diff --git a/.github/workflows/gather-artifacts.sh b/.github/workflows/gather-artifacts.sh deleted file mode 100755 index 0e75ea3609..0000000000 --- a/.github/workflows/gather-artifacts.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# Copyright (c) 2019 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o pipefail - -pushd kata-artifacts >>/dev/null -for c in ./*.tar.gz -do - echo "untarring tarball $c" - tar -xvf $c -done - -tar cvfJ ../kata-static.tar.xz ./opt -popd >>/dev/null diff --git a/.github/workflows/generate-artifact-tarball.sh b/.github/workflows/generate-artifact-tarball.sh deleted file mode 100755 index ea5051992a..0000000000 --- a/.github/workflows/generate-artifact-tarball.sh +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash -# Copyright (c) 2019 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o pipefail - - -main() { - artifact_stage=${1:-} - artifact=$(echo ${artifact_stage} | sed -n -e 's/^install_//p' | sed -r 's/_/-/g') - if [ -z "${artifact}" ]; then - "Scripts needs artifact name to build" - exit 1 - fi - - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - export GOPATH=$HOME/go - - go get github.com/kata-containers/packaging || true - pushd $GOPATH/src/github.com/kata-containers/packaging/release >>/dev/null - git checkout $tag - pushd ../obs-packaging - ./gen_versions_txt.sh $tag - popd - - source ./kata-deploy-binaries.sh - ${artifact_stage} $tag - popd - - mv $HOME/go/src/github.com/kata-containers/packaging/release/kata-static-${artifact}.tar.gz . -} - -main $@ diff --git a/.github/workflows/generate-local-artifact-tarball.sh b/.github/workflows/generate-local-artifact-tarball.sh deleted file mode 100755 index 3ae4ee6699..0000000000 --- a/.github/workflows/generate-local-artifact-tarball.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash -# Copyright (c) 2019 Intel Corporation -# Copyright (c) 2020 Ant Group -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -o errexit -set -o pipefail - - -main() { - artifact_stage=${1:-} - artifact=$(echo ${artifact_stage} | sed -n -e 's/^install_//p' | sed -r 's/_/-/g') - if [ -z "${artifact}" ]; then - "Scripts needs artifact name to build" - exit 1 - fi - - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - pushd $GITHUB_WORKSPACE/tools/packaging - git checkout $tag - ./scripts/gen_versions_txt.sh $tag - popd - - pushd $GITHUB_WORKSPACE/tools/packaging/release - source ./kata-deploy-binaries.sh - ${artifact_stage} $tag - popd - - mv $GITHUB_WORKSPACE/tools/packaging/release/kata-static-${artifact}.tar.gz . -} - -main $@ diff --git a/.github/workflows/kata-deploy-push.yaml b/.github/workflows/kata-deploy-push.yaml new file mode 100644 index 0000000000..ed3d29b66f --- /dev/null +++ b/.github/workflows/kata-deploy-push.yaml @@ -0,0 +1,58 @@ +name: kata-deploy-build + +on: push + +jobs: + build-asset: + runs-on: ubuntu-latest + strategy: + matrix: + asset: + - kernel + - shim-v2 + - qemu + - cloud-hypervisor + - firecracker + - rootfs-image + - rootfs-initrd + steps: + - uses: actions/checkout@v2 + - name: Install docker + run: | + curl -fsSL https://test.docker.com -o test-docker.sh + sh test-docker.sh + + - name: Build ${{ matrix.asset }} + run: | + ./tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh --build="${KATA_ASSET}" + build_dir=$(readlink -f build) + # store-artifact does not work with symlink + sudo cp -r --preserve=all "${build_dir}" "kata-build" + env: + KATA_ASSET: ${{ matrix.asset }} + + - name: store-artifact ${{ matrix.asset }} + uses: actions/upload-artifact@v2 + with: + name: kata-artifacts + path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + if-no-files-found: error + + create-kata-tarball: + runs-on: ubuntu-latest + needs: build-asset + steps: + - uses: actions/checkout@v2 + - name: get-artifacts + uses: actions/download-artifact@v2 + with: + name: kata-artifacts + path: kata-artifacts + - name: merge-artifacts + run: | + ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts + - name: store-artifacts + uses: actions/upload-artifact@v2 + with: + name: kata-static-tarball + path: kata-static.tar.xz diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 85df003b2c..0892efe2c9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -5,213 +5,45 @@ on: - '2.*' jobs: - get-artifact-list: + build-asset: runs-on: ubuntu-latest + strategy: + matrix: + asset: + - cloud-hypervisor + - firecracker + - kernel + - qemu + - rootfs-image + - rootfs-initrd + - shim-v2 steps: - uses: actions/checkout@v2 - - name: get the list + - name: Install docker run: | - pushd $GITHUB_WORKSPACE - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - git checkout $tag - popd - $GITHUB_WORKSPACE/tools/packaging/artifact-list.sh > artifact-list.txt - - name: save-artifact-list - uses: actions/upload-artifact@v2 - with: - name: artifact-list - path: artifact-list.txt + curl -fsSL https://test.docker.com -o test-docker.sh + sh test-docker.sh - build-kernel: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_kernel" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - run: | - sudo apt-get update && sudo apt install -y flex bison libelf-dev bc iptables - - name: build-kernel + - name: Build ${{ matrix.asset }} run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' + ./tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh --build="${KATA_ASSET}" + build_dir=$(readlink -f build) + # store-artifact does not work with symlink + sudo cp -r "${build_dir}" "kata-build" + env: + KATA_ASSET: ${{ matrix.asset }} + TAR_OUTPUT: ${{ matrix.asset }}.tar.gz + + - name: store-artifact ${{ matrix.asset }} uses: actions/upload-artifact@v2 with: name: kata-artifacts - path: kata-static-kernel.tar.gz + path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + if-no-files-found: error - build-experimental-kernel: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_experimental_kernel" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - run: | - sudo apt-get update && sudo apt install -y flex bison libelf-dev bc iptables - - name: build-experimental-kernel - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-experimental-kernel.tar.gz - - build-qemu: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_qemu" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - name: build-qemu - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-qemu.tar.gz - - build-image: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_image" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - name: build-image - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-image.tar.gz - - build-firecracker: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_firecracker" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - name: build-firecracker - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-firecracker.tar.gz - - - build-clh: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_clh" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - name: build-clh - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-clh.tar.gz - - build-kata-components: - runs-on: ubuntu-16.04 - needs: get-artifact-list - env: - buildstr: "install_kata_components" - steps: - - uses: actions/checkout@v2 - - name: get-artifact-list - uses: actions/download-artifact@v2 - with: - name: artifact-list - - name: build-kata-components - run: | - if grep -q $buildstr artifact-list.txt; then - $GITHUB_WORKSPACE/.github/workflows/generate-local-artifact-tarball.sh $buildstr - echo "artifact-built=true" >> $GITHUB_ENV - else - echo "artifact-built=false" >> $GITHUB_ENV - fi - - name: store-artifacts - if: ${{ env.artifact-built }} == 'true' - uses: actions/upload-artifact@v2 - with: - name: kata-artifacts - path: kata-static-kata-components.tar.gz - - gather-artifacts: - runs-on: ubuntu-16.04 - needs: [build-experimental-kernel, build-kernel, build-qemu, build-image, build-firecracker, build-kata-components, build-clh] + create-kata-tarball: + runs-on: ubuntu-latest + needs: build-asset steps: - uses: actions/checkout@v2 - name: get-artifacts @@ -219,24 +51,24 @@ jobs: with: name: kata-artifacts path: kata-artifacts - - name: colate-artifacts + - name: merge-artifacts run: | - $GITHUB_WORKSPACE/.github/workflows/gather-artifacts.sh + ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts - name: store-artifacts uses: actions/upload-artifact@v2 with: - name: release-candidate + name: kata-static-tarball path: kata-static.tar.xz kata-deploy: - needs: gather-artifacts + needs: create-kata-tarball runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - name: get-artifacts + - name: get-kata-tarball uses: actions/download-artifact@v2 with: - name: release-candidate + name: kata-static-tarball - name: build-and-push-kata-deploy-ci id: build-and-push-kata-deploy-ci run: | diff --git a/Makefile b/Makefile index a877f375b0..4d1c49a2e7 100644 --- a/Makefile +++ b/Makefile @@ -33,4 +33,10 @@ generate-protocols: static-checks: build bash ci/static-checks.sh -.PHONY: all default static-checks +binary-tarball: + make -f ./tools/packaging/kata-deploy/local-build/Makefile + +install-binary-tarball: + make -f ./tools/packaging/kata-deploy/local-build/Makefile install + +.PHONY: all default static-checks binary-tarball install-binary-tarball diff --git a/ci/install_yq.sh b/ci/install_yq.sh index b2923a6d2e..56ad7d6691 100755 --- a/ci/install_yq.sh +++ b/ci/install_yq.sh @@ -15,12 +15,18 @@ die() { # Install the yq yaml query package from the mikefarah github repo # Install via binary download, as we may not have golang installed at this point function install_yq() { - GOPATH=${GOPATH:-${HOME}/go} - local yq_path="${GOPATH}/bin/yq" local yq_pkg="github.com/mikefarah/yq" local yq_version=3.4.1 + INSTALL_IN_GOPATH=${INSTALL_IN_GOPATH:-true} - [ -x "${GOPATH}/bin/yq" ] && [ "`${GOPATH}/bin/yq --version`"X == "yq version ${yq_version}"X ] && return + if [ "${INSTALL_IN_GOPATH}" == "true" ];then + GOPATH=${GOPATH:-${HOME}/go} + mkdir -p "${GOPATH}/bin" + local yq_path="${GOPATH}/bin/yq" + else + yq_path="/usr/local/bin/yq" + fi + [ -x "${yq_path}" ] && [ "`${yq_path} --version`"X == "yq version ${yq_version}"X ] && return read -r -a sysInfo <<< "$(uname -sm)" @@ -51,7 +57,6 @@ function install_yq() { ;; esac - mkdir -p "${GOPATH}/bin" # Check curl if ! command -v "curl" >/dev/null; then diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 89c62180d5..a467fde091 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -184,6 +184,14 @@ parts: - bison - flex override-build: | + yq=${SNAPCRAFT_STAGE}/yq + export GOPATH=${SNAPCRAFT_STAGE}/gopath + kata_dir=${GOPATH}/src/github.com/${SNAPCRAFT_PROJECT_NAME}/${SNAPCRAFT_PROJECT_NAME} + versions_file="${kata_dir}/versions.yaml" + kernel_version="$(${yq} r $versions_file assets.kernel.version)" + #Remove extra 'v' + kernel_version=${kernel_version#v} + [ "$(uname -m)" = "s390x" ] && sudo apt-get --no-install-recommends install -y libssl-dev export GOPATH=${SNAPCRAFT_STAGE}/gopath @@ -193,13 +201,12 @@ parts: cd ${kata_dir}/tools/packaging/kernel # Setup and build kernel - ./build-kernel.sh -d setup + ./build-kernel.sh -v ${kernel_version} -d setup kernel_dir_prefix="kata-linux-" cd ${kernel_dir_prefix}* - version=$(basename ${PWD} | sed 's|'"${kernel_dir_prefix}"'||' | cut -d- -f1) make -j $(($(nproc)-1)) EXTRAVERSION=".container" - kernel_suffix=${version}.container + kernel_suffix=${kernel_version}.container kata_kernel_dir=${SNAPCRAFT_PART_INSTALL}/usr/share/kata-containers mkdir -p ${kata_kernel_dir} diff --git a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in index e755056f5a..0f9e66e45e 100644 --- a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in @@ -8,5 +8,6 @@ FROM ${IMAGE_REGISTRY}/alpine:3.13.5 RUN apk update && apk add \ bash \ + curl \ coreutils \ binutils diff --git a/tools/packaging/guest-image/build_image.sh b/tools/packaging/guest-image/build_image.sh index e33f998013..487e4a8537 100755 --- a/tools/packaging/guest-image/build_image.sh +++ b/tools/packaging/guest-image/build_image.sh @@ -16,53 +16,45 @@ readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" readonly packaging_root_dir="$(cd "${script_dir}/../" && pwd)" readonly repo_root_dir="$(cd "${script_dir}/../../../" && pwd)" readonly osbuilder_dir="$(cd "${repo_root_dir}/tools/osbuilder" && pwd)" -readonly tmp_dir=$(mktemp -d -t build-image-tmp.XXXXXXXXXX) -export GOPATH="${tmp_dir}/go" export GOPATH=${GOPATH:-${HOME}/go} source "${packaging_root_dir}/scripts/lib.sh" -exit_handler() { - [ -d "${tmp_dir}" ] && sudo rm -rf "$tmp_dir" -} -trap exit_handler EXIT - arch_target="$(uname -m)" -source "${packaging_root_dir}/versions.txt" - -readonly destdir="${PWD}" - build_initrd() { + info "Build initrd" + info "initrd os: $initrd_distro" + info "initrd os version: $initrd_os_version" sudo -E PATH="$PATH" make initrd \ DISTRO="$initrd_distro" \ DEBUG="${DEBUG:-}" \ OS_VERSION="${initrd_os_version}" \ - ROOTFS_BUILD_DEST="${tmp_dir}/initrd-image" \ + ROOTFS_BUILD_DEST="${builddir}/initrd-image" \ USE_DOCKER=1 \ AGENT_INIT="yes" + mv "kata-containers-initrd.img" "${install_dir}/${initrd_name}" + ( + cd "${install_dir}" + ln -sf "${builddir}" kata-containers-initrd.img + ) } build_image() { + info "Build image" + info "image os: $img_distro" + info "image os version: $img_os_version" sudo -E PATH="${PATH}" make image \ DISTRO="${img_distro}" \ DEBUG="${DEBUG:-}" \ USE_DOCKER="1" \ IMG_OS_VERSION="${img_os_version}" \ - ROOTFS_BUILD_DEST="${tmp_dir}/rootfs-image" -} - -create_tarball() { - agent_sha=$(get_repo_hash "${script_dir}") - #reduce sha size for short names - agent_sha=${agent_sha:0:${short_commit_length}} - tarball_name="kata-containers-${kata_version}-${agent_sha}-${arch_target}.tar.gz" - image_name="kata-containers-image_${img_distro}_${kata_version}_agent_${agent_sha}.img" - initrd_name="kata-containers-initrd_${initrd_distro}_${kata_version}_agent_${agent_sha}.initrd" - - mv "${osbuilder_dir}/kata-containers.img" "${image_name}" - mv "${osbuilder_dir}/kata-containers-initrd.img" "${initrd_name}" - sudo tar cfzv "${tarball_name}" "${initrd_name}" "${image_name}" + ROOTFS_BUILD_DEST="${builddir}/rootfs-image" + mv -f "kata-containers.img" "${install_dir}/${image_name}" + ( + cd "${install_dir}" + ln -sf "${image_name}" kata-containers.img + ) } usage() { @@ -75,46 +67,77 @@ Usage: ${script_name} [options] Options: - -v : Kata version to build images. Use kata release for - for agent and osbuilder. - + --imagetype=${image_type} + --prefix=${prefix} + --destdir=${destdir} EOT exit "${return_code}" } main() { - while getopts "v:h" opt; do + image_type=image + destdir="$PWD" + prefix="/opt/kata" + builddir="${PWD}" + while getopts "h-:" opt; do case "$opt" in + -) + case "${OPTARG}" in + imagetype=image) + image_type=image + #image information + img_distro=$(get_from_kata_deps "assets.image.architecture.${arch_target}.name") + img_os_version=$(get_from_kata_deps "assets.image.architecture.${arch_target}.version") + image_name="kata-${img_distro}-${img_os_version}.${image_type}" + ;; + imagetype=initrd) + image_type=initrd + #initrd information + initrd_distro=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.name") + initrd_os_version=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.version") + initrd_name="kata-${initrd_distro}-${initrd_os_version}.${image_type}" + ;; + prefix=*) + prefix=${OPTARG#*=} + ;; + destdir=*) + destdir=${OPTARG#*=} + ;; + builddir=*) + builddir=${OPTARG#*=} + ;; + *) + echo >&2 "ERROR: Invalid option -$opt${OPTARG}" + usage 1 + ;; + esac + ;; h) usage 0 ;; - v) kata_version="${OPTARG}" ;; *) echo "Invalid option $opt" usage 1 ;; esac done + readonly destdir + readonly builddir - install_yq + echo "build ${image_type}" - #image information - img_distro=$(get_from_kata_deps "assets.image.architecture.${arch_target}.name" "${kata_version}") - #In old branches this is not defined, use a default - img_distro=${img_distro:-clearlinux} - img_os_version=$(get_from_kata_deps "assets.image.architecture.${arch_target}.version" "${kata_version}") - #initrd information - initrd_distro=$(get_from_kata_deps "assets.initrd.architecture.${arch_target}.name" "${kata_version}") - #In old branches this is not defined, use a default - initrd_distro=${initrd_distro:-alpine} - initrd_os_version=$(get_from_kata_deps "assets.image.architecture.${arch_target}.version" "${kata_version}") - shift "$((OPTIND - 1))" + install_dir="${destdir}/${prefix}/share/kata-containers/" + readonly install_dir + + mkdir -p "${install_dir}" + pushd "${osbuilder_dir}" - build_initrd - build_image - create_tarball - cp "${tarball_name}" "${destdir}" + case "${image_type}" in + initrd) build_initrd ;; + image) build_image ;; + esac + popd } diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile new file mode 100644 index 0000000000..85d0bb7545 --- /dev/null +++ b/tools/packaging/kata-deploy/local-build/Makefile @@ -0,0 +1,53 @@ +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +MK_PATH := $(abspath $(lastword $(MAKEFILE_LIST))) +MK_DIR := $(dir $(MK_PATH)) + +# Verbose build +V ?= +ifneq ($(V),) +SILENT_BUILD_FLAG = +else +SILENT_BUILD_FLAG = -s +endif + +define BUILD + $(MK_DIR)/kata-deploy-binaries-in-docker.sh $(SILENT_BUILD_FLAG) --build=$1 +endef + +kata-tarball: | all-parallel merge-builds + +all-parallel: + make -f $(MK_PATH) all -j$$(( $$(nproc) - 1 )) NO_TTY="true" + +all: cloud-hypervisor firecracker kernel qemu rootfs-image rootfs-initrd shim-v2 + +cloud-hypervisor: + $(call BUILD,$@) + +firecracker: + $(call BUILD,$@) + +kernel: + $(call BUILD,$@) + +qemu: + $(call BUILD,$@) + +rootfs-image: + $(call BUILD,$@) + +rootfs-initrd: + $(call BUILD,$@) + +shim-v2: + $(call BUILD,$@) + +merge-builds: + $(MK_DIR)/kata-deploy-merge-builds.sh build + +install: + tar -xvf ./kata-static.tar.xz -C / diff --git a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile new file mode 100644 index 0000000000..8df4c14740 --- /dev/null +++ b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile @@ -0,0 +1,37 @@ +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +FROM ubuntu +ENV DEBIAN_FRONTEND=noninteractive +ENV INSTALL_IN_GOPATH=false + +ADD install_yq.sh /usr/bin/install_yq.sh + + +# yq installer deps +RUN apt update && apt-get install -y curl sudo + +# Install yq +RUN install_yq.sh + +RUN curl -fsSL https://get.docker.com -o get-docker.sh +RUN sh get-docker.sh + +ARG IMG_USER=kata-builder +ARG UID=1000 +ARG GID=1000 +RUN if [ ${IMG_USER} != "root" ]; then groupadd --gid=${GID} ${IMG_USER};fi +RUN if [ ${IMG_USER} != "root" ]; then adduser ${IMG_USER} --uid=${UID} --gid=${GID};fi +RUN sh -c "echo '${IMG_USER} ALL=NOPASSWD: ALL' >> /etc/sudoers" + +#FIXME: gcc is required as agent is build out of a container build. +RUN apt-get update && \ + apt install -y \ + gcc \ + git \ + make \ + xz-utils + +ENV USER ${IMG_USER} +USER ${UID}:${GID} diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh new file mode 100755 index 0000000000..589760615c --- /dev/null +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries-in-docker.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copyright (c) 2018-2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +set -o errexit +set -o nounset +set -o pipefail +set -o errtrace + +script_dir=$(dirname "$(readlink -f "$0")") +kata_dir=$(realpath "${script_dir}/../../../../") +kata_deploy_create="${script_dir}/kata-deploy-binaries.sh" +uid=$(id -u ${USER}) +gid=$(id -g ${USER}) + +TTY_OPT="-i" +NO_TTY="${NO_TTY:-false}" +[ -t 1 ] && [ "${NO_TTY}" == "false" ] && TTY_OPT="-it" + +if [ "${script_dir}" != "${PWD}" ]; then + ln -sf "${script_dir}/build" "${PWD}/build" +fi + +install_yq_script_path="${script_dir}/../../../../ci/install_yq.sh" + +cp "${install_yq_script_path}" "${script_dir}/dockerbuild/install_yq.sh" + +docker build -q -t build-kata-deploy \ + --build-arg IMG_USER="${USER}" \ + --build-arg UID=${uid} \ + --build-arg GID=${gid} \ + "${script_dir}/dockerbuild/" + +docker run ${TTY_OPT} \ + -v /var/run/docker.sock:/var/run/docker.sock \ + --user ${uid}:${gid} \ + --env USER=${USER} -v "${kata_dir}:${kata_dir}" \ + --rm \ + -w ${script_dir} \ + build-kata-deploy "${kata_deploy_create}" $@ + diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh new file mode 100755 index 0000000000..410af1173b --- /dev/null +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -0,0 +1,261 @@ +#!/bin/bash +# Copyright (c) 2018-2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +[ -z "${DEBUG}" ] || set -x +set -o errexit +set -o nounset +set -o pipefail + +readonly project="kata-containers" + +readonly script_name="$(basename "${BASH_SOURCE[0]}")" +readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +readonly prefix="/opt/kata" +readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)" +readonly version_file="${repo_root_dir}/VERSION" +readonly versions_yaml="${repo_root_dir}/versions.yaml" + +readonly clh_builder="${repo_root_dir}/tools/packaging/static-build/cloud-hypervisor/build-static-clh.sh" +readonly firecracker_builder="${repo_root_dir}/tools/packaging/static-build/firecracker/build-static-firecracker.sh" +readonly kernel_builder="${repo_root_dir}/tools/packaging/static-build/kernel/build.sh" +readonly qemu_builder="${repo_root_dir}/tools/packaging/static-build/qemu/build-static-qemu.sh" +readonly rootfs_builder="${repo_root_dir}/tools/packaging/guest-image/build_image.sh" +readonly shimv2_builder="${repo_root_dir}/tools/packaging/static-build/shim-v2/build.sh" + +workdir="${WORKDIR:-$PWD}" + +destdir="${workdir}/kata-static" + +die() { + msg="$*" + echo "ERROR: ${msg}" >&2 + exit 1 +} + +info() { + echo "INFO: $*" +} + +error() { + echo "ERROR: $*" +} + +usage() { + return_code=${1:-0} + cat < [version] + +Args: +version: The kata version that will be use to create the tarball + +options: + +-h|--help : Show this help +--build= : + all + cloud-hypervisor + firecracker + kernel + qemu + rootfs-image + rootfs-initrd + shim-v2 +EOT + + exit "${return_code}" +} + +#Install guest image +install_image() { + info "Create image" + "${rootfs_builder}" --imagetype=image --prefix="${prefix}" --destdir="${destdir}" +} + +#Install guest initrd +install_initrd() { + info "Create initrd" + "${rootfs_builder}" --imagetype=initrd --prefix="${prefix}" --destdir="${destdir}" +} + +#Install kernel asset +install_kernel() { + export kernel_version="$(yq r $versions_yaml assets.kernel.version)" + DESTDIR="${destdir}" PREFIX="${prefix}" "${kernel_builder}" "${kernel_version}" +} + +#Install experimental kernel asset +install_experimental_kernel() { + info "build experimental kernel" + export kernel_version="$(yq r $versions_yaml assets.kernel-experimental.version)" + "${kernel_builder}" -e setup + "${kernel_builder}" -e build + info "install experimental kernel" + DESTDIR="${destdir}" PREFIX="${prefix}" "${kernel_builder}" -e install +} + +# Install static qemu asset +install_qemu() { + info "build static qemu" + export qemu_repo="$(yq r $versions_yaml assets.hypervisor.qemu.url)" + export qemu_version="$(yq r $versions_yaml assets.hypervisor.qemu.version)" + "${qemu_builder}" + tar xvf "${builddir}/kata-static-qemu.tar.gz" -C "${destdir}" +} + +# Install static firecracker asset +install_firecracker() { + info "build static firecracker" + "${firecracker_builder}" + info "Install static firecracker" + mkdir -p "${destdir}/opt/kata/bin/" + sudo install -D --owner root --group root --mode 0744 firecracker/firecracker-static "${destdir}/opt/kata/bin/firecracker" + sudo install -D --owner root --group root --mode 0744 firecracker/jailer-static "${destdir}/opt/kata/bin/jailer" +} + +# Install static cloud-hypervisor asset +install_clh() { + local cloud_hypervisor_repo + local cloud_hypervisor_version + + cloud_hypervisor_repo="$(yq r $versions_yaml assets.hypervisor.cloud_hypervisor.url)" + cloud_hypervisor_version="$(yq r $versions_yaml assets.hypervisor.cloud_hypervisor.version)" + + info "build static cloud-hypervisor" + "${clh_builder}" + info "Install static cloud-hypervisor" + mkdir -p "${destdir}/opt/kata/bin/" + sudo install -D --owner root --group root --mode 0744 cloud-hypervisor/cloud-hypervisor "${destdir}/opt/kata/bin/cloud-hypervisor" +} + +#Install all components that are not assets +install_shimv2() { + GO_VERSION="$(yq r ${versions_yaml} languages.golang.meta.newest-version)" + export GO_VERSION + DESTDIR="${destdir}" PREFIX="${prefix}" "${shimv2_builder}" +} + +get_kata_version() { + local v + v=$(cat "${version_file}") + echo ${v} +} + +handle_build() { + info "DESTDIR ${destdir}" + local build_target + build_target="$1" + case "${build_target}" in + all) + install_clh + install_experimental_kernel + install_firecracker + install_image + install_initrd + install_kernel + install_qemu + install_shimv2 + ;; + + cloud-hypervisor) install_clh ;; + + firecracker) install_firecracker ;; + + kernel) install_kernel ;; + + qemu) install_qemu ;; + + rootfs-image) install_image ;; + + rootfs-initrd) install_initrd ;; + + shim-v2) install_shimv2 ;; + + *) + die "Invalid build target ${build_target}" + ;; + esac + + tarball_name="${workdir}/kata-static-${build_target}.tar.xz" + ( + cd "${destdir}" + sudo tar cvfJ "${tarball_name}" "." + ) + tar tvf "${tarball_name}" +} + +main() { + local build_targets + local silent + build_targets=( + cloud-hypervisor + firecracker + kernel + qemu + rootfs-image + rootfs-initrd + shim-v2 + ) + silent=false + while getopts "hs-:" opt; do + case $opt in + -) + case "${OPTARG}" in + build=*) + build_targets=(${OPTARG#*=}) + ;; + help) + usage 0 + ;; + *) + usage 1 + ;; + esac + ;; + h) usage 0 ;; + s) silent=true ;; + *) usage 1 ;; + esac + done + shift $((OPTIND - 1)) + + kata_version=$(get_kata_version) + + workdir="${workdir}/build" + for t in "${build_targets[@]}"; do + destdir="${workdir}/${t}/destdir" + builddir="${workdir}/${t}/builddir" + echo "Build kata version ${kata_version}: ${t}" + mkdir -p "${destdir}" + mkdir -p "${builddir}" + if [ "${silent}" == true ]; then + log_file="${builddir}/log" + echo "build log: ${log_file}" + fi + ( + cd "${builddir}" + if [ "${silent}" == true ]; then + if ! handle_build "${t}" &>"$log_file"; then + error "Failed to build: $t, logs:" + cat "${log_file}" + exit 1 + fi + else + handle_build "${t}" + fi + ) + done + +} + +if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then + main $@ +fi diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh new file mode 100755 index 0000000000..bdbec15ab1 --- /dev/null +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh @@ -0,0 +1,28 @@ +#!/bin/bash +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +set -o errexit +set -o nounset +set -o pipefail +set -o errtrace + +kata_build_dir=${1:-build} +tar_path="${PWD}/kata-static.tar.xz" + +pushd "${kata_build_dir}" +tarball_content_dir="${PWD}/kata-tarball-content" +rm -rf "${tarball_content_dir}" +mkdir "${tarball_content_dir}" + +for c in kata-static-*.tar.xz +do + echo "untarring tarball "${c}" into ${tarball_content_dir}" + tar -xvf "${c}" -C "${tarball_content_dir}" +done + +echo "create ${tar_path}" +(cd "${tarball_content_dir}"; tar cvfJ "${tar_path}" .) +popd diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh index e27e2c286e..d0ab1c264a 100755 --- a/tools/packaging/kernel/build-kernel.sh +++ b/tools/packaging/kernel/build-kernel.sh @@ -14,7 +14,6 @@ set -o pipefail readonly script_name="$(basename "${BASH_SOURCE[0]}")" readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -kata_version="${kata_version:-}" #project_name readonly project_name="kata-containers" @@ -29,7 +28,6 @@ download_kernel=false # The repository where kernel configuration lives readonly kernel_config_repo="github.com/${project_name}/kata-containers/tools/packaging" readonly patches_repo="github.com/${project_name}/kata-containers/tools/packaging" -readonly patches_repo_dir="${GOPATH}/src/${patches_repo}" # Default path to search patches to apply to kernel readonly default_patches_dir="${script_dir}/patches" # Default path to search config for kata @@ -493,15 +491,13 @@ main() { # If not kernel version take it from versions.yaml if [ -z "$kernel_version" ]; then if [[ ${experimental_kernel} == "true" ]]; then - kernel_version=$(get_from_kata_deps "assets.kernel-experimental.tag" "${kata_version}") - #Remove extra 'v' - kernel_version="${kernel_version#v}" + kernel_version=$(get_from_kata_deps "assets.kernel-experimental.tag") else - kernel_version=$(get_from_kata_deps "assets.kernel.version" "${kata_version}") - #Remove extra 'v' - kernel_version="${kernel_version#v}" + kernel_version=$(get_from_kata_deps "assets.kernel.version") fi fi + #Remove extra 'v' + kernel_version="${kernel_version#v}" if [ -z "${kernel_path}" ]; then config_version=$(get_config_version) diff --git a/tools/packaging/release/kata-deploy-binaries.sh b/tools/packaging/release/kata-deploy-binaries.sh deleted file mode 100755 index c94eb9fdc9..0000000000 --- a/tools/packaging/release/kata-deploy-binaries.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/bash -# Copyright (c) 2018 Intel Corporation -# -# SPDX-License-Identifier: Apache-2.0 -# - -[ -z "${DEBUG}" ] || set -x -set -o errexit -set -o nounset -set -o pipefail - -readonly script_name="$(basename "${BASH_SOURCE[0]}")" -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -readonly pkg_root_dir="$(cd "${script_dir}/.." && pwd)" -readonly repo_root_dir="$(cd "${script_dir}/../../../" && pwd)" -readonly project="kata-containers" -readonly prefix="/opt/kata" -readonly project_to_attach="github.com/${project}/${project}" -readonly tmp_dir=$(mktemp -d -t static-build-tmp.XXXXXXXXXX) -readonly GOPATH="${tmp_dir}/go" -# flag to decide if push tarball to github -push=false -export GOPATH -workdir="${WORKDIR:-$PWD}" -# This flag help us to test and run this script with changes -# that are local -test_local="false" - -destdir="${workdir}/kata-static" -mkdir -p "${destdir}" - -exit_handler() { - [ -d "${tmp_dir}" ] || sudo rm -rf "${tmp_dir}" -} -trap exit_handler EXIT - -die() { - msg="$*" - echo "ERROR: ${msg}" >&2 - exit 1 -} - -info() { - echo "INFO: $*" -} - -usage() { - return_code=${1:-0} - cat < [version] - -Args: -version: The kata version that will be use to create the tarball - -options: - --h : Show this help --l : Run this script to test changes locally --p : push tarball to ${project_to_attach} --w : directory where tarball will be created - - -EOT - - exit "${return_code}" -} - -#Verify that hub is installed and in case that is not -# install it to avoid issues when we try to push -verify_hub() { - check_command=$(whereis hub | cut -d':' -f2) - # Install hub if is not installed - if [ -z ${check_command} ]; then - hub_repo="github.com/github/hub" - hub_url="https://${hub_repo}" - go get -d ${hub_repo} || true - pushd ${GOPATH}/src/${hub_repo} - make - sudo -E make install prefix=/usr/local - popd - fi -} - -#Install guest image/initrd asset -install_image() { - kata_version=${1:-$kata_version} - image_destdir="${destdir}/${prefix}/share/kata-containers/" - info "Create image" - image_tarball=$(find . -name 'kata-containers-'"${kata_version}"'-*.tar.gz') - [ -f "${image_tarball}" ] || "${pkg_root_dir}/guest-image/build_image.sh" -v "${kata_version}" - image_tarball=$(find . -name 'kata-containers-'"${kata_version}"'-*.tar.gz') - [ -f "${image_tarball}" ] || die "image not found" - info "Install image in destdir ${image_tarball}" - mkdir -p "${image_destdir}" - tar xf "${image_tarball}" -C "${image_destdir}" - pushd "${destdir}/${prefix}/share/kata-containers/" >>/dev/null - info "Create image default symlinks" - image=$(find . -name 'kata-containers-image*.img') - initrd=$(find . -name 'kata-containers-initrd*.initrd') - ln -sf "${image}" kata-containers.img - ln -sf "${initrd}" kata-containers-initrd.img - popd >>/dev/null - pushd ${destdir} - tar -czvf ../kata-static-image.tar.gz * - popd -} - -#Install kernel asset -install_kernel() { - kata_version=${1:-$kata_version} - pushd "${pkg_root_dir}" - info "build kernel" - kata_version="${kata_version}" ./kernel/build-kernel.sh setup - kata_version="${kata_version}" ./kernel/build-kernel.sh build - info "install kernel" - kata_version="${kata_version}" DESTDIR="${destdir}" PREFIX="${prefix}" ./kernel/build-kernel.sh install - popd - pushd ${destdir} - tar -czvf ../kata-static-kernel.tar.gz * - popd -} - -#Install experimental kernel asset -install_experimental_kernel() { - kata_version=${1:-$kata_version} - pushd "${pkg_root_dir}" - info "build experimental kernel" - kata_version="${kata_version}" ./kernel/build-kernel.sh -e setup - kata_version="${kata_version}" ./kernel/build-kernel.sh -e build - info "install experimental kernel" - kata_version="${kata_version}" DESTDIR="${destdir}" PREFIX="${prefix}" ./kernel/build-kernel.sh -e install - popd - pushd ${destdir} - tar -czvf ../kata-static-experimental-kernel.tar.gz * - popd -} - -# Install static qemu asset -install_qemu() { - kata_version=${1:-$kata_version} - info "build static qemu" - kata_version="${kata_version}" "${pkg_root_dir}/static-build/qemu/build-static-qemu.sh" -} - -# Install static firecracker asset -install_firecracker() { - kata_version=${1:-$kata_version} - info "build static firecracker" - [ -f "firecracker/firecracker-static" ] || kata_version="${kata_version}" "${pkg_root_dir}/static-build/firecracker/build-static-firecracker.sh" - info "Install static firecracker" - mkdir -p "${destdir}/opt/kata/bin/" - sudo install -D --owner root --group root --mode 0744 firecracker/firecracker-static "${destdir}/opt/kata/bin/firecracker" - sudo install -D --owner root --group root --mode 0744 firecracker/jailer-static "${destdir}/opt/kata/bin/jailer" - pushd ${destdir} - tar -czvf ../kata-static-firecracker.tar.gz * - popd -} - -# Install static cloud-hypervisor asset -install_clh() { - kata_version=${1:-$kata_version} - info "build static cloud-hypervisor" - kata_version="${kata_version}" "${pkg_root_dir}/static-build/cloud-hypervisor/build-static-clh.sh" - info "Install static cloud-hypervisor" - mkdir -p "${destdir}/opt/kata/bin/" - sudo install -D --owner root --group root --mode 0744 cloud-hypervisor/cloud-hypervisor "${destdir}/opt/kata/bin/cloud-hypervisor" - pushd "${destdir}" - # create tarball for github release action - tar -czvf ../kata-static-clh.tar.gz * - popd -} - -#Install all components that are not assets -install_kata_components() { - kata_version=${1:-$kata_version} - pushd "${repo_root_dir}/src/runtime" - echo "Checkout to version ${kata_version}" - git checkout "${kata_version}" - echo "Build" - make \ - PREFIX="${prefix}" \ - QEMUCMD="qemu-system-x86_64" - echo "Install" - make PREFIX="${prefix}" \ - DESTDIR="${destdir}" \ - install - popd - sed -i -e '/^initrd =/d' "${destdir}/${prefix}/share/defaults/${project}/configuration-qemu.toml" - sed -i -e '/^initrd =/d' "${destdir}/${prefix}/share/defaults/${project}/configuration-fc.toml" - pushd "${destdir}/${prefix}/share/defaults/${project}" - ln -sf "configuration-qemu.toml" configuration.toml - popd - - pushd ${destdir} - tar -czvf ../kata-static-kata-components.tar.gz * - popd -} - -untar_qemu_binaries() { - info "Install static qemu" - tar xf kata-static-qemu.tar.gz -C "${destdir}" -} - -main() { - while getopts "hlpw:" opt; do - case $opt in - h) usage 0 ;; - l) test_local="true" ;; - p) push="true" ;; - w) workdir="${OPTARG}" ;; - esac - done - shift $((OPTIND - 1)) - - kata_version=${1:-} - [ -n "${kata_version}" ] || usage 1 - info "Requested version: ${kata_version}" - - if [[ "$test_local" == "true" ]]; then - verify_hub - fi - - destdir="${workdir}/kata-static-${kata_version}-$(uname -m)" - info "DESTDIR ${destdir}" - mkdir -p "${destdir}" - install_kata_components - install_experimental_kernel - install_kernel - install_clh - install_qemu - install_firecracker - install_image - - untar_qemu_binaries - - tarball_name="${destdir}.tar.xz" - pushd "${destdir}" >>/dev/null - tar cfJ "${tarball_name}" "./opt" - popd >>/dev/null - if [ "${push}" == "true" ]; then - hub -C "${GOPATH}/src/github.com/${project}/${project}" release edit -a "${tarball_name}" "${kata_version}" - else - echo "Wont push the tarball to github use -p option to do it." - fi -} - -if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then - main $@ -fi diff --git a/tools/packaging/scripts/lib.sh b/tools/packaging/scripts/lib.sh index 590ebe095e..1ed7b50037 100644 --- a/tools/packaging/scripts/lib.sh +++ b/tools/packaging/scripts/lib.sh @@ -34,13 +34,9 @@ install_yq() { get_from_kata_deps() { local dependency="$1" - GOPATH=${GOPATH:-${HOME}/go} versions_file="${this_script_dir}/../../../versions.yaml" - #make sure yq is installed - install_yq >&2 - - result=$("${GOPATH}/bin/yq" read -X "$versions_file" "$dependency") + result=$("yq" read -X "$versions_file" "$dependency") [ "$result" = "null" ] && result="" echo "$result" } diff --git a/tools/packaging/static-build/firecracker/build-static-firecracker.sh b/tools/packaging/static-build/firecracker/build-static-firecracker.sh index 09cf4e390f..deac78773e 100755 --- a/tools/packaging/static-build/firecracker/build-static-firecracker.sh +++ b/tools/packaging/static-build/firecracker/build-static-firecracker.sh @@ -15,6 +15,7 @@ source "${script_dir}/../../scripts/lib.sh" config_dir="${script_dir}/../../scripts/" firecracker_repo="${firecracker_repo:-}" +firecracker_dir="firecracker" firecracker_version="${firecracker_version:-}" kata_version="${kata_version:-}" @@ -31,10 +32,11 @@ fi info "Build ${firecracker_repo} version: ${firecracker_version}" -git clone ${firecracker_repo} -cd firecracker +[ -d "${firecracker_dir}" ] || git clone ${firecracker_repo} +cd "${firecracker_dir}" +git fetch git checkout ${firecracker_version} -./tools/devtool --unattended build --release +sudo ./tools/devtool --unattended build --release -ln -s ./build/cargo_target/x86_64-unknown-linux-musl/release/firecracker ./firecracker-static -ln -s ./build/cargo_target/x86_64-unknown-linux-musl/release/jailer ./jailer-static +ln -sf ./build/cargo_target/x86_64-unknown-linux-musl/release/firecracker ./firecracker-static +ln -sf ./build/cargo_target/x86_64-unknown-linux-musl/release/jailer ./jailer-static diff --git a/tools/packaging/static-build/kernel/Dockerfile b/tools/packaging/static-build/kernel/Dockerfile new file mode 100644 index 0000000000..b8b813396f --- /dev/null +++ b/tools/packaging/static-build/kernel/Dockerfile @@ -0,0 +1,18 @@ +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +FROM ubuntu +ENV DEBIAN_FRONTEND=noninteractive + +# kernel deps +RUN apt update +RUN apt install -y \ + bc \ + bison \ + build-essential \ + curl \ + flex \ + git \ + iptables \ + libelf-dev \ diff --git a/tools/packaging/static-build/kernel/build.sh b/tools/packaging/static-build/kernel/build.sh new file mode 100755 index 0000000000..701050acf3 --- /dev/null +++ b/tools/packaging/static-build/kernel/build.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)" +readonly kernel_builder="${repo_root_dir}/tools/packaging/kernel/build-kernel.sh" + + +kernel_version=${1} +DESTDIR=${DESTDIR:-${PWD}} +PREFIX=${PREFIX:-/opt/kata} +container_image="kata-kernel-builder" + +sudo docker build -t "${container_image}" "${script_dir}" + +echo "build ${kernel_version}" +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${PWD}" \ + "${container_image}" \ + bash -c "${kernel_builder} -v ${kernel_version} setup" + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${PWD}" \ + "${container_image}" \ + bash -c "${kernel_builder} -v ${kernel_version} build" + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${PWD}" \ + --env DESTDIR="${DESTDIR}" --env PREFIX="${PREFIX}" \ + "${container_image}" \ + bash -c "${kernel_builder} -v ${kernel_version} install" diff --git a/tools/packaging/static-build/shim-v2/Dockerfile b/tools/packaging/static-build/shim-v2/Dockerfile new file mode 100644 index 0000000000..5553d28d54 --- /dev/null +++ b/tools/packaging/static-build/shim-v2/Dockerfile @@ -0,0 +1,13 @@ +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +FROM ubuntu +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && apt-get install -y make curl sudo gcc + +ADD install_go.sh /usr/bin/install_go.sh +ARG GO_VERSION +RUN install_go.sh "${GO_VERSION}" +ENV PATH=/usr/local/go/bin:${PATH} diff --git a/tools/packaging/static-build/shim-v2/build.sh b/tools/packaging/static-build/shim-v2/build.sh new file mode 100755 index 0000000000..4d63f7f4cf --- /dev/null +++ b/tools/packaging/static-build/shim-v2/build.sh @@ -0,0 +1,44 @@ +#!/bin/bash +# +# Copyright (c) 2021 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)" +readonly kernel_builder="${repo_root_dir}/tools/packaging/kernel/build-kernel.sh" + + +GO_VERSION=${GO_VERSION} + +DESTDIR=${DESTDIR:-${PWD}} +PREFIX=${PREFIX:-/opt/kata} +container_image="shim-v2-builder" + +sudo docker build --build-arg GO_VERSION="${GO_VERSION}" -t "${container_image}" "${script_dir}" + +arch=$(uname -m) +if [ ${arch} = "ppc64le" ]; then + arch="ppc64" +fi + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${repo_root_dir}/src/runtime" \ + "${container_image}" \ + bash -c "make PREFIX=${PREFIX} QEMUCMD=qemu-system-${arch}" + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${repo_root_dir}/src/runtime" \ + "${container_image}" \ + bash -c "make PREFIX="${PREFIX}" DESTDIR="${DESTDIR}" install" + +sudo sed -i -e '/^initrd =/d' "${DESTDIR}/${PREFIX}/share/defaults/kata-containers/configuration-qemu.toml" +sudo sed -i -e '/^initrd =/d' "${DESTDIR}/${PREFIX}/share/defaults/kata-containers/configuration-fc.toml" + +pushd "${DESTDIR}/${PREFIX}/share/defaults/kata-containers" + sudo ln -sf "configuration-qemu.toml" configuration.toml +popd diff --git a/tools/packaging/static-build/shim-v2/install_go.sh b/tools/packaging/static-build/shim-v2/install_go.sh new file mode 100755 index 0000000000..653b9ad412 --- /dev/null +++ b/tools/packaging/static-build/shim-v2/install_go.sh @@ -0,0 +1,98 @@ +#!/bin/bash +# +# Copyright (c) 2018 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# + +set -o errexit +set -o nounset +set -o pipefail + +tmp_dir=$(mktemp -d -t install-go-tmp.XXXXXXXXXX) +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +script_name="$(basename "${BASH_SOURCE[0]}")" +force="" + +install_dest="/usr/local/" + +finish() { + rm -rf "$tmp_dir" +} + +die() { + echo >&2 "ERROR: $*" + exit 1 +} + +info() { + echo "INFO: $*" +} + +usage(){ + exit_code="$1" + cat < : destination path, path where go will be installed. +EOT + + exit "$exit_code" +} + +trap finish EXIT + +pushd "${tmp_dir}" + +while getopts "d:fhp" opt +do + case $opt in + d) install_dest="${OPTARG}" ;; + f) force="true" ;; + h) usage 0 ;; + esac +done + +shift $(( $OPTIND - 1 )) + + +go_version=${1:-} + +if [ -z "$go_version" ];then + echo "Missing go" + usage 1 +fi + +if command -v go; then + [[ "$(go version)" == *"go${go_version}"* ]] && \ + info "Go ${go_version} already installed" && \ + exit + if [ "${force}" = "true" ]; then + info "removing $(go version)" + sudo rm -rf "${install_dest}/go" + else + die "$(go version) is installed, use -f or remove it before install go ${go_version}" + fi +fi + +case "$(uname -m)" in + aarch64) goarch="arm64";; + ppc64le) goarch="ppc64le";; + x86_64) goarch="amd64";; + s390x) goarch="s390x";; + *) echo "unsupported architecture: $(uname -m)"; exit 1;; +esac + +info "Download go version ${go_version}" +kernel_name=$(uname -s) +curl -OL "https://storage.googleapis.com/golang/go${go_version}.${kernel_name,,}-${goarch}.tar.gz" +info "Install go" +mkdir -p "${install_dest}" +sudo tar -C "${install_dest}" -xzf "go${go_version}.${kernel_name,,}-${goarch}.tar.gz" +popd