Add base images override support

Go builder and base images override support for downstream
deployment customizations for both airshipctl and plugins.
If required, adjust the following Zuul job variables:
 - docker.base_go_image
 - docker.base_release_image
 - docker.base_plugins_build_image
 - docker.base_plugins_release_image

Closes: #515
Change-Id: Iaf4b54a353207b06c9ed6bdcae876537e73f6e44
This commit is contained in:
Roman Gorshunov 2021-04-08 13:18:42 +02:00
parent 7ed59086fc
commit 7998615a7b
5 changed files with 46 additions and 41 deletions

View File

@ -22,6 +22,7 @@ LINTER_CONFIG := .golangci.yaml
# docker # docker
DOCKER_MAKE_TARGET := build DOCKER_MAKE_TARGET := build
DOCKER_CMD_FLAGS :=
# docker image options # docker image options
DOCKER_REGISTRY ?= quay.io DOCKER_REGISTRY ?= quay.io
@ -32,6 +33,13 @@ DOCKER_IMAGE_TAG ?= latest
DOCKER_IMAGE ?= $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG) DOCKER_IMAGE ?= $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)
DOCKER_TARGET_STAGE ?= release DOCKER_TARGET_STAGE ?= release
PUBLISH ?= false PUBLISH ?= false
# use this variables to override base images in internal build process
ifneq ($(strip $(DOCKER_BASE_GO_IMAGE)),)
DOCKER_CMD_FLAGS += --build-arg GO_IMAGE=$(strip $(DOCKER_BASE_GO_IMAGE))
endif
ifneq ($(strip $(DOCKER_BASE_RELEASE_IMAGE)),)
DOCKER_CMD_FLAGS += --build-arg RELEASE_IMAGE=$(strip $(DOCKER_BASE_RELEASE_IMAGE))
endif
# use this variable for image labels added in internal build process # use this variable for image labels added in internal build process
LABEL ?= org.airshipit.build=community LABEL ?= org.airshipit.build=community
COMMIT ?= $(shell git rev-parse HEAD) COMMIT ?= $(shell git rev-parse HEAD)
@ -50,7 +58,7 @@ NO_PROXY ?= localhost,127.0.0.1,.svc.cluster.local
USE_PROXY ?= false USE_PROXY ?= false
# docker build flags # docker build flags
DOCKER_CMD_FLAGS := --network=host DOCKER_CMD_FLAGS += --network=host
DOCKER_CMD_FLAGS += --force-rm=$(DOCKER_FORCE_CLEAN) DOCKER_CMD_FLAGS += --force-rm=$(DOCKER_FORCE_CLEAN)
DOCKER_PROXY_FLAGS := --build-arg http_proxy=$(PROXY) DOCKER_PROXY_FLAGS := --build-arg http_proxy=$(PROXY)
@ -80,7 +88,14 @@ export KUBECTL_URL ?= https://storage.googleapis.com/kubernetes-release/release
PLUGINS_DIR := krm-functions PLUGINS_DIR := krm-functions
PLUGINS := $(subst $(PLUGINS_DIR)/,,$(wildcard $(PLUGINS_DIR)/*)) PLUGINS := $(subst $(PLUGINS_DIR)/,,$(wildcard $(PLUGINS_DIR)/*))
PLUGINS_IMAGE_TGT := $(foreach tgt,$(PLUGINS),docker-image-$(tgt)) PLUGINS_IMAGE_TGT := $(foreach tgt,$(PLUGINS),docker-image-$(tgt))
PLUGINS_BASE_IMAGE ?= alpine:3.12.0 # use this variables to override base images in internal build process
ifneq ($(strip $(DOCKER_BASE_PLUGINS_BUILD_IMAGE)),)
DOCKER_CMD_FLAGS += --build-arg PLUGINS_BUILD_IMAGE=$(strip $(DOCKER_BASE_PLUGINS_BUILD_IMAGE))
endif
ifneq ($(strip $(DOCKER_BASE_PLUGINS_RELEASE_IMAGE)),)
DOCKER_CMD_FLAGS += --build-arg PLUGINS_RELEASE_IMAGE=$(strip $(DOCKER_BASE_PLUGINS_RELEASE_IMAGE))
endif
$(PLUGINS): $(PLUGINS):
@CGO_ENABLED=0 go build -o $(BINDIR)/$@ $(GO_FLAGS) ./$(PLUGINS_DIR)/$@/ @CGO_ENABLED=0 go build -o $(BINDIR)/$@ $(GO_FLAGS) ./$(PLUGINS_DIR)/$@/
@ -168,7 +183,6 @@ $(PLUGINS_IMAGE_TGT):
--target $(DOCKER_TARGET_STAGE) \ --target $(DOCKER_TARGET_STAGE) \
--build-arg MAKE_TARGET=$(plugin_name) \ --build-arg MAKE_TARGET=$(plugin_name) \
--build-arg BINARY=$(plugin_name) \ --build-arg BINARY=$(plugin_name) \
--build-arg RELEASE_IMAGE=$(PLUGINS_BASE_IMAGE) \
--tag $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(plugin_name):$(DOCKER_IMAGE_TAG) --tag $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(plugin_name):$(DOCKER_IMAGE_TAG)
ifeq ($(PUBLISH), true) ifeq ($(PUBLISH), true)
@docker push $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(plugin_name):$(DOCKER_IMAGE_TAG) @docker push $(DOCKER_REGISTRY)/$(DOCKER_IMAGE_PREFIX)/$(plugin_name):$(DOCKER_IMAGE_TAG)

View File

@ -1,8 +1,9 @@
ARG RELEASE_IMAGE=scratch ARG GO_IMAGE=gcr.io/gcp-runtimes/go1-builder:1.15
FROM ${RELEASE_IMAGE} as kctl ARG PLUGINS_BUILD_IMAGE=alpine:3.12.0
ARG PLUGINS_RELEASE_IMAGE=alpine:3.12.0
FROM ${PLUGINS_BUILD_IMAGE} as ctls
RUN apk update && apk add curl RUN apk update && apk add curl
# Inject custom root certificate authorities if needed # Inject custom root certificate authorities if needed
# Docker does not have a good conditional copy statement and requires that a source file exists # Docker does not have a good conditional copy statement and requires that a source file exists
# to complete the copy function without error. Therefore the README.md file will be copied to # to complete the copy function without error. Therefore the README.md file will be copied to
@ -12,9 +13,11 @@ RUN update-ca-certificates
RUN curl -L "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" \ RUN curl -L "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" \
-o /kubectl -o /kubectl
RUN chmod +x /kubectl RUN curl -L "https://github.com/projectcalico/calicoctl/releases/download/v3.18.1/calicoctl" \
-o /calicoctl
RUN chmod +x /kubectl /calicoctl
FROM gcr.io/gcp-runtimes/go1-builder:1.15 as builder FROM ${GO_IMAGE} as builder
ENV CGO_ENABLED=0 ENV CGO_ENABLED=0
WORKDIR /go/src/ WORKDIR /go/src/
COPY krm-functions/toolbox/image/go.mod . COPY krm-functions/toolbox/image/go.mod .
@ -22,23 +25,7 @@ RUN /usr/local/go/bin/go mod download
COPY krm-functions/toolbox/main.go . COPY krm-functions/toolbox/main.go .
RUN /usr/local/go/bin/go build -v -o /usr/local/bin/config-function ./ RUN /usr/local/go/bin/go build -v -o /usr/local/bin/config-function ./
FROM ${RELEASE_IMAGE} as calicoctl FROM ${PLUGINS_RELEASE_IMAGE} as release
COPY --from=ctls /kubectl /calicoctl /usr/local/bin/
RUN apk update && apk add curl
# Inject custom root certificate authorities if needed
# Docker does not have a good conditional copy statement and requires that a source file exists
# to complete the copy function without error. Therefore the README.md file will be copied to
# the image every time even if there are no .crt files.
COPY ./certs/* /usr/local/share/ca-certificates/
RUN update-ca-certificates
RUN curl -L "https://github.com/projectcalico/calicoctl/releases/download/v3.18.1/calicoctl" \
-o /calicoctl
RUN chmod +x /calicoctl
FROM ${RELEASE_IMAGE} as release
COPY --from=kctl /kubectl /usr/local/bin/kubectl
COPY --from=calicoctl /calicoctl /usr/local/bin/calicoctl
COPY --from=builder /usr/local/bin/config-function /usr/local/bin/config-function COPY --from=builder /usr/local/bin/config-function /usr/local/bin/config-function
CMD ["/usr/local/bin/config-function"] CMD ["/usr/local/bin/config-function"]

View File

@ -18,6 +18,10 @@
PROXY: "{{ proxy.http }}" PROXY: "{{ proxy.http }}"
NO_PROXY: "{{ proxy.noproxy }}" NO_PROXY: "{{ proxy.noproxy }}"
USE_PROXY: "{{ proxy.enabled | lower }}" USE_PROXY: "{{ proxy.enabled | lower }}"
DOCKER_BASE_GO_IMAGE: "{{ docker.base_go_image | default(omit) }}"
DOCKER_BASE_RELEASE_IMAGE: "{{ docker.base_release_image | default(omit) }}"
DOCKER_BASE_PLUGINS_BUILD_IMAGE: "{{ docker.base_plugins_build_image | default(omit) }}"
DOCKER_BASE_PLUGINS_RELEASE_IMAGE: "{{ docker.base_plugins_release_image | default(omit) }}"
- name: Verify Image Exists - name: Verify Image Exists
shell: docker image inspect "$(make print-docker-image-tag)" shell: docker image inspect "$(make print-docker-image-tag)"

View File

@ -28,28 +28,22 @@
password: "{{ airshipctl_image_repo_credentials.password }}" password: "{{ airshipctl_image_repo_credentials.password }}"
registry_url: "{{ image_repo }}" registry_url: "{{ image_repo }}"
- name: Push Image with Latest Tag - name: Push Image with Tags
make: make:
chdir: "{{ zuul.project.src_dir }}" chdir: "{{ zuul.project.src_dir }}"
params: params:
DOCKER_IMAGE_TAG: latest DOCKER_IMAGE_TAG: "{{ item }}"
PUBLISH: "true"
PROXY: "{{ proxy.http }}"
NO_PROXY: "{{ proxy.noproxy }}"
USE_PROXY: "{{ proxy.enabled | lower }}"
DOCKER_REGISTRY: "{{ image_repo }}"
DOCKER_IMAGE_PREFIX: "{{ image_prefix | default('airshipit') }}"
target: images
- name: Push Image with Commit Tag
make:
chdir: "{{ zuul.project.src_dir }}"
params:
DOCKER_IMAGE_TAG: "{{ zuul.newrev }}"
PUBLISH: "true" PUBLISH: "true"
PROXY: "{{ proxy.http }}" PROXY: "{{ proxy.http }}"
NO_PROXY: "{{ proxy.noproxy }}" NO_PROXY: "{{ proxy.noproxy }}"
USE_PROXY: "{{ proxy.enabled | lower }}" USE_PROXY: "{{ proxy.enabled | lower }}"
DOCKER_REGISTRY: "{{ image_repo }}" DOCKER_REGISTRY: "{{ image_repo }}"
DOCKER_IMAGE_PREFIX: "{{ image_prefix | default('airshipit') }}" DOCKER_IMAGE_PREFIX: "{{ image_prefix | default('airshipit') }}"
DOCKER_BASE_GO_IMAGE: "{{ docker.base_go_image | default(omit) }}"
DOCKER_BASE_RELEASE_IMAGE: "{{ docker.base_release_image | default(omit) }}"
DOCKER_BASE_PLUGINS_BUILD_IMAGE: "{{ docker.base_plugins_build_image | default(omit) }}"
DOCKER_BASE_PLUGINS_RELEASE_IMAGE: "{{ docker.base_plugins_release_image | default(omit) }}"
target: images target: images
loop:
- "latest"
- "{{ zuul.newrev }}"

View File

@ -19,6 +19,12 @@
https: "" https: ""
noproxy: "" noproxy: ""
image_repo: quay.io image_repo: quay.io
docker:
base_go_image: ""
base_release_image: ""
base_plugins_build_image: ""
base_plugins_release_image: ""
check: check:
jobs: jobs:
- openstack-tox-docs: &docs - openstack-tox-docs: &docs