From ad240a39e66c347eeff41dd2643fc1732a3bae75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Thu, 21 Aug 2025 00:01:09 +0200 Subject: [PATCH] kata-deploy: tools: tests: Use zstd instead of xz MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Although the compress ratio is not as optimal as using xz, it's way faster to compress / uncompress, and it's "good enough". This change is not small, but it's still self-contained, and has to get in at once, in order to help bisects in the future. Signed-off-by: Fabiano FidĂȘncio --- .../build-kata-static-tarball-amd64.yaml | 10 +-- .../build-kata-static-tarball-arm64.yaml | 10 +-- .../build-kata-static-tarball-ppc64le.yaml | 8 +-- .../build-kata-static-tarball-riscv64.yaml | 2 +- .../build-kata-static-tarball-s390x.yaml | 10 +-- .../publish-kata-deploy-payload.yaml | 2 +- .github/workflows/release-amd64.yaml | 4 +- .github/workflows/release-arm64.yaml | 4 +- .github/workflows/release-ppc64le.yaml | 4 +- .github/workflows/release-s390x.yaml | 4 +- .github/workflows/release.yaml | 2 +- ci/README.md | 12 ++-- .../how-to-run-kata-containers-with-SE-VMs.md | 38 +++++------ tests/common.bash | 4 +- .../rootfs-builder/alpine/Dockerfile.in | 3 +- .../rootfs-builder/cbl-mariner/Dockerfile.in | 3 +- .../rootfs-builder/debian/Dockerfile.in | 3 +- .../rootfs-builder/nvidia/nvidia_rootfs.sh | 4 +- tools/osbuilder/rootfs-builder/rootfs.sh | 14 ++-- tools/packaging/guest-image/build_se_image.sh | 2 +- tools/packaging/kata-deploy/Dockerfile | 8 +-- .../kata-deploy/local-build/Makefile | 4 +- .../local-build/dockerbuild/Dockerfile | 3 +- .../local-build/kata-deploy-binaries.sh | 64 +++++++++---------- .../kata-deploy-build-and-upload-payload.sh | 2 +- .../local-build/kata-deploy-merge-builds.sh | 8 +-- tools/packaging/release/release.sh | 2 +- utils/kata-manager.sh | 2 +- 28 files changed, 120 insertions(+), 116 deletions(-) diff --git a/.github/workflows/build-kata-static-tarball-amd64.yaml b/.github/workflows/build-kata-static-tarball-amd64.yaml index ff75f488d7..5cbc99b646 100644 --- a/.github/workflows/build-kata-static-tarball-amd64.yaml +++ b/.github/workflows/build-kata-static-tarball-amd64.yaml @@ -144,7 +144,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -153,7 +153,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-amd64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.zst retention-days: 15 if-no-files-found: error @@ -224,7 +224,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-amd64-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -316,7 +316,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-amd64-shim-v2${{ inputs.tarball-suffix }} - path: kata-build/kata-static-shim-v2.tar.xz + path: kata-build/kata-static-shim-v2.tar.zst retention-days: 15 if-no-files-found: error @@ -353,6 +353,6 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} - path: kata-static.tar.xz + path: kata-static.tar.zst retention-days: 15 if-no-files-found: error diff --git a/.github/workflows/build-kata-static-tarball-arm64.yaml b/.github/workflows/build-kata-static-tarball-arm64.yaml index fc9376c935..274e5bab68 100644 --- a/.github/workflows/build-kata-static-tarball-arm64.yaml +++ b/.github/workflows/build-kata-static-tarball-arm64.yaml @@ -121,7 +121,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -130,7 +130,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-arm64-${{ matrix.asset }}-headers${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}-headers.tar.zst retention-days: 15 if-no-files-found: error @@ -195,7 +195,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-arm64-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -282,7 +282,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-arm64-shim-v2${{ inputs.tarball-suffix }} - path: kata-build/kata-static-shim-v2.tar.xz + path: kata-build/kata-static-shim-v2.tar.zst retention-days: 15 if-no-files-found: error @@ -319,6 +319,6 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-static-tarball-arm64${{ inputs.tarball-suffix }} - path: kata-static.tar.xz + path: kata-static.tar.zst retention-days: 15 if-no-files-found: error diff --git a/.github/workflows/build-kata-static-tarball-ppc64le.yaml b/.github/workflows/build-kata-static-tarball-ppc64le.yaml index bfe1e9aa53..fd315f1f55 100644 --- a/.github/workflows/build-kata-static-tarball-ppc64le.yaml +++ b/.github/workflows/build-kata-static-tarball-ppc64le.yaml @@ -83,7 +83,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 1 if-no-files-found: error @@ -148,7 +148,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-ppc64le-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 1 if-no-files-found: error @@ -221,7 +221,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-ppc64le-shim-v2${{ inputs.tarball-suffix }} - path: kata-build/kata-static-shim-v2.tar.xz + path: kata-build/kata-static-shim-v2.tar.zst retention-days: 1 if-no-files-found: error @@ -262,6 +262,6 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-static-tarball-ppc64le${{ inputs.tarball-suffix }} - path: kata-static.tar.xz + path: kata-static.tar.zst retention-days: 1 if-no-files-found: error diff --git a/.github/workflows/build-kata-static-tarball-riscv64.yaml b/.github/workflows/build-kata-static-tarball-riscv64.yaml index bf5726d00b..6f04d8d578 100644 --- a/.github/workflows/build-kata-static-tarball-riscv64.yaml +++ b/.github/workflows/build-kata-static-tarball-riscv64.yaml @@ -81,6 +81,6 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-riscv64-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error diff --git a/.github/workflows/build-kata-static-tarball-s390x.yaml b/.github/workflows/build-kata-static-tarball-s390x.yaml index caa905f303..bc6ff45dde 100644 --- a/.github/workflows/build-kata-static-tarball-s390x.yaml +++ b/.github/workflows/build-kata-static-tarball-s390x.yaml @@ -115,7 +115,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -182,7 +182,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-s390x-${{ matrix.asset }}${{ inputs.tarball-suffix }} - path: kata-build/kata-static-${{ matrix.asset }}.tar.xz + path: kata-build/kata-static-${{ matrix.asset }}.tar.zst retention-days: 15 if-no-files-found: error @@ -230,7 +230,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-s390x${{ inputs.tarball-suffix }} - path: kata-build/kata-static-boot-image-se.tar.xz + path: kata-build/kata-static-boot-image-se.tar.zst retention-days: 1 if-no-files-found: error @@ -307,7 +307,7 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-artifacts-s390x-shim-v2${{ inputs.tarball-suffix }} - path: kata-build/kata-static-shim-v2.tar.xz + path: kata-build/kata-static-shim-v2.tar.zst retention-days: 15 if-no-files-found: error @@ -348,6 +348,6 @@ jobs: uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: kata-static-tarball-s390x${{ inputs.tarball-suffix }} - path: kata-static.tar.xz + path: kata-static.tar.zst retention-days: 15 if-no-files-found: error diff --git a/.github/workflows/publish-kata-deploy-payload.yaml b/.github/workflows/publish-kata-deploy-payload.yaml index 22a4a82894..43241eecd9 100644 --- a/.github/workflows/publish-kata-deploy-payload.yaml +++ b/.github/workflows/publish-kata-deploy-payload.yaml @@ -85,6 +85,6 @@ jobs: TAG: ${{ inputs.tag }} run: | ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)/kata-static.tar.xz" \ + "$(pwd)/kata-static.tar.zst" \ "${REGISTRY}/${REPO}" \ "${TAG}" diff --git a/.github/workflows/release-amd64.yaml b/.github/workflows/release-amd64.yaml index 129b8f3054..a5053738e4 100644 --- a/.github/workflows/release-amd64.yaml +++ b/.github/workflows/release-amd64.yaml @@ -74,9 +74,9 @@ jobs: fi for tag in "${tags[@]}"; do ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "ghcr.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "quay.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" done diff --git a/.github/workflows/release-arm64.yaml b/.github/workflows/release-arm64.yaml index aa8176a58b..65657ef611 100644 --- a/.github/workflows/release-arm64.yaml +++ b/.github/workflows/release-arm64.yaml @@ -71,9 +71,9 @@ jobs: fi for tag in "${tags[@]}"; do ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "ghcr.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "quay.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" done diff --git a/.github/workflows/release-ppc64le.yaml b/.github/workflows/release-ppc64le.yaml index a179273b6f..ab6e3e8d63 100644 --- a/.github/workflows/release-ppc64le.yaml +++ b/.github/workflows/release-ppc64le.yaml @@ -71,9 +71,9 @@ jobs: fi for tag in "${tags[@]}"; do ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "ghcr.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "quay.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" done diff --git a/.github/workflows/release-s390x.yaml b/.github/workflows/release-s390x.yaml index 4477bba40b..f72707d9f4 100644 --- a/.github/workflows/release-s390x.yaml +++ b/.github/workflows/release-s390x.yaml @@ -75,9 +75,9 @@ jobs: fi for tag in "${tags[@]}"; do ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "ghcr.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "ghcr.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh \ - "$(pwd)"/kata-static.tar.xz "quay.io/kata-containers/kata-deploy" \ + "$(pwd)"/kata-static.tar.zst "quay.io/kata-containers/kata-deploy" \ "${tag}-${TARGET_ARCH}" done diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 48171cac7b..39c9314324 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -127,7 +127,7 @@ jobs: - name: Set KATA_STATIC_TARBALL env var run: | - tarball=$(pwd)/kata-static.tar.xz + tarball=$(pwd)/kata-static.tar.zst echo "KATA_STATIC_TARBALL=${tarball}" >> "$GITHUB_ENV" - name: Download amd64 artifacts diff --git a/ci/README.md b/ci/README.md index e527985c12..0e93f319bc 100644 --- a/ci/README.md +++ b/ci/README.md @@ -306,7 +306,7 @@ tarball to the newly created VM that will be used for debugging purposes. > [!NOTE] > Those artifacts are only available (for 15 days) when all jobs are finished. -Once you have the `kata-static.tar.xz` in your VM, you can login to the VM with +Once you have the `kata-static.tar.zst` in your VM, you can login to the VM with `kcli ssh debug-nerdctl-pr8070`, go ahead and then clone your development branch ```bash @@ -323,15 +323,15 @@ $ git config --global user.name "Your Name" $ git rebase upstream/main ``` -Now copy the `kata-static.tar.xz` into your `kata-containers/kata-artifacts` directory +Now copy the `kata-static.tar.zst` into your `kata-containers/kata-artifacts` directory ```bash $ mkdir kata-artifacts -$ cp ../kata-static.tar.xz kata-artifacts/ +$ cp ../kata-static.tar.zst kata-artifacts/ ``` > [!NOTE] -> If you downloaded the .zip from GitHub you need to uncompress first to see `kata-static.tar.xz` +> If you downloaded the .zip from GitHub you need to uncompress first to see `kata-static.tar.zst` And finally run the tests following what's in the yaml file for the test you're debugging. @@ -363,11 +363,11 @@ and have fun debugging and hacking! Steps for debugging the Kubernetes tests are very similar to the ones for debugging non-Kubernetes tests, with the caveat that what you'll need, this -time, is not the `kata-static.tar.xz` tarball, but rather a payload to be used +time, is not the `kata-static.tar.zst` tarball, but rather a payload to be used with kata-deploy. In order to generate your own kata-deploy image you can generate your own -`kata-static.tar.xz` and then take advantage of the following script. Be aware +`kata-static.tar.zst` and then take advantage of the following script. Be aware that the image generated and uploaded must be accessible by the VM where you'll be performing your tests. diff --git a/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md b/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md index a2239b0078..eef135e1df 100644 --- a/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md +++ b/docs/how-to/how-to-run-kata-containers-with-SE-VMs.md @@ -89,16 +89,16 @@ However, if any of these components are absent, they must be built from the $ # Assume that the project is cloned at $GOPATH/src/github.com/kata-containers $ cd $GOPATH/src/github.com/kata-containers/kata-containers $ make rootfs-initrd-confidential-tarball -$ tar -tf build/kata-static-kernel-confidential.tar.xz | grep vmlinuz +$ tar --zstd -tf build/kata-static-kernel-confidential.tar.zst | grep vmlinuz ./opt/kata/share/kata-containers/vmlinuz-confidential.container ./opt/kata/share/kata-containers/vmlinuz-6.7-136-confidential $ kernel_version=6.7-136 -$ tar -tf build/kata-static-rootfs-initrd-confidential.tar.xz | grep initrd +$ tar --zstd -tf build/kata-static-rootfs-initrd-confidential.tar.zst | grep initrd ./opt/kata/share/kata-containers/kata-containers-initrd-confidential.img ./opt/kata/share/kata-containers/kata-ubuntu-20.04-confidential.initrd $ mkdir artifacts -$ tar -xvf build/kata-static-kernel-confidential.tar.xz -C artifacts ./opt/kata/share/kata-containers/vmlinuz-${kernel_version}-confidential -$ tar -xvf build/kata-static-rootfs-initrd-confidential.tar.xz -C artifacts ./opt/kata/share/kata-containers/kata-ubuntu-20.04-confidential.initrd +$ tar --zstd -xvf build/kata-static-kernel-confidential.tar.zst -C artifacts ./opt/kata/share/kata-containers/vmlinuz-${kernel_version}-confidential +$ tar --zstd -xvf build/kata-static-rootfs-initrd-confidential.tar.zst -C artifacts ./opt/kata/share/kata-containers/kata-ubuntu-20.04-confidential.initrd $ ls artifacts/opt/kata/share/kata-containers/ kata-ubuntu-20.04-confidential.initrd vmlinuz-${kernel_version}-confidential ``` @@ -190,8 +190,8 @@ can be easily accomplished by issuing the following make target: $ cd $GOPATH/src/github.com/kata-containers/kata-containers $ mkdir hkd_dir && cp $host_key_document hkd_dir $ HKD_PATH=hkd_dir SE_KERNEL_PARAMS="agent.log=debug" make boot-image-se-tarball -$ ls build/kata-static-boot-image-se.tar.xz -build/kata-static-boot-image-se.tar.xz +$ ls build/kata-static-boot-image-se.tar.zst +build/kata-static-boot-image-se.tar.zst ``` `SE_KERNEL_PARAMS` could be used to add any extra kernel parameters. If no additional kernel configuration is required, this can be omitted. @@ -344,18 +344,18 @@ $ make virtiofsd-tarball $ make shim-v2-tarball $ mkdir kata-artifacts $ build_dir=$(readlink -f build) -$ cp -r $build_dir/*.tar.xz kata-artifacts +$ cp -r $build_dir/*.tar.zst kata-artifacts $ ls -1 kata-artifacts -kata-static-agent.tar.xz -kata-static-boot-image-se.tar.xz -kata-static-coco-guest-components.tar.xz -kata-static-kernel-confidential-modules.tar.xz -kata-static-kernel-confidential.tar.xz -kata-static-pause-image.tar.xz -kata-static-qemu.tar.xz -kata-static-rootfs-initrd-confidential.tar.xz -kata-static-shim-v2.tar.xz -kata-static-virtiofsd.tar.xz +kata-static-agent.tar.zst +kata-static-boot-image-se.tar.zst +kata-static-coco-guest-components.tar.zst +kata-static-kernel-confidential-modules.tar.zst +kata-static-kernel-confidential.tar.zst +kata-static-pause-image.tar.zst +kata-static-qemu.tar.zst +kata-static-rootfs-initrd-confidential.tar.zst +kata-static-shim-v2.tar.zst +kata-static-virtiofsd.tar.zst $ ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts ``` @@ -369,7 +369,7 @@ command before running `kata-deploy-merge-builds.sh`: $ make rootfs-image-tarball ``` -At this point, you should have an archive file named `kata-static.tar.xz` at the project root, +At this point, you should have an archive file named `kata-static.tar.zst` at the project root, which will be used to build a payload image. If you are using a local container registry at `localhost:5000`, proceed with the following: @@ -381,7 +381,7 @@ Build and push a payload image with the name `localhost:5000/build-kata-deploy` `latest` using the following: ``` -$ ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh kata-static.tar.xz localhost:5000/build-kata-deploy latest +$ ./tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh kata-static.tar.zst localhost:5000/build-kata-deploy latest ... logs ... Pushing the image localhost:5000/build-kata-deploy:latest to the registry The push refers to repository [localhost:5000/build-kata-deploy] diff --git a/tests/common.bash b/tests/common.bash index 2d92ff5876..5d2da4690e 100644 --- a/tests/common.bash +++ b/tests/common.bash @@ -430,13 +430,13 @@ EOF function install_kata_core() { declare -r katadir="$1" declare -r destdir="/" - declare -r kata_tarball="kata-static.tar.xz" + declare -r kata_tarball="kata-static.tar.zst" # Removing previous kata installation sudo rm -rf "${katadir}" pushd "${kata_tarball_dir}" - sudo tar -xvf "${kata_tarball}" -C "${destdir}" + sudo tar --zstd -xvf "${kata_tarball}" -C "${destdir}" popd } diff --git a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in index d6842fdbcf..327197417f 100644 --- a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in @@ -26,6 +26,7 @@ RUN apk update && apk add --no-cache \ musl-dev \ protoc \ tar \ - xz + xz \ + zstd # aarch64 requires this name -- link for all RUN ln -s /usr/bin/gcc "/usr/bin/$(uname -m)-linux-musl-gcc" diff --git a/tools/osbuilder/rootfs-builder/cbl-mariner/Dockerfile.in b/tools/osbuilder/rootfs-builder/cbl-mariner/Dockerfile.in index 59f8bcc973..0ce4f634b6 100644 --- a/tools/osbuilder/rootfs-builder/cbl-mariner/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/cbl-mariner/Dockerfile.in @@ -11,6 +11,7 @@ RUN tdnf -y install \ dnf \ git \ tar \ - xz + xz \ + zstd @INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/debian/Dockerfile.in b/tools/osbuilder/rootfs-builder/debian/Dockerfile.in index f8c26b8c33..c0841af6be 100644 --- a/tools/osbuilder/rootfs-builder/debian/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/debian/Dockerfile.in @@ -33,7 +33,8 @@ RUN apt-get update && apt-get --no-install-recommends install -y \ tar \ vim \ wget \ - xz-utils + xz-utils \ + zstd # aarch64 requires this name -- link for all RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc" diff --git a/tools/osbuilder/rootfs-builder/nvidia/nvidia_rootfs.sh b/tools/osbuilder/rootfs-builder/nvidia/nvidia_rootfs.sh index 96b3cf1b57..c662af764f 100644 --- a/tools/osbuilder/rootfs-builder/nvidia/nvidia_rootfs.sh +++ b/tools/osbuilder/rootfs-builder/nvidia/nvidia_rootfs.sh @@ -123,7 +123,7 @@ setup_nvidia_gpu_rootfs_stage_one() { # We need the kernel packages for building the drivers cleanly will be # deinstalled and removed from the roofs once the build finishes. - tar -xvf "${BUILD_DIR}"/kata-static-kernel-nvidia-gpu"${appendix}"-headers.tar.xz -C . + tar --zstd -xvf "${BUILD_DIR}"/kata-static-kernel-nvidia-gpu"${appendix}"-headers.tar.zst -C . # If we find a local downloaded run file build the kernel modules # with it, otherwise use the distribution packages. Run files may have @@ -237,7 +237,7 @@ chisseled_gpudirect() { chisseled_init() { echo "nvidia: chisseling init" - tar xvf "${BUILD_DIR}"/kata-static-busybox.tar.xz -C . + tar --zstd -xvf "${BUILD_DIR}"/kata-static-busybox.tar.zst -C . mkdir -p dev etc proc run/cdi sys tmp usr var lib/modules lib/firmware \ usr/share/nvidia lib/"${machine_arch}"-linux-gnu lib64 \ diff --git a/tools/osbuilder/rootfs-builder/rootfs.sh b/tools/osbuilder/rootfs-builder/rootfs.sh index 9331c143e5..c87de25a48 100755 --- a/tools/osbuilder/rootfs-builder/rootfs.sh +++ b/tools/osbuilder/rootfs-builder/rootfs.sh @@ -190,7 +190,7 @@ AGENT_SOURCE_BIN Path to the directory of agent binary. AGENT_SOURCE_BIN and AGENT_TARBALL should never be used toghether. Default value: -AGENT_TARBALL Path to the kata-agent.tar.xz tarball to be unpacked inside the +AGENT_TARBALL Path to the kata-agent.tar.zst tarball to be unpacked inside the rootfs. If set, this will take the priority and will be used instead of building the agent. @@ -205,7 +205,7 @@ ARCH Target architecture (according to \`uname -m\`). and glibc agents. Default value: $(uname -m) -COCO_GUEST_COMPONENTS_TARBALL Path to the kata-coco-guest-components.tar.xz tarball to be unpacked inside the +COCO_GUEST_COMPONENTS_TARBALL Path to the kata-coco-guest-components.tar.zst tarball to be unpacked inside the rootfs. If set, the tarball will be unpacked onto the rootfs. Default value: @@ -234,7 +234,7 @@ KERNEL_MODULES_DIR Path to a directory containing kernel modules to include in LIBC libc the agent is built against (gnu or musl). Default value: ${LIBC} (varies with architecture) -PAUSE_IMAGE_TARBALL Path to the kata-static-pause-image.tar.xz tarball to be unpacked inside the +PAUSE_IMAGE_TARBALL Path to the kata-static-pause-image.tar.zst tarball to be unpacked inside the rootfs. If set, the tarball will be unpacked onto the rootfs. Default value: @@ -756,7 +756,7 @@ EOF cp ${AGENT_SOURCE_BIN} ${AGENT_DEST} OK "cp ${AGENT_SOURCE_BIN} ${AGENT_DEST}" else - tar xvJpf ${AGENT_TARBALL} -C ${ROOTFS_DIR} + tar --zstd -xvf ${AGENT_TARBALL} -C ${ROOTFS_DIR} fi ${stripping_tool} ${ROOTFS_DIR}/usr/bin/kata-agent @@ -803,7 +803,7 @@ EOF if [[ -n "${GUEST_HOOKS_TARBALL}" ]]; then info "Install the ${GUEST_HOOKS_TARBALL} guest hooks" - tar xvJpf "${GUEST_HOOKS_TARBALL}" -C "${ROOTFS_DIR}" + tar --zstd -xvf "${GUEST_HOOKS_TARBALL}" -C "${ROOTFS_DIR}" fi info "Check init is installed" @@ -812,12 +812,12 @@ EOF if [ -n "${PAUSE_IMAGE_TARBALL}" ] ; then info "Installing the pause image tarball" - tar xvJpf ${PAUSE_IMAGE_TARBALL} -C ${ROOTFS_DIR} + tar --zstd -xvf ${PAUSE_IMAGE_TARBALL} -C ${ROOTFS_DIR} fi if [ -n "${COCO_GUEST_COMPONENTS_TARBALL}" ] ; then info "Installing the Confidential Containers guest components tarball" - tar xvJpf ${COCO_GUEST_COMPONENTS_TARBALL} -C ${ROOTFS_DIR} + tar --zstd -xvf ${COCO_GUEST_COMPONENTS_TARBALL} -C ${ROOTFS_DIR} fi # Create an empty /etc/resolv.conf, to allow agent to bind mount container resolv.conf to Kata VM diff --git a/tools/packaging/guest-image/build_se_image.sh b/tools/packaging/guest-image/build_se_image.sh index dd97d4a07c..afe7b8618f 100755 --- a/tools/packaging/guest-image/build_se_image.sh +++ b/tools/packaging/guest-image/build_se_image.sh @@ -48,7 +48,7 @@ build_image() { mkdir -p "${image_source_dir}" pushd "${tarball_dir}" for tarball_id in kernel-confidential rootfs-initrd-confidential; do - tar xvf kata-static-${tarball_id}.tar.xz -C "${image_source_dir}" + tar --zstd -xvf kata-static-${tarball_id}.tar.zst -C "${image_source_dir}" done popd diff --git a/tools/packaging/kata-deploy/Dockerfile b/tools/packaging/kata-deploy/Dockerfile index d6fdc5e342..eaf94005ad 100644 --- a/tools/packaging/kata-deploy/Dockerfile +++ b/tools/packaging/kata-deploy/Dockerfile @@ -5,7 +5,7 @@ ARG BASE_IMAGE_NAME=alpine ARG BASE_IMAGE_TAG=3.22 FROM $BASE_IMAGE_NAME:$BASE_IMAGE_TAG -ARG KATA_ARTIFACTS=./kata-static.tar.xz +ARG KATA_ARTIFACTS=./kata-static.tar.zst ARG DESTINATION=/opt/kata-artifacts COPY ${KATA_ARTIFACTS} ${WORKDIR} @@ -19,7 +19,7 @@ COPY ${KATA_ARTIFACTS} ${WORKDIR} # word splitting, which can also be ignored for now. # hadolint ignore=DL3018,SC2086 RUN \ - apk --no-cache add bash curl && \ + apk --no-cache add bash curl tar zstd && \ ARCH=$(uname -m) && \ if [ "${ARCH}" = "x86_64" ]; then ARCH=amd64; fi && \ if [ "${ARCH}" = "aarch64" ]; then ARCH=arm64; fi && \ @@ -30,9 +30,9 @@ RUN \ curl -fL --progress-bar -o /usr/bin/jq https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux-${DEBIAN_ARCH} && \ chmod +x /usr/bin/jq && \ mkdir -p ${DESTINATION} && \ - tar xvf ${WORKDIR}/${KATA_ARTIFACTS} -C ${DESTINATION} && \ + tar --zstd -xvf ${WORKDIR}/${KATA_ARTIFACTS} -C ${DESTINATION} && \ rm -f ${WORKDIR}/${KATA_ARTIFACTS} && \ - apk del curl && \ + apk del curl tar zstd && \ apk --no-cache add py3-pip && \ pip install --no-cache-dir yq==3.2.3 --break-system-packages diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile index bd1fb7031b..565c1eb157 100644 --- a/tools/packaging/kata-deploy/local-build/Makefile +++ b/tools/packaging/kata-deploy/local-build/Makefile @@ -57,7 +57,7 @@ endef define DUMMY $(call BUILD,"dummy") - mv $(MK_DIR)/build/kata-static-dummy.tar.xz $(MK_DIR)/build/kata-static-$(patsubst %-tarball,%,$1).tar.xz + mv $(MK_DIR)/build/kata-static-dummy.tar.zst $(MK_DIR)/build/kata-static-$(patsubst %-tarball,%,$1).tar.zst endef kata-tarball: | all-parallel merge-builds @@ -201,4 +201,4 @@ merge-builds: $(MK_DIR)/kata-deploy-merge-builds.sh build "$(MK_DIR)/../../../../versions.yaml" install-tarball: - tar -xf ./kata-static.tar.xz -C / + tar --zstd -xf ./kata-static.tar.zst -C / diff --git a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile index eb617c89b3..737fd8418d 100644 --- a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile +++ b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile @@ -57,7 +57,8 @@ RUN apt-get update && \ git \ make \ wget \ - xz-utils && \ + xz-utils \ + zstd && \ if [ "${ARCH}" != "$(uname -m)" ] && [ "${ARCH}" == "s390x" ]; then \ apt-get install -y --no-install-recommends \ gcc-s390x-linux-gnu \ diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 5f684914c7..40c0aa713b 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -215,11 +215,11 @@ install_cached_shim_v2_tarball_get_root_hash() { fi local tarball_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build" - local image_conf_tarball="kata-static-rootfs-image-confidential.tar.xz" + local image_conf_tarball="kata-static-rootfs-image-confidential.tar.zst" local root_hash_basedir="./opt/kata/share/kata-containers/" - tar xvf "${tarball_dir}/${image_conf_tarball}" ${root_hash_basedir}root_hash.txt --transform s,${root_hash_basedir},, + tar --zstd -xvf "${tarball_dir}/${image_conf_tarball}" ${root_hash_basedir}root_hash.txt --transform s,${root_hash_basedir},, mv root_hash.txt "${tarball_dir}/root_hash.txt" return 0 @@ -290,14 +290,14 @@ install_cached_tarball_component() { get_agent_tarball_path() { agent_local_build_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build" - agent_tarball_name="kata-static-agent.tar.xz" + agent_tarball_name="kata-static-agent.tar.zst" echo "${agent_local_build_dir}/${agent_tarball_name}" } get_coco_guest_components_tarball_path() { coco_guest_components_local_build_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build" - coco_guest_components_tarball_name="kata-static-coco-guest-components.tar.xz" + coco_guest_components_tarball_name="kata-static-coco-guest-components.tar.zst" echo "${coco_guest_components_local_build_dir}/${coco_guest_components_tarball_name}" } @@ -313,7 +313,7 @@ get_latest_coco_guest_components_artefact_and_builder_image_version() { get_pause_image_tarball_path() { pause_image_local_build_dir="${repo_root_dir}/tools/packaging/kata-deploy/local-build/build" - pause_image_tarball_name="kata-static-pause-image.tar.xz" + pause_image_tarball_name="kata-static-pause-image.tar.zst" echo "${pause_image_local_build_dir}/${pause_image_tarball_name}" } @@ -635,12 +635,12 @@ install_cached_kernel_tarball_component() { "kernel-nvidia-gpu"*"") local kernel_headers_dir=$(get_kernel_headers_dir "${kernel_name}") mkdir -p ${kernel_headers_dir} || true - tar xvf ${workdir}/${kernel_name}/builddir/kata-static-${kernel_name}-headers.tar.xz -C "${kernel_headers_dir}" || return 1 - ;;& # fallthrough in the confidential case we need the modules.tar.xz and for every kernel-nvidia-gpu we need the headers + tar --zstd -xvf ${workdir}/${kernel_name}/builddir/kata-static-${kernel_name}-headers.tar.zst -C "${kernel_headers_dir}" || return 1 + ;;& # fallthrough in the confidential case we need the modules.tar.zst and for every kernel-nvidia-gpu we need the headers "kernel"*"-confidential") local modules_dir=$(get_kernel_modules_dir ${kernel_version} ${kernel_kata_config_version} ${build_target}) mkdir -p "${modules_dir}" || true - tar xvf "${workdir}/kata-static-${kernel_name}-modules.tar.xz" -C "${modules_dir}" || return 1 + tar --zstd -xvf "${workdir}/kata-static-${kernel_name}-modules.tar.zst" -C "${modules_dir}" || return 1 ;; esac @@ -664,13 +664,13 @@ install_kernel_helper() { fi if [[ "${kernel_name}" == "kernel"*"-confidential" ]]; then - local kernel_modules_tarball_name="kata-static-${kernel_name}-modules.tar.xz" + local kernel_modules_tarball_name="kata-static-${kernel_name}-modules.tar.zst" local kernel_modules_tarball_path="${workdir}/${kernel_modules_tarball_name}" extra_tarballs="${kernel_modules_tarball_name}:${kernel_modules_tarball_path}" fi if [[ "${kernel_name}" == "kernel-nvidia-gpu*" ]]; then - local kernel_headers_tarball_name="kata-static-${kernel_name}-headers.tar.xz" + local kernel_headers_tarball_name="kata-static-${kernel_name}-headers.tar.zst" local kernel_headers_tarball_path="${workdir}/${kernel_headers_tarball_name}" extra_tarballs+=" ${kernel_headers_tarball_name}:${kernel_headers_tarball_path}" fi @@ -758,7 +758,7 @@ install_qemu_helper() { info "build static ${qemu_name}" "${builder}" - tar xvf "${qemu_tarball_name}" -C "${destdir}" + tar --zstd -xvf "${qemu_tarball_name}" -C "${destdir}" } # Install static qemu asset @@ -976,7 +976,7 @@ install_ovmf() { && return 0 DESTDIR="${destdir}" PREFIX="${prefix}" ovmf_build="${ovmf_type}" "${ovmf_builder}" - tar xvf "${builddir}/${tarball_name}" -C "${destdir}" + tar --zstd -xvf "${builddir}/${tarball_name}" -C "${destdir}" } # Install OVMF SEV @@ -1196,7 +1196,7 @@ handle_build() { local build_target build_target="$1" - export final_tarball_path="${workdir}/kata-static-${build_target}.tar.xz" + export final_tarball_path="${workdir}/kata-static-${build_target}.tar.zst" export final_tarball_name="$(basename ${final_tarball_path})" rm -f ${final_tarball_name} @@ -1308,7 +1308,7 @@ handle_build() { virtiofsd) install_virtiofsd ;; dummy) - tar cvfJ ${final_tarball_path} --files-from /dev/null + tar --zstd -cvf ${final_tarball_path} --files-from /dev/null ;; *) @@ -1318,54 +1318,54 @@ handle_build() { if [ ! -f "${final_tarball_path}" ]; then cd "${destdir}" - tar cvfJ "${final_tarball_path}" "." + tar --zstd -cvf "${final_tarball_path}" "." fi - tar tvf "${final_tarball_path}" + tar --zstd -tvf "${final_tarball_path}" case ${build_target} in kernel-nvidia-gpu*) - local kernel_headers_final_tarball_path="${workdir}/kata-static-${build_target}-headers.tar.xz" + local kernel_headers_final_tarball_path="${workdir}/kata-static-${build_target}-headers.tar.zst" if [ ! -f "${kernel_headers_final_tarball_path}" ]; then local kernel_headers_dir kernel_headers_dir=$(get_kernel_headers_dir "${build_target}") pushd "${kernel_headers_dir}" - find . -type f -name "*.${KERNEL_HEADERS_PKG_TYPE}" -exec tar rvf kernel-headers.tar {} + + find . -type f -name "*.${KERNEL_HEADERS_PKG_TYPE}" -exec tar -rvf kernel-headers.tar {} + if [ -n "${KBUILD_SIGN_PIN}" ]; then head -n1 kata-linux-*/certs/signing_key.pem | grep -q "ENCRYPTED PRIVATE KEY" || die "signing_key.pem is not encrypted" mv kata-linux-*/certs/signing_key.pem . mv kata-linux-*/certs/signing_key.x509 . tar -rvf kernel-headers.tar signing_key.pem signing_key.x509 --remove-files fi - xz -T0 kernel-headers.tar - mv kernel-headers.tar.xz "${kernel_headers_final_tarball_path}" + zstd -T0 kernel-headers.tar -o kernel-headers.tar.zst + mv kernel-headers.tar.zst "${kernel_headers_final_tarball_path}" popd fi - tar tvf "${kernel_headers_final_tarball_path}" - ;;& # fallthrough in the confidential case we need the modules.tar.xz and for every kernel-nvidia-gpu we need the headers + tar --zstd -tvf "${kernel_headers_final_tarball_path}" + ;;& # fallthrough in the confidential case we need the modules.tar.zst and for every kernel-nvidia-gpu we need the headers kernel*-confidential) - local modules_final_tarball_path="${workdir}/kata-static-${build_target}-modules.tar.xz" + local modules_final_tarball_path="${workdir}/kata-static-${build_target}-modules.tar.zst" if [ ! -f "${modules_final_tarball_path}" ]; then local modules_dir=$(get_kernel_modules_dir ${kernel_version} ${kernel_kata_config_version} ${build_target}) pushd "${modules_dir}" rm -f build - tar cvfJ "${modules_final_tarball_path}" "." + tar --zstd -cvf "${modules_final_tarball_path}" "." popd fi - tar tvf "${modules_final_tarball_path}" + tar --zstd -tvf "${modules_final_tarball_path}" ;; shim-v2) if [ "${MEASURED_ROOTFS}" = "yes" ]; then - local image_conf_tarball="${workdir}/kata-static-rootfs-image-confidential.tar.xz" + local image_conf_tarball="${workdir}/kata-static-rootfs-image-confidential.tar.zst" if [ ! -f "${image_conf_tarball}" ]; then die "Building the shim-v2 with MEASURED_ROOTFS support requires a rootfs confidential image tarball" fi local root_hash_basedir="./opt/kata/share/kata-containers/" - if ! tar xvf ${image_conf_tarball} ${root_hash_basedir}root_hash.txt --transform s,${root_hash_basedir},,; then - die "Building the shim-v2 with MEASURED_ROOTFS support requres a rootfs confidential image tarball built with MEASURED_ROOTFS support" + if ! tar --zstd -xvf ${image_conf_tarball} --transform s,${root_hash_basedir},, ${root_hash_basedir}root_hash.txt; then + die "Building the shim-v2 with MEASURED_ROOTFS support requires a rootfs confidential image tarball built with MEASURED_ROOTFS support" fi mv root_hash.txt ${workdir}/shim-v2-root_hash.txt @@ -1422,18 +1422,18 @@ handle_build() { case ${build_target} in kernel-nvidia-gpu) files_to_push+=( - "kata-static-${build_target}-headers.tar.xz" + "kata-static-${build_target}-headers.tar.zst" ) ;; kernel-nvidia-gpu-confidential) files_to_push+=( - "kata-static-${build_target}-modules.tar.xz" - "kata-static-${build_target}-headers.tar.xz" + "kata-static-${build_target}-modules.tar.zst" + "kata-static-${build_target}-headers.tar.zst" ) ;; kernel*-confidential) files_to_push+=( - "kata-static-${build_target}-modules.tar.xz" + "kata-static-${build_target}-modules.tar.zst" ) ;; shim-v2) diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh index be460ffa79..f358df8c67 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-build-and-upload-payload.sh @@ -12,7 +12,7 @@ set -o pipefail set -o errtrace KATA_DEPLOY_DIR="`dirname ${0}`/../../kata-deploy" -KATA_DEPLOY_ARTIFACT="${1:-"kata-static.tar.xz"}" +KATA_DEPLOY_ARTIFACT="${1:-"kata-static.tar.zst"}" REGISTRY="${2:-"quay.io/kata-containers/kata-deploy"}" TAG="${3:-}" diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh index 5bf7df3b37..1e15653d80 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh @@ -16,7 +16,7 @@ repo_root_dir="$(cd "${this_script_dir}/../../../../" && pwd)" kata_build_dir=${1:-build} kata_versions_yaml_file=${2:-""} -tar_path="${PWD}/kata-static.tar.xz" +tar_path="${PWD}/kata-static.tar.zst" kata_versions_yaml_file_path="${PWD}/${kata_versions_yaml_file}" pushd "${kata_build_dir}" @@ -24,10 +24,10 @@ tarball_content_dir="${PWD}/kata-tarball-content" rm -rf "${tarball_content_dir}" mkdir "${tarball_content_dir}" -for c in kata-static-*.tar.xz +for c in kata-static-*.tar.zst do echo "untarring tarball \"${c}\" into ${tarball_content_dir}" - tar -xvf "${c}" -C "${tarball_content_dir}" + tar --zstd -xvf "${c}" -C "${tarball_content_dir}" done pushd "${tarball_content_dir}" @@ -46,5 +46,5 @@ pushd "${tarball_content_dir}" popd echo "create ${tar_path}" -(cd "${tarball_content_dir}"; tar cvfJ "${tar_path}" --owner=0 --group=0 .) +(cd "${tarball_content_dir}"; tar --zstd -cvf "${tar_path}" --owner=0 --group=0 .) popd diff --git a/tools/packaging/release/release.sh b/tools/packaging/release/release.sh index 212749ff35..4a3f0a6d7a 100755 --- a/tools/packaging/release/release.sh +++ b/tools/packaging/release/release.sh @@ -164,7 +164,7 @@ function _upload_kata_static_tarball() RELEASE_VERSION="$(_release_version)" - new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.xz" + new_tarball_name="kata-static-${RELEASE_VERSION}-${ARCHITECTURE}.tar.zst" mv ${KATA_STATIC_TARBALL} "${new_tarball_name}" echo "uploading asset '${new_tarball_name}' (${ARCHITECTURE}) for tag: ${RELEASE_VERSION}" gh release upload "${RELEASE_VERSION}" "${new_tarball_name}" diff --git a/utils/kata-manager.sh b/utils/kata-manager.sh index 298bded568..d4b86325f2 100755 --- a/utils/kata-manager.sh +++ b/utils/kata-manager.sh @@ -219,7 +219,7 @@ github_get_release_file_url() case "$url" in *kata*) - regex="kata-static-${version}-${arch_regex}.tar.xz" ;; + regex="kata-static-${version}-${arch_regex}.tar.zst" ;; *nerdctl*) # Keep this *always* before the containerd check, as it comes from # the very same containerd organisation on GitHub.