diff --git a/.gitlab-ci/container.yml b/.gitlab-ci/container.yml index ef36eb5dd83ec6e57355ae66476212730983f1ff..a52c0255b113be5f8d07f54d7fac543033bfaa34 100644 --- a/.gitlab-ci/container.yml +++ b/.gitlab-ci/container.yml @@ -17,59 +17,79 @@ variables: BITBAKE_CONTAINER_VERSION: "0.8" OPENHARMONY_CONTAINER_VERSION: "0.1" -.kaniko: +.buildkit: stage: container - rules: - - if: $CI_REGISTRY && $CI_REGISTRY_USER && $CI_REGISTRY_PASSWORD && $CI_REGISTRY_IMAGE - changes: - - .gitlab-ci/container.yml - - .gitlab-ci/container/$CONTAINER_PATH/** image: - name: gcr.io/kaniko-project/executor:debug + name: eclipsefdn/containertools entrypoint: [""] variables: CONTAINER_DOCKERFILE: Dockerfile - tags: - - cpu.light + SERVICE_ADDRESS: "tcp://buildkitd.foundation-internal-infra-buildkitd:1234" script: + - test -n "$CI_REGISTRY" || ( + echo "CI_REGISTRY not provided. Docker registry deployment can not continue." + && exit 1 ) + - test -n "$CI_REGISTRY_IMAGE" || ( + echo "CI_REGISTRY_IMAGE not provided. Docker registry deployment can not continue." + && exit 1 ) + - test -n "$CI_REGISTRY_USER" || ( + echo "CI_REGISTRY_USER not provided. Docker registry deployment can not continue." + && exit 1 ) + - test -n "$CI_REGISTRY_PASSWORD" || ( + echo "CI_REGISTRY_PASSWORD not provided. Docker registry deployment can not continue." + && exit 1 ) + - set -xe - CONTEXT="$CI_PROJECT_DIR/.gitlab-ci/container/$CONTAINER_PATH" - DOCKERFILE="$CONTEXT/$CONTAINER_DOCKERFILE" - if [ -n "$CONTAINER_FROM" ] ; then sed -e "s|^FROM .*|FROM $CI_REGISTRY_IMAGE/$CONTAINER_FROM:$CONTAINER_VERSION|" -i "$DOCKERFILE" ; fi - - mkdir -p /kaniko/.docker - - printf '{"auths":{"%s":{"auth":"%s"}}}\n' "$CI_REGISTRY" "$(printf '%s:%s' "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64)" > /kaniko/.docker/config.json - - BUILD_DATE="$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')" #rfc 3339 date - - BUILD_TITLE=$(echo "$CI_PROJECT_TITLE" | tr " " "_") - - IMAGE_LABELS="--label build-date=$BUILD_DATE - --label com.gitlab.ci.cijoburl=$CI_JOB_URL - --label com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA - --label com.gitlab.ci.email=$GITLAB_USER_EMAIL - --label com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID - --label com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL - --label com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME - --label com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.created=$BUILD_DATE - --label org.opencontainers.image.description=$BUILD_TITLE - --label org.opencontainers.image.documentation=$CI_PROJECT_URL - --label org.opencontainers.image.licenses=$CI_PROJECT_URL - --label org.opencontainers.image.ref.name=$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME - --label org.opencontainers.image.revision=$CI_COMMIT_SHA - --label org.opencontainers.image.source=$CI_PROJECT_URL - --label org.opencontainers.image.title=$BUILD_TITLE - --label org.opencontainers.image.url=$CI_PROJECT_URL - --label org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN - --label org.opencontainers.image.version=$CI_COMMIT_TAG - --label vcs-url=$CI_PROJECT_URL" - - echo "Building and shipping image to $CI_REGISTRY_IMAGE" - - exec /kaniko/executor --cache=true - --context "$CONTEXT" --dockerfile "$DOCKERFILE" - --destination "$CI_REGISTRY_IMAGE/$CONTAINER_NAME:$CONTAINER_VERSION" + - | + export HOME=$CI_PROJECT_DIR + crane auth login "$CI_REGISTRY" --username "$CI_REGISTRY_USER" --password "$CI_REGISTRY_PASSWORD" + BUILD_DATE="$(date '+%FT%T%z' | sed -E -n 's/(\+[0-9]{2})([0-9]{2})$/\1:\2/p')" #rfc 3339 date + BUILD_TITLE=$(echo "$CI_PROJECT_TITLE" | tr " " "_") + IMAGE_ANNOTATIONS="annotation.build-date=$BUILD_DATE," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.cijoburl=$CI_JOB_URL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.commiturl=$CI_PROJECT_URL/commit/$CI_COMMIT_SHA," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.email=$GITLAB_USER_EMAIL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.mrurl=$CI_PROJECT_URL/-/merge_requests/$CI_MERGE_REQUEST_ID," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.pipelineurl=$CI_PIPELINE_URL," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.tagorbranch=$CI_COMMIT_REF_NAME," + IMAGE_ANNOTATIONS+="annotation.com.gitlab.ci.user=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.authors=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.created=$BUILD_DATE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.description=$BUILD_TITLE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.documentation=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.licenses=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.ref.name=$CI_REGISTRY:$CI_COMMIT_REF_NAME," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.revision=$CI_COMMIT_SHA," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.source=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.title=$BUILD_TITLE," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.url=$CI_PROJECT_URL," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.vendor=$CI_SERVER_URL/$GITLAB_USER_LOGIN," + IMAGE_ANNOTATIONS+="annotation.org.opencontainers.image.version=$CI_COMMIT_TAG," + IMAGE_ANNOTATIONS+="annotation.vcs-url=$CI_PROJECT_URL" + + echo "Building and shipping image to $CI_REGISTRY" + OUTPUT="$CONTAINER_NAME.tar" + buildctl --addr="$SERVICE_ADDRESS" \ + build \ + --progress=plain \ + --frontend=dockerfile.v0 \ + --local context="$CONTEXT" \ + --local dockerfile="$CONTEXT" \ + --output "type=oci,$IMAGE_ANNOTATIONS,dest=$OUTPUT" + crane push "$OUTPUT" "$CI_REGISTRY_IMAGE/$CONTAINER_NAME" + crane tag "$CI_REGISTRY_IMAGE/$CONTAINER_NAME" "$CONTAINER_VERSION" + rules: + - changes: + - .gitlab-ci/container.yml + - .gitlab-ci/container/$CONTAINER_PATH/** bitbake-builder: - extends: .kaniko + extends: .buildkit variables: CONTAINER_NAME: bitbake-builder CONTAINER_VERSION: $BITBAKE_CONTAINER_VERSION @@ -86,7 +106,7 @@ bitbake-toolbox: artifacts: false openharmony-builder: - extends: .kaniko + extends: .buildkit variables: CONTAINER_NAME: openharmony-builder CONTAINER_VERSION: $OPENHARMONY_CONTAINER_VERSION