Create distroless variant in release scripts . Closes istio#14696 (is…

…tio#14737) * Also build distroless images by default. Closes istio#14696 Co-authored-by: Ralf Pannemans <[email protected]> * Do not build distroless variant by default * Use BUILD_VARIANTS for docker.save Co-authored-by: Ralf Pannemans <[email protected]> * Add handling of build variants to release scripts Co-authored-by: Ralf Pannemans <[email protected]> * Also use distroless variant for release process Co-authored-by: Ralf Pannemans <[email protected]> * Add missing dependency Co-authored-by: Ralf Pannemans <[email protected]> * Use correct image name in add_extra_artifacts_to_tar_images. Co-authored-by: Julia Plachetka <[email protected]> * Fix variant check. Co-authored-by: Julia Plachetka <[email protected]> * Address comments. * Fix check for VARIANT_NAME. Co-authored-by: Julia Plachetka <[email protected]> * Refactor and fix TAG issue. Co-authored-by: Jakob Schmid <[email protected]> * Fix set_image_vars for distroless Co-authored-by: Jakob Schmid <[email protected]>
AmitKumarDas · Jun 25, 2019 · 938c00d · 938c00d
1 parent 2f66459
commit 938c00d
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 27 deletions.
diff --git a/release/gcb/docker_tag_push_lib.sh b/release/gcb/docker_tag_push_lib.sh
@@ -54,24 +54,22 @@ function add_extra_artifacts_to_tar_images() {
   fi
 
   for TAR_PATH in "${OUT_PATH}"/docker/*.tar.gz; do
-    BASE_NAME=$(basename "$TAR_PATH")
-    TAR_NAME="${BASE_NAME%.*}"
-    IMAGE_NAME="${TAR_NAME%.*}"
-
     # if no docker/ directory or directory has no tar files
-    if [[ "${IMAGE_NAME}" == "*" ]]; then
+    if [[ "${TAR_PATH}" == "${OUT_PATH}/docker/*.tar.gz" ]]; then
       break
     fi
+    set_image_vars "$TAR_PATH"
+
     docker load -i "${TAR_PATH}"
 
     cat >Dockerfile <<EOF
-FROM ${REPO}/${IMAGE_NAME}:${TAG}
+FROM ${REPO}/${IMAGE_NAME}:${TAG}${VARIANT_NAME}
 ${add_cmd}
 EOF
 
-    docker build -t              "${HUB}/${IMAGE_NAME}:${TAG}" .
+    docker build -t              "${HUB}/${IMAGE_NAME}:${TAG}${VARIANT_NAME}" .
     # Include the license text in the tarball as well (overwrite old $TAR_PATH).
-    docker save -o "${TAR_PATH}" "${HUB}/${IMAGE_NAME}:${TAG}"
+    docker save -o "${TAR_PATH}" "${HUB}/${IMAGE_NAME}:${TAG}${VARIANT_NAME}"
   done
   popd || return 1
 }
@@ -85,21 +83,20 @@ function docker_tag_images() {
   OUT_PATH="$3"
 
   for TAR_PATH in "${OUT_PATH}"/docker/*.tar.gz; do
-    BASE_NAME=$(basename "$TAR_PATH")
-    TAR_NAME="${BASE_NAME%.*}"
-    IMAGE_NAME="${TAR_NAME%.*}"
-
     # if no docker/ directory or directory has no tar files
-    if [[ "${IMAGE_NAME}" == "*" ]]; then
+    if [[ "${TAR_PATH}" == "${OUT_PATH}/docker/*.tar.gz" ]]; then
       break
     fi
+    set_image_vars "$TAR_PATH"
+
     docker load -i "${TAR_PATH}"
     DOCKER_OUT=$(docker load -i "${TAR_PATH}")
     SRC_HUB=$(echo "$DOCKER_OUT" | cut -f 2 -d : | xargs dirname)
     SRC_TAG=$(echo "$DOCKER_OUT" | cut -f 3 -d :)
 
-    docker tag     "${SRC_HUB}/${IMAGE_NAME}:${SRC_TAG}" \
-                   "${DST_HUB}/${IMAGE_NAME}:${DST_TAG}"
+
+    docker tag "${SRC_HUB}/${IMAGE_NAME}:${SRC_TAG}${VARIANT_NAME}" \
+                "${DST_HUB}/${IMAGE_NAME}:${DST_TAG}${VARIANT_NAME}"
   done
 }
 
@@ -130,15 +127,29 @@ function docker_push_images() {
   fi
 
   for TAR_PATH in "${OUT_PATH}"/docker/*.tar.gz; do
-    BASE_NAME=$(basename "$TAR_PATH")
-    TAR_NAME="${BASE_NAME%.*}"
-    IMAGE_NAME="${TAR_NAME%.*}"
-
     # if no docker/ directory or directory has no tar files
-    if [[ "${IMAGE_NAME}" == "*" ]]; then
+    if [[ "${TAR_PATH}" == "${OUT_PATH}/docker/*.tar.gz" ]]; then
       break
     fi
+    set_image_vars "$TAR_PATH"
+
     docker load -i "${TAR_PATH}"
-    docker push    "${DST_HUB}/${IMAGE_NAME}:${DST_TAG}"
+
+    docker push "${DST_HUB}/${IMAGE_NAME}:${DST_TAG}${VARIANT_NAME}"
   done
 }
+
+function set_image_vars() {
+  local TAR_PATH=$1
+  BASE_NAME=$(basename "$TAR_PATH")
+  TAR_NAME="${BASE_NAME%.*}"
+  IMAGE_NAME="${TAR_NAME%.*}"
+  VARIANT_NAME=""
+  #check if it is a build variant (e.g. distroless)
+  case "${IMAGE_NAME}" in
+    *-distroless)
+      VARIANT_NAME="-${IMAGE_NAME##*-}"
+      IMAGE_NAME="${IMAGE_NAME%${VARIANT_NAME}}"
+      ;;
+  esac
+}
diff --git a/release/gcb/gcb_lib.sh b/release/gcb/gcb_lib.sh
@@ -99,7 +99,7 @@ function make_istio() {
   rm -r "${ISTIO_OUT}/docker" || true
   BUILD_DOCKER_TARGETS=(docker.save)
 
-  CB_BRANCH=${BRANCH} VERBOSE=1 DEBUG=0 ISTIO_DOCKER_HUB=${REL_DOCKER_HUB} HUB=${REL_DOCKER_HUB} make "${BUILD_DOCKER_TARGETS[@]}"
+  CB_BRANCH=${BRANCH} VERBOSE=1 DEBUG=0 ISTIO_DOCKER_HUB=${REL_DOCKER_HUB} HUB=${REL_DOCKER_HUB} DOCKER_BUILD_VARIANTS="default distroless" make "${BUILD_DOCKER_TARGETS[@]}"
 
   # preserve the source from the root of the code
   pushd "${ROOT}/../../../.." || exit

diff --git a/tools/istio-docker.mk b/tools/istio-docker.mk
@@ -228,8 +228,8 @@ docker.node-agent-test: $(ISTIO_DOCKER)/node_agent.key
 # 4. This rule runs $(BUILD_PRE) prior to any docker build and only if specified as a dependency variable
 # 5. This rule finally runs docker build passing $(BUILD_ARGS) to docker if they are specified as a dependency variable
 
-# DOCKER_BUILD_VARIANTS:=default distroless
-DOCKER_BUILD_VARIANTS:=default
+# DOCKER_BUILD_VARIANTS ?=default distroless
+DOCKER_BUILD_VARIANTS ?=default
 DEFAULT_DISTRIBUTION=default
 DOCKER_RULE=$(foreach VARIANT,$(DOCKER_BUILD_VARIANTS), time (mkdir -p $(DOCKER_BUILD_TOP)/$@ && cp -r $^ $(DOCKER_BUILD_TOP)/$@ && cd $(DOCKER_BUILD_TOP)/$@ && $(BUILD_PRE) docker build $(BUILD_ARGS) --build-arg BASE_DISTRIBUTION=$(VARIANT) -t $(HUB)/$(subst docker.,,$@):$(subst -$(DEFAULT_DISTRIBUTION),,$(TAG)-$(VARIANT)) -f Dockerfile$(suffix $@) . ); )
 
@@ -243,9 +243,16 @@ docker.all: $(DOCKER_TARGETS)
 
 # create a DOCKER_TAR_TARGETS that's each of DOCKER_TARGETS with a tar. prefix
 DOCKER_TAR_TARGETS:=
-$(foreach TGT,$(DOCKER_TARGETS),$(eval tar.$(TGT): $(TGT) | $(ISTIO_DOCKER_TAR) ; \
-   time (docker save -o ${ISTIO_DOCKER_TAR}/$(subst docker.,,$(TGT)).tar $(HUB)/$(subst docker.,,$(TGT)):$(TAG) && \
-         gzip ${ISTIO_DOCKER_TAR}/$(subst docker.,,$(TGT)).tar)))
+$(foreach TGT,$(filter-out docker.app,$(DOCKER_TARGETS)),$(eval tar.$(TGT): $(TGT) | $(ISTIO_DOCKER_TAR) ; \
+         $(foreach VARIANT,$(DOCKER_BUILD_VARIANTS), time ( \
+		     docker save -o ${ISTIO_DOCKER_TAR}/$(subst docker.,,$(TGT))$(subst -$(DEFAULT_DISTRIBUTION),,-$(VARIANT)).tar $(HUB)/$(subst docker.,,$(TGT)):$(subst -$(DEFAULT_DISTRIBUTION),,$(TAG)-$(VARIANT)) && \
+             gzip ${ISTIO_DOCKER_TAR}/$(subst docker.,,$(TGT))$(subst -$(DEFAULT_DISTRIBUTION),,-$(VARIANT)).tar \
+			   ); \
+		  )))
+
+tar.docker.app: docker.app | $(ISTIO_DOCKER_TAR)
+	time ( docker save -o ${ISTIO_DOCKER_TAR}/app.tar $(HUB)/app:$(TAG) && \
+             gzip ${ISTIO_DOCKER_TAR}/app.tar )
 
 # create a DOCKER_TAR_TARGETS that's each of DOCKER_TARGETS with a tar. prefix DOCKER_TAR_TARGETS:=
 $(foreach TGT,$(DOCKER_TARGETS),$(eval DOCKER_TAR_TARGETS+=tar.$(TGT)))