Merge pull request #99379 from vinayakankugoyal/kappa

Make the registry for the server-images templated in the Dockerfiles.

build/common.sh

@@ -86,8 +86,9 @@ readonly KUBE_RSYNC_PORT="${KUBE_RSYNC_PORT:-}"
 readonly KUBE_CONTAINER_RSYNC_PORT=8730
 
 # Get the set of master binaries that run in Docker (on Linux)
-# Entry format is "<name-of-binary>,<base-image>".
+# Entry format is "<name-of-binary>,<base-image-name>:<base-image-version>".
 # Binaries are placed in /usr/local/bin inside the image.
+# When building these images the registry for the base images is considered to be ${KUBE_BASE_IMAGE_REGISTRY}.
 #
 # $1 - server architecture
 kube::build::get_docker_wrapped_binaries() {
@@ -96,10 +97,10 @@ kube::build::get_docker_wrapped_binaries() {
   ### If you change any of these lists, please also update DOCKERIZED_BINARIES
   ### in build/BUILD. And kube::golang::server_image_targets
   local targets=(
-    "kube-apiserver,${KUBE_BASE_IMAGE_REGISTRY}/go-runner:${go_runner_version}"
+    "kube-apiserver,go-runner:${go_runner_version}"
-    "kube-controller-manager,${KUBE_BASE_IMAGE_REGISTRY}/go-runner:${go_runner_version}"
+    "kube-controller-manager,go-runner:${go_runner_version}"
-    "kube-scheduler,${KUBE_BASE_IMAGE_REGISTRY}/go-runner:${go_runner_version}"
+    "kube-scheduler,go-runner:${go_runner_version}"
-    "kube-proxy,${KUBE_BASE_IMAGE_REGISTRY}/debian-iptables:${debian_iptables_version}"
+    "kube-proxy,debian-iptables:${debian_iptables_version}"
   )
 
   echo "${targets[@]}"

build/lib/release.sh

@@ -361,7 +361,7 @@ function kube::release::create_docker_images_for_server() {
     for wrappable in $binaries; do
 
       local binary_name=${wrappable%%,*}
-      local base_image=${wrappable##*,}
+      local base_image_name=${wrappable##*,}
       local binary_file_path="${binary_dir}/${binary_name}"
       local docker_build_path="${binary_file_path}.dockerbuild"
       local docker_image_tag="${docker_registry}/${binary_name}-${arch}:${docker_tag}"
@@ -384,7 +384,8 @@ function kube::release::create_docker_images_for_server() {
           --platform linux/"${arch}" \
           --load ${docker_build_opts:+"${docker_build_opts}"} \
           -t "${docker_image_tag}" \
-          --build-arg BASEIMAGE="${base_image}" \
+          --build-arg BASE_IMAGE_REGISTRY="${KUBE_BASE_IMAGE_REGISTRY}" \
+          --build-arg BASE_IMAGE_NAME="${base_image_name}" \
           --build-arg BINARY="${binary_name}" \
           "${docker_build_path}" >"${build_log}" 2>&1; then
             cat "${build_log}"

build/server-image/Dockerfile

@@ -14,8 +14,10 @@
 
 # Dockerfile used for the server images.
 
-ARG BASEIMAGE
+ARG BASE_IMAGE_REGISTRY
+ARG BASE_IMAGE_NAME
 ARG BINARY
 
-FROM ${BASEIMAGE}
+
+FROM "${BASE_IMAGE_REGISTRY}/${BASE_IMAGE_NAME}"
 COPY ${BINARY} /usr/local/bin/${BINARY}

build/server-image/kube-apiserver/Dockerfile

@@ -13,16 +13,17 @@
 # limitations under the License.
 
 # This file create the kube-apiserver image.
-ARG BASEIMAGE
+ARG BASE_IMAGE_REGISTRY
+ARG BASE_IMAGE_NAME
 # we use the hosts platform to apply the capabilities to avoid the need
 # to setup qemu for the builder.
-FROM --platform=linux/$BUILDARCH k8s.gcr.io/build-image/setcap:buster-v1.4.0
+FROM --platform=linux/$BUILDARCH ${BASE_IMAGE_REGISTRY}/setcap:buster-v1.4.0
 ARG BINARY
 COPY ${BINARY} /${BINARY}
 # We apply cap_net_bind_service so that kube-apiserver can be run as
 # non-root and still listen on port less than 1024
 RUN setcap cap_net_bind_service=+ep /${BINARY}
 
-FROM --platform=linux/$TARGETARCH ${BASEIMAGE}
+FROM --platform=linux/$TARGETARCH ${BASE_IMAGE_REGISTRY}/${BASE_IMAGE_NAME}
 ARG BINARY
 COPY --from=0 /${BINARY} /usr/local/bin/${BINARY}