zuul-jobs/roles/build-container-image/tasks/setup-buildx.yaml
Ian Wienand 7631526431 buildx: remove experimental flags
Tetsing this, I can't determine exactly when this might have switched.
It's not listed in.  Let's see...

[1] https://github.com/docker/cli/blob/master/experimental/README.md

Change-Id: If6c2ae98ea42c505f46563ca84a870081c4cdbe9
2023-03-23 11:14:16 -07:00

75 lines
2.7 KiB
YAML

- name: Update qemu-static container settings
command: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Create builder
command: "docker buildx create --name mybuilder --driver-opt network=host{% if buildset_registry is defined %} --config /etc/buildkit/buildkitd.toml {% endif %}"
- name: Use builder
command: docker buildx use mybuilder
- name: Bootstrap builder
command: docker buildx inspect --bootstrap
- name: Make tempfile for registry TLS certificate
tempfile:
state: file
register: buildkit_cert_tmp
- name: Write buildset registry TLS certificate
become: true
copy:
content: "{{ buildset_registry.cert }}"
dest: "{{ buildkit_cert_tmp.path }}"
mode: preserve
when: buildset_registry is defined and buildset_registry.cert
- name: Copy buildset registry TLS cert into worker container
command: "docker cp {{ buildkit_cert_tmp.path }} buildx_buildkit_mybuilder0:/usr/local/share/ca-certificates"
when: buildset_registry is defined and buildset_registry.cert
- name: Update CA certs in worker container
command: docker exec buildx_buildkit_mybuilder0 update-ca-certificates
when: buildset_registry is defined and buildset_registry.cert
- name: Remove TLS cert tempfile
file:
state: absent
path: '{{ buildkit_cert_tmp.path }}'
when: buildset_registry is defined and buildset_registry.cert
- name: Make tempfile for /etc/hosts
tempfile:
state: file
register: etc_hosts_tmp
- name: Copy /etc/hosts for editing
command: 'docker cp buildx_buildkit_mybuilder0:/etc/hosts {{ etc_hosts_tmp.path }}'
# Docker buildx has its own /etc/hosts in the builder image.
- name: Configure /etc/hosts for buildset_registry to workaround docker not understanding ipv6 addresses
become: yes
lineinfile:
path: '{{ etc_hosts_tmp.path }}'
state: present
regex: "^{{ buildset_registry.host }}\tzuul-jobs.buildset-registry$"
line: "{{ buildset_registry.host }}\tzuul-jobs.buildset-registry"
insertafter: EOF
when: buildset_registry is defined and buildset_registry.host | ipaddr
- name: Unmount the /etc/hosts mount
command: docker exec buildx_buildkit_mybuilder0 umount /etc/hosts
# NOTE(mordred) This is done in two steps. Even though we've unmounted /etc/hosts
# in the previous step, when we try to copy the file back directly, we get:
# unlinkat /etc/hosts: device or resource busy
- name: Copy modified hosts file back in
command: 'docker cp {{ etc_hosts_tmp.path }} buildx_buildkit_mybuilder0:/etc/new-hosts'
- name: Copy modified hosts file into place
command: docker exec buildx_buildkit_mybuilder0 cp /etc/new-hosts /etc/hosts
- name: Remove tempfile for /etc/hosts
file:
state: absent
path: '{{ etc_hosts_tmp.path }}'