github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-07-21 02:40:57 +00:00
Code Issues Projects Releases Wiki Activity

workflows: Build rootfs after its deps are built

Browse Source 
By doing this we can just re-use the dependencies already built, saving
us a reasonable amount of time.

Signed-off-by: Fabiano Fidêncio <fabiano@fidencio.org>
This commit is contained in:
Fabiano Fidêncio 2024-10-24 11:13:31 +02:00
parent eb07a809ce
commit 13ea082531
No known key found for this signature in database
GPG Key ID: EE926C2BDACC177B
4 changed files with 259 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
.github/workflows/build-kata-static-tarball-amd64.yaml vendored
View File

@ -53,11 +53,6 @@ jobs:
- qemu - qemu
- qemu-snp-experimental - qemu-snp-experimental
- stratovirt - stratovirt
- rootfs-image
- rootfs-image-confidential
- rootfs-image-mariner
- rootfs-initrd
- rootfs-initrd-confidential
- runk - runk
- trace-forwarder - trace-forwarder
- virtiofsd - virtiofsd
@ -142,6 +137,70 @@ jobs:
retention-days: 15 retention-days: 15
if-no-files-found: error if-no-files-found: error
build-asset-rootfs:
runs-on: ubuntu-22.04
needs: build-asset
strategy:
matrix:
asset:
- rootfs-image
- rootfs-image-confidential
- rootfs-image-mariner
- rootfs-initrd
- rootfs-initrd-confidential
steps:
- name: Login to Kata Containers quay.io
if: ${{ inputs.push-to-registry == 'yes' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.commit-hash }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Rebase atop of the latest target branch
run: |
./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
env:
TARGET_BRANCH: ${{ inputs.target-branch }}
- name: get-artifacts
uses: actions/download-artifact@v4
with:
pattern: kata-artifacts-amd64-*${{ inputs.tarball-suffix }}
path: kata-artifacts
merge-multiple: true
- name: Build ${{ matrix.asset }}
id: build
run: |
./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
make "${KATA_ASSET}-tarball"
build_dir=$(readlink -f build)
# store-artifact does not work with symlink
mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
ARTEFACT_REGISTRY: ghcr.io
ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
TARGET_BRANCH: ${{ inputs.target-branch }}
RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v4
with:
name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
retention-days: 15
if-no-files-found: error
build-asset-shim-v2: build-asset-shim-v2:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
needs: build-asset needs: build-asset
@ -192,7 +251,7 @@ jobs:
create-kata-tarball: create-kata-tarball:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
needs: [build-asset, build-asset-shim-v2] needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:

64
.github/workflows/build-kata-static-tarball-arm64.yaml vendored
View File

@ -35,8 +35,6 @@ jobs:
- nydus - nydus
- qemu - qemu
- stratovirt - stratovirt
- rootfs-image
- rootfs-initrd
- virtiofsd - virtiofsd
steps: steps:
- name: Login to Kata Containers quay.io - name: Login to Kata Containers quay.io
@ -74,6 +72,66 @@ jobs:
TARGET_BRANCH: ${{ inputs.target-branch }} TARGET_BRANCH: ${{ inputs.target-branch }}
RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }} RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v4
with:
name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }}
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
retention-days: 15
if-no-files-found: error
build-asset-rootfs:
runs-on: arm64-builder
needs: build-asset
strategy:
matrix:
asset:
- rootfs-image
- rootfs-initrd
steps:
- name: Login to Kata Containers quay.io
if: ${{ inputs.push-to-registry == 'yes' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.commit-hash }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Rebase atop of the latest target branch
run: |
./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
env:
TARGET_BRANCH: ${{ inputs.target-branch }}
- name: get-artifacts
uses: actions/download-artifact@v4
with:
pattern: kata-artifacts-arm64-*${{ inputs.tarball-suffix }}
path: kata-artifacts
merge-multiple: true
- name: Build ${{ matrix.asset }}
run: |
./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
make "${KATA_ASSET}-tarball"
build_dir=$(readlink -f build)
# store-artifact does not work with symlink
mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
ARTEFACT_REGISTRY: ghcr.io
ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
TARGET_BRANCH: ${{ inputs.target-branch }}
RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
- name: store-artifact ${{ matrix.asset }} - name: store-artifact ${{ matrix.asset }}
if: ${{ inputs.stage != 'release' }} if: ${{ inputs.stage != 'release' }}
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
@ -132,7 +190,7 @@ jobs:
create-kata-tarball: create-kata-tarball:
runs-on: arm64-builder runs-on: arm64-builder
needs: [build-asset, build-asset-shim-v2] needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
steps: steps:
- name: Adjust a permission for repo - name: Adjust a permission for repo
run: | run: |

69
.github/workflows/build-kata-static-tarball-ppc64le.yaml vendored
View File

@ -30,7 +30,6 @@ jobs:
- agent - agent
- kernel - kernel
- qemu - qemu
- rootfs-initrd
- virtiofsd - virtiofsd
stage: stage:
- ${{ inputs.stage }} - ${{ inputs.stage }}
@ -84,6 +83,72 @@ jobs:
retention-days: 1 retention-days: 1
if-no-files-found: error if-no-files-found: error
build-asset-rootfs:
runs-on: ppc64le
needs: build-asset
strategy:
matrix:
asset:
- rootfs-initrd
stage:
- ${{ inputs.stage }}
steps:
- name: Prepare the self-hosted runner
run: |
${HOME}/scripts/prepare_runner.sh
sudo rm -rf $GITHUB_WORKSPACE/*
- name: Login to Kata Containers quay.io
if: ${{ inputs.push-to-registry == 'yes' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.commit-hash }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Rebase atop of the latest target branch
run: |
./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
env:
TARGET_BRANCH: ${{ inputs.target-branch }}
- name: get-artifacts
uses: actions/download-artifact@v4
with:
pattern: kata-artifacts-ppc64le-*${{ inputs.tarball-suffix }}
path: kata-artifacts
merge-multiple: true
- name: Build ${{ matrix.asset }}
run: |
./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
make "${KATA_ASSET}-tarball"
build_dir=$(readlink -f build)
# store-artifact does not work with symlink
mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
ARTEFACT_REGISTRY: ghcr.io
ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
TARGET_BRANCH: ${{ inputs.target-branch }}
RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v4
with:
name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }}
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
retention-days: 1
if-no-files-found: error
build-asset-shim-v2: build-asset-shim-v2:
runs-on: ppc64le runs-on: ppc64le
needs: build-asset needs: build-asset
@ -138,7 +203,7 @@ jobs:
create-kata-tarball: create-kata-tarball:
runs-on: ppc64le runs-on: ppc64le
needs: [build-asset, build-asset-shim-v2] needs: [build-asset, build-asset-rootfs, build-asset-shim-v2]
steps: steps:
- name: Adjust a permission for repo - name: Adjust a permission for repo
run: | run: |

77
.github/workflows/build-kata-static-tarball-s390x.yaml vendored
View File

@ -38,10 +38,6 @@ jobs:
- kernel-confidential - kernel-confidential
- pause-image - pause-image
- qemu - qemu
- rootfs-image
- rootfs-image-confidential
- rootfs-initrd
- rootfs-initrd-confidential
- virtiofsd - virtiofsd
env: env:
PERFORM_ATTESTATION: ${{ matrix.asset == 'agent' && inputs.push-to-registry == 'yes' && 'yes' || 'no' }} PERFORM_ATTESTATION: ${{ matrix.asset == 'agent' && inputs.push-to-registry == 'yes' && 'yes' || 'no' }}
@ -114,9 +110,72 @@ jobs:
retention-days: 15 retention-days: 15
if-no-files-found: error if-no-files-found: error
build-asset-boot-image-se: build-asset-rootfs:
runs-on: s390x runs-on: s390x
needs: build-asset needs: build-asset
strategy:
matrix:
asset:
- rootfs-image
- rootfs-image-confidential
- rootfs-initrd
- rootfs-initrd-confidential
steps:
- name: Login to Kata Containers quay.io
if: ${{ inputs.push-to-registry == 'yes' }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_DEPLOYER_USERNAME }}
password: ${{ secrets.QUAY_DEPLOYER_PASSWORD }}
- uses: actions/checkout@v4
with:
ref: ${{ inputs.commit-hash }}
fetch-depth: 0 # This is needed in order to keep the commit ids history
- name: Rebase atop of the latest target branch
run: |
./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch"
env:
TARGET_BRANCH: ${{ inputs.target-branch }}
- name: get-artifacts
uses: actions/download-artifact@v4
with:
pattern: kata-artifacts-s390x-*${{ inputs.tarball-suffix }}
path: kata-artifacts
merge-multiple: true
- name: Build ${{ matrix.asset }}
id: build
run: |
./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "${KATA_ASSET}"
make "${KATA_ASSET}-tarball"
build_dir=$(readlink -f build)
# store-artifact does not work with symlink
mkdir -p kata-build && cp "${build_dir}"/kata-static-${KATA_ASSET}*.tar.* kata-build/.
env:
KATA_ASSET: ${{ matrix.asset }}
TAR_OUTPUT: ${{ matrix.asset }}.tar.gz
PUSH_TO_REGISTRY: ${{ inputs.push-to-registry }}
ARTEFACT_REGISTRY: ghcr.io
ARTEFACT_REGISTRY_USERNAME: ${{ github.actor }}
ARTEFACT_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
TARGET_BRANCH: ${{ inputs.target-branch }}
RELEASE: ${{ inputs.stage == 'release' && 'yes' || 'no' }}
- name: store-artifact ${{ matrix.asset }}
uses: actions/upload-artifact@v4
with:
name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }}
path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
retention-days: 15
if-no-files-found: error
build-asset-boot-image-se:
runs-on: s390x
needs: [build-asset, build-asset-rootfs]
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -142,11 +201,7 @@ jobs:
- name: Build boot-image-se - name: Build boot-image-se
run: | run: |
base_dir=tools/packaging/kata-deploy/local-build/ ./tests/gha-adjust-to-use-prebuilt-components.sh kata-artifacts "boot-image-se"
cp -r kata-artifacts ${base_dir}/build
# Skip building dependant artifacts of boot-image-se-tarball
# because we already have them from the previous build
sed -i 's/\(^boot-image-se-tarball:\).*/\1/g' ${base_dir}/Makefile
make boot-image-se-tarball make boot-image-se-tarball
build_dir=$(readlink -f build) build_dir=$(readlink -f build)
sudo cp -r "${build_dir}" "kata-build" sudo cp -r "${build_dir}" "kata-build"
@ -212,7 +267,7 @@ jobs:
create-kata-tarball: create-kata-tarball:
runs-on: s390x runs-on: s390x
needs: [build-asset, build-asset-boot-image-se, build-asset-shim-v2] needs: [build-asset, build-asset-rootfs, build-asset-boot-image-se, build-asset-shim-v2]
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with: