Build and push KinD node image #3829
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and push KinD node image | |
on: | |
workflow_dispatch: | |
inputs: | |
tag: | |
description: "Tag to build images for" | |
required: true | |
permissions: | |
packages: write | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
build-and-push-arch-images: | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: true | |
matrix: | |
arch: [amd64, arm64] | |
steps: | |
- name: Free disk space | |
uses: insightsengineering/disk-space-reclaimer@v1 | |
with: | |
tools-cache: true | |
- name: Recreate tool cache directory | |
run: mkdir -p "${RUNNER_TOOL_CACHE}" | |
- uses: actions/checkout@v3 | |
with: | |
persist-credentials: false | |
ref: ${{ github.event.inputs.tag }} | |
- name: Install KinD | |
uses: helm/[email protected] | |
with: | |
install_only: true | |
version: v0.22.0 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v2 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build KinD image for ${{ matrix.arch }} | |
run: | | |
kind build node-image . --arch ${{ matrix.arch }} --image ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
- name: Push KinD image | |
run: | | |
docker image push ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
- name: Export pause image version | |
id: pauseimage | |
run: | | |
echo version=$(docker run --platform=linux/${{ matrix.arch }} --rm --entrypoint kubeadm \ | |
ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} \ | |
config images list | grep pause) >>${GITHUB_OUTPUT} | |
- name: Create list of images to add to KinD node image | |
run: | | |
cat <<'EOF' >images.txt | |
ghcr.io/mesosphere/toml-merge:v0.2.0 | |
${{ steps.pauseimage.outputs.version }} | |
EOF | |
- name: Create image bundle with extra images for the KinD node image | |
uses: mesosphere/mindthegap-action/create-image-bundle@v1 | |
with: | |
platforms: linux/${{ matrix.arch }} | |
- name: Import images to node image | |
run: | | |
cat <<'EOF' >Dockerfile | |
FROM --platform=linux/${{ matrix.arch }} ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
# If the base image used (e.g.: https://github.com/kubernetes-sigs/kind/blob/v0.17.0/pkg/build/nodeimage/defaults.go#L23) in KinD ever gets outdated, move to `old-release.ubuntu.com` | |
# RUN sed -i -e 's/archive.ubuntu.com\|security.ubuntu.com/old-releases.ubuntu.com/g' /etc/apt/sources.list | |
RUN --mount=type=bind,source=images.tar,target=/tmp/images.tar \ | |
bash -ec "curl -fsSL https://github.com/mesosphere/mindthegap/releases/download/v1.11.1/mindthegap_v1.11.1_linux_${{ matrix.arch }}.tar.gz | \ | |
tar xz -C /usr/local/bin -- mindthegap; \ | |
nohup containerd & &>/dev/null; \ | |
until crictl info &>/dev/null; do sleep 0.5; done; \ | |
crictl rmi registry.k8s.io/pause:3.7; \ | |
mindthegap import image-bundle --image-bundle /tmp/images.tar; \ | |
rm -f /usr/local/bin/mindthegap; \ | |
pkill containerd" | |
RUN sed -i 's|sandbox_image = .\+$|sandbox_image = "${{ steps.pauseimage.outputs.version }}"|' /etc/config.toml /etc/containerd/config.toml | |
LABEL org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }} | |
LABEL org.opencontainers.image.description="KinD Node Image built with KinD $(kind version | cut -f2 -d' ')" | |
LABEL org.opencontainers.image.licenses=ASL2 | |
EOF | |
cat Dockerfile | |
docker buildx build --output=type=docker -t ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} -f Dockerfile . | |
- name: Push updated KinD image | |
run: | | |
docker image push ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
- name: Build and Push KinD image for CI | |
run: | | |
cat <<'EOF' >Dockerfile | |
FROM --platform=linux/${{ matrix.arch }} ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
RUN apt-get update && apt-get install -y lvm2 && rm -rf /var/lib/apt/lists/* | |
EOF | |
cat Dockerfile | |
docker buildx build --output=type=docker -t ghcr.io/${{ github.repository_owner }}/kind-node-ci:${{ github.event.inputs.tag }}-${{ matrix.arch }} -f Dockerfile . | |
docker image push ghcr.io/${{ github.repository_owner }}/kind-node-ci:${{ github.event.inputs.tag }}-${{ matrix.arch }} | |
- run: df -h | |
if: always() | |
build-and-push-manifest: | |
needs: [build-and-push-arch-images] | |
runs-on: ubuntu-22.04 | |
env: | |
DOCKER_CLI_EXPERIMENTAL: enabled | |
steps: | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Push KinD multiplatform manifest | |
run: | | |
docker manifest create ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }}{,-{arm64,amd64}} | |
docker manifest push ghcr.io/${{ github.repository_owner }}/kind-node:${{ github.event.inputs.tag }} | |
- name: Push KinD multiplatform manifest for CI images | |
run: | | |
docker manifest create ghcr.io/${{ github.repository_owner }}/kind-node-ci:${{ github.event.inputs.tag }}{,-{arm64,amd64}} | |
docker manifest push ghcr.io/${{ github.repository_owner }}/kind-node-ci:${{ github.event.inputs.tag }} |