From d8eac038c4f4940f16ea4f62a7dfa84eb022b833 Mon Sep 17 00:00:00 2001 From: Reed Loden Date: Fri, 29 Dec 2023 18:17:23 -0800 Subject: [PATCH] dronegen: Add `-amd64` suffix to image tag to match what ghcr.io uses (#36111) Add an architecture-specific suffix to the image tag used by ghcr.io. This will fix: https://drone.platform.teleport.sh/gravitational/teleport/32161/9/8 --- .drone.yml | 12 +++++++----- dronegen/buildbox.go | 9 +++++++-- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.drone.yml b/.drone.yml index a41968ee186b9..53d0dd1a59d8c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1904,12 +1904,14 @@ steps: - aws ecr get-login-password --profile staging --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - make -C build.assets buildbox-centos7 - - docker tag ghcr.io/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA + - docker tag ghcr.io/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-amd64 + 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA - docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - aws ecr-public get-login-password --profile production --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - - docker tag ghcr.io/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION + - docker tag ghcr.io/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-amd64 + public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION volumes: - name: awsconfig @@ -1927,13 +1929,13 @@ steps: - aws ecr get-login-password --profile staging --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - make -C build.assets buildbox-centos7-fips - - docker tag ghcr.io/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION + - docker tag ghcr.io/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-amd64 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA - docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - aws ecr-public get-login-password --profile production --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - - docker tag ghcr.io/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION + - docker tag ghcr.io/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-amd64 public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION volumes: @@ -12044,6 +12046,6 @@ image_pull_secrets: - DOCKERHUB_CREDENTIALS --- kind: signature -hmac: 362bdca89f7ae5fe897f6984533ff4d26993da5ed8084bbd64f3cf4991d2189b +hmac: 4ebdea923dc76d4f2565d5462d5ee04db6dd9e9e273620fac44fcc34d3259808 ... diff --git a/dronegen/buildbox.go b/dronegen/buildbox.go index f518161f8064f..0862dc1350032 100644 --- a/dronegen/buildbox.go +++ b/dronegen/buildbox.go @@ -67,6 +67,11 @@ func buildboxPipelineSteps() []step { } func buildboxPipelineStep(buildboxName string, fips bool) step { + var buildboxTagSuffix string + if buildboxName == "buildbox-centos7" { + // Drone-managed buildboxes are only amd64 + buildboxTagSuffix = "-amd64" + } if fips { buildboxName += "-fips" } @@ -83,14 +88,14 @@ func buildboxPipelineStep(buildboxName string, fips bool) step { // Build buildbox image fmt.Sprintf(`make -C build.assets %s`, buildboxName), // Retag for staging registry - fmt.Sprintf(`docker tag %s/gravitational/teleport-%s:$BUILDBOX_VERSION %s/gravitational/teleport-%s:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA`, GitHubRegistry, buildboxName, StagingRegistry, buildboxName), + fmt.Sprintf(`docker tag %s/gravitational/teleport-%s:$BUILDBOX_VERSION%s %s/gravitational/teleport-%s:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA`, GitHubRegistry, buildboxName, buildboxTagSuffix, StagingRegistry, buildboxName), // Push to staging registry fmt.Sprintf(`docker push %s/gravitational/teleport-%s:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA`, StagingRegistry, buildboxName), // Authenticate to production registry `docker logout ` + StagingRegistry, `aws ecr-public get-login-password --profile production --region=us-east-1 | docker login -u="AWS" --password-stdin ` + ProductionRegistry, // Retag for production registry - fmt.Sprintf(`docker tag %s/gravitational/teleport-%s:$BUILDBOX_VERSION %s/gravitational/teleport-%s:$BUILDBOX_VERSION`, GitHubRegistry, buildboxName, ProductionRegistry, buildboxName), + fmt.Sprintf(`docker tag %s/gravitational/teleport-%s:$BUILDBOX_VERSION%s %s/gravitational/teleport-%s:$BUILDBOX_VERSION`, GitHubRegistry, buildboxName, buildboxTagSuffix, ProductionRegistry, buildboxName), // Push to production registry fmt.Sprintf(`docker push %s/gravitational/teleport-%s:$BUILDBOX_VERSION`, ProductionRegistry, buildboxName), },