Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor the prow/cmd Dockerfiles to use shared base Dockerfiles #4900

Merged
merged 2 commits into from
Oct 5, 2017
Merged

Refactor the prow/cmd Dockerfiles to use shared base Dockerfiles #4900

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
34ded41
Refactor the Dockerfiles to use shared base Dockerfiles for common fu…
mattmoor Oct 5, 2017
6628ce7
Move image directories based on review feedback.
mattmoor Oct 5, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 17 additions & 9 deletions prow/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,15 @@ test:

.PHONY: update-config update-plugins build test get-cluster-credentials

hook-image:
alpine-image:
docker build -t "$(REGISTRY)/$(PROJECT)/alpine" $(DOCKER_LABELS) cmd/images/alpine
$(PUSH) "$(REGISTRY)/$(PROJECT)/alpine"

git-image: alpine-image
docker build -t "$(REGISTRY)/$(PROJECT)/git" $(DOCKER_LABELS) cmd/images/git
$(PUSH) "$(REGISTRY)/$(PROJECT)/git"

hook-image: git-image
CGO_ENABLED=0 go build -o cmd/hook/hook k8s.io/test-infra/prow/cmd/hook
docker build -t "$(REGISTRY)/$(PROJECT)/hook:$(HOOK_VERSION)" $(DOCKER_LABELS) cmd/hook
$(PUSH) "$(REGISTRY)/$(PROJECT)/hook:$(HOOK_VERSION)"
Expand All @@ -68,15 +76,15 @@ hook-deployment: get-cluster-credentials
hook-service: get-cluster-credentials
kubectl apply -f cluster/hook_service.yaml

sinker-image:
sinker-image: alpine-image
CGO_ENABLED=0 go build -o cmd/sinker/sinker k8s.io/test-infra/prow/cmd/sinker
docker build -t "$(REGISTRY)/$(PROJECT)/sinker:$(SINKER_VERSION)" $(DOCKER_LABELS) cmd/sinker
$(PUSH) "$(REGISTRY)/$(PROJECT)/sinker:$(SINKER_VERSION)"

sinker-deployment: get-cluster-credentials
kubectl apply -f cluster/sinker_deployment.yaml

deck-image:
deck-image: alpine-image
CGO_ENABLED=0 go build -o cmd/deck/deck k8s.io/test-infra/prow/cmd/deck
docker build -t "$(REGISTRY)/$(PROJECT)/deck:$(DECK_VERSION)" $(DOCKER_LABELS) cmd/deck
$(PUSH) "$(REGISTRY)/$(PROJECT)/deck:$(DECK_VERSION)"
Expand All @@ -87,15 +95,15 @@ deck-deployment: get-cluster-credentials
deck-service: get-cluster-credentials
kubectl apply -f cluster/deck_service.yaml

splice-image:
splice-image: git-image
CGO_ENABLED=0 go build -o cmd/splice/splice k8s.io/test-infra/prow/cmd/splice
docker build -t "$(REGISTRY)/$(PROJECT)/splice:$(SPLICE_VERSION)" $(DOCKER_LABELS) cmd/splice
$(PUSH) "$(REGISTRY)/$(PROJECT)/splice:$(SPLICE_VERSION)"

splice-deployment: get-cluster-credentials
kubectl apply -f cluster/splice_deployment.yaml

tot-image:
tot-image: alpine-image
CGO_ENABLED=0 go build -o cmd/tot/tot k8s.io/test-infra/prow/cmd/tot
docker build -t "$(REGISTRY)/$(PROJECT)/tot:$(TOT_VERSION)" $(DOCKER_LABELS) cmd/tot
$(PUSH) "$(REGISTRY)/$(PROJECT)/tot:$(TOT_VERSION)"
Expand All @@ -106,31 +114,31 @@ tot-deployment: get-cluster-credentials
tot-service: get-cluster-credentials
kubectl apply -f cluster/tot_service.yaml

horologium-image:
horologium-image: alpine-image
CGO_ENABLED=0 go build -o cmd/horologium/horologium k8s.io/test-infra/prow/cmd/horologium
docker build -t "$(REGISTRY)/$(PROJECT)/horologium:$(HOROLOGIUM_VERSION)" $(DOCKER_LABELS) cmd/horologium
$(PUSH) "$(REGISTRY)/$(PROJECT)/horologium:$(HOROLOGIUM_VERSION)"

horologium-deployment: get-cluster-credentials
kubectl apply -f cluster/horologium_deployment.yaml

plank-image:
plank-image: alpine-image
CGO_ENABLED=0 go build -o cmd/plank/plank k8s.io/test-infra/prow/cmd/plank
docker build -t "$(REGISTRY)/$(PROJECT)/plank:$(PLANK_VERSION)" $(DOCKER_LABELS) cmd/plank
$(PUSH) "$(REGISTRY)/$(PROJECT)/plank:$(PLANK_VERSION)"

plank-deployment: get-cluster-credentials
kubectl apply -f cluster/plank_deployment.yaml

jenkins-operator-image:
jenkins-operator-image: alpine-image
CGO_ENABLED=0 go build -o cmd/jenkins-operator/jenkins-operator k8s.io/test-infra/prow/cmd/jenkins-operator
docker build -t "$(REGISTRY)/$(PROJECT)/jenkins-operator:$(JENKINS_VERSION)" $(DOCKER_LABELS) cmd/jenkins-operator
$(PUSH) "$(REGISTRY)/$(PROJECT)/jenkins-operator:$(JENKINS_VERSION)"

jenkins-operator-deployment: get-cluster-credentials
kubectl apply -f cluster/jenkins_deployment.yaml

tide-image:
tide-image: git-image
CGO_ENABLED=0 go build -o cmd/tide/tide k8s.io/test-infra/prow/cmd/tide
docker build -t "$(REGISTRY)/$(PROJECT)/tide:$(TIDE_VERSION)" $(DOCKER_LABELS) cmd/tide
$(PUSH) "$(REGISTRY)/$(PROJECT)/tide:$(TIDE_VERSION)"
Expand Down
4 changes: 1 addition & 3 deletions prow/cmd/deck/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,9 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
MAINTAINER spxtr@google.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY deck /deck
COPY static /static
ENTRYPOINT ["/deck"]
4 changes: 1 addition & 3 deletions prow/cmd/hook/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/git
MAINTAINER spxtr@google.com

RUN apk add --no-cache git ca-certificates && update-ca-certificates

COPY hook /hook
ENTRYPOINT ["/hook"]
4 changes: 1 addition & 3 deletions prow/cmd/horologium/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
MAINTAINER spxtr@google.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY horologium /horologium
ENTRYPOINT ["/horologium"]
17 changes: 17 additions & 0 deletions prow/cmd/images/alpine/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6

RUN apk add --no-cache ca-certificates && update-ca-certificates
17 changes: 17 additions & 0 deletions prow/cmd/images/git/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Copyright 2016 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM gcr.io/k8s-prow/alpine

RUN apk add --no-cache git
4 changes: 1 addition & 3 deletions prow/cmd/jenkins-operator/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These don't have any sort of version tag on them. How will we bump to 3.7 when it's time?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm happy to put in a 3.6, but wasn't sure what you'd want for git?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can version the images separately from both alpine and git. I'm mainly afraid of confusions that come about when you rely on :latest.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a parallel here to what's called out in "Building images" here.

I was talking to someone about this this morning, and frankly it's a weakness docker_build does not share because the base image intermediate artifact is expressed declaratively, but via an explicit def/use.

In the case of that post, you'd express FROM as:

docker_build(
   ...
  base = "//livegrep/base",
   ...
)

This is even easier with lang_image because it is containerization that "just works" (once you get Bazel to work), in their case they mention C++ and Go:

cc_image(   # same signature as cc_binary
   ...
  base = "//livegrep/base",  # doesn't have to be distroless!
  ...
)

go_image(   # same signature as go_binary
   ...
  base = "//livegrep/base",  # doesn't have to be distroless!
   ...
)

Once we get these base images published, my next PR was going to be to give you guys go_image with these base images, after which I can give you rules_k8s for the starter cluster.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Neat. Does it statically compile the go binary? Alpine doesn't have glibc and that can cause issues.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, but now that I see go_binary has added support for static linking I can add support for that. By default we use gcr.io/distroless/base which has glibc, ca-certs and a handful of other generally necessary things (e.g. tzdata, a /tmp directory, ...).

Perhaps I will add a :foo.static target that does what go_image does, but includes the static binary version of the image (this is how rules_go does this).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ugh, nevermind. Nothing is easy. (╯°□°)╯︵ ┻━┻

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, I'm just going to add build --features=static and run --features=static to .bazelrc :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, I sent a PR to make Bazel build static Go binaries in this repo (needs an update to rules_go). That should unblock putting these binaries onto the Alpine base images.

MAINTAINER mkargaki@redhat.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY jenkins-operator /jenkins-operator
ENTRYPOINT ["/jenkins-operator"]
4 changes: 1 addition & 3 deletions prow/cmd/plank/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
MAINTAINER spxtr@google.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY plank /plank
ENTRYPOINT ["/plank"]
4 changes: 1 addition & 3 deletions prow/cmd/sinker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
MAINTAINER spxtr@google.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY sinker /sinker
ENTRYPOINT ["/sinker"]
7 changes: 1 addition & 6 deletions prow/cmd/splice/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/git
MAINTAINER rmmh@google.com

RUN apk update && apk add --no-cache \
ca-certificates \
git \
&& update-ca-certificates

COPY splice /splice
ENTRYPOINT ["/splice"]
4 changes: 1 addition & 3 deletions prow/cmd/tide/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/git
MAINTAINER spxtr@google.com

RUN apk add --no-cache git ca-certificates && update-ca-certificates

COPY tide /tide
ENTRYPOINT ["/tide"]
4 changes: 1 addition & 3 deletions prow/cmd/tot/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,8 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM alpine:3.6
FROM gcr.io/k8s-prow/alpine
MAINTAINER rmmh@google.com

RUN apk add --no-cache ca-certificates && update-ca-certificates

COPY tot /tot
ENTRYPOINT ["/tot"]