Build Ubuntu Image for Cluster API

metal-stack · Jan 17, 2025 · dfc0930 · dfc0930
1 parent 980f807
commit dfc0930
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 80 deletions.
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -10,12 +10,8 @@ env:
   ACTIONS_ALLOW_UNSECURE_COMMANDS: true
 
 jobs:
-  debian-ubuntu:
-    name: Build Debian and Ubuntu based OS images
-
-    strategy:
-      matrix:
-        os: [debian, ubuntu]
+  cluster-api:
+    name: Build Ubuntu based OS image for Cluster API
 
     runs-on: self-hosted
 
@@ -46,7 +42,7 @@ jobs:
 
     - name: Prepare build environment
       shell: bash
-      run: ./prepare.sh ${{ matrix.os }}
+      run: ./prepare.sh ubuntu
 
     - name: use our lz4 which is version 1.10 with multithread support
       shell: bash
@@ -61,93 +57,23 @@ jobs:
         TMPDIR=/var/tmp \
         docker-make \
           --work-dir debian \
-          --file docker-make.${{ matrix.os }}.yaml \
+          --file docker-make.ubuntu.yaml \
           --no-cache \
           --summary \
           --no-lint \
           --no-push
 
-    # TODO enable debian build again, actually droptailer and firewall-controller did not get enabled
-    # and then goss tests fail
-    - name: Build docker image for firewalls and export tarball
+    - name: Build docker image for cluster api images and export tarball
       run: |
-        DOCKER_MAKE_REGISTRY_LOGIN_USER="metalstack+ci" \
-        DOCKER_MAKE_REGISTRY_LOGIN_PASSWORD="${{ secrets.QUAY_IO_TOKEN }}" \
         TMPDIR=/var/tmp \
         docker-make \
-          --work-dir firewall \
-          --build-only ${{ matrix.os }} \
-          --no-cache \
-          --no-pull \
-          --summary \
-          --no-lint \
-          --no-push
-      if: ${{ matrix.os == 'ubuntu' }}
-
-    - name: Prepare build environment
-      shell: bash
-      run: ./prepare.sh debian-nvidia
-      if: ${{ matrix.os == 'debian' }}
-
-    - name: Build docker image for debian-nvidia based workers and export tarball
-      run: |
-        TMPDIR=/var/tmp \
-        docker-make \
-          --work-dir debian-nvidia \
+          --work-dir cluster-api \
           --file docker-make.yaml \
           --no-cache \
           --no-pull \
           --summary \
           --no-lint \
           --no-push
-      if: ${{ matrix.os == 'debian' }}
-
-    - name: Upload image tarballs to GCS
-      run: cd images && gsutil -m -h "Cache-Control:no-store" cp -r . gs://$GCS_BUCKET/metal-os/pull_requests/
-
-  almalinux:
-    name: Build Almalinux based OS image
-    runs-on: self-hosted
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v4
-
-    - uses: google-github-actions/auth@v2
-      with:
-        credentials_json: '${{ secrets.GCP_SA_KEY }}'
-
-    - name: Set up Cloud SDK
-      uses: google-github-actions/setup-gcloud@v2
-
-    - name: Set up Go 1.23
-      uses: actions/setup-go@v5
-      with:
-        go-version: '1.23.x'
-        cache: false
-
-    - name: build install
-      run: make
-    - name: Prepare build environment
-      shell: bash
-      run: ./prepare.sh almalinux
-    - name: Build docker image for almalinux based workers and export tarball
-      run: |
-        DOCKER_MAKE_REGISTRY_LOGIN_USER="metalstack+ci" \
-        DOCKER_MAKE_REGISTRY_LOGIN_PASSWORD="${{ secrets.QUAY_IO_TOKEN }}" \
-        TMPDIR=/var/tmp \
-        docker-make \
-          --work-dir almalinux \
-          --file docker-make.yaml \
-          --no-cache \
-          --no-push \
-          --summary \
-          --no-lint \
-          --no-push
-
-    - uses: google-github-actions/setup-gcloud@v0
-      with:
-          service_account_email: ${{ secrets.GCP_SA_EMAIL }}
-          service_account_key: ${{ secrets.GCP_SA_KEY }}
 
     - name: Upload image tarballs to GCS
       run: cd images && gsutil -m -h "Cache-Control:no-store" cp -r . gs://$GCS_BUCKET/metal-os/pull_requests/
diff --git a/cluster-api/Dockerfile b/cluster-api/Dockerfile
@@ -0,0 +1,21 @@
+ARG BASE_OS_NAME
+ARG BASE_OS_VERSION
+
+FROM ${BASE_OS_NAME}:${BASE_OS_VERSION}
+
+ARG KUBE_MAJOR_MINOR_VERSION
+ARG KUBE_VERSION
+
+ENV DEBCONF_NONINTERACTIVE_SEEN="true" \
+    DEBIAN_FRONTEND="noninteractive"
+
+RUN curl -fsSL https://pkgs.k8s.io/core:/stable:/${KUBE_MAJOR_MINOR_VERSION}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg \
+ && echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/${KUBE_MAJOR_MINOR_VERSION}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list \
+ && apt update \
+ && apt install --yes --no-install-recommends \
+        kubeadm=${KUBE_VERSION} \
+        kubectl=${KUBE_VERSION} \
+        kubelet=${KUBE_VERSION} \
+        kubernetes-cni
+
+RUN systemctl enable kubelet.service
diff --git a/cluster-api/docker-make.yaml b/cluster-api/docker-make.yaml
@@ -0,0 +1,24 @@
+---
+version: '1'
+name: cluster-api
+username: metalstack
+registry-host: quay.io
+default-build-args:
+  - SEMVER_PATCH=${SEMVER_PATCH}
+  - OS_NAME=cluster-api
+builds:
+  -
+    name: ubuntu
+    tags:
+      - ${SEMVER}
+      - ${SEMVER_MAJOR_MINOR}
+    build-args:
+      - BASE_OS_NAME=quay.io/metalstack/ubuntu
+      - BASE_OS_VERSION=24.04
+      - KUBE_MAJOR_MINOR_VERSION=v1.30
+      - KUBE_VERSION=${KUBE_MAJOR_MINOR_VERSION}.6
+      - SEMVER_MAJOR_MINOR=cluster-api-k8s-${KUBE_VERSION}
+      - SEMVER=${SEMVER_MAJOR_MINOR}${SEMVER_PATCH}
+    after:
+      - cd ../ && OS_NAME=${SEMVER}-${OS_NAME} ./test.sh quay.io/metalstack/${OS_NAME}:${SEMVER}
+      - OS_NAME=${OS_NAME} SEMVER_MAJOR_MINOR=${SEMVER_MAJOR_MINOR} SEMVER_PATCH=${SEMVER_PATCH} ../export.sh