public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity

chore: add release workflow on pr (#1785) 

* chore: add release workflow on pr

* remove linux/s390x

* use keys

* set up platforms

* cancel

* update keys

* add secrets to env

* All platforms added for kaniko

Co-authored-by: Kun-Lu <kun.lu@ibm.com>

* echi

* add mt 1300, remove push

* Remove

* final change

* break executor and executor-slim

Co-authored-by: Kun-Lu <kun.lu@ibm.com>
This commit is contained in:
Tejal Desai 2021-10-19 18:58:02 -07:00 committed by GitHub
parent b873088c4a
commit 3b42fe45ea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 245 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
.github/workflows/pr_release.yaml vendored Normal file
View File

@ -0,0 +1,171 @@
name: Build images on pull requests
on: [pull_request]
concurrency:
group: release-images-${{ github.head_ref }}
cancel-in-progress: true
jobs:
build-executor-slim:
env:
GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64,linux/s390x,linux/ppc64le"
runs-on: ubuntu-latest
steps:
- name: Clone source code
uses: actions/checkout@v2
- name: Get the tags
id: vars
run: echo ::set-output name=tag::${GITHUB_REF/refs\/tags\//}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: ${{ env.PLATFORMS }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile_slim
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-slim
build-debug:
env:
GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest
steps:
- name: Clone source code
uses: actions/checkout@v2
- name: Get the tags
id: vars
run: echo ::set-output name=tag::${GITHUB_REF/refs\/tags\//}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: ${{ env.PLATFORMS }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile_debug
platforms: linux/amd64,linux/arm64
tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-debug
build-warmer:
env:
GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest
steps:
- name: Clone source code
uses: actions/checkout@v2
- name: Get the tags
id: vars
run: echo ::set-output name=tag::${GITHUB_REF/refs\/tags\//}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: ${{ env.PLATFORMS }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile_warmer
platforms: linux/amd64,linux/arm64
tags: |
gcr.io/kaniko-project/warmer:${{ env.GITHUB_SHA }}
build-executor:
env:
GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest
steps:
- name: Clone source code
uses: actions/checkout@v2
- name: Get the tags
id: vars
run: echo ::set-output name=tag::${GITHUB_REF/refs\/tags\//}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: ${{ env.PLATFORMS }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}

82
.github/workflows/release.yaml vendored
View File

@ -10,7 +10,8 @@ jobs:
env: env:
GITHUB_SHA: ${{ github.sha }} GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }} GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64,linux/s390x" PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Clone source code - name: Clone source code
@ -52,22 +53,11 @@ jobs:
# via gcloud command-line tool. # via gcloud command-line tool.
gcloud auth configure-docker gcloud auth configure-docker
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile_slim
platforms: linux/amd64,linux/arm64,linux/s390x
push: true
tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-slim
gcr.io/kaniko-project/executor:${{ steps.vars.outputs.tag }}-slim
gcr.io/kaniko-project/executor:slim
- uses: docker/build-push-action@v2 - uses: docker/build-push-action@v2
with: with:
context: . context: .
file: ./deploy/Dockerfile file: ./deploy/Dockerfile
platforms: linux/amd64,linux/arm64,linux/s390x platforms: linux/amd64,linux/arm64
push: true push: true
tags: | tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }} gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}
@ -94,7 +84,7 @@ jobs:
env: env:
GITHUB_SHA: ${{ github.sha }} GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }} GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64,linux/s390x" PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Clone source code - name: Clone source code
@ -140,7 +130,7 @@ jobs:
with: with:
context: . context: .
file: ./deploy/Dockerfile_debug file: ./deploy/Dockerfile_debug
platforms: linux/amd64,linux/arm64,linux/s390x platforms: linux/amd64,linux/arm64
push: true push: true
tags: | tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-debug gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-debug
@ -163,7 +153,7 @@ jobs:
env: env:
GITHUB_SHA: ${{ github.sha }} GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }} GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64,linux/s390x" PLATFORMS: "linux/amd64,linux/arm64"
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Clone source code - name: Clone source code
@ -208,7 +198,7 @@ jobs:
with: with:
context: . context: .
file: ./deploy/Dockerfile_warmer file: ./deploy/Dockerfile_warmer
platforms: linux/amd64,linux/arm64,linux/s390x platforms: linux/amd64,linux/arm64
push: true push: true
tags: | tags: |
gcr.io/kaniko-project/warmer:${{ env.GITHUB_SHA }} gcr.io/kaniko-project/warmer:${{ env.GITHUB_SHA }}
@ -226,3 +216,61 @@ jobs:
cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:${{ env.GITHUB_SHA }} cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:${{ env.GITHUB_SHA }}
cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:${{ steps.vars.outputs.tag }} cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:${{ steps.vars.outputs.tag }}
cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:latest cosign sign -kms $KMS_VAL gcr.io/kaniko-project/warmer:latest
build-slim:
env:
GITHUB_SHA: ${{ github.sha }}
GITHUB_REF: ${{ github.ref }}
PLATFORMS: "linux/amd64,linux/arm64,linux/s390x,linux/ppc64le"
runs-on: ubuntu-latest
steps:
- name: Clone source code
uses: actions/checkout@v2
- name: Get the tags
id: vars
run: echo ::set-output name=tag::${GITHUB_REF/refs\/tags\//}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
platforms: ${{ env.PLATFORMS }}
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
version: latest
- name: Setup gcloud CLI
uses: google-github-actions/setup-gcloud@master
with:
service_account_key: ${{ secrets.GCR_DEVOPS_SERVICE_ACCOUNT_KEY }}
project_id: kaniko-project
export_default_credentials: true
# Configure docker to use the gcloud command-line tool as a credential helper
- run: |
# Set up docker to authenticate
# via gcloud command-line tool.
gcloud auth configure-docker
- uses: docker/build-push-action@v2
with:
context: .
file: ./deploy/Dockerfile_slim
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
push: true
tags: |
gcr.io/kaniko-project/executor:${{ env.GITHUB_SHA }}-slim
gcr.io/kaniko-project/executor:${{ steps.vars.outputs.tag }}-slim
gcr.io/kaniko-project/executor:slim

4
deploy/Dockerfile
View File

@ -33,7 +33,9 @@ RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \
git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \
cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \
git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \ git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \
go build -o /usr/local/bin/docker-credential-gcr main.go go get -u -t ./... && \
go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go
# Get Amazon ECR credential helper # Get Amazon ECR credential helper
RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \

4
deploy/Dockerfile_debug
View File

@ -36,7 +36,9 @@ RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \
git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \
cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \
git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \ git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \
go build -o /usr/local/bin/docker-credential-gcr main.go go get -u -t ./... && \
go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go
# Get Amazon ECR credential helper # Get Amazon ECR credential helper
RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \

4
deploy/Dockerfile_warmer
View File

@ -33,7 +33,9 @@ RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \
git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \
cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \
git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \ git checkout 4cdd60d0f2d8a69bc70933f4d7718f9c4e956ff8 && \
go build -o /usr/local/bin/docker-credential-gcr main.go go get -u -t ./... && \
go build -ldflags "-linkmode external -extldflags -static" -i -o /usr/local/bin/docker-credential-gcr main.go
# Get Amazon ECR credential helper # Get Amazon ECR credential helper
RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ RUN GOARCH=$(cat /goarch) && go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \