Add the support to build container image for kn #152
Conversation
|
Hi @houshengbo. Thanks for your PR. I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
knative-prow-robot
added
the
needs-ok-to-test
knative-prow-robot
added
size/M
|
/assign @sixolet |
knative-prow-robot
added
size/M
|
I feel like setting up a whole deployment yaml is misleading. How about this alternate section in Aside to @mattmoor : I'd love if |
|
Re aside to @mattmoor , see ko-build/ko#36 |
|
@sixolet I was trying to generate a yaml at the beginning, but later quit. |
This approach is generally good.
But I think we need more, from a release management standpoint. We can't just tag every image as
No strong opinions; the long name is clear, the short name is concise. |
|
I will generate a file with the image link. @sixolet Based on the current PR, the tag latest is only used when we push the image to the local ko.local(PUBLISH_RELEASE is false). What else can be a good option? |
|
/ok-to-test |
knative-prow-robot
added
ok-to-test
|
/assign @adrcunha Can you weigh in on best practices for image tagging, and what step should do that? |
hack/release.sh
Outdated
| @@ -32,7 +32,9 @@ function build_release() { | |||
| GOOS=darwin GOARCH=amd64 go build -mod=vendor -ldflags "${ld_flags}" -o ./kn-darwin-amd64 ./cmd/... | |||
| echo "🚧 🎠 Building for Windows" | |||
| GOOS=windows GOARCH=amd64 go build -mod=vendor -ldflags "${ld_flags}" -o ./kn-windows-amd64.exe ./cmd/... | |||
| ARTIFACTS_TO_PUBLISH="kn-darwin-amd64 kn-linux-amd64 kn-windows-amd64.exe" | |||
| echo "🚧 🐳 Building the container image" | |||
| ko publish ${KO_FLAGS} github.com/knative/client/cmd/kn 2>&1 | grep -E '(Loaded|Published)' | rev | cut -d ' ' -f 1 | rev > kn-image-location | |||
There was a problem hiding this comment.
This will hide any error messages from ko publish. At a minimum, tee should be used, although I think this is a unnecessary convoluted and brittle way of extracting the location of the generated image: this can be easily derived from KO_REPO_PATH and the package name.
There was a problem hiding this comment.
It is brittle; ko-build/ko#36 is now merged and solves this problem, but ko isn't released with that yet.
There was a problem hiding this comment.
Could you elaborate more how to integrate ko publish with tee command?
There was a problem hiding this comment.
Just pipe it. Although I do not recommend, specially now that the problem is solved.
There was a problem hiding this comment.
@sixolet has a PR for ko ko-build/ko#36 already merged. @adrcunha I do not think we need tee any more, since we can print in stdout.
There was a problem hiding this comment.
I still insist on not using such brittle approach. Instead I would recommend cleanly getting the hash through gcloud, like
gcloud container images describe gcr.io/XXXXXX/github.com/knative/client/cmd/kn:latest --format="value(image_summary.digest)"
hack/release.sh
Outdated
| ARTIFACTS_TO_PUBLISH="kn-darwin-amd64 kn-linux-amd64 kn-windows-amd64.exe" | ||
| echo "🚧 🐳 Building the container image" | ||
| ko publish ${KO_FLAGS} github.com/knative/client/cmd/kn 2>&1 | grep -E '(Loaded|Published)' | rev | cut -d ' ' -f 1 | rev > kn-image-location | ||
| ARTIFACTS_TO_PUBLISH="kn-darwin-amd64 kn-linux-amd64 kn-windows-amd64.exe kn-image-location" |
There was a problem hiding this comment.
This seems weird to me. You really want to publish a text file with a GCR URL in it? Wouldn't it be better to add that to the release notes instead?
There was a problem hiding this comment.
Goal: Tie the image by hash to the release.
The published yamls from the other repos, the ones you can kubectl apply, accomplish this goal, but that doesn't make sense for kn. Once Tekton is further along we could publish a Tekton Task as a yaml file, but I don't think we're ready yet. So just a text file containing the image by hash seems simplest — is there a better way?
There was a problem hiding this comment.
Initially I used ko resolve command. That generates a yaml file, so that github.com/knative/test-infra/scripts/release.sh can process later in the function tag_images_in_yamls ${ARTIFACTS_TO_PUBLISH} to change the tag.
But later I quit, since tag_images_in_yamls has bug, and it does not parse any image name ko resolve generates.
There was a problem hiding this comment.
If we can specify the tag here, then we do not need to bother github.com/knative/test-infra/scripts/release.sh. But I do not know how to specify the tag for the image in this release.sh.
There was a problem hiding this comment.
@hohaichi tag_images_in_yamls() works fine for all other repos (parsing yamls that ko resolve generates), can you please clarify what bug you're experiencing?
@sixolet I understanding that you're interested in the image hash, and that's unrelated to tagging it on GCR. If so, would adding it to the release notes be enough?
There was a problem hiding this comment.
I'm getting a 404 for the URL you mentioned. Anyway, the regex is not meant to catch image names with hashes. I think you're running an old version of ko because newer versions won't append the hash by default, and you don't need to specify -B:
$ export KO_DOCKER_REPO=gcr.io/XXXXXXXXX
$ ko publish -P github.com/knative/client/cmd/kn
2019/06/03 10:30:25 Building github.com/knative/client/cmd/kn
2019/06/03 10:30:29 Using base gcr.io/distroless/base:latest for github.com/knative/client/cmd/kn
2019/06/03 10:30:30 Publishing gcr.io/XXXXXXXXX/github.com/knative/client/cmd/kn:latest
2019/06/03 10:30:31 existing blob: sha256:1558143043601a425aa864511da238799b57fcf7d062d47044f6ddd0e04fe99a
2019/06/03 10:30:31 existing blob: sha256:4003b5b92ca98a8926d9112839f3f17e69f4ec4f995abb188a3ce3ccf93cd6d9
2019/06/03 10:30:31 existing blob: sha256:5f5edd681dcbc3a4a9df93e200e59e1708031e65b2299970eabdc91a78cc8234
2019/06/03 10:30:33 pushed blob: sha256:9e0fd63e6f10b3e99b134f68e8f68ba5de196080141d6254d875994c4868030b
2019/06/03 10:30:35 pushed blob: sha256:3ace94f228dcde95346dabc5a0e17c0cff33442a0fd49691d0233d1cfd25e8ed
2019/06/03 10:30:36 gcr.io/XXXXXXXXX/github.com/knative/client/cmd/kn:latest: digest: sha256:4d5a06964d68d645c743d5e02588a8340f749548db47024470ed917d84fc52ce size: 915
2019/06/03 10:30:36 Published gcr.io/XXXXXXXXX/github.com/knative/client/cmd/kn@sha256:4d5a06964d68d645c743d5e02588a8340f749548db47024470ed917d84fc52ce
There was a problem hiding this comment.
OK , as long as it is able to parse the image name, that's fine.
There was a problem hiding this comment.
will do ko publish ==> ko resolve
There was a problem hiding this comment.
Sorry, wrong username from Auto complete. :/
No.
The version is used only if you specify it in the command-line. Currently, it only happens for named releases, not nightly releases. |
You don't need to pass
This sentence confuses me. You can call
Yes. That's done by the release Prow jobs. Unless you're a Prow job or an admin, you won't be able to push to nightly GCR.
As I mentioned in another comment, you can easily assemble the path to the binary, based on the version or nightly tag, or latest. Like gcr.io/knative-nightly/github.com/knative/client/cmd/kn:latest or gcr.io/knative-nightly/github.com/knative/client/cmd/kn:v20193005-fooba4 or gcr.io/knative-releases/github.com/knative/client/cmd/kn:v0.2.0
Do you mean simply gcr.io/knative-nightly/kn? Although we can support that, it would be against all the GCR/GCS organization used by all the other Knative modules. I'd check with the TOC first to avoid confusion and unexpected surprises. |
What determines which images the Prow jobs push where? |
The build_release() function. It can push anything to KO_DOCKER_REPO. |
knative-prow-robot
added
size/S
|
Integration test should be fixed if #155 is merged and this PR rebased on top of it |
config/release.yaml
Outdated
| # limitations under the License. | ||
|
|
||
| apiVersion: apps/v1 | ||
| kind: Deployment |
There was a problem hiding this comment.
Can we do something that doesn't imply you should want to apply this to a k8s cluster, if we must have yaml? Would plain old
image: github.com/knative/client/cmd/kn
work?
There was a problem hiding this comment.
I tried. It worked if we only kept "image: github.com/knative/client/cmd/kn".
Already changed it.
| @@ -32,7 +32,9 @@ function build_release() { | |||
| GOOS=darwin GOARCH=amd64 go build -mod=vendor -ldflags "${ld_flags}" -o ./kn-darwin-amd64 ./cmd/... | |||
| echo "🚧 🎠 Building for Windows" | |||
| GOOS=windows GOARCH=amd64 go build -mod=vendor -ldflags "${ld_flags}" -o ./kn-windows-amd64.exe ./cmd/... | |||
| ARTIFACTS_TO_PUBLISH="kn-darwin-amd64 kn-linux-amd64 kn-windows-amd64.exe" | |||
| echo "🚧 🐳 Building the container image" | |||
| ko resolve ${KO_FLAGS} -f config/ > kn-image-location.yaml | |||
There was a problem hiding this comment.
Does that now assume ko present and the default container image builder? If that's a widely held assumption in Knative then cool. I'd assume some folks would want to use docker?
There was a problem hiding this comment.
Yes, ko is used in all other repos. If you change to docker it will break the release process. Also, release.sh will be hardly used locally, and mostly by the release jobs.
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: houshengbo, sixolet The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow-robot
added
the
approved
Fixes-Bug: #80