From 2821a1302051f9fc9c064217ee9fde8f0cf6ce49 Mon Sep 17 00:00:00 2001 From: Piotr Halama Date: Tue, 30 Apr 2024 14:08:55 +0200 Subject: [PATCH] test dockerregistry --- .github/workflows/operator-verify.yaml | 2 +- .github/workflows/serverless-verify.yaml | 2 +- Makefile | 4 +- .../deploy/kaniko-executor/Dockerfile | 69 +++++++++++++++++++ 4 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 components/serverless/deploy/kaniko-executor/Dockerfile diff --git a/.github/workflows/operator-verify.yaml b/.github/workflows/operator-verify.yaml index 909785c36..1d829bcfe 100644 --- a/.github/workflows/operator-verify.yaml +++ b/.github/workflows/operator-verify.yaml @@ -66,7 +66,7 @@ jobs: make -C components/operator deploy make -C tests/operator test env: - IMG: europe-docker.pkg.dev/kyma-project/dev/serverless-operator:PR-${{ github.event.number }} + IMG: europe-docker.pkg.dev/kyma-project/dev/dockerregistry-operator:PR-17 - name: run integration test (post) if: github.event_name == 'push' run: | diff --git a/.github/workflows/serverless-verify.yaml b/.github/workflows/serverless-verify.yaml index 6b1eb67a9..16937db33 100644 --- a/.github/workflows/serverless-verify.yaml +++ b/.github/workflows/serverless-verify.yaml @@ -69,7 +69,7 @@ jobs: make -C tests/serverless serverless-integration serverless-contract-tests make remove-serverless env: - IMG: europe-docker.pkg.dev/kyma-project/dev/serverless-operator:PR-${{ github.event.number }} + IMG: europe-docker.pkg.dev/kyma-project/dev/dockerregistry-operator:PR-17 - name: run integration test (post) if: github.event_name == 'push' run: | diff --git a/Makefile b/Makefile index 1d18a3e4d..1a6819567 100755 --- a/Makefile +++ b/Makefile @@ -24,7 +24,7 @@ install-serverless-local-sources: ## Install serverless from local sources. $(eval IMG_VERSION=local-$(shell date +'%Y%m%d-%H%M%S')) IMG_VERSION=${IMG_VERSION} ./hack/build_all.sh - $(eval IMG=europe-docker.pkg.dev/kyma-project/dev/serverless-operator:${IMG_VERSION}) + $(eval IMG=europe-docker.pkg.dev/kyma-project/dev/dockerregistry-operator:PR-17) IMG_DIRECTORY="kyma-project" IMG_VERSION=${IMG_VERSION} IMG=${IMG} make -C ${OPERATOR_ROOT} docker-build-local k3d image import "${IMG}" -c kyma @@ -43,4 +43,4 @@ check-var = $(if $(strip $($1)),,$(error "$1" is not defined)) .PHONY: module-config module-config: yq ".channel = \"${CHANNEL}\" | .version = \"${MODULE_VERSION}\""\ - module-config-template.yaml > module-config.yaml \ No newline at end of file + module-config-template.yaml > module-config.yaml diff --git a/components/serverless/deploy/kaniko-executor/Dockerfile b/components/serverless/deploy/kaniko-executor/Dockerfile new file mode 100644 index 000000000..b6adeca36 --- /dev/null +++ b/components/serverless/deploy/kaniko-executor/Dockerfile @@ -0,0 +1,69 @@ +# image builder base on golang:1.22.2-alpine3.19 +FROM golang@sha256:cdc86d9f363e8786845bea2040312b4efa321b828acdeb26f393faa864d887b0 as builder + +ARG KANIKO_VERSION=1.9.2 +ARG GOARCH=amd64 +WORKDIR /go/src/github.com/GoogleContainerTools/kaniko + +RUN echo $GOARCH > /goarch + +#This arg is passed by docker buildx and contains the platform info in the form linux/amd64, linux/ppc64le etc. +ARG TARGETPLATFORM + +#Capture ARCH has write to /goarch +RUN [ ! "x" = "x$TARGETPLATFORM" ] && `echo $TARGETPLATFORM | awk '{split($0,a,"/"); print a[2]}' > /goarch` || echo "$GOARCH" + +RUN apk upgrade && apk add git make build-base bash +# Get GCR credential helper +RUN GOARCH=$(cat /goarch) && CGO_ENABLED=0 && \ + (mkdir -p /go/src/github.com/GoogleCloudPlatform || true) && \ + cd /go/src/github.com/GoogleCloudPlatform && \ + git clone https://github.com/GoogleCloudPlatform/docker-credential-gcr.git && \ + cd /go/src/github.com/GoogleCloudPlatform/docker-credential-gcr && \ + go build -ldflags "-linkmode external -extldflags -static" -o /usr/local/bin/docker-credential-gcr main.go + +# Get Amazon ECR credential helper +RUN GOARCH=$(cat /goarch) && GO111MODULE=off go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login && \ +make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper + +# ACR docker env credential helper +RUN GOARCH=$(cat /goarch) && (mkdir -p /go/src/github.com/chrismellard || true) && \ + cd /go/src/github.com/chrismellard && \ + git clone https://github.com/chrismellard/docker-credential-acr-env && \ + cd docker-credential-acr-env && \ + make build + +# Add .docker config dir +RUN mkdir -p /kaniko/.docker + +RUN git clone --depth 1 --branch v$KANIKO_VERSION https://github.com/GoogleContainerTools/kaniko . \ + && go mod edit -replace code.gitea.io/sdk/gitea=code.gitea.io/sdk/gitea@v0.15.1 \ + && go mod vendor \ + && make GOARCH=$(cat /goarch) + +# Generate ca-certificates from debian:buster-slim +FROM debian@sha256:5b0b1a9a54651bbe9d4d3ee96bbda2b2a1da3d2fa198ddebbced46dfdca7f216 AS certs + +RUN \ + apt update && \ + apt install -y ca-certificates && \ + cat /etc/ssl/certs/* > /ca-certificates.crt + +FROM scratch +COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/executor /workspace/kaniko/executor +COPY --from=0 /usr/local/bin/docker-credential-gcr /workspace/kaniko/docker-credential-gcr +COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/local/docker-credential-ecr-login /workspace/kaniko/docker-credential-ecr-login +COPY --from=0 /go/src/github.com/chrismellard/docker-credential-acr-env/build/docker-credential-acr-env /workspace/kaniko/docker-credential-acr +COPY --from=certs /ca-certificates.crt /workspace/kaniko/ssl/certs/ +COPY --from=0 /kaniko/.docker /workspace/kaniko/.docker +COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/files/nsswitch.conf /etc/nsswitch.conf +ENV HOME /root +ENV USER root +ENV PATH /usr/local/bin:/workspace/kaniko +ENV SSL_CERT_DIR=/kaniko/ssl/certs +ENV DOCKER_CONFIG /workspace/kaniko/.docker/ +ENV DOCKER_CREDENTIAL_GCR_CONFIG /workspace/kaniko/.config/gcloud/docker_credential_gcr_config.json +WORKDIR /workspace +RUN ["docker-credential-gcr", "config", "--token-source=env"] + +ENTRYPOINT ["/workspace/kaniko/executor"]