From 36c7343758d43c2099371aad6302564694ee2b12 Mon Sep 17 00:00:00 2001 From: Matthias Bertschy Date: Tue, 12 Jan 2021 14:25:08 +0100 Subject: [PATCH] build distroless image using cekit in ci --- .github/build-distroless-images.sh | 24 ++++++++++++++++++++++++ .github/distroless-images.yaml | 9 +++++++++ .github/workflows/build-images.yml | 1 + .github/workflows/push-images.yml | 1 + README.md | 1 + quarkus-distroless-image.yaml | 17 +++++++++++++++++ 6 files changed, 53 insertions(+) create mode 100755 .github/build-distroless-images.sh create mode 100644 .github/distroless-images.yaml create mode 100644 quarkus-distroless-image.yaml diff --git a/.github/build-distroless-images.sh b/.github/build-distroless-images.sh new file mode 100755 index 00000000..d61af61b --- /dev/null +++ b/.github/build-distroless-images.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# Create the container image providing the GraalVM specific distroless image +# Usage: build-distroless-images.sh +# Example: +# build-distroless-images.sh + +set -e + +PREFIX_NAME=quay.io/quarkus/quarkus-distroless-image +IMAGE=quarkus-distroless-image.yaml +BUILD_ENGINE=docker +VERSION=$1 +OVERRIDES="{'version': '${VERSION}'}" + +echo "Building version ${VERSION}" + +virtualenv --python=python3 .cekit +source .cekit/bin/activate + +echo "Generating ${PREFIX_NAME}:${VERSION}" +cekit --descriptor ${IMAGE} build \ + --overrides "${OVERRIDES}" \ + ${BUILD_ENGINE} --tag="${PREFIX_NAME}:${VERSION}" --no-squash diff --git a/.github/distroless-images.yaml b/.github/distroless-images.yaml new file mode 100644 index 00000000..327a7c75 --- /dev/null +++ b/.github/distroless-images.yaml @@ -0,0 +1,9 @@ +image: quarkus-distroless-image.yaml +imageName: quay.io/quarkus/quarkus-distroless-image +buildScript: .github/build-distroless-images.sh +versions: + - 20.3.0-java11 +tags: + - id: 20.3-java11 + target: 20.3.0-java11 +versionCheck: false diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index 16f2d234..01ddc267 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -18,6 +18,7 @@ jobs: strategy: matrix: configuration: + - .github/distroless-images.yaml - .github/native-images.yaml - .github/mandrel-images.yaml - .github/s2i-native-images.yaml diff --git a/.github/workflows/push-images.yml b/.github/workflows/push-images.yml index de3748c5..42cba486 100644 --- a/.github/workflows/push-images.yml +++ b/.github/workflows/push-images.yml @@ -11,6 +11,7 @@ jobs: strategy: matrix: configuration: + - .github/distroless-images.yaml - .github/native-images.yaml - .github/mandrel-images.yaml - .github/s2i-native-images.yaml diff --git a/README.md b/README.md index 8b61d960..c8bc1253 100644 --- a/README.md +++ b/README.md @@ -136,6 +136,7 @@ For other Systems, please refer to the docs. The build scripts are located in the `.github` directory: +* `build-distroless-images.sh` - build the distroless images suitable for packaging native applications * `build-mandrel-images.sh` - build the mandrel images * `build-native-images.sh` - build the images providing the `native-image` executable * `build-s2i-binary-images.sh` - build the s2i builder images taking a pre-built native executable diff --git a/quarkus-distroless-image.yaml b/quarkus-distroless-image.yaml new file mode 100644 index 00000000..796ba267 --- /dev/null +++ b/quarkus-distroless-image.yaml @@ -0,0 +1,17 @@ +- name: debian + version: stable-slim + from: debian:stable-slim + +# need to rename from image into "scratch" to disable /tmp cleanup +- name: scratch + version: latest + from: gcr.io/distroless/cc + +- name: quay.io/quarkus/quarkus-distroless-image + version: latest + from: scratch + artifacts: + - name: libz.so.1 + image: debian + path: /lib/x86_64-linux-gnu/libz.so.1 + dest: /lib/x86_64-linux-gnu