diff --git a/Makefile b/Makefile index fe16466..0d7ce9c 100644 --- a/Makefile +++ b/Makefile @@ -58,7 +58,7 @@ HTTPS_PROXY ?= OS := $(if $(GOOS),$(GOOS),$(shell go env GOOS)) ARCH := $(if $(GOARCH),$(GOARCH),$(shell go env GOARCH)) -BASEIMAGE ?= k8s.gcr.io/build-image/debian-iptables:bullseye-v1.5.0 +BASEIMAGE ?= k8s.gcr.io/build-image/distroless-iptables:v0.1.1 TAG := $(VERSION)__$(OS)_$(ARCH) @@ -207,6 +207,12 @@ $(LICENSES): | $(BUILD_DIRS) ./bin/tools/go-licenses save ./... --save_path=$(LICENSES) chmod -R a+rx $(LICENSES) +# Create a buildx builder which will create cross platform builds. +# The default builder does not support multi-arch. +.PHONY: buildx-setup +buildx-setup: + docker buildx inspect img-builder > /dev/null || docker buildx create --name img-builder --use + CONTAINER_DOTFILES = $(foreach bin,$(BINS),.container-$(subst /,_,$(REGISTRY)/$(bin))-$(TAG)) # We print the container names here, rather than in CONTAINER_DOTFILES so @@ -228,7 +234,7 @@ $(foreach bin,$(BINS),$(eval \ )) # This is the target definition for all container-dotfiles. # These are used to track build state in hidden files. -$(CONTAINER_DOTFILES): +$(CONTAINER_DOTFILES): buildx-setup echo sed \ -e 's|{ARG_BIN}|$(BIN)$(BIN_EXTENSION)|g' \ @@ -236,8 +242,9 @@ $(CONTAINER_DOTFILES): -e 's|{ARG_OS}|$(OS)|g' \ -e 's|{ARG_FROM}|$(BASEIMAGE)|g' \ Dockerfile.in > .dockerfile-$(BIN)-$(OS)_$(ARCH) - docker build \ + docker buildx build \ --no-cache \ + --load --platform $(OS)/$(ARCH) \ -t $(REGISTRY)/$(BIN):$(TAG) \ -f .dockerfile-$(BIN)-$(OS)_$(ARCH) \ . diff --git a/ip-masq-agent.yaml b/ip-masq-agent.yaml index 6aff1c6..8cf7aab 100644 --- a/ip-masq-agent.yaml +++ b/ip-masq-agent.yaml @@ -15,7 +15,7 @@ spec: hostNetwork: true containers: - name: ip-masq-agent - image: k8s.gcr.io/networking/ip-masq-agent:v2.7.1 + image: k8s.gcr.io/networking/ip-masq-agent:v2.8.0 securityContext: privileged: false capabilities: