This change allows the CVE_UPGRADES build arg to be set
to address CVEs in base images instead of requesting waivers.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
This change adds CI definitions for building the toolkit-container
images. This modifies the existing CI and replaces the build-one
stage with multiple stages that do the following:
* peform the standard golang checks
* build the packages required by the images
* build the images for supported platforms
* releases the images (currently to the CI staging registry)
The build-all stage is included as a final step in the CI. This is
run after the release stage as the target platforms are not requried
from an imaging perspective. The build-all stage is only run on
MRs or tagged builds.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
This change adds platform-specific Dockerfiles and a Makefile
to build the toolkit-container images.
This image builds the container-config commands from the tools
directory and installs the components of the NVIDIA Container Toolkit
directly from the nvidia-container-toolkit and libnvidia-container*
packages in the dist directory.
This includes make targets for the centos7, centos8, ubuntu18.04,
and ubi8 container-toolkit images as well as the container tests
make targets implemented in the contianer-config repository.
Files adapted from:
383587f766
Signed-off-by: Evan Lezar <elezar@nvidia.com>
