From ea8e711d2c5c6999ad7c1d63b3155f1c649b46aa Mon Sep 17 00:00:00 2001 From: Manuel Alejandro de Brito Fontes Date: Mon, 1 Jun 2020 21:22:32 -0400 Subject: [PATCH] Refactor build of docker images --- Makefile | 90 +++++++++---------------- build/build-ingress-controller.sh | 5 +- build/build-nginx-image.sh | 7 +- build/build.sh | 4 -- build/run-in-docker.sh | 2 +- cloudbuild.yaml | 4 +- images/cfssl/Makefile | 17 +---- images/e2e-prow/Makefile | 23 +++++-- images/e2e-prow/{ => rootfs}/Dockerfile | 10 +-- images/e2e/Makefile | 19 ++---- images/e2e/{ => rootfs}/Dockerfile | 16 ++--- images/echo/Makefile | 19 +----- images/echo/{ => rootfs}/Dockerfile | 0 images/echo/{ => rootfs}/nginx.conf | 0 images/fastcgi-helloserver/Makefile | 5 +- images/httpbin/Makefile | 17 +---- rootfs/.dockerignore | 2 + rootfs/.gitignore | 2 + rootfs/Dockerfile | 22 +++--- test/e2e-image/Makefile | 4 +- test/e2e/run.sh | 4 +- 21 files changed, 89 insertions(+), 183 deletions(-) rename images/e2e-prow/{ => rootfs}/Dockerfile (84%) rename images/e2e/{ => rootfs}/Dockerfile (88%) rename images/echo/{ => rootfs}/Dockerfile (100%) rename images/echo/{ => rootfs}/nginx.conf (100%) create mode 100644 rootfs/.dockerignore create mode 100644 rootfs/.gitignore diff --git a/Makefile b/Makefile index 314cb3006..9fcee27ec 100644 --- a/Makefile +++ b/Makefile @@ -42,7 +42,7 @@ endif # Allow limiting the scope of the e2e tests. By default run everything FOCUS ?= .* # number of parallel test -E2E_NODES ?= 14 +E2E_NODES ?= 15 # slow test only if takes > 50s SLOW_E2E_THRESHOLD ?= 50 # run e2e test suite with tests that check for memory leaks? (default is false) @@ -61,75 +61,31 @@ endif REGISTRY ?= quay.io/kubernetes-ingress-controller -BASE_IMAGE ?= quay.io/kubernetes-ingress-controller/nginx:e3c49c52f4b74fe47ad65d6f3266a02e8b6b622f +BASE_IMAGE ?= $(REGISTRY)/nginx:e3c49c52f4b74fe47ad65d6f3266a02e8b6b622f GOARCH=$(ARCH) -GOBUILD_FLAGS := -v # use vendor directory instead of go modules https://github.com/golang/go/wiki/Modules GO111MODULE=off -TEMP_DIR := $(shell mktemp -d) -DOCKERFILE := $(TEMP_DIR)/rootfs/Dockerfile - help: ## Display this help @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) -# internal task -.PHONY: sub-image-% -sub-image-%: - $(MAKE) ARCH=$* build image - -# internal task -.PHONY: sub-push-% -sub-push-%: ## Publish image for a particular arch. - $(MAKE) ARCH=$* push - .PHONY: image -image: clean-image .image-$(ARCH) ## Build image for a particular arch. - -# internal task to build image for a particular arch. -.PHONY: .image-$(ARCH) -.image-$(ARCH): init-docker-buildx - mkdir -p $(TEMP_DIR)/rootfs - cp bin/$(ARCH)/nginx-ingress-controller $(TEMP_DIR)/rootfs/nginx-ingress-controller - cp bin/$(ARCH)/dbg $(TEMP_DIR)/rootfs/dbg - cp bin/$(ARCH)/wait-shutdown $(TEMP_DIR)/rootfs/wait-shutdown - - cp -RP rootfs/* $(TEMP_DIR)/rootfs - +image: clean-image ## Build image for a particular arch. echo "Building docker image ($(ARCH))..." - # buildx assumes images are multi-arch - docker buildx build \ - --pull \ - --load \ + @cp -R bin/ rootfs/ + @docker build \ --no-cache \ - --progress plain \ - --platform linux/$(ARCH) \ --build-arg BASE_IMAGE="$(BASE_IMAGE)" \ --build-arg VERSION="$(TAG)" \ - -t $(REGISTRY)/nginx-ingress-controller-${ARCH}:$(TAG) $(TEMP_DIR)/rootfs + --build-arg TARGETARCH="$(ARCH)" \ + -t $(REGISTRY)/nginx-ingress-controller:$(TAG) rootfs .PHONY: clean-image clean-image: ## Removes local image - echo "removing old image $(BASE_IMAGE)-$(ARCH):$(TAG)" - @docker rmi -f $(BASE_IMAGE)-$(ARCH):$(TAG) || true - -.PHONY: push -push: .push-$(ARCH) ## Publish image for a particular arch. - -# internal task -.PHONY: .push-$(ARCH) -.push-$(ARCH): - docker push $(REGISTRY)/nginx-ingress-controller-${ARCH}:$(TAG) - -.PHONY: push-manifest -push-manifest: - docker manifest create $(REGISTRY)/nginx-ingress-controller:$(TAG) \ - $(REGISTRY)/nginx-ingress-controller-amd64:$(TAG) \ - $(REGISTRY)/nginx-ingress-controller-arm:$(TAG) \ - $(REGISTRY)/nginx-ingress-controller-arm64:$(TAG) - docker manifest push --purge $(REGISTRY)/nginx-ingress-controller:$(TAG) + echo "removing old image $(BASE_IMAGE):$(TAG)" + @docker rmi -f $(BASE_IMAGE):$(TAG) || true .PHONY: build build: check-go-version ## Build ingress controller, debug tool and pre-stop hook. @@ -300,9 +256,25 @@ endif show-version: echo -n $(TAG) -.PHONY: staging-gcr -staging-gcr: - echo "Building NGINX image..." - ARCH=amd64 make build image push - ARCH=arm make build image push - ARCH=arm64 make build image push +PLATFORMS ?= amd64 arm arm64 s390x + +EMPTY := +SPACE := $(EMPTY) $(EMPTY) +COMMA := , + +.PHONY: release # Build a multi-arch docker image +release: init-docker-buildx clean + echo "Building binaries..." + $(foreach PLATFORM,$(PLATFORMS), ARCH=$(PLATFORM) make build;) + + @cp -R bin/ rootfs/ + + echo "Building and pushing ingress-nginx image..." + @docker buildx build \ + --no-cache \ + --push \ + --progress plain \ + --platform $(subst $(SPACE),$(COMMA),$(PLATFORMS)) \ + --build-arg BASE_IMAGE="$(BASE_IMAGE)" \ + --build-arg VERSION="$(TAG)" \ + -t $(REGISTRY)/nginx-ingress-controller:$(TAG) rootfs diff --git a/build/build-ingress-controller.sh b/build/build-ingress-controller.sh index 3349aa722..033c66b26 100755 --- a/build/build-ingress-controller.sh +++ b/build/build-ingress-controller.sh @@ -38,10 +38,7 @@ if [ ! -f "${ENV_FILE}" ]; then fi # build local terraform image to build nginx -docker buildx build \ - --load \ - --progress plain \ - --platform linux/amd64 \ +docker build \ --tag build-ingress-controller-terraform $DIR/images/ingress-controller # build nginx and publish docker images to quay.io. diff --git a/build/build-nginx-image.sh b/build/build-nginx-image.sh index a54472ed6..7f3a767b9 100755 --- a/build/build-nginx-image.sh +++ b/build/build-nginx-image.sh @@ -37,12 +37,7 @@ if [ ! -f "${ENV_FILE}" ]; then exit 1 fi -# build local terraform image to build nginx -export DOCKER_CLI_EXPERIMENTAL=enabled -docker buildx build \ - --load \ - --progress plain \ - --platform linux/amd64 \ +docker build \ --tag build-nginx-terraform $DIR/images/nginx # build nginx and publish docker images to quay.io. diff --git a/build/build.sh b/build/build.sh index e8138c6a6..0e956faaf 100755 --- a/build/build.sh +++ b/build/build.sh @@ -47,7 +47,6 @@ export CGO_ENABLED=0 export GOARCH=${ARCH} go build \ - "${GOBUILD_FLAGS}" \ -ldflags "-s -w \ -X ${PKG}/version.RELEASE=${TAG} \ -X ${PKG}/version.COMMIT=${GIT_COMMIT} \ @@ -55,16 +54,13 @@ go build \ -o "bin/${ARCH}/nginx-ingress-controller" "${PKG}/cmd/nginx" go build \ - "${GOBUILD_FLAGS}" \ -ldflags "-s -w \ -X ${PKG}/version.RELEASE=${TAG} \ -X ${PKG}/version.COMMIT=${GIT_COMMIT} \ -X ${PKG}/version.REPO=${REPO_INFO}" \ -o "bin/${ARCH}/dbg" "${PKG}/cmd/dbg" - go build \ - "${GOBUILD_FLAGS}" \ -ldflags "-s -w \ -X ${PKG}/version.RELEASE=${TAG} \ -X ${PKG}/version.COMMIT=${GIT_COMMIT} \ diff --git a/build/run-in-docker.sh b/build/run-in-docker.sh index ceecb02a3..76e930f8c 100755 --- a/build/run-in-docker.sh +++ b/build/run-in-docker.sh @@ -34,7 +34,7 @@ function cleanup { } trap cleanup EXIT -E2E_IMAGE=quay.io/kubernetes-ingress-controller/e2e:v05312020-d250b97b4 +E2E_IMAGE=${E2E_IMAGE:-quay.io/kubernetes-ingress-controller/e2e:v05312020-d250b97b4} DOCKER_OPTS=${DOCKER_OPTS:-} diff --git a/cloudbuild.yaml b/cloudbuild.yaml index 17afc872d..3d964862a 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -12,10 +12,8 @@ steps: - TAG=$_GIT_TAG - BASE_REF=$_PULL_BASE_REF - REGISTRY=gcr.io/k8s-staging-ingress-nginx - - DIND_TASKS=0 args: - - staging-gcr - - push-manifest + - release substitutions: # _GIT_TAG will be filled with a git-based tag for the image, of the form vYYYYMMDD-hash, and diff --git a/images/cfssl/Makefile b/images/cfssl/Makefile index 50f0a9713..bbc8259ab 100644 --- a/images/cfssl/Makefile +++ b/images/cfssl/Makefile @@ -17,27 +17,12 @@ # Use the 0.0 tag for testing, it shouldn't clobber any release builds TAG ?= 0.0 -HOSTARCH := $(shell uname -m | sed -e s/x86_64/amd64/ \ - -e s/s390x/s390x/ \ - -e s/armv7l/arm/ \ - -e s/aarch64.*/arm64/) - -ifndef ARCH -ARCH := $(HOSTARCH) -endif -ifeq ($(ARCH),) - $(error mandatory variable ARCH is empty) -endif - REGISTRY ?= ingress-controller IMAGE = $(REGISTRY)/cfssl image: - docker buildx build \ - --load \ - --progress plain \ - --platform $(ARCH) \ + docker build \ -t $(IMAGE):$(TAG) rootfs clean: diff --git a/images/e2e-prow/Makefile b/images/e2e-prow/Makefile index 3957507cb..d48dea486 100644 --- a/images/e2e-prow/Makefile +++ b/images/e2e-prow/Makefile @@ -1,3 +1,17 @@ +# Copyright 2018 The Kubernetes Authors. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD) REGISTRY ?= quay.io/kubernetes-ingress-controller @@ -5,13 +19,8 @@ IMAGE = $(REGISTRY)/e2e-prow .PHONY: image image: - docker buildx build \ - --pull \ - --push \ - --progress plain \ - --platform amd64 \ + docker build \ --build-arg K8S_RELEASE=v1.17.0 \ - --build-arg ETCD_VERSION=v3.3.18 \ --build-arg KIND_VERSION=v0.8.0 \ --build-arg GO_VERSION=1.14.2 \ - -t $(IMAGE):$(TAG) . + -t $(IMAGE):$(TAG) rootfs diff --git a/images/e2e-prow/Dockerfile b/images/e2e-prow/rootfs/Dockerfile similarity index 84% rename from images/e2e-prow/Dockerfile rename to images/e2e-prow/rootfs/Dockerfile index ae05fc7a4..bc3457511 100644 --- a/images/e2e-prow/Dockerfile +++ b/images/e2e-prow/rootfs/Dockerfile @@ -16,6 +16,9 @@ # unit and integration tests FROM gcr.io/k8s-testimages/bootstrap +FROM k8s.gcr.io/etcd:3.4.3-0 as etcd + +COPY --from=etcd /usr/local/bin/etcd /usr/local/bin/etcd # hint to kubetest that it is in CI ENV KUBETEST_IN_DOCKER="true" @@ -43,7 +46,6 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* ARG K8S_RELEASE -ARG ETCD_VERSION ARG KIND_VERSION ARG GO_VERSION @@ -53,12 +55,6 @@ RUN curl -sSL https://storage.googleapis.com/kubernetes-release/release/${K8S_RE RUN curl -sSL https://storage.googleapis.com/kubernetes-release/release/${K8S_RELEASE}/bin/linux/amd64/kube-apiserver -o /usr/local/bin/kube-apiserver \ && chmod +x /usr/local/bin/kube-apiserver -RUN curl -sSL https://storage.googleapis.com/etcd/${ETCD_VERSION}/etcd-${ETCD_VERSION}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VERSION}-linux-amd64.tar.gz \ - && mkdir -p /tmp/etcd-download \ - && tar xzvf /tmp/etcd-${ETCD_VERSION}-linux-amd64.tar.gz -C /tmp/etcd-download --strip-components=1 \ - && cp /tmp/etcd-download/etcd /usr/local/bin \ - && rm -rf /tmp/etcd-download - RUN curl -sSL https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-linux-amd64 -o /usr/local/bin/kind \ && chmod +x /usr/local/bin/kind diff --git a/images/e2e/Makefile b/images/e2e/Makefile index ffa89279d..03b87b917 100644 --- a/images/e2e/Makefile +++ b/images/e2e/Makefile @@ -17,25 +17,18 @@ REGISTRY ?= quay.io/kubernetes-ingress-controller IMAGE = $(REGISTRY)/e2e -PLATFORM ?= amd64 - .PHONY: image image: - docker buildx build \ - --pull \ - --push \ - --progress plain \ - --platform $(PLATFORM) \ + docker build \ --build-arg K8S_RELEASE=v1.15.7 \ - --build-arg ETCD_VERSION=v3.3.18 \ --build-arg RESTY_CLI_VERSION=0.25rc2 \ --build-arg RESTY_CLI_SHA=a38d850441384fa037a5922ca012dcce8708d0e4abe34ad2fe4164a01b28bdfb \ --build-arg CHART_TESTING_VERSION=3.0.0-beta.1 \ --build-arg YAML_LINT_VERSION=1.13.0 \ --build-arg YAMALE_VERSION=1.8.0 \ - --build-arg LUA_CHECK_VERSION=0.23.0 \ - --build-arg LUA_CHECK_SHA=b4edf3a7702519502696d4ac7372ed1bd6a82ded63bf81f2b1d7e9b37711be2b \ - --build-arg BUSTED_VERSION=v2.0.rc13-0 \ - --build-arg BUSTED_SHA=74ef88ae04545d78b4922e459c1cd459fb5a0356b73a061549d2e4601b5de254 \ --build-arg HELM_VERSION=v3.2.0 \ - -t $(IMAGE):$(TAG) . + -t $(IMAGE):$(TAG) rootfs + +.PHONY: show-image +show-image: + echo -n $(IMAGE):$(TAG) diff --git a/images/e2e/Dockerfile b/images/e2e/rootfs/Dockerfile similarity index 88% rename from images/e2e/Dockerfile rename to images/e2e/rootfs/Dockerfile index 03067ec25..aa48b802e 100644 --- a/images/e2e/Dockerfile +++ b/images/e2e/rootfs/Dockerfile @@ -13,6 +13,7 @@ # limitations under the License. FROM golang:1.14.3-alpine3.11 as GO +FROM k8s.gcr.io/etcd:3.4.3-0 as etcd FROM quay.io/kubernetes-ingress-controller/nginx:e3c49c52f4b74fe47ad65d6f3266a02e8b6b622f @@ -25,7 +26,8 @@ ARG CHART_TESTING_VERSION RUN [ ! -e /etc/nsswitch.conf ] && echo 'hosts: files dns' > /etc/nsswitch.conf -COPY --from=GO /usr/local/go /usr/local/go +COPY --from=GO /usr/local/go /usr/local/go +COPY --from=etcd /usr/local/bin/etcd /usr/local/bin/etcd RUN apk add --no-cache \ bash \ @@ -56,16 +58,13 @@ RUN wget -O /tmp/resty_cli.tgz https://github.com/openresty/resty-cli/archive/v$ && resty -V \ && rm -rf /tmp/* -ARG LUA_CHECK_VERSION -ARG LUA_CHECK_SHA - RUN wget -O /tmp/luarocks.tgz https://github.com/luarocks/luarocks/archive/v3.3.1.tar.gz \ && tar -C /tmp -xzf /tmp/luarocks.tgz \ && cd /tmp/luarocks* \ && ./configure \ && make install -RUN luarocks install busted \ +RUN luarocks install busted \ && luarocks install luacheck ARG BUSTED_VERSION @@ -81,13 +80,6 @@ RUN wget -O /usr/local/bin/kube-apiserver \ https://storage.googleapis.com/kubernetes-release/release/${K8S_RELEASE}/bin/linux/${TARGETARCH}/kube-apiserver \ && chmod +x /usr/local/bin/kube-apiserver -RUN wget -O /tmp/etcd-${ETCD_VERSION}-linux-${TARGETARCH}.tar.gz \ - https://storage.googleapis.com/etcd/${ETCD_VERSION}/etcd-${ETCD_VERSION}-linux-${TARGETARCH}.tar.gz \ - && mkdir -p /tmp/etcd-download \ - && tar xzvf /tmp/etcd-${ETCD_VERSION}-linux-${TARGETARCH}.tar.gz -C /tmp/etcd-download --strip-components=1 \ - && cp /tmp/etcd-download/etcd /usr/local/bin \ - && rm -rf /tmp/* - RUN wget -O /tmp/ct-${CHART_TESTING_VERSION}-linux-amd64.tar.gz \ https://github.com/helm/chart-testing/releases/download/v${CHART_TESTING_VERSION}/chart-testing_${CHART_TESTING_VERSION}_linux_amd64.tar.gz \ && mkdir -p /tmp/ct-download \ diff --git a/images/echo/Makefile b/images/echo/Makefile index 17dd4ec25..23be85f98 100644 --- a/images/echo/Makefile +++ b/images/echo/Makefile @@ -17,28 +17,13 @@ # Use the 0.0 tag for testing, it shouldn't clobber any release builds TAG ?= 0.0 -HOSTARCH := $(shell uname -m | sed -e s/x86_64/amd64/ \ - -e s/s390x/s390x/ \ - -e s/armv7l/arm/ \ - -e s/aarch64.*/arm64/) - -ifndef ARCH -ARCH := $(HOSTARCH) -endif -ifeq ($(ARCH),) - $(error mandatory variable ARCH is empty) -endif - REGISTRY ?= ingress-controller IMAGE = $(REGISTRY)/echo image: - docker buildx build \ - --load \ - --progress plain \ - --platform $(ARCH) \ - -t $(IMAGE):$(TAG) . + docker build \ + -t $(IMAGE):$(TAG) rootfs clean: docker rmi -f $(IMAGE):$(TAG) || true diff --git a/images/echo/Dockerfile b/images/echo/rootfs/Dockerfile similarity index 100% rename from images/echo/Dockerfile rename to images/echo/rootfs/Dockerfile diff --git a/images/echo/nginx.conf b/images/echo/rootfs/nginx.conf similarity index 100% rename from images/echo/nginx.conf rename to images/echo/rootfs/nginx.conf diff --git a/images/fastcgi-helloserver/Makefile b/images/fastcgi-helloserver/Makefile index 6771d3f77..af0eed9fc 100644 --- a/images/fastcgi-helloserver/Makefile +++ b/images/fastcgi-helloserver/Makefile @@ -37,10 +37,7 @@ PKG=k8s.io/ingress-nginx/images/fastcgi-helloserver .PHONY: image image: build - docker buildx build \ - --load \ - --progress plain \ - --platform $(ARCH) \ + docker build \ -t $(IMAGE):$(TAG) rootfs .PHONY: build diff --git a/images/httpbin/Makefile b/images/httpbin/Makefile index 99938f809..6e30e1ada 100644 --- a/images/httpbin/Makefile +++ b/images/httpbin/Makefile @@ -17,26 +17,11 @@ # Use the 0.0 tag for testing, it shouldn't clobber any release builds TAG ?= 0.0 -HOSTARCH := $(shell uname -m | sed -e s/x86_64/amd64/ \ - -e s/s390x/s390x/ \ - -e s/armv7l/arm/ \ - -e s/aarch64.*/arm64/) - -ifndef ARCH -ARCH := $(HOSTARCH) -endif -ifeq ($(ARCH),) - $(error mandatory variable ARCH is empty) -endif - REGISTRY ?= ingress-controller IMAGE = $(REGISTRY)/httpbin .PHONY: image image: - docker buildx build \ - --load \ - --progress plain \ - --platform $(ARCH) \ + docker build \ -t $(IMAGE):$(TAG) rootfs diff --git a/rootfs/.dockerignore b/rootfs/.dockerignore new file mode 100644 index 000000000..4a246ec6c --- /dev/null +++ b/rootfs/.dockerignore @@ -0,0 +1,2 @@ +Dockerfile +.dockerignore diff --git a/rootfs/.gitignore b/rootfs/.gitignore new file mode 100644 index 000000000..582ec459a --- /dev/null +++ b/rootfs/.gitignore @@ -0,0 +1,2 @@ +bin/* + diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile index 5b6116e91..4141ff4e9 100644 --- a/rootfs/Dockerfile +++ b/rootfs/Dockerfile @@ -16,6 +16,7 @@ ARG BASE_IMAGE FROM ${BASE_IMAGE} +ARG TARGETARCH ARG VERSION LABEL org.opencontainers.image.title="NGINX Ingress Controller for Kubernetes" @@ -29,12 +30,16 @@ WORKDIR /etc/nginx RUN apk update \ && apk upgrade \ - && apk add -U --no-cache \ + && apk add --no-cache \ diffutils \ - libcap \ && rm -rf /var/cache/apk/* -COPY --chown=www-data:www-data . / +COPY --chown=www-data:www-data etc /etc +COPY --chown=www-data:www-data ingress-controller /ingress-controller + +COPY --chown=www-data:www-data bin/${TARGETARCH}/dbg / +COPY --chown=www-data:www-data bin/${TARGETARCH}/nginx-ingress-controller / +COPY --chown=www-data:www-data bin/${TARGETARCH}/wait-shutdown / # Fix permission during the build to avoid issues at runtime # with volumes (custom templates) @@ -51,11 +56,12 @@ RUN bash -xeu -c ' \ chown -R www-data.www-data ${dir}; \ done' -RUN setcap cap_net_bind_service=+ep /nginx-ingress-controller \ - && setcap -v cap_net_bind_service=+ep /nginx-ingress-controller - -RUN setcap cap_net_bind_service=+ep /usr/local/nginx/sbin/nginx \ - && setcap -v cap_net_bind_service=+ep /usr/local/nginx/sbin/nginx +RUN apk add --no-cache libcap \ + && setcap cap_net_bind_service=+ep /nginx-ingress-controller \ + && setcap -v cap_net_bind_service=+ep /nginx-ingress-controller \ + && setcap cap_net_bind_service=+ep /usr/local/nginx/sbin/nginx \ + && setcap -v cap_net_bind_service=+ep /usr/local/nginx/sbin/nginx \ + && apk del libcap USER www-data diff --git a/test/e2e-image/Makefile b/test/e2e-image/Makefile index 8f6f600e3..dd96b4303 100644 --- a/test/e2e-image/Makefile +++ b/test/e2e-image/Makefile @@ -27,9 +27,7 @@ endif # TODO: avoid manual copy cp -R $(DIR)/../../test/e2e/settings/ocsp/* . - docker buildx build \ - --load \ - --progress plain \ + docker build \ --tag nginx-ingress-controller:e2e . .PHONY: clean diff --git a/test/e2e/run.sh b/test/e2e/run.sh index a536b5027..77cd1d6d0 100755 --- a/test/e2e/run.sh +++ b/test/e2e/run.sh @@ -96,11 +96,9 @@ then else echo "Image builds were not ok! Log:" cat /tmp/log - exit + exit 1 fi -docker tag ${REGISTRY}/nginx-ingress-controller-${ARCH}:${TAG} ${REGISTRY}/nginx-ingress-controller:${TAG} - # Preload images used in e2e tests docker pull moul/grpcbin docker pull quay.io/kubernetes-ingress-controller/nginx:e3c49c52f4b74fe47ad65d6f3266a02e8b6b622f