From 275f5b46120000462a8f13ecf31eb05b44d870b0 Mon Sep 17 00:00:00 2001 From: Sergiy Markin Date: Tue, 10 Sep 2024 03:23:13 +0000 Subject: [PATCH] Update ubuntu to jammy and Golang to 1.22.7 Change-Id: I2bcc2e2382602dd4d52b86e510fe9c24d8263a69 --- .zuul.yaml | 56 ++++++++++--------- Makefile | 11 +++- .../armada-operator/Dockerfile.ubuntu_jammy | 44 +++++++++++++++ .../playbooks/checkout-treasuremap-ref.yaml | 31 ++++++++++ .../airship-run-script/defaults/main.yaml | 7 +-- .../roles/airship-run-script/tasks/main.yaml | 2 +- 6 files changed, 118 insertions(+), 33 deletions(-) create mode 100644 images/armada-operator/Dockerfile.ubuntu_jammy create mode 100644 tools/gate/playbooks/checkout-treasuremap-ref.yaml diff --git a/.zuul.yaml b/.zuul.yaml index 40a2344..7037097 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -13,24 +13,23 @@ - project: check: jobs: - - armada-operator-docker-build-gate-ubuntu_focal - # disable for now until jammy jobs are configured - #- armada-operator-airskiff-deployment-focal + - armada-operator-docker-build-gate-ubuntu_jammy + - armada-operator-airskiff-deployment-jammy gate: jobs: - - armada-operator-docker-build-gate-ubuntu_focal + - armada-operator-docker-build-gate-ubuntu_jammy post: jobs: - - armada-operator-docker-publish-ubuntu_focal + - armada-operator-docker-publish-ubuntu_jammy - nodeset: - name: armada-operator-single-node-focal + name: armada-operator-single-node-jammy nodes: - name: primary - label: ubuntu-focal + label: ubuntu-jammy - job: name: armada-operator-base @@ -53,6 +52,7 @@ - ^deckhand/tests/unit/.*$ timeout: 10800 pre-run: + - tools/gate/playbooks/checkout-treasuremap-ref.yaml - tools/gate/playbooks/prepare-hosts.yaml - tools/gate/playbooks/mount-volumes.yaml - tools/gate/playbooks/deploy-env.yaml @@ -61,6 +61,7 @@ post-run: - tools/gate/playbooks/osh-infra-collect-logs.yaml vars: + treasuremap_ref: refs/changes/43/927643/7 extra_volume: size: 80G type: Linux @@ -77,15 +78,16 @@ loopback_device: /dev/loop100 loopback_image: "/opt/ext_vol/openstack-helm/ceph-loop.img" ceph_osd_data_device: /dev/loop100 - kube_version_repo: "v1.29" - kube_version: "1.29.5-1.1" + kube_version_repo: "v1.30" + kube_version: "1.30.3-1.1" calico_setup: true - calico_version: "v3.27.0" + calico_version: "v3.27.4" cilium_setup: false - cilium_version: "1.15.6" - helm_version: "v3.6.3" - yq_version: "v4.6.0" - crictl_version: "v1.26.1" + cilium_version: "1.16.0" + flannel_setup: false + flannel_version: v0.25.4 + helm_version: "v3.15.4" + crictl_version: "v1.30.1" zuul_osh_relative_path: ../../openstack/openstack-helm zuul_osh_infra_relative_path: ../../openstack/openstack-helm-infra zuul_treasuremap_relative_path: ../../airship/treasuremap @@ -93,19 +95,19 @@ run_helm_tests: "no" - job: - name: armada-operator-airskiff-deployment-focal - nodeset: treasuremap-airskiff-1node-ubuntu_focal + name: armada-operator-airskiff-deployment-jammy + nodeset: treasuremap-airskiff-1node-ubuntu_jammy description: | Deploy Memcached using Airskiff and submitted Armada-operator changes. parent: armada-operator-base vars: site: airskiff - HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.14.2-linux-amd64.tar.gz - HTK_COMMIT: 05f2f45971abcf483189358d663e2b46c3fc2fe8 - OSH_INFRA_COMMIT: 05f2f45971abcf483189358d663e2b46c3fc2fe8 - OSH_COMMIT: 049e679939fbd3b0c659dd0977911b8dc3b5a015 + HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.15.4-linux-amd64.tar.gz + HTK_COMMIT: 43fd7143481b6ddda0dbd2f26bf6ec39a417b15b + OSH_INFRA_COMMIT: 43fd7143481b6ddda0dbd2f26bf6ec39a417b15b + OSH_COMMIT: 540df5cb0dbdaed63c202e2d6f2b7891062f8203 CLONE_ARMADA_OPERATOR: false - DISTRO: ubuntu_focal + DISTRO: ubuntu_jammy DOCKER_REGISTRY: localhost:5000 MAKE_ARMADA_OPERATOR_IMAGES: true USE_ARMADA_GO: true @@ -127,28 +129,28 @@ irrelevant-files: *irrelevant-files - job: - name: armada-operator-docker-build-gate-ubuntu_focal + name: armada-operator-docker-build-gate-ubuntu_jammy timeout: 3600 run: tools/gate/playbooks/docker-image-build.yaml - nodeset: armada-operator-single-node-focal + nodeset: armada-operator-single-node-jammy vars: publish: false - distro: ubuntu_focal + distro: ubuntu_jammy tags: dynamic: patch_set: true - job: - name: armada-operator-docker-publish-ubuntu_focal + name: armada-operator-docker-publish-ubuntu_jammy timeout: 3600 run: tools/gate/playbooks/docker-image-build.yaml - nodeset: armada-operator-single-node-focal + nodeset: armada-operator-single-node-jammy secrets: - airship_armada_operator_quay_creds vars: publish: true - distro: ubuntu_focal + distro: ubuntu_jammy tags: dynamic: branch: true diff --git a/Makefile b/Makefile index 4580d6c..c3feb9c 100644 --- a/Makefile +++ b/Makefile @@ -13,8 +13,10 @@ LABEL ?= org.airshipit.build=community COMMIT ?= $(shell git rev-parse HEAD) PYTHON = python3 CHARTS := $(filter-out deps, $(patsubst charts/%/.,%,$(wildcard charts/*/.))) -DISTRO ?= ubuntu_focal +DISTRO ?= ubuntu_jammy +DISTRO_ALIAS ?= ubuntu_focal IMAGE := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}-${DISTRO} +IMAGE_ALIAS := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}-${DISTRO_ALIAS} UBUNTU_BASE_IMAGE ?= # VERSION INFO @@ -174,6 +176,13 @@ else $(_BASE_IMAGE_ARG) \ --build-arg HELM_ARTIFACT_URL=$(HELM_ARTIFACT_URL) . endif +ifneq ($(DISTRO), $(DISTRO_ALIAS)) + docker tag $(IMAGE) $(IMAGE_ALIAS) +endif +ifeq ($(DOCKER_REGISTRY), localhost:5000) + docker push $(IMAGE) + docker push $(IMAGE_ALIAS) +endif ifeq ($(PUSH_IMAGE), true) docker push $(IMAGE) endif diff --git a/images/armada-operator/Dockerfile.ubuntu_jammy b/images/armada-operator/Dockerfile.ubuntu_jammy new file mode 100644 index 0000000..bc3ffa6 --- /dev/null +++ b/images/armada-operator/Dockerfile.ubuntu_jammy @@ -0,0 +1,44 @@ +ARG FROM=public.ecr.aws/ubuntu/ubuntu:jammy +# Build the manager binary +FROM public.ecr.aws/docker/library/golang:1.22.7-bullseye as builder +ARG TARGETOS +ARG TARGETARCH + +WORKDIR /workspace +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY cmd/main.go cmd/main.go +COPY api/ api/ +COPY pkg/ pkg/ + +# Build +# the GOARCH has not a default value to allow the binary be built according to the host where the command +# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO +# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore, +# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform. +RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +# NOTE: distroless has been switched to alpine +#FROM gcr.io/distroless/static:nonroot +FROM ${FROM} + +# Install CA certificates +RUN apt update \ + && apt upgrade -y \ + && apt install -y ca-certificates +# Update CA certificates +RUN update-ca-certificates + +WORKDIR / +COPY --from=builder /workspace/manager . +USER 65532:65532 + +ENTRYPOINT ["/manager"] diff --git a/tools/gate/playbooks/checkout-treasuremap-ref.yaml b/tools/gate/playbooks/checkout-treasuremap-ref.yaml new file mode 100644 index 0000000..46a2405 --- /dev/null +++ b/tools/gate/playbooks/checkout-treasuremap-ref.yaml @@ -0,0 +1,31 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +- hosts: all + + tasks: + - name: Checkout treasuremap ref + shell: | + set -xe; + + : "${TREASUREMAP_REF:=v1.9}" + + cd ../treasuremap + git fetch https://review.opendev.org/airship/treasuremap ${TREASUREMAP_REF} && git checkout FETCH_HEAD + + args: + chdir: "{{ zuul.project.src_dir }}" + environment: + TREASUREMAP_REF: "{{ treasuremap_ref }}" + +... \ No newline at end of file diff --git a/tools/gate/roles/airship-run-script/defaults/main.yaml b/tools/gate/roles/airship-run-script/defaults/main.yaml index d6dff60..bfb1ba6 100644 --- a/tools/gate/roles/airship-run-script/defaults/main.yaml +++ b/tools/gate/roles/airship-run-script/defaults/main.yaml @@ -16,17 +16,16 @@ kubeadm: pod_network_cidr: "10.244.0.0/24" osh_params: container_distro_name: ubuntu - container_distro_version: focal + container_distro_version: jammy # feature_gates: site: airskiff -HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.13.2-linux-amd64.tar.gz +HELM_ARTIFACT_URL: https://get.helm.sh/helm-v3.15.4-linux-amd64.tar.gz HTK_COMMIT: cfff60ec10a6c386f38db79bb9f59a552c2b032f OSH_INFRA_COMMIT: cfff60ec10a6c386f38db79bb9f59a552c2b032f OSH_COMMIT: 2d9457e34ca4200ed631466bd87569b0214c92e7 COREDNS_VERSION: v1.11.1 -DISTRO: ubuntu_focal +DISTRO: ubuntu_jammy DOCKER_REGISTRY: quay.io - CLONE_ARMADA: true CLONE_ARMADA_GO: true CLONE_ARMADA_OPERATOR: true diff --git a/tools/gate/roles/airship-run-script/tasks/main.yaml b/tools/gate/roles/airship-run-script/tasks/main.yaml index 811319b..35f6486 100644 --- a/tools/gate/roles/airship-run-script/tasks/main.yaml +++ b/tools/gate/roles/airship-run-script/tasks/main.yaml @@ -32,7 +32,7 @@ FEATURE_GATES: "{{ osh_params.feature_gates | default('') }}" RUN_HELM_TESTS: "{{ run_helm_tests | default('yes') }}" PL_SITE: "{{ site | default('airskiff') }}" - HELM_ARTIFACT_URL: "{{ HELM_ARTIFACT_URL | default('https://get.helm.sh/helm-v3.13.2-linux-amd64.tar.gz') }}" + HELM_ARTIFACT_URL: "{{ HELM_ARTIFACT_URL | default('https://get.helm.sh/helm-v3.15.4-linux-amd64.tar.gz') }}" HTK_COMMIT: "{{ HTK_COMMIT | default('cfff60ec10a6c386f38db79bb9f59a552c2b032f') }}" OSH_INFRA_COMMIT: "{{ OSH_INFRA_COMMIT | default('cfff60ec10a6c386f38db79bb9f59a552c2b032f') }}" OSH_COMMIT: "{{ OSH_COMMIT | default('2d9457e34ca4200ed631466bd87569b0214c92e7') }}"