6 changed files with 183 additions and 0 deletions
@ -0,0 +1,22 @@ |
|||||
|
apiVersion: apps/v1 |
||||
|
kind: DaemonSet |
||||
|
metadata: |
||||
|
name: multiarch-qemu |
||||
|
spec: |
||||
|
selector: |
||||
|
matchLabels: |
||||
|
name: multiarch-qemu |
||||
|
template: |
||||
|
metadata: |
||||
|
labels: |
||||
|
name: multiarch-qemu |
||||
|
spec: |
||||
|
containers: |
||||
|
- name: multiarch-qemu |
||||
|
image: docker.io/multiarch/qemu-user-static:6.1.0-8 |
||||
|
command: |
||||
|
- /bin/sh |
||||
|
- -c |
||||
|
- /register --reset --persistent yes && while :; do sleep 3600; done |
||||
|
securityContext: |
||||
|
privileged: true |
||||
@ -0,0 +1,52 @@ |
|||||
|
apiVersion: tekton.dev/v1beta1 |
||||
|
kind: Pipeline |
||||
|
metadata: |
||||
|
name: buildah-multiarch |
||||
|
spec: |
||||
|
workspaces: |
||||
|
- name: scratch |
||||
|
params: |
||||
|
- name: buildahPlatforms |
||||
|
type: array |
||||
|
default: |
||||
|
- linux/x86_64 |
||||
|
- linux/arm64/v8 |
||||
|
- name: gitRepositoryURL |
||||
|
type: string |
||||
|
- name: outputContainerImage |
||||
|
type: string |
||||
|
tasks: |
||||
|
# Clone the git repository |
||||
|
- name: git-clone |
||||
|
params: |
||||
|
- name: url |
||||
|
value: "$(params.gitRepositoryURL)" |
||||
|
- name: verbose |
||||
|
value: "false" |
||||
|
workspaces: |
||||
|
- name: output |
||||
|
workspace: scratch |
||||
|
subPath: src |
||||
|
taskRef: |
||||
|
name: git-clone |
||||
|
# Build and push the container images |
||||
|
- name: buildah |
||||
|
runAfter: |
||||
|
- git-clone |
||||
|
params: |
||||
|
- name: buildahVersion |
||||
|
value: latest |
||||
|
- name: outputContainerImage |
||||
|
value: "$(params.outputContainerImage)" |
||||
|
- name: buildahPlatforms |
||||
|
value: |
||||
|
- "$(params.buildahPlatforms[*])" |
||||
|
workspaces: |
||||
|
- name: src |
||||
|
workspace: scratch |
||||
|
subPath: src |
||||
|
- name: containers |
||||
|
workspace: scratch |
||||
|
subPath: containers |
||||
|
taskRef: |
||||
|
name: buildah |
||||
@ -0,0 +1,22 @@ |
|||||
|
apiVersion: tekton.dev/v1beta1 |
||||
|
kind: PipelineRun |
||||
|
metadata: |
||||
|
generateName: buildah-multiarch- |
||||
|
spec: |
||||
|
serviceAccountName: tekton-robot |
||||
|
pipelineRef: |
||||
|
name: buildah-multiarch |
||||
|
params: |
||||
|
- name: gitRepositoryURL |
||||
|
value: https://github.com/nmasse-itix/buildah-multiarchitecture-build.git |
||||
|
- name: outputContainerImage |
||||
|
value: quay.io/nmasse_itix/samba |
||||
|
workspaces: |
||||
|
- name: scratch |
||||
|
volumeClaimTemplate: |
||||
|
spec: |
||||
|
accessModes: |
||||
|
- ReadWriteOnce |
||||
|
resources: |
||||
|
requests: |
||||
|
storage: 1Gi |
||||
@ -0,0 +1,7 @@ |
|||||
|
apiVersion: v1 |
||||
|
kind: Secret |
||||
|
metadata: |
||||
|
name: quay-authentication |
||||
|
data: |
||||
|
.dockerconfigjson: '[REDACTED]' |
||||
|
type: kubernetes.io/dockerconfigjson |
||||
@ -0,0 +1,8 @@ |
|||||
|
apiVersion: v1 |
||||
|
kind: ServiceAccount |
||||
|
metadata: |
||||
|
name: tekton-robot |
||||
|
secrets: |
||||
|
- name: quay-authentication |
||||
|
imagePullSecrets: |
||||
|
- name: quay-authentication |
||||
@ -0,0 +1,72 @@ |
|||||
|
apiVersion: tekton.dev/v1beta1 |
||||
|
kind: Task |
||||
|
metadata: |
||||
|
name: buildah |
||||
|
spec: |
||||
|
params: |
||||
|
- name: buildahVersion |
||||
|
type: string |
||||
|
- name: buildahPlatforms |
||||
|
type: array |
||||
|
default: |
||||
|
- linux/amd64 |
||||
|
- name: outputContainerImage |
||||
|
type: string |
||||
|
workspaces: |
||||
|
- name: src |
||||
|
mountPath: /src |
||||
|
- name: containers |
||||
|
mountPath: /var/lib/containers |
||||
|
steps: |
||||
|
- name: buildah |
||||
|
image: quay.io/containers/buildah:$(params.buildahVersion) |
||||
|
workingDir: /src |
||||
|
env: |
||||
|
- name: TARGET_IMAGE |
||||
|
value: "$(params.outputContainerImage)" |
||||
|
securityContext: |
||||
|
capabilities: |
||||
|
add: |
||||
|
- 'SYS_ADMIN' |
||||
|
privileged: true |
||||
|
args: |
||||
|
- "$(params.buildahPlatforms[*])" |
||||
|
script: | |
||||
|
#!/bin/bash |
||||
|
|
||||
|
set -Eeuo pipefail |
||||
|
|
||||
|
function build () { |
||||
|
echo "=========================================================" |
||||
|
echo " buildah build $TARGET_IMAGE for ${1:-default}" |
||||
|
echo "=========================================================" |
||||
|
echo |
||||
|
|
||||
|
extra_args="" |
||||
|
if [ -n "${1:-}" ]; then |
||||
|
extra_args="$extra_args --platform $1" |
||||
|
fi |
||||
|
if [ -n "${CONTAINERFILE:-}" ]; then |
||||
|
extra_args="$extra_args --file $CONTAINERFILE" |
||||
|
fi |
||||
|
|
||||
|
buildah bud --storage-driver vfs --manifest tekton -t $TARGET_IMAGE $extra_args . |
||||
|
echo |
||||
|
} |
||||
|
|
||||
|
function push () { |
||||
|
echo "=========================================================" |
||||
|
echo " buildah push $1" |
||||
|
echo "=========================================================" |
||||
|
echo |
||||
|
buildah manifest push --storage-driver vfs --all tekton "docker://$1" |
||||
|
echo |
||||
|
} |
||||
|
|
||||
|
for platform; do |
||||
|
build "$platform" |
||||
|
done |
||||
|
|
||||
|
push "$TARGET_IMAGE:latest" |
||||
|
|
||||
|
exit 0 |
||||
Loading…
Reference in new issue