Use podman for container image builds

Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
saschagrunert · Jun 22, 2019 · bbab44c · bbab44c
1 parent 125e9b8
commit bbab44c
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 22 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -8,10 +8,10 @@ executors:
   performabot-build:
     docker:
       - image: saschagrunert/performabot-build
-  machine:
-    machine:
-      docker_layer_caching: true
-      image: ubuntu-1604:201903-01
+  # machine:
+    # machine:
+      # docker_layer_caching: true
+      # image: ubuntu-1604:201903-01
 
 workflows:
   version: 2
@@ -140,23 +140,46 @@ jobs:
             git diff-index --quiet HEAD || git commit -m 'Update documentation'
             git push -f origin gh-pages
 
+  # image:
+    # executor: machine
+    # parameters:
+      # target:
+        # type: string
+    # steps:
+      # - run:
+          # name: get dependencies
+          # command: |
+            # sudo add-apt-repository -y ppa:projectatomic/ppa
+            # sudo apt-get update
+            # sudo apt-get install -y podman
+      # - checkout
+      # - attach_workspace:
+          # at: .
+      # - run:
+          # name: create container image
+          # command: make image-<< parameters.target >>
+      # - run:
+          # name: save container image
+          # command: |
+            # podman save -o image-<< parameters.target >>.tar \
+              # performabot-<< parameters.target >>
+      # - store_artifacts:
+          # path: image-<< parameters.target >>.tar
+          # destination: image-<< parameters.target >>.tar
+
   image:
-    executor: machine
+    executor: container
     parameters:
       target:
         type: string
     steps:
+      - <<: *prepare-env
       - checkout
       - attach_workspace:
           at: .
       - run:
           name: create container image
-          command: make image-<< parameters.target >> CONTAINER_RUNTIME=docker
-      - run:
-          name: save container image
-          command: |
-            docker save -o image-<< parameters.target >>.tar \
-              performabot-<< parameters.target >>
+          command: make image-<< parameters.target >>
       - store_artifacts:
           path: image-<< parameters.target >>.tar
           destination: image-<< parameters.target >>.tar

diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
 *.orig
 *.sqlite3*
+*.tar
 *.tix
 .ghc.environment.*
 .sass-cache

diff --git a/Makefile b/Makefile
@@ -3,7 +3,6 @@ GLOB_SCSS := config/bulma.scss
 BULMA_DIR := $(BUILD_DIR)/bulma
 BULMA_TAG := 0.7.5
 BULMA_URL := https://github.com/jgthms/bulma
-CONTAINER_RUNTIME := podman
 
 define nix-shell
 	nix-shell nix/shell.nix $(1)
@@ -22,8 +21,12 @@ define nix-shell-pure-run
 endef
 
 define image-build
-	$(CONTAINER_RUNTIME) build --pull --no-cache \
-		-f Dockerfile-$(1) -t performabot-$(1) .
+	$(call nix-shell-pure-run,\
+		podman build  --pull --no-cache \
+			-f Dockerfile-$(1) -t performabot-$(1)  &&\
+		rm -f $(BUILD_DIR)/image-$(1).tar &&\
+		mkdir -p $(BUILD_DIR) &&\
+		podman save  -o $(BUILD_DIR)/image-$(1).tar performabot-$(1))
 endef
 
 
@@ -40,7 +43,7 @@ build-static:
 .PHONY: build-static-with-image
 build-static-with-image:
 	export WORKDIR=/performabot &&\
-	$(CONTAINER_RUNTIME) run --rm -it -v $(shell pwd):/$$WORKDIR \
+	podman run --rm -it -v $(shell pwd):/$$WORKDIR \
 		saschagrunert/performabot-build sh -c "\
 			export BUILD_DIR=$$WORKDIR/result/bin &&\
 			rm -rf $$WORKDIR/result &&\
@@ -85,12 +88,12 @@ image-build:
 
 .PHONY: image-client
 image-client:
-	$(nix-shell-pure-run,hack/is-static result/bin/client)
+	$(call nix-shell-pure-run,hack/is-static result/bin/client)
 	$(call image-build,client)
 
 .PHONY: image-server
 image-server:
-	$(nix-shell-pure-run,hack/is-static result/bin/server)
+	$(call nix-shell-pure-run,hack/is-static result/bin/server)
 	$(call image-build,server)
 
 .PHONY: lint

diff --git a/hack/is-static b/hack/is-static
@@ -1,11 +1,10 @@
 #!/usr/bin/env bash
-if [ ! -f $1 ]; then
-    echo "File '$1' does not exist"
+if [ ! -x "$1" ]; then
+    echo "File is not executable"
     exit 1
 fi
 
-file $1 | grep "statically linked" | grep -q stripped
-if [ $? -ne 0 ]; then
-    echo "Binary does not seem to be statically linked"
+if ! file "$1" | grep "statically linked" | grep -q stripped; then
+    echo "Binary is not statically linked and stripped"
     exit 1
 fi
diff --git a/nix/shell.nix b/nix/shell.nix
@@ -26,6 +26,7 @@ pkgs.stdenv.mkDerivation {
     haskellPackages.yesod-bin
     hlint
     nix-prefetch-git
+    podman
     sass
     sqlite
     wget