cd /go/src/github.com/chrismellard && \ + git clone https://github.com/chrismellard/docker-credential-acr-env && \ + cd docker-credential-acr-env && \ + make build && cp -f ./build/docker-credential-acr-env /usr/local/bin + # Add .docker config dir RUN mkdir -p /kaniko/.docker COPY . . -RUN make GOARCH=${GOARCH} out/warmer +RUN make GOARCH=$(cat /goarch) out/warmer FROM scratch COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/warmer /kaniko/warmer COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr -COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/linux-amd64/docker-credential-ecr-login /kaniko/docker-credential-ecr-login +COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/local/docker-credential-ecr-login /kaniko/docker-credential-ecr-login COPY --from=0 /usr/local/bin/docker-credential-acr-linux /kaniko/docker-credential-acr COPY files/ca-certificates.crt /kaniko/ssl/certs/ COPY --from=0 /kaniko/.docker /kaniko/.docker diff --git a/deploy/cloudbuild-debug-release.yaml b/deploy/cloudbuild-debug-release.yaml new file mode 100644 index 0000000000..3f7ab52fd1 --- /dev/null +++ b/deploy/cloudbuild-debug-release.yaml @@ -0,0 +1,24 @@ +timeout: 1800s + +steps: +# Set up builder for muti-arch builds. +- name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' +- name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + +# Build kaniko:debug +- name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_debug", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$TAG_NAME-debug", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:debug", "--push", "."] + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _EXECUTOR_IMAGE_NAME: executor + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' \ No newline at end of file diff --git a/deploy/cloudbuild-debug.yaml b/deploy/cloudbuild-debug.yaml new file mode 100644 index 0000000000..1980e2e505 --- /dev/null +++ b/deploy/cloudbuild-debug.yaml @@ -0,0 +1,25 @@ +timeout: 1800s + +steps: + # Set up builder for muti-arch builds. + - name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' + - name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + + # Then, we want to build kaniko:debug + - name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_debug", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$COMMIT_SHA-debug", + "--push", "."] + + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _EXECUTOR_IMAGE_NAME: executor + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' diff --git a/deploy/cloudbuild-executor-release.yaml b/deploy/cloudbuild-executor-release.yaml new file mode 100644 index 0000000000..19d3e32770 --- /dev/null +++ b/deploy/cloudbuild-executor-release.yaml @@ -0,0 +1,30 @@ +timeout: 1800s + +steps: +# Set up builder for muti-arch builds. +- name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' +- name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + +# First, build kaniko +- name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$TAG_NAME", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:latest", "--push", "."] + +# Finally executor:slim image +- name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_slim", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$TAG_NAME-slim", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:slim", "--push", "."] + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _EXECUTOR_IMAGE_NAME: executor + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' \ No newline at end of file diff --git a/deploy/cloudbuild-executor.yaml b/deploy/cloudbuild-executor.yaml new file mode 100644 index 0000000000..5d83f18ee6 --- /dev/null +++ b/deploy/cloudbuild-executor.yaml @@ -0,0 +1,28 @@ +timeout: 1800s + +steps: + # Set up builder for muti-arch builds. + - name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' + - name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + +# # First, build kaniko +# - name: "gcr.io/cloud-builders/docker" +# args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile", +# "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$COMMIT_SHA", "--push", "." ] + + # Finally executor:slim image + - name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_slim", + "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:$COMMIT_SHA-slim", "--push", "."] + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _EXECUTOR_IMAGE_NAME: executor + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' diff --git a/deploy/cloudbuild-release.yaml b/deploy/cloudbuild-release.yaml deleted file mode 100644 index f7004f2cf1..0000000000 --- a/deploy/cloudbuild-release.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# This cloudbuild is run on the creation of new tags, which should signify releases. -timeout: 1800s - -steps: - - # First, build kaniko - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile", - "-t", "gcr.io/kaniko-project/executor:$TAG_NAME", "."] - - name: "gcr.io/cloud-builders/docker" - args: ["tag", "gcr.io/kaniko-project/executor:$TAG_NAME", - "gcr.io/kaniko-project/executor:latest"] - # Then, we want to build kaniko:debug - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile_debug", - "-t", "gcr.io/kaniko-project/executor:debug-$TAG_NAME", "."] - - name: "gcr.io/cloud-builders/docker" - args: ["tag", "gcr.io/kaniko-project/executor:debug-$TAG_NAME", - "gcr.io/kaniko-project/executor:$TAG_NAME-debug"] - - name: "gcr.io/cloud-builders/docker" - args: ["tag", "gcr.io/kaniko-project/executor:debug-$TAG_NAME", - "gcr.io/kaniko-project/executor:debug"] - # Then, we want to build the cache warmer - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile_warmer", - "-t", "gcr.io/kaniko-project/warmer:$TAG_NAME", "."] - - name: "gcr.io/cloud-builders/docker" - args: ["tag", "gcr.io/kaniko-project/warmer:$TAG_NAME", - "gcr.io/kaniko-project/warmer:latest"] - - - # Build each of the multi-arch images with Bazel and load them into the Docker daemon. - - name: gcr.io/cloud-marketplace-containers/google/bazel:3.4.1 - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - bazel run //:gazelle - bazel run --host_force_python=PY2 //cmd/executor:image_amd64 - bazel run --host_force_python=PY2 //cmd/executor:image_arm64 - bazel run --host_force_python=PY2 //cmd/executor:image_s390x - - # Publish the individual container images - - name: docker - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - docker tag bazel/cmd/executor:image_amd64 gcr.io/kaniko-project/executor:amd64 - docker tag bazel/cmd/executor:image_amd64 gcr.io/kaniko-project/executor:amd64-$TAG_NAME - docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:arm64 - docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:arm64-$TAG_NAME - docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:s390x - docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:s390x-$TAG_NAME - - docker push gcr.io/kaniko-project/executor:amd64 - docker push gcr.io/kaniko-project/executor:amd64-$TAG_NAME - docker push gcr.io/kaniko-project/executor:arm64 - docker push gcr.io/kaniko-project/executor:arm64-$TAG_NAME - docker push gcr.io/kaniko-project/executor:s390x - docker push gcr.io/kaniko-project/executor:s390x-$TAG_NAME - - # Enable "manifest list" support in docker, and publish one covering the per-architecture - # images published above. - - name: docker - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - # Publish manifest lists second, after all of the binary material - # has been uploaded, so that it is fast. We want fast because enabling - # the experimental features in docker changes ~/.docker/config.json, which - # GCB periodically tramples. - # - # Enable support for 'docker manifest create' - # https://docs.docker.com/engine/reference/commandline/manifest_create/ - sed -i 's/^{/{"experimental": "enabled",/g' ~/.docker/config.json - - docker manifest create gcr.io/kaniko-project/executor:multi-arch \ - gcr.io/kaniko-project/executor:amd64 \ - gcr.io/kaniko-project/executor:arm64 \ - gcr.io/kaniko-project/executor:s390x - docker manifest push gcr.io/kaniko-project/executor:multi-arch - - docker manifest create gcr.io/kaniko-project/executor:multi-arch-$TAG_NAME \ - gcr.io/kaniko-project/executor:amd64-$TAG_NAME \ - gcr.io/kaniko-project/executor:arm64-$TAG_NAME \ - gcr.io/kaniko-project/executor:s390x-$TAG_NAME - docker manifest push gcr.io/kaniko-project/executor:multi-arch-$TAG_NAME - - -images: ["gcr.io/kaniko-project/executor:$TAG_NAME", - "gcr.io/kaniko-project/executor:latest", - "gcr.io/kaniko-project/executor:debug-$TAG_NAME", - "gcr.io/kaniko-project/executor:debug", - "gcr.io/kaniko-project/warmer:$TAG_NAME", - "gcr.io/kaniko-project/warmer:latest", - "gcr.io/kaniko-project/executor:$TAG_NAME-debug"] diff --git a/deploy/cloudbuild-warmer-release.yaml b/deploy/cloudbuild-warmer-release.yaml new file mode 100644 index 0000000000..f977f1b6f2 --- /dev/null +++ b/deploy/cloudbuild-warmer-release.yaml @@ -0,0 +1,24 @@ +timeout: 1800s + +steps: +# Set up builder for muti-arch builds. +- name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' +- name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + +# Build the cache warmer +- name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_warmer", + "-t", "gcr.io/$PROJECT_ID/{_WARMER_IMAGE_NAME}:$TAG_NAME", + "-t", "gcr.io/$PROJECT_ID/{_WARMER_IMAGE_NAME}:latest", "--push", "."] + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _WARMER_IMAGE_NAME: warmer + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' \ No newline at end of file diff --git a/deploy/cloudbuild-warmer.yaml b/deploy/cloudbuild-warmer.yaml new file mode 100644 index 0000000000..f7ff6f990f --- /dev/null +++ b/deploy/cloudbuild-warmer.yaml @@ -0,0 +1,23 @@ +timeout: 1800s + +steps: + # Set up builder for muti-arch builds. + - name: 'gcr.io/cloud-builders/docker' + args: ['run', '--privileged', 'linuxkit/binfmt:v0.7'] + id: 'initialize-qemu' + - name: 'gcr.io/cloud-builders/docker' + args: ['buildx', 'create', '--use', '--platform', '${_DOCKER_BUILDX_PLATFORMS}'] + id: 'create-builder' + + # Build the cache warmer + - name: "gcr.io/cloud-builders/docker" + args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_warmer", + "-t", "gcr.io/$PROJECT_ID/${_WARMER_IMAGE_NAME}:$COMMIT_SHA", "--push", "."] + +options: + env: + - 'DOCKER_CLI_EXPERIMENTAL=enabled' + +substitutions: + _WARMER_IMAGE_NAME: warmer + _DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64' diff --git a/deploy/cloudbuild.yaml b/deploy/cloudbuild.yaml deleted file mode 100644 index d60c7412fd..0000000000 --- a/deploy/cloudbuild.yaml +++ /dev/null @@ -1,88 +0,0 @@ -timeout: 1800s - -steps: - - # First, build kaniko - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile", - "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:${COMMIT_SHA}", "."] - # Then, we want to build kaniko:debug - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile_debug", - "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:debug-${COMMIT_SHA}", "."] - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile_debug", - "-t", "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:${COMMIT_SHA}-debug", "."] - # Then, we want to build the cache warmer - - name: "gcr.io/cloud-builders/docker" - args: ["build", "-f", "deploy/Dockerfile_warmer", - "-t", "gcr.io/$PROJECT_ID/${_WARMER_IMAGE_NAME}:${COMMIT_SHA}", "."] - - - # Build each of the multi-arch images with Bazel and load them into the Docker daemon. - - name: gcr.io/cloud-marketplace-containers/google/bazel:3.4.1 - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - bazel run //:gazelle - bazel run --host_force_python=PY2 //cmd/executor:image_amd64 - bazel run --host_force_python=PY2 //cmd/executor:image_arm64 - bazel run --host_force_python=PY2 //cmd/executor:image_s390x - - # Publish the individual container images - - name: docker - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - docker tag bazel/cmd/executor:image_amd64 gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:amd64-${COMMIT_SHA} - docker tag bazel/cmd/executor:image_arm64 gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:arm64-${COMMIT_SHA} - docker tag bazel/cmd/executor:image_s390x gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:s390x-${COMMIT_SHA} - - docker push gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:amd64-${COMMIT_SHA} - docker push gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:arm64-${COMMIT_SHA} - docker push gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:s390x-${COMMIT_SHA} - - # Enable "manifest list" support in docker, and publish one covering the per-architecture - # images published above. - - name: docker - entrypoint: sh - args: - - -c - - | - #!/bin/sh - set -o errexit - set -o xtrace - - # Publish manifest lists second, after all of the binary material - # has been uploaded, so that it is fast. We want fast because enabling - # the experimental features in docker changes ~/.docker/config.json, which - # GCB periodically tramples. - # - # Enable support for 'docker manifest create' - # https://docs.docker.com/engine/reference/commandline/manifest_create/ - sed -i 's/^{/{"experimental": "enabled",/g' ~/.docker/config.json - - docker manifest create gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:multi-arch-${COMMIT_SHA} \ - gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:amd64-${COMMIT_SHA} \ - gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:arm64-${COMMIT_SHA} \ - gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:s390x-${COMMIT_SHA} - docker manifest push gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:multi-arch-${COMMIT_SHA} - - -images: ["gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:${COMMIT_SHA}", - "gcr.io/$PROJECT_ID/${_EXECUTOR_IMAGE_NAME}:debug-${COMMIT_SHA}", - "gcr.io/$PROJECT_ID/${_WARMER_IMAGE_NAME}:${COMMIT_SHA}"] - -substitutions: - _EXECUTOR_IMAGE_NAME: executor - _WARMER_IMAGE_NAME: warmer diff --git a/files/BUILD b/files/BUILD deleted file mode 100644 index b14343c978..0000000000 --- a/files/BUILD +++ /dev/null @@ -1,16 +0,0 @@ -load("@io_bazel_rules_docker//container:container.bzl", "container_image") - -container_image( - name = "nsswitch", - directory = "etc", - files = [":nsswitch.conf"], - visibility = ["//visibility:private"], -) - -container_image( - name = "image", - base = ":nsswitch", - directory = "kaniko/ssl/certs", - files = [":ca-certificates.crt"], - visibility = ["//visibility:public"], -) diff --git a/scripts/minikube-setup.sh b/scripts/minikube-setup.sh index 34ba001302..ad611b68d6 100755 --- a/scripts/minikube-setup.sh +++ b/scripts/minikube-setup.sh @@ -33,8 +33,9 @@ sudo mv minikube /usr/local/bin/ sudo apt-get update sudo apt-get install -y liblz4-tool +cat /proc/cpuinfo -sudo minikube start --vm-driver=none +sudo minikube start --vm-driver=none --force sudo minikube status sudo chown -R $USER $HOME/.kube $HOME/.minikube kubectl cluster-info