Skip to content

Commit 81351cb

Browse files
rbtrrbtr
authored
feat: templatize dockerfile base images and auto update (#3397)
* feat: templatize dockerfile base images and auto update Signed-off-by: Evan Baker <[email protected]> * add cni Signed-off-by: Evan Baker <[email protected]> * update images Signed-off-by: Evan Baker <[email protected]> --------- Signed-off-by: Evan Baker <[email protected]>
1 parent 802420e commit 81351cb

File tree

10 files changed

+278
-21
lines changed

10 files changed

+278
-21
lines changed

Diff for: .github/workflows/baseimages.yaml

+32
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
name: 'Docker Base Images'
2+
on:
3+
workflow_dispatch:
4+
pull_request:
5+
types:
6+
- opened
7+
- reopened
8+
- synchronize
9+
- ready_for_review
10+
merge_group:
11+
types:
12+
- checks_requested
13+
14+
jobs:
15+
render:
16+
runs-on: ubuntu-latest
17+
steps:
18+
- uses: actions/checkout@v4
19+
with:
20+
fetch-depth: 0
21+
- name: Set up Go
22+
uses: actions/setup-go@v5
23+
with:
24+
go-version: '1.23'
25+
- name: Render Dockerfiles
26+
run: make dockerfiles
27+
- name: Fail if base images are outdated
28+
run: |
29+
if [ -n "$(git status --porcelain)" ]; then
30+
echo "Changes detected. Please run 'make dockerfiles' locally to update the base images."
31+
exit 1
32+
fi

Diff for: Makefile

+12-1
Original file line numberDiff line numberDiff line change
@@ -87,6 +87,7 @@ GOFUMPT := $(TOOLS_BIN_DIR)/gofumpt
8787
GOLANGCI_LINT := $(TOOLS_BIN_DIR)/golangci-lint
8888
GO_JUNIT_REPORT := $(TOOLS_BIN_DIR)/go-junit-report
8989
MOCKGEN := $(TOOLS_BIN_DIR)/mockgen
90+
RENDERKIT := $(TOOLS_BIN_DIR)/renderkit
9091

9192
# Archive file names.
9293
ACNCLI_ARCHIVE_NAME = acncli-$(GOOS)-$(GOARCH)-$(ACN_VERSION).$(ARCHIVE_EXT)
@@ -807,6 +808,11 @@ test-k8se2e-only: ## Run k8s network conformance test, use TYPE=basic for only d
807808

808809
##@ Utilities
809810

811+
dockerfiles: tools ## Render all Dockerfile templates with current state of world
812+
@make -f build/images.mk render PATH=cns
813+
@make -f build/images.mk render PATH=cni
814+
815+
810816
$(REPO_ROOT)/.git/hooks/pre-push:
811817
@ln -s $(REPO_ROOT)/.hooks/pre-push $(REPO_ROOT)/.git/hooks/
812818
@echo installed pre-push hook
@@ -866,10 +872,15 @@ $(MOCKGEN): $(TOOLS_DIR)/go.mod
866872

867873
mockgen: $(MOCKGEN) ## Build mockgen
868874

875+
$(RENDERKIT): $(TOOLS_DIR)/go.mod
876+
cd $(TOOLS_DIR); go mod download; go build -o bin/renderkit github.com/orellazri/renderkit
877+
878+
renderkit: $(RENDERKIT) ## Build renderkit
879+
869880
clean-tools:
870881
rm -r build/tools/bin
871882

872-
tools: acncli gocov gocov-xml go-junit-report golangci-lint gofumpt protoc ## Build bins for build tools
883+
tools: acncli gocov gocov-xml go-junit-report golangci-lint gofumpt protoc renderkit ## Build bins for build tools
873884

874885

875886
##@ Help

Diff for: build/images.mk

+25
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,25 @@
1+
# Source images
2+
export GO_IMG ?= mcr.microsoft.com/oss/go/microsoft/golang:1.23-cbl-mariner2.0
3+
export MARINER_CORE_IMG ?= mcr.microsoft.com/cbl-mariner/base/core:2.0
4+
export MARINER_DISTROLESS_IMG ?= mcr.microsoft.com/cbl-mariner/distroless/minimal:2.0
5+
export WIN_HPC_IMG ?= mcr.microsoft.com/oss/kubernetes/windows-host-process-containers-base-image:v1.0.0
6+
7+
8+
# Pinned SHA images
9+
export GO_PIN ?= $(shell skopeo inspect docker://${GO_IMG} --format "{{.Name}}@{{.Digest}}")
10+
export MARINER_CORE_PIN ?= $(shell skopeo inspect docker://${MARINER_CORE_IMG} --format "{{.Name}}@{{.Digest}}")
11+
export MARINER_DISTROLESS_PIN ?= $(shell skopeo inspect docker://${MARINER_DISTROLESS_IMG} --format "{{.Name}}@{{.Digest}}")
12+
export WIN_HPC_PIN ?= $(shell skopeo inspect --override-os windows docker://${WIN_HPC_IMG} --format "{{.Name}}@{{.Digest}}")
13+
14+
export RENDER_MSG ?= "!! AUTOGENERATED - DO NOT EDIT !!"
15+
export SRC ?= ${PATH}/Dockerfile.tmpl
16+
export DEST ?= ${PATH}/Dockerfile
17+
18+
print:
19+
@echo ${GO_PIN}
20+
@echo ${MARINER_CORE_PIN}
21+
@echo ${MARINER_DISTROLESS_PIN}
22+
@echo ${WIN_HPC_PIN}
23+
24+
render:
25+
build/tools/bin/renderkit -f ${SRC} --ds env:// > ${DEST}

Diff for: build/tools/go.mod

+28-6
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,14 @@
11
module github.com/Azure/azure-container-networking/build/tools
22

3-
go 1.23
4-
5-
toolchain go1.23.2
3+
go 1.23.2
64

75
require (
86
github.com/AlekSi/gocov-xml v1.1.0
97
github.com/axw/gocov v1.2.1
108
github.com/golang/mock v1.6.0
119
github.com/golangci/golangci-lint v1.63.4
1210
github.com/jstemmer/go-junit-report v1.0.0
11+
github.com/orellazri/renderkit v0.6.3
1312
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1
1413
google.golang.org/protobuf v1.36.5
1514
mvdan.cc/gofumpt v0.7.0
@@ -19,24 +18,31 @@ require (
1918
require (
2019
4d63.com/gocheckcompilerdirectives v1.2.1 // indirect
2120
4d63.com/gochecknoglobals v0.2.1 // indirect
21+
dario.cat/mergo v1.0.1 // indirect
2222
github.com/4meepo/tagalign v1.4.1 // indirect
2323
github.com/Abirdcfly/dupword v0.1.3 // indirect
2424
github.com/Antonboom/errname v1.0.0 // indirect
2525
github.com/Antonboom/nilnil v1.0.1 // indirect
2626
github.com/Antonboom/testifylint v1.5.2 // indirect
2727
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c // indirect
28+
github.com/CloudyKit/fastprinter v0.0.0-20200109182630-33d98a066a53 // indirect
29+
github.com/CloudyKit/jet/v6 v6.2.0 // indirect
2830
github.com/Crocmagnon/fatcontext v0.5.3 // indirect
2931
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect
3032
github.com/GaijinEntertainment/go-exhaustruct/v3 v3.3.0 // indirect
31-
github.com/Masterminds/semver/v3 v3.3.0 // indirect
33+
github.com/Masterminds/goutils v1.1.1 // indirect
34+
github.com/Masterminds/semver/v3 v3.3.1 // indirect
35+
github.com/Masterminds/sprig/v3 v3.3.0 // indirect
3236
github.com/OpenPeeDeeP/depguard/v2 v2.2.0 // indirect
37+
github.com/a8m/envsubst v1.4.2 // indirect
3338
github.com/alecthomas/go-check-sumtype v0.3.1 // indirect
3439
github.com/alexkohler/nakedret/v2 v2.0.5 // indirect
3540
github.com/alexkohler/prealloc v1.0.0 // indirect
3641
github.com/alingse/asasalint v0.0.11 // indirect
3742
github.com/alingse/nilnesserr v0.1.1 // indirect
3843
github.com/ashanbrown/forbidigo v1.6.0 // indirect
3944
github.com/ashanbrown/makezero v1.2.0 // indirect
45+
github.com/aymerick/raymond v2.0.2+incompatible // indirect
4046
github.com/beorn7/perks v1.0.1 // indirect
4147
github.com/bkielbasa/cyclop v1.2.3 // indirect
4248
github.com/blizzy78/varnamelen v0.8.0 // indirect
@@ -46,15 +52,18 @@ require (
4652
github.com/butuzov/ireturn v0.3.1 // indirect
4753
github.com/butuzov/mirror v1.3.0 // indirect
4854
github.com/catenacyber/perfsprint v0.7.1 // indirect
55+
github.com/cbroglie/mustache v1.4.0 // indirect
4956
github.com/ccojocar/zxcvbn-go v1.0.2 // indirect
5057
github.com/cespare/xxhash/v2 v2.3.0 // indirect
5158
github.com/charithe/durationcheck v0.0.10 // indirect
5259
github.com/chavacava/garif v0.1.0 // indirect
5360
github.com/ckaznocha/intrange v0.3.0 // indirect
61+
github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
5462
github.com/curioswitch/go-reassign v0.3.0 // indirect
5563
github.com/daixiang0/gci v0.13.5 // indirect
5664
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
5765
github.com/denis-tingaikin/go-header v0.5.0 // indirect
66+
github.com/dustin/go-humanize v1.0.1 // indirect
5867
github.com/ettle/strcase v0.2.0 // indirect
5968
github.com/fatih/color v1.18.0 // indirect
6069
github.com/fatih/structtag v1.2.0 // indirect
@@ -87,16 +96,20 @@ require (
8796
github.com/golangci/unconvert v0.0.0-20240309020433-c5143eacb3ed // indirect
8897
github.com/google/go-cmp v0.6.0 // indirect
8998
github.com/google/gofuzz v1.2.0 // indirect
99+
github.com/google/uuid v1.6.0 // indirect
90100
github.com/gordonklaus/ineffassign v0.1.0 // indirect
101+
github.com/goreleaser/fileglob v1.3.0 // indirect
91102
github.com/gostaticanalysis/analysisutil v0.7.1 // indirect
92103
github.com/gostaticanalysis/comment v1.4.2 // indirect
93104
github.com/gostaticanalysis/forcetypeassert v0.1.0 // indirect
94105
github.com/gostaticanalysis/nilerr v0.1.1 // indirect
106+
github.com/hashicorp/go-envparse v0.1.0 // indirect
95107
github.com/hashicorp/go-immutable-radix/v2 v2.1.0 // indirect
96108
github.com/hashicorp/go-version v1.7.0 // indirect
97109
github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
98110
github.com/hashicorp/hcl v1.0.0 // indirect
99111
github.com/hexops/gotextdiff v1.0.3 // indirect
112+
github.com/huandu/xstrings v1.5.0 // indirect
100113
github.com/inconshreveable/mousetrap v1.1.0 // indirect
101114
github.com/jgautheron/goconst v1.7.1 // indirect
102115
github.com/jingyugao/rowserrcheck v1.1.1 // indirect
@@ -125,18 +138,22 @@ require (
125138
github.com/mattn/go-isatty v0.0.20 // indirect
126139
github.com/mattn/go-runewidth v0.0.16 // indirect
127140
github.com/mgechev/revive v1.5.1 // indirect
141+
github.com/mitchellh/copystructure v1.2.0 // indirect
128142
github.com/mitchellh/go-homedir v1.1.0 // indirect
129143
github.com/mitchellh/mapstructure v1.5.0 // indirect
144+
github.com/mitchellh/reflectwalk v1.0.2 // indirect
130145
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
131146
github.com/modern-go/reflect2 v1.0.2 // indirect
132147
github.com/moricho/tparallel v0.3.2 // indirect
133148
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
134149
github.com/nakabonne/nestif v0.3.1 // indirect
150+
github.com/nikolalohinski/gonja/v2 v2.3.3 // indirect
135151
github.com/nishanths/exhaustive v0.12.0 // indirect
136152
github.com/nishanths/predeclared v0.2.2 // indirect
137153
github.com/nunnatsa/ginkgolinter v0.18.4 // indirect
138154
github.com/olekukonko/tablewriter v0.0.5 // indirect
139155
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
156+
github.com/pkg/errors v0.9.1 // indirect
140157
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
141158
github.com/polyfloyd/go-errorlint v1.7.0 // indirect
142159
github.com/prometheus/client_golang v1.20.4 // indirect
@@ -151,6 +168,7 @@ require (
151168
github.com/raeperd/recvcheck v0.2.0 // indirect
152169
github.com/rivo/uniseg v0.4.7 // indirect
153170
github.com/rogpeppe/go-internal v1.13.1 // indirect
171+
github.com/russross/blackfriday/v2 v2.1.0 // indirect
154172
github.com/ryancurrah/gomodguard v1.3.5 // indirect
155173
github.com/ryanrolds/sqlclosecheck v0.5.1 // indirect
156174
github.com/sagikazarmark/locafero v0.6.0 // indirect
@@ -161,14 +179,15 @@ require (
161179
github.com/sashamelentyev/usestdlibvars v1.28.0 // indirect
162180
github.com/securego/gosec/v2 v2.21.4 // indirect
163181
github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect
182+
github.com/shopspring/decimal v1.4.0 // indirect
164183
github.com/sirupsen/logrus v1.9.3 // indirect
165184
github.com/sivchari/containedctx v1.0.3 // indirect
166185
github.com/sivchari/tenv v1.12.1 // indirect
167186
github.com/sonatard/noctx v0.1.0 // indirect
168187
github.com/sourcegraph/conc v0.3.0 // indirect
169188
github.com/sourcegraph/go-diff v0.7.0 // indirect
170189
github.com/spf13/afero v1.11.0 // indirect
171-
github.com/spf13/cast v1.7.0 // indirect
190+
github.com/spf13/cast v1.7.1 // indirect
172191
github.com/spf13/cobra v1.8.1 // indirect
173192
github.com/spf13/pflag v1.0.5 // indirect
174193
github.com/spf13/viper v1.19.0 // indirect
@@ -185,10 +204,12 @@ require (
185204
github.com/tommy-muehle/go-mnd/v2 v2.5.1 // indirect
186205
github.com/ultraware/funlen v0.2.0 // indirect
187206
github.com/ultraware/whitespace v0.2.0 // indirect
207+
github.com/urfave/cli/v2 v2.27.5 // indirect
188208
github.com/uudashr/gocognit v1.2.0 // indirect
189209
github.com/uudashr/iface v1.3.0 // indirect
190210
github.com/x448/float16 v0.8.4 // indirect
191211
github.com/xen0n/gosmopolitan v1.2.2 // indirect
212+
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
192213
github.com/yagipy/maintidx v1.0.0 // indirect
193214
github.com/yeya24/promlinter v0.3.0 // indirect
194215
github.com/ykadowak/zerologlint v0.1.5 // indirect
@@ -198,7 +219,8 @@ require (
198219
go.uber.org/automaxprocs v1.6.0 // indirect
199220
go.uber.org/multierr v1.11.0 // indirect
200221
go.uber.org/zap v1.27.0 // indirect
201-
golang.org/x/exp v0.0.0-20241004190924-225e2abe05e6 // indirect
222+
golang.org/x/crypto v0.31.0 // indirect
223+
golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
202224
golang.org/x/exp/typeparams v0.0.0-20241108190413-2d47ceb2692f // indirect
203225
golang.org/x/mod v0.22.0 // indirect
204226
golang.org/x/net v0.33.0 // indirect

0 commit comments

Comments
 (0)