diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b3538d86f6ecc8e92448eec0df225948cf16a0cb..27e9b87b080675c7fc71960c6422a95c00aa6382 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -750,72 +750,68 @@ lava-badge: needs: [lava-report] extends: .lava-badge -.build-with-kaniko: +.build-with-buildkit: stage: build tags: - origin:eclipse - ctx:oniro-group image: - name: gcr.io/kaniko-project/executor:debug + name: eclipsefdn/containertools entrypoint: [""] + variables: + SERVICE_ADDRESS: "tcp://buildkitd.foundation-internal-infra-buildkitd:1234" script: - - test -n "$CI_ONIRO_REGISTRY" || ( - echo "CI_ONIRO_REGISTRY not provided. Docker registry deployment can not continue." + - test -n "$CI_REGISTRY" || ( + echo "CI_REGISTRY not provided. Docker registry deployment can not continue." && exit 1 ) - - test -n "$CI_ONIRO_REGISTRY_IMAGE" || ( - echo "CI_ONIRO_REGISTRY_IMAGE not provided. Docker registry deployment can not continue." + - test -n "$CI_REGISTRY_IMAGE" || ( + echo "CI_REGISTRY_IMAGE not provided. Docker registry deployment can not continue." && exit 1 ) - - test -n "$CI_ONIRO_REGISTRY_USER" || ( - echo "CI_ONIRO_REGISTRY_USER not provided. Docker registry deployment can not continue." + - test -n "$CI_REGISTRY_USER" || ( + echo "CI_REGISTRY_USER not provided. Docker registry deployment can not continue." && exit 1 ) - - test -n "$CI_ONIRO_REGISTRY_TOKEN" || ( - echo "CI_ONIRO_REGISTRY_TOKEN not provided. Docker registry deployment can not continue." + - test -n "$CI_REGISTRY_PASSWORD" || ( + echo "CI_REGISTRY_PASSWORD not provided. Docker registry deployment can not continue." && exit 1 ) - | set -xe - mkdir -p /kaniko/.docker - printf '{"auths":{"%s":{"auth":"%s"}}}\n' "$CI_ONIRO_REGISTRY" "$(printf '%s:%s' "$CI_ONIRO_REGISTRY_USER" "$CI_ONIRO_REGISTRY_TOKEN" | base64)" > /kaniko/.docker/config.json + export HOME=$CI_PROJECT_DIR + crane auth login "$CI_REGISTRY" --username "$CI_REGISTRY_USER" --password "$CI_REGISTRY_PASSWORD" BUILD_DATE="$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')" #rfc 3339 date BUILD_TITLE=$(echo "$CI_PROJECT_TITLE" | tr " " "_") - IMAGE_LABELS="$(cat <<EOM - --label build-date=$BUILD_DATE - --label com.gitlab.ci.cijoburl=$CI_JOB_URL - --label com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA - --label com.gitlab.ci.email=$GITLAB_USER_EMAIL - --label com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID - --label com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL - --label com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME - --label com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.created=$BUILD_DATE - --label org.opencontainers.image.description=$BUILD_TITLE - --label org.opencontainers.image.documentation=$CI_PROJECT_URL - --label org.opencontainers.image.licenses=$CI_PROJECT_URL - --label org.opencontainers.image.ref.name=$CI_ONIRO_REGISTRY:$CI_COMMIT_REF_NAME - --label org.opencontainers.image.revision=$CI_COMMIT_SHA - --label org.opencontainers.image.source=$CI_PROJECT_URL - --label org.opencontainers.image.title=$BUILD_TITLE - --label org.opencontainers.image.url=$CI_PROJECT_URL - --label org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.version=$CI_COMMIT_TAG - --label vcs-url=$CI_PROJECT_URL - EOM - )" - - ADDITIONAL_TAG_LIST="$CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA" - if [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then - ADDITIONAL_TAG_LIST="$ADDITIONAL_TAG_LIST latest"; - fi - - if [ -n "$ADDITIONAL_TAG_LIST" ]; then - for TAG in $ADDITIONAL_TAG_LIST; do - FORMATTED_TAG_LIST="$FORMATTED_TAG_LIST --tag $CI_REGISTRY_IMAGE:$TAG " - done - fi - FORMATTED_TAG_LIST="$(echo "$FORMATTED_TAG_LIST" | sed -e 's/--tag/--destination/g')" - - echo "Building and shipping image to $CI_ONIRO_REGISTRY" - exec /kaniko/executor --context "$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" --dockerfile "$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH/Dockerfile" --destination $CI_ONIRO_REGISTRY_IMAGE/$CONTAINER_PATH $IMAGE_LABELS + IMAGE_ANNOTATIONS="annotation.build-date=$BUILD_DATE," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.cijoburl=$CI_JOB_URL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.email=$GITLAB_USER_EMAIL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.created=$BUILD_DATE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.description=$BUILD_TITLE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.documentation=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.licenses=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.ref.name=$CI_REGISTRY:$CI_COMMIT_REF_NAME," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.revision=$CI_COMMIT_SHA," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.source=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.title=$BUILD_TITLE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.url=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.version=$CI_COMMIT_TAG," + IMAGE_ANNOTATIONS+="annotation.vcs-url=$CI_PROJECT_URL" + + echo "Building and shipping image to $CI_REGISTRY" + OUTPUT="$CONTAINER_PATH.tar" + buildctl --addr="$SERVICE_ADDRESS" \ + build \ + --progress=plain \ + --frontend=dockerfile.v0 \ + --local context="$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" \ + --local dockerfile="$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" \ + --output "type=oci,$IMAGE_ANNOTATIONS,dest=$OUTPUT" + crane push "$OUTPUT" "$CI_REGISTRY_IMAGE/$CONTAINER_PATH" + crane tag "$CI_REGISTRY_IMAGE/$CONTAINER_PATH" "latest" rules: - if: $CI_PIPELINE_SOURCE == "schedule" when: never @@ -827,12 +823,12 @@ lava-badge: - .oniro-ci/containers/$CONTAINER_PATH/* build-bitbake-builder: - extends: .build-with-kaniko + extends: .build-with-buildkit variables: CONTAINER_PATH: bitbake-builder build-docs-builder: - extends: .build-with-kaniko + extends: .build-with-buildkit variables: CONTAINER_PATH: docs-builder @@ -843,12 +839,12 @@ build-dco-check: CONTAINER_PATH: dco-check build-reuse: - extends: .build-with-kaniko + extends: .build-with-buildkit variables: CONTAINER_PATH: reuse build-npm-cspell: - extends: .build-with-kaniko + extends: .build-with-buildkit variables: CONTAINER_PATH: npm-cspell