dustin
/
tmpl
1
0
Fork 0
Code Issues 2 Pull Requests Packages Releases Activity

Compare commits

base: dustin:1c33dfa4a435a9eed5c9dc6df4725512e775e43b
Branches Tags
dustin:master
..
compare: dustin:d84603a6ac3ffa0db4bd8bab178786e2b869dd21
Branches Tags
dustin:master

2 Commits
1c33dfa4a4 ... d84603a6ac

Author SHA1 Message Date
Dustin d84603a6ac ci: Use containerimages pipeline library
dustin/tmpl/pipeline/head This commit looks good Details 
The `buildContainerImage2` function now accepts a `pi` argument, which
controls whether or not the build can run on a Raspberry Pi.  Since the
only reason we were not using this function before was to avoid building
on a Pi, we no longer need the custom code.
 2024-01-19 10:27:38 -06:00
Dustin d25d876df5 container: Build static executable 
Building a static executable and distributing it in a "from scratch"
container image dramatically reduces the image size: down to 8 MB from
102 MB.

Reimplementing this change because this image is no longer the base for
*infra/cfg*.  That image is now based on Alpine and copies in the `tmpl`
executable.
 2024-01-19 10:04:26 -06:00
6 changed files with 13 additions and 130 deletions
Show Stats Expand all files Collapse all files

16
Containerfile
View File

@ -1,23 +1,23 @@
FROM registry.fedoraproject.org/fedora-minimal:39 AS build FROM docker.io/library/rust:1.73-alpine AS build
RUN --mount=type=cache,target=/var/cache \ RUN --mount=type=cache,target=/var/cache \
microdnf install -y \ apk add \
--setopt install_weak_deps=0 \ musl-dev \
cargo\
&& : && :
COPY . /src COPY . /src
WORKDIR /src WORKDIR /src
RUN cargo build --release --locked RUN cargo build --release --locked \
&& strip target/release/tmpl
FROM registry.fedoraproject.org/fedora-minimal:39 FROM scratch
COPY --from=build /src/target/release/tmpl /usr/local/bin COPY --from=build /src/target/release/tmpl /tmpl
ENTRYPOINT ["/usr/local/bin/tmpl"] ENTRYPOINT ["/tmpl"]
LABEL name='tmpl' \ LABEL name='tmpl' \
vendor='Dustin C. Hatch' \ vendor='Dustin C. Hatch' \

74
ci/Jenkinsfile vendored
View File

@ -1,70 +1,6 @@
pipeline { @Library('containerimages')_
agent none
stages { buildContainerImage2(
stage('Build') { archlist: ['amd64', 'arm64'],
matrix { pi: false,
axes { )
axis {
name 'ARCH'
values 'amd64', 'arm64'
}
}
stages {
stage('Build') {
agent {
kubernetes {
yamlFile 'ci/podTemplate.yaml'
yamlMergeStrategy merge()
defaultContainer 'buildah'
nodeSelector "kubernetes.io/arch=${ARCH}"
}
}
stages {
stage("Build") {
steps {
sh '. ci/build.sh'
stash name: env.ARCH, includes: "*.oci.tar"
}
}
}
}
}
}
}
stage('Publish') {
agent {
kubernetes {
yamlFile 'ci/podTemplate.yaml'
yamlMergeStrategy merge()
defaultContainer 'buildah'
}
}
environment {
REGISTRY_AUTH_FILE = "${env.WORKSPACE_TMP}/auth.json"
}
steps {
unstash 'amd64'
unstash 'arm64'
withCredentials([usernamePassword(
credentialsId: 'jenkins-packages',
usernameVariable: 'BUILDAH_USERNAME',
passwordVariable: 'BUILDAH_PASSWORD',
)]) {
sh """
buildah login \
--username \${BUILDAH_USERNAME} \
--password \${BUILDAH_PASSWORD} \
git.pyrocufflink.net
"""
}
sh '. ci/publish.sh'
}
}
}
}

6
ci/build.sh
View File

@ -1,6 +0,0 @@
. ci/common.sh
buildah build -t "${IMAGE_NAME}:${TAG}" .
buildah push \
"${IMAGE_NAME}:${TAG}" \
oci-archive:"${PWD}/${NAME}-${ARCH}.oci.tar:${IMAGE_NAME}:${TAG}"

13
ci/common.sh
View File

@ -1,13 +0,0 @@
escape_name() {
echo "$1" \
| tr A-Z a-z \
| sed -e 's/[^a-zA-Z0-9._-]/-/g' -e 's/^[.-]/_/'
}
REGISTRY_URL=git.pyrocufflink.net
NAMESPACE=containerimages
NAME="${JOB_NAME#*/}"
NAME=$(escape_name "${NAME%/*}")
TAG=$(escape_name "${BRANCH_NAME}")
IMAGE_NAME="${REGISTRY_URL}/${NAMESPACE}/${NAME}"

19
ci/podTemplate.yaml
View File

@ -1,19 +0,0 @@
spec:
containers:
- name: buildah
image: quay.io/containers/buildah:v1
command:
- cat
stdin: true
tty: true
securityContext:
capabilities:
add:
- SYS_ADMIN
- MKNOD
- SYS_CHROOT
- SETFCAP
resources:
limits:
github.com/fuse: 1
hostUsers: false

15
ci/publish.sh
View File

@ -1,15 +0,0 @@
. ci/common.sh
buildah manifest create "${IMAGE_NAME}:${TAG}"
for arch in amd64 arm64; do
buildah manifest add "${IMAGE_NAME}:${TAG}" \
oci-archive:"${PWD}/${NAME}-${arch}.oci.tar:${IMAGE_NAME}:${TAG}"
done
buildah manifest push --all "${IMAGE_NAME}:${TAG}" \
"docker://${IMAGE_NAME}:${TAG}-${BUILD_NUMBER}"
buildah manifest push "${IMAGE_NAME}:${TAG}" "docker://${IMAGE_NAME}:${TAG}"
if [ ${BRANCH_NAME} = master ]; then
buildah manifest push "${IMAGE_NAME}:${TAG}" \
"docker://${IMAGE_NAME}:latest"
fi