Merge pull request #9722 from zvonkok/busybox-build

deploy: Add busybox target
This commit is contained in:
Fabiano Fidêncio 2024-07-17 13:47:15 +02:00 committed by GitHub
commit b7051890af
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 1355 additions and 0 deletions

View File

@ -77,6 +77,9 @@ agent-tarball: copy-scripts-for-the-agent-build
agent-ctl-tarball:
${MAKE} $@-build
busybox-tarball:
${MAKE} $@-build
coco-guest-components-tarball:
${MAKE} $@-build

View File

@ -100,6 +100,7 @@ VIRTIOFSD_CONTAINER_BUILDER="${VIRTIOFSD_CONTAINER_BUILDER:-}"
MEASURED_ROOTFS="${MEASURED_ROOTFS:-}"
PULL_TYPE="${PULL_TYPE:-default}"
USE_CACHE="${USE_CACHE:-}"
BUSYBOX_CONF_FILE=${BUSYBOX_CONF_FILE:-}
docker run \
-v $HOME/.docker:/root/.docker \
@ -127,6 +128,7 @@ docker run \
--env MEASURED_ROOTFS="${MEASURED_ROOTFS}" \
--env PULL_TYPE="${PULL_TYPE}" \
--env USE_CACHE="${USE_CACHE}" \
--env BUSYBOX_CONF_FILE="${BUSYBOX_CONF_FILE}" \
--env AA_KBC="${AA_KBC:-}" \
--env HKD_PATH="$(realpath "${HKD_PATH:-}" 2> /dev/null || true)" \
--env SE_KERNEL_PARAMS="${SE_KERNEL_PARAMS:-}" \

View File

@ -22,6 +22,7 @@ readonly static_build_dir="${repo_root_dir}/tools/packaging/static-build"
readonly version_file="${repo_root_dir}/VERSION"
readonly versions_yaml="${repo_root_dir}/versions.yaml"
readonly busybox_builder="${static_build_dir}/busybox/build.sh"
readonly agent_builder="${static_build_dir}/agent/build.sh"
readonly coco_guest_components_builder="${static_build_dir}/coco-guest-components/build.sh"
readonly clh_builder="${static_build_dir}/cloud-hypervisor/build-static-clh.sh"
@ -40,6 +41,7 @@ readonly tools_builder="${static_build_dir}/tools/build.sh"
readonly se_image_builder="${repo_root_dir}/tools/packaging/guest-image/build_se_image.sh"
ARCH=${ARCH:-$(uname -m)}
BUSYBOX_CONF_FILE="${BUSYBOX_CONF_FILE:-}"
MEASURED_ROOTFS=${MEASURED_ROOTFS:-no}
PULL_TYPE=${PULL_TYPE:-default}
USE_CACHE="${USE_CACHE:-"yes"}"
@ -799,6 +801,22 @@ install_ovmf_sev() {
install_ovmf "sev" "edk2-sev.tar.gz"
}
install_busybox() {
latest_artefact="$(get_from_kata_deps ".externals.busybox.version")"
latest_builder_image="$(get_busybox_image_name)"
install_cached_tarball_component \
"${build_target}" \
"${latest_artefact}" \
"${latest_builder_image}" \
"${final_tarball_name}" \
"${final_tarball_path}" \
&& return 0
info "build static busybox"
DESTDIR=${destdir} BUSYBOX_CONF_FILE=${BUSYBOX_CONF_FILE:?} "${busybox_builder}"
}
install_agent() {
latest_artefact="$(git log -1 --abbrev=9 --pretty=format:"%h" ${repo_root_dir}/src/agent)"
artefact_tag="$(git log -1 --pretty=format:"%H" ${repo_root_dir})"
@ -1014,6 +1032,8 @@ handle_build() {
agent-ctl) install_agent_ctl ;;
busybox) install_busybox ;;
boot-image-se) install_se_image ;;
coco-guest-components) install_coco_guest_components ;;

View File

@ -186,6 +186,11 @@ get_ovmf_image_name() {
echo "${BUILDER_REGISTRY}:ovmf-$(get_last_modification ${ovmf_script_dir})-$(uname -m)"
}
get_busybox_image_name() {
busybox_script_dir="${repo_root_dir}/tools/packaging/static-build/busybox"
echo "${BUILDER_REGISTRY}:busybox-$(get_last_modification "${busybox_script_dir}")-$(uname -m)"
}
get_virtiofsd_image_name() {
ARCH=${ARCH:-$(uname -m)}
case ${ARCH} in

View File

@ -0,0 +1,8 @@
# Copyright (c) 2024 NVIDIA Corporation
#
# SPDX-License-Identifier: Apache-2.0
FROM alpine:3.20.0
RUN apk update && apk --no-cache add gpg gpg-agent coreutils bash curl make \
gcc g++ pkgconf libselinux-dev gpg-agent

View File

@ -0,0 +1,59 @@
#!/usr/bin/env bash
#
# Copyright (c) 2024 NVIDIA Corporation
#
# SPDX-License-Identifier: Apache-2.0
set -o errexit
set -o nounset
set -o pipefail
set -x
script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
# shellcheck source=/dev/null
source "${script_dir}/../../scripts/lib.sh"
build_busybox_from_source()
{
echo "build busybox from source"
URL_TARBZ2="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2"
URL_SHA="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2.sha256"
URL_SIG="${BUSYBOX_URL:?}/busybox-${BUSYBOX_VERSION:?}.tar.bz2.sig"
curl -O "${URL_TARBZ2}"
curl -O "${URL_SHA}"
curl -O "${URL_SIG}"
echo "Verifying SHA256 checksum..."
sha256_file="$(basename "${URL_SHA}")"
sha256sum -c "${sha256_file}"
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys C9E9416F76E610DBD09D040F47B70C55ACC9965B
echo "Verifying GPG signature..."
tarbz_file="$(basename "${URL_TARBZ2}")"
sig_file="$(basename "${URL_SIG}")"
gpg --verify "${sig_file}" "${tarbz_file}"
tar xvf busybox-"${BUSYBOX_VERSION:?}".tar.bz2
cd busybox-"${BUSYBOX_VERSION:?}"
cp "${BUSYBOX_CONF_DIR:?}/${BUSYBOX_CONF_FILE:?}" .config
# we do not want to install to CONFIG_PREFIX="./_install"
# we want CONFIG_PREFIX="${DESTDIR}"
sed -i "s|CONFIG_PREFIX=\"./_install\"|CONFIG_PREFIX=\"${DESTDIR}\"|g" .config
make
make install
}
build_busybox_from_source "$@"

View File

@ -0,0 +1,46 @@
#!/usr/bin/env bash
#
# Copyright (c) 2024 NVIDIA Corporation
#
# SPDX-License-Identifier: Apache-2.0
set -o errexit
set -o nounset
set -o pipefail
set -x
script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
# shellcheck source=/dev/null
source "${script_dir}/../../scripts/lib.sh"
readonly busybox_builder="${script_dir}/build-static-busybox.sh"
busybox_version="$(get_from_kata_deps ".externals.busybox.version")"
readonly BUSYBOX_VERSION=${busybox_version}
busybox_url="$(get_from_kata_deps ".externals.busybox.url")"
readonly BUSYBOX_URL="${busybox_url}"
container_image="${BUSYBOX_CONTAINER_BUILDER:-$(get_busybox_image_name)}"
[ "${CROSS_BUILD}" == "true" ] && container_image="${container_image}-cross-build"
docker pull "${container_image}" || \
(docker $BUILDX build $PLATFORM \
-t "${container_image}" "${script_dir}" \
# No-op unless PUSH_TO_REGISTRY is exported as "yes"
push_to_registry "${container_image}")
docker run --rm -i -v "${repo_root_dir:?}:${repo_root_dir}" \
--env DESTDIR="${DESTDIR:?}" \
--env BUSYBOX_VERSION="${BUSYBOX_VERSION:?}" \
--env BUSYBOX_URL="${BUSYBOX_URL:?}" \
--env BUSYBOX_CONF_FILE="${BUSYBOX_CONF_FILE:?}" \
--env BUSYBOX_CONF_DIR="${script_dir:?}" \
--env HOME="/tmp" \
--user "$(id -u):$(id -g)" \
-w "${repo_root_dir}/build/busybox/builddir" \
"${container_image}" \
sh -c "${busybox_builder}"

File diff suppressed because it is too large Load Diff

View File

@ -213,6 +213,11 @@ assets:
externals:
description: "Third-party projects used by the system"
busybox:
desc: "The Swiss Army Knife of Embedded Linux"
version: "1.36.1"
url: "https://busybox.net/downloads"
cni-plugins:
description: "CNI network plugins"
url: "https://github.com/containernetworking/plugins"