Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(scorecard): update multiarch build steps #610

Merged
merged 12 commits into from
Aug 25, 2023
34 changes: 19 additions & 15 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ env:
CI_PLATFORMS: linux/amd64,linux/arm64
REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }}
REF: ${{ github.event.pull_request.head.ref }}
OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04/Release.key"
OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL: "https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_22.04"

jobs:
controller-test:
Expand Down Expand Up @@ -74,18 +76,19 @@ jobs:
- uses: jpkrohling/[email protected]
with:
operator-sdk-version: v1.28.0
- name: Install qemu
continue-on-error: false
- name: Install podman v4
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg
sudo apt update
sudo apt install podman
- name: Build scorecard image for test
id: build-scorecard
run: |
CUSTOM_SCORECARD_IMG=ghcr.io/${{ github.repository_owner }}/cryostat-operator-scorecard:ci-$GITHUB_SHA \
PLATFORMS=${{ env.CI_PLATFORMS }} \
PLATFORMS=linux/amd64 \
MANIFEST_PUSH=false \
make scorecard-build
make scorecard-build
echo "tag=ci-$GITHUB_SHA" >> $GITHUB_OUTPUT
- name: Push scorecard image to ghcr.io for test
id: push-scorecard-to-ghcr
Expand Down Expand Up @@ -159,11 +162,12 @@ jobs:
if: ${{ github.event_name == 'push' && github.repository_owner == 'cryostatio' }}
steps:
- uses: actions/checkout@v2
- name: Install qemu
continue-on-error: false
- name: Install podman v4
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build operator image
run: |
IMAGE_NAMESPACE=${{ env.CI_REGISTRY }} SKIP_TESTS=true PLATFORMS=${{ env.CI_PLATFORMS }} MANIFEST_PUSH=false make oci-buildx
Expand Down Expand Up @@ -238,12 +242,12 @@ jobs:
EXIST=true
fi
echo "exist=$EXIST" >> $GITHUB_OUTPUT
- name: Install qemu
continue-on-error: false
- name: Install podman v4
run: |
sudo apt-get update
sudo apt-get install -y qemu-user-static
if: ${{ steps.check-tag-exists.outputs.exist == 'false' }}
echo "deb $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_SOURCE_URL/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable.list
curl -fsSL $OPENSUSE_UNOFFICIAL_LIBCONTAINERS_KEY_URL | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable.gpg > /dev/null
sudo apt update
sudo apt install podman
- name: Build scorecard image
run: |
CUSTOM_SCORECARD_IMG=${CI_SCORECARD_IMG}:${{ steps.get-image-tag.outputs.tag }} \
Expand Down
22 changes: 6 additions & 16 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -274,31 +274,25 @@ oci-build: manifests generate fmt vet test-envtest
# If IMAGE_BUILDER is docker, you need to:
# - able to use docker buildx. More info: https://docs.docker.com/build/buildx/
# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/
# If IMAGE_BUILDER is podman, you need to:
# - install qemu-user-static.
# To properly provided solutions that supports more than one platform you should use this option.
.PHONY: oci-buildx
oci-buildx: manifests generate fmt vet test-envtest ## Build OCI image for the manager for cross-platform support
ifeq ($(IMAGE_BUILDER), docker)
# copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile
sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross
ifeq ($(IMAGE_BUILDER), docker)
- $(IMAGE_BUILDER) buildx create --name project-v3-builder
$(IMAGE_BUILDER) buildx use project-v3-builder
- $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(OPERATOR_IMG) -f Dockerfile.cross .
- $(IMAGE_BUILDER) buildx rm project-v3-builder
rm Dockerfile.cross
else ifeq ($(IMAGE_BUILDER), podman)
for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \
os=$$(echo $${platform} | cut -d/ -f 1); \
arch=$$(echo $${platform} | cut -d/ -f 2); \
BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build --manifest $(OPERATOR_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \
done
BUILDAH_FORMAT=docker $(IMAGE_BUILDER) build -f Dockerfile.cross --manifest $(OPERATOR_IMG) --platform $(PLATFORMS) . ; \
if [ "${MANIFEST_PUSH}" = "true" ] ; then \
$(IMAGE_BUILDER) manifest push $(OPERATOR_IMG) $(OPERATOR_IMG) ; \
fi
else
$(error unsupported IMAGE_BUILDER: $(IMAGE_BUILDER))
endif
rm Dockerfile.cross

.PHONY: cert_manager
cert_manager: remove_cert_manager
Expand Down Expand Up @@ -440,26 +434,22 @@ custom-scorecard-tests: fmt vet
scorecard-build: custom-scorecard-tests
printf '# Code generated by hack/custom.config.yaml.in. DO NOT EDIT.\n' > config/scorecard/patches/custom.config.yaml
envsubst < hack/custom.config.yaml.in >> config/scorecard/patches/custom.config.yaml
ifeq ($(IMAGE_BUILDER), docker)
# copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile
sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' internal/images/custom-scorecard-tests/Dockerfile > internal/images/custom-scorecard-tests/Dockerfile.cross
ifeq ($(IMAGE_BUILDER), docker)
- $(IMAGE_BUILDER) buildx create --name project-v3-builder
$(IMAGE_BUILDER) buildx use project-v3-builder
- $(IMAGE_BUILDER) buildx build --push --platform=$(PLATFORMS) --tag $(CUSTOM_SCORECARD_IMG) -f internal/images/custom-scorecard-tests/Dockerfile.cross .
- $(IMAGE_BUILDER) buildx rm project-v3-builder
rm internal/images/custom-scorecard-tests/Dockerfile.cross
else ifeq ($(IMAGE_BUILDER), podman)
for platform in $$(echo $(PLATFORMS) | sed "s/,/ /g"); do \
os=$$(echo $${platform} | cut -d/ -f 1); \
arch=$$(echo $${platform} | cut -d/ -f 2); \
BUILDAH_FORMAT=docker $(IMAGE_BUILDER) buildx build --manifest $(CUSTOM_SCORECARD_IMG) --platform $${platform} --build-arg TARGETOS=$${os} --build-arg TARGETARCH=$${arch} . ; \
done
BUILDAH_FORMAT=docker $(IMAGE_BUILDER) build -f internal/images/custom-scorecard-tests/Dockerfile.cross --manifest $(CUSTOM_SCORECARD_IMG) --platform $(PLATFORMS) . ; \
if [ "${MANIFEST_PUSH}" = "true" ] ; then \
$(IMAGE_BUILDER) manifest push $(CUSTOM_SCORECARD_IMG) $(CUSTOM_SCORECARD_IMG) ; \
fi
else
$(error unsupported IMAGE_BUILDER: $(IMAGE_BUILDER))
endif
rm internal/images/custom-scorecard-tests/Dockerfile.cross

# Local development/testing helpers
ifneq ($(origin SAMPLE_APP_NAMESPACE), undefined)
Expand Down
4 changes: 0 additions & 4 deletions api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ metadata:
capabilities: Seamless Upgrades
categories: Monitoring, Developer Tools
containerImage: quay.io/cryostat/cryostat-operator:2.4.0-dev
createdAt: "2023-08-16T19:16:28Z"
createdAt: "2023-08-24T00:50:46Z"
description: JVM monitoring and profiling tool
operatorframework.io/initialization-resource: |-
{
Expand Down
4 changes: 2 additions & 2 deletions bundle/tests/scorecard/config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ stages:
- entrypoint:
- cryostat-scorecard-tests
- operator-install
image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348
image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852
labels:
suite: cryostat
test: operator-install
Expand All @@ -79,7 +79,7 @@ stages:
- entrypoint:
- cryostat-scorecard-tests
- cryostat-cr
image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348
image: quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852
labels:
suite: cryostat
test: cryostat-cr
Expand Down
4 changes: 2 additions & 2 deletions config/scorecard/patches/custom.config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
entrypoint:
- cryostat-scorecard-tests
- operator-install
image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348"
image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852"
labels:
suite: cryostat
test: operator-install
Expand All @@ -18,7 +18,7 @@
entrypoint:
- cryostat-scorecard-tests
- cryostat-cr
image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230816190348"
image: "quay.io/cryostat/cryostat-operator-scorecard:2.4.0-20230824004852"
labels:
suite: cryostat
test: cryostat-cr
4 changes: 3 additions & 1 deletion internal/images/custom-scorecard-tests/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@

# Build the manager binary
FROM docker.io/library/golang:1.20 as builder
ARG TARGETOS
ARG TARGETARCH

WORKDIR /workspace
# Copy the Go Modules manifests
Expand All @@ -29,7 +31,7 @@ COPY internal/images/custom-scorecard-tests/main.go internal/images/custom-score
COPY internal/test/scorecard/ internal/test/scorecard/

# Build
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o cryostat-scorecard-tests \
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} GO111MODULE=on go build -a -o cryostat-scorecard-tests \
internal/images/custom-scorecard-tests/main.go

FROM registry.access.redhat.com/ubi8/ubi-minimal:latest
Expand Down