From patchwork Fri Feb 24 18:08:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 656266 Delivered-To: patch@linaro.org Received: by 2002:adf:a3c6:0:0:0:0:0 with SMTP id m6csp1043916wrb; Fri, 24 Feb 2023 10:11:13 -0800 (PST) X-Google-Smtp-Source: AK7set/TZBr5nkmpl5QtuTHPtLswnQeJCVISeRADaqLOARREe3AvwKXBwOoBNOyHpj6YzSuL5jQn X-Received: by 2002:ac8:5b56:0:b0:3b9:b9b4:cb8d with SMTP id n22-20020ac85b56000000b003b9b9b4cb8dmr16348806qtw.11.1677262272998; Fri, 24 Feb 2023 10:11:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1677262272; cv=none; d=google.com; s=arc-20160816; b=gHfxQMV2tU9qd7jKvAbtVwqoZqD8nydWpUMIY8B2/0uvSm9U3PTjh2azwBOarSyf2t sXRnVYKSc3PWkjMnU2xjdKndF/s6TzQdG4e6ckvW3/pIMgNWaCp4wdgek5k/guLmPgcD SJScMG/B9QEWAM/mGWZIzbUVt3cKrvM5zbvUT8sdSGWfru18bvG2gPWUm20EKPAPKowC vWpW/Deb9XTvVxoO2i0IZUn0cyCFWz2C/NOZqIrOcDPTSIsk2pv967AS8/tgPV8Bbn1Z wJONi/tb3BR4vsF/IcW6P+sk48zCeNMKnioRW+IdSso7X6D263uk/xqNlEopq1qRWCBF 73oA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=BlibFENLTWxL3qZcvscioQcCh9h4BHOWtZSqmzwML2w=; b=TgPfZJLD3+e++kZT8S1rzCOcLyzOdZRkRqXkXrsN4xT4EHOMkMX20zHuINGPmCC9Oe /GHcdd2m/DxTKWKLranP5biEPGkf6AE1lWb193GzfaV8My239Kq5mJKfJIKu6dKl9oVb /KalVvVNc9t9nQ1mPH5ssQMj6IgWuBzO5wturNJDRY62n3uUo9Zfqy7PBSA9KXG13XMi yQhQ6VNl5I9iJNZEPHfi7ddM2HQczl4gXlWjUZlbtqY+lRcN/lHcyXnXEpN5OISN0zfj WQUYuoErVA2MizvMjb03KXqMbHolSZUvE8zGX7iFFKRz3fe2xz2pNDWjjBmZz2BI/CgN FdWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IfVx9gTa; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id u29-20020a37ab1d000000b007427fdb6994si530308qke.456.2023.02.24.10.11.12 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 24 Feb 2023 10:11:12 -0800 (PST) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IfVx9gTa; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pVcVM-0005Ca-Un; Fri, 24 Feb 2023 13:09:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pVcVK-00059t-Dd for qemu-devel@nongnu.org; Fri, 24 Feb 2023 13:09:10 -0500 Received: from mail-wm1-x329.google.com ([2a00:1450:4864:20::329]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pVcVD-0004zM-N9 for qemu-devel@nongnu.org; Fri, 24 Feb 2023 13:09:09 -0500 Received: by mail-wm1-x329.google.com with SMTP id j3so239714wms.2 for ; Fri, 24 Feb 2023 10:09:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=BlibFENLTWxL3qZcvscioQcCh9h4BHOWtZSqmzwML2w=; b=IfVx9gTacJ1XAklga3Qd14ZE5FuJHoJZzHBgtqJCD3eDYqp3As46AQsINnZTYY0FgQ +S71GbC2LxStBmmL7FDtAREyra73m/BHXaV7uMMyPP/6qRGPkeZfSCvFEs84xMisuKcG vuI4dBLRi5bu8DvPpn5VMPw1y4+By5epqkyIUpKwRqsIPvdW0f9Sly9kUpgKWtq19YdE pu7Avym4lDuy8Qo8Eyp35sxW1kwl4PXT4MAuUdJd81cs4mbqL2W3TIiLNbXmaQJIska7 vALRCADcEHjFNItc0kMMC5Z6/zf1EzQqNCHZCY4hgQsxvcAN5ignmv27jXXweEMyjoPl IGIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BlibFENLTWxL3qZcvscioQcCh9h4BHOWtZSqmzwML2w=; b=IO6IbUVDQ+r1NTDbgq+lYevzUrJ0MyBsaSCvEHTLjuA9GE7h45emO2ez+GcYOzFzDs 6cqJ+XY5lybxbPHBsDpIntSrhUAxaEliUz/MJqRh3V+G+JaiQ9a0VqXYOw5fqbatlI7D VhH/paBFWy8oWGQaoW0HsBFBEZ0QKUnS0Q5GR1dmIc/sUq9j6B9TzdI9CREaqdwCAwb+ 8euhmHOiqjguvwOtrBHsUf32GA8k98P7Pg4cYJE0zFdfuVxyY0PxVvllzPwGakPyffz8 UxRKYX/tGvAsK725mDY/Y7FHR5nXAT5yz2C9Je6gLWdMbNs+uDeTD9Zxa2Gr4+VdPzqM D3EQ== X-Gm-Message-State: AO0yUKWyhAnZ6RzX43qZtEYMDTKV9/G77AdQK3pMUrkW2WDiQW1P/exr g9Mo/9Op4Nl82EnSwesjZ+2MHg== X-Received: by 2002:a05:600c:44d3:b0:3da:fc30:bfc5 with SMTP id f19-20020a05600c44d300b003dafc30bfc5mr12278494wmo.13.1677262142297; Fri, 24 Feb 2023 10:09:02 -0800 (PST) Received: from zen.linaroharston ([85.9.250.243]) by smtp.gmail.com with ESMTPSA id hn29-20020a05600ca39d00b003e21f01c426sm3797726wmb.9.2023.02.24.10.08.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Feb 2023 10:09:01 -0800 (PST) Received: from zen.lan (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id ACF4F1FFBE; Fri, 24 Feb 2023 18:08:58 +0000 (GMT) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: qemu-devel@nongnu.org Cc: Li-Wen Hsu , =?utf-8?q?Alex_Benn=C3=A9e?= , Thomas Huth , Kevin Wolf , Stefan Hajnoczi , Michael Roth , Qiuhao Li , Beraldo Leal , Paolo Bonzini , =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= , Cleber Rosa , Yonggang Luo , Ed Maste , Peter Maydell , Aurelien Jarno , qemu-arm@nongnu.org, =?utf-8?q?Phili?= =?utf-8?q?ppe_Mathieu-Daud=C3=A9?= , qemu-block@nongnu.org, Bastian Koppelmann , John Snow , =?utf-8?q?Marc-Andr=C3=A9_Lureau?= , Alexander Bulekov , Hanna Reitz , Bandan Das , Markus Armbruster , Darren Kenny , Wainer dos Santos Moschetta , Pavel Dovgalyuk Subject: [PATCH 7/7] tests/gitlab: use kaniko to build images Date: Fri, 24 Feb 2023 18:08:57 +0000 Message-Id: <20230224180857.1050220-8-alex.bennee@linaro.org> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20230224180857.1050220-1-alex.bennee@linaro.org> References: <20230224180857.1050220-1-alex.bennee@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2a00:1450:4864:20::329; envelope-from=alex.bennee@linaro.org; helo=mail-wm1-x329.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org Apparently the docker-in-docker approach has some flaws including needing privileged mode to run and being quite slow. An alternative approach is to use Google's kaniko tool. It also works across different gitlab executors. Following the gitlab example code we drop all the direct docker calls and usage of the script and make a direct call to kaniko and hope the images are cacheable by others. Signed-off-by: Alex Bennée --- .gitlab-ci.d/container-template.yml | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/.gitlab-ci.d/container-template.yml b/.gitlab-ci.d/container-template.yml index c434b9c8f3..c2d7950df8 100644 --- a/.gitlab-ci.d/container-template.yml +++ b/.gitlab-ci.d/container-template.yml @@ -1,22 +1,17 @@ .container_job_template: extends: .base_job_template - image: docker:stable + image: + name: gcr.io/kaniko-project/executor:v1.9.0-debug + entrypoint: [""] stage: containers - services: - - docker:dind before_script: - export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest" - - export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/$NAME:latest" - - apk add python3 - - docker info - - docker login $CI_REGISTRY -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" + - export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/qemu/$NAME:latest" script: - echo "TAG:$TAG" - echo "COMMON_TAG:$COMMON_TAG" - - ./tests/docker/docker.py --engine docker build - -t "qemu/$NAME" -f "tests/docker/dockerfiles/$NAME.docker" - -r $CI_REGISTRY/qemu-project/qemu - - docker tag "qemu/$NAME" "$TAG" - - docker push "$TAG" - after_script: - - docker logout + - /kaniko/executor + --reproducible + --context "${CI_PROJECT_DIR}" + --dockerfile "${CI_PROJECT_DIR}/tests/docker/dockerfiles/$NAME.docker" + --destination "${TAG}"