Skip to content

Commit

Permalink
ANDY DEBUG
Browse files Browse the repository at this point in the history 
big comment docker/buildx#1964 (comment)

Signed-off-by: Andy Doan <[email protected]>
  • Loading branch information
@doanac
doanac committed May 29, 2024
1 parent 70be78f commit f1ef8a9
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions apps/build.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,16 @@ HERE=$(dirname $(readlink -f $0))
require_params FACTORY

export DOCKER_BUILDKIT=1
BUILDKIT_VERSION="${BUILDKIT_VERSION-v0.10.3}"
BUILDKIT_VERSION="${BUILDKIT_VERSION-v0.13.2}"

MANIFEST_PLATFORMS_DEFAULT="${MANIFEST_PLATFORMS_DEFAULT-linux/amd64,linux/arm,linux/arm64}"
status Default container platforms will be: $MANIFEST_PLATFORMS_DEFAULT

run apk add curl
curl -L https://github.com/docker/buildx/releases/download/v0.14.1/buildx-v0.14.1.linux-amd64 > /docker-buildx
chmod +x /docker-buildx
mv /docker-buildx /usr/local/lib/docker/cli-plugins/

load_extra_certs
if [ -f /secrets/docker_host_config.json ] ; then
mkdir -p $HOME/.docker
Expand Down Expand Up @@ -80,6 +85,8 @@ fi

trap '[ -f /archive/junit.xml ] && echo "</testsuite>" >> /archive/junit.xml' TERM INT EXIT

run docker buildx version

total=$(echo $IMAGES | wc -w)
total=$((total*3)) # 3 steps per container: build, push, test*manifest
completed=-3 # we increment on the first step of the first loop.
Expand Down Expand Up @@ -127,7 +134,7 @@ for x in $IMAGES ; do
docker_cmd="$docker_cmd --no-cache"
fi

docker_cmd="$docker_cmd --push --cache-to type=registry,ref=${ct_base}:${LATEST}-${ARCH}_cache,mode=max"
docker_cmd="$docker_cmd --output=type=registry,oci-mediatypes=false --provenance=false --load --cache-to type=registry,ref=${ct_base}:${LATEST}-${ARCH}_cache,mode=max"

if [ -n "$DOCKER_SECRETS" ] ; then
status "DOCKER_SECRETS defined - building --secrets for $(ls /secrets)"
Expand Down Expand Up @@ -179,6 +186,7 @@ for x in $IMAGES ; do
status "Doing a Syft SBOM scan"
sbom_dst=/archive/sboms/${ct_base}/${ARCH}.spdx.json
mkdir -p $(dirname $sbom_dst)
run docker images
syft ${ct_base}:$TAG-$ARCH -o spdx-json > $sbom_dst
else
status "Skipping SBOM generation: DISABLE_SBOM enabled"
Expand Down

0 comments on commit f1ef8a9

Please sign in to comment.