Skip to content

Commit

Permalink
Fix docker buildx usage (#1210)
Browse files Browse the repository at this point in the history
Signed-off-by: Prajyot-Parab <prajyot.parab2@ibm.com>
Prajyot-Parab authored May 9, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 010112f commit 89543ac
Showing 2 changed files with 17 additions and 18 deletions.
10 changes: 6 additions & 4 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -15,7 +15,7 @@
# limitations under the License.

# Build the manager binary
FROM golang:1.20.3 as toolchain
FROM --platform=${BUILDPLATFORM} golang:1.20.3 as toolchain

# Run this with docker build --build_arg $(go env GOPROXY) to override the goproxy
ARG goproxy=https://proxy.golang.org,direct
@@ -41,16 +41,18 @@ COPY pkg/ pkg/
COPY util/ util/

# Build
ARG ARCH
ARG TARGETOS
ARG TARGETARCH
ARG LDFLAGS
RUN --mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.local/share/golang \
CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} GO111MODULE=on go build -ldflags "${LDFLAGS} -extldflags '-static'" -o manager main.go
CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} GO111MODULE=on go build -ldflags "${LDFLAGS} -extldflags '-static'" -o manager main.go

ARG TARGETPLATFORM
# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot
FROM --platform=${TARGETPLATFORM} gcr.io/distroless/static:nonroot
WORKDIR /
COPY --from=builder /workspace/manager .
# Use uid of nonroot user (65532) because kubernetes expects numeric user when applying pod security policies
25 changes: 11 additions & 14 deletions Makefile
Original file line number Diff line number Diff line change
@@ -60,7 +60,7 @@ RELEASE_DIR := out
TOOLCHAIN_IMAGE := toolchain

TAG ?= dev
ARCH ?= amd64
ARCH ?= $(shell go env GOARCH)
ALL_ARCH ?= amd64 ppc64le arm64
PULL_POLICY ?= Always

@@ -392,7 +392,7 @@ image-patch-kustomization-without-webhook: $(IMAGE_PATCH_DIR) $(GOJQ)

.PHONY: docker-build
docker-build: docker-pull-prerequisites ## Build the docker image for controller-manager
docker build --build-arg ARCH=$(ARCH) --build-arg LDFLAGS="$(LDFLAGS)" . -t $(CORE_CONTROLLER_IMG)-$(ARCH):$(TAG)
docker buildx build --platform linux/$(ARCH) --output=type=docker --pull --build-arg LDFLAGS="$(LDFLAGS)" -t $(CORE_CONTROLLER_IMG)-$(ARCH):$(TAG) .

.PHONY: docker-push
docker-push: ## Push the docker image
@@ -405,7 +405,7 @@ docker-pull-prerequisites:

.PHONY: e2e-image
e2e-image: docker-pull-prerequisites
docker build --tag=$(CORE_CONTROLLER_ORIGINAL_IMG):e2e .
docker buildx build --platform linux/$(ARCH) --output=type=docker --tag=$(CORE_CONTROLLER_ORIGINAL_IMG):e2e .
$(MAKE) set-manifest-image MANIFEST_IMG=$(CORE_CONTROLLER_ORIGINAL_IMG):e2e TARGET_RESOURCE="./config/default/manager_image_patch.yaml"
$(MAKE) set-manifest-pull-policy PULL_POLICY=Never TARGET_RESOURCE="./config/default/manager_pull_policy.yaml"

@@ -431,21 +431,18 @@ docker-build-%:

.PHONY: docker-push-all ## Push all the architecture docker images
docker-push-all: $(addprefix docker-push-,$(ALL_ARCH))
$(MAKE) docker-push-core-manifest
$(MAKE) docker-push-core-image

docker-push-%:
$(MAKE) ARCH=$* docker-push

.PHONY: docker-push-core-manifest
docker-push-core-manifest: ## Push the multiarch manifest for the core docker images
## Minimum docker version 18.06.0 is required for creating and pushing manifest images.
$(MAKE) docker-push-manifest CONTROLLER_IMG=$(CORE_CONTROLLER_IMG) MANIFEST_FILE=$(CORE_MANIFEST_FILE)

.PHONY: docker-push-manifest
docker-push-manifest:
docker manifest create --amend $(CONTROLLER_IMG):$(TAG) $(shell echo $(ALL_ARCH) | sed -e "s~[^ ]*~$(CONTROLLER_IMG)\-&:$(TAG)~g")
@for arch in $(ALL_ARCH); do docker manifest annotate --arch $${arch} ${CONTROLLER_IMG}:${TAG} ${CONTROLLER_IMG}-$${arch}:${TAG}; done
docker manifest push --purge ${CONTROLLER_IMG}:${TAG}
.PHONY: docker-push-core-image
docker-push-core-image: ## Push the multiarch core docker image
docker buildx inspect capibm &>/dev/null || docker buildx create --name capibm
docker buildx build --builder capibm --platform linux/amd64,linux/arm64,linux/ppc64le --output=type=registry \
--pull --build-arg ldflags="$(LDFLAGS)" \
-t $(CORE_CONTROLLER_IMG):$(TAG) .
docker buildx rm capibm

## --------------------------------------
## Lint / Verify

0 comments on commit 89543ac

Please sign in to comment.