From adc13e516f47045a502373784d904b6d0e170619 Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Sun, 9 Jan 2022 20:49:54 -0800 Subject: [PATCH 1/6] Building container image for csi-proxy --- .github/workflows/csi-proxy.yml | 42 ++++++++++++++++++++++++ hostprocess/csi-proxy/Dockerfile.windows | 15 +++++++++ hostprocess/csi-proxy/README.md | 9 +++++ hostprocess/csi-proxy/VERSION | 1 + hostprocess/csi-proxy/build.sh | 27 +++++++++++++++ hostprocess/csi-proxy/csi-proxy.yaml | 24 ++++++++++++++ 6 files changed, 118 insertions(+) create mode 100644 .github/workflows/csi-proxy.yml create mode 100644 hostprocess/csi-proxy/Dockerfile.windows create mode 100644 hostprocess/csi-proxy/README.md create mode 100644 hostprocess/csi-proxy/VERSION create mode 100755 hostprocess/csi-proxy/build.sh create mode 100644 hostprocess/csi-proxy/csi-proxy.yaml diff --git a/.github/workflows/csi-proxy.yml b/.github/workflows/csi-proxy.yml new file mode 100644 index 00000000..4ba0b122 --- /dev/null +++ b/.github/workflows/csi-proxy.yml @@ -0,0 +1,42 @@ +name: csi-proxy + +on: + push: + branches: [ master ] + paths: + - hostprocess/csi-proxy/** + workflow_dispatch: + pull_request: + paths: + - hostprocess/csi-proxy/** + branchs: + - master + +permissions: + contents: read + packages: write + +jobs: + build: + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + - name: login to GitHub container registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: set env for ci + if: ${{ github.event_name == 'pull_request' }} + run: | + echo "version=ci" >> $GITHUB_ENV + - name: set env for release + if: ${{ github.event_name != 'pull_request' }} + run: | + export version=$(cat ./hostprocess/csi-proxy/VERSION) + echo "version=$version" + - name: build image + run: | + cd hostprocess/csi-proxy + ./build.sh diff --git a/hostprocess/csi-proxy/Dockerfile.windows b/hostprocess/csi-proxy/Dockerfile.windows new file mode 100644 index 00000000..411b5fa2 --- /dev/null +++ b/hostprocess/csi-proxy/Dockerfile.windows @@ -0,0 +1,15 @@ +ARG REGISTRY=mcr.microsoft.com/windows +ARG WINDOWS_BASE_IMAGE=nanoserver +ARG WINDOWS_VERSION=1809 + +FROM --platform=linux/amd64 golang:1.16 as builder +ARG CSI_PROXY_VERSION=v1.0.2 +RUN git clone https://github.com/kubernetes-csi/csi-proxy.git /go/csi-proxy &&\ + cd /go/csi-proxy &&\ + git checkout tags/${CSI_PROXY_VERSION} &&\ + make build + +FROM ${REGISTRY}/${WINDOWS_BASE_IMAGE}:${WINDOWS_VERSION} +COPY --from=builder /go/csi-proxy/bin/csi-proxy.exe /csi-proxy.exe +ENV PATH="C:\Windows\system32;C:\Windows;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;" +ENTRYPOINT ["csi-proxy.exe", "-v", "4"] diff --git a/hostprocess/csi-proxy/README.md b/hostprocess/csi-proxy/README.md new file mode 100644 index 00000000..ab5cd9e4 --- /dev/null +++ b/hostprocess/csi-proxy/README.md @@ -0,0 +1,9 @@ +# CSI-proxy + +Runs [csi-proxy](https://github.com/kubernetes-csi/csi-proxy) on Windows nodes as a hostprocess container. + +## Deploy + +``` bash +kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/sig-windows-tools/master/hostprocess/csi-proxy/csi-proxy.yaml +``` diff --git a/hostprocess/csi-proxy/VERSION b/hostprocess/csi-proxy/VERSION new file mode 100644 index 00000000..570c7965 --- /dev/null +++ b/hostprocess/csi-proxy/VERSION @@ -0,0 +1 @@ +v1.0.2 diff --git a/hostprocess/csi-proxy/build.sh b/hostprocess/csi-proxy/build.sh new file mode 100755 index 00000000..68956136 --- /dev/null +++ b/hostprocess/csi-proxy/build.sh @@ -0,0 +1,27 @@ +#!/bin/bash +set -x + +if [[ -z "${version}" ]]; then + echo "Required env var 'version' is not set" + exit 1 +fi +echo "Using version ${version}" + +repository=${repository:-"ghcr.io/kubernetes-sigs/sig-windows"} + +docker buildx create --name img-builder --use --platform windows/amd64 +trap 'docker buildx rm img-builder' EXIT + +docker buildx build --platform windows/amd64 --output=type=registry -f Dockerfile.windows --build-arg=WINDOWS_VERSION=1809 -t ${repository}/csi-proxy:${version}-1809 . +docker buildx build --platform windows/amd64 --output=type=registry -f Dockerfile.windows --build-arg=WINDOWS_VERSION=ltsc2022 -t ${repository}/csi-proxy:${version}-ltsc2022 . + +docker manifest create ${repository}/csi-proxy:${version} ${repository}/csi-proxy:${version}-1809 ${repository}/csi-proxy:${version}-ltsc2022 + +os_version_1809=$(docker manifest inspect mcr.microsoft.com/windows/nanoserver:1809 | grep "os.version" | head -n 1 | awk -F\" '{print $4}') +docker manifest annotate --os windows --arch amd64 --os-version $os_version_1809 $repository/csi-proxy:$version $repository/csi-proxy:$version-1809 + +os_version_ltsc2022=$(docker manifest inspect mcr.microsoft.com/windows/nanoserver:ltsc2022 | grep "os.version" | head -n 1 | awk -F\" '{print $4}') +docker manifest annotate --os windows --arch amd64 --os-version $os_version_ltsc2022 $repository/csi-proxy:$version $repository/csi-proxy:$version-ltsc2022 + +docker manifest inspect $repository/csi-proxy:$version +docker manifest push ${repository}/csi-proxy:${version} diff --git a/hostprocess/csi-proxy/csi-proxy.yaml b/hostprocess/csi-proxy/csi-proxy.yaml new file mode 100644 index 00000000..0c49a8bb --- /dev/null +++ b/hostprocess/csi-proxy/csi-proxy.yaml @@ -0,0 +1,24 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: csi-proxy + namespace: kube-system +spec: + selector: + matchLabels: + name: csi-proxy + template: + metadata: + labels: + name: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 From 23c55f54082138578dcc2ee80446de3d3182f5bc Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Wed, 12 Jan 2022 13:52:52 -0800 Subject: [PATCH 2/6] Adding set -e to hostprocess/csi-proxy/build.sh --- hostprocess/csi-proxy/build.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/hostprocess/csi-proxy/build.sh b/hostprocess/csi-proxy/build.sh index 68956136..a47e4a43 100755 --- a/hostprocess/csi-proxy/build.sh +++ b/hostprocess/csi-proxy/build.sh @@ -1,5 +1,6 @@ #!/bin/bash set -x +set -e if [[ -z "${version}" ]]; then echo "Required env var 'version' is not set" From 51f0c14b5537bf632cff9bef3304ee00128a6a6f Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Thu, 13 Jan 2022 10:48:37 -0800 Subject: [PATCH 3/6] updating github action defintion to (only trigger release if VERSION chagnes and correctly set version for release builds) --- .github/workflows/csi-proxy.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/csi-proxy.yml b/.github/workflows/csi-proxy.yml index 4ba0b122..fd98f218 100644 --- a/.github/workflows/csi-proxy.yml +++ b/.github/workflows/csi-proxy.yml @@ -4,7 +4,7 @@ on: push: branches: [ master ] paths: - - hostprocess/csi-proxy/** + - hostprocess/csi-proxy/VERSION workflow_dispatch: pull_request: paths: @@ -27,15 +27,18 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: set env for ci + - name: set 'version' for ci if: ${{ github.event_name == 'pull_request' }} run: | echo "version=ci" >> $GITHUB_ENV - - name: set env for release + - name: set 'version' for release if: ${{ github.event_name != 'pull_request' }} run: | export version=$(cat ./hostprocess/csi-proxy/VERSION) - echo "version=$version" + echo "version=$version" >> $GITHUB_ENV + run: | + export csi_proxy_version=%(cat ./hostprocess/csi-proxy/CSI_PROXY_VERSION) + echo "csi_proxy_version=$csi_proxy_version" >> $GITHUB_ENV - name: build image run: | cd hostprocess/csi-proxy From 24a890e534409620033994fbc58c3f8be354d811 Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Thu, 13 Jan 2022 10:50:12 -0800 Subject: [PATCH 4/6] fixup --- .github/workflows/csi-proxy.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/csi-proxy.yml b/.github/workflows/csi-proxy.yml index fd98f218..c955a1d0 100644 --- a/.github/workflows/csi-proxy.yml +++ b/.github/workflows/csi-proxy.yml @@ -36,9 +36,6 @@ jobs: run: | export version=$(cat ./hostprocess/csi-proxy/VERSION) echo "version=$version" >> $GITHUB_ENV - run: | - export csi_proxy_version=%(cat ./hostprocess/csi-proxy/CSI_PROXY_VERSION) - echo "csi_proxy_version=$csi_proxy_version" >> $GITHUB_ENV - name: build image run: | cd hostprocess/csi-proxy From 29fa6d6009fca4ae2c85023861995e56bf97d024 Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Wed, 19 Jan 2022 09:08:04 -0800 Subject: [PATCH 5/6] Updating csi-proxy build scripts to not push for ci builds --- .github/workflows/csi-proxy.yml | 2 +- hostprocess/csi-proxy/build.sh | 53 ++++++++++++++++++++++++++------- 2 files changed, 44 insertions(+), 11 deletions(-) diff --git a/.github/workflows/csi-proxy.yml b/.github/workflows/csi-proxy.yml index c955a1d0..d1150509 100644 --- a/.github/workflows/csi-proxy.yml +++ b/.github/workflows/csi-proxy.yml @@ -39,4 +39,4 @@ jobs: - name: build image run: | cd hostprocess/csi-proxy - ./build.sh + ./build.sh --push diff --git a/hostprocess/csi-proxy/build.sh b/hostprocess/csi-proxy/build.sh index a47e4a43..8f60f2ee 100755 --- a/hostprocess/csi-proxy/build.sh +++ b/hostprocess/csi-proxy/build.sh @@ -1,28 +1,61 @@ #!/bin/bash -set -x set -e +for i in "$@"; do + case $i in + --push) + push="1" + shift + ;; + *) + ;; + esac +done + if [[ -z "${version}" ]]; then - echo "Required env var 'version' is not set" - exit 1 + echo "Required env var 'version' is not set" + exit 1 fi echo "Using version ${version}" +output="type=docker,dest=./export.tar" + +if [[ "$push" == "1" ]]; then + output="type=registry" +fi + repository=${repository:-"ghcr.io/kubernetes-sigs/sig-windows"} +set -x + docker buildx create --name img-builder --use --platform windows/amd64 trap 'docker buildx rm img-builder' EXIT -docker buildx build --platform windows/amd64 --output=type=registry -f Dockerfile.windows --build-arg=WINDOWS_VERSION=1809 -t ${repository}/csi-proxy:${version}-1809 . -docker buildx build --platform windows/amd64 --output=type=registry -f Dockerfile.windows --build-arg=WINDOWS_VERSION=ltsc2022 -t ${repository}/csi-proxy:${version}-ltsc2022 . -docker manifest create ${repository}/csi-proxy:${version} ${repository}/csi-proxy:${version}-1809 ${repository}/csi-proxy:${version}-ltsc2022 +declare -a win_vers=("1809" "ltsc2022") -os_version_1809=$(docker manifest inspect mcr.microsoft.com/windows/nanoserver:1809 | grep "os.version" | head -n 1 | awk -F\" '{print $4}') -docker manifest annotate --os windows --arch amd64 --os-version $os_version_1809 $repository/csi-proxy:$version $repository/csi-proxy:$version-1809 +manifest_entries="" -os_version_ltsc2022=$(docker manifest inspect mcr.microsoft.com/windows/nanoserver:ltsc2022 | grep "os.version" | head -n 1 | awk -F\" '{print $4}') -docker manifest annotate --os windows --arch amd64 --os-version $os_version_ltsc2022 $repository/csi-proxy:$version $repository/csi-proxy:$version-ltsc2022 +# Build container images with buildx +for win_ver in "${win_vers[@]}"; do + docker buildx build --platform windows/amd64 --output=$output -f Dockerfile.windows --build-arg=WINDOWS_VERSION=$win_ver -t ${repository}/csi-proxy:${version}-$win_ver . + + manifest_entries="$manifest_entries ${repository}/csi-proxy:${version}-$win_ver" +done + +if [[ $push != "1" ]]; then + exit +fi + +# Create manifest +docker manifest create ${repository}/csi-proxy:${version} $manifest_entries + +# Annotate manifests +for win_ver in "${win_vers[@]}"; do + os_ver=$(docker manifest inspect mcr.microsoft.com/windows/nanoserver:${win_ver} | grep "os.version" | head -n 1 | awk -F\" '{print $4}') + docker manifest annotate --os windows --arch amd64 --os-version $os_ver $repository/csi-proxy:$version $repository/csi-proxy:$version-$win_ver +done docker manifest inspect $repository/csi-proxy:$version + docker manifest push ${repository}/csi-proxy:${version} From 886a88ab3176a48c11b87f2a4f1218896d81adab Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Fri, 21 Jan 2022 11:58:06 -0800 Subject: [PATCH 6/6] fixing workflow to not push for CI builds --- .github/workflows/csi-proxy.yml | 14 ++++++-------- hostprocess/csi-proxy/build.sh | 24 +++++++++++++++++------- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/.github/workflows/csi-proxy.yml b/.github/workflows/csi-proxy.yml index d1150509..8b9663fd 100644 --- a/.github/workflows/csi-proxy.yml +++ b/.github/workflows/csi-proxy.yml @@ -27,16 +27,14 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: set 'version' for ci + - name: build image for ci if: ${{ github.event_name == 'pull_request' }} run: | - echo "version=ci" >> $GITHUB_ENV - - name: set 'version' for release + cd hostprocess/csi-proxy + ./build.sh --version ci + - name: build image for release if: ${{ github.event_name != 'pull_request' }} - run: | - export version=$(cat ./hostprocess/csi-proxy/VERSION) - echo "version=$version" >> $GITHUB_ENV - - name: build image run: | cd hostprocess/csi-proxy - ./build.sh --push + export version=$(cat ./hostprocess/csi-proxy/VERSION) + ./build.sh --version $version --push diff --git a/hostprocess/csi-proxy/build.sh b/hostprocess/csi-proxy/build.sh index 8f60f2ee..fc6cb090 100755 --- a/hostprocess/csi-proxy/build.sh +++ b/hostprocess/csi-proxy/build.sh @@ -1,19 +1,29 @@ #!/bin/bash set -e -for i in "$@"; do - case $i in - --push) +args=$(getopt -o v:p -l version:,push -- "$@") +eval set -- "$args" + +while [ $# -ge 1 ]; do + case "$1" in + --) + shift + break + ;; + -v|--version) + version="$2" + shift + ;; + -p|--push) push="1" shift ;; - *) - ;; esac + shift done -if [[ -z "${version}" ]]; then - echo "Required env var 'version' is not set" +if [[ -z "$version" ]]; then + echo "--version is required" exit 1 fi echo "Using version ${version}"