diff --git a/build/build-nginx-image.sh b/build/build-nginx-image.sh index 5de66beff..a519d0199 100755 --- a/build/build-nginx-image.sh +++ b/build/build-nginx-image.sh @@ -41,7 +41,6 @@ fi export DOCKER_CLI_EXPERIMENTAL=enabled docker buildx build \ --load \ - --no-cache \ --platform linux/amd64 \ --tag build-nginx-terraform $DIR/images/nginx diff --git a/build/images/ingress-controller/.dockerignore b/build/images/ingress-controller/.dockerignore index c45cf4169..226021878 100644 --- a/build/images/ingress-controller/.dockerignore +++ b/build/images/ingress-controller/.dockerignore @@ -1 +1,9 @@ *.tfvars +*.tfvars +.terraform* +terraform* +*.tfstate +*.tfstate.backup +id_rsa* +aws.tfvars +env.tfvars diff --git a/build/images/ingress-controller/Dockerfile b/build/images/ingress-controller/Dockerfile index 3fb765744..abc053668 100644 --- a/build/images/ingress-controller/Dockerfile +++ b/build/images/ingress-controller/Dockerfile @@ -1,6 +1,6 @@ FROM us.gcr.io/k8s-artifacts-prod/build-image/debian-base-amd64:v2.1.0 -ENV TERRAFORM_VERSION 0.12.19 +ENV TERRAFORM_VERSION 0.12.26 RUN clean-install \ bash \ @@ -8,6 +8,7 @@ RUN clean-install \ ca-certificates \ unzip \ git \ + python3 \ openssh-client RUN curl -sSL -o /terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \ diff --git a/build/images/ingress-controller/build-ingress-controller.sh b/build/images/ingress-controller/build.sh similarity index 91% rename from build/images/ingress-controller/build-ingress-controller.sh rename to build/images/ingress-controller/build.sh index 530e64671..0006d58ae 100644 --- a/build/images/ingress-controller/build-ingress-controller.sh +++ b/build/images/ingress-controller/build.sh @@ -34,16 +34,10 @@ source_tfvars /tmp/env export DEBIAN_FRONTEND=noninteractive -apt -q=3 update +apt update +apt dist-upgrade --yes -apt -q=3 dist-upgrade --yes - -add-apt-repository universe --yes -add-apt-repository multiverse --yes - -apt -q=3 update - -apt -q=3 install \ +apt install \ apt-transport-https \ ca-certificates \ curl \ @@ -58,9 +52,8 @@ add-apt-repository \ $(lsb_release -cs) \ stable" --yes -apt -q=3 update - -apt -q=3 install docker-ce --yes +apt update +apt install docker-ce --yes echo ${docker_password} | docker login -u ${docker_username} --password-stdin quay.io diff --git a/build/images/ingress-controller/entrypoint.sh b/build/images/ingress-controller/entrypoint.sh index 9170134d0..7aa5b13fa 100755 --- a/build/images/ingress-controller/entrypoint.sh +++ b/build/images/ingress-controller/entrypoint.sh @@ -35,8 +35,14 @@ trap 'catch $? $LINENO' ERR terraform init +GET_UNTIL_VALID=" +from datetime import datetime, timedelta +two_hours_from_now = datetime.utcnow() + timedelta(hours=2) +print(two_hours_from_now.strftime('%Y-%m-%dT%H:%M:%SZ')) +" + # destroy spot instance after two hours -EC2_VALID_UNTIL=$(date -d "+2 hours" +%Y-%m-%dT%H:%M:%SZ) +EC2_VALID_UNTIL=$(python3 -c "$GET_UNTIL_VALID") terraform plan \ -var-file /root/aws.tfvars \ diff --git a/build/images/ingress-controller/main.tf b/build/images/ingress-controller/main.tf index ab585f844..1a26c6878 100644 --- a/build/images/ingress-controller/main.tf +++ b/build/images/ingress-controller/main.tf @@ -165,8 +165,8 @@ resource "aws_spot_instance_request" "build_worker" { } provisioner "file" { - source = "build-ingress-controller.sh" - destination = "/tmp/build-ingress-controller.sh" + source = "build.sh" + destination = "/tmp/build.sh" } provisioner "file" { @@ -177,8 +177,8 @@ resource "aws_spot_instance_request" "build_worker" { provisioner "remote-exec" { inline = [ "echo Building ingress controller images...", - "chmod +x /tmp/build-ingress-controller.sh", - "sudo /tmp/build-ingress-controller.sh", + "chmod +x /tmp/build.sh", + "sudo /tmp/build.sh", ] } } diff --git a/build/images/ingress-controller/variables.tf b/build/images/ingress-controller/variables.tf index 48b0935d0..e1cbcb7af 100644 --- a/build/images/ingress-controller/variables.tf +++ b/build/images/ingress-controller/variables.tf @@ -44,7 +44,7 @@ variable "ssh_public_key_path" { variable "instance_type" { description = "EC2 instance" - default = "c5.18xlarge" + default = "c5.xlarge" } variable "project_tag" { diff --git a/build/images/nginx/.dockerignore b/build/images/nginx/.dockerignore index c45cf4169..8496cc2be 100644 --- a/build/images/nginx/.dockerignore +++ b/build/images/nginx/.dockerignore @@ -1 +1,8 @@ *.tfvars +.terraform* +terraform* +*.tfstate +*.tfstate.backup +id_rsa* +aws.tfvars +env.tfvars diff --git a/build/images/nginx/Dockerfile b/build/images/nginx/Dockerfile index 3fb765744..abc053668 100644 --- a/build/images/nginx/Dockerfile +++ b/build/images/nginx/Dockerfile @@ -1,6 +1,6 @@ FROM us.gcr.io/k8s-artifacts-prod/build-image/debian-base-amd64:v2.1.0 -ENV TERRAFORM_VERSION 0.12.19 +ENV TERRAFORM_VERSION 0.12.26 RUN clean-install \ bash \ @@ -8,6 +8,7 @@ RUN clean-install \ ca-certificates \ unzip \ git \ + python3 \ openssh-client RUN curl -sSL -o /terraform.zip "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" \ diff --git a/build/images/nginx/build-nginx.sh b/build/images/nginx/build.sh similarity index 81% rename from build/images/nginx/build-nginx.sh rename to build/images/nginx/build.sh index ca438ba47..19abee8d4 100644 --- a/build/images/nginx/build-nginx.sh +++ b/build/images/nginx/build.sh @@ -35,16 +35,11 @@ source_tfvars /tmp/env export DEBIAN_FRONTEND=noninteractive export AR_FLAGS=cr -apt -q=3 update +apt update +apt dist-upgrade --yes +apt update -apt -q=3 dist-upgrade --yes - -add-apt-repository universe --yes -add-apt-repository multiverse --yes - -apt -q=3 update - -apt -q=3 install \ +apt install \ apt-transport-https \ ca-certificates \ curl \ @@ -59,21 +54,15 @@ add-apt-repository \ $(lsb_release -cs) \ stable" --yes -apt -q=3 update +apt update -apt -q=3 install docker-ce --yes +apt install docker-ce --yes export DOCKER_CLI_EXPERIMENTAL=enabled echo ${docker_password} | docker login -u ${docker_username} --password-stdin quay.io -curl -sL -o /usr/local/bin/gimme https://raw.githubusercontent.com/travis-ci/gimme/master/gimme -chmod +x /usr/local/bin/gimme - -eval "$(gimme 1.14.3)" - git clone https://github.com/kubernetes/ingress-nginx - cd ingress-nginx/images/nginx export TAG=$(git rev-parse HEAD) @@ -82,4 +71,4 @@ make init-docker-buildx docker buildx use ingress-nginx --default --global echo "Building NGINX images..." -make release +make container diff --git a/build/images/nginx/entrypoint.sh b/build/images/nginx/entrypoint.sh index 9170134d0..7aa5b13fa 100755 --- a/build/images/nginx/entrypoint.sh +++ b/build/images/nginx/entrypoint.sh @@ -35,8 +35,14 @@ trap 'catch $? $LINENO' ERR terraform init +GET_UNTIL_VALID=" +from datetime import datetime, timedelta +two_hours_from_now = datetime.utcnow() + timedelta(hours=2) +print(two_hours_from_now.strftime('%Y-%m-%dT%H:%M:%SZ')) +" + # destroy spot instance after two hours -EC2_VALID_UNTIL=$(date -d "+2 hours" +%Y-%m-%dT%H:%M:%SZ) +EC2_VALID_UNTIL=$(python3 -c "$GET_UNTIL_VALID") terraform plan \ -var-file /root/aws.tfvars \ diff --git a/build/images/nginx/main.tf b/build/images/nginx/main.tf index e991c815f..bd7e871bc 100644 --- a/build/images/nginx/main.tf +++ b/build/images/nginx/main.tf @@ -165,8 +165,8 @@ resource "aws_spot_instance_request" "build_worker" { } provisioner "file" { - source = "build-nginx.sh" - destination = "/tmp/build-nginx.sh" + source = "build.sh" + destination = "/tmp/build.sh" } provisioner "file" { @@ -177,8 +177,8 @@ resource "aws_spot_instance_request" "build_worker" { provisioner "remote-exec" { inline = [ "echo Building nginx images...", - "chmod +x /tmp/build-nginx.sh", - "sudo /tmp/build-nginx.sh", + "chmod +x /tmp/build.sh", + "sudo /tmp/build.sh", ] } } diff --git a/build/images/nginx/variables.tf b/build/images/nginx/variables.tf index 48b0935d0..7471f09e1 100644 --- a/build/images/nginx/variables.tf +++ b/build/images/nginx/variables.tf @@ -44,7 +44,7 @@ variable "ssh_public_key_path" { variable "instance_type" { description = "EC2 instance" - default = "c5.18xlarge" + default = "c5.24xlarge" } variable "project_tag" {