From 043f06638035ea3b4d63a3a947eb5bd6a9e3c6e2 Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Tue, 22 Apr 2025 12:55:08 -0700 Subject: [PATCH] Use podman to build non docker hub container images We have two sets of image build jobs. The first are targetted specifically at docker and docker hub. The second set use the generic container image roles and jobs from zuul/zuul-jobs. In this second set we have the choice of using either podman or docker. Choose podman because podman plays nicer with mirroring images hosted outside of docker hub. This is important for image builds like Gerrit where we build a base image and a gerrit version specific image and we need to lookup the base image from a mirror of a hosted versions outside of docker hub. The main drawback to keep in mind here is that podman handles multi arch container image builds differently to docker. This means if/when we get to porting the python base image builds that are multiarch to quay and pordman we may need to add additional support for multiarch. Though currently only nodepool-builder relies on this and it is being replaced by zuul-launcher so we may just sidestep the issue entirely. We update the hound Dockerfile to force a rebuild of this image. The reason for that is that image is the only one currently affected by the change to build images with podman. This ensures we don't discover problems with podman building hound images later when we have a different reason to rebuild that image. Finally while we are at it drop container_command from the mirror container images job because that job uses skopeo now and doesn't rely on podman or docker. This should reduce overall confusion when trying to understand the behavior of our jobs. Change-Id: Ie7a309452e33e0996702c849167b7881d79db5fb --- docker/hound/Dockerfile | 2 +- zuul.d/docker-images/base.yaml | 2 +- zuul.d/docker-mirror.yaml | 2 -- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/docker/hound/Dockerfile b/docker/hound/Dockerfile index 195a43a730..5e5fedd227 100644 --- a/docker/hound/Dockerfile +++ b/docker/hound/Dockerfile @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Trigger rebuild - Fri Apr 11 03:16:46 PM UTC 2025 +# Trigger rebuild - Wed Apr 23 05:03:23 PM UTC 2025 FROM docker.io/library/golang:1.19-bookworm AS builder diff --git a/zuul.d/docker-images/base.yaml b/zuul.d/docker-images/base.yaml index a819698b45..8732cbfb64 100644 --- a/zuul.d/docker-images/base.yaml +++ b/zuul.d/docker-images/base.yaml @@ -85,7 +85,7 @@ docker_mirror_base_url: "https://{{ zuul_site_mirror_fqdn }}/deb-docker/{{ ansible_distribution_release }}" zuul_work_dir: "{{ zuul.projects['opendev.org/opendev/system-config'].src_dir }}" promote_container_image_method: intermediate-registry - container_command: docker + container_command: podman - job: name: system-config-upload-container-image diff --git a/zuul.d/docker-mirror.yaml b/zuul.d/docker-mirror.yaml index 1131a576b8..4436119e5f 100644 --- a/zuul.d/docker-mirror.yaml +++ b/zuul.d/docker-mirror.yaml @@ -36,8 +36,6 @@ secret: system-config-opendevmirror pass-to-parent: true abstract: true - vars: - container_command: docker - job: name: opendev-mirror-container-image-buildkit