From 16e9bfb0eef862def31d8b661de191a27c8fcc22 Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Wed, 3 Apr 2024 13:58:34 -0700 Subject: [PATCH 1/6] Add docker buildx for multi-platform build --- Dockerfile | 10 ++++-- Makefile | 33 ++----------------- catalog.Dockerfile | 56 +++++++++++++++++++++++++++++++++ ebcDockerBuilderWLO.jenkinsfile | 1 - index.Dockerfile | 43 ------------------------- 5 files changed, 67 insertions(+), 76 deletions(-) create mode 100644 catalog.Dockerfile delete mode 100644 index.Dockerfile diff --git a/Dockerfile b/Dockerfile index 4a1dc92c..b1f81aab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # Build the manager binary FROM registry.access.redhat.com/ubi8-minimal:latest as builder -ARG GO_PLATFORM=amd64 +ARG TARGETARCH ARG GO_VERSION_ARG ENV PATH=$PATH:/usr/local/go/bin RUN microdnf install tar gzip @@ -11,12 +11,18 @@ WORKDIR /workspace COPY go.mod go.mod COPY go.sum go.sum -RUN if [ -z "${GO_VERSION_ARG}" ]; then \ +RUN if [ -z "${TARGETARCH}" ]; then \ + GO_PLATFORM=amd64; \ + else \ + GO_PLATFORM="${TARGETARCH}"; \ + fi; \ + if [ -z "${GO_VERSION_ARG}" ]; then \ GO_VERSION=$(grep '^go [0-9]\+.[0-9]\+' go.mod | cut -d ' ' -f 2); \ else \ GO_VERSION=${GO_VERSION_ARG}; \ fi; \ rm -rf /usr/local/go; \ + echo "https://golang.org/dl/go${GO_VERSION}.linux-${GO_PLATFORM}.tar.gz"; \ curl -L --output - "https://golang.org/dl/go${GO_VERSION}.linux-${GO_PLATFORM}.tar.gz" | tar -xz -C /usr/local/ # cache deps before building and copying source so that we don't need to re-download as much diff --git a/Makefile b/Makefile index de9a72c1..f0f83e03 100644 --- a/Makefile +++ b/Makefile @@ -303,30 +303,6 @@ rm -rf $$TMP_DIR ;\ } endef -.PHONY: opm -OPM = ./bin/opm -opm: ## Download opm locally if necessary. -ifeq (,$(wildcard $(OPM))) -ifeq (,$(shell which opm 2>/dev/null)) - @{ \ - set -e ;\ - mkdir -p $(dir $(OPM)) ;\ - OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ - curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.15.1/$${OS}-$${ARCH}-opm ;\ - chmod +x $(OPM) ;\ - } -else -OPM = $(shell which opm) -endif -endif - -# Build a catalog image by adding bundle images to an empty catalog using the operator package manager tool, 'opm'. -# This recipe invokes 'opm' in 'semver' bundle add mode. For more information on add modes, see: -# https://github.com/operator-framework/community-operators/blob/7f1438c/docs/packaging-operator.md#updating-your-existing-operator -.PHONY: catalog-build -catalog-build: opm ## Build a catalog image. - $(OPM) index add $(SKIP_TLS_VERIFY) --container-tool $(CONTAINER_COMMAND) --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT) --permissive - kind-e2e-test: ./operators/scripts/test/e2e-kind.sh --test-tag "${BUILD_NUMBER}" @@ -334,7 +310,7 @@ build-manifest: ./operators/scripts/build/build-manifest.sh --registry "${PUBLISH_REGISTRY}" --image "${OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" build-operator-pipeline: - ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION}" + ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION} --arch "${ARCH} build-manifest-pipeline: ./operators/scripts/build/build-manifest.sh --registry "${REGISTRY}" --image "${IMAGE}" --tag "${RELEASE_TARGET}" @@ -342,8 +318,8 @@ build-manifest-pipeline: build-bundle-pipeline: ./operators/scripts/build/build-bundle.sh --prod-image "${PIPELINE_PRODUCTION_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" -build-catalog-pipeline: opm ## Build a catalog image. - ./operators/scripts/build/build-catalog.sh -n "v${OPM_VERSION}" -b "${REDHAT_BASE_IMAGE}" -o "${OPM}" --container-tool "docker" -r "${REGISTRY}" -i "${PIPELINE_OPERATOR_IMAGE}-bundle:${RELEASE_TARGET}" -p "${PIPELINE_PRODUCTION_IMAGE}-bundle" -a "${PIPELINE_OPERATOR_IMAGE}-catalog:${RELEASE_TARGET}" -t "${PWD}/operator-build" -v "${VERSION}" +build-catalog-pipeline: + ./operators/scripts/build/build-catalog.sh --prod-image "${OPERATOR_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --version "${VERSION}" test-e2e: ./scripts/e2e-release.sh --registry-name default-route --registry-namespace openshift-image-registry \ @@ -360,9 +336,6 @@ bundle-build-podman: bundle-push-podman: podman push --format=docker "${BUNDLE_IMG}" -build-catalog: - opm index add --bundles "${BUNDLE_IMG}" --tag "${CATALOG_IMG}" - push-catalog: docker-login podman push --format=docker "${CATALOG_IMG}" diff --git a/catalog.Dockerfile b/catalog.Dockerfile new file mode 100644 index 00000000..44c97bbc --- /dev/null +++ b/catalog.Dockerfile @@ -0,0 +1,56 @@ +FROM registry.redhat.io/openshift4/ose-operator-registry:v4.14 AS builder +FROM registry.redhat.io/ubi8/ubi-minimal + +# Add label for location of Declarative Config root directory & required OpenShift labels +ARG VERSION_LABEL=1.3.1 +ARG RELEASE_LABEL=XX +ARG VCS_REF=0123456789012345678901234567890123456789 +ARG VCS_URL="https://github.com/WASdev/websphere-liberty-operator" +ARG NAME="websphere-liberty-operator-catalog" +ARG SUMMARY="WebSphere Liberty Operator Catalog" +ARG DESCRIPTION="This image contains the catalog for WebSphere Liberty Operator." + +# Set DC-specific label for the location of the DC root directory in the image +LABEL operators.operatorframework.io.index.configs.v1=/configs \ + name=$NAME \ + vendor=IBM \ + version=$VERSION_LABEL \ + release=$RELEASE_LABEL \ + description=$DESCRIPTION \ + summary=$SUMMARY \ + io.k8s.display-name=$SUMMARY \ + io.k8s.description=$DESCRIPTION \ + vcs-type=git \ + vcs-ref=$VCS_REF \ + vcs-url=$VCS_URL \ + url=$VCS_URL + +## Copy Apache license +COPY LICENSE /licenses + +USER root + +# Pick up any latest fixes +RUN microdnf update && microdnf clean all + +# Copy required tooling, licenses, and declarative config into defined location +COPY --from=builder /bin/opm /bin/opm +COPY --from=builder /bin/grpc_health_probe /bin/grpc_health_probe + +ARG ARCH=linux-amd64 +RUN mkdir /catalog +# Note: the COPY directive can also point to a directory structure and it will recurse thru the directory structure and use any yaml/json files it locates +COPY --chown=1001:0 catalog /catalog +RUN cp -r "catalog/linux-$ARCH" /configs + +# Validate catalog file +RUN ["/bin/opm", "validate", "/configs"] + +EXPOSE 50051 + +USER 1001 + +WORKDIR /tmp +ENTRYPOINT ["/bin/opm"] +CMD ["serve", "/configs", "--cache-dir=/tmp/cache"] +RUN ["/bin/opm", "serve", "/configs", "--cache-dir=/tmp/cache", "--cache-only"] \ No newline at end of file diff --git a/ebcDockerBuilderWLO.jenkinsfile b/ebcDockerBuilderWLO.jenkinsfile index 7057d2e4..fd6f3e54 100644 --- a/ebcDockerBuilderWLO.jenkinsfile +++ b/ebcDockerBuilderWLO.jenkinsfile @@ -11,7 +11,6 @@ properties([ string(name: 'command', defaultValue: "make build-operator-pipeline REGISTRY=cp.stg.icr.io", description: 'Build command to execute on target arch machine, e.g. make build-pipeline-releases'), string(name: 'PIPELINE_OPERATOR_IMAGE', defaultValue: "cp/websphere-liberty-operator", description: 'namespace to push image to in registry'), string(name: 'RELEASE_TARGET', defaultValue: "main", description: 'release branch to use'), - string(name: 'OPM_VERSION', defaultValue: "4.12", description: 'Redhat CLI OPM version'), string(name: 'PIPELINE_PRODUCTION_IMAGE', defaultValue: "icr.io/cpopen/websphere-liberty-operator", description: 'namespace in prod registry'), string(name: 'REDHAT_BASE_IMAGE', defaultValue: "registry.redhat.io/openshift4/ose-operator-registry", description: 'base image for operator'), string(name: 'REDHAT_REGISTRY', defaultValue: "registry.redhat.io", description: 'RH registry used for docker login'), diff --git a/index.Dockerfile b/index.Dockerfile deleted file mode 100644 index 005d36a4..00000000 --- a/index.Dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -FROM registry.redhat.io/openshift4/ose-operator-registry:v4.12 AS builder - -FROM registry.redhat.io/ubi8/ubi-minimal - -ARG VERSION_LABEL=1.3.1 -ARG RELEASE_LABEL=XX -ARG VCS_REF=0123456789012345678901234567890123456789 -ARG VCS_URL="https://github.com/WASdev/websphere-liberty-operator" -ARG NAME="websphere-liberty-operator-catalog" -ARG SUMMARY="WebSphere Liberty Operator Catalog" -ARG DESCRIPTION="This image contains the catalog for WebSphere Liberty Operator." - -ARG USER_ID=1001 - -LABEL name=$NAME \ - vendor=IBM \ - version=$VERSION_LABEL \ - release=$RELEASE_LABEL \ - description=$DESCRIPTION \ - summary=$SUMMARY \ - io.k8s.display-name=$SUMMARY \ - io.k8s.description=$DESCRIPTION \ - vcs-type=git \ - vcs-ref=$VCS_REF \ - vcs-url=$VCS_URL \ - url=$VCS_URL - -# Copy Apache license -COPY LICENSE /licenses - -COPY --chown=1001:0 bundles.db /database/index.db -LABEL operators.operatorframework.io.index.database.v1=/database/index.db - -COPY --from=builder --chown=1001:0 /bin/registry-server /registry-server -COPY --from=builder --chown=1001:0 /bin/grpc_health_probe /bin/grpc_health_probe - -EXPOSE 50051 - -USER ${USER_ID} - -WORKDIR /tmp -ENTRYPOINT ["/registry-server"] -CMD ["--database", "/database/index.db"] From 5a5bf85377a2711d09cd8ae0fc4e8d3ebad59860 Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Thu, 4 Apr 2024 06:44:11 -0700 Subject: [PATCH 2/6] makefile edit --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f0f83e03..4b6d185b 100644 --- a/Makefile +++ b/Makefile @@ -310,7 +310,7 @@ build-manifest: ./operators/scripts/build/build-manifest.sh --registry "${PUBLISH_REGISTRY}" --image "${OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" build-operator-pipeline: - ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION} --arch "${ARCH} + ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION}" --arch "${ARCH}" build-manifest-pipeline: ./operators/scripts/build/build-manifest.sh --registry "${REGISTRY}" --image "${IMAGE}" --tag "${RELEASE_TARGET}" From d31f55482a2a0f4e41d606b169a41b4e7b491e8b Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Thu, 4 Apr 2024 08:05:44 -0700 Subject: [PATCH 3/6] Edit catalog dockerfile --- Makefile | 2 +- catalog.Dockerfile | 5 +---- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 4b6d185b..fb2ac760 100644 --- a/Makefile +++ b/Makefile @@ -319,7 +319,7 @@ build-bundle-pipeline: ./operators/scripts/build/build-bundle.sh --prod-image "${PIPELINE_PRODUCTION_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" build-catalog-pipeline: - ./operators/scripts/build/build-catalog.sh --prod-image "${OPERATOR_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --version "${VERSION}" + ./operators/scripts/build/build-catalog.sh --prod-image "${OPERATOR_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --version "${VERSION}" --arch "{ARCH}" test-e2e: ./scripts/e2e-release.sh --registry-name default-route --registry-namespace openshift-image-registry \ diff --git a/catalog.Dockerfile b/catalog.Dockerfile index 44c97bbc..571bad2e 100644 --- a/catalog.Dockerfile +++ b/catalog.Dockerfile @@ -37,11 +37,8 @@ RUN microdnf update && microdnf clean all COPY --from=builder /bin/opm /bin/opm COPY --from=builder /bin/grpc_health_probe /bin/grpc_health_probe -ARG ARCH=linux-amd64 -RUN mkdir /catalog # Note: the COPY directive can also point to a directory structure and it will recurse thru the directory structure and use any yaml/json files it locates -COPY --chown=1001:0 catalog /catalog -RUN cp -r "catalog/linux-$ARCH" /configs +COPY catalog /configs # Validate catalog file RUN ["/bin/opm", "validate", "/configs"] From 13381a2ff28ee02c27cb5f399fcf9a532acc099c Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Thu, 4 Apr 2024 09:07:16 -0700 Subject: [PATCH 4/6] multiarch dind image setup --- .one-pipeline.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.one-pipeline.yaml b/.one-pipeline.yaml index b000eda0..411664d7 100644 --- a/.one-pipeline.yaml +++ b/.one-pipeline.yaml @@ -71,6 +71,7 @@ compliance-checks: containerize: dind: true + dind-image: icr.io/continuous-delivery/base-images/multiarch-dind:v1.3.0 abort_on_failure: true image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.12 script: | From a29aff86488a19dce8450ad7fce7d026cedb4c63 Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Thu, 4 Apr 2024 11:16:58 -0700 Subject: [PATCH 5/6] Update image --- .one-pipeline.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.one-pipeline.yaml b/.one-pipeline.yaml index 411664d7..74a7767e 100644 --- a/.one-pipeline.yaml +++ b/.one-pipeline.yaml @@ -71,9 +71,8 @@ compliance-checks: containerize: dind: true - dind-image: icr.io/continuous-delivery/base-images/multiarch-dind:v1.3.0 abort_on_failure: true - image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.12 + image: icr.io/continuous-delivery/pipeline/pipeline-base-ubi:3.24 script: | #!/usr/bin/env bash echo $STAGE From 0e94815f960698db59d0f58b69be601a261d6a76 Mon Sep 17 00:00:00 2001 From: Melissa Lee Date: Wed, 10 Apr 2024 10:33:25 -0700 Subject: [PATCH 6/6] Add enable buildx flag --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index fb2ac760..68a5d4f7 100644 --- a/Makefile +++ b/Makefile @@ -310,7 +310,7 @@ build-manifest: ./operators/scripts/build/build-manifest.sh --registry "${PUBLISH_REGISTRY}" --image "${OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" build-operator-pipeline: - ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION}" --arch "${ARCH}" + ./operators/scripts/build/build-operator.sh --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --go-version "${GO_VERSION}" --arch "${ARCH}" --enable-buildx "${ENABLE_BUILDX}" build-manifest-pipeline: ./operators/scripts/build/build-manifest.sh --registry "${REGISTRY}" --image "${IMAGE}" --tag "${RELEASE_TARGET}" @@ -319,7 +319,7 @@ build-bundle-pipeline: ./operators/scripts/build/build-bundle.sh --prod-image "${PIPELINE_PRODUCTION_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" build-catalog-pipeline: - ./operators/scripts/build/build-catalog.sh --prod-image "${OPERATOR_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --version "${VERSION}" --arch "{ARCH}" + ./operators/scripts/build/build-catalog.sh --prod-image "${OPERATOR_IMAGE}" --registry "${REGISTRY}" --image "${PIPELINE_OPERATOR_IMAGE}" --tag "${RELEASE_TARGET}" --version "${VERSION}" --arch "{ARCH}" --enable-buildx "${ENABLE_BUILDX}" test-e2e: ./scripts/e2e-release.sh --registry-name default-route --registry-namespace openshift-image-registry \