From 0cfd59738cb5431279dfb25c10b543113a3c3d8d Mon Sep 17 00:00:00 2001 From: Dominik Rosiek Date: Fri, 16 Feb 2024 09:07:43 +0100 Subject: [PATCH 1/4] chore: add ubi Dockerfiles Signed-off-by: Dominik Rosiek --- operator/Dockerfile.ubi | 41 +++++++++++++++++++++++++++++++++++++++++ sidecar/Dockerfile.ubi | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 operator/Dockerfile.ubi create mode 100644 sidecar/Dockerfile.ubi diff --git a/operator/Dockerfile.ubi b/operator/Dockerfile.ubi new file mode 100644 index 00000000..46a3c1d4 --- /dev/null +++ b/operator/Dockerfile.ubi @@ -0,0 +1,41 @@ +# Build the manager binary +FROM golang:1.21.3 as builder + +WORKDIR /workspace + +# Copy the go source +COPY go.mod go.sum ./ + +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +COPY . . + +# Build +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go config.go + +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.6 + +ARG VERSION=${VERSION} +ARG RELEASE_NUMBER=${RELEASE_NUMBER} + +ENV SUMMARY="UBI based Tailing Sidecar Operator" \ + DESCRIPTION="Tailing Sidecar Operator adds streaming sidecar containers which use tailing sidecar image to Pods." + +LABEL name="Tailing Sidecar Operator" \ + maintainer="collection@sumologic.com" \ + vendor="Sumo Logic" \ + version=${VERSION} \ + release=${RELEASE_NUMBER} \ + summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" + +ADD https://raw.githubusercontent.com/SumoLogic/tailing-sidecar/release-v0.3/LICENSE /licenses/LICENSE + +WORKDIR / +COPY --from=builder /workspace/manager . +USER nonroot:nonroot + +ENTRYPOINT ["/manager"] diff --git a/sidecar/Dockerfile.ubi b/sidecar/Dockerfile.ubi new file mode 100644 index 00000000..e2a64fab --- /dev/null +++ b/sidecar/Dockerfile.ubi @@ -0,0 +1,39 @@ +FROM golang:1.20.7 as go-builder +RUN mkdir /build +ADD ./out_gstdout /build/ +WORKDIR /build +RUN make all + +# ToDo: build and use the latest fluent-bit image +FROM public.ecr.aws/sumologic/fluent-bit:1.6.10-sumo-2-ubi + +ARG VERSION=${VERSION} +ARG RELEASE_NUMBER=${RELEASE_NUMBER} + +ENV SUMMARY="UBI based Tailing Sidecar" \ + DESCRIPTION="Tailing sidecar is a streaming sidecar container which can be used with Tailing Sidecar Operator." + +LABEL name="Tailing Sidecar" \ + maintainer="collection@sumologic.com" \ + vendor="Sumo Logic" \ + version=${VERSION} \ + release=${RELEASE_NUMBER} \ + summary="$SUMMARY" \ + description="$DESCRIPTION" \ + io.k8s.description="$DESCRIPTION" + +ADD https://raw.githubusercontent.com/SumoLogic/tailing-sidecar/release-v0.3/LICENSE /licenses/LICENSE + +ENV LOG_LEVEL=warning + +COPY --from=go-builder \ + /build/out_gstdout.so \ + /tailing-sidecar/lib/ + +COPY conf/fluent-bit.conf \ + conf/plugins.conf \ + /fluent-bit/etc/ + +USER nobody + +CMD ["/fluent-bit/bin/fluent-bit", "-c", "/fluent-bit/etc/fluent-bit.conf", "--quiet"] From 62f2dca011fe399afb982878f434e5bb801096b0 Mon Sep 17 00:00:00 2001 From: Dominik Rosiek Date: Fri, 16 Feb 2024 09:29:28 +0100 Subject: [PATCH 2/4] chore: update Makefiles and github actions Signed-off-by: Dominik Rosiek --- .github/workflows/dev_builds.yml | 25 +++++++++++++++++++++++++ .github/workflows/release_builds.yml | 26 +++++++++++++++++++++++++- operator/Makefile | 7 ++++++- sidecar/{ => fluentbit}/Dockerfile.ubi | 0 sidecar/fluentbit/Makefile | 7 ++++++- 5 files changed, 62 insertions(+), 3 deletions(-) rename sidecar/{ => fluentbit}/Dockerfile.ubi (100%) diff --git a/.github/workflows/dev_builds.yml b/.github/workflows/dev_builds.yml index 77adea69..5e67048f 100644 --- a/.github/workflows/dev_builds.yml +++ b/.github/workflows/dev_builds.yml @@ -39,9 +39,15 @@ jobs: - name: Build and push tailing sidecar multiplatform image run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./sidecar/fluentbit + - name: Build and push tailing sidecar ubi image + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./sidecar/fluentbit - name: Push tailing sidecar image with latest tag run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE }}:${{ env.LATEST_TAG }} working-directory: ./sidecar/fluentbit + - name: Push tailing sidecar ubi image with latest tag + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE }}:${{ env.LATEST_TAG }} + working-directory: ./sidecar/fluentbit - name: Log in to AWS Public ECR to publish tailing sidecar image run: make login-ecr env: @@ -50,9 +56,16 @@ jobs: - name: Build and push to ECR tailing sidecar multiplatform image run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./sidecar/fluentbit + - name: Build and push to ECR tailing sidecar ubi image + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./sidecar/fluentbit - name: Push tailing sidecar image with latest tag to ECR run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ env.LATEST_TAG }} working-directory: ./sidecar/fluentbit + - name: Push tailing sidecar ubi image with latest tag to ECR + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ env.LATEST_TAG }} + working-directory: ./sidecar/fluentbit + build-otelcol-sidecar: runs-on: ubuntu-20.04 @@ -117,9 +130,15 @@ jobs: - name: Build and push tailing sidecar operator multiplatform image run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./operator + - name: Build and push tailing sidecar operator ubi image + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./operator - name: Push tailing sidecar operator image with latest tag run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE }}:${{ env.LATEST_TAG }} working-directory: ./operator + - name: Push tailing sidecar operator ubi image with latest tag + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE }}:${{ env.LATEST_TAG }} + working-directory: ./operator - name: Log in to AWS Public ECR to publish tailing sidecar operator image run: make login-ecr env: @@ -128,9 +147,15 @@ jobs: - name: Build and push to ECR tailing sidecar operator multiplatform image run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./operator + - name: Build and push to ECR tailing sidecar operator ubi image + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./operator - name: Push tailing sidecar operator image with latest tag to ECR run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ env.LATEST_TAG }} working-directory: ./operator + - name: Push tailing sidecar operator ubi image with latest tag to ECR + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ env.LATEST_TAG }} + working-directory: ./operator push-helm-chart: runs-on: ubuntu-20.04 diff --git a/.github/workflows/release_builds.yml b/.github/workflows/release_builds.yml index 12637838..01bb7dcf 100644 --- a/.github/workflows/release_builds.yml +++ b/.github/workflows/release_builds.yml @@ -35,12 +35,18 @@ jobs: registry: ghcr.io username: USERNAME password: ${{ secrets.CR_PAT }} - - name: Push tailing sidecar image + - name: Build and push tailing sidecar multiplatform image run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./sidecar/fluentbit + - name: Build and push tailing sidecar ubi image + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./sidecar/fluentbit - name: Push tailing sidecar image with latest tag run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE }}:${{ env.LATEST_TAG }} working-directory: ./sidecar/fluentbit + - name: Push tailing sidecar ubi image with latest tag + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE }}:${{ env.LATEST_TAG }} + working-directory: ./sidecar/fluentbit - name: Log in to AWS Public ECR to publish tailing sidecar image run: make login-ecr env: @@ -49,9 +55,15 @@ jobs: - name: Build and push to ECR tailing sidecar multiplatform image run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./sidecar/fluentbit + - name: Build and push to ECR tailing sidecar ubi image + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./sidecar/fluentbit - name: Push tailing sidecar image with latest tag to ECR run: make build-push-multiplatform TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ env.LATEST_TAG }} working-directory: ./sidecar/fluentbit + - name: Push tailing sidecar ubi image with latest tag to ECR + run: make build-push-ubi TAG=${{ env.SIDECAR_IMAGE_ECR }}:${{ env.LATEST_TAG }} + working-directory: ./sidecar/fluentbit build-operator: runs-on: ubuntu-20.04 @@ -81,9 +93,15 @@ jobs: - name: Build and push tailing sidecar operator multiplatform image run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./operator + - name: Build and push tailing sidecar operator ubi image + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./operator - name: Push tailing sidecar operator image with latest tag run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE }}:${{ env.LATEST_TAG }} working-directory: ./operator + - name: Push tailing sidecar operator ubi image with latest tag + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE }}:${{ env.LATEST_TAG }} + working-directory: ./operator - name: Log in to AWS Public ECR to publish tailing sidecar operator image run: make login-ecr env: @@ -92,9 +110,15 @@ jobs: - name: Build and push to ECR tailing sidecar operator multiplatform image run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} working-directory: ./operator + - name: Build and push to ECR tailing sidecar operator ubi image + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ steps.extract_tag.outputs.tag }} + working-directory: ./operator - name: Push tailing sidecar operator image with latest tag to ECR run: make build-push-multiplatform IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ env.LATEST_TAG }} working-directory: ./operator + - name: Push tailing sidecar operator ubi image with latest tag to ECR + run: make build-push-ubi IMG=${{ env.OPERATOR_IMAGE_ECR }}:${{ env.LATEST_TAG }} + working-directory: ./operator push-helm-chart: runs-on: ubuntu-20.04 diff --git a/operator/Makefile b/operator/Makefile index 47419052..e163407c 100755 --- a/operator/Makefile +++ b/operator/Makefile @@ -13,6 +13,7 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # Image URL to use all building/pushing image targets IMG ?= localhost:32000/sumologic/tailing-sidecar-operator:latest +DOCKERFILE ?= Dockerfile # Image URL for tailing sidecar TAILING_SIDECAR_IMG ?= localhost:32000/sumologic/tailing-sidecar:latest @@ -174,7 +175,7 @@ generate: controller-gen # Build the docker image docker-build: - docker build . -t ${IMG} + docker build . -f ${DOCKERFILE} -t ${IMG} # Push the docker image docker-push: @@ -187,6 +188,10 @@ build-push-multiplatform: --tag ${IMG} \ . +build-push-ubi: + $(MAKE) docker-build DOCKERFILE=${DOCKERFILE}.ubi IMG=${IMG}-ubi + $(MAKE) docker-push DOCKERFILE=${DOCKERFILE}.ubi IMG=${IMG}-ubi + # find or download controller-gen # download controller-gen if necessary controller-gen: diff --git a/sidecar/Dockerfile.ubi b/sidecar/fluentbit/Dockerfile.ubi similarity index 100% rename from sidecar/Dockerfile.ubi rename to sidecar/fluentbit/Dockerfile.ubi diff --git a/sidecar/fluentbit/Makefile b/sidecar/fluentbit/Makefile index 9f466414..853597e9 100755 --- a/sidecar/fluentbit/Makefile +++ b/sidecar/fluentbit/Makefile @@ -8,11 +8,12 @@ mkfile_path := $(abspath $(lastword $(MAKEFILE_LIST))) root_dir := $(dir $(abspath $(mkfile_path)/..)) TAG ?= "localhost:32000/sumologic/tailing-sidecar:latest" +DOCKERFILE ?= Dockerfile all: build push build: - docker build --tag $(TAG) --file Dockerfile . + docker build --tag $(TAG) --file ${DOCKERFILE} . build-test-image: build @@ -30,6 +31,10 @@ build-push-multiplatform: --tag ${TAG} \ . +build-push-ubi: + $(MAKE) build DOCKERFILE=${DOCKERFILE}.ubi TAG=${TAG}-ubi + $(MAKE) push DOCKERFILE=${DOCKERFILE}.ubi TAG=${TAG}-ubi + push: docker push $(TAG) From 6acc6eeec261598c60f7cb7ebfb6d554d727584f Mon Sep 17 00:00:00 2001 From: Dominik Rosiek Date: Fri, 16 Feb 2024 09:41:54 +0100 Subject: [PATCH 3/4] test Signed-off-by: Dominik Rosiek --- .github/workflows/dev_builds.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/dev_builds.yml b/.github/workflows/dev_builds.yml index 5e67048f..9607e349 100644 --- a/.github/workflows/dev_builds.yml +++ b/.github/workflows/dev_builds.yml @@ -5,6 +5,7 @@ on: branches: - main - 'release-v[0-9]+.[0-9]+' + - drosiek-ubi env: SIDECAR_IMAGE: "ghcr.io/sumologic/tailing-sidecar" From 38c43fedb2432f5b43abe55640531a2f74480bd1 Mon Sep 17 00:00:00 2001 From: Dominik Rosiek <58699848+sumo-drosiek@users.noreply.github.com> Date: Fri, 16 Feb 2024 14:15:15 +0100 Subject: [PATCH 4/4] Update .github/workflows/dev_builds.yml --- .github/workflows/dev_builds.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/dev_builds.yml b/.github/workflows/dev_builds.yml index 9607e349..5e67048f 100644 --- a/.github/workflows/dev_builds.yml +++ b/.github/workflows/dev_builds.yml @@ -5,7 +5,6 @@ on: branches: - main - 'release-v[0-9]+.[0-9]+' - - drosiek-ubi env: SIDECAR_IMAGE: "ghcr.io/sumologic/tailing-sidecar"