Infrastructure/zot
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2025-01-06 22:40:28 -05:00
Code Issues Activity

ci/cd: Fix arm builds, use distroless final image

Browse source 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
This commit is contained in:
Petu Eusebiu 2022-05-25 18:53:02 +03:00 committed by Ramkumar Chinchani
parent 62775cc095
commit d0b52612a2
5 changed files with 110 additions and 57 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
.github/workflows/ci-cd.yml vendored
View file

@ -129,7 +129,15 @@ jobs:
- name: Run zot container image with docker - name: Run zot container image with docker
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run -d ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} docker run -d -p 5000:5000 ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5000/v2/'
docker kill $(docker ps -q)
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -137,7 +145,15 @@ jobs:
- name: Run zot container image with podman - name: Run zot container image with podman
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run -d ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} podman run -d -p 5000:5000 ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5000/v2/'
podman kill --all
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -159,7 +175,15 @@ jobs:
- name: Run zot-minimal container image with docker - name: Run zot-minimal container image with docker
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run -d ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} docker run -d -p 5000:5000 ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5000/v2/'
docker kill $(docker ps -q)
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -167,7 +191,15 @@ jobs:
- name: Run zot-minimal container image with podman - name: Run zot-minimal container image with podman
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run -d ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} podman run -d -p 5000:5000 ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5000/v2/'
podman kill --all
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -188,7 +220,15 @@ jobs:
- name: Run zot-exporter container image with docker - name: Run zot-exporter container image with docker
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run -d ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} docker run -d -p 5001:5001 ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5001/metrics'
docker kill $(docker ps -q)
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -196,7 +236,15 @@ jobs:
- name: Run zot-exporter container image with podman - name: Run zot-exporter container image with podman
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run -d ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} podman run -d -p 5001:5001 ghcr.io/${{ github.repository_owner }}/zxp-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}
sleep 2
curl --connect-timeout 5 \
--max-time 10 \
--retry 12 \
--retry-max-time 360 \
--retry-connrefused \
'http://localhost:5001/metrics'
podman kill --all
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -217,7 +265,7 @@ jobs:
- name: Run zb container image with docker - name: Run zb container image with docker
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
docker run -d ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} docker run ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} --help
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}
@ -225,7 +273,7 @@ jobs:
- name: Run zb container image with podman - name: Run zb container image with podman
run: | run: |
if [[ $OS == "linux" && $ARCH == "amd64" ]]; then if [[ $OS == "linux" && $ARCH == "amd64" ]]; then
podman run -d ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} podman run ghcr.io/${{ github.repository_owner }}/zb-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }} --help
fi fi
env: env:
OS: ${{ matrix.os }} OS: ${{ matrix.os }}

31
stacker-conformance.yaml
View file

@ -14,7 +14,7 @@ build:
cd /go/src/github.com/project-zot cd /go/src/github.com/project-zot
git clone /zotcopy zot git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} binary make COMMIT=${{COMMIT}} clean binary
cat > config.json << EOF cat > config.json << EOF
{ {
"storage":{ "storage":{
@ -33,25 +33,28 @@ build:
EOF EOF
cat config.json cat config.json
mkdir -p /zotcopy/build/binary
mkdir -p /zotcopy/build/cert
mkdir -p /zotcopy/build/config
cp /go/src/github.com/project-zot/zot/bin/zot-linux-amd64 /zotcopy/build/binary
cp /go/src/github.com/project-zot/zot/config.json /zotcopy/build/config
cp /etc/ssl/certs/ca-certificates.crt /zotcopy/build/cert
build_only: true build_only: true
"${{REPO_NAME:zot}}": "${{REPO_NAME:zot}}":
from: from:
type: docker type: docker
url: docker://alpine:3 url: docker://gcr.io/distroless/base
import: overlay_dirs:
- stacker://build/go/src/github.com/project-zot/zot/bin/zot-${{OS}}-${{ARCH}} - source: ./build/binary
- stacker://build/go/src/github.com/project-zot/zot/config.json dest: /usr/local/bin
- stacker://build/etc/ssl/certs/ca-certificates.crt - source: ./build/cert
run: | dest: /etc/ssl/certs
cp /stacker/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt - source: ./build/config
cp /stacker/zot-${{OS}}-${{ARCH}} /usr/bin/zot dest: /etc/zot
mkdir -p /etc/zot
cp /stacker/config.json /etc/zot/config.json
# pie mode binaries need a runtime
apk add --no-cache libc6-compat
entrypoint: entrypoint:
- /usr/bin/zot - /usr/bin/zot-linux-amd64
volumes: volumes:
- /var/lib/registry - /var/lib/registry
cmd: cmd:

16
stacker-zb.yaml
View file

@ -14,17 +14,17 @@ build:
git clone /zotcopy zot git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} clean bench make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} clean bench
mkdir -p /zotcopy/build/binary
cp /go/src/github.com/project-zot/zot/bin/zb-${{OS}}-${{ARCH}} /zotcopy/build/binary
build_only: true build_only: true
"${{REPO_NAME:zb}}": "${{REPO_NAME:zb}}":
from: from:
type: docker type: docker
url: docker://alpine:3 url: docker://gcr.io/distroless/base
import: overlay_dirs:
- stacker://build/go/src/github.com/project-zot/zot/bin/zb-${{OS}}-${{ARCH}} - source: ./build/binary
run: | dest: /usr/local/bin
cp /stacker/zb-${{OS}}-${{ARCH}} /usr/bin/zb
# pie mode binaries need a runtime
apk add --no-cache libc6-compat
entrypoint: entrypoint:
- /usr/bin/zb - /usr/local/bin/zb-${{OS}}-${{ARCH}}

23
stacker-zxp.yaml
View file

@ -32,23 +32,24 @@ build:
EOF EOF
cat config.json cat config.json
mkdir -p /zotcopy/build/binary
mkdir -p /zotcopy/build/config
cp /go/src/github.com/project-zot/zot/bin/zxp-${{OS}}-${{ARCH}} /zotcopy/build/binary
cp /go/src/github.com/project-zot/zot/config.json /zotcopy/build/config
build_only: true build_only: true
"${{REPO_NAME:zxp}}": "${{REPO_NAME:zxp}}":
from: from:
type: docker type: docker
url: docker://alpine:3 url: docker://gcr.io/distroless/base
import: overlay_dirs:
- stacker://build/go/src/github.com/project-zot/zot/bin/zxp-${{OS}}-${{ARCH}} - source: ./build/binary
- stacker://build/go/src/github.com/project-zot/zot/config.json dest: /usr/local/bin
run: | - source: ./build/config
cp /stacker/zxp-${{OS}}-${{ARCH}} /usr/bin/zxp dest: /etc/zxp
mkdir -p /etc/zxp
cp /stacker/config.json /etc/zxp/config.json
# pie mode binaries need a runtime
apk add --no-cache libc6-compat
entrypoint: entrypoint:
- /usr/bin/zxp - /usr/local/bin/zxp-${{OS}}-${{ARCH}}
cmd: cmd:
- config - config
- /etc/zxp/config.json - /etc/zxp/config.json

31
stacker.yaml
View file

@ -14,7 +14,7 @@ build:
cd /go/src/github.com/project-zot cd /go/src/github.com/project-zot
git clone /zotcopy zot git clone /zotcopy zot
cd /go/src/github.com/project-zot/zot cd /go/src/github.com/project-zot/zot
make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} binary${{EXT:}} make COMMIT=${{COMMIT}} OS=${{OS}} ARCH=${{ARCH}} clean binary${{EXT:}}
cat > config.json << EOF cat > config.json << EOF
{ {
"storage":{ "storage":{
@ -31,28 +31,29 @@ build:
EOF EOF
cat config.json cat config.json
mkdir -p /zotcopy/build/binary
mkdir -p /zotcopy/build/cert
mkdir -p /zotcopy/build/config
cp /go/src/github.com/project-zot/zot/bin/zot-${{OS}}-${{ARCH}}${{EXT:}} /zotcopy/build/binary
cp /go/src/github.com/project-zot/zot/config.json /zotcopy/build/config
cp /etc/ssl/certs/ca-certificates.crt /zotcopy/build/cert
build_only: true build_only: true
"${{REPO_NAME:zot}}": "${{REPO_NAME:zot}}":
from: from:
type: docker type: docker
url: docker://alpine:3 url: docker://gcr.io/distroless/base
import: overlay_dirs:
- stacker://build/go/src/github.com/project-zot/zot/bin/zot-${{OS}}-${{ARCH}}${{EXT:}} - source: ./build/binary
- stacker://build/go/src/github.com/project-zot/zot/config.json dest: /usr/local/bin
- stacker://build/etc/ssl/certs/ca-certificates.crt - source: ./build/cert
run: | dest: /etc/ssl/certs
cp /stacker/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt - source: ./build/config
cp /stacker/zot-${{OS}}-${{ARCH}}${{EXT:}} /usr/bin/zot dest: /etc/zot
mkdir -p /etc/zot
cp /stacker/config.json /etc/zot/config.json
# pie mode binaries need a runtime
apk add --no-cache libc6-compat
entrypoint: entrypoint:
- /usr/bin/zot - /usr/local/bin/zot-${{OS}}-${{ARCH}}${{EXT:}}
volumes: volumes:
- /var/lib/registry - /var/lib/registry
cmd: cmd:
- serve - serve
- /etc/zot/config.json - /etc/zot/config.json