From b2efe2119e6ba2e0ac4f084df496a52e3cd78fbe Mon Sep 17 00:00:00 2001 From: Arik Hadas Date: Thu, 20 Jun 2024 23:01:46 +0300 Subject: [PATCH] Build operator with rules_docker instead of containerfile We cannot push the operator image with recent images of Ubuntu in GitHub actions because recent versions of Docker create the image differently and as a result, they cannot be pushed to quay.io. Thus, replacing the way we build the operator image to match how other images are built and this way, we are able to push the image to quay.io. Signed-off-by: Arik Hadas --- .bazelrc | 2 ++ WORKSPACE | 13 +++++++------ operator/BUILD.bazel | 28 +++++++++++++++++++++++++++- operator/Containerfile | 8 -------- 4 files changed, 36 insertions(+), 15 deletions(-) delete mode 100644 operator/Containerfile diff --git a/.bazelrc b/.bazelrc index 9986d33f6..f5397e301 100644 --- a/.bazelrc +++ b/.bazelrc @@ -33,3 +33,5 @@ build --strategy_regexp="RunAndCommitLayer ca-certificate-from-secret-layer.tar" # For populator images, we need to use processwrapper sandbox as well build --strategy_regexp="RunAndCommitLayer cmd/ovirt-populator/ovirt-imageio-layer-run-layer.tar"=processwrapper-sandbox + +build --strategy_regexp="RunAndCommitLayer operator/forklift-operator-image-layer-run-layer.tar"=processwrapper-sandbox diff --git a/WORKSPACE b/WORKSPACE index 66c0e3288..7c16e081b 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -30,12 +30,6 @@ load( "@io_bazel_rules_docker//toolchains/docker:toolchain.bzl", docker_toolchain_configure = "toolchain_configure", ) -load("@io_bazel_rules_docker//contrib:dockerfile_build.bzl", "dockerfile_image") - -dockerfile_image( - name = "forklift-operator-image-containerfile", - dockerfile = "//operator:Containerfile", -) docker_toolchain_configure( name = "docker_config", @@ -3345,6 +3339,13 @@ container_pull( tag = "latest", ) +container_pull( + name = "ansible-operator", + registry = "quay.io", + repository = "operator-framework/ansible-operator", + tag = "main", +) + container_pull( name = "opm-image", # v1.43.1 diff --git a/operator/BUILD.bazel b/operator/BUILD.bazel index 033907bc9..4bbd7565c 100644 --- a/operator/BUILD.bazel +++ b/operator/BUILD.bazel @@ -2,6 +2,7 @@ load( "@io_bazel_rules_docker//container:container.bzl", "container_image", ) +load("@io_bazel_rules_docker//docker/util:run.bzl", "container_run_and_commit_layer") genrule( name = "kustomize_bin", @@ -13,9 +14,34 @@ genrule( # OPERATOR # 1. Build the oprator image with ansible dependencies and with roles. +container_image( + name = "forklift-operator-base-image", + base = "@ansible-operator//image", + directory = "/opt/ansible", + files = [ + "requirements.yml", + "roles", + "watches.yaml", + ], +) + +container_run_and_commit_layer( + name = "forklift-operator-image-layer-run", + commands = [ + "ansible-galaxy collection install -r /opt/ansible/requirements.yml && chmod -R ug+rwx /opt/ansible/.ansible", + ], + docker_run_flags = ["--entrypoint=''"], + image = ":forklift-operator-base-image.tar", +) + container_image( name = "forklift-operator-image", - base = "@forklift-operator-image-containerfile//image:dockerfile_image.tar", + base = ":forklift-operator-base-image", + directory = "/opt/ansible", + layers = [ + ":forklift-operator-image-layer-run", + ], + user = "1001", visibility = ["//visibility:public"], ) diff --git a/operator/Containerfile b/operator/Containerfile deleted file mode 100644 index e1b1f5d68..000000000 --- a/operator/Containerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM quay.io/operator-framework/ansible-operator:main - -COPY requirements.yml ${HOME}/requirements.yml -COPY watches.yaml ${HOME}/watches.yaml -COPY roles ${HOME}/roles - -RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ - && chmod -R ug+rwx ${HOME}/.ansible \ No newline at end of file