CrazyMax
parent
f30fab2532
commit
072078a403
|
|
@ -28,5 +28,5 @@ linters:
|
|||
issues:
|
||||
exclude-rules:
|
||||
- linters:
|
||||
- golint
|
||||
- golint
|
||||
text: "stutters"
|
||||
|
|
|
|||
24
.travis.yml
24
.travis.yml
|
|
@ -34,20 +34,20 @@ jobs:
|
|||
script: ./hack/login_ci_cache && ./hack/build_ci_first_pass
|
||||
- stage: testing
|
||||
name: "Client integration tests"
|
||||
script:
|
||||
script:
|
||||
- TESTPKGS=./client TESTFLAGS='-v --timeout=20m' ./hack/test integration
|
||||
- TESTPKGS=./cmd/buildctl ./hack/test integration
|
||||
- TESTPKGS=./worker/containerd ./hack/test integration
|
||||
- script:
|
||||
- ./hack/lint
|
||||
- SKIP_INTEGRATION_TESTS=1 ./hack/test integration gateway
|
||||
- ./hack/validate-vendor
|
||||
- ./hack/validate-generated-files
|
||||
- ./hack/validate-shfmt
|
||||
- TESTPKGS=./frontend ./hack/test
|
||||
- ./hack/lint
|
||||
- SKIP_INTEGRATION_TESTS=1 ./hack/test integration gateway
|
||||
- ./hack/validate-vendor
|
||||
- ./hack/validate-generated-files
|
||||
- ./hack/validate-shfmt
|
||||
- TESTPKGS=./frontend ./hack/test
|
||||
name: "Unit Tests & Lint & Vendor & Proto"
|
||||
- script:
|
||||
- TESTPKGS=./frontend/dockerfile TESTFLAGS='-v --parallel=5 --timeout=30m' ./hack/test
|
||||
- TESTPKGS=./frontend/dockerfile TESTFLAGS='-v --parallel=5 --timeout=30m' ./hack/test
|
||||
name: "Dockerfile integration tests"
|
||||
- script: TESTPKGS=./frontend/dockerfile ./hack/test dockerfile
|
||||
name: "External Dockerfile tests"
|
||||
|
|
@ -80,9 +80,9 @@ jobs:
|
|||
skip_cleanup: true
|
||||
file_glob: true
|
||||
on:
|
||||
repo: moby/buildkit
|
||||
tags: true
|
||||
condition: $TRAVIS_TAG =~ ^v[0-9]
|
||||
repo: moby/buildkit
|
||||
tags: true
|
||||
condition: $TRAVIS_TAG =~ ^v[0-9]
|
||||
- provider: script
|
||||
script: ./frontend/dockerfile/cmd/dockerfile-frontend/hack/release master mainline $DF_REPO_SLUG_TARGET push
|
||||
on:
|
||||
|
|
@ -107,8 +107,6 @@ jobs:
|
|||
repo: moby/buildkit
|
||||
branch: master
|
||||
condition: $TRAVIS_EVENT_TYPE == "cron"
|
||||
|
||||
|
||||
before_deploy:
|
||||
- echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,13 @@
|
|||
ignore: |
|
||||
/vendor
|
||||
|
||||
extends: default
|
||||
|
||||
yaml-files:
|
||||
- '*.yaml'
|
||||
- '*.yml'
|
||||
|
||||
rules:
|
||||
truthy: disable
|
||||
line-length: disable
|
||||
document-start: disable
|
||||
|
|
@ -15,50 +15,50 @@ spec:
|
|||
app: buildkitd
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
args:
|
||||
- --addr
|
||||
- unix:///run/buildkit/buildkitd.sock
|
||||
- --addr
|
||||
- tcp://0.0.0.0:1234
|
||||
- --tlscacert
|
||||
- /certs/ca.pem
|
||||
- --tlscert
|
||||
- /certs/cert.pem
|
||||
- --tlskey
|
||||
- /certs/key.pem
|
||||
# the probe below will only work after Release v0.6.3
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
# the probe below will only work after Release v0.6.3
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
ports:
|
||||
- containerPort: 1234
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
readOnly: true
|
||||
mountPath: /certs
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
args:
|
||||
- --addr
|
||||
- unix:///run/buildkit/buildkitd.sock
|
||||
- --addr
|
||||
- tcp://0.0.0.0:1234
|
||||
- --tlscacert
|
||||
- /certs/ca.pem
|
||||
- --tlscert
|
||||
- /certs/cert.pem
|
||||
- --tlskey
|
||||
- /certs/key.pem
|
||||
# the probe below will only work after Release v0.6.3
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
# the probe below will only work after Release v0.6.3
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
ports:
|
||||
- containerPort: 1234
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
readOnly: true
|
||||
mountPath: /certs
|
||||
volumes:
|
||||
# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem
|
||||
- name: certs
|
||||
secret:
|
||||
secretName: buildkit-daemon-certs
|
||||
# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem
|
||||
- name: certs
|
||||
secret:
|
||||
secretName: buildkit-daemon-certs
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
|
@ -68,7 +68,7 @@ metadata:
|
|||
name: buildkitd
|
||||
spec:
|
||||
ports:
|
||||
- port: 1234
|
||||
protocol: TCP
|
||||
- port: 1234
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: buildkitd
|
||||
|
|
|
|||
|
|
@ -16,56 +16,56 @@ spec:
|
|||
annotations:
|
||||
container.apparmor.security.beta.kubernetes.io/buildkitd: unconfined
|
||||
container.seccomp.security.alpha.kubernetes.io/buildkitd: unconfined
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --addr
|
||||
- unix:///run/user/1000/buildkit/buildkitd.sock
|
||||
- --addr
|
||||
- tcp://0.0.0.0:1234
|
||||
- --tlscacert
|
||||
- /certs/ca.pem
|
||||
- --tlscert
|
||||
- /certs/cert.pem
|
||||
- --tlskey
|
||||
- /certs/key.pem
|
||||
- --oci-worker-no-process-sandbox
|
||||
# the probe below will only work after Release v0.6.3
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
# the probe below will only work after Release v0.6.3
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
ports:
|
||||
- containerPort: 1234
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
readOnly: true
|
||||
mountPath: /certs
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --addr
|
||||
- unix:///run/user/1000/buildkit/buildkitd.sock
|
||||
- --addr
|
||||
- tcp://0.0.0.0:1234
|
||||
- --tlscacert
|
||||
- /certs/ca.pem
|
||||
- --tlscert
|
||||
- /certs/cert.pem
|
||||
- --tlskey
|
||||
- /certs/key.pem
|
||||
- --oci-worker-no-process-sandbox
|
||||
# the probe below will only work after Release v0.6.3
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
# the probe below will only work after Release v0.6.3
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
ports:
|
||||
- containerPort: 1234
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
readOnly: true
|
||||
mountPath: /certs
|
||||
volumes:
|
||||
# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem
|
||||
- name: certs
|
||||
secret:
|
||||
secretName: buildkit-daemon-certs
|
||||
# buildkit-daemon-certs must contain ca.pem, cert.pem, and key.pem
|
||||
- name: certs
|
||||
secret:
|
||||
secretName: buildkit-daemon-certs
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
|
|
@ -75,7 +75,7 @@ metadata:
|
|||
name: buildkitd
|
||||
spec:
|
||||
ports:
|
||||
- port: 1234
|
||||
protocol: TCP
|
||||
- port: 1234
|
||||
protocol: TCP
|
||||
selector:
|
||||
app: buildkitd
|
||||
|
|
|
|||
|
|
@ -7,38 +7,38 @@ spec:
|
|||
spec:
|
||||
restartPolicy: Never
|
||||
initContainers:
|
||||
- name: prepare
|
||||
image: alpine:3.10
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- "echo FROM hello-world > /workspace/Dockerfile"
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
- name: prepare
|
||||
image: alpine:3.10
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- "echo FROM hello-world > /workspace/Dockerfile"
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
containers:
|
||||
- name: buildkit
|
||||
image: moby/buildkit:master
|
||||
command:
|
||||
- buildctl-daemonless.sh
|
||||
args:
|
||||
- build
|
||||
- --frontend
|
||||
- dockerfile.v0
|
||||
- --local
|
||||
- context=/workspace
|
||||
- --local
|
||||
- dockerfile=/workspace
|
||||
# To push the image to a registry, add
|
||||
# `--output type=image,name=docker.io/username/image,push=true`
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
readOnly: true
|
||||
mountPath: /workspace
|
||||
# To push the image, you also need to create `~/.docker/config.json` secret
|
||||
# and set $DOCKER_CONFIG to `/path/to/.docker` directory.
|
||||
- name: buildkit
|
||||
image: moby/buildkit:master
|
||||
command:
|
||||
- buildctl-daemonless.sh
|
||||
args:
|
||||
- build
|
||||
- --frontend
|
||||
- dockerfile.v0
|
||||
- --local
|
||||
- context=/workspace
|
||||
- --local
|
||||
- dockerfile=/workspace
|
||||
# To push the image to a registry, add
|
||||
# `--output type=image,name=docker.io/username/image,push=true`
|
||||
securityContext:
|
||||
privileged: true
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
readOnly: true
|
||||
mountPath: /workspace
|
||||
# To push the image, you also need to create `~/.docker/config.json` secret
|
||||
# and set $DOCKER_CONFIG to `/path/to/.docker` directory.
|
||||
volumes:
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
|
|
|
|||
|
|
@ -8,50 +8,50 @@ spec:
|
|||
annotations:
|
||||
container.apparmor.security.beta.kubernetes.io/buildkit: unconfined
|
||||
container.seccomp.security.alpha.kubernetes.io/buildkit: unconfined
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
initContainers:
|
||||
- name: prepare
|
||||
image: alpine:3.10
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- "echo FROM hello-world > /workspace/Dockerfile"
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
- name: prepare
|
||||
image: alpine:3.10
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- "echo FROM hello-world > /workspace/Dockerfile"
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
containers:
|
||||
- name: buildkit
|
||||
image: moby/buildkit:master-rootless
|
||||
env:
|
||||
- name: BUILDKITD_FLAGS
|
||||
value: --oci-worker-no-process-sandbox
|
||||
command:
|
||||
- buildctl-daemonless.sh
|
||||
args:
|
||||
- build
|
||||
- --frontend
|
||||
- dockerfile.v0
|
||||
- --local
|
||||
- context=/workspace
|
||||
- --local
|
||||
- dockerfile=/workspace
|
||||
# To push the image to a registry, add
|
||||
# `--output type=image,name=docker.io/username/image,push=true`
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
readOnly: true
|
||||
mountPath: /workspace
|
||||
# To push the image, you also need to create `~/.docker/config.json` secret
|
||||
# and set $DOCKER_CONFIG to `/path/to/.docker` directory.
|
||||
- name: buildkit
|
||||
image: moby/buildkit:master-rootless
|
||||
env:
|
||||
- name: BUILDKITD_FLAGS
|
||||
value: --oci-worker-no-process-sandbox
|
||||
command:
|
||||
- buildctl-daemonless.sh
|
||||
args:
|
||||
- build
|
||||
- --frontend
|
||||
- dockerfile.v0
|
||||
- --local
|
||||
- context=/workspace
|
||||
- --local
|
||||
- dockerfile=/workspace
|
||||
# To push the image to a registry, add
|
||||
# `--output type=image,name=docker.io/username/image,push=true`
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
readOnly: true
|
||||
mountPath: /workspace
|
||||
# To push the image, you also need to create `~/.docker/config.json` secret
|
||||
# and set $DOCKER_CONFIG to `/path/to/.docker` directory.
|
||||
volumes:
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
|
|
|
|||
|
|
@ -4,23 +4,23 @@ metadata:
|
|||
name: buildkitd
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
|
|
|||
|
|
@ -8,27 +8,27 @@ metadata:
|
|||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --oci-worker-no-process-sandbox
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --oci-worker-no-process-sandbox
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
|
|
|
|||
|
|
@ -17,23 +17,23 @@ spec:
|
|||
app: buildkitd
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
privileged: true
|
||||
|
|
|
|||
|
|
@ -18,30 +18,30 @@ spec:
|
|||
annotations:
|
||||
container.apparmor.security.beta.kubernetes.io/buildkitd: unconfined
|
||||
container.seccomp.security.alpha.kubernetes.io/buildkitd: unconfined
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
# see buildkit/docs/rootless.md for caveats of rootless mode
|
||||
spec:
|
||||
containers:
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --oci-worker-no-process-sandbox
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
- name: buildkitd
|
||||
image: moby/buildkit:master-rootless
|
||||
args:
|
||||
- --oci-worker-no-process-sandbox
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- buildctl
|
||||
- debug
|
||||
- workers
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 30
|
||||
securityContext:
|
||||
# To change UID/GID, you need to rebuild the image
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
# syntax=docker/dockerfile:1.1-experimental
|
||||
|
||||
FROM golang:1.13-alpine
|
||||
RUN apk add --no-cache gcc musl-dev
|
||||
RUN apk add --no-cache gcc musl-dev yamllint
|
||||
RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.27.0
|
||||
WORKDIR /go/src/github.com/moby/buildkit
|
||||
RUN --mount=target=/go/src/github.com/moby/buildkit --mount=target=/root/.cache,type=cache \
|
||||
golangci-lint run
|
||||
golangci-lint run
|
||||
RUN --mount=target=/go/src/github.com/moby/buildkit --mount=target=/root/.cache,type=cache \
|
||||
yamllint -c .yamllint.yml --strict .
|
||||
|
|
|
|||
Loading…
Reference in New Issue