Puppet Class: buildkitd

Defined in:
modules/buildkitd/manifests/init.pp

Summary

Provisions buildkitd within a Docker network

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • ensure (Wmflib::Ensure)

    Whether to have buildkitd present or absent

  • network (String)

    Docker network name on which to run the buildkitd container

  • address (Stdlib::IP::Address) (defaults to: '0.0.0.0')

    Bind to a specific address within the Docker network

  • port (Stdlib::Port) (defaults to: 1234)

    Port to listen on

  • image (String) (defaults to: 'docker-registry.wikimedia.org/repos/releng/buildkit:wmf-v0.11-8')

    Ref to the buildkitd image to run

  • nameservers (Array[Stdlib::Host]) (defaults to: [])

    DNS nameservers to configure for OCI worker containers.

  • environment (Wmflib::POSIX::Variables) (defaults to: {})

    Environment variables to set for the buildkitd container.

  • gckeepstorage (Optional[String]) (defaults to: undef)

    Local buildkitd cache to keep after garbage collection (e.g. “10Gb”)

  • cni_pool_size (Integer) (defaults to: 20)

    Size of the preallocated pool of CNI network namespaces.

  • allowed_frontends (Optional[Array[String]]) (defaults to: undef)
  • allowed_gateway_sources (Optional[Array[String]]) (defaults to: undef) 


14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'modules/buildkitd/manifests/init.pp', line 14

class buildkitd(
    Wmflib::Ensure           $ensure,
    String                   $network,
    Stdlib::IP::Address      $address = '0.0.0.0',
    Stdlib::Port             $port = 1234,
    String                   $image = 'docker-registry.wikimedia.org/repos/releng/buildkit:wmf-v0.11-8',
    Array[Stdlib::Host]      $nameservers = [],
    Wmflib::POSIX::Variables $environment = {},
    Optional[String]         $gckeepstorage = undef,
    Integer                  $cni_pool_size = 20,
    Optional[Array[String]]  $allowed_frontends = undef,
    Optional[Array[String]]  $allowed_gateway_sources = undef,
){
    group { 'buildkitd':
        ensure => $ensure,
        name   => 'buildkitd',
        system => true,
    }

    user { 'buildkitd':
        ensure  => $ensure,
        system  => true,
        groups  => 'docker',
        require => [
            Class['docker'],
            Group['buildkitd'],
        ],
    }

    file { '/etc/buildkitd.toml':
        ensure  => stdlib::ensure($ensure, 'file'),
        content => template('buildkitd/buildkitd.toml.erb'),
        owner   => 'root',
        group   => 'root',
        mode    => '0644',
    }

    file { '/etc/default/buildkitd':
        ensure  => stdlib::ensure($ensure, 'file'),
        content => template('buildkitd/buildkitd.env.erb'),
        owner   => 'root',
        group   => 'root',
        mode    => '0644',
    }

    systemd::service { 'buildkitd':
        ensure    => $ensure,
        content   => template('buildkitd/buildkitd.service.erb'),
        restart   => true,
        require   => [
            Class['docker'],
            User['buildkitd'],
        ],
        subscribe => File['/etc/buildkitd.toml', '/etc/default/buildkitd'],
    }
}