[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 11/11] tests/gitlab: use kaniko to build images
|
From: |
Daniel P . Berrangé |
|
Subject: |
Re: [PATCH 11/11] tests/gitlab: use kaniko to build images |
|
Date: |
Thu, 30 Mar 2023 11:17:41 +0100 |
|
User-agent: |
Mutt/2.2.9 (2022-11-12) |
On Thu, Mar 30, 2023 at 11:11:41AM +0100, Alex Bennée wrote:
> Apparently the docker-in-docker approach has some flaws including
> needing privileged mode to run and being quite slow. An alternative
> approach is to use Google's kaniko tool. It also works across
> different gitlab executors.
>
> Following the gitlab example code we drop all the direct docker calls
> and usage of the script and make a direct call to kaniko and hope the
> images are cacheable by others.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> Message-Id: <20230224180857.1050220-8-alex.bennee@linaro.org>
>
> ---
> v2
> - add danpb's --cache suggestions
> ---
> .gitlab-ci.d/container-template.yml | 22 ++++++++++------------
> 1 file changed, 10 insertions(+), 12 deletions(-)
>
> diff --git a/.gitlab-ci.d/container-template.yml
> b/.gitlab-ci.d/container-template.yml
> index 519b8a9482..cd8e0a1ff6 100644
> --- a/.gitlab-ci.d/container-template.yml
> +++ b/.gitlab-ci.d/container-template.yml
> @@ -1,21 +1,19 @@
> .container_job_template:
> extends: .base_job_template
> - image: docker:stable
> + image:
> + name: gcr.io/kaniko-project/executor:v1.9.0-debug
> + entrypoint: [""]
> stage: containers
> - services:
> - - docker:dind
> before_script:
> - export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
> - export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/qemu/$NAME:latest"
> - - apk add python3
> - - docker info
> - - docker login $CI_REGISTRY -u "$CI_REGISTRY_USER" -p
> "$CI_REGISTRY_PASSWORD"
> script:
> - echo "TAG:$TAG"
> - echo "COMMON_TAG:$COMMON_TAG"
> - - docker build --tag "$TAG" --cache-from "$TAG" --cache-from
> "$COMMON_TAG"
> - --build-arg BUILDKIT_INLINE_CACHE=1
> - -f "tests/docker/dockerfiles/$NAME.docker" "."
> - - docker push "$TAG"
> - after_script:
> - - docker logout
> + - /kaniko/executor
> + --reproducible
> + --context "${CI_PROJECT_DIR}"
> + --cache=true
> + --cache-repo "${COMMON_TAG}"
IIRC with docker if we told it to cache we would have to first have done
a 'docker pull $COMMON_TAG' as it wouldn't pull down the image if
it was not already local. I'm fuzzy on whether kaniko has the same
need or not ? I guess we were broken already in that respect as
we already uses --cache-from with docker without a docker pull
> + --dockerfile
> "${CI_PROJECT_DIR}/tests/docker/dockerfiles/$NAME.docker"
> + --destination "${TAG}"
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
- Re: [PATCH 03/11] MAINTAINERS: add a section for policy documents, (continued)
- [PATCH 02/11] gdbstub: Only build libgdb_user.fa / libgdb_softmmu.fa if necessary, Alex Bennée, 2023/03/30
- [PATCH 05/11] metadata: add .git-blame-ignore-revs, Alex Bennée, 2023/03/30
- [PATCH 08/11] tests/vm: use the default system python for NetBSD, Alex Bennée, 2023/03/30
- [PATCH 04/11] qemu-options: finesse the recommendations around -blockdev, Alex Bennée, 2023/03/30
- [PATCH 06/11] Use hexagon toolchain version 16.0.0, Alex Bennée, 2023/03/30
- [PATCH 11/11] tests/gitlab: use kaniko to build images, Alex Bennée, 2023/03/30
- Re: [PATCH 11/11] tests/gitlab: use kaniko to build images,
Daniel P . Berrangé <=
- Re: [PATCH 11/11] tests/gitlab: use kaniko to build images, Thomas Huth, 2023/03/30
- [PATCH 09/11] tests/requirements.txt: bump up avocado-framework version to 101.0, Alex Bennée, 2023/03/30
[PATCH 07/11] tests/qemu-iotests: explicitly invoke 'check' via 'python', Alex Bennée, 2023/03/30