build: copy imager artifacts via docker cp for DinD runners
Build Talos CM5 Image / build (push) Failing after 3h9m21s
Build Talos CM5 Image / build (push) Failing after 3h9m21s
The Gitea act_runners on the fondation cluster run jobs in containers against a docker:dind sidecar (socket at /shared/docker.sock). A nested `docker run -v ./_out:/out` resolves the path on the dind daemon's filesystem, not the job container, so the installer tar / raw image never came back and `crane push ./_out/...` failed. Run the imager without an output bind mount (anonymous /out volume) and pull artifacts back with `docker cp`, which streams over the Docker API and works under DinD, a shared socket, or a local daemon. Also drop `-t` (no TTY in container-mode steps) and name+clean the containers. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Mathias Beaulieu-Duncan
@@ -169,6 +169,12 @@ overlay:
|
||||
# Builds the imager, installer-base, and installer images step by step,
|
||||
# pushing each to our project-specific Docker Hub repos.
|
||||
#
|
||||
# The imager runs as a container. Under DinD CI runners it is a sibling of the
|
||||
# dind daemon, so a bind mount of ./_out would resolve on the daemon's
|
||||
# filesystem rather than here. We therefore run the imager without an output
|
||||
# mount and copy artifacts back with `docker cp` (streams over the Docker API,
|
||||
# so it works under DinD, a shared socket, or a local daemon alike).
|
||||
#
|
||||
.PHONY: installer
|
||||
installer:
|
||||
cd "$(CHECKOUTS_DIRECTORY)/talos" && \
|
||||
@@ -190,22 +196,28 @@ installer:
|
||||
target-installer-base \
|
||||
TARGET_ARGS="--output type=image,name=$(INSTALLER_IMAGE):base-$(TALOS_TAG),push=true $(ATTESTATION_ARGS)" && \
|
||||
docker pull $(IMAGER_IMAGE):$(TALOS_TAG) && \
|
||||
docker run --rm -t -v ./_out:/out --privileged --network=host \
|
||||
mkdir -p ./_out && \
|
||||
( docker rm -fv talos-imager 2>/dev/null || true ) && \
|
||||
docker run --name talos-imager -v /out --privileged --network=host \
|
||||
$(IMAGER_IMAGE):$(TALOS_TAG) \
|
||||
installer --arch arm64 \
|
||||
--base-installer-image="$(INSTALLER_IMAGE):base-$(TALOS_TAG)" \
|
||||
$(IMAGER_COMMON_FLAGS) && \
|
||||
docker cp talos-imager:/out/installer-arm64.tar ./_out/installer-arm64.tar && \
|
||||
docker rm -fv talos-imager >/dev/null && \
|
||||
crane push ./_out/installer-arm64.tar $(INSTALLER_IMAGE):$(TALOS_TAG) && \
|
||||
printf "FROM $(INSTALLER_IMAGE):$(TALOS_TAG)\n" | docker buildx build \
|
||||
--platform linux/arm64 \
|
||||
$(ATTESTATION_ARGS) \
|
||||
-t $(INSTALLER_IMAGE):$(TALOS_TAG) --push - && \
|
||||
docker \
|
||||
run --rm -t -v ./_out:/out -v /dev:/dev --privileged --network=host \
|
||||
( docker rm -fv talos-imager-metal 2>/dev/null || true ) && \
|
||||
docker run --name talos-imager-metal -v /out -v /dev:/dev --privileged --network=host \
|
||||
$(IMAGER_IMAGE):$(TALOS_TAG) \
|
||||
metal --arch arm64 \
|
||||
--base-installer-image="$(INSTALLER_IMAGE):$(TALOS_TAG)" \
|
||||
$(IMAGER_COMMON_FLAGS)
|
||||
$(IMAGER_COMMON_FLAGS) && \
|
||||
docker cp talos-imager-metal:/out/. ./_out/ && \
|
||||
docker rm -fv talos-imager-metal >/dev/null
|
||||
|
||||
#
|
||||
# Release — tag images with the Git tag for stable references
|
||||
|
||||
Reference in New Issue
Block a user