Skip to content

Commit

Permalink
feat: set quay image expiry to prevent overflow of images
Browse files Browse the repository at this point in the history
Signed-off-by: KevFan <chfan@redhat.com>
  • Loading branch information
KevFan committed Sep 17, 2024
1 parent 82e7719 commit e8b6a55
Show file tree
Hide file tree
Showing 5 changed files with 34 additions and 4 deletions.
9 changes: 8 additions & 1 deletion .github/workflows/build-images.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,10 @@ on:
description: Bundle and catalog channels, comma separated
required: true
default: stable

quayImageExpiry:
description: When to expire the built quay images. The time values could be something like 1h, 2d, 3w for hours, days, and weeks, respectively, from the time the image is built.
default: never
type: string
env:
IMG_TAGS: ${{ github.sha }}
IMG_REGISTRY_HOST: quay.io
Expand All @@ -24,6 +27,7 @@ env:
OPERATOR_NAME: authorino-operator
BUILD_CONFIG_FILE: build.yaml
LATEST_AUTHORINO_GITREF: ${{ vars.AUTHORINO_SHA != '' && vars.AUTHORINO_SHA || 'latest' }}
QUAY_IMAGE_EXPIRY: ${{ inputs.quayImageExpiry }}

jobs:
build:
Expand Down Expand Up @@ -69,6 +73,7 @@ jobs:
GIT_SHA=${{ github.sha }}
DIRTY=false
DEFAULT_AUTHORINO_IMAGE=${{ env.DEFAULT_AUTHORINO_IMAGE }}
QUAY_IMAGE_EXPIRY=${{ inputs.quayImageExpiry }}
containerfiles: |
./Dockerfile
- name: Push Image
Expand Down Expand Up @@ -143,6 +148,7 @@ jobs:
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
build-args: |
version=${{ env.VERSION }}
QUAY_IMAGE_EXPIRY=${{ inputs.quayImageExpiry }}
containerfiles: |
./bundle.Dockerfile
- name: Push Image
Expand Down Expand Up @@ -225,6 +231,7 @@ jobs:
context: ./catalog
dockerfiles: |
./catalog/${{ env.OPERATOR_NAME }}-catalog.Dockerfile
# The Quay image expiry label for the generated catalog Dockerfile is set via opm, using the value set in the QUAY_IMAGE_EXPIRY environment variable
- name: Push Image
if: ${{ !env.ACT }}
id: push-to-quay
Expand Down
5 changes: 5 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,9 @@ WORKDIR /
COPY --from=builder /workspace/manager .
USER 1001

# Quay image expiry
ARG QUAY_IMAGE_EXPIRY
ENV QUAY_IMAGE_EXPIRY=${QUAY_IMAGE_EXPIRY:-never}
LABEL quay.expires-after=$QUAY_IMAGE_EXPIRY

ENTRYPOINT ["/manager"]
6 changes: 4 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
docker-build: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
docker-build: DIRTY=$(shell $(PROJECT_DIR)/utils/check-git-dirty.sh || echo "unknown")
docker-build: ## Build docker image with the manager.
docker build --build-arg VERSION=$(VERSION) --build-arg GIT_SHA=$(GIT_SHA) --build-arg DIRTY=$(DIRTY) --build-arg ACTUAL_DEFAULT_AUTHORINO_IMAGE=$(ACTUAL_DEFAULT_AUTHORINO_IMAGE) -t $(OPERATOR_IMAGE) .
docker build --build-arg VERSION=$(VERSION) --build-arg GIT_SHA=$(GIT_SHA) --build-arg DIRTY=$(DIRTY) --build-arg ACTUAL_DEFAULT_AUTHORINO_IMAGE=$(ACTUAL_DEFAULT_AUTHORINO_IMAGE) --build-arg QUAY_IMAGE_EXPIRY=$(QUAY_IMAGE_EXPIRY) -t $(OPERATOR_IMAGE) .

docker-push: ## Push docker image with the manager.
docker push ${OPERATOR_IMAGE}
Expand Down Expand Up @@ -311,11 +311,13 @@ bundle-custom-modifications:
# Set Openshift version in bundle Dockerfile
@echo "" >> bundle.Dockerfile
@echo "# Custom labels" >> bundle.Dockerfile
# Quay image expiry label
@echo "$$QUAY_EXPIRY_TIME_LABEL" >> bundle.Dockerfile
@echo "LABEL $(OPENSHIFT_VERSIONS_ANNOTATION_KEY)=$(OPENSHIFT_SUPPORTED_VERSIONS)" >> bundle.Dockerfile

.PHONY: bundle-build
bundle-build: ## Build the bundle image.
docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) .
docker build --build-arg QUAY_IMAGE_EXPIRY=$(QUAY_IMAGE_EXPIRY) -f bundle.Dockerfile -t $(BUNDLE_IMG) .

.PHONY: bundle-push
bundle-push: ## Push the bundle image.
Expand Down
4 changes: 4 additions & 0 deletions bundle.Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,8 @@ COPY bundle/metadata /metadata/
COPY bundle/tests/scorecard /tests/scorecard/

# Custom labels
## Quay image expiry
ARG QUAY_IMAGE_EXPIRY
ENV QUAY_IMAGE_EXPIRY=${QUAY_IMAGE_EXPIRY:-never}
LABEL quay.expires-after=${QUAY_IMAGE_EXPIRY}
LABEL com.redhat.openshift.versions=v4.12
14 changes: 13 additions & 1 deletion make/catalog.mk
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,21 @@ CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:$(IMAGE_TAG)
CATALOG_FILE = $(PROJECT_DIR)/catalog/authorino-operator-catalog/operator.yaml
CATALOG_DOCKERFILE = $(PROJECT_DIR)/catalog/authorino-operator-catalog.Dockerfile

# Quay image default expiry
QUAY_IMAGE_EXPIRY ?= never

# A LABEL that can be appended to a generated Dockerfile to set the Quay image expiration through Docker arguments.
define QUAY_EXPIRY_TIME_LABEL
## Quay image expiry
ARG QUAY_IMAGE_EXPIRY
ENV QUAY_IMAGE_EXPIRY=$${QUAY_IMAGE_EXPIRY:-never}
LABEL quay.expires-after=$${QUAY_IMAGE_EXPIRY}
endef
export QUAY_EXPIRY_TIME_LABEL

$(CATALOG_DOCKERFILE): $(OPM)
-mkdir -p $(PROJECT_DIR)/catalog/authorino-operator-catalog
cd $(PROJECT_DIR)/catalog && $(OPM) generate dockerfile authorino-operator-catalog
cd $(PROJECT_DIR)/catalog && $(OPM) generate dockerfile authorino-operator-catalog -l quay.expires-after=$(QUAY_IMAGE_EXPIRY)
catalog-dockerfile: $(CATALOG_DOCKERFILE) ## Generate catalog dockerfile.

$(CATALOG_FILE): $(OPM) $(YQ)
Expand Down

0 comments on commit e8b6a55

Please sign in to comment.