Add Buildah support

Buildag is a tool that facilitates building OCI container images.
This patch adds support to modify and update containers built by
Buildah.
It's just making sure we can run the build command with their CLI and
also get the user from the container config.
The default remains 'docker' for backward compatibility.

Note: it push the new images with sudo to avoid permissions errors.

Change-Id: I3db1934ad826ec6433bd6aec067112e91d82e355
This commit is contained in:
Emilien Macchi 2018-08-02 16:47:51 -04:00
parent 3b4e2e64e4
commit a2229e738a
10 changed files with 41 additions and 17 deletions

View File

@ -12,6 +12,7 @@ A role to allow modification to container images built for the TripleO project.
| `modify_dir_path` | `[undefined]` | Mandatory path to the directory containing the Dockerfile to modify the image |
| `modified_append_tag` | `date +-modified-%Y%m%d%H%M%S` | String to be appended after the tag to indicate this is a modified version of the source image. |
| `target_image` | `[undefined]` | If set, the modified image will be tagged with `target_image + modified_append_tag`. If `target_image` is not set, the modified image will be tagged with `source_image + modified_append_tag`. If the purpose of the image is not changing, it may be enough to rely on the `source_image + modified_append_tag` tag to identify that this is a modified version of the source image. |
| `container_build_tool` | `docker` | Tool used to build containers, can be 'docker' or 'buildah' |
**Variables used for yum update**
@ -24,6 +25,7 @@ A role to allow modification to container images built for the TripleO project.
| `update_repo` | `''` | If set, packages from this repo will be updated. Other repos will only be used for dependencies of these updates.|
| `yum_repos_dir_path` | `None` | Optional path of directory to be used as `/etc/yum.repos.d` during the update |
| `compare_host_packages` | `False` | If `True`, skip yum update when package versions match host package versions |
| `container_build_tool` | `docker` | See modify image variables |
## Requirements ##
@ -53,6 +55,7 @@ The following playbook will produce a modified image with the tag
vars:
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
modify_dir_path: /path/to/example_modify_dir
container_build_tool: docker # or buildah
The directory `example_modify_dir` contains the `Dockerfile` which will perform
the modification, for example:
@ -89,6 +92,7 @@ of an `import_role` parameter.
compare_host_packages: true
yum_repos_dir_path: /etc/yum.repos.d
modified_append_tag: updated
container_build_tool: docker # or buildah
### RPM install ###

View File

@ -1,2 +1,3 @@
compare_host_packages: false
update_repo: ''
container_build_tool: 'docker'

View File

@ -12,6 +12,7 @@ galaxy_info:
galaxy_tags:
- docker
- buildah
- container
- openstack
- tripleo

View File

@ -25,6 +25,7 @@ data_files =
share/ansible/roles/tripleo-modify-image/tasks = tasks/*
share/ansible/roles/tripleo-modify-image/templates = templates/*
share/ansible/roles/tripleo-modify-image/files = files/*
share/ansible/roles/tripleo-modify-image/vars = vars/*
[wheel]
universal = 1

View File

@ -0,0 +1,23 @@
- when: container_build_tool == 'docker'
block:
- name: Inspect image with Docker
docker_image_facts:
name: "{{ source_image }}"
register: source_image_facts
- name: Set original_user with Docker
set_fact:
original_user: "{{ source_image_facts.images[0].Config.User }}"
- when: container_build_tool == 'buildah'
block:
- name: Inspect image with Buildah
command: buildah inspect {{ source_image }}
register: source_image_facts
become: true
- name: Set config with Buildah
set_fact:
buildah_config: "{{ source_image_facts.stdout_lines | join('') | from_json }}"
- name: Set original_user with Buildah
set_fact:
original_user: "{{ buildah_config['Docker']['config']['User'] }}"

View File

@ -31,6 +31,7 @@
line: "LABEL modified_append_tag={{ modified_append_tag }}"
- name: Modify image
command: docker build --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file Dockerfile.modified --network host ./
command: "{{ build_commands[container_build_tool] }} --tag {{ target_image | default(source_image) }}{{ modified_append_tag }} --file Dockerfile.modified --network host ./"
become: true
args:
chdir: "{{ modify_dir_path }}"

View File

@ -4,3 +4,6 @@
- source_image is defined
- source_image | length > 0
- name: Ensure that container_build_tool is correctly set
fail: msg="{{ container_build_tool }} is not a valid value for container_build_tool. Pick docker or buildah."
when: container_build_tool not in ['docker', 'buildah']

View File

@ -2,14 +2,7 @@
tags:
- always
- name: Inspect image
docker_image_facts:
name: "{{ source_image }}"
register: source_image_facts
- name: Set original_user
set_fact:
original_user: "{{ source_image_facts.images[0].Config.User }}"
- import_tasks: get_original_user.yml
- name: Create image build context directory
tempfile:

View File

@ -2,14 +2,7 @@
tags:
- always
- name: Inspect image
docker_image_facts:
name: "{{ source_image }}"
register: source_image_facts
- name: Set original_user
set_fact:
original_user: "{{ source_image_facts.images[0].Config.User }}"
- import_tasks: get_original_user.yml
- name: Create image build context directory
tempfile:

4
vars/main.yml Normal file
View File

@ -0,0 +1,4 @@
# we support 'docker' or 'buildah'
build_commands:
docker: docker build
buildah: buildah bud