Buildkit merge requestshttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests2022-10-07T16:05:45Zhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/1resolver: Isolate token cache to each client session2022-10-07T16:05:45ZDduvallresolver: Isolate token cache to each client sessionPrefix token cache keys with the session group's IDs to avoid tokens
from being leaked between client sessions.
Bug: T319694Prefix token cache keys with the session group's IDs to avoid tokens
from being leaked between client sessions.
Bug: T319694DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/2wmf/ci: Provide build environment and gitlab-ci.yml2022-10-07T19:36:35ZDduvallwmf/ci: Provide build environment and gitlab-ci.ymlBuild and publish an image following merges to wmf branch.
Bug: T319694Build and publish an image following merges to wmf branch.
Bug: T319694DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/3wmf/ci: Fix image tag by replacing invalid tag characters with '-'2022-10-11T15:00:20ZDduvallwmf/ci: Fix image tag by replacing invalid tag characters with '-'DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/4wmf/Dockerfile: Include buildctl in the buildkit image2022-10-18T23:36:37ZAhmon Dancywmf/Dockerfile: Include buildctl in the buildkit imagehttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/5helm: Provide a helm chart for deployment alongside GitLab cloud runners2022-10-21T15:23:33ZDduvallhelm: Provide a helm chart for deployment alongside GitLab cloud runnersBug: T321334Bug: T321334DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/6helm: Build and publish the helm chart as an artifact2022-10-21T17:33:55ZDduvallhelm: Build and publish the helm chart as an artifactBug: T321334Bug: T321334DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/7helm: Support providing S3 credentials via a secret2022-10-26T18:59:31ZDduvallhelm: Support providing S3 credentials via a secretS3 is one option for cache export and credentials can be provided to
buildkitd directly instead of relying on client's passing them in. They
can also be provided that way but this let's us support a centralized
cache as well.
See https:...S3 is one option for cache export and credentials can be provided to
buildkitd directly instead of relying on client's passing them in. They
can also be provided that way but this let's us support a centralized
cache as well.
See https://github.com/moby/buildkit#s3-cache-experimental
See https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html
Bug: T320746DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/8add buildkitd.toml to support insecure registries2022-11-18T00:32:28ZBrennen Bearnesadd buildkitd.toml to support insecure registriesBug: #323149Bug: #323149https://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/9helm: Fix `--config` argument2022-11-18T18:30:58ZDduvallhelm: Fix `--config` argumentPass `--config` and its argument as separate flags.Pass `--config` and its argument as separate flags.DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/10ci: Don't publish chart artifact during merge request pipelines2022-11-18T18:32:52ZDduvallci: Don't publish chart artifact during merge request pipelinesDduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/11helm: Fix mount path for buildkitd configmap2022-11-18T18:49:03ZDduvallhelm: Fix mount path for buildkitd configmapDduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/13helm: Refactor hpa template to use autoscaling/v2 schema2022-12-09T17:04:43ZDduvallhelm: Refactor hpa template to use autoscaling/v2 schemaDduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/14use trusted tag instead of protected2022-12-16T21:39:57ZJeltouse trusted tag instead of protectedTag of Trusted Runners was change to trusted instead
of protected. This should be more self explanatory.
To execute jobs on Trusted Runners, the new tag is needed now.
Bug: T325069Tag of Trusted Runners was change to trusted instead
of protected. This should be more self explanatory.
To execute jobs on Trusted Runners, the new tag is needed now.
Bug: T325069JeltoJeltohttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/16helm: Change port name to grpc for compat with Istio2023-01-24T23:18:47ZDduvallhelm: Change port name to grpc for compat with IstioIstio expects port names to convey the underlying application protocol
to give hints about what kind of routing can be applied.
See https://istio.io/v1.0/docs/setup/kubernetes/spec-requirements/
Bug: T327416Istio expects port names to convey the underlying application protocol
to give hints about what kind of routing can be applied.
See https://istio.io/v1.0/docs/setup/kubernetes/spec-requirements/
Bug: T327416DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/18Revert "helm: Change port name to grpc for compat with Istio"2023-01-26T19:12:48ZDduvallRevert "helm: Change port name to grpc for compat with Istio"This reverts commit 56149647828d456bbacaa99d282682da9c3e655c.
Bug: T327416This reverts commit 56149647828d456bbacaa99d282682da9c3e655c.
Bug: T327416DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/17Allow full control over buildkitd.toml2023-02-06T17:37:22ZChadAllow full control over buildkitd.tomlUse case is wider configuration of [registry."foo".*], namely the mirrors parameter. See upstream[0] config where they mention harbor ;-)
[0] https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.mdUse case is wider configuration of [registry."foo".*], namely the mirrors parameter. See upstream[0] config where they mention harbor ;-)
[0] https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.mdChadChadhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/19client: Ensure active/healthy connection prior to solve2023-02-06T22:55:48ZDduvallclient: Ensure active/healthy connection prior to solveProvide a `WaitForReady` client method that performs a preflight request
and specifies `grpc.WaitForReady(true)` to ensure that the
`grpc.ClientConn` has established the underlying connection and that it
can be considered available.
Per...Provide a `WaitForReady` client method that performs a preflight request
and specifies `grpc.WaitForReady(true)` to ensure that the
`grpc.ClientConn` has established the underlying connection and that it
can be considered available.
Performing this request prior to solves makes the client more robust in
environments where the server is behind a proxy or part of a service
mesh (e.g. Istio/Envoy). In these environments, connections may be
prematurely closed prior to any client requests due to circuit breaking
on max connections.
For the moment, this incurs a redundant request to `ListWorkers` which
seemed to be the more backwards compatible request to make as a
preflight; `Info` is not available in older versions. If buildkitd ever
implements the `grpc.health.v1.Health` directly on its server endpoint,
a `grpc.health.v1.Health/Check` may make more sense.
Signed-off-by: Dan Duvall <dduvall@wikimedia.org>DduvallDduvallhttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/20build all branches2023-02-07T19:11:37ZJeena Huneidibuild all branchesBuilds an image for MR to all branchesBuilds an image for MR to all brancheshttps://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/22build all branches2023-02-08T15:33:02ZJeena Huneidibuild all branchesremoves default branch rule.removes default branch rule.https://gitlab.wikimedia.org/repos/releng/buildkit/-/merge_requests/24wmf/Dockerfile: Update text2023-02-14T18:17:56ZAhmon Dancywmf/Dockerfile: Update textand tweak the debug packages.and tweak the debug packages.Ahmon DancyAhmon Dancy