diff --git a/.drone.yml b/.drone.yml index 096ad9995..d84ed55c5 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,10 +1,18 @@ +--- +kind: secret +name: kubeconfig + +get: + path: buildx + name: kubeconfig + --- kind: pipeline name: default services: - name: docker - image: docker:19.03.3-rc1-dind + image: docker:19.03.3-dind entrypoint: - dockerd command: @@ -18,12 +26,29 @@ services: path: /var/run steps: + - name: setup-ci + image: autonomy/build-container:latest + commands: + - git fetch --tags + - apk add coreutils + - echo -e "$BUILDX_KUBECONFIG" > /root/.kube/config + - docker buildx create --driver kubernetes --driver-opt replicas=2 --driver-opt namespace=ci --driver-opt image=moby/buildkit:v0.6.2 --name ci --buildkitd-flags="--allow-insecure-entitlement security.insecure" --use + - docker buildx inspect --bootstrap + environment: + BUILDX_KUBECONFIG: + from_secret: kubeconfig + privileged: true + volumes: + - name: docker-socket + path: /var/run + - name: docker + path: /root/.docker/buildx + - name: kube + path: /root/.kube + - name: build-pull-request image: autonomy/build-container:latest pull: always - environment: - BINDIR: /usr/local/bin - BUILDKIT_HOST: ${BUILDKIT_HOST=tcp://buildkitd.ci.svc:1234} commands: - make when: @@ -33,6 +58,10 @@ steps: volumes: - name: docker-socket path: /var/run + - name: docker + path: /root/.docker/buildx + - name: kube + path: /root/.kube - name: build-and-publish image: autonomy/build-container:latest @@ -42,8 +71,6 @@ steps: from_secret: docker_username DOCKER_PASSWORD: from_secret: docker_password - BINDIR: /usr/local/bin - BUILDKIT_HOST: ${BUILDKIT_HOST=tcp://buildkitd.ci.svc:1234} commands: - docker login --username "$${DOCKER_USERNAME}" --password "$${DOCKER_PASSWORD}" - make PUSH=true @@ -54,10 +81,18 @@ steps: volumes: - name: docker-socket path: /var/run + - name: docker + path: /root/.docker/buildx + - name: kube + path: /root/.kube volumes: - name: docker-socket temp: {} + - name: docker + temp: {} + - name: kube + temp: {} --- kind: pipeline name: notify diff --git a/Makefile b/Makefile index 67569da14..bad010b6c 100644 --- a/Makefile +++ b/Makefile @@ -1,94 +1,38 @@ -BINDIR ?= ./bin - -BUILDKIT_VERSION ?= v0.6.0 -BUILDKIT_IMAGE ?= moby/buildkit:$(BUILDKIT_VERSION) -BUILDKIT_HOST ?= tcp://0.0.0.0:1234 -BUILDKIT_CONTAINER_NAME ?= talos-buildkit -BUILDKIT_CONTAINER_STOPPED := $(shell docker ps --filter name=$(BUILDKIT_CONTAINER_NAME) --filter status=exited --format='{{.Names}}' 2>/dev/null) -BUILDKIT_CONTAINER_RUNNING := $(shell docker ps --filter name=$(BUILDKIT_CONTAINER_NAME) --filter status=running --format='{{.Names}}' 2>/dev/null) - -UNAME_S := $(shell uname -s) -ifeq ($(UNAME_S),Linux) -BUILDCTL_ARCHIVE := https://github.com/moby/buildkit/releases/download/$(BUILDKIT_VERSION)/buildkit-$(BUILDKIT_VERSION).linux-amd64.tar.gz -endif -ifeq ($(UNAME_S),Darwin) -BUILDCTL_ARCHIVE := https://github.com/moby/buildkit/releases/download/$(BUILDKIT_VERSION)/buildkit-$(BUILDKIT_VERSION).darwin-amd64.tar.gz -endif - -ifeq ($(UNAME_S),Linux) -GITMETA := https://github.com/talos-systems/gitmeta/releases/download/v0.1.0-alpha.2/gitmeta-linux-amd64 -endif -ifeq ($(UNAME_S),Darwin) -GITMETA := https://github.com/talos-systems/gitmeta/releases/download/v0.1.0-alpha.2/gitmeta-darwin-amd64 -endif - - -COMMON_ARGS = --progress=auto -COMMON_ARGS += --frontend=dockerfile.v0 -COMMON_ARGS += --local context=. -COMMON_ARGS += --local dockerfile=. -COMMON_ARGS += --opt filename=Pkgfile - -ifeq ($(PUSH),true) -PUSH_ARGS = ,push=true -else -PUSH_ARGS = -endif - -TAG ?= $(shell $(BINDIR)/gitmeta image tag) +REGISTRY ?= docker.io +USERNAME ?= autonomy +SHA ?= $(shell git describe --match=none --always --abbrev=8 --dirty) +TAG ?= $(shell git describe --tag --always --dirty) +BRANCH ?= $(shell git rev-parse --abbrev-ref HEAD) +REGISTRY_AND_USERNAME := $(REGISTRY)/$(USERNAME) + +BUILD := docker buildx build +PLATFORM ?= linux/amd64 +PROGRESS ?= auto +PUSH ?= false +COMMON_ARGS := --file=Pkgfile +COMMON_ARGS += --progress=$(PROGRESS) +COMMON_ARGS += --platform=$(PLATFORM) TARGETS = ca-certificates cni containerd dosfstools eudev fhs iptables kernel kmod libressl libseccomp musl runc socat syslinux util-linux xfsprogs -all: ci $(TARGETS) - -.PHONY: ci -ci: builddeps buildkitd - -.PHONY: builddeps -builddeps: gitmeta buildctl - -gitmeta: $(BINDIR)/gitmeta - -$(BINDIR)/gitmeta: - @mkdir -p $(BINDIR) - @curl -L $(GITMETA) -o $(BINDIR)/gitmeta - @chmod +x $(BINDIR)/gitmeta - -buildctl: $(BINDIR)/buildctl +all: $(TARGETS) ## Builds all known pkgs. -$(BINDIR)/buildctl: - @mkdir -p $(BINDIR) - @curl -L $(BUILDCTL_ARCHIVE) | tar -zxf - -C $(BINDIR) --strip-components 1 bin/buildctl +.PHONY: help +help: ## This help menu. + @grep -E '^[a-zA-Z%_-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' -.PHONY: buildkitd -buildkitd: -ifeq (tcp://0.0.0.0:1234,$(findstring tcp://0.0.0.0:1234,$(BUILDKIT_HOST))) -ifeq ($(BUILDKIT_CONTAINER_STOPPED),$(BUILDKIT_CONTAINER_NAME)) - @echo "Removing exited talos-buildkit container" - @docker rm $(BUILDKIT_CONTAINER_NAME) -endif -ifneq ($(BUILDKIT_CONTAINER_RUNNING),$(BUILDKIT_CONTAINER_NAME)) - @echo "Starting talos-buildkit container" - @docker run \ - --name $(BUILDKIT_CONTAINER_NAME) \ - -d \ - --privileged \ - -p 1234:1234 \ - $(BUILDKIT_IMAGE) \ - --addr $(BUILDKIT_HOST) - @echo "Wait for buildkitd to become available" - @sleep 5 -endif -endif +target-%: ## Builds the specified target defined in the Dockerfile. The build result will only remain in the build cache. + @$(BUILD) \ + --target=$* \ + $(COMMON_ARGS) \ + $(TARGET_ARGS) . +docker-%: ## Builds the specified target defined in the Dockerfile using the docker output type. The build result will be loaded into docker. + @$(MAKE) target-$* TARGET_ARGS="$(TARGET_ARGS)" .PHONY: $(TARGETS) -$(TARGETS): buildkitd gitmeta - @$(BINDIR)/buildctl --addr $(BUILDKIT_HOST) \ - build \ - --opt target=$@ \ - --output type=image,name=docker.io/autonomy/$@:$(TAG)$(PUSH_ARGS) \ - $(COMMON_ARGS) +$(TARGETS): + @$(MAKE) docker-$@ TARGET_ARGS="--tag=docker.io/autonomy/$@:$(TAG) --push=$(PUSH)" .PHONY: deps.png deps.png: