-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Build seaweedfs image with Chainguard
- Loading branch information
Showing
7 changed files
with
189 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,79 +1,179 @@ | ||
| package main | ||
|
|
||
| import ( | ||
| "context" | ||
| "fmt" | ||
| "os" | ||
| "strings" | ||
|
|
||
| "github.com/Masterminds/semver/v3" | ||
| "github.com/replicatedhq/embedded-cluster/pkg/addons/seaweedfs" | ||
| "github.com/replicatedhq/embedded-cluster/pkg/release" | ||
| "github.com/sirupsen/logrus" | ||
| "github.com/urfave/cli/v2" | ||
| ) | ||
|
|
||
| var seaweedfsImageComponents = map[string]string{ | ||
| "docker.io/chrislusf/seaweedfs": "seaweedfs", | ||
| } | ||
|
|
||
| var seaweedfsComponents = map[string]addonComponent{ | ||
| "seaweedfs": { | ||
| getWolfiPackageName: func(k0sVersion *semver.Version, upstreamVersion *semver.Version) string { | ||
| return "seaweedfs" | ||
| }, | ||
| upstreamVersionInputOverride: "INPUT_SEAWEEDFS_VERSION", | ||
| }, | ||
| } | ||
|
|
||
| var updateSeaweedFSAddonCommand = &cli.Command{ | ||
| Name: "seaweedfs", | ||
| Usage: "Updates the SeaweedFS addon", | ||
| UsageText: environmentUsageText, | ||
| Action: func(c *cli.Context) error { | ||
| logrus.Infof("updating seaweedfs addon") | ||
|
|
||
| latest, err := LatestChartVersion("seaweedfs", "seaweedfs") | ||
| nextChartVersion := os.Getenv("INPUT_SEAWEEDFS_VERSION") | ||
| if nextChartVersion != "" { | ||
| logrus.Infof("using input override from INPUT_SEAWEEDFS_VERSION: %s", nextChartVersion) | ||
| } else { | ||
| logrus.Infof("fetching the latest seaweedfs chart version") | ||
| latest, err := LatestChartVersion("seaweedfs", "seaweedfs") | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get the latest seaweedfs chart version: %v", err) | ||
| } | ||
| nextChartVersion = latest | ||
| logrus.Printf("latest seaweedfs chart version: %s", latest) | ||
| } | ||
| nextChartVersion = strings.TrimPrefix(nextChartVersion, "v") | ||
|
|
||
| current := seaweedfs.Metadata | ||
| if current.Version == nextChartVersion && !c.Bool("force") { | ||
| logrus.Infof("seaweedfs chart version is already up-to-date") | ||
| } else { | ||
| logrus.Infof("mirroring seaweedfs chart version %s", nextChartVersion) | ||
| if err := MirrorChart("seaweedfs", "seaweedfs", nextChartVersion); err != nil { | ||
| return fmt.Errorf("failed to mirror seaweedfs chart: %v", err) | ||
| } | ||
| } | ||
|
|
||
| upstream := fmt.Sprintf("%s/seaweedfs", os.Getenv("CHARTS_DESTINATION")) | ||
| withproto := fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", upstream) | ||
|
|
||
| logrus.Infof("updating seaweedfs images") | ||
|
|
||
| err := updateSeaweedFSAddonImages(c.Context, withproto, nextChartVersion) | ||
| if err != nil { | ||
| return fmt.Errorf("unable to get the latest seaweedfs version: %v", err) | ||
| return fmt.Errorf("failed to update seaweedfs images: %w", err) | ||
| } | ||
| latest = strings.TrimPrefix(latest, "v") | ||
| logrus.Infof("found seaweedfs chart version %s", latest) | ||
|
|
||
| logrus.Infof("successfully updated seaweedfs addon") | ||
|
|
||
| return nil | ||
| }, | ||
| } | ||
|
|
||
| var updateSeaweedFSImagesCommand = &cli.Command{ | ||
| Name: "seaweedfs", | ||
| Usage: "Updates the seaweedfs images", | ||
| UsageText: environmentUsageText, | ||
| Action: func(c *cli.Context) error { | ||
| logrus.Infof("updating seaweedfs images") | ||
|
|
||
| current := seaweedfs.Metadata | ||
| if current.Version == latest && !c.Bool("force") { | ||
| logrus.Infof("seaweedfs chart is up to date") | ||
| return nil | ||
|
|
||
| err := updateSeaweedFSAddonImages(c.Context, current.Location, current.Version) | ||
| if err != nil { | ||
| return fmt.Errorf("failed to update seaweedfs images: %w", err) | ||
| } | ||
|
|
||
| logrus.Infof("mirroring seaweedfs chart") | ||
| if err := MirrorChart("seaweedfs", "seaweedfs", latest); err != nil { | ||
| return fmt.Errorf("unable to mirror seaweedfs chart: %w", err) | ||
| logrus.Infof("successfully updated seaweedfs images") | ||
|
|
||
| return nil | ||
| }, | ||
| } | ||
|
|
||
| func updateSeaweedFSAddonImages(ctx context.Context, chartURL string, chartVersion string) error { | ||
| newmeta := release.AddonMetadata{ | ||
| Version: chartVersion, | ||
| Location: chartURL, | ||
| Images: make(map[string]string), | ||
| } | ||
|
|
||
| k0sVersion, err := getK0sVersion() | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get k0s version: %w", err) | ||
| } | ||
|
|
||
| logrus.Infof("fetching wolfi apk index") | ||
| wolfiAPKIndex, err := GetWolfiAPKIndex() | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get APK index: %w", err) | ||
| } | ||
|
|
||
| values, err := release.GetValuesWithOriginalImages("seaweedfs") | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get seaweedfs values: %v", err) | ||
| } | ||
|
|
||
| logrus.Infof("extracting images from chart version %s", chartVersion) | ||
| images, err := GetImagesFromOCIChart(chartURL, "seaweedfs", chartVersion, values) | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get images from seaweedfs chart: %w", err) | ||
| } | ||
|
|
||
| if err := ApkoLogin(); err != nil { | ||
| return fmt.Errorf("failed to apko login: %w", err) | ||
| } | ||
|
|
||
| for _, image := range images { | ||
| logrus.Infof("updating image %s", image) | ||
|
|
||
| upstreamVersion := TagFromImage(image) | ||
| image = RemoveTagFromImage(image) | ||
|
|
||
| componentName, ok := seaweedfsImageComponents[image] | ||
| if !ok { | ||
| return fmt.Errorf("no component found for image %s", image) | ||
| } | ||
|
|
||
| upstream := fmt.Sprintf("%s/seaweedfs", os.Getenv("CHARTS_DESTINATION")) | ||
| newmeta := release.AddonMetadata{ | ||
| Version: latest, | ||
| Location: fmt.Sprintf("oci://proxy.replicated.com/anonymous/%s", upstream), | ||
| Images: make(map[string]string), | ||
| component, ok := seaweedfsComponents[componentName] | ||
| if !ok { | ||
| return fmt.Errorf("no component found for component name %s", componentName) | ||
| } | ||
|
|
||
| values, err := release.GetValuesWithOriginalImages("seaweedfs") | ||
| if err != nil { | ||
| return fmt.Errorf("unable to get openebs values: %v", err) | ||
| if component.upstreamVersionInputOverride != "" { | ||
| v := os.Getenv(component.upstreamVersionInputOverride) | ||
| if v != "" { | ||
| logrus.Infof("using input override from %s: %s", component.upstreamVersionInputOverride, v) | ||
| upstreamVersion = v | ||
| } | ||
| } | ||
|
|
||
| logrus.Infof("extracting images from chart") | ||
| withproto := fmt.Sprintf("oci://%s", upstream) | ||
| images, err := GetImagesFromOCIChart(withproto, "seaweedfs", latest, values) | ||
| packageName, packageVersion, err := component.getPackageNameAndVersion(wolfiAPKIndex, k0sVersion, upstreamVersion) | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get images from admin console chart: %w", err) | ||
| return fmt.Errorf("failed to get package name and version for %s: %w", componentName, err) | ||
| } | ||
|
|
||
| logrus.Infof("fetching digest for images") | ||
| for _, image := range images { | ||
| sha, err := GetImageDigest(c.Context, image) | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get image %s digest: %w", image, err) | ||
| } | ||
| logrus.Infof("image %s digest: %s", image, sha) | ||
| tag := TagFromImage(image) | ||
| image = RemoveTagFromImage(image) | ||
| newmeta.Images[image] = fmt.Sprintf("%s@%s", tag, sha) | ||
| logrus.Infof("building and publishing %s, %s=%s", componentName, packageName, packageVersion) | ||
|
|
||
| if err := ApkoBuildAndPublish(componentName, packageName, packageVersion, upstreamVersion); err != nil { | ||
| return fmt.Errorf("failed to apko build and publish for %s: %w", componentName, err) | ||
| } | ||
|
|
||
| logrus.Infof("saving addon manifest") | ||
| newmeta.ReplaceImages = true | ||
| if err := newmeta.Save("seaweedfs"); err != nil { | ||
| return fmt.Errorf("failed to save metadata: %w", err) | ||
| digest, err := GetDigestFromBuildFile() | ||
| if err != nil { | ||
| return fmt.Errorf("failed to get digest from build file: %w", err) | ||
| } | ||
|
|
||
| logrus.Infof("successfully updated seaweed addon") | ||
| return nil | ||
| }, | ||
| newmeta.Images[componentName] = fmt.Sprintf("%s@%s", packageVersion, digest) | ||
| } | ||
|
|
||
| logrus.Infof("saving addon manifest") | ||
| newmeta.ReplaceImages = true | ||
| if err := newmeta.Save("seaweedfs"); err != nil { | ||
| return fmt.Errorf("failed to save metadata: %w", err) | ||
| } | ||
|
|
||
| return nil | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| # adapted from: | ||
| # https://github.com/seaweedfs/seaweedfs/blob/8b402fb4b956ac8b10db3453d8a205cda392b372/docker/Dockerfile.go_build | ||
| contents: | ||
| repositories: | ||
| - https://packages.wolfi.dev/os | ||
| keyring: | ||
| - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub | ||
| packages: | ||
| - wolfi-base | ||
| - seaweedfs=${PACKAGE_VERSION} | ||
| - fuse3 # for weed mount | ||
|
|
||
| accounts: | ||
| groups: | ||
| - groupname: nonroot | ||
| gid: 65532 | ||
| users: | ||
| - username: nonroot | ||
| uid: 65532 | ||
| gid: 65532 | ||
| run-as: 65532 | ||
|
|
||
| paths: | ||
| - path: /data | ||
| type: directory | ||
| uid: 65532 | ||
| gid: 65532 | ||
| permissions: 0o755 | ||
| recursive: true | ||
| - path: /data/filerldb2 | ||
| type: directory | ||
| uid: 65532 | ||
| gid: 65532 | ||
| permissions: 0o755 | ||
| recursive: true | ||
|
|
||
| work-dir: /data | ||
|
|
||
| entrypoint: | ||
| command: /usr/bin/entrypoint.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters