Skip to content

Commit 46a8207

Browse files
jdorn-gtjdorn-gt
committed
Merge branch 'use-buildah' into 'main'
Replace kaniko with buildah in CI See merge request rewriting/ddisasm!1249
2 parents 549a0ef + c54ce0e commit 46a8207

2 files changed

Lines changed: 56 additions & 77 deletions

File tree

.ci/gitlab-ci.yml

Lines changed: 44 additions & 67 deletions
Original file line numberDiff line numberDiff line change
@@ -90,32 +90,28 @@ default:
9090

9191
.build-ci-image: &build-ci-image
9292
stage: build-images
93-
image:
94-
name: gcr.io/kaniko-project/executor:debug
95-
entrypoint: [""]
93+
image: quay.io/buildah/stable
9694
script:
9795
# Configure authentication credentials for GitLab
96+
- buildah login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
97+
- buildah login -u "$DOCKERHUB_USERNAME" -p "$DOCKERHUB_PASSWORD" https://index.docker.io/v1/
98+
# Build our image (using a cache if available)
9899
- >-
99-
echo "{\"auths\":{
100-
\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"},
101-
\"https://index.docker.io/v1/\":{\"username\":\"$DOCKERHUB_USERNAME\",\"password\":\"$DOCKERHUB_PASSWORD\"}
102-
}}" > /kaniko/.docker/config.json
103-
# Run the kaniko executor, which will build our image (using a cache if available)
100+
buildah build
101+
-f "$CI_PROJECT_DIR/$DOCKERFILE_PATH"
102+
--cache-from "$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME/cache"
103+
--cache-to "$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME/cache"
104+
--layers
105+
--tag "$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME:$IMAGE_TAG"
106+
"$CI_PROJECT_DIR"
104107
# Push to our internal registry
108+
- buildah push "$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME:$IMAGE_TAG"
105109
# If we're on the main branch, also push the latest tag.
106110
- >-
107111
if [ "$CI_COMMIT_BRANCH" = "$CI_DEFAULT_BRANCH" ]; then
108-
export EXTRA_DEST="--destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}/${IMAGE_NAME}:latest"
112+
buildah push "$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME:$IMAGE_TAG" \
113+
"$DOCKER_REGISTRY/$CI_PROJECT_PATH/$IMAGE_NAME:latest"
109114
fi
110-
- >-
111-
/kaniko/executor
112-
--snapshot-mode=redo
113-
--cache=true
114-
--cache-repo=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}/${IMAGE_NAME}/cache
115-
--context=$CI_PROJECT_DIR
116-
--dockerfile=$CI_PROJECT_DIR/$DOCKERFILE_PATH
117-
--destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}/${IMAGE_NAME}:$IMAGE_TAG
118-
$EXTRA_DEST
119115
120116
build-ci-image-conan-ubuntu20:
121117
<<: *build-ci-image
@@ -820,69 +816,50 @@ debian-installer-ubuntu20:
820816
- 'build-ubuntu20-packages'
821817
<<: *debian-installer-ubuntu-template
822818

823-
docker-image-vars:
824-
stage: prebuild
825-
image: $DOCKER_REGISTRY/rewriting/ddisasm/ubuntu20:$IMAGE_TAG
819+
docker-image:
820+
stage: deploy
821+
image: quay.io/buildah/stable
826822
rules:
827823
*run-only-main
828824
script:
829825
- GTIRB_BRANCH=$([[ $CI_COMMIT_REF_NAME =~ ^release-.* ]] && echo "release-$GTIRB_VERSION" || echo "master")
830826
- GTIRB_PPRINTER_BRANCH=$([[ $CI_COMMIT_REF_NAME =~ ^release-.* ]] && echo "release-$GTIRB_PPRINTER_VERSION" || echo "master")
831827
- VERSION=$(awk '{s=(NR==1?s:s".")$2}END{print s}' version.txt)
832-
- echo "GTIRB_BRANCH=$GTIRB_BRANCH" >> .env
833-
- echo "GTIRB_PPRINTER_BRANCH=$GTIRB_PPRINTER_BRANCH" >> .env
834-
- echo "GTIRB_COMMIT=$(git ls-remote https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}/rewriting/gtirb | grep "refs/heads/$GTIRB_BRANCH\$" | awk '{print $1}')" >> .env
835-
- echo "GTIRB_PPRINTER_COMMIT=$(git ls-remote https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}/rewriting/gtirb-pprinter | grep "refs/heads/$GTIRB_PPRINTER_BRANCH\$" | awk '{print $1}')" >> .env
836-
- >-
837-
if [[ $CI_COMMIT_REF_NAME =~ ^release-.* ]]; then
838-
echo "DOCKER_LOCAL_VERSION_DEST=--destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:${VERSION} --destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:latest" >> .env
839-
echo "DOCKER_HUB_VERSION_DEST=--destination=grammatech/ddisasm:${VERSION} --destination=grammatech/ddisasm:latest" >> .env
840-
elif [[ $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH ]]; then
841-
echo "DOCKER_LOCAL_VERSION_DEST=--destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:unstable" >> .env
842-
echo "DOCKER_HUB_VERSION_DEST=--destination=grammatech/ddisasm:unstable" >> .env
843-
else
844-
echo "DOCKER_LOCAL_VERSION_DEST=--destination=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:${CI_COMMIT_REF_SLUG}" >> .env
845-
echo "DOCKER_HUB_VERSION_DEST=" >> .env
846-
fi
847-
- cat .env
848-
artifacts:
849-
reports:
850-
dotenv: .env
851-
852-
docker-image:
853-
stage: deploy
854-
needs:
855-
- job: docker-image-vars
856-
artifacts: true
857-
image:
858-
name: gcr.io/kaniko-project/executor:debug
859-
entrypoint: [""] # Override the image's entrypoint so we can specify our own script
860-
rules:
861-
*run-only-main
862-
script:
828+
- GTIRB_COMMIT=$(git ls-remote https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}/rewriting/gtirb | grep "refs/heads/$GTIRB_BRANCH\$" | awk '{print $1}')
829+
- GTIRB_PPRINTER_COMMIT=$(git ls-remote https://gitlab-ci-token:${CI_JOB_TOKEN}@${CI_SERVER_HOST}/rewriting/gtirb-pprinter | grep "refs/heads/$GTIRB_PPRINTER_BRANCH\$" | awk '{print $1}')
863830
- echo "GTIRB_COMMIT=$GTIRB_COMMIT"
864831
- echo "GTIRB_PPRINTER_COMMIT=$GTIRB_PPRINTER_COMMIT"
865832
# Configure authentication credentials for Docker Hub and GitLab
833+
- buildah login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" "$CI_REGISTRY"
834+
- buildah login -u "$DOCKERHUB_USERNAME" -p "$DOCKERHUB_PASSWORD" https://index.docker.io/v1/
835+
# Build our image (using a cache if available)
866836
- >-
867-
echo "{\"auths\":{
868-
\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"},
869-
\"https://index.docker.io/v1/\":{\"username\":\"$DOCKERHUB_USERNAME\",\"password\":\"$DOCKERHUB_PASSWORD\"}
870-
}}" > /kaniko/.docker/config.json
871-
# Run the kaniko executor, which will build our image (using a cache if available)
872-
# Push to Docker Hub
873-
- >-
874-
/kaniko/executor
875-
--snapshot-mode=redo
876-
--cache=true
877-
--cache-repo=${DOCKER_REGISTRY}/${CI_PROJECT_PATH}/ddisasm/cache
878-
--context=$CI_PROJECT_DIR
837+
buildah build
838+
-f "$CI_PROJECT_DIR/Dockerfile"
839+
--cache-from "$DOCKER_REGISTRY/$CI_PROJECT_PATH/ddisasm/cache"
840+
--cache-to "$DOCKER_REGISTRY/$CI_PROJECT_PATH/ddisasm/cache"
841+
--layers
879842
--build-arg GTIRB_BRANCH=$GTIRB_BRANCH
880843
--build-arg GTIRB_CACHE_KEY=$GTIRB_COMMIT
881844
--build-arg GTIRB_PPRINTER_BRANCH=$GTIRB_PPRINTER_BRANCH
882845
--build-arg GTIRB_PPRINTER_CACHE_KEY=$GTIRB_PPRINTER_COMMIT
883-
--dockerfile=$CI_PROJECT_DIR/Dockerfile
884-
$DOCKER_LOCAL_VERSION_DEST
885-
$DOCKER_HUB_VERSION_DEST
846+
--iidfile iidfile
847+
"$CI_PROJECT_DIR"
848+
# Push to Docker Hub
849+
- |
850+
iid=$(cat iidfile)
851+
if [[ $CI_COMMIT_REF_NAME =~ ^release-.* ]]; then
852+
buildah push $iid ${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:${VERSION}
853+
buildah push $iid ${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:latest
854+
buildah push $iid grammatech/ddisasm:${VERSION}
855+
buildah push $iid grammatech/ddisasm:latest
856+
elif [[ $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH ]]; then
857+
buildah push $iid ${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:unstable
858+
buildah push $iid grammatech/ddisasm:unstable
859+
else
860+
buildah push $iid ${DOCKER_REGISTRY}/${CI_PROJECT_PATH}:${CI_COMMIT_REF_SLUG}
861+
fi
862+
886863
887864
.apt-upload: &apt-upload
888865
stage: deploy-to-apt

.github/workflows/actions.yml

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -34,16 +34,18 @@ jobs:
3434
echo "image_path=$IMAGE_PATH" >> $GITHUB_ENV
3535
echo "image_path=$IMAGE_PATH" >> $GITHUB_OUTPUT
3636
- uses: actions/checkout@v4
37-
- name: Kaniko build
38-
uses: aevea/action-kaniko@v0.12.0
39-
with:
40-
registry: ghcr.io
41-
image: ${{ matrix.os }}
42-
password: ${{ secrets.GITHUB_TOKEN }}
43-
cache: true
44-
cache_registry: ${{ matrix.os }}-cache
45-
tag: ${{ env.image_tag }}
46-
build_file: .ci/Dockerfile.${{ matrix.file_suffix }}
37+
- name: Build image
38+
env:
39+
image_reference: ${{ env.image_path }}${{ matrix.os }}
40+
run: |
41+
buildah login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
42+
buildah build \
43+
-f .ci/Dockerfile.${{ matrix.file_suffix }} \
44+
--cache-from ${{ env.image_reference }}-cache \
45+
--cache-to ${{ env.image_reference }}-cache \
46+
--layers \
47+
--tag ${{ env.image_reference }}:${{ env.image_tag }}
48+
buildah push ${{ env.image_reference }}:${{ env.image_tag }}
4749
4850
build:
4951
runs-on: ubuntu-latest

0 commit comments

Comments
 (0)