Skip to content

Commit dc5882f

Browse files
kumahq[bot]lukidzi
kumahq[bot]
and
lukidzi
authored
chore(release): disable Docker 29 provenance to fix manifest creation (backport of #15627) (#15651)
Automatic cherry-pick of #15627 for branch release-2.7 Generated by [action](https://github.com/kumahq/kuma/actions/runs/22194081188) cherry-picked commit 71e5454 ⚠️ ⚠️ ⚠️ Conflicts happened when cherry-picking! ⚠️ ⚠️ ⚠️ ``` On branch release-2.7 Your branch is up to date with 'origin/release-2.7'. You are currently cherry-picking commit 71e5454. (fix conflicts and run "git cherry-pick --continue") (use "git cherry-pick --skip" to skip this patch) (use "git cherry-pick --abort" to cancel the cherry-pick operation) Unmerged paths: (use "git add <file>..." to mark resolution) both modified: mk/docker.mk no changes added to commit (use "git add" and/or "git commit -a") ``` --------- Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com> Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
1 parent 81ef691 commit dc5882f

File tree

1 file changed

+15
-10
lines changed

1 file changed

+15
-10
lines changed

mk/docker.mk

Lines changed: 15 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -18,49 +18,54 @@ KUMA_IMAGES = $(call build_image,$(IMAGES_RELEASE) $(IMAGES_TEST))
1818
# https://docs.docker.com/develop/develop-images/build_enhancements/
1919
export DOCKER_BUILDKIT := 1
2020

21+
# Docker 29+ enables provenance attestations by default, which turns pushed
22+
# single-platform images into manifest lists (image index). This breaks
23+
# `docker manifest create --amend` which expects plain image manifests.
24+
DOCKER_BUILD_OPTS ?= --provenance=false
25+
2126
# add targets to build images for each arch
2227
# $(1) - GOARCH to build for
2328

2429
define IMAGE_TARGETS_BY_ARCH
2530
.PHONY: image/static/$(1)
2631
image/static/$(1): ## Dev: Rebuild `kuma-static` Docker image
27-
docker build -t kumahq/static-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/static.Dockerfile .
32+
docker build $(DOCKER_BUILD_OPTS) -t kumahq/static-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/static.Dockerfile .
2833

2934
.PHONY: image/base/$(1)
3035
image/base/$(1): ## Dev: Rebuild `kuma-base` Docker image
31-
docker build -t kumahq/base-nossl-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/base.Dockerfile .
36+
docker build $(DOCKER_BUILD_OPTS) -t kumahq/base-nossl-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/base.Dockerfile .
3237

3338
.PHONY: image/base-root/$(1)
3439
image/base-root/$(1): ## Dev: Rebuild `kuma-base-root` Docker image
35-
docker build -t kumahq/base-root-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/base-root.Dockerfile .
40+
docker build $(DOCKER_BUILD_OPTS) -t kumahq/base-root-debian11:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/base-root.Dockerfile .
3641

3742
.PHONY: image/envoy/$(1)
3843
image/envoy/$(1): build/artifacts-linux-$(1)/envoy ## Dev: Rebuild `envoy` Docker image
39-
docker build -t kumahq/envoy:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/envoy.Dockerfile .
44+
docker build $(DOCKER_BUILD_OPTS) -t kumahq/envoy:no-push-$(1) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/envoy.Dockerfile .
4045

4146
.PHONY: image/kuma-cp/$(1)
4247
image/kuma-cp/$(1): image/static/$(1) build/artifacts-linux-$(1)/kuma-cp ## Dev: Rebuild `kuma-cp` Docker image
43-
docker build -t $$(call build_image,kuma-cp,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-cp.Dockerfile .
48+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kuma-cp,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-cp.Dockerfile .
4449

4550
.PHONY: image/kuma-dp/$(1)
4651
image/kuma-dp/$(1): image/base/$(1) image/envoy/$(1) build/artifacts-linux-$(1)/kuma-dp build/artifacts-linux-$(1)/coredns ## Dev: Rebuild `kuma-dp` Docker image
47-
docker build -t $$(call build_image,kuma-dp,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-dp.Dockerfile .
52+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kuma-dp,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-dp.Dockerfile .
4853

4954
.PHONY: image/kumactl/$(1)
5055
image/kumactl/$(1): image/base/$(1) build/artifacts-linux-$(1)/kumactl ## Dev: Rebuild `kumactl` Docker image
51-
docker build -t $$(call build_image,kumactl,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kumactl.Dockerfile .
56+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kumactl,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kumactl.Dockerfile .
5257

5358
.PHONY: image/kuma-init/$(1)
5459
image/kuma-init/$(1): build/artifacts-linux-$(1)/kumactl ## Dev: Rebuild `kuma-init` Docker image
55-
docker build -t $$(call build_image,kuma-init,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-init.Dockerfile .
60+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kuma-init,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-init.Dockerfile .
5661

5762
.PHONY: image/kuma-cni/$(1)
5863
image/kuma-cni/$(1): image/base-root/$(1) build/artifacts-linux-$(1)/kuma-cni build/artifacts-linux-$(1)/install-cni
59-
docker build -t $$(call build_image,kuma-cni,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-cni.Dockerfile .
64+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kuma-cni,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(TOOLS_DIR)/releases/dockerfiles/kuma-cni.Dockerfile .
6065

6166
.PHONY: image/kuma-universal/$(1)
6267
image/kuma-universal/$(1): image/envoy/$(1) build/artifacts-linux-$(1)/kuma-cp build/artifacts-linux-$(1)/kuma-dp build/artifacts-linux-$(1)/kumactl build/artifacts-linux-$(1)/kumactl build/artifacts-linux-$(1)/test-server build/artifacts-linux-$(1)/coredns
63-
docker build -t $$(call build_image,kuma-universal,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(KUMA_DIR)/test/dockerfiles/universal.Dockerfile .
68+
docker build $(DOCKER_BUILD_OPTS) -t $$(call build_image,kuma-universal,$(1)) --build-arg ARCH=$(1) --platform=linux/$(1) -f $(KUMA_DIR)/test/dockerfiles/universal.Dockerfile .
6469
endef
6570
$(foreach goarch,$(SUPPORTED_GOARCHES),$(eval $(call IMAGE_TARGETS_BY_ARCH,$(goarch))))
6671

0 commit comments

Comments
 (0)