diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b3538d86f6ecc8e92448eec0df225948cf16a0cb..27e9b87b080675c7fc71960c6422a95c00aa6382 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -750,72 +750,68 @@ lava-badge:
needs: [lava-report]
extends: .lava-badge
-.build-with-kaniko:
+.build-with-buildkit:
stage: build
tags:
- origin:eclipse
- ctx:oniro-group
image:
- name: gcr.io/kaniko-project/executor:debug
+ name: eclipsefdn/containertools
entrypoint: [""]
+ variables:
+ SERVICE_ADDRESS: "tcp://buildkitd.foundation-internal-infra-buildkitd:1234"
script:
- - test -n "$CI_ONIRO_REGISTRY" || (
- echo "CI_ONIRO_REGISTRY not provided. Docker registry deployment can not continue."
+ - test -n "$CI_REGISTRY" || (
+ echo "CI_REGISTRY not provided. Docker registry deployment can not continue."
&& exit 1 )
- - test -n "$CI_ONIRO_REGISTRY_IMAGE" || (
- echo "CI_ONIRO_REGISTRY_IMAGE not provided. Docker registry deployment can not continue."
+ - test -n "$CI_REGISTRY_IMAGE" || (
+ echo "CI_REGISTRY_IMAGE not provided. Docker registry deployment can not continue."
&& exit 1 )
- - test -n "$CI_ONIRO_REGISTRY_USER" || (
- echo "CI_ONIRO_REGISTRY_USER not provided. Docker registry deployment can not continue."
+ - test -n "$CI_REGISTRY_USER" || (
+ echo "CI_REGISTRY_USER not provided. Docker registry deployment can not continue."
&& exit 1 )
- - test -n "$CI_ONIRO_REGISTRY_TOKEN" || (
- echo "CI_ONIRO_REGISTRY_TOKEN not provided. Docker registry deployment can not continue."
+ - test -n "$CI_REGISTRY_PASSWORD" || (
+ echo "CI_REGISTRY_PASSWORD not provided. Docker registry deployment can not continue."
&& exit 1 )
- |
set -xe
- mkdir -p /kaniko/.docker
- printf '{"auths":{"%s":{"auth":"%s"}}}\n' "$CI_ONIRO_REGISTRY" "$(printf '%s:%s' "$CI_ONIRO_REGISTRY_USER" "$CI_ONIRO_REGISTRY_TOKEN" | base64)" > /kaniko/.docker/config.json
+ export HOME=$CI_PROJECT_DIR
+ crane auth login "$CI_REGISTRY" --username "$CI_REGISTRY_USER" --password "$CI_REGISTRY_PASSWORD"
BUILD_DATE="$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')" #rfc 3339 date
BUILD_TITLE=$(echo "$CI_PROJECT_TITLE" | tr " " "_")
- IMAGE_LABELS="$(cat <<EOM
- --label build-date=$BUILD_DATE
- --label com.gitlab.ci.cijoburl=$CI_JOB_URL
- --label com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA
- --label com.gitlab.ci.email=$GITLAB_USER_EMAIL
- --label com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID
- --label com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL
- --label com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME
- --label com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN
- --label org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN
- --label org.opencontainers.image.created=$BUILD_DATE
- --label org.opencontainers.image.description=$BUILD_TITLE
- --label org.opencontainers.image.documentation=$CI_PROJECT_URL
- --label org.opencontainers.image.licenses=$CI_PROJECT_URL
- --label org.opencontainers.image.ref.name=$CI_ONIRO_REGISTRY:$CI_COMMIT_REF_NAME
- --label org.opencontainers.image.revision=$CI_COMMIT_SHA
- --label org.opencontainers.image.source=$CI_PROJECT_URL
- --label org.opencontainers.image.title=$BUILD_TITLE
- --label org.opencontainers.image.url=$CI_PROJECT_URL
- --label org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN
- --label org.opencontainers.image.version=$CI_COMMIT_TAG
- --label vcs-url=$CI_PROJECT_URL
- EOM
- )"
-
- ADDITIONAL_TAG_LIST="$CI_COMMIT_REF_NAME $CI_COMMIT_SHORT_SHA"
- if [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then
- ADDITIONAL_TAG_LIST="$ADDITIONAL_TAG_LIST latest";
- fi
-
- if [ -n "$ADDITIONAL_TAG_LIST" ]; then
- for TAG in $ADDITIONAL_TAG_LIST; do
- FORMATTED_TAG_LIST="$FORMATTED_TAG_LIST --tag $CI_REGISTRY_IMAGE:$TAG "
- done
- fi
- FORMATTED_TAG_LIST="$(echo "$FORMATTED_TAG_LIST" | sed -e 's/--tag/--destination/g')"
-
- echo "Building and shipping image to $CI_ONIRO_REGISTRY"
- exec /kaniko/executor --context "$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" --dockerfile "$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH/Dockerfile" --destination $CI_ONIRO_REGISTRY_IMAGE/$CONTAINER_PATH $IMAGE_LABELS
+ IMAGE_ANNOTATIONS="annotation.build-date=$BUILD_DATE,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.cijoburl=$CI_JOB_URL,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.email=$GITLAB_USER_EMAIL,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME,"
+ IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.created=$BUILD_DATE,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.description=$BUILD_TITLE,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.documentation=$CI_PROJECT_URL,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.licenses=$CI_PROJECT_URL,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.ref.name=$CI_REGISTRY:$CI_COMMIT_REF_NAME,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.revision=$CI_COMMIT_SHA,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.source=$CI_PROJECT_URL,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.title=$BUILD_TITLE,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.url=$CI_PROJECT_URL,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN,"
+ IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.version=$CI_COMMIT_TAG,"
+ IMAGE_ANNOTATIONS+="annotation.vcs-url=$CI_PROJECT_URL"
+
+ echo "Building and shipping image to $CI_REGISTRY"
+ OUTPUT="$CONTAINER_PATH.tar"
+ buildctl --addr="$SERVICE_ADDRESS" \
+ build \
+ --progress=plain \
+ --frontend=dockerfile.v0 \
+ --local context="$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" \
+ --local dockerfile="$CI_PROJECT_DIR/.oniro-ci/containers/$CONTAINER_PATH" \
+ --output "type=oci,$IMAGE_ANNOTATIONS,dest=$OUTPUT"
+ crane push "$OUTPUT" "$CI_REGISTRY_IMAGE/$CONTAINER_PATH"
+ crane tag "$CI_REGISTRY_IMAGE/$CONTAINER_PATH" "latest"
rules:
- if: $CI_PIPELINE_SOURCE == "schedule"
when: never
@@ -827,12 +823,12 @@ lava-badge:
- .oniro-ci/containers/$CONTAINER_PATH/*
build-bitbake-builder:
- extends: .build-with-kaniko
+ extends: .build-with-buildkit
variables:
CONTAINER_PATH: bitbake-builder
build-docs-builder:
- extends: .build-with-kaniko
+ extends: .build-with-buildkit
variables:
CONTAINER_PATH: docs-builder
@@ -843,12 +839,12 @@ build-dco-check:
CONTAINER_PATH: dco-check
build-reuse:
- extends: .build-with-kaniko
+ extends: .build-with-buildkit
variables:
CONTAINER_PATH: reuse
build-npm-cspell:
- extends: .build-with-kaniko
+ extends: .build-with-buildkit
variables:
CONTAINER_PATH: npm-cspell