Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add build image for windows boringcrypto executable. #6369

Merged
merged 13 commits into from
Feb 16, 2024
40 changes: 35 additions & 5 deletions .drone/drone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,41 @@ volumes:
name: docker
---
kind: pipeline
name: Create Linux build image for boringcrypto
platform:
arch: amd64
os: linux
steps:
- commands:
- export IMAGE_TAG=${DRONE_TAG##build-image/v}-boringcrypto
- docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD
- docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- docker buildx create --name multiarch --driver docker-container --use
- docker buildx build --build-arg="GO_RUNTIME=mcr.microsoft.com/oss/go/microsoft/golang:1.22-bullseye"
--push --platform linux/amd64,linux/arm64 -t grafana/agent-build-image:$IMAGE_TAG
./build-image
environment:
DOCKER_LOGIN:
from_secret: docker_login
DOCKER_PASSWORD:
from_secret: docker_password
image: docker
name: Build
volumes:
- name: docker
path: /var/run/docker.sock
trigger:
event:
- tag
ref:
- refs/tags/build-image/v*
type: docker
volumes:
- host:
path: /var/run/docker.sock
name: docker
---
kind: pipeline
name: Create Windows build image
platform:
arch: amd64
Expand Down Expand Up @@ -1315,8 +1350,3 @@ get:
path: infra/data/ci/github/updater-app
kind: secret
name: updater_private_key
---
kind: signature
hmac: a77b4f7b2708cc4417edd42fae39c307abcaec2c4f0f6176212665133bd20d5d

...
23 changes: 23 additions & 0 deletions .drone/pipelines/build_images.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,29 @@ local locals = {
host: { path: '/var/run/docker.sock' },
}],
},
pipelines.linux('Create Linux build image for boringcrypto') {
trigger: locals.on_build_image_tag,
steps: [{
name: 'Build',
image: 'docker',
volumes: [{
name: 'docker',
path: '/var/run/docker.sock',
}],
environment: locals.docker_environment,
commands: [
'export IMAGE_TAG=${DRONE_TAG##build-image/v}-boringcrypto',
'docker login -u $DOCKER_LOGIN -p $DOCKER_PASSWORD',
'docker run --rm --privileged multiarch/qemu-user-static --reset -p yes',
'docker buildx create --name multiarch --driver docker-container --use',
'docker buildx build --build-arg="GO_RUNTIME=mcr.microsoft.com/oss/go/microsoft/golang:1.22-bullseye" --push --platform linux/amd64,linux/arm64 -t grafana/agent-build-image:$IMAGE_TAG ./build-image',
],
}],
volumes: [{
name: 'docker',
host: { path: '/var/run/docker.sock' },
}],
},

pipelines.windows('Create Windows build image') {
trigger: locals.on_build_image_tag,
Expand Down
1 change: 1 addition & 0 deletions .drone/util/build_image.jsonnet
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,5 @@

linux: 'grafana/agent-build-image:%s' % version,
windows: 'grafana/agent-build-image:%s-windows' % version,
boringcrypto: 'grafana/agent-build-image:%s-boringcrypto' % version,
}
6 changes: 5 additions & 1 deletion build-image/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
# default when running `docker buildx build` or when DOCKER_BUILDKIT=1 is set
# in environment variables.

# NOTE: The GO_RUNTIME is used to switch between the default google go runtime and mcr.microsoft.com/oss/go/microsoft/golang:1.22-bullseye which is a microsoft
# fork of go that allows using windows crypto instead of boring crypto. Details at https://github.com/microsoft/go/tree/microsoft/main/eng/doc/fips
ARG GO_RUNTIME=golang:1.22.0-bullseye

mattdurham marked this conversation as resolved.
Show resolved Hide resolved
#
# Dependencies
#
Expand All @@ -23,7 +27,7 @@ FROM alpine:3.17 as helm
RUN apk add --no-cache helm

# Dependency: Go and Go dependencies
FROM golang:1.22.0-bullseye as golang
FROM ${GO_RUNTIME} as golang

# Keep in sync with cmd/grafana-agent-operator/DEVELOPERS.md
ENV CONTROLLER_GEN_VERSION v0.9.2
Expand Down
Loading