From 24f753c270e99726c94d049533ad109dd38eadc8 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Wed, 7 May 2025 16:40:46 -0700 Subject: [PATCH 1/7] Use docker to build ttl.sh images to speed up CI --- .github/workflows/ci.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3cd3ed84b7..c70bd3ffc6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -193,7 +193,7 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }} AWS_REGION: "us-east-1" - USE_CHAINGUARD: "1" + USE_CHAINGUARD: "0" UPLOAD_BINARIES: "1" SKIP_RELEASE: "1" GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -267,7 +267,7 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }} AWS_REGION: "us-east-1" - USE_CHAINGUARD: "1" + USE_CHAINGUARD: "0" UPLOAD_BINARIES: "1" SKIP_RELEASE: "1" MANGLE_METADATA: "1" @@ -376,7 +376,7 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }} AWS_REGION: "us-east-1" - USE_CHAINGUARD: "1" + USE_CHAINGUARD: "0" UPLOAD_BINARIES: "1" SKIP_RELEASE: "1" MANGLE_METADATA: "1" From 7a9b7c245f3f5f913d2f2fe5c7e18c352b71f99d Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Wed, 7 May 2025 16:52:10 -0700 Subject: [PATCH 2/7] no-op From d163e43f6fe8d24e71575d0aa7a6c28ca164ead8 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Wed, 7 May 2025 17:28:48 -0700 Subject: [PATCH 3/7] f --- .github/workflows/ci.yaml | 8 ++++++++ dev/dockerfiles/operator/Dockerfile.ttlsh | 9 +++++++-- operator/Makefile | 5 +++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c70bd3ffc6..3ad7c53a81 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -174,6 +174,14 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Go cache + uses: actions/cache@v4 + with: + path: | + ./dev/.gocache + ./dev/.gomodcache + key: dryrun-tests-go-cache + - uses: oras-project/setup-oras@v1 - uses: imjasonh/setup-crane@v0.4 diff --git a/dev/dockerfiles/operator/Dockerfile.ttlsh b/dev/dockerfiles/operator/Dockerfile.ttlsh index df54a54a3b..da0117d06c 100644 --- a/dev/dockerfiles/operator/Dockerfile.ttlsh +++ b/dev/dockerfiles/operator/Dockerfile.ttlsh @@ -5,7 +5,10 @@ WORKDIR /app COPY go.mod go.sum ./ COPY kinds/go.mod kinds/go.sum ./kinds/ COPY utils/go.mod utils/go.sum ./utils/ -RUN --mount=type=cache,target="/go/pkg/mod" go mod download + +ARG HOST_GOMODCACHE +RUN --mount=type=bind,target="/go/pkg/mod",source=${HOST_GOMODCACHE} \ + go mod download COPY common.mk common.mk COPY operator/ operator/ @@ -18,8 +21,10 @@ ENV VERSION=${VERSION} ARG K0S_VERSION ENV K0S_VERSION=${K0S_VERSION} +ARG HOST_GOBUILDCACHE ENV GOCACHE=/root/.cache/go-build -RUN --mount=type=cache,target="/root/.cache/go-build" make -C operator build +RUN --mount=type=bind,target="/root/.cache/go-build",source=${HOST_GOBUILDCACHE} \ + make -C operator build FROM debian:bookworm-slim diff --git a/operator/Makefile b/operator/Makefile index e41a6ed640..d22078aff7 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -171,12 +171,17 @@ build-operator-image-chainguard: --arch $(ARCH) \ export --path build/operator-package +HOST_GOMODCACHE ?= $(shell pwd)/../dev/.gomodcache +HOST_GOBUILDCACHE ?= $(shell pwd)/../dev/.gocache + .PHONY: build-operator-image-dockerfile build-operator-image-dockerfile: docker build --platform="$(OS)/$(ARCH)" \ -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" \ --build-arg VERSION=$(VERSION) \ --build-arg K0S_VERSION=$(K0S_VERSION) \ + --build-arg HOST_GOMODCACHE=$(HOST_GOMODCACHE) \ + --build-arg HOST_GOBUILDCACHE=$(HOST_GOBUILDCACHE) \ -f ../dev/dockerfiles/operator/Dockerfile.ttlsh ../ mkdir -p build echo "Version $(VERSION) k0s $(K0S_VERSION)" From 8f70609c3bb0948fe666b517336c6bf14de2a535 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Thu, 8 May 2025 10:24:49 -0700 Subject: [PATCH 4/7] cache --- .github/workflows/ci.yaml | 21 +++++++++++++++++---- .gitignore | 1 + dev/dockerfiles/operator/Dockerfile.ttlsh | 9 ++------- local-artifact-mirror/Makefile | 6 +++++- operator/Makefile | 9 +++------ 5 files changed, 28 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 3ad7c53a81..df5ace0dc1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -174,13 +174,12 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" - - name: Go cache + - name: Docker build cache uses: actions/cache@v4 with: path: | - ./dev/.gocache - ./dev/.gomodcache - key: dryrun-tests-go-cache + ./dev/.dockerbuildcache + key: docker-build-cache - uses: oras-project/setup-oras@v1 @@ -256,6 +255,13 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Docker build cache + uses: actions/cache@v4 + with: + path: | + ./dev/.dockerbuildcache + key: docker-build-cache + - uses: oras-project/setup-oras@v1 - uses: imjasonh/setup-crane@v0.4 @@ -365,6 +371,13 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Docker build cache + uses: actions/cache@v4 + with: + path: | + ./dev/.dockerbuildcache + key: docker-build-cache + - uses: oras-project/setup-oras@v1 - uses: imjasonh/setup-crane@v0.4 diff --git a/.gitignore b/.gitignore index 0b1a881cbd..245da9e05d 100644 --- a/.gitignore +++ b/.gitignore @@ -14,6 +14,7 @@ go.work go.work.sum .gocache .gomodcache +.dockerbuildcache /dev/build/ /local-dev/ *.tmp diff --git a/dev/dockerfiles/operator/Dockerfile.ttlsh b/dev/dockerfiles/operator/Dockerfile.ttlsh index da0117d06c..df54a54a3b 100644 --- a/dev/dockerfiles/operator/Dockerfile.ttlsh +++ b/dev/dockerfiles/operator/Dockerfile.ttlsh @@ -5,10 +5,7 @@ WORKDIR /app COPY go.mod go.sum ./ COPY kinds/go.mod kinds/go.sum ./kinds/ COPY utils/go.mod utils/go.sum ./utils/ - -ARG HOST_GOMODCACHE -RUN --mount=type=bind,target="/go/pkg/mod",source=${HOST_GOMODCACHE} \ - go mod download +RUN --mount=type=cache,target="/go/pkg/mod" go mod download COPY common.mk common.mk COPY operator/ operator/ @@ -21,10 +18,8 @@ ENV VERSION=${VERSION} ARG K0S_VERSION ENV K0S_VERSION=${K0S_VERSION} -ARG HOST_GOBUILDCACHE ENV GOCACHE=/root/.cache/go-build -RUN --mount=type=bind,target="/root/.cache/go-build",source=${HOST_GOBUILDCACHE} \ - make -C operator build +RUN --mount=type=cache,target="/root/.cache/go-build" make -C operator build FROM debian:bookworm-slim diff --git a/local-artifact-mirror/Makefile b/local-artifact-mirror/Makefile index 45e13256ff..14c4550d62 100644 --- a/local-artifact-mirror/Makefile +++ b/local-artifact-mirror/Makefile @@ -47,7 +47,11 @@ build-local-artifact-mirror-image-chainguard: .PHONY: build-local-artifact-mirror-image-dockerfile build-local-artifact-mirror-image-dockerfile: - docker build --platform="$(OS)/$(ARCH)" -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" -f ../dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh ../ + docker buildx build --platform="$(OS)/$(ARCH)" \ + -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" \ + --cache-from "type=local,src=../dev/.dockerbuildcache,mode=max" \ + --cache-to "type=local,dest=../dev/.dockerbuildcache,mode=max" \ + -f ../dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh ../ mkdir -p build echo "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" > build/image diff --git a/operator/Makefile b/operator/Makefile index d22078aff7..eb8d15ed2e 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -171,17 +171,14 @@ build-operator-image-chainguard: --arch $(ARCH) \ export --path build/operator-package -HOST_GOMODCACHE ?= $(shell pwd)/../dev/.gomodcache -HOST_GOBUILDCACHE ?= $(shell pwd)/../dev/.gocache - .PHONY: build-operator-image-dockerfile build-operator-image-dockerfile: - docker build --platform="$(OS)/$(ARCH)" \ + docker buildx build --platform="$(OS)/$(ARCH)" \ -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" \ --build-arg VERSION=$(VERSION) \ --build-arg K0S_VERSION=$(K0S_VERSION) \ - --build-arg HOST_GOMODCACHE=$(HOST_GOMODCACHE) \ - --build-arg HOST_GOBUILDCACHE=$(HOST_GOBUILDCACHE) \ + --cache-from "type=local,src=../dev/.dockerbuildcache,mode=max" \ + --cache-to "type=local,dest=../dev/.dockerbuildcache,mode=max" \ -f ../dev/dockerfiles/operator/Dockerfile.ttlsh ../ mkdir -p build echo "Version $(VERSION) k0s $(K0S_VERSION)" From acfd64d4f0d2b7bfc88210a401447824c8fe3177 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Thu, 8 May 2025 10:36:03 -0700 Subject: [PATCH 5/7] f --- .github/workflows/ci.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index df5ace0dc1..57f0d30be5 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -174,6 +174,9 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Docker build cache uses: actions/cache@v4 with: @@ -255,6 +258,9 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Docker build cache uses: actions/cache@v4 with: @@ -371,6 +377,9 @@ jobs: go-version-file: go.mod cache-dependency-path: "**/*.sum" + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Docker build cache uses: actions/cache@v4 with: From 2824c2a5b70c0d73fd1de05e6559b1f4775b5ee6 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Thu, 8 May 2025 10:49:24 -0700 Subject: [PATCH 6/7] f --- local-artifact-mirror/Makefile | 2 +- operator/Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/local-artifact-mirror/Makefile b/local-artifact-mirror/Makefile index 14c4550d62..5ff0a76a16 100644 --- a/local-artifact-mirror/Makefile +++ b/local-artifact-mirror/Makefile @@ -47,7 +47,7 @@ build-local-artifact-mirror-image-chainguard: .PHONY: build-local-artifact-mirror-image-dockerfile build-local-artifact-mirror-image-dockerfile: - docker buildx build --platform="$(OS)/$(ARCH)" \ + docker buildx build --load --platform="$(OS)/$(ARCH)" \ -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" \ --cache-from "type=local,src=../dev/.dockerbuildcache,mode=max" \ --cache-to "type=local,dest=../dev/.dockerbuildcache,mode=max" \ diff --git a/operator/Makefile b/operator/Makefile index eb8d15ed2e..6090df8f5c 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -173,7 +173,7 @@ build-operator-image-chainguard: .PHONY: build-operator-image-dockerfile build-operator-image-dockerfile: - docker buildx build --platform="$(OS)/$(ARCH)" \ + docker buildx build --load --platform="$(OS)/$(ARCH)" \ -t "$(IMAGE_NAME):$(call image-tag,$(PACKAGE_VERSION))" \ --build-arg VERSION=$(VERSION) \ --build-arg K0S_VERSION=$(K0S_VERSION) \ From 63bf642ddf9dabdbaad107bd901778ddf3728bc3 Mon Sep 17 00:00:00 2001 From: Salah Aldeen Al Saleh Date: Thu, 8 May 2025 11:18:35 -0700 Subject: [PATCH 7/7] fix certs --- dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh b/dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh index 7837e5b986..d82e44edbc 100644 --- a/dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh +++ b/dev/dockerfiles/local-artifact-mirror/Dockerfile.ttlsh @@ -20,5 +20,8 @@ RUN cp local-artifact-mirror/bin/local-artifact-mirror-$(go env GOOS)-$(go env G FROM debian:bookworm-slim +RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates \ + && rm -rf /var/lib/apt/lists/* + COPY --from=build /app/local-artifact-mirror/bin/local-artifact-mirror /usr/bin/local-artifact-mirror RUN ln -s /usr/bin/local-artifact-mirror /usr/local/bin/local-artifact-mirror