github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-04-29 04:04:45 +00:00
Code Issues Projects Releases Wiki Activity

initramfs: Build dependencies as part of the Dockerfile

Browse Source 
This will help to not have to build those on every CI run, and rather
take advantage of the cached image.

Fixes: #7084

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
(cherry picked from commit c720869eef)
This commit is contained in:
Fabiano Fidêncio 2022-10-25 20:35:45 +02:00 committed by stevenhorsman
parent aa2380fdd6
commit 6a3710055b
3 changed files with 39 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
tools/packaging/static-build/initramfs/Dockerfile
View File

@ -4,6 +4,13 @@
from ubuntu:20.04 from ubuntu:20.04
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
ARG cryptsetup_repo=${cryptsetup_repo}
ARG cryptsetup_version=${cryptsetup_version}
ARG lvm2_repo=${lvm2_repo}
ARG lvm2_version=${lvm2_version}
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
ENV TZ=UTC ENV TZ=UTC
RUN apt-get update &&\ RUN apt-get update &&\
apt-get --no-install-recommends install -y software-properties-common &&\ apt-get --no-install-recommends install -y software-properties-common &&\
@ -35,4 +42,31 @@ RUN apt-get update &&\
libseccomp-dev \ libseccomp-dev \
libseccomp2 \ libseccomp2 \
zlib1g-dev &&\ zlib1g-dev &&\
apt-get clean && rm -rf /var/lib/apt/lists/ apt-get clean && rm -rf /var/lib/apt/lists/ && \
build_root=$(mktemp -d) && \
pushd ${build_root} && \
echo "Build ${lvm2_repo} version: ${lvm2_version}" && \
git clone --depth 1 --branch "${lvm2_version}" "${lvm2_repo}" lvm2 && \
pushd lvm2 && \
./configure --enable-static_link --disable-selinux && \
make && make install && \
cp ./libdm/libdevmapper.pc /usr/lib/pkgconfig/devmapper.pc && \
popd && \
echo "Build ${cryptsetup_repo} version: ${cryptsetup_version}" && \
git clone --depth 1 --branch "${cryptsetup_version}" "${cryptsetup_repo}" cryptsetup && \
pushd cryptsetup && \
./autogen.sh && \
./configure --enable-static --enable-static-cryptsetup --disable-udev --disable-external-tokens --disable-ssh-token && \
make && make install && \
strip /usr/sbin/veritysetup.static && \
popd && \
echo "Build gen_init_cpio tool" && \
git clone --depth 1 --filter=blob:none --sparse https://github.com/torvalds/linux.git && \
pushd linux && \
git sparse-checkout add usr && cd usr && make gen_init_cpio && \
install gen_init_cpio /usr/sbin/ && \
popd && \
popd && \
rm -rf ${build_root}
COPY init.sh /usr/sbin/init.sh

40
tools/packaging/static-build/initramfs/build-initramfs.sh
View File

@ -12,44 +12,4 @@ script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "${script_dir}/../../scripts/lib.sh" source "${script_dir}/../../scripts/lib.sh"
install_dir="${1:-.}" install_dir="${1:-.}"
cryptsetup_repo="${cryptsetup_repo:-}"
cryptsetup_version="${cryptsetup_version:-}"
lvm2_repo="${lvm2_repo:-}"
lvm2_version="${lvm2_version:-}"
[ -n "${cryptsetup_repo}" ] || die "Failed to get cryptsetup repo"
[ -n "${cryptsetup_version}" ] || die "Failed to get cryptsetup version"
[ -n "${lvm2_repo}" ] || die "Failed to get lvm2 repo"
[ -n "${lvm2_version}" ] || die "Failed to get lvm2 version"
build_root=$(mktemp -d)
pushd ${build_root}
info "Build ${lvm2_repo} version: ${lvm2_version}"
git clone --depth 1 --branch "${lvm2_version}" "${lvm2_repo}" lvm2
pushd lvm2
./configure --enable-static_link --disable-selinux
make && make install
cp ./libdm/libdevmapper.pc /usr/lib/pkgconfig/devmapper.pc
popd #lvm2
info "Build ${cryptsetup_repo} version: ${cryptsetup_version}"
git clone --depth 1 --branch "${cryptsetup_version}" "${cryptsetup_repo}" cryptsetup
pushd cryptsetup
./autogen.sh
./configure --enable-static --enable-static-cryptsetup --disable-udev --disable-external-tokens --disable-ssh-token
make && make install
strip /usr/sbin/veritysetup.static
popd #cryptsetup
info "Build gen_init_cpio tool"
git clone --depth 1 --filter=blob:none --sparse https://github.com/torvalds/linux.git
pushd linux
git sparse-checkout add usr && cd usr && make gen_init_cpio
install gen_init_cpio /usr/sbin/
popd #linux
popd #${build_root}
install "${script_dir}/init.sh" /usr/sbin/
gen_init_cpio "${script_dir}/initramfs.list" | gzip -9 -n > "${install_dir}"/initramfs.cpio.gz gen_init_cpio "${script_dir}/initramfs.list" | gzip -9 -n > "${install_dir}"/initramfs.cpio.gz

8
tools/packaging/static-build/initramfs/build.sh
View File

@ -35,15 +35,15 @@ package_output_dir="${package_output_dir:-}"
container_image="${BUILDER_REGISTRY}:initramfs-cryptsetup-${cryptsetup_version}-lvm2-${lvm2_version}-$(get_last_modification ${repo_root_dir} ${script_dir})" container_image="${BUILDER_REGISTRY}:initramfs-cryptsetup-${cryptsetup_version}-lvm2-${lvm2_version}-$(get_last_modification ${repo_root_dir} ${script_dir})"
sudo docker pull ${container_image} || (sudo docker build \ sudo docker pull ${container_image} || (sudo docker build \
--build-arg cryptsetup_repo="${cryptsetup_repo}" \
--build-arg cryptsetup_version="${cryptsetup_version}" \
--build-arg lvm2_repo="${lvm2_repo}" \
--build-arg lvm2_version="${lvm2_version}" \
-t "${container_image}" "${script_dir}" && \ -t "${container_image}" "${script_dir}" && \
# No-op unless PUSH_TO_REGISTRY is exported as "yes" # No-op unless PUSH_TO_REGISTRY is exported as "yes"
push_to_registry "${container_image}") push_to_registry "${container_image}")
sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
-w "${PWD}" \ -w "${PWD}" \
--env cryptsetup_repo="${cryptsetup_repo}" \
--env cryptsetup_version="${cryptsetup_version}" \
--env lvm2_repo="${lvm2_repo}" \
--env lvm2_version="${lvm2_version}" \
"${container_image}" \ "${container_image}" \
bash -c "${initramfs_builder} ${default_install_dir}" bash -c "${initramfs_builder} ${default_install_dir}"