replace buildah w/ buildkit

GravityCloudAI · Feb 2, 2025 · 1cb46c4 · 1cb46c4
1 parent 259af34
commit 1cb46c4
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 9 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -9,6 +9,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     unzip \
     iptables \
     git \
+    skopeo \
     && rm -rf /var/lib/apt/lists/*
 
 RUN echo "deb http://deb.debian.org/debian sid main" | tee /etc/apt/sources.list.d/sid.list
@@ -57,6 +58,35 @@ RUN curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/s
 
 RUN helm version --short
 
+RUN BUILDKIT_VERSION=v0.19.0 && \
+    RUNC_VERSION=v1.2.24 && \
+    ARCH=$(uname -m) && \
+    if [ "$ARCH" = "x86_64" ]; then \
+        ARCH="amd64"; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+        ARCH="arm64"; \
+    else \
+        echo "Unsupported architecture: $ARCH"; exit 1; \
+    fi && \
+    # Install runc
+    curl -LO "https://github.com/opencontainers/runc/releases/download/${RUNC_VERSION}/runc.${ARCH}" && \
+    install -m 755 runc.${ARCH} /usr/local/bin/runc && \
+    rm runc.${ARCH} && \
+    # Install BuildKit
+    curl -LO "https://github.com/moby/buildkit/releases/download/${BUILDKIT_VERSION}/buildkit-${BUILDKIT_VERSION}.linux-${ARCH}.tar.gz" && \
+    tar xzvf buildkit-${BUILDKIT_VERSION}.linux-${ARCH}.tar.gz && \
+    mv bin/buildctl /usr/local/bin/ && \
+    mv bin/buildkitd /usr/local/bin/ && \
+    rm -rf bin buildkit-${BUILDKIT_VERSION}.linux-${ARCH}.tar.gz
+
+
+RUN mkdir -p /etc/buildkit && \
+    echo '[worker.oci]' > /etc/buildkit/buildkitd.toml && \
+    echo '  max-parallelism = 50' >> /etc/buildkit/buildkitd.toml && \
+    echo '[registry."gravity-docker-registry:5000"]' > /etc/buildkit/buildkitd.toml && \
+    echo '  http = true' >> /etc/buildkit/buildkitd.toml && \
+    echo '  insecure = true' >> /etc/buildkit/buildkitd.toml
+
 # Create the working directory
 WORKDIR /usr/src/app
 
@@ -77,4 +107,6 @@ USER root
 VOLUME /var/lib/containers
 
 # Start the application
-CMD [ "npm", "start" ]
+# CMD [ "npm", "start" ]
+
+CMD ["sh", "-c", "buildkitd --config /etc/buildkit/buildkitd.toml & npm start"]
diff --git a/src/index.ts b/src/index.ts
@@ -1444,12 +1444,12 @@ const processJob = async () => {
 					const localRegistryUrl = `${process.env?.DOCKER_REGISTRY_URL}:${process.env?.DOCKER_REGISTRY_PORT}`
 
 					// Build Docker image
-					let dockerBuildCli = process.env.ENV === "production" ? "buildah --storage-driver vfs" : "docker"
+					let dockerBuildCli = process.env.ENV === "production" ? "buildctl" : "docker"
 					const serviceContext = path.join(gitRepoPath, service.servicePath)
 					const dockerfilePath = path.join(serviceContext, 'Dockerfile')
 
 					const dockerBuildCommand = process.env.ENV === "production"
-						? `${dockerBuildCli} bud --isolation chroot --platform=linux/amd64 --tls-verify=false --layers --jobs=20 --cache-from ${localRegistryUrl}/${owner}/${serviceName}/cache --cache-to ${localRegistryUrl}/${owner}/${serviceName}/cache -t ${owner}/${serviceName}:latest -f ${dockerfilePath} ${serviceContext}`
+						? `${dockerBuildCli} build --frontend=dockerfile.v0 --local context=${serviceContext} --local dockerfile=${dockerfilePath} --output type=oci,dest=./${owner}-${serviceName}-${lastRunBranch}.tar --export-cache type=registry,ref=${localRegistryUrl}/${owner}/${serviceName}:cache,insecure=true --import-cache type=registry,ref=${localRegistryUrl}/${owner}/${serviceName}:cache,insecure=true --opt build-arg:BUILDKIT_MULTI_PLATFORM=1 --opt platform=linux/amd64`
 						: `${dockerBuildCli} build --platform=linux/amd64 -t ${owner}/${serviceName}:latest -f ${dockerfilePath} ${serviceContext}`;
 
 					await customExec(deploymentRunId, "DOCKER_IMAGE_BUILD", serviceName, dockerBuildCommand)
@@ -1500,15 +1500,10 @@ const processJob = async () => {
 
 										const imageTag = `${latestDeployRun.head_sha?.slice(0, 7)}-${lastRunBranch}`
 
-										// tag the docker image with the aws repository name and region
-										const dockerTagCommand = `${dockerBuildCli} tag ${owner}/${serviceName}:latest ${ecrBaseURL}/${awsRepositoryName}:${imageTag}`
-										await customExec(deploymentRunId, "DOCKER_IMAGE_TAG", serviceName, dockerTagCommand)
+										const dockerPushCommand = `AWS_ACCESS_KEY_ID=${process.env.AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${process.env.AWS_SECRET_ACCESS_KEY} aws ecr get-login-password --region us-east-1 | skopeo login --username AWS --password-stdin ${ecrBaseURL} && skopeo copy oci-archive:./${owner}-${serviceName}-${lastRunBranch}.tar docker://${ecrBaseURL}/${awsRepositoryName}:${imageTag}`
 
-										const dockerPushCommand = `AWS_ACCESS_KEY_ID=${process.env.AWS_ACCESS_KEY_ID} AWS_SECRET_ACCESS_KEY=${process.env.AWS_SECRET_ACCESS_KEY} aws ecr get-login-password --region ${region} | ${dockerBuildCli} login --username AWS --password-stdin ${ecrBaseURL} && ${dockerBuildCli} push ${ecrBaseURL}/${awsRepositoryName}:${imageTag}`
 										await customExec(deploymentRunId, "DOCKER_IMAGE_PUSH", serviceName, dockerPushCommand)
 
-										// await customExec(deploymentRunId, "DOCKER_LOGOUT", serviceName, `${dockerBuildCli} logout ${ecrBaseURL}`)
-
 										sendSlackNotification("Docker Push Completed", `Docker push completed for ${serviceName} / ${lastRunBranch} in ${repository} at ${region}}`)
 
 										let newLocalValuesFilePath: string | null = null