Merge pull request #94167 from justaugustus/go-runner

build: Update to go-runner:buster-v2.0.0

build/BUILD

@@ -20,7 +20,6 @@ filegroup(
     name = "all-srcs",
     srcs = [
         ":package-srcs",
-        "//build/go-runner:all-srcs",
         "//build/release-tars:all-srcs",
         "//build/visible_to:all-srcs",
     ],

build/common.sh

@@ -96,7 +96,7 @@ kube::build::get_docker_wrapped_binaries() {
   local arch=$1
   local debian_base_version=v2.1.3
   local debian_iptables_version=v12.1.2
-  local go_runner_version=v0.1.1
+  local go_runner_version=buster-v2.0.0
   ### If you change any of these lists, please also update DOCKERIZED_BINARIES
   ### in build/BUILD. And kube::golang::server_image_targets
   local targets=(

build/dependencies.yaml

@@ -143,14 +143,8 @@ dependencies:
     - path: test/utils/image/manifest.go
       match: configs\[DebianIptables\] = Config{buildImageRegistry, "debian-iptables", "v\d+\.\d+.\d+"}
 
-  - name: "k8s.gcr.io/go-runner"
-    version: 0.1.1
-    refPaths:
-    - path: build/go-runner/Makefile
-      match: TAG \?=
-
   - name: "k8s.gcr.io/go-runner: dependents"
-    version: 0.1.1
+    version: buster-v2.0.0
     refPaths:
     - path: build/common.sh
       match: go_runner_version=

build/go-runner/BUILD

@@ -1,29 +0,0 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
-
-go_library(
-    name = "go_default_library",
-    srcs = ["go-runner.go"],
-    importpath = "k8s.io/kubernetes/build/go-runner",
-    visibility = ["//visibility:private"],
-    deps = ["//vendor/github.com/pkg/errors:go_default_library"],
-)
-
-go_binary(
-    name = "go-runner",
-    embed = [":go_default_library"],
-    visibility = ["//visibility:public"],
-)
-
-filegroup(
-    name = "package-srcs",
-    srcs = glob(["**"]),
-    tags = ["automanaged"],
-    visibility = ["//visibility:private"],
-)
-
-filegroup(
-    name = "all-srcs",
-    srcs = [":package-srcs"],
-    tags = ["automanaged"],
-    visibility = ["//visibility:public"],
-)

build/go-runner/Dockerfile

@@ -1,45 +0,0 @@
-# Copyright 2020 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Build the manager binary
-FROM golang:1.13 as builder
-WORKDIR /workspace
-
-# Run this with docker build --build_arg goproxy=$(go env GOPROXY) to override the goproxy
-ARG goproxy=https://proxy.golang.org
-# Run this with docker build --build_arg package=./controlplane/kubeadm or --build_arg package=./bootstrap/kubeadm
-ENV GOPROXY=$goproxy
-
-# Copy the sources
-COPY ./ ./
-
-# Cache the go build
-RUN go build .
-
-# Build
-ARG package=.
-ARG ARCH
-
-# Do not force rebuild of up-to-date packages (do not use -a)
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=${ARCH} \
-    go build -ldflags '-s -w -buildid= -extldflags "-static"' \
-    -o go-runner ${package}
-
-# Production image
-FROM gcr.io/distroless/static:latest
-LABEL maintainers="Kubernetes Authors"
-LABEL description="go based runner for distroless scenarios"
-WORKDIR /
-COPY --from=builder /workspace/go-runner .
-ENTRYPOINT ["/go-runner"]

build/go-runner/Makefile

@@ -1,71 +0,0 @@
-# Copyright 2020 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# set default shell
-SHELL=/bin/bash -o pipefail
-
-TAG ?= v0.1.1
-REGISTRY ?= k8s.gcr.io
-
-IMGNAME = go-runner
-IMAGE = $(REGISTRY)/$(IMGNAME)
-
-PLATFORMS = linux/amd64 linux/arm64 linux/arm linux/ppc64le linux/s390x
-
-HOST_GOOS ?= $(shell go env GOOS)
-HOST_GOARCH ?= $(shell go env GOARCH)
-GO_BUILD ?= go build
-
-.PHONY: all build clean
-
-.PHONY: all
-all: build
-
-.PHONY: build
-build:
-	$(GO_BUILD)
-
-.PHONY: clean
-clean:
-	rm go-runner
-
-.PHONY: container
-container: init-docker-buildx
-	# https://github.com/docker/buildx/issues/59
-	$(foreach PLATFORM,$(PLATFORMS), \
-		DOCKER_CLI_EXPERIMENTAL=enabled docker buildx build \
-		--load \
-		--progress plain \
-		--platform $(PLATFORM) \
-		--tag $(IMAGE)-$(PLATFORM):$(TAG) .;)
-
-.PHONY: push
-push: container
-	$(foreach PLATFORM,$(PLATFORMS), \
-		docker push $(IMAGE)-$(PLATFORM):$(TAG);)
-
-.PHONY: manifest
-manifest: push
-	docker manifest create --amend $(IMAGE):$(TAG) $(shell echo $(PLATFORMS) | sed -e "s~[^ ]*~$(IMAGE)\-&:$(TAG)~g")
-	@for arch in $(PLATFORMS); do docker manifest annotate --arch "$${arch##*/}" ${IMAGE}:${TAG} ${IMAGE}-$${arch}:${TAG}; done
-	docker manifest push --purge $(IMAGE):$(TAG)
-
-.PHONY: init-docker-buildx
-init-docker-buildx:
-ifneq ($(shell docker buildx 2>&1 >/dev/null; echo $?),)
-	$(error "buildx not vailable. Docker 19.03 or higher is required")
-endif
-	docker run --rm --privileged linuxkit/binfmt:4ea3b9b0938cbd19834c096aa31ff475cc75d281
-	docker buildx create --name multiarch-go-runner --use || true
-	docker buildx inspect --bootstrap

build/go-runner/OWNERS

@@ -1,6 +0,0 @@
-# See the OWNERS docs at https://go.k8s.io/owners
-
-approvers:
-  - build-image-approvers
-reviewers:
-  - build-image-reviewers

build/go-runner/README.md

@@ -1,30 +0,0 @@
-# Kubernetes go-runner image
-
-The Kubernetes go-runner image wraps the gcr.io/distroless/static image and provides a go based
-binary that can run commands and wrap stdout/stderr etc. 
-
-Why do we need this? Some of our images like kube-apiserver currently use bash for collecting
-logs, so we are not able to switch to distroless images directly for these images. The klog's
-`--log-file` was supposed to fix this problem, but we ran into trouble in scalability CI jobs
-around log rotation and picked this option instead. we essentially publish a multi-arch 
-manifest with support for various platforms. This can be used as a base for other kubernetes
-components.
-
-For example instead of running kube-apiserver like this:
-```bash
-"/bin/sh",
-  "-c",
-  "exec /usr/local/bin/kube-apiserver {{params}} --allow-privileged={{pillar['allow_privileged']}} 1>>/var/log/kube-apiserver.log 2>&1"
-```  
-
-we would use go-runner like so:
-```bash
-"/go-runner", "--log-file=/var/log/kube-apiserver.log", "--also-stdout=false", "--redirect-stderr=true",
-  "/usr/local/bin/kube-apiserver",
-  "--allow-privileged={{pillar['allow_privileged']}}",
-  {{params}}
-```
-
-The go-runner would then ensure that we run the `/usr/local/bin/kube-apiserver` with the 
-specified parameters and redirect stdout ONLY to the log file specified and ensure anything 
-logged to stderr also ends up in the log file.

build/go-runner/cloudbuild.yaml

@@ -1,22 +0,0 @@
-# See https://github.com/kubernetes/test-infra/blob/master/config/jobs/image-pushing/README.md for more details on image pushing process
-
-# this must be specified in seconds. If omitted, defaults to 600s (10 mins)
-timeout: 1200s
-# this prevents errors if you don't use both _GIT_TAG and _PULL_BASE_REF,
-# or any new substitutions added in the future.
-options:
-  substitution_option: ALLOW_LOOSE
-  machineType: 'N1_HIGHCPU_8'
-steps:
-  - name: 'gcr.io/k8s-testimages/gcb-docker-gcloud:v20200422-b25d964'
-    entrypoint: 'bash'
-    dir: ./build/go-runner
-    env:
-    - DOCKER_CLI_EXPERIMENTAL=enabled
-    - REGISTRY=gcr.io/$PROJECT_ID
-    - HOME=/root
-    args:
-    - '-c'
-    - |
-      gcloud auth configure-docker \
-      && make manifest

build/go-runner/go-runner.go

@@ -1,122 +0,0 @@
-/*
-Copyright 2020 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package main
-
-import (
-	"flag"
-	"fmt"
-	"io"
-	"log"
-	"os"
-	"os/exec"
-	"os/signal"
-	"strings"
-	"syscall"
-
-	"github.com/pkg/errors"
-)
-
-var (
-	logFilePath    = flag.String("log-file", "", "If non-empty, save stdout to this file")
-	alsoToStdOut   = flag.Bool("also-stdout", false, "useful with log-file, log to standard output as well as the log file")
-	redirectStderr = flag.Bool("redirect-stderr", true, "treat stderr same as stdout")
-)
-
-func main() {
-	flag.Parse()
-
-	if err := configureAndRun(); err != nil {
-		log.Fatal(err)
-	}
-}
-
-func configureAndRun() error {
-	var (
-		outputStream io.Writer = os.Stdout
-		errStream    io.Writer = os.Stderr
-	)
-
-	args := flag.Args()
-	if len(args) == 0 {
-		return errors.Errorf("not enough arguments to run")
-	}
-
-	if logFilePath != nil && *logFilePath != "" {
-		logFile, err := os.OpenFile(*logFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
-		if err != nil {
-			return errors.Wrapf(err, "failed to create log file %v", *logFilePath)
-		}
-		if *alsoToStdOut {
-			outputStream = io.MultiWriter(os.Stdout, logFile)
-		} else {
-			outputStream = logFile
-		}
-	}
-
-	if *redirectStderr {
-		errStream = outputStream
-	}
-
-	exe := args[0]
-	var exeArgs []string
-	if len(args) > 1 {
-		exeArgs = args[1:]
-	}
-	cmd := exec.Command(exe, exeArgs...)
-	cmd.Stdout = outputStream
-	cmd.Stderr = errStream
-
-	log.Printf("Running command:\n%v", cmdInfo(cmd))
-	err := cmd.Start()
-	if err != nil {
-		return errors.Wrap(err, "starting command")
-	}
-
-	// Handle signals and shutdown process gracefully.
-	go setupSigHandler(cmd.Process)
-	return errors.Wrap(cmd.Wait(), "running command")
-}
-
-// cmdInfo generates a useful look at what the command is for printing/debug.
-func cmdInfo(cmd *exec.Cmd) string {
-	return fmt.Sprintf(
-		`Command env: (log-file=%v, also-stdout=%v, redirect-stderr=%v)
-Run from directory: %v
-Executable path: %v
-Args (comma-delimited): %v`, *logFilePath, *alsoToStdOut, *redirectStderr,
-		cmd.Dir, cmd.Path, strings.Join(cmd.Args, ","),
-	)
-}
-
-// setupSigHandler will forward any termination signals to the process
-func setupSigHandler(process *os.Process) {
-	// terminationSignals are signals that cause the program to exit in the
-	// supported platforms (linux, darwin, windows).
-	terminationSignals := []os.Signal{syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT}
-
-	c := make(chan os.Signal, 1)
-	signal.Notify(c, terminationSignals...)
-
-	// Block until a signal is received.
-	log.Println("Now listening for interrupts")
-	s := <-c
-	log.Printf("Got signal: %v. Sending down to process (PID: %v)", s, process.Pid)
-	if err := process.Signal(s); err != nil {
-		log.Fatalf("Failed to signal process: %v", err)
-	}
-	log.Printf("Signalled process %v successfully.", process.Pid)
-}

build/go-runner/go.mod

@@ -1,5 +0,0 @@
-module k8s.io/kubernetes/build/go-runner
-
-go 1.15
-
-require github.com/pkg/errors v0.9.1

build/go-runner/go.sum

@@ -1,2 +0,0 @@
-github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
-github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

build/workspace.bzl

@@ -102,15 +102,15 @@ _DEBIAN_IPTABLES_DIGEST = {
 # Use skopeo to find these values: https://github.com/containers/skopeo
 #
 # Example
-# Manifest: skopeo inspect docker://gcr.io/k8s-staging-build-image/go-runner:v0.1.1
+# Manifest: skopeo inspect docker://gcr.io/k8s-staging-build-image/go-runner:buster-v2.0.0
-# Arches: skopeo inspect --raw docker://gcr.io/k8s-staging-build-image/go-runner:v0.1.1
+# Arches: skopeo inspect --raw docker://gcr.io/k8s-staging-build-image/go-runner:buster-v2.0.0
 _GO_RUNNER_DIGEST = {
-    "manifest": "sha256:4892faa2de0533bc1af72b9b233936f21a9e7362063345d170de1a8f464f2ad8",
+    "manifest": "sha256:ff6e2f3683e7d284674ed18341fc898060204e8c43c9b477e13c6f7faf3e66d4",
-    "amd64": "sha256:821e48a96d46aa53d2f7f5ef9d9093ed69979957a0a7092d1c09c44d81028a9d",
+    "amd64": "sha256:140404aed601b95a2a0a1aeac0608a0fdbd5fc339a8ea6b2ee4a63c7e1f56415",
-    "arm": "sha256:2cc042179887b6baa0792e156b53f4cb94181b1a99153790402bd8e517e8cf56",
+    "arm": "sha256:5d4e8c77bc472610e7e46bbd2b83e167e243434b8287ba2ffe6b09aba9f08ecc",
-    "arm64": "sha256:00ca7f34275349330a5d8ddffd15e2980fe5b2cbdd410f063f4e7617e0e71c29",
+    "arm64": "sha256:62429a05973522064480deb44134e3ca355ee89c7781f3fc3ee9072f17de0085",
-    "ppc64le": "sha256:3e25e0d0e9d17033f3e86d4af5787c7fc5f1173e174d77eebdc14df1a06f1c99",
+    "ppc64le": "sha256:05c8575486ccea90c35e8d8ba28c84aee57a03d58329b1354cf7193c372d2de2",
-    "s390x": "sha256:3e34e290cd35a90285991a575e2e79fddfb161c66f13bc5662a1cc0a4ade32e0",
+    "s390x": "sha256:e886ab4557e60293081f2e47a5b52e84bd3d60290a0f46fb99fac6eec35479ec",
 }
 
 def _digest(d, arch):
@@ -127,7 +127,7 @@ def image_dependencies():
             digest = _digest(_GO_RUNNER_DIGEST, arch),
             registry = "k8s.gcr.io/build-image",
             repository = "go-runner",
-            tag = "v0.1.1",  # ignored, but kept here for documentation
+            tag = "buster-v2.0.0",  # ignored, but kept here for documentation
         )
 
         container_pull(