diff --git a/.github/workflows/build-kata-static-tarball-amd64.yaml b/.github/workflows/build-kata-static-tarball-amd64.yaml index 20a59bb8c4..dcfbfdc038 100644 --- a/.github/workflows/build-kata-static-tarball-amd64.yaml +++ b/.github/workflows/build-kata-static-tarball-amd64.yaml @@ -27,9 +27,11 @@ jobs: strategy: matrix: asset: + - agent-ctl - cloud-hypervisor - cloud-hypervisor-glibc - firecracker + - kata-ctl - kernel - kernel-sev - kernel-dragonball-experimental @@ -37,6 +39,7 @@ jobs: - kernel-nvidia-gpu - kernel-nvidia-gpu-snp - kernel-nvidia-gpu-tdx-experimental + - log-parser-rs - nydus - ovmf - ovmf-sev @@ -48,8 +51,10 @@ jobs: - rootfs-initrd - rootfs-initrd-mariner - rootfs-initrd-sev + - runk - shim-v2 - tdvf + - trace-forwarder - virtiofsd stage: - ${{ inputs.stage }} diff --git a/tools/packaging/kata-deploy/local-build/Makefile b/tools/packaging/kata-deploy/local-build/Makefile index ece1900c02..041cd5c800 100644 --- a/tools/packaging/kata-deploy/local-build/Makefile +++ b/tools/packaging/kata-deploy/local-build/Makefile @@ -52,6 +52,9 @@ serial-targets: %-tarball-build: $(MK_DIR)/dockerbuild/install_yq.sh $(call BUILD,$*) +agent-ctl-tarball: + ${MAKE} $@-build + cloud-hypervisor-tarball: ${MAKE} $@-build @@ -61,6 +64,9 @@ cloud-hypervisor-glibc-tarball: firecracker-tarball: ${MAKE} $@-build +kata-ctl-tarball: + ${MAKE} $@-build + kernel-dragonball-experimental-tarball: ${MAKE} $@-build @@ -82,6 +88,9 @@ kernel-tdx-experimental-tarball: kernel-sev-tarball: ${MAKE} $@-build +log-parser-rs-tarball: + ${MAKE} $@-build + nydus-tarball: ${MAKE} $@-build @@ -115,12 +124,18 @@ rootfs-initrd-sev-tarball: kernel-sev-tarball rootfs-initrd-tarball: ${MAKE} $@-build +runk-tarball: + ${MAKE} $@-build + shim-v2-tarball: ${MAKE} $@-build tdvf-tarball: ${MAKE} $@-build +trace-forwarder-tarball: + ${MAKE} $@-build + virtiofsd-tarball: ${MAKE} $@-build diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh index 15a674f39f..0000ad7104 100755 --- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh +++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh @@ -32,8 +32,8 @@ readonly qemu_experimental_builder="${static_build_dir}/qemu/build-static-qemu-e readonly shimv2_builder="${static_build_dir}/shim-v2/build.sh" readonly virtiofsd_builder="${static_build_dir}/virtiofsd/build.sh" readonly nydus_builder="${static_build_dir}/nydus/build.sh" - readonly rootfs_builder="${repo_root_dir}/tools/packaging/guest-image/build_image.sh" +readonly tools_builder="${static_build_dir}/tools/build.sh" ARCH=${ARCH:-$(uname -m)} MEASURED_ROOTFS=${MEASURED_ROOTFS:-no} @@ -81,9 +81,11 @@ options: -s : Silent mode (produce output in case of failure only) --build= : all + agent-ctl cloud-hypervisor cloud-hypervisor-glibc firecracker + kata-ctl kernel kernel-dragonball-experimental kernel-experimental @@ -92,6 +94,7 @@ options: kernel-nvidia-gpu-tdx-experimental kernel-sev-tarball kernel-tdx-experimental + log-parser-rs nydus ovmf ovmf-sev @@ -103,8 +106,10 @@ options: rootfs-initrd rootfs-initrd-mariner rootfs-initrd-sev + runk shim-v2 tdvf + trace-forwarder virtiofsd EOF @@ -620,6 +625,55 @@ install_ovmf_sev() { install_ovmf "sev" "edk2-sev.tar.gz" } +install_tools_helper() { + tool=${1} + + latest_artefact="$(git log -1 --pretty=format:"%h" ${repo_root_dir}/src/tools/${tool})" + latest_builder_image="$(get_tools_image_name)" + + install_cached_tarball_component \ + "${tool}" \ + "${latest_artefact}" \ + "${latest_builder_image}" \ + "${final_tarball_name}" \ + "${final_tarball_path}" \ + && return 0 + + + info "build static ${tool}" + ${tools_builder} ${tool} + + tool_binary=${tool} + [ ${tool} = "agent-ctl" ] && tool_binary="kata-agent-ctl" + [ ${tool} = "log-parser-rs" ] && tool_binary="log-parser" + [ ${tool} = "trace-forwarder" ] && tool_binary="kata-trace-forwarder" + binary=$(find ${repo_root_dir}/src/tools/${tool}/ -type f -name ${tool_binary}) + + info "Install static ${tool_binary}" + mkdir -p "${destdir}/opt/kata/bin/" + sudo install -D --owner root --group root --mode 0744 ${binary} "${destdir}/opt/kata/bin/${tool_binary}" +} + +install_agent_ctl() { + install_tools_helper "agent-ctl" +} + +install_kata_ctl() { + install_tools_helper "kata-ctl" +} + +install_log_parser_rs() { + install_tools_helper "log-parser-rs" +} + +install_runk() { + install_tools_helper "runk" +} + +install_trace_forwarder() { + install_tools_helper "trace-forwarder" +} + get_kata_version() { local v v=$(cat "${version_file}") @@ -641,32 +695,41 @@ handle_build() { case "${build_target}" in all) + install_agent_ctl install_clh install_firecracker install_image install_initrd install_initrd_mariner install_initrd_sev + install_kata_ctl install_kernel install_kernel_dragonball_experimental install_kernel_tdx_experimental + install_log_parser_rs install_nydus install_ovmf install_ovmf_sev install_qemu install_qemu_snp_experimental install_qemu_tdx_experimental + install_runk install_shimv2 install_tdvf + install_trace_forwarder install_virtiofsd ;; + agent-ctl) install_agent_ctl ;; + cloud-hypervisor) install_clh ;; cloud-hypervisor-glibc) install_clh_glibc ;; firecracker) install_firecracker ;; + kata-ctl) install_kata_ctl ;; + kernel) install_kernel ;; kernel-dragonball-experimental) install_kernel_dragonball_experimental ;; @@ -681,6 +744,8 @@ handle_build() { kernel-sev) install_kernel_sev ;; + log-parser-rs) install_log_parser_rs ;; + nydus) install_nydus ;; ovmf) install_ovmf ;; @@ -702,11 +767,15 @@ handle_build() { rootfs-initrd-mariner) install_initrd_mariner ;; rootfs-initrd-sev) install_initrd_sev ;; + + runk) install_runk ;; shim-v2) install_shimv2 ;; tdvf) install_tdvf ;; + trace-forwarder) install_trace_forwarder ;; + virtiofsd) install_virtiofsd ;; *) @@ -758,16 +827,21 @@ main() { local build_targets local silent build_targets=( + agent-ctl cloud-hypervisor firecracker + kata-ctl kernel kernel-experimental + log-parser-rs nydus qemu rootfs-image rootfs-initrd rootfs-initrd-mariner + runk shim-v2 + trace-forwarder virtiofsd ) silent=false diff --git a/tools/packaging/scripts/lib.sh b/tools/packaging/scripts/lib.sh index e7a6fc987d..fe1faf5af7 100644 --- a/tools/packaging/scripts/lib.sh +++ b/tools/packaging/scripts/lib.sh @@ -123,7 +123,7 @@ get_last_modification() { dirty="" [ $(git status --porcelain | grep "${file#${repo_root_dir}/}" | wc -l) -gt 0 ] && dirty="-dirty" - echo "$(git log -1 --pretty=format:"%H" ${file})${dirty}" + echo "$(git log -1 --pretty=format:"%h" ${file})${dirty}" popd &> /dev/null } @@ -218,3 +218,11 @@ get_virtiofsd_image_name() { virtiofsd_script_dir="${repo_root_dir}/tools/packaging/static-build/virtiofsd" echo "${BUILDER_REGISTRY}:virtiofsd-$(get_from_kata_deps "externals.virtiofsd.toolchain")-${libc}-$(get_last_modification ${virtiofsd_script_dir})-$(uname -m)" } + +get_tools_image_name() { + tools_dir="${repo_root_dir}/src/tools" + libs_dir="${repo_root_dir}/src/libs" + agent_dir="${repo_root_dir}/src/agent" + + echo "${BUILDER_REGISTRY}:tools-$(get_last_modification ${tools_dir})-$(get_last_modification ${libs_dir})-$(get_last_modification ${agent_dir})" +} diff --git a/tools/packaging/static-build/tools/Dockerfile b/tools/packaging/static-build/tools/Dockerfile new file mode 100644 index 0000000000..aa468488dc --- /dev/null +++ b/tools/packaging/static-build/tools/Dockerfile @@ -0,0 +1,20 @@ +# Copyright (c) 2023 Intel +# +# SPDX-License-Identifier: Apache-2.0 + +FROM alpine:3.18 +ARG GO_TOOLCHAIN +ARG RUST_TOOLCHAIN + +SHELL ["/bin/ash", "-o", "pipefail", "-c"] +RUN apk --no-cache add \ + bash \ + curl \ + gcc \ + git \ + libcap-ng-static \ + libseccomp-static \ + make \ + musl-dev \ + protoc && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_TOOLCHAIN} diff --git a/tools/packaging/static-build/tools/build-static-tools.sh b/tools/packaging/static-build/tools/build-static-tools.sh new file mode 100755 index 0000000000..15e9f740a5 --- /dev/null +++ b/tools/packaging/static-build/tools/build-static-tools.sh @@ -0,0 +1,36 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2023 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" + +source "${script_dir}/../../scripts/lib.sh" + +init_env() { + source "$HOME/.cargo/env" + + export LIBC=musl + export LIBSECCOMP_LINK_TYPE=static + export LIBSECCOMP_LIB_PATH=/usr/lib + + extra_rust_flags=" -C link-self-contained=yes" +} + +build_tool_from_source() { + set -x + tool=${1} + + echo "build ${tool} from source" + init_env + + cd src/tools/${tool} + make +} + +build_tool_from_source $@ diff --git a/tools/packaging/static-build/tools/build.sh b/tools/packaging/static-build/tools/build.sh new file mode 100755 index 0000000000..11abe7bb22 --- /dev/null +++ b/tools/packaging/static-build/tools/build.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2023 Intel +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly tools_builder="${script_dir}/build-static-tools.sh" + +source "${script_dir}/../../scripts/lib.sh" + +tool="${1}" + +container_image="${VIRTIOFSD_CONTAINER_BUILDER:-$(get_tools_image_name)}" +[ "${CROSS_BUILD}" == "true" ] && container_image="${container_image}-cross-build" + +sudo docker pull ${container_image} || \ + (sudo docker $BUILDX build $PLATFORM \ + --build-arg RUST_TOOLCHAIN="$(get_from_kata_deps "languages.rust.meta.newest-version")" \ + -t "${container_image}" "${script_dir}" && \ + # No-op unless PUSH_TO_REGISTRY is exported as "yes" + push_to_registry "${container_image}") + +sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ + -w "${repo_root_dir}" \ + "${container_image}" \ + bash -c "${tools_builder} ${tool}"