From d80b473faea1c65024ae96454bca313f57fa706e Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sun, 20 Oct 2024 22:55:22 -0400 Subject: [PATCH 1/2] Switch to using BuiltKit instead of Kaniko to build docker images. --- .webhook_bridge/pipeline-build-hash.yaml | 86 +++++++++++++------ .../pipeline-foreign-document-test.yaml | 69 +++++++++++---- .webhook_bridge/pipeline-format.yaml | 69 +++++++++++---- .webhook_bridge/pipeline-rust-clippy.yaml | 69 +++++++++++---- .webhook_bridge/pipeline-rust-test.yaml | 69 +++++++++++---- 5 files changed, 258 insertions(+), 104 deletions(-) diff --git a/.webhook_bridge/pipeline-build-hash.yaml b/.webhook_bridge/pipeline-build-hash.yaml index 9ad4cd9..cb5fac7 100644 --- a/.webhook_bridge/pipeline-build-hash.yaml +++ b/.webhook_bridge/pipeline-build-hash.yaml @@ -69,42 +69,72 @@ spec: value: $(params.PULL_BASE_SHA) - name: deleteExisting value: "true" + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: build-image taskRef: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 7ee31a185243ee6da13dcd26a592c585b64c80e5 - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: OUTPUT + value: >- + type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: $(params.path-to-image-context) - name: DOCKERFILE value: $(params.path-to-dockerfile) - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.12.1" - name: EXTRA_ARGS value: - - "--destination=$(params.image-name)" # Also write the :latest image - - "--target=$(params.target-name)" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=$(params.image-name):buildcache" + - --export-cache + - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source - name: dockerconfig workspace: docker-credentials + runAfter: + - fetch-repository ############# - name: run-image-none taskSpec: @@ -147,7 +177,7 @@ spec: - build-image params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-tracing taskSpec: @@ -190,7 +220,7 @@ spec: - run-image-none params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-compare taskSpec: @@ -233,7 +263,7 @@ spec: - run-image-tracing params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-default taskSpec: @@ -276,7 +306,7 @@ spec: - run-image-compare params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-tracing-compare taskSpec: @@ -319,7 +349,7 @@ spec: - run-image-default params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-compare-foreign taskSpec: @@ -367,7 +397,7 @@ spec: - run-image-tracing-compare params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-all taskSpec: @@ -415,7 +445,7 @@ spec: - run-image-compare-foreign params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-wasm taskSpec: @@ -469,7 +499,7 @@ spec: - run-image-all params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# - name: run-image-wasm-test taskSpec: @@ -519,7 +549,7 @@ spec: - run-image-wasm params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" ############# finally: - name: report-success @@ -621,7 +651,7 @@ spec: subPath: $(params.cache-subdir) params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" - name: cache-subdir value: none # matrix: @@ -666,4 +696,4 @@ spec: - name: path-to-image-context value: . - name: path-to-dockerfile - value: docker/organic_development/Dockerfile + value: docker/organic_development/ diff --git a/.webhook_bridge/pipeline-foreign-document-test.yaml b/.webhook_bridge/pipeline-foreign-document-test.yaml index d1af109..e491809 100644 --- a/.webhook_bridge/pipeline-foreign-document-test.yaml +++ b/.webhook_bridge/pipeline-foreign-document-test.yaml @@ -69,41 +69,72 @@ spec: value: $(params.PULL_BASE_SHA) - name: deleteExisting value: "true" + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: build-image taskRef: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 7ee31a185243ee6da13dcd26a592c585b64c80e5 - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: OUTPUT + value: >- + type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: $(params.path-to-image-context) - name: DOCKERFILE value: $(params.path-to-dockerfile) - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.12.1" - name: EXTRA_ARGS value: - - "--target=$(params.target-name)" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=$(params.image-name):buildcache" + - --export-cache + - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source - name: dockerconfig workspace: docker-credentials + runAfter: + - fetch-repository - name: run-test taskSpec: metadata: {} @@ -141,7 +172,7 @@ spec: - build-image params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" finally: - name: report-success when: @@ -235,7 +266,7 @@ spec: workspace: cargo-cache params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" workspaces: - name: git-source - name: docker-credentials @@ -265,4 +296,4 @@ spec: - name: path-to-image-context value: docker/organic_test/ - name: path-to-dockerfile - value: docker/organic_test/Dockerfile + value: docker/organic_test/ diff --git a/.webhook_bridge/pipeline-format.yaml b/.webhook_bridge/pipeline-format.yaml index 05df7d0..75f8e7b 100644 --- a/.webhook_bridge/pipeline-format.yaml +++ b/.webhook_bridge/pipeline-format.yaml @@ -69,41 +69,72 @@ spec: value: $(params.PULL_BASE_SHA) - name: deleteExisting value: "true" + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: build-image taskRef: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 7ee31a185243ee6da13dcd26a592c585b64c80e5 - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: OUTPUT + value: >- + type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: $(params.path-to-image-context) - name: DOCKERFILE value: $(params.path-to-dockerfile) - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.12.1" - name: EXTRA_ARGS value: - - "--target=$(params.target-name)" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=$(params.image-name):buildcache" + - --export-cache + - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source - name: dockerconfig workspace: docker-credentials + runAfter: + - fetch-repository - name: run-cargo-fmt taskSpec: metadata: {} @@ -143,7 +174,7 @@ spec: - build-image params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" - name: commit-changes taskRef: resolver: git @@ -268,7 +299,7 @@ spec: workspace: cargo-cache params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" workspaces: - name: git-source - name: docker-credentials @@ -298,4 +329,4 @@ spec: - name: path-to-image-context value: docker/organic_development/ - name: path-to-dockerfile - value: docker/organic_development/Dockerfile + value: docker/organic_development/ diff --git a/.webhook_bridge/pipeline-rust-clippy.yaml b/.webhook_bridge/pipeline-rust-clippy.yaml index 209093c..031b192 100644 --- a/.webhook_bridge/pipeline-rust-clippy.yaml +++ b/.webhook_bridge/pipeline-rust-clippy.yaml @@ -69,41 +69,72 @@ spec: value: $(params.PULL_BASE_SHA) - name: deleteExisting value: "true" + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: build-image taskRef: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 7ee31a185243ee6da13dcd26a592c585b64c80e5 - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: OUTPUT + value: >- + type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: $(params.path-to-image-context) - name: DOCKERFILE value: $(params.path-to-dockerfile) - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.12.1" - name: EXTRA_ARGS value: - - "--target=$(params.target-name)" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=$(params.image-name):buildcache" + - --export-cache + - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source - name: dockerconfig workspace: docker-credentials + runAfter: + - fetch-repository - name: run-cargo-clippy taskSpec: metadata: {} @@ -153,7 +184,7 @@ spec: - build-image params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" finally: - name: report-success when: @@ -247,7 +278,7 @@ spec: workspace: cargo-cache params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" workspaces: - name: git-source - name: docker-credentials @@ -277,4 +308,4 @@ spec: - name: path-to-image-context value: docker/organic_development/ - name: path-to-dockerfile - value: docker/organic_development/Dockerfile + value: docker/organic_development/ diff --git a/.webhook_bridge/pipeline-rust-test.yaml b/.webhook_bridge/pipeline-rust-test.yaml index 6face02..345e1aa 100644 --- a/.webhook_bridge/pipeline-rust-test.yaml +++ b/.webhook_bridge/pipeline-rust-test.yaml @@ -69,41 +69,72 @@ spec: value: $(params.PULL_BASE_SHA) - name: deleteExisting value: "true" + - name: get-git-commit-time + taskSpec: + metadata: {} + stepTemplate: + image: alpine:3.20 + computeResources: + requests: + cpu: 10m + memory: 600Mi + workingDir: "$(workspaces.repo.path)" + results: + - name: unix-time + description: The time of the git commit in unix timestamp format. + steps: + - image: alpine/git:v2.34.2 + name: detect-tag-step + script: | + #!/usr/bin/env sh + set -euo pipefail + echo -n "$(git log -1 --pretty=%ct)" | tee $(results.unix-time.path) + workspaces: + - name: repo + workspace: git-source + runAfter: + - fetch-repository - name: build-image taskRef: resolver: git params: - name: url - value: https://code.fizz.buzz/mirror/catalog.git # mirror of https://github.com/tektoncd/catalog.git + value: https://code.fizz.buzz/talexander/personal_tekton_catalog.git - name: revision - value: df36b3853a5657fd883015cdbf07ad6466918acf + value: 7ee31a185243ee6da13dcd26a592c585b64c80e5 - name: pathInRepo - value: task/kaniko/0.6/kaniko.yaml + value: task/buildkit-rootless-daemonless/0.1/buildkit-rootless-daemonless.yaml params: - - name: IMAGE - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + - name: OUTPUT + value: >- + type=image,"name=$(params.image-name):latest,$(params.image-name):$(tasks.fetch-repository.results.commit)",push=true,compression=zstd,compression-level=22,oci-mediatypes=true - name: CONTEXT value: $(params.path-to-image-context) - name: DOCKERFILE value: $(params.path-to-dockerfile) - - name: BUILDER_IMAGE - value: "gcr.io/kaniko-project/executor:v1.12.1" - name: EXTRA_ARGS value: - - "--target=$(params.target-name)" - - --cache=true - - --cache-copy-layers - - --cache-repo=harbor.fizz.buzz/kanikocache/cache - - --use-new-run # Should result in a speed-up - - --reproducible # To remove timestamps so layer caching works. - - --snapshot-mode=redo - - --skip-unused-stages=true - - --registry-mirror=dockerhub.dockerhub.svc.cluster.local + - --import-cache + - "type=registry,ref=$(params.image-name):buildcache" + - --export-cache + - "type=registry,ref=$(params.image-name):buildcache,mode=max,compression=zstd,compression-level=22,rewrite-timestamp=true,image-manifest=true,oci-mediatypes=true" + - --opt + - build-arg:SOURCE_DATE_EPOCH=$(tasks.get-git-commit-time.results.unix-time) + - name: BUILDKITD_TOML + value: | + debug = true + [registry."docker.io"] + mirrors = ["dockerhub.dockerhub.svc.cluster.local"] + [registry."dockerhub.dockerhub.svc.cluster.local"] + http = true + insecure = true workspaces: - name: source workspace: git-source - name: dockerconfig workspace: docker-credentials + runAfter: + - fetch-repository - name: run-cargo-test taskSpec: metadata: {} @@ -152,7 +183,7 @@ spec: - build-image params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" finally: - name: report-success when: @@ -246,7 +277,7 @@ spec: workspace: cargo-cache params: - name: docker-image - value: "$(params.image-name):$(tasks.fetch-repository.results.commit)" + value: "$(tasks.build-image.results.IMAGE_URL[1])" workspaces: - name: git-source - name: docker-credentials @@ -276,4 +307,4 @@ spec: - name: path-to-image-context value: docker/organic_test/ - name: path-to-dockerfile - value: docker/organic_test/Dockerfile + value: docker/organic_test/ From a01f78b5104a890af62a50850ba57cbb342b1c5b Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Sun, 20 Oct 2024 23:02:02 -0400 Subject: [PATCH 2/2] Update dockerfiles to take advantage of BuildKit. --- .webhook_bridge/pipeline-build-hash.yaml | 2 ++ .../pipeline-foreign-document-test.yaml | 2 ++ .webhook_bridge/pipeline-format.yaml | 2 ++ .webhook_bridge/pipeline-rust-clippy.yaml | 2 ++ .webhook_bridge/pipeline-rust-test.yaml | 2 ++ docker/organic_development/Dockerfile | 7 +++-- docker/organic_test/Dockerfile | 27 ++++++++++--------- 7 files changed, 30 insertions(+), 14 deletions(-) diff --git a/.webhook_bridge/pipeline-build-hash.yaml b/.webhook_bridge/pipeline-build-hash.yaml index cb5fac7..efa0298 100644 --- a/.webhook_bridge/pipeline-build-hash.yaml +++ b/.webhook_bridge/pipeline-build-hash.yaml @@ -114,6 +114,8 @@ spec: value: $(params.path-to-dockerfile) - name: EXTRA_ARGS value: + - "--opt" + - "target=$(params.target-name)" - --import-cache - "type=registry,ref=$(params.image-name):buildcache" - --export-cache diff --git a/.webhook_bridge/pipeline-foreign-document-test.yaml b/.webhook_bridge/pipeline-foreign-document-test.yaml index e491809..b14c40e 100644 --- a/.webhook_bridge/pipeline-foreign-document-test.yaml +++ b/.webhook_bridge/pipeline-foreign-document-test.yaml @@ -114,6 +114,8 @@ spec: value: $(params.path-to-dockerfile) - name: EXTRA_ARGS value: + - "--opt" + - "target=$(params.target-name)" - --import-cache - "type=registry,ref=$(params.image-name):buildcache" - --export-cache diff --git a/.webhook_bridge/pipeline-format.yaml b/.webhook_bridge/pipeline-format.yaml index 75f8e7b..b9b2abc 100644 --- a/.webhook_bridge/pipeline-format.yaml +++ b/.webhook_bridge/pipeline-format.yaml @@ -114,6 +114,8 @@ spec: value: $(params.path-to-dockerfile) - name: EXTRA_ARGS value: + - "--opt" + - "target=$(params.target-name)" - --import-cache - "type=registry,ref=$(params.image-name):buildcache" - --export-cache diff --git a/.webhook_bridge/pipeline-rust-clippy.yaml b/.webhook_bridge/pipeline-rust-clippy.yaml index 031b192..a4f6597 100644 --- a/.webhook_bridge/pipeline-rust-clippy.yaml +++ b/.webhook_bridge/pipeline-rust-clippy.yaml @@ -114,6 +114,8 @@ spec: value: $(params.path-to-dockerfile) - name: EXTRA_ARGS value: + - "--opt" + - "target=$(params.target-name)" - --import-cache - "type=registry,ref=$(params.image-name):buildcache" - --export-cache diff --git a/.webhook_bridge/pipeline-rust-test.yaml b/.webhook_bridge/pipeline-rust-test.yaml index 345e1aa..b1340ab 100644 --- a/.webhook_bridge/pipeline-rust-test.yaml +++ b/.webhook_bridge/pipeline-rust-test.yaml @@ -114,6 +114,8 @@ spec: value: $(params.path-to-dockerfile) - name: EXTRA_ARGS value: + - "--opt" + - "target=$(params.target-name)" - --import-cache - "type=registry,ref=$(params.image-name):buildcache" - --export-cache diff --git a/docker/organic_development/Dockerfile b/docker/organic_development/Dockerfile index 1d516b1..479154e 100644 --- a/docker/organic_development/Dockerfile +++ b/docker/organic_development/Dockerfile @@ -1,7 +1,10 @@ -FROM rustlang/rust:nightly-alpine3.20 AS builder +# syntax=docker/dockerfile:1 +ARG ALPINE_VERSION="3.20" + +FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS builder RUN apk add --no-cache musl-dev -RUN cargo install --locked --no-default-features --features ci-autoclean cargo-cache +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install --locked --no-default-features --features ci-autoclean cargo-cache RUN rustup component add rustc-codegen-cranelift FROM builder AS format diff --git a/docker/organic_test/Dockerfile b/docker/organic_test/Dockerfile index 0ae1a71..1a4c1f4 100644 --- a/docker/organic_test/Dockerfile +++ b/docker/organic_test/Dockerfile @@ -1,3 +1,6 @@ +# syntax=docker/dockerfile:1 +ARG ALPINE_VERSION="3.20" + # ARG EMACS_REPO=https://git.savannah.gnu.org/git/emacs.git ARG EMACS_REPO=https://code.fizz.buzz/mirror/emacs.git @@ -9,7 +12,7 @@ ARG ORG_MODE_REPO=https://code.fizz.buzz/mirror/org-mode.git ARG ORG_VERSION=abf5156096c06ee5aa05795c3dc5a065f76ada97 -FROM alpine:3.20 AS build +FROM alpine:$ALPINE_VERSION AS build RUN apk add --no-cache build-base musl-dev git autoconf make texinfo gnutls-dev ncurses-dev gawk libgccjit-dev @@ -28,7 +31,7 @@ RUN make DESTDIR="/root/dist" install FROM build AS build-org-mode ARG ORG_VERSION ARG ORG_MODE_REPO -COPY --from=build-emacs /root/dist/ / +COPY --link --from=build-emacs /root/dist/ / RUN mkdir /root/dist # Savannah does not allow fetching specific revisions, so we're going to have to put unnecessary load on their server by cloning main and then checking out the revision we want. RUN git clone $ORG_MODE_REPO /root/org-mode && git -C /root/org-mode checkout $ORG_VERSION @@ -38,13 +41,13 @@ RUN make compile RUN make DESTDIR="/root/dist" install -FROM rustlang/rust:nightly-alpine3.20 AS tester +FROM rustlang/rust:nightly-alpine$ALPINE_VERSION AS tester ENV LANG=en_US.UTF-8 RUN apk add --no-cache musl-dev ncurses gnutls libgccjit -RUN cargo install --locked --no-default-features --features ci-autoclean cargo-cache +RUN --mount=type=tmpfs,target=/tmp --mount=type=cache,target=/usr/local/cargo/registry,sharing=locked cargo install --locked --no-default-features --features ci-autoclean cargo-cache RUN rustup component add rustc-codegen-cranelift -COPY --from=build-emacs /root/dist/ / -COPY --from=build-org-mode /root/dist/ / +COPY --link --from=build-emacs /root/dist/ / +COPY --link --from=build-org-mode /root/dist/ / ENTRYPOINT ["cargo", "test"] @@ -117,10 +120,10 @@ RUN rm $LITERATE_BUILD_EMACS_PATH/unused/aws.org FROM tester as foreign-document RUN apk add --no-cache bash coreutils RUN mkdir /foreign_documents -COPY --from=foreign-document-gather /foreign_documents/howardabrams /foreign_documents/howardabrams -COPY --from=foreign-document-gather /foreign_documents/doomemacs /foreign_documents/doomemacs -COPY --from=foreign-document-gather /foreign_documents/worg /foreign_documents/worg -COPY --from=foreign-document-gather /foreign_documents/literate_build_emacs /foreign_documents/literate_build_emacs -COPY --from=build-org-mode /root/org-mode /foreign_documents/org-mode -COPY --from=build-emacs /root/emacs /foreign_documents/emacs +COPY --link --from=foreign-document-gather /foreign_documents/howardabrams /foreign_documents/howardabrams +COPY --link --from=foreign-document-gather /foreign_documents/doomemacs /foreign_documents/doomemacs +COPY --link --from=foreign-document-gather /foreign_documents/worg /foreign_documents/worg +COPY --link --from=foreign-document-gather /foreign_documents/literate_build_emacs /foreign_documents/literate_build_emacs +COPY --link --from=build-org-mode /root/org-mode /foreign_documents/org-mode +COPY --link --from=build-emacs /root/emacs /foreign_documents/emacs ENTRYPOINT ["cargo", "run", "--bin", "foreign_document_test", "--features", "compare,foreign_document_test", "--profile", "release-lto"]