From 2f0f78149c9a9bd0233a78524fb51f090027cc60 Mon Sep 17 00:00:00 2001
From: Drew Reed <Drew.Reed@arm.com>
Date: Thu, 19 Jan 2023 08:40:53 +0000
Subject: [PATCH 1/2] ci: Move to new template version v1.1.1

As the new GitLab runners require us to build containers via buildah
this change updates us to the latest template version incorporating
the change.

Changelog: other
Signed-off-by: Drew Reed <Drew.Reed@arm.com>
---
 .gitlab-ci.yml                     | 4 ++--
 .gitlab/ci/docker-image-builds.yml | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 30ea5dc..d5eb4af 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2022 Arm Limited or its affiliates. All rights reserved.
+# Copyright (c) 2022-2023 Arm Limited or its affiliates. All rights reserved.
 #
 # SPDX-License-Identifier: MIT
 ---
@@ -36,7 +36,7 @@ variables:
 # include jobs
 include:
   - project: $PIPELINE_TEMPLATE_PROJECT
-    ref: v0.0.13
+    ref: v1.1.1
     file:
       - gitlab-ci/common_gitlab-ci.yml
       - gitlab-ci/docker-image-base_gitlab-ci.yml
diff --git a/.gitlab/ci/docker-image-builds.yml b/.gitlab/ci/docker-image-builds.yml
index 31898b7..b3a99d9 100644
--- a/.gitlab/ci/docker-image-builds.yml
+++ b/.gitlab/ci/docker-image-builds.yml
@@ -18,7 +18,7 @@ Build-Kas-Docker-Arch-Image:
     - ${BUILD_ARCH}
   variables: &Build-Kas-Docker-Arch-Image_variables
     DOCKER_IMAGE_NAME: kas-build-image
-    KANIKO_BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
+    BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
   rules: &Build-Kas-Docker-Arch-Image_rules
     - changes:
         - .gitlab-ci.yml
@@ -42,7 +42,7 @@ Build-Utility-Docker-Arch-Image:
   tags: *Build-Kas-Docker-Arch-Image_tags
   variables: &Build-Utility-Docker-Arch-Image_variables
     DOCKER_IMAGE_NAME: utility-image
-    KANIKO_BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
+    BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
   rules: &Build-Utility-Docker-Arch-Image_rules
     - changes:
         - .gitlab-ci.yml
@@ -66,7 +66,7 @@ Build-Lava-Docker-Arch-Image:
   tags: *Build-Kas-Docker-Arch-Image_tags
   variables: &Build-Lava-Docker-Arch-Image_variables
     DOCKER_IMAGE_NAME: lava-test-image
-    KANIKO_BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
+    BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
   rules: &Build-Lava-Docker-Arch-Image_rules
     - changes:
         - .gitlab-ci.yml
-- 
GitLab


From b0403bc1555ef5c875a486dd861b156955814a77 Mon Sep 17 00:00:00 2001
From: Drew Reed <Drew.Reed@arm.com>
Date: Fri, 3 Feb 2023 14:13:49 +0000
Subject: [PATCH 2/2] ci: Switch to using upstream kas container

We no longer have to specify the user and group id in the kas Dockerfile
as the entrypoint can now be run by setting some kubernetes variables.
Remove the kas Dockerfile.
Set git to treat the project directory as safe since the files are
checked out as root but the build is executed as another user.

Signed-off-by: Drew Reed <Drew.Reed@arm.com>
---
 .../Dockerfiles/kas-build-image/Dockerfile    | 16 ----------
 .gitlab/ci/cassini-build.yml                  | 10 +++++--
 .gitlab/ci/docker-image-builds.yml            | 30 ++-----------------
 .gitlab/ci/trigger-image-builds.yml           |  5 +---
 4 files changed, 12 insertions(+), 49 deletions(-)
 delete mode 100644 .gitlab/Dockerfiles/kas-build-image/Dockerfile

diff --git a/.gitlab/Dockerfiles/kas-build-image/Dockerfile b/.gitlab/Dockerfiles/kas-build-image/Dockerfile
deleted file mode 100644
index 15de50d..0000000
--- a/.gitlab/Dockerfiles/kas-build-image/Dockerfile
+++ /dev/null
@@ -1,16 +0,0 @@
-# Copyright (c) 2022-2023, Arm Limited and/or its affiliates.
-#
-# SPDX-License-Identifier: MIT
-ARG GHCR_MIRROR=ghcr.io/
-
-FROM ${GHCR_MIRROR}siemens/kas/kas:latest-release
-
-ARG local_user=cassini-ci
-ARG user_id=999
-ARG group_id=999
-
-RUN groupadd -g $group_id $local_user && useradd --no-log-init -m -d /builder -g $local_user -u $user_id $local_user \
-  && chown -R $local_user:$local_user /builder \
-  && cd /builder
-
-USER $local_user
diff --git a/.gitlab/ci/cassini-build.yml b/.gitlab/ci/cassini-build.yml
index 6190f4f..ceca8ad 100644
--- a/.gitlab/ci/cassini-build.yml
+++ b/.gitlab/ci/cassini-build.yml
@@ -13,10 +13,15 @@
     TOOLCHAIN_DIR: $CACHE_DIR/$PROJECT_VERSION/toolchains
 
 .kas_build:
-  image: $CI_REGISTRY/$CI_PROJECT_PATH/$DOCKER_IMAGE_NAME:$DOCKER_IMAGE_TAG
+  image: ${MIRROR_GHCR}/siemens/kas/kas:3.2
   variables:
-    DOCKER_IMAGE_NAME: kas-build-image
     KAS_REPO_REF_DIR: $CACHE_DIR/$PROJECT_VERSION/repos
+    # These are needed as GitLab doesn't respect the container
+    # entrypoint by default
+    FF_KUBERNETES_HONOR_ENTRYPOINT: 1
+    FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0
+    USER_ID: 999
+    GROUP_ID: 999
 
 # Extend the kas base build to enab;e to use of repos that are not yet public
 .kas_build_cassini:
@@ -36,6 +41,7 @@
         https://${CI_SERVER_HOST}
     - git config --global user.email "you@example.com"
     - git config --global user.name "Your Name"
+    - git config --global --add safe.directory ${CI_PROJECT_DIR}
     # export parent pipeline global variables
     - echo PARENT_PIPELINE_ID = $PARENT_PIPELINE_ID
     - !reference [".kas_build", before_script]
diff --git a/.gitlab/ci/docker-image-builds.yml b/.gitlab/ci/docker-image-builds.yml
index b3a99d9..2e5638b 100644
--- a/.gitlab/ci/docker-image-builds.yml
+++ b/.gitlab/ci/docker-image-builds.yml
@@ -6,7 +6,7 @@
 .if-new-merge-request: &if-new-merge-request
   if: '$CI_MERGE_REQUEST_IID && ($CI_MERGE_REQUEST_PROJECT_ID != $CI_MERGE_REQUEST_SOURCE_PROJECT_ID)'
 
-Build-Kas-Docker-Arch-Image:
+Build-Utility-Docker-Arch-Image:
   extends: .build-docker-image
   parallel: &Build-Matrix
     matrix:
@@ -14,32 +14,8 @@ Build-Kas-Docker-Arch-Image:
         ARCH_SUFFIX: -amd64
       - BUILD_ARCH: arm64
         ARCH_SUFFIX: -arm64v8
-  tags: &Build-Kas-Docker-Arch-Image_tags
+  tags: &Build-Arch-Image_tags
     - ${BUILD_ARCH}
-  variables: &Build-Kas-Docker-Arch-Image_variables
-    DOCKER_IMAGE_NAME: kas-build-image
-    BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
-  rules: &Build-Kas-Docker-Arch-Image_rules
-    - changes:
-        - .gitlab-ci.yml
-        - .gitlab/ci/docker-image-builds.yml
-        - .gitlab/Dockerfiles/kas-build-image/**/*
-    - <<: *if-new-merge-request
-
-Build-Kas-Docker-Image:
-  extends:
-    - .build-docker-image
-    - .build-docker-multiarch-image
-  variables: *Build-Kas-Docker-Arch-Image_variables
-  rules: *Build-Kas-Docker-Arch-Image_rules
-  needs:
-    - job: Build-Kas-Docker-Arch-Image
-      artifacts: false
-
-Build-Utility-Docker-Arch-Image:
-  extends: .build-docker-image
-  parallel: *Build-Matrix
-  tags: *Build-Kas-Docker-Arch-Image_tags
   variables: &Build-Utility-Docker-Arch-Image_variables
     DOCKER_IMAGE_NAME: utility-image
     BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
@@ -63,7 +39,7 @@ Build-Utility-Docker-Image:
 Build-Lava-Docker-Arch-Image:
   extends: .build-docker-image
   parallel: *Build-Matrix
-  tags: *Build-Kas-Docker-Arch-Image_tags
+  tags: *Build-Arch-Image_tags
   variables: &Build-Lava-Docker-Arch-Image_variables
     DOCKER_IMAGE_NAME: lava-test-image
     BUILD_CONTEXT: $CI_PROJECT_DIR/.gitlab/Dockerfiles/$DOCKER_IMAGE_NAME
diff --git a/.gitlab/ci/trigger-image-builds.yml b/.gitlab/ci/trigger-image-builds.yml
index db97c3e..667b041 100644
--- a/.gitlab/ci/trigger-image-builds.yml
+++ b/.gitlab/ci/trigger-image-builds.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2022 Arm Limited or its affiliates. All rights reserved.
+# Copyright (c) 2022-2023 Arm Limited or its affiliates. All rights reserved.
 #
 # SPDX-License-Identifier: MIT
 ---
@@ -48,9 +48,6 @@ merge_jobs:
 trigger_jobs:
   needs:
     - merge_jobs
-    - job: Build-Kas-Docker-Image
-      optional: true
-      artifacts: false
     - job: Build-Utility-Docker-Image
       optional: true
       artifacts: false
-- 
GitLab