|
| 1 | +# Copyright 2025 The Kubernetes Authors. |
| 2 | +# |
| 3 | +# Licensed under the Apache License, Version 2.0 (the 'License'); |
| 4 | +# you may not use this file except in compliance with the License. |
| 5 | +# You may obtain a copy of the License at |
| 6 | +# |
| 7 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | +# |
| 9 | +# Unless required by applicable law or agreed to in writing, software |
| 10 | +# distributed under the License is distributed on an 'AS IS' BASIS, |
| 11 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | +# See the License for the specific language governing permissions and |
| 13 | +# limitations under the License. |
| 14 | + |
| 15 | +set -euo pipefail |
| 16 | + |
| 17 | +BASE_DIR="$(dirname "$(realpath "${BASH_SOURCE[0]}")")" |
| 18 | +BIN="${BASE_DIR}/../../bin" |
| 19 | + |
| 20 | +source "${BASE_DIR}/config.sh" |
| 21 | +source "${BASE_DIR}/util.sh" |
| 22 | + |
| 23 | +export IMAGE="${IMAGE_NAME}" |
| 24 | +export TAG="${IMAGE_TAG}" |
| 25 | +export ALL_OS="linux windows" |
| 26 | +export ALL_OSVERSION_windows="ltsc2019 ltsc2022" |
| 27 | +export ALL_ARCH_linux="amd64 arm64" |
| 28 | +export ALL_ARCH_windows="amd64" |
| 29 | + |
| 30 | +function build_and_push() { |
| 31 | + REGION=${1} |
| 32 | + AWS_ACCOUNT_ID=${2} |
| 33 | + IMAGE_NAME=${3} |
| 34 | + IMAGE_TAG=${4} |
| 35 | + IMAGE_ARCH=${5} |
| 36 | + |
| 37 | + # https://docs.aws.amazon.com/AmazonECR/latest/userguide/service-quotas.html |
| 38 | + MAX_IMAGES=10000 |
| 39 | + IMAGE_COUNT=$(aws ecr list-images --repository-name "${IMAGE_NAME##*/}" --region "${REGION}" --query 'length(imageIds[])') |
| 40 | + |
| 41 | + if [ $IMAGE_COUNT -ge $MAX_IMAGES ]; then |
| 42 | + loudecho "Repository image limit reached. Unable to push new images." |
| 43 | + exit 1 |
| 44 | + fi |
| 45 | + |
| 46 | + loudecho "Building and pushing test driver images to ${IMAGE_NAME}:${IMAGE_TAG}" |
| 47 | + aws ecr get-login-password --region "${REGION}" | docker login --username AWS --password-stdin "${AWS_ACCOUNT_ID}.dkr.ecr.${REGION}.amazonaws.com" |
| 48 | + trap "docker buildx rm ebs-csi-multiarch-builder" EXIT |
| 49 | + docker buildx create --driver-opt=image=moby/buildkit:v0.12.5 --bootstrap --use --name ebs-csi-multiarch-builder |
| 50 | + # Ignore failures: Sometimes, this fails if run in parallel across multiple jobs |
| 51 | + # If it fails "for real" the build later will fail, so it is safe to proceed |
| 52 | + docker run --rm --privileged multiarch/qemu-user-static --reset -p yes || true |
| 53 | + |
| 54 | + make -j $(nproc) all-push |
| 55 | + |
| 56 | + loudecho "Images pushed to ${IMAGE_NAME}:${IMAGE_TAG}" |
| 57 | +} |
| 58 | + |
| 59 | +REPO_CHECK=$(aws ecr describe-repositories --region "${AWS_REGION}") |
| 60 | +if [ $(jq ".repositories | map(.repositoryName) | index(\"${IMAGE_NAME##*/}\")" <<<"${REPO_CHECK}") == "null" ]; then |
| 61 | + aws ecr create-repository --region "${AWS_REGION}" --repository-name aws-ebs-csi-driver >/dev/null |
| 62 | +fi |
| 63 | + |
| 64 | +build_and_push "${AWS_REGION}" \ |
| 65 | + "${AWS_ACCOUNT_ID}" \ |
| 66 | + "${IMAGE_NAME}" \ |
| 67 | + "${IMAGE_TAG}" \ |
| 68 | + "${IMAGE_ARCH}" |
| 69 | + |
| 70 | +imageSuffixes=("a1compat fips-windows-amd64-ltsc2022 fips-windows-amd64-ltsc2019 windows-amd64-ltsc2019 windows-amd64-ltsc2022 fips-linux-amd64-al2023 fips-linux-arm64-al2023 linux-amd64-al2023 linux-arm64-al2023 linux-arm64-al2") |
| 71 | +deleteImages=() |
| 72 | +i=0 |
| 73 | + |
| 74 | +for suffix in ${imageSuffixes[@]}; do |
| 75 | + if [ ! "$(crane digest "${IMAGE}":"${TAG}"-"${suffix}")" ]; then |
| 76 | + loudecho "$suffix image not found" |
| 77 | + exit 1 |
| 78 | + fi |
| 79 | + #Add all images to be deleted with imageTag at the beginning as we need it for the batch-delete-image call |
| 80 | + deleteImages[$i]="imageTag="${TAG}"-"${suffix}" " |
| 81 | + i+=1 |
| 82 | +done |
| 83 | + |
| 84 | +loudecho "Ensuring image indexes have all images" |
| 85 | +if [ ! "$(crane manifest ${IMAGE}:${TAG} | jq ".manifests.[3].platform")" ]; then |
| 86 | + loudecho "Error index image is missing images" |
| 87 | + exit 1 |
| 88 | +fi |
| 89 | +if [ ! "$(crane manifest ${IMAGE}:${TAG}-fips | jq ".manifests.[3].platform")" ]; then |
| 90 | + loudecho "Error fips index image is missing images" |
| 91 | + exit 1 |
| 92 | +fi |
| 93 | + |
| 94 | +loudecho "Deleting image indexes" |
| 95 | +aws ecr batch-delete-image --registry-id "${AWS_ACCOUNT_ID}" --repository-name aws-ebs-csi-driver --image-ids imageTag=${TAG} imageTag=${TAG}-fips |
| 96 | +loudecho "Deleting images" |
| 97 | +aws ecr batch-delete-image --registry-id "${AWS_ACCOUNT_ID}" --repository-name aws-ebs-csi-driver --image-ids ${deleteImages[@]} |
0 commit comments