Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DO NOT MERGE] Add multi-arch support - cloud build changes. #1521

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 0 additions & 3 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
out/
bazel-*
*~
BUILD.bazel
.idea
*.iml
.vagrant
26 changes: 0 additions & 26 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
language: go
os: linux
dist: bionic

env:
global:
- IMAGE_REPO=localhost:5000 REGISTRY=localhost:5000
Expand Down Expand Up @@ -36,28 +35,3 @@ jobs:
- make travis-setup
script:
- make integration-test-misc

- name: bazel amd64
arch: amd64
env: CPU=k8
before_install: &before_install_multiarch
- export PATH=$PATH:$HOME/bin && mkdir -p $HOME/bin
- eval $(go env)
# install bazelisk as bazel to install the appropriate bazel version
- wget https://github.com/bazelbuild/bazelisk/releases/download/v1.6.1/bazelisk-linux-${GOARCH} && chmod +x bazelisk-linux-${GOARCH} && mv bazelisk-linux-${GOARCH} $HOME/bin/bazel
script: &script_multiarch
# Generate BUILD.bazel files (we do not check them in)
- bazel run //:gazelle
- bazel build --cpu=${CPU} --curses=no //integration:all
# Build all targets tagged with our architecture:
- bazel build --cpu=${CPU} --curses=no $(bazel query 'attr("tags", "'${GOARCH}'", "//...")')
# Run all tests not tagged as "manual":
- bazel test --cpu=${CPU} --curses=no --test_output=errors --test_timeout=900 //integration:all
# Run all tests tagged with our architecture:
- bazel test --cpu=${CPU} --curses=no --test_output=errors --test_timeout=900 $(bazel query 'attr("tags", "'${GOARCH}'", "//...")')

- name: bazel arm64
arch: arm64
env: CPU=aarch64
before_install: *before_install_multiarch
script: *script_multiarch
4 changes: 0 additions & 4 deletions BUILD

This file was deleted.

6 changes: 3 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,9 @@ integration-test-misc:

.PHONY: images
images:
docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile .
docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:debug -f deploy/Dockerfile_debug .
docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/warmer:latest -f deploy/Dockerfile_warmer .
docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=BUILDPLATFORM=linux/$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile .
docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=BUILDPLATFORM=linux/$(GOARCH) -t $(REGISTRY)/executor:debug -f deploy/Dockerfile_debug .
docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=BUILDPLATFORM=linux/$(GOARCH) -t $(REGISTRY)/warmer:latest -f deploy/Dockerfile_warmer .

.PHONY: push
push:
Expand Down
53 changes: 0 additions & 53 deletions WORKSPACE

This file was deleted.

61 changes: 0 additions & 61 deletions cmd/executor/BUILD
Original file line number Diff line number Diff line change
@@ -1,61 +0,0 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
load("@io_bazel_rules_docker//container:container.bzl", "container_image")

go_library(
name = "executor_lib",
srcs = ["main.go"],
importpath = "github.com/GoogleContainerTools/kaniko/cmd/executor",
visibility = ["//visibility:private"],
deps = ["//cmd/executor/cmd"],
)

go_binary(
name = "executor",
embed = [":executor_lib"],
pure = "on",
visibility = ["//visibility:public"],
)

ARCHITECTURES = [
"amd64",
"arm64",
"s390x",
]

[
go_binary(
name = "executor_" + arch,
embed = [":executor_lib"],
goarch = arch,
goos = "linux",
pure = "on",
visibility = ["//visibility:public"],
)
for arch in ARCHITECTURES
]

[
container_image(
name = "image_" + arch,
architecture = arch,
base = "//files:image",
directory = "/kaniko",
entrypoint = ["/kaniko/executor_" + arch],
env = {
"HOME": "/root",
"USER": "root",
"PATH": "/usr/local/bin:/kaniko",
"SSL_CERT_DIR": "/kaniko/ssl/certs",
"DOCKER_CONFIG": "/kaniko/.docker/",
},
files = [
":executor_" + arch,
],
symlinks = {
"/kaniko/executor": "/kaniko/executor_" + arch,
},
visibility = ["//visibility:public"],
workdir = "/workspace",
)
for arch in ARCHITECTURES
]
8 changes: 5 additions & 3 deletions deploy/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,10 @@

# Builds the static Go image to execute in a Kubernetes job

FROM golang:1.14
ARG GOARCH=amd64
ARG BUILDPLATFORM
FROM --platform=${BUILDPLATFORM} golang:1.14
ARG TARGETARCH

WORKDIR /go/src/github.com/GoogleContainerTools/kaniko
# Get GCR credential helper
ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.2/docker-credential-gcr_linux_amd64-2.0.2.tar.gz /usr/local/bin/
Expand All @@ -34,7 +36,7 @@ RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credentia
RUN mkdir -p /kaniko/.docker

COPY . .
RUN make GOARCH=${GOARCH}
RUN make GOARCH=${TARGETARCH}

FROM scratch
COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/executor /kaniko/executor
Expand Down
8 changes: 5 additions & 3 deletions deploy/Dockerfile_debug
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@
# Builds the static Go image to execute in a Kubernetes job

# Stage 0: Build the executor binary and get credential helpers
FROM golang:1.14
ARG GOARCH=amd64
ARG BUILDPLATFORM
FROM --platform=${BUILDPLATFORM} golang:1.14
ARG TARGETARCH

WORKDIR /go/src/github.com/GoogleContainerTools/kaniko
# Get GCR credential helper
ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.2/docker-credential-gcr_linux_amd64-2.0.2.tar.gz /usr/local/bin/
Expand All @@ -35,7 +37,7 @@ RUN tar --no-same-owner -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credentia
RUN mkdir -p /kaniko/.docker

COPY . .
RUN make GOARCH=${GOARCH} && make out/warmer
RUN make GOARCH=${TARGETARCH} && make out/warmer

FROM scratch
COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/* /kaniko/
Expand Down
9 changes: 5 additions & 4 deletions deploy/Dockerfile_warmer
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,10 @@

# Builds the static Go image to execute in a Kubernetes job

FROM golang:1.14
ARG GOARCH=amd64
WORKDIR /go/src/github.com/GoogleContainerTools/kaniko
ARG BUILDPLATFORM
FROM --platform=${BUILDPLATFORM} golang:1.14
ARG TARGETARCH

# Get GCR credential helper
ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.0.1/docker-credential-gcr_linux_amd64-2.0.1.tar.gz /usr/local/bin/
RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-2.0.1.tar.gz
Expand All @@ -30,7 +31,7 @@ RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-acr-linux-amd6
RUN mkdir -p /kaniko/.docker

COPY . .
RUN make GOARCH=${GOARCH} out/warmer
RUN make GOARCH=${TARGETARCH} out/warmer

FROM scratch
COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/warmer /kaniko/warmer
Expand Down
107 changes: 24 additions & 83 deletions deploy/cloudbuild-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,109 +2,50 @@
timeout: 1800s

steps:

# Set up builder for muti-arch builds.
- name: 'gcr.io/cloud-builders/docker'
args: ['run', '--privileged', 'linuxkit/binfmt:v0.7']
id: 'initialize-qemu'
- name: 'gcr.io/cloud-builders/docker'
args: ['buildx', 'create', '--name', 'mybuilder']
id: 'create-builder'
- name: 'gcr.io/cloud-builders/docker'
args: ['buildx', 'use', 'mybuilder']
id: 'select-builder'
- name: 'gcr.io/cloud-builders/docker'
args: ['buildx', 'inspect', '--bootstrap']
id: 'show-target-build-platforms'
# First, build kaniko
- name: "gcr.io/cloud-builders/docker"
args: ["build", "-f", "deploy/Dockerfile",
args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile",
"-t", "gcr.io/kaniko-project/executor:$TAG_NAME", "."]
- name: "gcr.io/cloud-builders/docker"
args: ["tag", "gcr.io/kaniko-project/executor:$TAG_NAME",
"gcr.io/kaniko-project/executor:latest"]
# Then, we want to build kaniko:debug
- name: "gcr.io/cloud-builders/docker"
args: ["build", "-f", "deploy/Dockerfile_debug",
args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_debug",
"-t", "gcr.io/kaniko-project/executor:debug-$TAG_NAME", "."]
- name: "gcr.io/cloud-builders/docker"
args: ["tag", "gcr.io/kaniko-project/executor:debug-$TAG_NAME",
"gcr.io/kaniko-project/executor:$TAG_NAME-debug"]
- name: "gcr.io/cloud-builders/docker"
args: ["tag", "gcr.io/kaniko-project/executor:debug-$TAG_NAME",
"gcr.io/kaniko-project/executor:debug"]
"gcr.io/kaniko-project/executor:debug"]
# Then, we want to build the cache warmer
- name: "gcr.io/cloud-builders/docker"
args: ["build", "-f", "deploy/Dockerfile_warmer",
args: ['buildx', 'build', '--platform', '$_DOCKER_BUILDX_PLATFORMS', "-f", "deploy/Dockerfile_warmer",
"-t", "gcr.io/kaniko-project/warmer:$TAG_NAME", "."]
- name: "gcr.io/cloud-builders/docker"
args: ["tag", "gcr.io/kaniko-project/warmer:$TAG_NAME",
"gcr.io/kaniko-project/warmer:latest"]


# Build each of the multi-arch images with Bazel and load them into the Docker daemon.
- name: gcr.io/cloud-marketplace-containers/google/bazel:3.4.1
entrypoint: sh
args:
- -c
- |
#!/bin/sh
set -o errexit
set -o xtrace

bazel run //:gazelle
bazel run --host_force_python=PY2 //cmd/executor:image_amd64
bazel run --host_force_python=PY2 //cmd/executor:image_arm64
bazel run --host_force_python=PY2 //cmd/executor:image_s390x

# Publish the individual container images
- name: docker
entrypoint: sh
args:
- -c
- |
#!/bin/sh
set -o errexit
set -o xtrace

docker tag bazel/cmd/executor:image_amd64 gcr.io/kaniko-project/executor:amd64
docker tag bazel/cmd/executor:image_amd64 gcr.io/kaniko-project/executor:amd64-$TAG_NAME
docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:arm64
docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:arm64-$TAG_NAME
docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:s390x
docker tag bazel/cmd/executor:image_arm64 gcr.io/kaniko-project/executor:s390x-$TAG_NAME

docker push gcr.io/kaniko-project/executor:amd64
docker push gcr.io/kaniko-project/executor:amd64-$TAG_NAME
docker push gcr.io/kaniko-project/executor:arm64
docker push gcr.io/kaniko-project/executor:arm64-$TAG_NAME
docker push gcr.io/kaniko-project/executor:s390x
docker push gcr.io/kaniko-project/executor:s390x-$TAG_NAME

# Enable "manifest list" support in docker, and publish one covering the per-architecture
# images published above.
- name: docker
entrypoint: sh
args:
- -c
- |
#!/bin/sh
set -o errexit
set -o xtrace

# Publish manifest lists second, after all of the binary material
# has been uploaded, so that it is fast. We want fast because enabling
# the experimental features in docker changes ~/.docker/config.json, which
# GCB periodically tramples.
#
# Enable support for 'docker manifest create'
# https://docs.docker.com/engine/reference/commandline/manifest_create/
sed -i 's/^{/{"experimental": "enabled",/g' ~/.docker/config.json

docker manifest create gcr.io/kaniko-project/executor:multi-arch \
gcr.io/kaniko-project/executor:amd64 \
gcr.io/kaniko-project/executor:arm64 \
gcr.io/kaniko-project/executor:s390x
docker manifest push gcr.io/kaniko-project/executor:multi-arch

docker manifest create gcr.io/kaniko-project/executor:multi-arch-$TAG_NAME \
gcr.io/kaniko-project/executor:amd64-$TAG_NAME \
gcr.io/kaniko-project/executor:arm64-$TAG_NAME \
gcr.io/kaniko-project/executor:s390x-$TAG_NAME
docker manifest push gcr.io/kaniko-project/executor:multi-arch-$TAG_NAME


images: ["gcr.io/kaniko-project/executor:$TAG_NAME",
"gcr.io/kaniko-project/executor:latest",
"gcr.io/kaniko-project/executor:debug-$TAG_NAME",
"gcr.io/kaniko-project/executor:debug",
"gcr.io/kaniko-project/warmer:$TAG_NAME",
"gcr.io/kaniko-project/warmer:latest",
"gcr.io/kaniko-project/executor:$TAG_NAME-debug"]
"gcr.io/kaniko-project/warmer:latest"]

options:
env:
- 'DOCKER_CLI_EXPERIMENTAL=enabled'
substitutions:
_DOCKER_BUILDX_PLATFORMS: 'linux/amd64,linux/arm64,linux/s390x'
Loading