Skip to content

Commit

Permalink
refactor: use built-in buildah --retry
Browse files Browse the repository at this point in the history 
- Retries were achieved by writing a loop around the buildah command
- buildah actually has a `--retry` option
- Use the built-in option in order to simplify the code
  • Loading branch information
@tnevrlka
tnevrlka committed Dec 3, 2024
1 parent d62c0c3 commit b3a8e96
Show file tree
Hide file tree
Showing 4 changed files with 43 additions and 105 deletions.
26 changes: 9 additions & 17 deletions task/buildah-oci-ta/0.2/buildah-oci-ta.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -559,41 +559,33 @@ spec:
#!/bin/bash
set -e
retry() {
status=-1
max_run=5
sleep_sec=10
for run in $(seq 1 $max_run); do
status=0
[ "$run" -gt 1 ] && sleep $sleep_sec
"$@" && break || status=$?
done
return $status
}
ca_bundle=/mnt/trusted-ca/ca-bundle.crt
if [ -f "$ca_bundle" ]; then
echo "INFO: Using mounted CA bundle: $ca_bundle"
cp -vf $ca_bundle /etc/pki/ca-trust/source/anchors
update-ca-trust
fi
retries=5
# Push to a unique tag based on the TaskRun name to avoid race conditions
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)"; then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${retries} tries"
exit 1
fi
# Push to a tag based on the git revision
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
--digestfile "/var/workdir/image-digest" "$IMAGE" \
"docker://$IMAGE"; then
echo "Failed to push sbom image to $IMAGE after ${max_run} tries"
echo "Failed to push sbom image to $IMAGE after ${retries} tries"
exit 1
fi
Expand Down
26 changes: 9 additions & 17 deletions task/buildah-remote-oci-ta/0.2/buildah-remote-oci-ta.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -659,41 +659,33 @@ spec:
export IMAGE
fi
retry() {
status=-1
max_run=5
sleep_sec=10
for run in $(seq 1 $max_run); do
status=0
[ "$run" -gt 1 ] && sleep $sleep_sec
"$@" && break || status=$?
done
return $status
}
ca_bundle=/mnt/trusted-ca/ca-bundle.crt
if [ -f "$ca_bundle" ]; then
echo "INFO: Using mounted CA bundle: $ca_bundle"
cp -vf $ca_bundle /etc/pki/ca-trust/source/anchors
update-ca-trust
fi
retries=5
# Push to a unique tag based on the TaskRun name to avoid race conditions
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)"; then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${retries} tries"
exit 1
fi
# Push to a tag based on the git revision
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
--digestfile "/var/workdir/image-digest" "$IMAGE" \
"docker://$IMAGE"; then
echo "Failed to push sbom image to $IMAGE after ${max_run} tries"
echo "Failed to push sbom image to $IMAGE after ${retries} tries"
exit 1
fi
Expand Down
70 changes: 16 additions & 54 deletions task/buildah-remote/0.2/buildah-remote.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -629,60 +629,22 @@ spec:
memory: 1Gi
image: quay.io/konflux-ci/buildah-task:latest@sha256:b2d6c32d1e05e91920cd4475b2761d58bb7ee11ad5dff3ecb59831c7572b4d0c
name: push
script: |
#!/bin/bash
set -e
if [ "${IMAGE_APPEND_PLATFORM}" == "true" ]; then
IMAGE="${IMAGE}-${PLATFORM//[^a-zA-Z0-9]/-}"
export IMAGE
fi
retry () {
status=-1
max_run=5
sleep_sec=10
for run in $(seq 1 $max_run); do
status=0
[ "$run" -gt 1 ] && sleep $sleep_sec
"$@" && break || status=$?
done
return $status
}
ca_bundle=/mnt/trusted-ca/ca-bundle.crt
if [ -f "$ca_bundle" ]; then
echo "INFO: Using mounted CA bundle: $ca_bundle"
cp -vf $ca_bundle /etc/pki/ca-trust/source/anchors
update-ca-trust
fi
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)";
then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
exit 1
fi
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
--tls-verify="$TLSVERIFY" \
--digestfile "$(workspaces.source.path)/image-digest" "$IMAGE" \
"docker://$IMAGE";
then
echo "Failed to push sbom image to $IMAGE after ${max_run} tries"
exit 1
fi
cat "$(workspaces.source.path)"/image-digest | tee $(results.IMAGE_DIGEST.path)
echo -n "$IMAGE" | tee $(results.IMAGE_URL.path)
{
echo -n "${IMAGE}@"
cat "$(workspaces.source.path)/image-digest"
} > "$(results.IMAGE_REF.path)"
script: "#!/bin/bash\nset -e\nif [ \"${IMAGE_APPEND_PLATFORM}\" == \"true\" ];
then\n IMAGE=\"${IMAGE}-${PLATFORM//[^a-zA-Z0-9]/-}\"\n export IMAGE\nfi\n\nca_bundle=/mnt/trusted-ca/ca-bundle.crt\nif
[ -f \"$ca_bundle\" ]; then\n echo \"INFO: Using mounted CA bundle: $ca_bundle\"\n
\ cp -vf $ca_bundle /etc/pki/ca-trust/source/anchors\n update-ca-trust\nfi\n\nretries=5\n#
Push to a unique tag based on the TaskRun name to avoid race conditions\necho
\"Pushing to ${IMAGE%:*}:${TASKRUN_NAME}\"\nif ! buildah push \\\n --retry
\"$retries\" \\\n --tls-verify=\"$TLSVERIFY\" \\\n \"$IMAGE\" \\\n \"docker://${IMAGE%:*}:$(context.taskRun.name)\";\nthen\n
\ echo \"Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after
${retries} tries\"\n exit 1\nfi\n\n# Push to a tag based on the git revision
\necho \"Pushing to ${IMAGE}\"\nif ! buildah push \\\n --retry \"$retries\"
\\\n --tls-verify=\"$TLSVERIFY\" \\\n --digestfile \"$(workspaces.source.path)/image-digest\"
\"$IMAGE\" \\\n \"docker://$IMAGE\";\nthen\n echo \"Failed to push sbom image
to $IMAGE after ${retries} tries\"\n exit 1\nfi\n\ncat \"$(workspaces.source.path)\"/image-digest
| tee $(results.IMAGE_DIGEST.path)\necho -n \"$IMAGE\" | tee $(results.IMAGE_URL.path)\n{\n
\ echo -n \"${IMAGE}@\"\n cat \"$(workspaces.source.path)/image-digest\"\n}
> \"$(results.IMAGE_REF.path)\"\n"
securityContext:
capabilities:
add:
Expand Down
26 changes: 9 additions & 17 deletions task/buildah/0.2/buildah.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -500,43 +500,35 @@ spec:
#!/bin/bash
set -e
retry () {
status=-1
max_run=5
sleep_sec=10
for run in $(seq 1 $max_run); do
status=0
[ "$run" -gt 1 ] && sleep $sleep_sec
"$@" && break || status=$?
done
return $status
}
ca_bundle=/mnt/trusted-ca/ca-bundle.crt
if [ -f "$ca_bundle" ]; then
echo "INFO: Using mounted CA bundle: $ca_bundle"
cp -vf $ca_bundle /etc/pki/ca-trust/source/anchors
update-ca-trust
fi
retries=5
# Push to a unique tag based on the TaskRun name to avoid race conditions
echo "Pushing to ${IMAGE%:*}:${TASKRUN_NAME}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
"$IMAGE" \
"docker://${IMAGE%:*}:$(context.taskRun.name)";
then
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${max_run} tries"
echo "Failed to push sbom image to ${IMAGE%:*}:$(context.taskRun.name) after ${retries} tries"
exit 1
fi
# Push to a tag based on the git revision

Check failure on line 523 in task/buildah/0.2/buildah.yaml

View workflow job for this annotation

GitHub Actions / yamllint 

523:48 [trailing-spaces] trailing spaces
echo "Pushing to ${IMAGE}"
if ! retry buildah push \
if ! buildah push \
--retry "$retries" \
--tls-verify="$TLSVERIFY" \
--digestfile "$(workspaces.source.path)/image-digest" "$IMAGE" \
"docker://$IMAGE";
then
echo "Failed to push sbom image to $IMAGE after ${max_run} tries"
echo "Failed to push sbom image to $IMAGE after ${retries} tries"
exit 1
fi
Expand Down

0 comments on commit b3a8e96

Please sign in to comment.