-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Codify the creation of test containers #16
base: main
Are you sure you want to change the base?
Codify the creation of test containers #16
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Triggering suggestion
@@ -0,0 +1,55 @@ | |||
name: Build Test Containers | |||
run-name: Build Test Containers | |||
on: [push] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we add the option to manually trigger them? e.g. if we might want to re-gen them to check the e2e process is still working? Also we might only want to run this automatically if a related file changes if we end up using this repo for other thing?
on: [push] | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- 'main' | |
paths: | |
- 'container-images' | |
- '.github/workflows/build-test-containers.yaml' |
7daf8e0
to
e395f98
Compare
Logging some conclusions from our CI meeting on Oct 16:
|
e395f98
to
c81c9e6
Compare
Signed-off-by: Chris Porter <porter@ibm.com>
c81c9e6
to
0db0a48
Compare
Hi, here are the code changes for building and pushing an image for diff --git a/.github/workflows/build-test-containers.yaml b/.github/workflows/build-test-containers.yaml
index 16474c0..bfd5bdc 100644
--- a/.github/workflows/build-test-containers.yaml
+++ b/.github/workflows/build-test-containers.yaml
@@ -13,6 +13,12 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
+
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v3
+ - name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+
- name: Check out guest-components
uses: actions/checkout@v4
with:
diff --git a/container-images/Makefile b/container-images/Makefile
index fb0b10b..2b1f089 100644
--- a/container-images/Makefile
+++ b/container-images/Makefile
@@ -19,6 +19,22 @@ busybox
SHELL=/bin/bash
+PLATFORMS := linux/amd64 linux/s390x
+
+define build_and_push_image
+ @for platform in $(PLATFORMS); do \
+ image_name="$(1)"; \
+ if [ "$$platform" = "linux/s390x" ]; then \
+ image_name="$(1)-s390x"; \
+ fi; \
+ echo "Building for $$platform with image name $$image_name..."; \
+ docker buildx build \
+ -t $$image_name \
+ -f $(2) \
+ --platform $$platform --provenance=false --load $(3); \
+ docker push $$image_name; \
+ done
+endef
# FIXME need to choose sane package URLs/names/tags
COCO_PKG=bbolroc/test-container
@@ -39,19 +55,11 @@ all: \
unsig:
- docker build \
- -t ghcr.io/$(COCO_PKG):unsig \
- -f dockerfiles/alpine-with-sshd/Dockerfile \
- .
- docker push ghcr.io/$(COCO_PKG):unsig
+ $(call build_and_push_image,ghcr.io/$(COCO_PKG):unsig,dockerfiles/alpine-with-sshd/Dockerfile,.)
cosign-sig:
- docker build \
- -t ghcr.io/$(COCO_PKG):cosign-sig \
- -f dockerfiles/alpine-with-sshd/Dockerfile \
- .
- docker push ghcr.io/$(COCO_PKG):cosign-sig
+ $(call build_and_push_image,ghcr.io/$(COCO_PKG):cosign-sig,dockerfiles/alpine-with-sshd/Dockerfile,.)
# FIXME Replace expect script with something better
${CURDIR}/scripts/make-cosign-sig.exp $(COCO_PKG) cosign-sig
@@ -96,11 +104,7 @@ enc-cosign-sig: cosign-sig
test-container-unencrypted:
- docker build \
- -t ghcr.io/$(COCO_PKG):unencrypted \
- -f dockerfiles/alpine-with-sshd/Dockerfile \
- .
- docker push ghcr.io/$(COCO_PKG):unencrypted
+ $(call build_and_push_image,ghcr.io/$(COCO_PKG):unencrypted,dockerfiles/alpine-with-sshd/Dockerfile,.)
# NOTE: see enc-unsig about coco-keyprovider
@@ -114,5 +118,4 @@ test-container-encrypted: test-container-unencrypted
busybox:
- docker build -t ghcr.io/$(COCO_PKG_IMGRS):busybox dockerfiles/busybox
- docker push ghcr.io/$(COCO_PKG_IMGRS):busybox
+ $(call build_and_push_image,ghcr.io/$(COCO_PKG_IMGRS):busybox,dockerfiles/busybox/Dockerfile,dockerfiles/busybox) The workflow has been verified at https://github.com/BbolroC/coco-infra/actions/runs/11611371527 Feel free to make changes as needed. Thanks! |
Oh, I have realized that I missed building a s390x rust binary. I will update that part soon. Thanks! My bad. It does not look to build a |
Not ready for review.
Meant as a starting point to address:
kata-containers/kata-containers#9360
Open topics for this draft: