From 09e8c700d2b51bde3debd4ecff8c0e1bfb1cb39a Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sat, 19 Oct 2024 23:15:35 -0400 Subject: [PATCH] Switch to a new Tekton task I've written to use buildkit instead of kaniko to build docker images. --- .../pipeline-build-homepage-staging.yaml | 66 +++++++++++++------ 1 file changed, 47 insertions(+), 19 deletions(-) diff --git a/.webhook_bridge/pipeline-build-homepage-staging.yaml b/.webhook_bridge/pipeline-build-homepage-staging.yaml index 96f1f06..c08dd8b 100644 --- a/.webhook_bridge/pipeline-build-homepage-staging.yaml +++ b/.webhook_bridge/pipeline-build-homepage-staging.yaml @@ -44,6 +44,31 @@ spec: #!/usr/bin/env sh set -euo pipefail echo -n "$(date +%s)" | tee $(results.unix-time.path) + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: report-pending taskRef: resolver: git @@ -184,32 +209,35 @@ spec: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 8e4e323389e66d8365a3243f8e956136e916132e - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)" + - name: OUTPUT + value: >- + type=image,"name=harbor.fizz.buzz/private/homepage-build-organic:latest,harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: . - name: DOCKERFILE - value: docker/organic/Dockerfile - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.23.2" + value: docker/organic/ - name: EXTRA_ARGS value: - - "--destination=harbor.fizz.buzz/private/homepage-build-organic" # Also write the :latest image - - "--target=" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=harbor.fizz.buzz/private/homepage-build-organic:buildcache" + - --export-cache + - "type=registry,ref=harbor.fizz.buzz/private/homepage-build-organic:buildcache,mode=max,compression=zstd,compression-level=3,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source @@ -232,7 +260,7 @@ spec: name: build-explorer-wasm params: - name: IMAGE - value: "harbor.fizz.buzz/private/homepage-build-organic:$(tasks.get-time.results.unix-time)" + value: "$(tasks.build-explorer-image.results.IMAGE_URL[1])" workspaces: - name: organic workspace: git-source-organic