Skip to content

Commit e959d77

Browse files
Validate docker image before uploading to registry (#21916)
Why I did it Before pushing the newly built docker image to the registry, we add a verification step to ensure the image is valid. Work item tracking Microsoft ADO (number only): How I did it Before pushing the newly built Docker image to the registry, we add a verification step to ensure the image is valid. How to verify it For ref https://dev.azure.com/mssonic/build/_build/results?buildId=794495&view=results If the validate step fails, it won't push the image to registry.
1 parent 0af7918 commit e959d77

File tree

1 file changed

+41
-5
lines changed

1 file changed

+41
-5
lines changed

.azure-pipelines/docker-sonic-mgmt.yml

+41-5
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,13 @@ pr:
2020
include:
2121
- dockers/docker-sonic-mgmt
2222

23+
resources:
24+
repositories:
25+
- repository: sonic-mgmt
26+
type: github
27+
name: sonic-net/sonic-mgmt
28+
endpoint: sonic-net
29+
2330
parameters:
2431
- name: registry_url
2532
type: string
@@ -46,7 +53,6 @@ stages:
4653
- bash: |
4754
set -xe
4855
git submodule update --init --recursive -- src/sonic-platform-daemons src/sonic-genl-packet src/sonic-sairedis src/ptf src/sonic-device-data src/sonic-dash-api
49-
5056
make SONIC_BUILD_JOBS=$(nproc) DEFAULT_CONTAINER_REGISTRY=publicmirror.azurecr.io ENABLE_DOCKER_BASE_PULL=y configure PLATFORM=generic
5157
make -f Makefile.work BLDENV=bullseye SONIC_BUILD_JOBS=$(nproc) DEFAULT_CONTAINER_REGISTRY=publicmirror.azurecr.io ENABLE_DOCKER_BASE_PULL=y LEGACY_SONIC_MGMT_DOCKER=y target/docker-sonic-mgmt.gz
5258
cp target -r $(Build.ArtifactStagingDirectory)/target
@@ -55,14 +61,44 @@ stages:
5561
env:
5662
REGISTRY_SERVER: ${{ parameters.registry_url }}
5763
displayName: Build docker-sonic-mgmt.gz
64+
65+
- publish: $(Build.ArtifactStagingDirectory)
66+
artifact: 'docker-sonic-mgmt'
67+
displayName: "Archive docker image sonic-mgmt"
68+
69+
- job: validate_docker_image_and_upload
70+
pool: sonicbld-1es
71+
timeoutInMinutes: 360
72+
dependsOn: Build
73+
steps:
74+
- checkout: sonic-mgmt
75+
clean: true
76+
displayName: 'Checkout sonic-mgmt'
77+
78+
- download: current
79+
artifact: 'docker-sonic-mgmt'
80+
displayName: "Download docker image sonic-mgmt"
81+
82+
- script: |
83+
set -ex
84+
85+
docker load -i $(Pipeline.Workspace)/docker-sonic-mgmt/target/docker-sonic-mgmt.gz
86+
87+
cd ansible
88+
sudo ./setup-management-network.sh -d
89+
cd ../
90+
docker rm -f sonic-mgmt
91+
92+
./setup-container.sh -n sonic-mgmt -d /data -i docker-sonic-mgmt -v
93+
94+
docker exec sonic-mgmt bash -c "echo 'Container is running' && ps aux"
95+
displayName: 'Setup sonic-mgmt docker container and verify'
96+
5897
- task: Docker@2
5998
displayName: Upload image
99+
condition: succeeded()
60100
inputs:
61101
containerRegistry: ${{ parameters.registry_conn }}
62102
repository: docker-sonic-mgmt
63103
command: push
64104
tags: latest
65-
- publish: $(Build.ArtifactStagingDirectory)
66-
artifact: 'docker-sonic-mgmt'
67-
displayName: "Archive docker image sonic-mgmt"
68-

0 commit comments

Comments
 (0)