From 0ea51d726ab09f1a74cf20d9949420baeb896f1d Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Thu, 15 Aug 2024 16:32:57 +0100 Subject: [PATCH 1/2] podvm_builder: Remove duplicated versions Just before the 0.9.0 release we found that the rust version in the builder image hadn't been updated when the `versions.yaml` was, which caused issues which certain builds that weren't in our CI tests. If we remove the defaults and enforce them to be specified, we can avoid this happening and stop having to maintain versions in multiple places. See #1939 for the example Signed-off-by: stevenhorsman --- src/cloud-api-adaptor/Makefile | 1 + .../podvm/Dockerfile.podvm_builder | 13 +++++-------- .../podvm/Dockerfile.podvm_builder.fedora | 12 +++++------- .../podvm/Dockerfile.podvm_builder.rhel | 17 ++++++++--------- 4 files changed, 19 insertions(+), 24 deletions(-) diff --git a/src/cloud-api-adaptor/Makefile b/src/cloud-api-adaptor/Makefile index c54fb769b..5ea540f0e 100644 --- a/src/cloud-api-adaptor/Makefile +++ b/src/cloud-api-adaptor/Makefile @@ -178,6 +178,7 @@ podvm-builder: --build-arg YQ_ARCH=$(ARCH) \ --build-arg PROTOC_ARCH=$(if $(filter amd64,$(ARCH)),x86_64,s390_64) \ --build-arg ORAS_VERSION=$(ORAS_VERSION) \ + --build-arg PACKER_VERSION=$(PACKER_VERSION) \ $(DOCKER_OPTS) . podvm-binaries: diff --git a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder index 7f8d09722..802c1778c 100644 --- a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder +++ b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder @@ -12,15 +12,12 @@ ARG ARCH="amd64" ARG YQ_ARCH="amd64" # PROTOC_ARCH="x86_64" | "s390_64" ARG PROTOC_ARCH="x86_64" -ARG GO_VERSION="1.22.7" -ARG PROTOC_VERSION="3.15.0" -ARG RUST_VERSION="1.75.0" -ARG YQ_VERSION="v4.35.1" -# amd64: YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" -# s390x: YQ_CHECKSUM="sha256:4e6324d08630e7df733894a11830412a43703682d65a76f1fc925aac08268a45" -ARG YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" +ARG GO_VERSION +ARG PROTOC_VERSION +ARG RUST_VERSION +ARG YQ_VERSION +ARG YQ_CHECKSUM ARG ORAS_VERSION - # Without setting ENV gh-action is failing to use the correct values ENV GO_VERSION=${GO_VERSION} ENV RUST_VERSION=${RUST_VERSION} diff --git a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.fedora b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.fedora index 6ca0cfec9..b3bdee6d6 100644 --- a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.fedora +++ b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.fedora @@ -11,14 +11,12 @@ ARG ARCH="amd64" ARG YQ_ARCH="amd64" # PROTOC_ARCH="x86_64" | "s390_64" ARG PROTOC_ARCH="x86_64" -ARG GO_VERSION="1.22.7" -ARG PROTOC_VERSION="3.15.0" -ARG RUST_VERSION="1.75.0" -ARG YQ_VERSION="v4.35.1" +ARG GO_VERSION +ARG PROTOC_VERSION +ARG RUST_VERSION +ARG YQ_VERSION +ARG YQ_CHECKSUM ARG ORAS_VERSION -# amd64: YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" -# s390x: YQ_CHECKSUM="sha256:4e6324d08630e7df733894a11830412a43703682d65a76f1fc925aac08268a45" -ARG YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" RUN dnf groupinstall -y 'Development Tools' && \ dnf install -y yum-utils gnupg git perl-core pkg-config libseccomp-devel gpgme-devel \ diff --git a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.rhel b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.rhel index ae8c274e2..ea0ff55a0 100644 --- a/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.rhel +++ b/src/cloud-api-adaptor/podvm/Dockerfile.podvm_builder.rhel @@ -12,15 +12,13 @@ ARG ARCH="amd64" ARG YQ_ARCH="amd64" # PROTOC_ARCH="x86_64" | "s390_64" ARG PROTOC_ARCH="x86_64" -ARG GO_VERSION="1.22.7" -ARG PROTOC_VERSION="3.15.0" -ARG RUST_VERSION="1.75.0" -ARG YQ_VERSION="v4.35.1" -ARG PACKER_VERSION="v1.9.4" -# amd64: YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" -# s390x: YQ_CHECKSUM="sha256:4e6324d08630e7df733894a11830412a43703682d65a76f1fc925aac08268a45" -ARG YQ_CHECKSUM="sha256:bd695a6513f1196aeda17b174a15e9c351843fb1cef5f9be0af170f2dd744f08" +ARG GO_VERSION +ARG PROTOC_VERSION +ARG RUST_VERSION +ARG PACKER_VERSION ARG ORAS_VERSION +ARG YQ_VERSION +ARG YQ_CHECKSUM ARG ORG_ID ARG ACTIVATION_KEY @@ -33,6 +31,7 @@ ENV ARCH=${ARCH} ENV YQ_ARCH=${YQ_ARCH} ENV YQ_VERSION=${YQ_VERSION} ENV ORAS_VERSION=${ORAS_VERSION} +ENV PACKER_VERSION=${PACKER_VERSION} # This registering RHEL when building on an unsubscribed system # If you are running a UBI container on a registered and subscribed RHEL host, the main RHEL Server repository is enabled inside the standard UBI container @@ -55,7 +54,7 @@ RUN chmod a+x /usr/local/bin/yq && \ rm -f go${GO_VERSION}.linux-${YQ_ARCH}.tar.gz ENV PATH="/usr/local/go/bin:${PATH}" -# Install packer. Packer doesn't does not have prebuilt s390x arch binaries above Packer version 0.1.5 +# Install packer. Packer doesn't have prebuilt s390x arch binaries beyond Packer version 0.1.5 RUN if [ "${ARCH}" == "s390x" ]; then \ git clone --depth 1 --single-branch https://github.com/hashicorp/packer.git -b ${PACKER_VERSION}; \ cd packer; \ From cabfd11c24d07a7a0d4226da7faa87bc5dbc245e Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Thu, 15 Aug 2024 16:38:47 +0100 Subject: [PATCH 2/2] doc: Update podvm_builder doc Similar to #1990, update the podvm_builder documentation to use the `make` command, rather than the docker file directly to hide the complexity and allow the versions to be picked up automatically Signed-off-by: stevenhorsman --- src/cloud-api-adaptor/podvm/README.md | 46 +++++++++++---------------- 1 file changed, 18 insertions(+), 28 deletions(-) diff --git a/src/cloud-api-adaptor/podvm/README.md b/src/cloud-api-adaptor/podvm/README.md index 8cf6e6455..b363e63d4 100644 --- a/src/cloud-api-adaptor/podvm/README.md +++ b/src/cloud-api-adaptor/podvm/README.md @@ -43,42 +43,32 @@ The builder image packages the cloud-api-adaptor and Kata Containers sources as the binaries (e.g. *kata-agent* and *agent-protocol-forwarder*) that should be installed in the podvm image. The builder image is agnostic to cloud providers in the sense that one can be used to build for multiple providers, however it is -dependent on the Linux distribution the image is built for. Therefore, in this directory you will find dockerfiles for each supported distributions, which are currently Ubuntu 20.04 ([Dockerfile.podvm_builder](./Dockerfile.podvm_builder)), and RHEL 9 ([Dockerfile.podvm_builder.rhel](./Dockerfile.podvm_builder.rhel)). - -As an example, to build the builder image for Ubuntu, run: +dependent on the Linux distribution the image is built for. Therefore, in this directory you will find dockerfiles for each +supported distributions, which are currently Ubuntu 20.04 ([Dockerfile.podvm_builder](./Dockerfile.podvm_builder)), +Fedora 39 ([Dockerfile.podvm_builder.fedora](./Dockerfile.podvm_builder)) and RHEL 9 +([Dockerfile.podvm_builder.rhel](./Dockerfile.podvm_builder.rhel)). +You can create the builder image using the make target by running: ```bash -$ docker build -t podvm_builder \ - -f Dockerfile.podvm_builder . +$ make -C .. podvm-builder ``` -Use `--build-arg` to pass build arguments to docker to overwrite default values if needed. Following are the arguments -currently accepted: - -| Argument | Default value | Description | -| ----------------- | ------------------------------------------------------------ | --------------------------------------------------------------- | -| GO\_VERSION | 1.22.7 | Go version | -| PROTOC\_VERSION | 3.15.0 | [Protobuf](https://github.com/protocolbuffers/protobuf) version | -| RUST\_VERSION | 1.75.0 | Rust version | -| YQ\_VERSION | v4.35.1 | [yq](https://github.com/mikefarah/yq/) version | - -As it can be noted in the table above the cloud-api-adaptor repository is cloned within the builder image, so rather than -copying the local source tree, it will be using the upstream source. But if you want to test local changes then you should: +You can optionally customize the builder image, by specify shell variables to the `make` command: +| Variable | Default value | Description | +| ------------------- | -------------- | --------------------------------------------------------------- | +| `ARCH` | `amd64`/`s390x`| Architecture of the podvm image to be built. Defaults to the architecture the of the current machine | +| `PODVM_DISTRO` | `ubuntu` | Valid options are `ubuntu`, `fedora` and `rhel` | +| `ORG_ID` | `""` | rhel only: the organization ID for Red Hat Subscription Management (RHSM) | +| `ACTIVATION_KEY` | `""` | rhel only: the activation key for Red Hat Subscription Management (RHSM) | -* Push the changes to your fork in github (e.g. https://github.com/$USER/cloud-api-adaptor/tree/my-changes-in-a-branch). -* Overwrite the *CAA_SRC* and *CAA_SRC_REF* arguments as shown below: - -```bash -$ docker build -t podvm_builder \ - --build-arg CAA_SRC=https://github.com/$USER/cloud-api-adaptor \ - --build-arg CAA_SRC_REF=my-changes-in-a-branch \ - -f Dockerfile.podvm_builder . +e.g. to produce an s390x architecture builder image +``` +ARCH=s390x make -C .. podvm-builder ``` ## Building the image containing the podvm binaries -We have make targets handy for you. Make sure you are under the -`src/cloud-api-adaptor` folder. +Like the builder image, we have make targets for the binaries image in the parent directory. > **Note:** The `BUILDER_IMG` environment variable is crucial as it specifies > the builder image, which is the result of the previous step build. Ensure you @@ -87,7 +77,7 @@ We have make targets handy for you. Make sure you are under the To build the binaries image, use the following command: ```bash -$ BUILDER_IMG= make podvm-binaries +$ BUILDER_IMG= make -C .. podvm-binaries ``` The build process can take significant time.