Use buildah instead of docker, support multi-arch builds#115
Merged
kubevirt-bot merged 5 commits intokubevirt:mainfrom Aug 3, 2022
Merged
Use buildah instead of docker, support multi-arch builds#115kubevirt-bot merged 5 commits intokubevirt:mainfrom
kubevirt-bot merged 5 commits intokubevirt:mainfrom
Conversation
This passes them to all subprocesses, but they can still be overridden due to the ?= construct. Signed-off-by: Maya Rashish <mrashish@redhat.com>
Avoid failure when the binary is built with Fedora 36 and thus requires newer glibc symbols than the container. Signed-off-by: Maya Rashish <mrashish@redhat.com>
Now we can run: make clean && \ GOARCH=arm64 make manifest && GOARCH=amd64 make manifest && \ make manifest-push And spit out a manifest for both arm64 and amd64, in the same image. Caveats: - We have a special 'manifest-clean' target, as we can add arbitrarily many images to a manifest and don't want the old ones. Delete old image in case a regular non-manifest image exists by the same name, too. - The push and image/manifest creation are split, so we can run the image creation for more than one architecture and push the combined manifest including both. - We keep `make push` behaving the same to avoid breaking CI. - Full DOCKER_REPO name is used, as podman-like tools have odd behavior with short names. Signed-off-by: Maya Rashish <mrashish@redhat.com>
kubevirt-bot
added
release-note
awels
reviewed
Jul 6, 2022
hack/sanity.sh
Outdated
| buildah build -t ${DOCKER_REPO}/sanity:test -f ./sanity/Dockerfile . | ||
| # Need privileged so we can bind mount inside container, and hostpath capacity cannot change, so skipping that test | ||
| docker run --privileged ${DOCKER_REPO}/sanity:test -ginkgo.noColor -ginkgo.skip="should fail when requesting to create a volume with already existing name and different capacity" | ||
| podman run --privileged ${DOCKER_REPO}/sanity:test -ginkgo.noColor -ginkgo.skip="should fail when requesting to create a volume with already existing name and different capacity" |
Member
There was a problem hiding this comment.
Looks like podman is not installed in this container, this is why the test is failing here.
Member
There was a problem hiding this comment.
quay.io/kubevirtci/golang is the container that is running this test. Might have to install podman on it during this run.
Contributor
Author
There was a problem hiding this comment.
After a failed attempt to make the CI image include podman (the kubevirtci kind provider would pick it up but then fail to come up, so it immediately broke some CI lanes), this PR now supports both docker & podman, so CI is now passing with no change to project-infra.
Contributor
Author
|
/retest |
Signed-off-by: Maya Rashish <mrashish@redhat.com>
Contributor
Author
|
ping @awels |
awels
reviewed
Aug 3, 2022
Member
awels
left a comment
awels
left a comment
There was a problem hiding this comment.
Looks good just have a concern with tls-verify=false being added when pushing.
cluster-sync/sync.sh
Outdated
|
|
||
| registry=${IMAGE_REGISTRY:-localhost:$(_port registry)} | ||
| DOCKER_REPO=${registry} make push | ||
| DOCKER_REPO=${registry} BUILDAH_PUSH_FLAGS="--tls-verify=false" make manifest manifest-push |
Member
There was a problem hiding this comment.
I understand why you added the tls-verify=false, because we can't really verify the identity of the registry:5000 in the kubevirtci cluster. Can we only add this flag if we are in that particular situation. I would really like to verify the identity when I am pushing an actual release to quay.io for instance.
hack/k8s-e2e.sh
Outdated
| registry=${IMAGE_REGISTRY:-localhost:$(_port registry)} | ||
| echo "registry: ${registry}" | ||
| DOCKER_REPO=${registry} make push | ||
| DOCKER_REPO=${registry} BUILDAH_PUSH_FLAGS="--tls-verify=false" make manifest manifest-push |
Add a message about this, too Signed-off-by: Maya Rashish <mrashish@redhat.com>
Member
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: awels The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
kubevirt-bot
added
the
approved
Member
|
/cherrypick release-v0.13 |
|
@awels: new pull request created: #215 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Member
|
/cherrypick release-v0.12 |
|
@awels: #115 failed to apply on top of branch "release-v0.12": DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
awels
pushed a commit
to awels/hostpath-provisioner
that referenced
this pull request
Jun 16, 2023
* Instead of passing environment variables, export them in Makefile This passes them to all subprocesses, but they can still be overridden due to the ?= construct. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Build sanity.test statically Avoid failure when the binary is built with Fedora 36 and thus requires newer glibc symbols than the container. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Switch to buildah & podman, enable multi-arch builds Now we can run: make clean && \ GOARCH=arm64 make manifest && GOARCH=amd64 make manifest && \ make manifest-push And spit out a manifest for both arm64 and amd64, in the same image. Caveats: - We have a special 'manifest-clean' target, as we can add arbitrarily many images to a manifest and don't want the old ones. Delete old image in case a regular non-manifest image exists by the same name, too. - The push and image/manifest creation are split, so we can run the image creation for more than one architecture and push the combined manifest including both. - We keep `make push` behaving the same to avoid breaking CI. - Full DOCKER_REPO name is used, as podman-like tools have odd behavior with short names. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Tolerate docker instead of podman Signed-off-by: Maya Rashish <mrashish@redhat.com> * Only add --tls-verify=false if the registry matches localhost* Add a message about this, too Signed-off-by: Maya Rashish <mrashish@redhat.com>
awels
pushed a commit
to awels/hostpath-provisioner
that referenced
this pull request
Jun 16, 2023
* Instead of passing environment variables, export them in Makefile This passes them to all subprocesses, but they can still be overridden due to the ?= construct. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Build sanity.test statically Avoid failure when the binary is built with Fedora 36 and thus requires newer glibc symbols than the container. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Switch to buildah & podman, enable multi-arch builds Now we can run: make clean && \ GOARCH=arm64 make manifest && GOARCH=amd64 make manifest && \ make manifest-push And spit out a manifest for both arm64 and amd64, in the same image. Caveats: - We have a special 'manifest-clean' target, as we can add arbitrarily many images to a manifest and don't want the old ones. Delete old image in case a regular non-manifest image exists by the same name, too. - The push and image/manifest creation are split, so we can run the image creation for more than one architecture and push the combined manifest including both. - We keep `make push` behaving the same to avoid breaking CI. - Full DOCKER_REPO name is used, as podman-like tools have odd behavior with short names. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Tolerate docker instead of podman Signed-off-by: Maya Rashish <mrashish@redhat.com> * Only add --tls-verify=false if the registry matches localhost* Add a message about this, too Signed-off-by: Maya Rashish <mrashish@redhat.com>
awels
pushed a commit
to awels/hostpath-provisioner
that referenced
this pull request
Jun 17, 2023
* Instead of passing environment variables, export them in Makefile This passes them to all subprocesses, but they can still be overridden due to the ?= construct. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Build sanity.test statically Avoid failure when the binary is built with Fedora 36 and thus requires newer glibc symbols than the container. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Switch to buildah & podman, enable multi-arch builds Now we can run: make clean && \ GOARCH=arm64 make manifest && GOARCH=amd64 make manifest && \ make manifest-push And spit out a manifest for both arm64 and amd64, in the same image. Caveats: - We have a special 'manifest-clean' target, as we can add arbitrarily many images to a manifest and don't want the old ones. Delete old image in case a regular non-manifest image exists by the same name, too. - The push and image/manifest creation are split, so we can run the image creation for more than one architecture and push the combined manifest including both. - We keep `make push` behaving the same to avoid breaking CI. - Full DOCKER_REPO name is used, as podman-like tools have odd behavior with short names. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Tolerate docker instead of podman Signed-off-by: Maya Rashish <mrashish@redhat.com> * Only add --tls-verify=false if the registry matches localhost* Add a message about this, too Signed-off-by: Maya Rashish <mrashish@redhat.com>
kubevirt-bot
pushed a commit
that referenced
this pull request
Jun 20, 2023
* Allow dynamic linking of binaries (#205) * Allow dynamic linking of binaries The release was creating statically linked binaries and there is no particular reason for this. Doing dynamically linked binaries would decrase the container size. Signed-off-by: Alexander Wels <awels@redhat.com> * Updated fedora to 37 so it has a recent enough glibc Added glibc to the Dockerfile so the binaries can run Fixed failing functional test that was not calculating the size properly from the `df -Bk` command. It was calculating from 1000 instead of 1024 and the size was wrong because of it. Signed-off-by: Alexander Wels <awels@redhat.com> --------- Signed-off-by: Alexander Wels <awels@redhat.com> * Use buildah instead of docker, support multi-arch builds (#115) * Instead of passing environment variables, export them in Makefile This passes them to all subprocesses, but they can still be overridden due to the ?= construct. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Build sanity.test statically Avoid failure when the binary is built with Fedora 36 and thus requires newer glibc symbols than the container. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Switch to buildah & podman, enable multi-arch builds Now we can run: make clean && \ GOARCH=arm64 make manifest && GOARCH=amd64 make manifest && \ make manifest-push And spit out a manifest for both arm64 and amd64, in the same image. Caveats: - We have a special 'manifest-clean' target, as we can add arbitrarily many images to a manifest and don't want the old ones. Delete old image in case a regular non-manifest image exists by the same name, too. - The push and image/manifest creation are split, so we can run the image creation for more than one architecture and push the combined manifest including both. - We keep `make push` behaving the same to avoid breaking CI. - Full DOCKER_REPO name is used, as podman-like tools have odd behavior with short names. Signed-off-by: Maya Rashish <mrashish@redhat.com> * Tolerate docker instead of podman Signed-off-by: Maya Rashish <mrashish@redhat.com> * Only add --tls-verify=false if the registry matches localhost* Add a message about this, too Signed-off-by: Maya Rashish <mrashish@redhat.com> * Add go mod vendor Signed-off-by: Alexander Wels <awels@redhat.com> --------- Signed-off-by: Alexander Wels <awels@redhat.com> Signed-off-by: Maya Rashish <mrashish@redhat.com> Co-authored-by: Maya Rashish <mrashish@redhat.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):hostpath-provisioner part of #98, we also need to change
make pushin project-infra to build arm64 binaries.Special notes for your reviewer:
Release note: