Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update the way the LTS images are built (#8953) #8960

Merged
merged 1 commit into from
Jul 19, 2023
Merged

chore: update the way the LTS images are built (#8953) #8960

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 0 additions & 55 deletions deploy/cloudbuild-lts.yaml
View file
Open in desktop

This file was deleted.

72 changes: 17 additions & 55 deletions deploy/cloudbuild-release-lts.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,67 +2,29 @@
# see: https://cloud.google.com/container-builder/docs/configuring-builds/substitute-variable-values#using_default_substitutions
steps:

# Build and tag skaffold-deps image using docker with cache-from
# Build and tag skaffold-deps image using docker with cache-from
- name: 'gcr.io/cloud-builders/docker'
args:
- 'build'
- '-t'
- 'gcr.io/$PROJECT_ID/build_deps:latest-lts'
- '--cache-from'
- 'gcr.io/k8s-skaffold/build_deps:latest-lts'
- '-f'
- 'deploy/skaffold/Dockerfile.deps.lts'
- '.'

# Grab secret credentials from gcp bucket
- name: gcr.io/cloud-builders/gcloud
entrypoint: 'bash'
args: ['deploy/setup-secret.sh','-p', $PROJECT_ID]

# Build and tag skaffold builder
- name: 'gcr.io/cloud-builders/docker'
args:
- 'build'
- '--cache-from'
- 'gcr.io/$PROJECT_ID/skaffold-builder:latest'
- '-t'
- 'gcr.io/$PROJECT_ID/skaffold-builder:latest'
- '-f'
- 'deploy/skaffold/Dockerfile'
- '.'

# Build and tag distroless-skaffold image for scanning
- name: 'gcr.io/cloud-builders/docker'
args:
- 'build'
- '--build-arg'
- 'PROJECT_ID=$PROJECT_ID'
- '-t'
- 'us-east1-docker.pkg.dev/$PROJECT_ID/scanning/skaffold:$TAG_NAME-lts'
- '-f'
- 'deploy/skaffold/Dockerfile.skaffold'
- '.'

# Do the go build & push the results to GCS
- name: 'gcr.io/$PROJECT_ID/skaffold-builder:latest'
args:
- 'make'
- 'release-lts'
- 'VERSION=$TAG_NAME'
- 'SCANNING_MARKER=$_SCANNING_MARKER'
- 'RELEASE_BUCKET=$_RELEASE_BUCKET'
- 'GCP_PROJECT=$PROJECT_ID'

# Check that skaffold is in the image
- 'build'
- '--build-arg'
- 'SKAFFOLD_VERSION=$TAG_NAME'
- '-t'
- 'gcr.io/$PROJECT_ID/skaffold:$TAG_NAME-lts'
- '-t'
- 'gcr.io/$PROJECT_ID/skaffold:$_SCANNING_MARKER-lts'
- '-f'
- 'deploy/skaffold/Dockerfile.lts'
- '.'

# Check that skaffold is in the image
- name: 'gcr.io/$PROJECT_ID/skaffold:$TAG_NAME-lts'
args:
- 'skaffold'
- 'version'
- 'skaffold'
- 'version'

images:
- 'gcr.io/$PROJECT_ID/skaffold:$TAG_NAME-lts'
- 'gcr.io/$PROJECT_ID/skaffold:$_SCANNING_MARKER-lts'
- 'us-east1-docker.pkg.dev/$PROJECT_ID/scanning/skaffold:$TAG_NAME-lts'
- 'gcr.io/$PROJECT_ID/skaffold:$TAG_NAME-lts'
- 'gcr.io/$PROJECT_ID/skaffold:$_SCANNING_MARKER-lts'

options:
machineType: 'N1_HIGHCPU_8'
Expand Down
106 changes: 0 additions & 106 deletions deploy/skaffold/Dockerfile.deps.lts
View file
Open in desktop

This file was deleted.

118 changes: 104 additions & 14 deletions deploy/skaffold/Dockerfile.lts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,17 +12,107 @@
# See the License for the specific language governing permissions and
# limitations under the License.

# This base image is built using docker from cache every single time as build step.
FROM gcr.io/k8s-skaffold/build_deps:latest-lts as build
WORKDIR /skaffold
# force to use gke_gcloud_auth_plugin for gcp k8s authentication.
ENV USE_GKE_GCLOUD_AUTH_PLUGIN True

FROM build as builder
ARG VERSION
COPY . .
RUN make clean out/skaffold VERSION=$VERSION && mv out/skaffold /usr/bin/skaffold && rm -rf secrets $SECRET cmd/skaffold/app/cmd/statik/statik.go

FROM build as release
COPY --from=builder /usr/bin/skaffold /usr/bin/skaffold
RUN skaffold credits -d /THIRD_PARTY_NOTICES
ARG ARCH=amd64
ARG SKAFFOLD_VERSION

# Download skaffold
FROM alpine:3.10 as download-skaffold
ARG ARCH
ARG SKAFFOLD_VERSION
ENV SKAFFOLD_URL https://storage.googleapis.com/skaffold/releases/${SKAFFOLD_VERSION}/skaffold-linux-${ARCH}
RUN wget -O skaffold "${SKAFFOLD_URL}"
RUN chmod +x skaffold

# Download kubectl
FROM alpine:3.10 as download-kubectl
ARG ARCH
# https://cloud.google.com/sdk/docs/release-notes
ENV KUBECTL_VERSION v1.27.2
ENV KUBECTL_URL https://storage.googleapis.com/kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/${ARCH}/kubectl
# SHAs at gs://kubernetes-release/release/${KUBECTL_VERSION}/bin/linux/${ARCH}/
COPY deploy/skaffold/digests/kubectl.${ARCH}.sha512 .
RUN wget -O kubectl "${KUBECTL_URL}" && sha512sum -c kubectl.${ARCH}.sha512
RUN chmod +x kubectl

# Download helm (see https://github.com/helm/helm/releases/latest)
FROM alpine:3.10 as download-helm
ARG ARCH
RUN echo arch=$ARCH
ENV HELM_VERSION v3.12.0
ENV HELM_URL https://storage.googleapis.com/skaffold/deps/helm/helm-${HELM_VERSION}-linux-${ARCH}.tar.gz
COPY deploy/skaffold/digests/helm.${ARCH}.sha256 .
RUN wget -O helm.tar.gz "${HELM_URL}" && sha256sum -c helm.${ARCH}.sha256
RUN tar -xvf helm.tar.gz --strip-components 1

# Download kustomize
FROM alpine:3.10 as download-kustomize
ARG ARCH
ENV KUSTOMIZE_VERSION 5.0.3
ENV KUSTOMIZE_URL https://storage.googleapis.com/skaffold/deps/kustomize/v${KUSTOMIZE_VERSION}/kustomize_v${KUSTOMIZE_VERSION}_linux_${ARCH}.tar.gz
COPY deploy/skaffold/digests/kustomize.${ARCH}.sha256 .
RUN wget -O kustomize.tar.gz "${KUSTOMIZE_URL}" && sha256sum -c kustomize.${ARCH}.sha256
RUN tar -xvf kustomize.tar.gz

# Download kpt
FROM alpine:3.10 as download-kpt
ARG ARCH
ENV KPT_VERSION 1.0.0-beta.33
ENV KPT_URL https://storage.googleapis.com/skaffold/deps/kpt/v${KPT_VERSION}/kpt_linux_amd64
COPY deploy/skaffold/digests/kpt.${ARCH}.sha256 .
RUN wget -O kpt "${KPT_URL}" && sha256sum -c kpt.${ARCH}.sha256
RUN chmod +x kpt

# Download gcloud
FROM alpine:3.10 as download-gcloud
ARG ARCH
ENV GCLOUD_VERSION 432.0.0
ENV GCLOUD_URL https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-${GCLOUD_VERSION}-linux-GCLOUDARCH.tar.gz
# SHAs listed at https://cloud.google.com/sdk/docs/downloads-versioned-archives
COPY deploy/skaffold/digests/gcloud.${ARCH}.sha256 .
RUN \
GCLOUDARCH=$(case "${ARCH}" in amd64) echo x86_64;; *) echo ${ARCH};; esac); \
wget -O gcloud.tar.gz $(echo "${GCLOUD_URL}" | sed "s/GCLOUDARCH/${GCLOUDARCH}/g") && \
sha256sum -c gcloud.${ARCH}.sha256
RUN tar -zxf gcloud.tar.gz


FROM ubuntu:20.04 as runtime_deps

RUN apt-get update && \
apt-get install --no-install-recommends --no-install-suggests -y \
git python unzip && \
rm -rf /var/lib/apt/lists/*

COPY --from=download-skaffold skaffold /usr/local/bin/
COPY --from=download-kubectl kubectl /usr/local/bin/
COPY --from=download-helm helm /usr/local/bin/
COPY --from=download-kustomize kustomize /usr/local/bin/
COPY --from=download-kpt kpt /usr/local/bin/
COPY --from=download-gcloud google-cloud-sdk/ /google-cloud-sdk/

# Finish installation of gcloud
RUN /google-cloud-sdk/install.sh \
--usage-reporting=false \
--bash-completion=false \
--disable-installation-options
ENV PATH=$PATH:/google-cloud-sdk/bin
RUN gcloud auth configure-docker && gcloud components install --quiet \
gke-gcloud-auth-plugin \
alpha \
beta \
cloud-run-proxy \
log-streaming

FROM runtime_deps
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install --no-install-recommends --no-install-suggests -y \
curl \
build-essential \
python-setuptools \
lsb-release \
openjdk-17-jdk \
software-properties-common \
jq \
docker.io \
apt-transport-https && \
rm -rf /var/lib/apt/lists/*
Loading