packaging: Build the kata-agent

Let's add the needed functions to start building the kata-agent, with or without the OPA support. For now this build is not used as part of the rootfs build, but later on this will (not as part of this series, though). Fixes: #8099 Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-09-18 07:18:27 +00:00 · 2023-10-03 14:20:23 +02:00
parent 1727487eef
commit 5208386ab1
6 changed files with 132 additions and 0 deletions
--- a/tools/packaging/static-build/agent/Dockerfile
+++ b/tools/packaging/static-build/agent/Dockerfile
@@ -0,0 +1,21 @@
+# Copyright (c) 2023 Intel
+#
+# SPDX-License-Identifier: Apache-2.0
+
+FROM alpine:3.18
+ARG RUST_TOOLCHAIN
+
+SHELL ["/bin/ash", "-o", "pipefail", "-c"]
+RUN apk --no-cache add \
+        bash \
+        curl \
+        gcc \
+        git \
+        libcap-ng-static \
+        libseccomp-static \
+        make \
+        musl-dev \
+        openssl-dev \
+        openssl-libs-static \
+        protoc && \
+    curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_TOOLCHAIN}
--- a/tools/packaging/static-build/agent/build-static-agent.sh
+++ b/tools/packaging/static-build/agent/build-static-agent.sh
@@ -0,0 +1,37 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2023 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+
+source "${script_dir}/../../scripts/lib.sh"
+
+init_env() {
+	source "$HOME/.cargo/env"
+
+	export LIBC=musl
+	export LIBSECCOMP_LINK_TYPE=static
+	export LIBSECCOMP_LIB_PATH=/usr/lib
+
+	# This is needed to workaround
+	# https://github.com/sfackler/rust-openssl/issues/1624
+	export OPENSSL_NO_VENDOR=Y
+}
+
+build_agent_from_source() {
+	echo "build agent from source"
+
+	init_env
+
+	cd src/agent
+	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} make
+	DESTDIR=${DESTDIR} AGENT_POLICY=${AGENT_POLICY} make install
+}
+
+build_agent_from_source $@
--- a/tools/packaging/static-build/agent/build.sh
+++ b/tools/packaging/static-build/agent/build.sh
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2023 Intel
+#
+# SPDX-License-Identifier: Apache-2.0
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+readonly agent_builder="${script_dir}/build-static-agent.sh"
+
+source "${script_dir}/../../scripts/lib.sh"
+
+container_image="${AGENT_CONTAINER_BUILDER:-$(get_agent_image_name)}"
+[ "${CROSS_BUILD}" == "true" ] && container_image="${container_image}-cross-build"
+
+sudo docker pull ${container_image} || \
+	(sudo docker $BUILDX build $PLATFORM \
+	    	--build-arg RUST_TOOLCHAIN="$(get_from_kata_deps "languages.rust.meta.newest-version")" \
+		-t "${container_image}" "${script_dir}" && \
+	 # No-op unless PUSH_TO_REGISTRY is exported as "yes"
+	 push_to_registry "${container_image}")
+
+sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
+	--env DESTDIR=${DESTDIR} \
+	--env AGENT_POLICY=${AGENT_POLICY:-no} \
+	-w "${repo_root_dir}" \
+	"${container_image}" \
+	bash -c "${agent_builder}"