From dab8e5673eee12d6a1e1c0e257d061dbef52554d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 09:23:08 +0100 Subject: [PATCH 1/6] packaging: Fix the cloud hypervisor tarball name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The final cloud hypervisor tarball name is either kata-static-cc-cloud-hypervisor.tar.xz or kata-static-cc-tdx-cloud-hypervisor.tar.xz, meaning it uses "cloud-hypervisor" instead of "clh" in the name. Fixes: #5816 Signed-off-by: Fabiano Fidêncio --- tools/packaging/static-build/cache_components.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/packaging/static-build/cache_components.sh b/tools/packaging/static-build/cache_components.sh index 678ef4fd09..ddb0516865 100755 --- a/tools/packaging/static-build/cache_components.sh +++ b/tools/packaging/static-build/cache_components.sh @@ -29,8 +29,8 @@ cache_qemu_artifacts() { } cache_clh_artifacts() { - local clh_tarball_name="kata-static-cc-clh.tar.xz" - [ -n "${TEE}" ] && clh_tarball_name="kata-static-cc-tdx-clh.tar.xz" + local clh_tarball_name="kata-static-cc-cloud-hypervisor.tar.xz" + [ -n "${TEE}" ] && clh_tarball_name="kata-static-cc-tdx-cloud-hypervisor.tar.xz" local current_clh_version=$(get_from_kata_deps "assets.cloud-hypervisor.version") create_cache_asset "${clh_tarball_name}" "${current_clh_version}" "" } From b9dc23033a28fd34b2ac7bb5bfa715d4169d4d01 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 09:55:27 +0100 Subject: [PATCH 2/6] packaging: Fix cloud-hypervisor version cache MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The name of the asset was wrong, "cloud-hypervisor" instead of "hypervisor.cloud_hypervsior", generating an empty "latest" file. Signed-off-by: Fabiano Fidêncio --- tools/packaging/static-build/cache_components.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/packaging/static-build/cache_components.sh b/tools/packaging/static-build/cache_components.sh index ddb0516865..5d0e9f396f 100755 --- a/tools/packaging/static-build/cache_components.sh +++ b/tools/packaging/static-build/cache_components.sh @@ -31,7 +31,7 @@ cache_qemu_artifacts() { cache_clh_artifacts() { local clh_tarball_name="kata-static-cc-cloud-hypervisor.tar.xz" [ -n "${TEE}" ] && clh_tarball_name="kata-static-cc-tdx-cloud-hypervisor.tar.xz" - local current_clh_version=$(get_from_kata_deps "assets.cloud-hypervisor.version") + local current_clh_version=$(get_from_kata_deps "assets.hypervisor.cloud_hypervisor.version") create_cache_asset "${clh_tarball_name}" "${current_clh_version}" "" } From 7e8e54ce7d7aef083ad2966af3989bb87f159ab8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 10:20:29 +0100 Subject: [PATCH 3/6] packaging: Drop the TDX cloud hypervisor target MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We're currently building Cloud Hypervusor with thE TDX feature regardless of using with TDX or not. Signed-off-by: Fabiano Fidêncio --- tools/packaging/kata-deploy/local-build/Makefile | 3 --- .../kata-deploy/local-build/kata-deploy-binaries.sh | 7 ------- tools/packaging/static-build/cache_components.sh | 1 - 3 files changed, 11 deletions(-) diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile index f522fbc359..8b87e04274 100644 --- a/tools/packaging/kata-deploy/local-build/Makefile +++ b/tools/packaging/kata-deploy/local-build/Makefile @@ -121,9 +121,6 @@ cc-shim-v2-tarball: cc-virtiofsd-tarball: ${MAKE} $@-build -cc-tdx-cloud-hypervisor-tarball: - ${MAKE} $@-build - cc-tdx-kernel-tarball: ${MAKE} $@-build diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index dc1ff041cc..cff5cd6a02 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -253,11 +253,6 @@ install_cc_virtiofsd() { sudo install -D --owner root --group root --mode 0744 virtiofsd/virtiofsd "${destdir}/${cc_prefix}/libexec/virtiofsd" } -# Install static CC cloud-hypervisor asset -install_tdx_cc_clh() { - install_cc_clh -} - #Install CC kernel assert, with TEE support install_cc_tee_kernel() { tee="${1}" @@ -503,8 +498,6 @@ handle_build() { cc-virtiofsd) install_cc_virtiofsd ;; - cc-tdx-cloud-hypervisor) install_tdx_cc_clh ;; - cc-tdx-kernel) install_cc_tdx_kernel ;; cc-sev-kernel) install_cc_sev_kernel ;; diff --git a/tools/packaging/static-build/cache_components.sh b/tools/packaging/static-build/cache_components.sh index 5d0e9f396f..102917442a 100755 --- a/tools/packaging/static-build/cache_components.sh +++ b/tools/packaging/static-build/cache_components.sh @@ -30,7 +30,6 @@ cache_qemu_artifacts() { cache_clh_artifacts() { local clh_tarball_name="kata-static-cc-cloud-hypervisor.tar.xz" - [ -n "${TEE}" ] && clh_tarball_name="kata-static-cc-tdx-cloud-hypervisor.tar.xz" local current_clh_version=$(get_from_kata_deps "assets.hypervisor.cloud_hypervisor.version") create_cache_asset "${clh_tarball_name}" "${current_clh_version}" "" } From 08bea6c9009c2edc7768b6a5a7ae64730422956a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 12:03:19 +0100 Subject: [PATCH 4/6] packaging: Fix checksum logic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Unless the checksum fails, we should *not* call cleanup_and_return. Signed-off-by: Fabiano Fidêncio --- tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index cff5cd6a02..5f4a6e955f 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -130,7 +130,7 @@ install_cached_component() { echo "Downloading tarball from: ${jenkins_build_url}/${component_tarball_name}" curl -fL --progress-bar "${jenkins_build_url}/${component_tarball_name}" -o "${component_tarball_path}" || return cleanup_and_fail curl -fsOL "${jenkins_build_url}/sha256sum-${component_tarball_name}" || return cleanup_and_fail - sha256sum -c "sha256sum-${component_tarball_name}" && return cleanup_and_fail + sha256sum -c "sha256sum-${component_tarball_name}" || return cleanup_and_fail popd } From f93e0c1541653cca2b478ecfc14f35f9bf2fe8a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 12:45:20 +0100 Subject: [PATCH 5/6] packaging: Fix typos in cache_components.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit asserts -> assets stastic -> static Those were not caught during the first merge of the series as we didn't have CI jobs testing for the TEE artefacts. Signed-off-by: Fabiano Fidêncio --- tools/packaging/static-build/cache_components.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/packaging/static-build/cache_components.sh b/tools/packaging/static-build/cache_components.sh index 102917442a..93b5fb22cb 100755 --- a/tools/packaging/static-build/cache_components.sh +++ b/tools/packaging/static-build/cache_components.sh @@ -20,11 +20,12 @@ cache_qemu_artifacts() { local current_qemu_version=$(get_from_kata_deps "assets.hypervisor.qemu.version") if [ -n "${TEE}" ]; then qemu_tarball_name="kata-static-cc-${TEE}-qemu.tar.xz" - [ "${TEE}" == "tdx" ] && current_qemu_version=$(get_from_kata_deps "asserts.hypervisor.qemu.tdx.tag") + [ "${TEE}" == "tdx" ] && current_qemu_version=$(get_from_kata_deps "assets.hypervisor.qemu.tdx.tag") fi local qemu_script_dir="${repo_root_dir}/tools/packaging/static-build/qemu" local qemu_sha=$(calc_qemu_files_sha256sum) local current_qemu_image="$(get_qemu_image_name)" + create_cache_asset "${qemu_tarball_name}" "${current_qemu_version}-${qemu_sha}" "${current_qemu_image}" } @@ -39,7 +40,7 @@ cache_kernel_artifacts() { local current_kernel_image="$(get_kernel_image_name)" local current_kernel_version="$(get_from_kata_deps "assets.kernel.version")" if [ -n "${TEE}" ]; then - kernel_tarball_name="kata-stastic-cc-${TEE}-kernel.tar.xz" + kernel_tarball_name="kata-static-cc-${TEE}-kernel.tar.xz" [ "${TEE}" == "tdx" ] && current_kernel_version="$(get_from_kata_deps "assets.kernel.${TEE}.tag")" [ "${TEE}" == "sev" ] && current_kernel_version="$(get_from_kata_deps "assets.kernel.${TEE}.version")" fi From 2b72f8337c09bb6157208fbf4cfd20e4d610ddf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 2 Dec 2022 14:07:45 +0100 Subject: [PATCH 6/6] kata-deploy-binaries: Fix OVMF/TDVF component_version MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We should use {} instead of () when passing the component version to the install_cached_component() function. Signed-off-by: Fabiano Fidêncio --- tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 5f4a6e955f..c3b17f65b1 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -338,7 +338,7 @@ install_cc_tee_ovmf() { install_cached_component \ "${component_name}" \ "${jenkins_url}/job/kata-containers-2.0-${component_name}-cc-$(uname -m)/${cached_artifacts_path}" \ - "$(component_version)" \ + "${component_version}" \ "$(get_ovmf_image_name)" \ "${final_tarball_name}" \ "${final_tarball_path}" \