From 1c8ebaff61829fb92184b2eda340aea3e3f61f83 Mon Sep 17 00:00:00 2001 From: Shweta Padubidri Date: Wed, 6 Jul 2022 11:22:28 -0400 Subject: [PATCH] operator: Build and publish images for docker hub (#6086) --- .drone/drone.jsonnet | 36 ++++++++ .drone/drone.yml | 168 ++++++++++++++++++++++++++++++++++++++ Makefile | 9 +- operator/Dockerfile | 12 +-- operator/Dockerfile.cross | 33 ++++++++ 5 files changed, 251 insertions(+), 7 deletions(-) create mode 100644 operator/Dockerfile.cross diff --git a/.drone/drone.jsonnet b/.drone/drone.jsonnet index 464d54eca0..2d29bd9534 100644 --- a/.drone/drone.jsonnet +++ b/.drone/drone.jsonnet @@ -82,6 +82,18 @@ local clients_docker(arch, app) = { }, }; +local docker_operator(arch, operator) = { + name: '%s-image' % if $.settings.dry_run then 'build-' + operator else 'publish-' + operator, + image: 'plugins/docker', + settings: { + repo: 'grafana/%s' % operator, + dockerfile: 'operator/Dockerfile', + username: { from_secret: docker_username_secret.name }, + password: { from_secret: docker_password_secret.name }, + dry_run: false, + }, +}; + local lambda_promtail_ecr(app) = { name: '%s-image' % if $.settings.dry_run then 'build-' + app else 'publish-' + app, image: 'cstyan/ecr', @@ -275,6 +287,27 @@ local lambda_promtail(arch) = pipeline('lambda-promtail-' + arch) + arch_image(a depends_on: ['check'], }; +local lokiopertor(arch) = pipeline('lokioperator-' + arch) + arch_image(arch) { + steps+: [ + // dry run for everything that is not tag or main + docker_operator(arch, 'loki-operator') { + depends_on: ['image-tag'], + when: condition('exclude').tagMain, + settings+: { + dry_run: true, + }, + }, + ] + [ + // publish for tag or main + docker_operator(arch, 'loki-operator') { + depends_on: ['image-tag'], + when: condition('include').tagMain, + settings+: {}, + }, + ], + depends_on: ['check'], +}; + local multiarch_image(arch) = pipeline('docker-' + arch) + arch_image(arch) { steps+: [ // dry run for everything that is not tag or main @@ -501,6 +534,9 @@ local manifest_ecr(apps, archs) = pipeline('manifest-ecr') { else {} ) for arch in archs +] + [ + lokiopertor(arch) + for arch in archs ] + [ fluentbit(), fluentd(), diff --git a/.drone/drone.yml b/.drone/drone.yml index a9e9aa4fd0..fd1be3485b 100644 --- a/.drone/drone.yml +++ b/.drone/drone.yml @@ -691,6 +691,174 @@ trigger: depends_on: - check kind: pipeline +name: lokioperator-amd64 +platform: + arch: amd64 + os: linux +steps: +- commands: + - apk add --no-cache bash git + - git fetch origin --tags + - echo $(./tools/image-tag)-amd64 > .tags + image: alpine + name: image-tag +- depends_on: + - image-tag + image: plugins/docker + name: build-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: true + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + exclude: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +- depends_on: + - image-tag + image: plugins/docker + name: publish-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: false + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + include: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +trigger: + event: + - push + - pull_request + - tag +--- +depends_on: +- check +kind: pipeline +name: lokioperator-arm64 +platform: + arch: arm64 + os: linux +steps: +- commands: + - apk add --no-cache bash git + - git fetch origin --tags + - echo $(./tools/image-tag)-arm64 > .tags + image: alpine + name: image-tag +- depends_on: + - image-tag + image: plugins/docker + name: build-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: true + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + exclude: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +- depends_on: + - image-tag + image: plugins/docker + name: publish-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: false + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + include: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +trigger: + event: + - push + - pull_request + - tag +--- +depends_on: +- check +kind: pipeline +name: lokioperator-arm +platform: + arch: arm + os: linux +steps: +- commands: + - apk add --no-cache bash git + - git fetch origin --tags + - echo $(./tools/image-tag)-arm > .tags + image: alpine + name: image-tag +- depends_on: + - image-tag + image: plugins/docker + name: build-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: true + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + exclude: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +- depends_on: + - image-tag + image: plugins/docker + name: publish-loki-operator-image + settings: + dockerfile: operator/Dockerfile + dry_run: false + password: + from_secret: docker_password + repo: grafana/loki-operator + username: + from_secret: docker_username + when: + ref: + include: + - refs/heads/main + - refs/heads/k??? + - refs/tags/v* +trigger: + event: + - push + - pull_request + - tag +--- +depends_on: +- check +kind: pipeline name: fluent-bit-amd64 platform: arch: amd64 diff --git a/Makefile b/Makefile index 925d46d57b..8bf3d386cb 100644 --- a/Makefile +++ b/Makefile @@ -579,7 +579,14 @@ endif $(call push,loki-build-image,$(BUILD_IMAGE_VERSION)) $(call push,loki-build-image,latest) - +# loki-operator +loki-operator-image: + $(SUDO) docker build -t $(IMAGE_PREFIX)/loki-operator:$(IMAGE_TAG) -f operator/Dockerfile . +loki-operator-image-cross: + $(SUDO) $(BUILD_OCI) -t $(IMAGE_PREFIX)/loki-operator:$(IMAGE_TAG) -f operator/Dockerfile.cross . +loki-operator-push: loki-operator-image-cross + $(SUDO) $(PUSH_OCI) $(IMAGE_PREFIX)/loki-operator:$(IMAGE_TAG) + ######## # Misc # ######## diff --git a/operator/Dockerfile b/operator/Dockerfile index 77db603221..0c96bed09e 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -3,17 +3,17 @@ FROM golang:1.17.9 as builder WORKDIR /workspace # Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum +COPY operator/go.mod go.mod +COPY operator/go.sum go.sum # cache deps before building and copying source so that we don't need to re-download as much # and so that source changes don't invalidate our downloaded layer RUN go mod download # Copy the go source -COPY main.go main.go -COPY apis/ apis/ -COPY controllers/ controllers/ -COPY internal/ internal/ +COPY operator/main.go main.go +COPY operator/apis/ apis/ +COPY operator/controllers/ controllers/ +COPY operator/internal/ internal/ # Build RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on go build -a -o manager main.go diff --git a/operator/Dockerfile.cross b/operator/Dockerfile.cross new file mode 100644 index 0000000000..c4252eb862 --- /dev/null +++ b/operator/Dockerfile.cross @@ -0,0 +1,33 @@ +ARG BUILD_IMAGE=grafana/loki-build-image:0.18.0 + +FROM golang:1.17.9-alpine as goenv +RUN go env GOARCH > /goarch && \ + go env GOARM > /goarm + +FROM --platform=linux/amd64 $BUILD_IMAGE as builder +COPY --from=goenv /goarch /goarm / +WORKDIR /workspace +# Copy the Go Modules manifests +COPY operator/go.mod go.mod +COPY operator/go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY operator/main.go main.go +COPY operator/apis/ apis/ +COPY operator/controllers/ controllers/ +COPY operator/internal/ internal/ + +# Build +RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on GOARCH=$(cat /goarch) GOARM=$(cat /goarm) go build -a -o manager main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM gcr.io/distroless/static:nonroot +WORKDIR / +COPY --from=builder /workspace/manager . +USER 65532:65532 + +ENTRYPOINT ["/manager"]