On macOS mktemp -d drops something in /var/folders, which isn't
shared by default with Docker for Mac. Thus I can't run docker
with that volume mounted to build binaries for test images. So
instead, tell mktemp to use kubernetes/_tmp as its base, which
is what I see some of the hack/verify-* scripts use.
Automatic merge from submit-queue (batch tested with PRs 67058, 67083, 67220, 67222, 67209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Fix permissions of qemu-ARCH-static in debian-base and other images
**What this PR does / why we need it**: proper fix for the issue I found in #67215. Some machines (like apparently workstations at Google) have a restrictive umask, so the `qemu-ARCH-static` binaries were getting installed in images without world read/execute permissions, causing utilities like `apt-get` to fail.
There was also a duplicate download/install of these binaries for `debian-iptables`, which further confused the issue. I've since removed that duplicate installation.
Many thanks to @BenTheElder for asking the right question to get me to look at the permissions again.
I haven't pushed any images yet. After merge, I'll build/promote `debian-base:0.3.2`, then update everything to use it, then push some more images, write some more PRs, ...
**Release note**:
```release-note
NONE
```
/assign @tallclair
Automatic merge from submit-queue (batch tested with PRs 67058, 67083, 67220, 67222, 67209). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
Add a check for docker version to push fat manifest images
**What this PR does / why we need it**:
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
This is for adding a check to avoid any corrupted fat manifest creation.
**Special notes for your reviewer**:
@dims @luxas
**Release note**:
```release-note
NONE
```
Manifests seem sticky in docker, so let's try to purge so if
we have re-push a fresh set of containers (with same version number as
before) during testing, the manifests are created fresh.
Change-Id: I41c010c08bd50b68ff6973a4ae1e004824fab178
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.
test image for a release 1.7 based sample-apiserver
**What this PR does / why we need it**:
In our e2e test suite we have use an image "gcr.io/kubernetes-e2e-test-images:k8s-aggregator-sample-apiserver:1.7v2". We need a way to build a fresh image that can we can use instead of that one. Especially we need one that has a multi-arch fat manifest so e2e tests can be run across multiple architectures.
This is especially important since we are in the process of promoting the test in question to the conformance suite - https://github.com/kubernetes/kubernetes/pull/63947
**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #
**Special notes for your reviewer**:
/cc @mkumatag
/cc @ixdy
/cc @luxas
**Release note**:
```release-note
NONE
```
- Remove debian-security for a couple of arch(es) as they are not
available in the debian repos
- Also fix up the unbound SED problem with push() method
Change-Id: Ibb14ead9581954b66b39c02bcefb5adaa2464fab
Jeff Grafton