Update terraform build images

build/build-nginx-image.sh

@@ -41,7 +41,6 @@ fi
 export DOCKER_CLI_EXPERIMENTAL=enabled
 docker buildx build \
   --load \
-  --no-cache \
   --platform linux/amd64 \
   --tag build-nginx-terraform $DIR/images/nginx
 

build/images/ingress-controller/.dockerignore

@@ -1 +1,9 @@
 *.tfvars
+*.tfvars
+.terraform*
+terraform*
+*.tfstate
+*.tfstate.backup
+id_rsa*
+aws.tfvars
+env.tfvars

build/images/ingress-controller/Dockerfile

@@ -1,6 +1,6 @@
 FROM us.gcr.io/k8s-artifacts-prod/build-image/debian-base-amd64:v2.1.0
 
-ENV TERRAFORM_VERSION 0.12.19
+ENV TERRAFORM_VERSION 0.12.26
 
 RUN clean-install \
     bash \
@@ -8,6 +8,7 @@ RUN clean-install \
     ca-certificates \
     unzip \
     git \
+    python3 \
     openssh-client
 
 RUN curl -sSL -o /terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \

build/images/ingress-controller/build.sh

@@ -34,16 +34,10 @@ source_tfvars /tmp/env
 
 export DEBIAN_FRONTEND=noninteractive
 
-apt -q=3 update
+apt update
+apt dist-upgrade --yes
 
-apt -q=3 dist-upgrade --yes
-
-add-apt-repository universe   --yes
-add-apt-repository multiverse --yes
-
-apt -q=3 update
-
-apt -q=3 install \
+apt install \
   apt-transport-https \
   ca-certificates \
   curl \
@@ -58,9 +52,8 @@ add-apt-repository \
   $(lsb_release -cs) \
   stable" --yes
 
-apt -q=3 update
-
-apt -q=3 install docker-ce --yes
+apt update
+apt install docker-ce --yes
 
 echo ${docker_password} | docker login -u ${docker_username} --password-stdin quay.io
 

build/images/ingress-controller/entrypoint.sh

@@ -35,8 +35,14 @@ trap 'catch $? $LINENO' ERR
 
 terraform init
 
+GET_UNTIL_VALID="
+from datetime import datetime, timedelta
+two_hours_from_now = datetime.utcnow() + timedelta(hours=2)
+print(two_hours_from_now.strftime('%Y-%m-%dT%H:%M:%SZ'))
+"
+
 # destroy spot instance after two hours
-EC2_VALID_UNTIL=$(date -d "+2 hours" +%Y-%m-%dT%H:%M:%SZ)
+EC2_VALID_UNTIL=$(python3 -c "$GET_UNTIL_VALID")
 
 terraform plan \
   -var-file /root/aws.tfvars \

build/images/ingress-controller/main.tf

@@ -165,8 +165,8 @@ resource "aws_spot_instance_request" "build_worker" {
   }
 
   provisioner "file" {
-    source      = "build-ingress-controller.sh"
-    destination = "/tmp/build-ingress-controller.sh"
+    source      = "build.sh"
+    destination = "/tmp/build.sh"
   }
 
   provisioner "file" {
@@ -177,8 +177,8 @@ resource "aws_spot_instance_request" "build_worker" {
   provisioner "remote-exec" {
     inline = [
       "echo Building ingress controller images...",
-      "chmod +x /tmp/build-ingress-controller.sh",
-      "sudo /tmp/build-ingress-controller.sh",
+      "chmod +x /tmp/build.sh",
+      "sudo /tmp/build.sh",
     ]
   }
 }

build/images/ingress-controller/variables.tf

@@ -44,7 +44,7 @@ variable "ssh_public_key_path" {
 
 variable "instance_type" {
   description = "EC2 instance"
-  default     = "c5.18xlarge"
+  default     = "c5.xlarge"
 }
 
 variable "project_tag" {

build/images/nginx/.dockerignore

@@ -1 +1,8 @@
 *.tfvars
+.terraform*
+terraform*
+*.tfstate
+*.tfstate.backup
+id_rsa*
+aws.tfvars
+env.tfvars

build/images/nginx/Dockerfile

@@ -1,6 +1,6 @@
 FROM us.gcr.io/k8s-artifacts-prod/build-image/debian-base-amd64:v2.1.0
 
-ENV TERRAFORM_VERSION 0.12.19
+ENV TERRAFORM_VERSION 0.12.26
 
 RUN clean-install \
     bash \
@@ -8,6 +8,7 @@ RUN clean-install \
     ca-certificates \
     unzip \
     git \
+    python3 \
     openssh-client
 
 RUN curl -sSL -o /terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \

build/images/nginx/build.sh

@@ -35,16 +35,11 @@ source_tfvars /tmp/env
 export DEBIAN_FRONTEND=noninteractive
 export AR_FLAGS=cr
 
-apt -q=3 update
+apt update
+apt dist-upgrade --yes
+apt update
 
-apt -q=3 dist-upgrade --yes
-
-add-apt-repository universe   --yes
-add-apt-repository multiverse --yes
-
-apt -q=3 update
-
-apt -q=3 install \
+apt install \
   apt-transport-https \
   ca-certificates \
   curl \
@@ -59,21 +54,15 @@ add-apt-repository \
   $(lsb_release -cs) \
   stable" --yes
 
-apt -q=3 update
+apt update
 
-apt -q=3 install docker-ce --yes
+apt install docker-ce --yes
 
 export DOCKER_CLI_EXPERIMENTAL=enabled
 
 echo ${docker_password} | docker login -u ${docker_username} --password-stdin quay.io
 
-curl -sL -o /usr/local/bin/gimme https://raw.githubusercontent.com/travis-ci/gimme/master/gimme
-chmod +x /usr/local/bin/gimme
-
-eval "$(gimme 1.14.3)"
-
 git clone https://github.com/kubernetes/ingress-nginx
-
 cd ingress-nginx/images/nginx
 
 export TAG=$(git rev-parse HEAD)
@@ -82,4 +71,4 @@ make init-docker-buildx
 docker buildx use ingress-nginx --default --global
 
 echo "Building NGINX images..."
-make release
+make container

build/images/nginx/entrypoint.sh

@@ -35,8 +35,14 @@ trap 'catch $? $LINENO' ERR
 
 terraform init
 
+GET_UNTIL_VALID="
+from datetime import datetime, timedelta
+two_hours_from_now = datetime.utcnow() + timedelta(hours=2)
+print(two_hours_from_now.strftime('%Y-%m-%dT%H:%M:%SZ'))
+"
+
 # destroy spot instance after two hours
-EC2_VALID_UNTIL=$(date -d "+2 hours" +%Y-%m-%dT%H:%M:%SZ)
+EC2_VALID_UNTIL=$(python3 -c "$GET_UNTIL_VALID")
 
 terraform plan \
   -var-file /root/aws.tfvars \

build/images/nginx/main.tf

@@ -165,8 +165,8 @@ resource "aws_spot_instance_request" "build_worker" {
   }
 
   provisioner "file" {
-    source      = "build-nginx.sh"
-    destination = "/tmp/build-nginx.sh"
+    source      = "build.sh"
+    destination = "/tmp/build.sh"
   }
 
   provisioner "file" {
@@ -177,8 +177,8 @@ resource "aws_spot_instance_request" "build_worker" {
   provisioner "remote-exec" {
     inline = [
       "echo Building nginx images...",
-      "chmod +x /tmp/build-nginx.sh",
-      "sudo /tmp/build-nginx.sh",
+      "chmod +x /tmp/build.sh",
+      "sudo /tmp/build.sh",
     ]
   }
 }

build/images/nginx/variables.tf

@@ -44,7 +44,7 @@ variable "ssh_public_key_path" {
 
 variable "instance_type" {
   description = "EC2 instance"
-  default     = "c5.18xlarge"
+  default     = "c5.24xlarge"
 }
 
 variable "project_tag" {