github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-08-31 16:36:38 +00:00
Code Issues Projects Releases Wiki Activity

opa: Improve the download logic

Browse Source 
The versions.yaml has a default for the amd64 binary, but there is no
code to actually build the arm64 binary, which seems an overlook.

Let's simplify the OPA logic by removing the direct link to the binary,
and construct that link as part of the checks we do to decide whether we
need to build OPA or not.

Fixes: #8373

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
This commit is contained in:
Zvonko Kaiser
2023-11-03 12:04:29 +00:00
parent 4516f38165
commit ab597a4d5b
2 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
tools/osbuilder/rootfs-builder/rootfs.sh
View File

@@ -700,12 +700,20 @@ EOF
# OPA should be built from the cached source code instead of downloading
# this binary.
#
local opa_repo_url="$(get_package_version_from_kata_yaml externals.open-policy-agent.url)"
local opa_version="$(get_package_version_from_kata_yaml externals.open-policy-agent.version)"
if [ "$ARCH" == "ppc64le" ] || [ "$ARCH" == "s390x" ]; then
opa_repo_url="$(get_package_version_from_kata_yaml externals.open-policy-agent.url)"
info "Building OPA binary from source at ${opa_repo_url}"
build_opa_from_source "${opa_repo_url}" || die "Failed to build OPA"
else
opa_bin_url="$(get_package_version_from_kata_yaml externals.open-policy-agent.meta.binary)"
local opa_binary_arch
case ${ARCH} in
x86_64) opa_binary_arch="amd64" ;;
aarch64) opa_binary_arch="arm64" ;;
*) die "Unsupported architecture for the OPA binary" ;;
esac
local opa_bin_url="${opa_repo_url}/releases/download/${opa_version}/opa_linux_${opa_binary_arch}_static"
info "Downloading OPA binary from ${opa_bin_url}"
curl --fail -L "${opa_bin_url}" -o opa || die "Failed to download OPA"
fi

11
versions.yaml
View File

@@ -297,17 +297,6 @@ externals:
description: "Open Policy Agent"
url: "https://github.com/open-policy-agent/opa"
version: "v0.55.0"
meta:
# - If an OPA package is available for the Guest image distro, that
# package is used instead of the binary below.
#
# - TODO: if an OPA package is not available for the Guest image distro,
# Kata should cache the OPA source code, toolchain information, etc.
# OPA should be built from the cached source code instead of downloading
# this binary.
#
# yamllint disable-line rule:line-length
binary: "https://github.com/open-policy-agent/opa/releases/download/v0.55.0/opa_linux_amd64_static"
ovmf:
description: "Firmware, implementation of UEFI for virtual machines."