From 86c41074b403d092a532ae539010c024c7368c55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 15 Sep 2023 12:34:30 +0200 Subject: [PATCH 1/2] ci: cache: Check the sha256sum of the component MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We've removed this in the part 2 of this effort, as we were not caching the sha256sum of the component. Now that this part has been merged, let's get back to checking it. Fixes: #7834 -- part 3 Signed-off-by: Fabiano Fidêncio --- .../kata-deploy/local-build/kata-deploy-binaries.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 3868c72958..09aa633297 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -111,6 +111,11 @@ EOF exit "${return_code}" } +cleanup_and_fail() { + rm -f "${component_tarball_name}" + return 1 +} + install_cached_tarball_component() { if [ "${USE_CACHE}" != "yes" ]; then return 1 @@ -132,6 +137,7 @@ install_cached_tarball_component() { [ "${cached_image_version}" != "${current_image_version}" ] && return 1 [ "${cached_version}" != "${current_version}" ] && return 1 + sha256sum -c "${component}-sha256sum" || return $(cleanup_and_fail) info "Using cached tarball of ${component}" mv "${component_tarball_name}" "${component_tarball_path}" From eecd5bf2aabfb015b37d8102e24c6b28e2f85149 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 15 Sep 2023 12:37:22 +0200 Subject: [PATCH 2/2] ci: cache: Fix ovmf-sev cache MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The cached tarball is relying on the component name, thus it's important to set it correctly, otherwise we'll end up always building it. With this patch applied: ``` ≡ ⨯ make ovmf-sev-tarball make ovmf-sev-tarball-build make[1]: Entering directory '/home/ffidenci/src/upstream/kata-containers/kata-containers' /home/ffidenci/src/upstream/kata-containers/kata-containers/tools/packaging/kata-deploy/local-build//kata-deploy-binaries-in-docker.sh --build=ovmf-sev sha256:67cc94e393dc1d5bfc2b77a77e83c9b1c0833d0fbbebaa9e9e36f938bb841fcc Build kata version 3.2.0-rc0: ovmf-sev INFO: DESTDIR /home/ffidenci/src/upstream/kata-containers/kata-containers/tools/packaging/kata-deploy/local-build/build/ovmf-sev/destdir Downloading a76f5522493f ovmf-sev-builder-image-version Downloading 7e98c854bd94 kata-static-ovmf-sev.tar.xz Downloading 559311973ff8 ovmf-sev-version Downloaded a76f5522493f ovmf-sev-builder-image-version Downloading 353b655c2297 ovmf-sev-sha256sum Downloaded 559311973ff8 ovmf-sev-version Downloaded 353b655c2297 ovmf-sev-sha256sum Downloaded 7e98c854bd94 kata-static-ovmf-sev.tar.xz Pulled [registry] ghcr.io/kata-containers/cached-artefacts/ovmf-sev:latest-main-x86_64 Digest: sha256:933236c2c79e53be3ca7acc0b966d0ddac9c0335edcb1e8cad8b9bb3aaf508ce kata-static-ovmf-sev.tar.xz: OK INFO: Using cached tarball of ovmf-sev drwxr-xr-x runner/runner 0 2023-09-15 10:34 ./ drwxr-xr-x runner/runner 0 2023-09-15 10:34 ./opt/ drwxr-xr-x runner/runner 0 2023-09-15 10:34 ./opt/kata/ drwxr-xr-x runner/runner 0 2023-09-15 10:34 ./opt/kata/share/ drwxr-xr-x runner/runner 0 2023-09-15 10:34 ./opt/kata/share/ovmf/ -rwxr-xr-x runner/runner 4194304 2023-09-15 10:34 ./opt/kata/share/ovmf/AMDSEV.fd ~/src/upstream/kata-containers/kata-containers/tools/packaging/kata-deploy/local-build/build ~/src/upstream/kata-containers/kata-containers/tools/packaging/kata-deploy/local-build/build/ovmf-sev/builddir ~/src/upstream/kata-containers/kata-containers/tools/packaging/kata-deploy/local-build/build/ovmf-sev/builddir make[1]: Leaving directory '/home/ffidenci/src/upstream/kata-containers/kata-containers' ``` Signed-off-by: Fabiano Fidêncio --- tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 09aa633297..13a61a9157 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -592,6 +592,7 @@ install_ovmf() { tarball_name="${2:-edk2-x86_64.tar.gz}" local component_name="ovmf" + [ "${ovmf_type}" == "sev" ] && component_name="ovmf-sev" [ "${ovmf_type}" == "tdx" ] && component_name="tdvf" latest_artefact="$(get_from_kata_deps "externals.ovmf.${ovmf_type}.version")"