Skip to content

Commit

Permalink
Extend Dockerfile based build strategies with target build stage
Browse files Browse the repository at this point in the history
Signed-off-by: Sascha Schwarze <schwarzs@de.ibm.com>
  • Loading branch information
SaschaSchwarze0 committed Nov 21, 2024
1 parent 87b044b commit a0da3ca
Show file tree
Hide file tree
Showing 4 changed files with 99 additions and 54 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ spec:
context=
dockerfile=
image=
target=
buildArgs=()
outputDirectory=
budArgs=()
inBuildArgs=false
registriesBlock=""
inRegistriesBlock=false
Expand Down Expand Up @@ -56,12 +56,21 @@ spec:
inRegistriesSearch=false
image="$1"
shift
elif [ "${arg}" == "--output-directory" ]; then
inBuildArgs=false
inRegistriesBlock=false
inRegistriesInsecure=false
inRegistriesSearch=false
outputDirectory="$1"
shift
elif [ "${arg}" == "--target" ]; then
inBuildArgs=false
inRegistriesBlock=false
inRegistriesInsecure=false
inRegistriesSearch=false
target="$1"
if [ "$1" != "" ]; then
budArgs+=(--target "$1")
fi
shift
elif [ "${arg}" == "--build-args" ]; then
inBuildArgs=true
Expand All @@ -84,7 +93,7 @@ spec:
inRegistriesBlock=false
inRegistriesInsecure=false
elif [ "${inBuildArgs}" == "true" ]; then
buildArgs+=("--build-arg" "${arg}")
budArgs+=(--build-arg "${arg}")
elif [ "${inRegistriesBlock}" == "true" ]; then
registriesBlock="${registriesBlock}'${arg}', "
elif [ "${inRegistriesInsecure}" == "true" ]; then
Expand Down Expand Up @@ -140,7 +149,7 @@ spec:
# Building the image
echo "[INFO] Building image ${image}"
buildah --storage-driver=$(params.storage-driver) \
bud "${buildArgs[@]}" \
bud "${budArgs[@]}" \
--registries-conf=/tmp/registries.conf \
--tag="${image}" \
--file="${dockerfile}" \
Expand All @@ -150,11 +159,13 @@ spec:
echo "[INFO] Writing image ${image}"
buildah --storage-driver=$(params.storage-driver) push \
"${image}" \
"oci:${target}"
"oci:${outputDirectory}"
# That's the separator between the shell script and its args
- --
- --context
- $(params.shp-source-context)
- --output-directory
- $(params.shp-output-directory)
- --dockerfile
- $(params.dockerfile)
- --image
Expand All @@ -168,7 +179,7 @@ spec:
- --registries-search
- $(params.registries-search[*])
- --target
- $(params.shp-output-directory)
- $(params.target)
resources:
limits:
cpu: "1"
Expand Down Expand Up @@ -204,6 +215,10 @@ spec:
type: string
default: "vfs"
# For details see the "--storage-driver" section of https://github.com/containers/buildah/blob/main/docs/buildah.1.md#options
- name: target
description: "Sets the target stage to be built."
type: string
default: ""
securityContext:
runAsUser: 0
runAsGroup: 0
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ spec:
context=
dockerfile=
image=
buildArgs=()
budArgs=()
inBuildArgs=false
registriesBlock=""
inRegistriesBlock=false
Expand Down Expand Up @@ -58,6 +58,15 @@ spec:
inRegistriesSearch=false
image="$1"
shift
elif [ "${arg}" == "--target" ]; then
inBuildArgs=false
inRegistriesBlock=false
inRegistriesInsecure=false
inRegistriesSearch=false
if [ "$1" != "" ]; then
budArgs+=(--target "$1")
fi
shift
elif [ "${arg}" == "--build-args" ]; then
inBuildArgs=true
inRegistriesBlock=false
Expand All @@ -79,7 +88,7 @@ spec:
inRegistriesBlock=false
inRegistriesInsecure=false
elif [ "${inBuildArgs}" == "true" ]; then
buildArgs+=("--build-arg" "${arg}")
budArgs+=(--build-arg "${arg}")
elif [ "${inRegistriesBlock}" == "true" ]; then
registriesBlock="${registriesBlock}'${arg}', "
elif [ "${inRegistriesInsecure}" == "true" ]; then
Expand Down Expand Up @@ -140,7 +149,7 @@ spec:
# Building the image
echo "[INFO] Building image ${image}"
buildah --storage-driver=$(params.storage-driver) \
bud "${buildArgs[@]}" \
bud "${budArgs[@]}" \
--registries-conf=/tmp/registries.conf \
--tag="${image}" \
--file="${dockerfile}" \
Expand Down Expand Up @@ -169,6 +178,8 @@ spec:
- $(params.registries-insecure[*])
- --registries-search
- $(params.registries-search[*])
- --target
- $(params.target)
resources:
limits:
cpu: "1"
Expand Down Expand Up @@ -200,10 +211,14 @@ spec:
type: string
default: "Dockerfile"
- name: storage-driver
description: "The storage driver to use, such as 'overlay' or 'vfs'"
description: "The storage driver to use, such as 'overlay' or 'vfs'."
type: string
default: "vfs"
# For details see the "--storage-driver" section of https://github.com/containers/buildah/blob/main/docs/buildah.1.md#options
- name: target
description: "Sets the target stage to be built."
type: string
default: ""
securityContext:
runAsUser: 0
runAsGroup: 0
Original file line number Diff line number Diff line change
Expand Up @@ -11,26 +11,30 @@ metadata:
container.seccomp.security.alpha.kubernetes.io/step-build-and-push: unconfined
spec:
parameters:
- name: build-args
description: "The values for the ARGs in the Dockerfile. Values must be in the format KEY=VALUE."
type: array
defaults: []
- name: cache
description: "Configure BuildKit's cache usage. Allowed values are 'disabled' and 'registry'. The default is 'registry'."
type: string
default: registry
- name: platforms
description: "Build the image for different platforms. By default, the image is built for the platform used by the FROM image. If that is present for multiple platforms, then it is built for the environment's platform."
type: array
defaults: []
- name: secrets
description: "The secrets to pass to the build. Values must be in the format ID=FILE_CONTENT."
type: array
defaults: []
- name: dockerfile
description: The path to the Dockerfile to be used for building the image.
type: string
default: "Dockerfile"
- name: build-args
description: "The values for the ARGs in the Dockerfile. Values must be in the format KEY=VALUE."
type: array
defaults: []
- name: cache
description: "Configure BuildKit's cache usage. Allowed values are 'disabled' and 'registry'. The default is 'registry'."
type: string
default: registry
- name: dockerfile
description: The path to the Dockerfile to be used for building the image.
type: string
default: Dockerfile
- name: platforms
description: "Build the image for different platforms. By default, the image is built for the platform used by the FROM image. If that is present for multiple platforms, then it is built for the environment's platform."
type: array
defaults: []
- name: secrets
description: "The secrets to pass to the build. Values must be in the format ID=FILE_CONTENT."
type: array
defaults: []
- name: target
description: "Sets the target stage to be built."
type: string
default: ""
steps:
- name: build-and-push
image: moby/buildkit:v0.17.0-rootless
Expand All @@ -43,25 +47,27 @@ spec:
- SETUID
workingDir: $(params.shp-source-root)
env:
- name: DOCKER_CONFIG
value: /tekton/home/.docker
- name: HOME
value: /tekton/home
# See https://github.com/moby/buildkit/blob/master/docs/rootless.md#about---oci-worker-no-process-sandbox for more information
- name: BUILDKITD_FLAGS
value: --oci-worker-no-process-sandbox
- name: PARAM_SOURCE_CONTEXT
value: $(params.shp-source-context)
- name: PARAM_DOCKERFILE
value: $(params.dockerfile)
- name: PARAM_OUTPUT_DIRECTORY
value: $(params.shp-output-directory)
- name: PARAM_OUTPUT_IMAGE
value: $(params.shp-output-image)
- name: PARAM_OUTPUT_INSECURE
value: $(params.shp-output-insecure)
- name: PARAM_CACHE
value: $(params.cache)
- name: DOCKER_CONFIG
value: /tekton/home/.docker
- name: HOME
value: /tekton/home
# See https://github.com/moby/buildkit/blob/master/docs/rootless.md#about---oci-worker-no-process-sandbox for more information
- name: BUILDKITD_FLAGS
value: --oci-worker-no-process-sandbox
- name: PARAM_SOURCE_CONTEXT
value: $(params.shp-source-context)
- name: PARAM_DOCKERFILE
value: $(params.dockerfile)
- name: PARAM_OUTPUT_DIRECTORY
value: $(params.shp-output-directory)
- name: PARAM_OUTPUT_IMAGE
value: $(params.shp-output-image)
- name: PARAM_OUTPUT_INSECURE
value: $(params.shp-output-insecure)
- name: PARAM_CACHE
value: $(params.cache)
- name: PARAM_TARGET
value: $(params.target)
command:
- /bin/ash
args:
Expand Down Expand Up @@ -112,6 +118,9 @@ spec:
echo -n "An invalid value for the parameter 'cache' has been provided: '${PARAM_CACHE}'. Allowed values are 'disabled' and 'registry'." > '$(results.shp-error-message.path)'
exit 1
fi
if [ "${PARAM_TARGET}" != "" ]; then
echo "--opt=target=${PARAM_TARGET} \\" >> /tmp/run.sh
fi
stage=""
platforms=""
Expand Down
14 changes: 10 additions & 4 deletions samples/v1beta1/buildstrategy/kaniko/buildstrategy_kaniko_cr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ spec:
- --no-push
- --tar-path
- $(params.shp-output-directory)/image.tar
- --target
- $(params.target)
# https://github.com/GoogleContainerTools/kaniko/issues/2164
- --ignore-path
- /product_uuid
Expand All @@ -52,10 +54,14 @@ spec:
cpu: 250m
memory: 65Mi
parameters:
- name: dockerfile
description: The path to the Dockerfile to be used for building the image.
type: string
default: "Dockerfile"
- name: dockerfile
description: The path to the Dockerfile to be used for building the image.
type: string
default: "Dockerfile"
- name: target
description: "Sets the target stage to be built."
type: string
default: ""
securityContext:
runAsUser: 0
runAsGroup: 0

0 comments on commit a0da3ca

Please sign in to comment.