add k8s resources

3 years ago · 62c8f90d67
6 changed files with 183 additions and 0 deletions
--- a/k8s/daemonset.yaml
+++ b/k8s/daemonset.yaml
@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: multiarch-qemu
+spec:
+  selector:
+    matchLabels:
+      name: multiarch-qemu
+  template:
+    metadata:
+      labels:
+        name: multiarch-qemu
+    spec:
+      containers:
+      - name: multiarch-qemu
+        image: docker.io/multiarch/qemu-user-static:6.1.0-8
+        command:
+        - /bin/sh
+        - -c
+        - /register --reset --persistent yes && while :; do sleep 3600; done
+        securityContext:
+          privileged: true
--- a/k8s/pipeline.yaml
+++ b/k8s/pipeline.yaml
@ -0,0 +1,52 @@
+apiVersion: tekton.dev/v1beta1
+kind: Pipeline
+metadata:
+  name: buildah-multiarch
+spec:
+  workspaces:
+  - name: scratch
+  params:
+  - name: buildahPlatforms
+    type: array
+    default:
+    - linux/x86_64
+    - linux/arm64/v8
+  - name: gitRepositoryURL
+    type: string
+  - name: outputContainerImage
+    type: string
+  tasks:
+  # Clone the git repository
+  - name: git-clone
+    params:
+    - name: url
+      value: "$(params.gitRepositoryURL)"
+    - name: verbose
+      value: "false"
+    workspaces:
+    - name: output
+      workspace: scratch
+      subPath: src
+    taskRef:
+      name: git-clone
+  # Build and push the container images
+  - name: buildah
+    runAfter:
+    - git-clone
+    params:
+    - name: buildahVersion
+      value: latest
+    - name: outputContainerImage
+      value: "$(params.outputContainerImage)"
+    - name: buildahPlatforms
+      value:
+      - "$(params.buildahPlatforms[*])"
+    workspaces:
+    - name: src
+      workspace: scratch
+      subPath: src
+    - name: containers
+      workspace: scratch
+      subPath: containers
+    taskRef:
+      name: buildah
--- a/k8s/pipelinerun.yaml
+++ b/k8s/pipelinerun.yaml
@ -0,0 +1,22 @@
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  generateName: buildah-multiarch-
+spec:
+  serviceAccountName: tekton-robot
+  pipelineRef:
+    name: buildah-multiarch
+  params:
+  - name: gitRepositoryURL
+    value: https://github.com/nmasse-itix/buildah-multiarchitecture-build.git
+  - name: outputContainerImage
+    value: quay.io/nmasse_itix/samba
+  workspaces:
+  - name: scratch
+    volumeClaimTemplate:
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi
--- a/k8s/secret.yaml
+++ b/k8s/secret.yaml
@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: quay-authentication
+data:
+  .dockerconfigjson: '[REDACTED]'
+type: kubernetes.io/dockerconfigjson
--- a/k8s/serviceaccount.yaml
+++ b/k8s/serviceaccount.yaml
@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: tekton-robot
+secrets:
+- name: quay-authentication
+imagePullSecrets:
+- name: quay-authentication
--- a/k8s/task.yaml
+++ b/k8s/task.yaml
@ -0,0 +1,72 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: buildah
+spec:
+  params:
+  - name: buildahVersion
+    type: string
+  - name: buildahPlatforms
+    type: array
+    default:
+    - linux/amd64
+  - name: outputContainerImage
+    type: string
+  workspaces:
+  - name: src
+    mountPath: /src
+  - name: containers
+    mountPath: /var/lib/containers
+  steps:
+  - name: buildah
+    image: quay.io/containers/buildah:$(params.buildahVersion)
+    workingDir: /src
+    env:
+    - name: TARGET_IMAGE
+      value: "$(params.outputContainerImage)"
+    securityContext:
+      capabilities:
+        add:
+        - 'SYS_ADMIN'
+      privileged: true
+    args:
+    - "$(params.buildahPlatforms[*])"
+    script: |
+      #!/bin/bash
+
+      set -Eeuo pipefail
+
+      function build () {
+        echo "========================================================="
+        echo " buildah build $TARGET_IMAGE for ${1:-default}"
+        echo "========================================================="
+        echo
+
+        extra_args=""
+        if [ -n "${1:-}" ]; then
+          extra_args="$extra_args --platform $1"
+        fi
+        if [ -n "${CONTAINERFILE:-}" ]; then
+          extra_args="$extra_args --file $CONTAINERFILE"
+        fi
+
+        buildah bud --storage-driver vfs --manifest tekton -t $TARGET_IMAGE $extra_args .
+        echo
+      }
+
+      function push () {
+        echo "========================================================="
+        echo " buildah push $1"
+        echo "========================================================="
+        echo
+        buildah manifest push --storage-driver vfs --all tekton "docker://$1"
+        echo
+      }
+
+      for platform; do
+        build "$platform"
+      done
+
+      push "$TARGET_IMAGE:latest"
+
+      exit 0