Merge pull request #87 from pohly/cloud-build
cloud build: initial set of shared files
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
17dde9ef00
63
build.make
63
build.make
|
|
@ -105,6 +105,69 @@ build: $(CMDS:%=build-%)
|
||||||
container: $(CMDS:%=container-%)
|
container: $(CMDS:%=container-%)
|
||||||
push: $(CMDS:%=push-%)
|
push: $(CMDS:%=push-%)
|
||||||
|
|
||||||
|
# Additional parameters are needed when pushing to a local registry,
|
||||||
|
# see https://github.com/docker/buildx/issues/94.
|
||||||
|
# However, that then runs into https://github.com/docker/cli/issues/2396.
|
||||||
|
#
|
||||||
|
# What works for local testing is:
|
||||||
|
# make push-multiarch PULL_BASE_REF=master REGISTRY_NAME=<your account on dockerhub.io> BUILD_PLATFORMS="linux amd64; windows amd64 .exe; linux ppc64le -ppc64le; linux s390x -s390x"
|
||||||
|
DOCKER_BUILDX_CREATE_ARGS ?=
|
||||||
|
|
||||||
|
# This target builds a multiarch image for one command using Moby BuildKit builder toolkit.
|
||||||
|
# Docker Buildx is included in Docker 19.03.
|
||||||
|
#
|
||||||
|
# ./cmd/<command>/Dockerfile[.Windows] is used if found, otherwise Dockerfile[.Windows].
|
||||||
|
# BUILD_PLATFORMS determines which individual images are included in the multiarch image.
|
||||||
|
# PULL_BASE_REF must be set to 'master', 'release-x.y', or a tag name, and determines
|
||||||
|
# the tag for the resulting multiarch image.
|
||||||
|
push-multiarch-%: check-pull-base-ref build-%
|
||||||
|
set -ex; \
|
||||||
|
DOCKER_CLI_EXPERIMENTAL=enabled; \
|
||||||
|
export DOCKER_CLI_EXPERIMENTAL; \
|
||||||
|
docker buildx create $(DOCKER_BUILDX_CREATE_ARGS) --use --name multiarchimage-buildertest; \
|
||||||
|
trap "docker buildx rm multiarchimage-buildertest" EXIT; \
|
||||||
|
dockerfile_linux=$$(if [ -e ./cmd/$*/Dockerfile ]; then echo ./cmd/$*/Dockerfile; else echo Dockerfile; fi); \
|
||||||
|
dockerfile_windows=$$(if [ -e ./cmd/$*/Dockerfile.Windows ]; then echo ./cmd/$*/Dockerfile.Windows; else echo Dockerfile.Windows; fi); \
|
||||||
|
if [ '$(BUILD_PLATFORMS)' ]; then build_platforms='$(BUILD_PLATFORMS)'; else build_platforms="linux amd64"; fi; \
|
||||||
|
pushMultiArch () { \
|
||||||
|
tag=$$1; \
|
||||||
|
echo "$$build_platforms" | tr ';' '\n' | while read -r os arch suffix; do \
|
||||||
|
docker buildx build --push \
|
||||||
|
--tag $(IMAGE_NAME):$$arch-$$os-$$tag \
|
||||||
|
--platform=$$os/$$arch \
|
||||||
|
--file $$(eval echo \$${dockerfile_$$os}) \
|
||||||
|
--build-arg binary=./bin/$*$$suffix \
|
||||||
|
--label revision=$(REV) \
|
||||||
|
.; \
|
||||||
|
done; \
|
||||||
|
images=$$(echo "$$build_platforms" | tr ';' '\n' | while read -r os arch suffix; do echo $(IMAGE_NAME):$$arch-$$os-$$tag; done); \
|
||||||
|
docker manifest create --amend $(IMAGE_NAME):$$tag $$images; \
|
||||||
|
docker manifest push -p $(IMAGE_NAME):$$tag; \
|
||||||
|
}; \
|
||||||
|
if [ $(PULL_BASE_REF) = "master" ]; then \
|
||||||
|
: "creating or overwriting canary image"; \
|
||||||
|
pushMultiArch canary; \
|
||||||
|
elif echo $(PULL_BASE_REF) | grep -q -e 'release-*' ; then \
|
||||||
|
: "creating or overwriting canary image for release branch"; \
|
||||||
|
release_canary_tag=$$(echo $(PULL_BASE_REF) | cut -f2 -d '-')-canary; \
|
||||||
|
pushMultiArch $$release_canary_tag; \
|
||||||
|
elif docker pull $(IMAGE_NAME):$(PULL_BASE_REF) 2>&1 | tee /dev/stderr | grep -q "manifest for $(IMAGE_NAME):$(PULL_BASE_REF) not found"; then \
|
||||||
|
: "creating release image"; \
|
||||||
|
pushMultiArch $(PULL_BASE_REF); \
|
||||||
|
else \
|
||||||
|
: "ERROR: release image $(IMAGE_NAME):$(PULL_BASE_REF) already exists: a new tag is required!"; \
|
||||||
|
exit 1; \
|
||||||
|
fi
|
||||||
|
|
||||||
|
.PHONY: check-pull-base-ref
|
||||||
|
check-pull-base-ref:
|
||||||
|
if ! [ "$(PULL_BASE_REF)" ]; then \
|
||||||
|
echo >&2 "ERROR: PULL_BASE_REF must be set to 'master', 'release-x.y', or a tag name."; \
|
||||||
|
exit 1; \
|
||||||
|
fi
|
||||||
|
|
||||||
|
push-multiarch: $(CMDS:%=push-multiarch-%)
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
-rm -rf bin
|
-rm -rf bin
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
# shellcheck disable=SC1091
|
||||||
|
. release-tools/prow.sh
|
||||||
|
|
||||||
|
gcr_cloud_build
|
||||||
|
|
@ -0,0 +1,44 @@
|
||||||
|
# A configuration file for multi-arch image building with the Google cloud build service.
|
||||||
|
#
|
||||||
|
# Repos using this file must:
|
||||||
|
# - import csi-release-tools
|
||||||
|
# - add a symlink cloudbuild.yaml -> release-tools/cloudbuild.yaml
|
||||||
|
# - add a .cloudbuild.sh which can be a custom file or a symlink
|
||||||
|
# to release-tools/cloudbuild.sh
|
||||||
|
# - accept "binary" as build argument in their Dockerfile(s) (see
|
||||||
|
# https://github.com/pohly/node-driver-registrar/blob/3018101987b0bb6da2a2657de607174d6e3728f7/Dockerfile#L4-L6)
|
||||||
|
# because binaries will get built for different architectures and then
|
||||||
|
# get copied from the built host into the container image
|
||||||
|
#
|
||||||
|
# See https://github.com/kubernetes/test-infra/blob/master/config/jobs/image-pushing/README.md
|
||||||
|
# for more details on image pushing process in Kubernetes.
|
||||||
|
|
||||||
|
# This must be specified in seconds. If omitted, defaults to 600s (10 mins).
|
||||||
|
timeout: 1200s
|
||||||
|
# This prevents errors if you don't use both _GIT_TAG and _PULL_BASE_REF,
|
||||||
|
# or any new substitutions added in the future.
|
||||||
|
options:
|
||||||
|
substitution_option: ALLOW_LOOSE
|
||||||
|
steps:
|
||||||
|
# The image must contain bash and curl. Ideally it should also contain
|
||||||
|
# the desired version of Go (currently defined in release-tools/travis.yml),
|
||||||
|
# but that just speeds up the build and is not required.
|
||||||
|
- name: 'gcr.io/k8s-testimages/gcb-docker-gcloud:v20200421-a2bf5f8'
|
||||||
|
entrypoint: ./.cloudbuild.sh
|
||||||
|
env:
|
||||||
|
- GIT_TAG=${_GIT_TAG}
|
||||||
|
- PULL_BASE_REF=${_PULL_BASE_REF}
|
||||||
|
- REGISTRY_NAME=gcr.io/${_STAGING_PROJECT}
|
||||||
|
- HOME=/root
|
||||||
|
substitutions:
|
||||||
|
# _GIT_TAG will be filled with a git-based tag for the image, of the form vYYYYMMDD-hash, and
|
||||||
|
# can be used as a substitution.
|
||||||
|
_GIT_TAG: '12345'
|
||||||
|
# _PULL_BASE_REF will contain the ref that was pushed to trigger this build -
|
||||||
|
# a branch like 'master' or 'release-0.2', or a tag like 'v0.2'.
|
||||||
|
_PULL_BASE_REF: 'master'
|
||||||
|
# The default gcr.io staging project for Kubernetes-CSI
|
||||||
|
# (=> https://console.cloud.google.com/gcr/images/k8s-staging-csi/GLOBAL).
|
||||||
|
# Might be overridden in the Prow build job for a repo which wants
|
||||||
|
# images elsewhere.
|
||||||
|
_STAGING_PROJECT: 'k8s-staging-csi'
|
||||||
14
prow.sh
14
prow.sh
|
|
@ -1189,3 +1189,17 @@ main () {
|
||||||
|
|
||||||
return "$ret"
|
return "$ret"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# This function can be called by a repo's top-level cloudbuild.sh:
|
||||||
|
# it handles environment set up in the GCR cloud build and then
|
||||||
|
# invokes "make push-multiarch" to do the actual image building.
|
||||||
|
gcr_cloud_build () {
|
||||||
|
# Register gcloud as a Docker credential helper.
|
||||||
|
# Required for "docker buildx build --push".
|
||||||
|
gcloud auth configure-docker
|
||||||
|
|
||||||
|
# Extract tag-n-hash value from GIT_TAG (form vYYYYMMDD-tag-n-hash) for REV value.
|
||||||
|
REV=v$(echo "$GIT_TAG" | cut -f3- -d 'v')
|
||||||
|
|
||||||
|
run_with_go "${CSI_PROW_GO_VERSION_BUILD}" make push-multiarch REV="${REV}" REGISTRY_NAME="${REGISTRY_NAME}" BUILD_PLATFORMS="${CSI_PROW_BUILD_PLATFORMS}"
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue