From 316cc954dc527d86c51d7094c92ba5e455855f34 Mon Sep 17 00:00:00 2001 From: Ross Kirkpatrick Date: Fri, 18 Jun 2021 22:41:01 -0400 Subject: [PATCH 1/4] Multi-OS Support for RKE2 runtime and binary builds (Adding Windows) --- .drone.yml | 2 + Dockerfile | 3 ++ Dockerfile.windows | 69 ++++++++++++++++++++++++-------- Makefile | 8 +++- charts/README.md | 2 +- scripts/build | 1 + scripts/build-binary | 2 +- scripts/build-image-runtime | 21 +++++++--- scripts/build-images | 3 +- scripts/build-windows-binary | 42 +++++++++++++++++++ scripts/package-binary | 1 + scripts/package-images | 1 - scripts/publish-image-runtime | 3 +- scripts/publish-manifest-runtime | 3 +- 14 files changed, 132 insertions(+), 29 deletions(-) create mode 100755 scripts/build-windows-binary diff --git a/.drone.yml b/.drone.yml index d5c8a44f40..735c0014b0 100644 --- a/.drone.yml +++ b/.drone.yml @@ -16,7 +16,9 @@ steps: from_secret: gcloud_auth commands: - docker pull --quiet rancher/hardened-build-base:v1.16.4b7 + - docker pull --quiet alpine:3.12 - dapper -f Dockerfile --target dapper make dapper-ci + volumes: - name: docker path: /var/run/docker.sock diff --git a/Dockerfile b/Dockerfile index c5f0cc5b9f..b0519835e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,6 +9,9 @@ RUN set -x \ git \ libseccomp-dev \ rsync \ + mingw-w64-gcc \ + gcc \ + bsd-compat-headers \ py-pip # Dapper/Drone/CI environment diff --git a/Dockerfile.windows b/Dockerfile.windows index 291d18a3d5..325c0a225e 100644 --- a/Dockerfile.windows +++ b/Dockerfile.windows @@ -1,27 +1,64 @@ -FROM alpine AS build +FROM alpine:3.12 AS build +RUN apk --no-cache add \ + curl \ + unzip + +# Dapper/Drone/CI environment +FROM rancher/hardened-build-base:v1.16.4b7 AS dapper +ENV DAPPER_ENV GODEBUG REPO TAG DRONE_TAG PAT_USERNAME PAT_TOKEN KUBERNETES_VERSION DOCKER_BUILDKIT DRONE_BUILD_EVENT IMAGE_NAME GCLOUD_AUTH ENABLE_REGISTRY +ARG DAPPER_HOST_ARCH +ENV ARCH $DAPPER_HOST_ARCH +ENV DAPPER_OUTPUT ./dist ./bin ./build +ENV DAPPER_DOCKER_SOCKET true +ENV DAPPER_TARGET dapper +ENV DAPPER_RUN_ARGS "--privileged --network host -v /tmp:/tmp -v rke2-pkg:/go/pkg -v rke2-cache:/root/.cache/go-build" +RUN apk update +RUN set -x \ + && apk add --no-cache \ + mingw-w64-gcc \ + libarchive-tools \ + gcc \ + bsd-compat-headers \ + zstd \ + jq \ + python2 \ + git \ + libseccomp-dev \ + rsync \ + file \ + bash \ + py-pip +RUN curl -sL https://storage.googleapis.com/kubernetes-release/release/$( \ + curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt \ + )/bin/linux/${ARCH}/kubectl -o /usr/local/bin/kubectl && \ + chmod a+x /usr/local/bin/kubectl; \ + pip install codespell +RUN curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.27.0 +WORKDIR /source +# End Dapper stuff + +FROM build as windows-runtime-collect # windows runtime image -ENV KUBERNETES_VERSION="v1.21.0" +ENV KUBERNETES_VERSION="v1.21.2" +ENV CRICTL_VERSION="v1.21.0" ENV CONTAINERD_VERSION="1.5.2" ENV WINS_VERSION="0.1.1" ENV FLANNEL_VERSION="v0.14.0" ENV CALICO_VERSION="v3.19.1" ENV CNI_PLUGIN_VERSION="v0.9.1" -RUN apk --no-cache add curl unzip - RUN mkdir -p rancher - -RUN curl -sLO https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz -RUN curl -sLO https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz.sha256sum +RUN curl -sLO https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz +RUN curl -sLO https://github.com/containerd/containerd/releases/download/v${CONTAINERD_VERSION}/containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz.sha256sum RUN sha256sum -c containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz.sha256sum -RUN curl -sLO https://github.com/kubernetes-sigs/cri-tools/releases/download/${KUBERNETES_VERSION}/crictl-${KUBERNETES_VERSION}-windows-amd64.tar.gz -RUN curl -SLO https://github.com/kubernetes-sigs/cri-tools/releases/download/${KUBERNETES_VERSION}/crictl-${KUBERNETES_VERSION}-windows-amd64.tar.gz.sha256 -RUN sha256sum -c ./crictl-${KUBERNETES_VERSION}-windows-amd64.tar.gz.sha256 +RUN curl -sLO https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-windows-amd64.tar.gz +RUN curl -SLO https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-windows-amd64.tar.gz.sha256 +RUN sha256sum -c ./crictl-${CRICTL_VERSION}-windows-amd64.tar.gz.sha256 -RUN curl -sLO https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz -RUN curl -sLO https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz.sha256 +RUN curl -sLO https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz +RUN curl -sLO https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz.sha256 RUN sha256sum -c cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz.sha256 RUN curl -sLO https://github.com/rancher/wins/releases/download/v${WINS_VERSION}/wins.exe @@ -52,9 +89,9 @@ RUN curl -sLO https://github.com/flannel-io/flannel/releases/download/${FLANNEL_ RUN curl -sLO https://github.com/projectcalico/calico/releases/download/${CALICO_VERSION}/calico-windows-${CALICO_VERSION}.zip RUN curl -sL https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/hns.psm1 -o rancher/hns.psm1 -RUN tar xzvf crictl-${KUBERNETES_VERSION}-windows-amd64.tar.gz crictl.exe -C rancher/ +RUN tar xzvf crictl-${CRICTL_VERSION}-windows-amd64.tar.gz crictl.exe -C rancher/ RUN tar xvzf containerd-${CONTAINERD_VERSION}-windows-amd64.tar.gz -C rancher/ -RUN tar xzvf cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz ./flannel.exe ./win-overlay.exe -C rancher/ +RUN tar xzvf cni-plugins-windows-amd64-${CNI_PLUGIN_VERSION}.tgz ./flannel.exe ./win-overlay.exe ./host-local.exe -C rancher/ RUN tar xzvf flannel-${FLANNEL_VERSION}-windows-amd64.tar.gz flanneld.exe -C rancher/ RUN unzip calico-windows-${CALICO_VERSION}.zip @@ -62,5 +99,5 @@ RUN mv CalicoWindows/calico-node.exe rancher/ RUN mv CalicoWindows/cni/calico.exe rancher/ RUN mv CalicoWindows/cni/calico-ipam.exe rancher/ -FROM scratch -COPY --from=build ./rancher/* /bin/ +FROM scratch AS windows-runtime +COPY --from=windows-runtime-collect ./rancher/* /bin/ diff --git a/Makefile b/Makefile index b984bbce84..c914015a24 100644 --- a/Makefile +++ b/Makefile @@ -23,10 +23,14 @@ dapper-ci: .ci ## Used by Drone CI, does the same as " build: ## Build using host go tools ./scripts/build -.PHONY: binary -binary: ## Build only the binary using host go tools +.PHONY: build-binary +build-binary: ## Build only the Linux binary using host go tools ./scripts/build-binary +.PHONY: build-windows-binary +build-windows-binary: ## Build only the Windows binary using host go tools + ./scripts/build-windows-binary + .PHONY: build-debug build-debug: ## Debug build using host go tools GODEBUG=y ./scripts/build-binary diff --git a/charts/README.md b/charts/README.md index 05da43201c..b2c8820640 100644 --- a/charts/README.md +++ b/charts/README.md @@ -4,4 +4,4 @@ Place manifests or charts in this directory so that they will end up in the /cha --- -See the `charts` target in the `Dockerfile` at the root of this repository for an example of how the `./build-chart.sh` scripts works. \ No newline at end of file +See the `charts` target in the `Dockerfile` at the root of this repository for an example of how the `./build-chart.sh` scripts works. diff --git a/scripts/build b/scripts/build index aa630d5de3..a2309b55b5 100755 --- a/scripts/build +++ b/scripts/build @@ -6,4 +6,5 @@ cd $(dirname $0)/.. source ./scripts/version.sh mkdir -p build/images ./scripts/build-binary +./scripts/build-windows-binary ./scripts/build-images diff --git a/scripts/build-binary b/scripts/build-binary index 51a9fae1ef..93500956ea 100755 --- a/scripts/build-binary +++ b/scripts/build-binary @@ -27,7 +27,7 @@ VERSION_FLAGS=" -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-${IMAGE_BUILD_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=${REPO}/hardened-kubernetes:${DOCKERIZED_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/pause:${PAUSE_VERSION} - -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} + -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} " #STATIC_FLAGS='-extldflags "-static -Wl,--fatal-warnings"' diff --git a/scripts/build-image-runtime b/scripts/build-image-runtime index 05ee864a27..f47a6d6e61 100755 --- a/scripts/build-image-runtime +++ b/scripts/build-image-runtime @@ -11,13 +11,24 @@ DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} docker image build \ --build-arg MAJOR=${VERSION_MAJOR} \ --build-arg MINOR=${VERSION_MINOR} \ --build-arg CACHEBUST="$(date +%s%N)" \ - --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} \ - --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} \ + --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ --target runtime \ -. + --file Dockerfile \ + . + +DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} docker image build \ + --build-arg TAG=${VERSION} \ + --build-arg KUBERNETES_VERSION=${KUBERNETES_VERSION} \ + --build-arg MAJOR=${VERSION_MAJOR} \ + --build-arg MINOR=${VERSION_MINOR} \ + --build-arg CACHEBUST="$(date +%s%N)" \ + --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} \ + --target windows-runtime \ + --file Dockerfile.windows \ + . mkdir -p build/images docker image save \ --output build/images/${PROG}-runtime.tar \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} diff --git a/scripts/build-images b/scripts/build-images index 9e40f5c350..df348cb6bb 100755 --- a/scripts/build-images +++ b/scripts/build-images @@ -9,7 +9,8 @@ source ./scripts/version.sh ./scripts/build-image-runtime awk '{print $1}' << EOF > build/images-core.txt - ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-amd64 + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 ${REGISTRY}/${REPO}/hardened-kubernetes:${DOCKERIZED_VERSION} EOF diff --git a/scripts/build-windows-binary b/scripts/build-windows-binary new file mode 100755 index 0000000000..02b019b3bf --- /dev/null +++ b/scripts/build-windows-binary @@ -0,0 +1,42 @@ +#!/usr/bin/env bash +set -ex + +cd $(dirname $0)/.. + +source ./scripts/version.sh + +if [ -z "${GODEBUG}" ]; then + EXTRA_LDFLAGS="${EXTRA_LDFLAGS} -w" + DEBUG_GO_GCFLAGS="" + DEBUG_TAGS="" +else + DEBUG_GO_GCFLAGS='-gcflags=all=-N -l' +fi + +REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .dirty; fi) +RELEASE=${PROG}.${GOOS}-${GOARCH} + +BUILDTAGS="netgo osusergo no_stage static_build sqlite_omit_load_extension" +GO_BUILDTAGS="${GO_BUILDTAGS} ${BUILDTAGS} ${DEBUG_TAGS}" + +VERSION_FLAGS=" + -X ${K3S_PKG}/pkg/version.GitCommit=${REVISION} + -X ${K3S_PKG}/pkg/version.Program=${PROG} + -X ${K3S_PKG}/pkg/version.Version=${VERSION} + -X ${RKE2_PKG}/pkg/images.DefaultRegistry=${REGISTRY} + -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-${IMAGE_BUILD_VERSION} + -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=${REPO}/hardened-kubernetes:${DOCKERIZED_VERSION} + -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/pause:${PAUSE_VERSION} + -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} +" + +GO_LDFLAGS="${STATIC_FLAGS} ${EXTRA_LDFLAGS}" +echo ${DEBUG_GO_GCFLAGS} +GOOS=windows \ + CGO_ENABLED=1 CXX=x86_64-w64-mingw32-g++ CC=x86_64-w64-mingw32-gcc \ + go build \ + -tags "${GO_BUILDTAGS}" \ + ${GO_GCFLAGS} ${GO_BUILD_FLAGS} \ + -o bin/${PROG}.exe \ + -ldflags "${GO_LDFLAGS} ${VERSION_FLAGS}" \ + ${GO_TAGS} diff --git a/scripts/package-binary b/scripts/package-binary index b823b1d9f5..db6a580d3f 100755 --- a/scripts/package-binary +++ b/scripts/package-binary @@ -8,3 +8,4 @@ source ./scripts/version.sh mkdir -p dist/artifacts install -s bin/${PROG} dist/artifacts/${RELEASE} +install -s bin/${PROG}.exe dist/artifacts/${PROG}.windows-${GOARCH}.exe diff --git a/scripts/package-images b/scripts/package-images index 110b993819..5875b15bcd 100755 --- a/scripts/package-images +++ b/scripts/package-images @@ -6,7 +6,6 @@ cd $(dirname $0)/.. source ./scripts/version.sh mkdir -p dist/artifacts - for FILE in build/images*.txt; do BASE=$(basename ${FILE} .txt) TARFILE=build/images/${PROG}-${BASE}.tar diff --git a/scripts/publish-image-runtime b/scripts/publish-image-runtime index 17ffcc5dd9..b706114116 100755 --- a/scripts/publish-image-runtime +++ b/scripts/publish-image-runtime @@ -5,4 +5,5 @@ cd $(dirname $0)/.. source ./scripts/version.sh -docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} +docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} +docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} diff --git a/scripts/publish-manifest-runtime b/scripts/publish-manifest-runtime index b464e080ad..3d68d810e7 100755 --- a/scripts/publish-manifest-runtime +++ b/scripts/publish-manifest-runtime @@ -8,6 +8,7 @@ export DOCKER_CLI_EXPERIMENTAL=enabled docker manifest create \ --amend ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} docker manifest push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} From 6c5282f6fd486321de7b981e03106b843087acf9 Mon Sep 17 00:00:00 2001 From: Ross Kirkpatrick Date: Tue, 29 Jun 2021 17:12:46 -0400 Subject: [PATCH 2/4] Update scripts/build-images Co-authored-by: Brad Davidson --- scripts/build-images | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/build-images b/scripts/build-images index df348cb6bb..55a7519a40 100755 --- a/scripts/build-images +++ b/scripts/build-images @@ -9,8 +9,8 @@ source ./scripts/version.sh ./scripts/build-image-runtime awk '{print $1}' << EOF > build/images-core.txt - ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-amd64 - ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} ${REGISTRY}/${REPO}/hardened-kubernetes:${DOCKERIZED_VERSION} EOF From e47abaa9b015274090dcfc4b9dd67c3fd1fde4db Mon Sep 17 00:00:00 2001 From: Ross Kirkpatrick Date: Thu, 1 Jul 2021 16:13:38 -0400 Subject: [PATCH 3/4] add windows airgap support and break out windows build scripts --- .drone.yml | 2 +- Dockerfile | 13 +++++++++++++ Makefile | 14 +++++++++++++- scripts/build | 1 + scripts/build-binary | 2 +- scripts/build-image-runtime | 8 ++++---- scripts/build-images | 3 +-- scripts/build-upload | 21 ++++++++++++++++----- scripts/build-windows-binary | 6 +++--- scripts/build-windows-images | 13 +++++++++++++ scripts/dev-runtime-image | 8 +++++++- scripts/package | 4 ++++ scripts/package-binary | 3 +-- scripts/package-windows-binary | 10 ++++++++++ scripts/package-windows-bundle | 25 +++++++++++++++++++++++++ scripts/package-windows-images | 30 ++++++++++++++++++++++++++++++ scripts/publish-image-runtime | 4 ++-- scripts/publish-manifest-runtime | 4 ++-- 18 files changed, 147 insertions(+), 24 deletions(-) create mode 100755 scripts/build-windows-images create mode 100755 scripts/package-windows-binary create mode 100755 scripts/package-windows-bundle create mode 100755 scripts/package-windows-images diff --git a/.drone.yml b/.drone.yml index 6c6d5cd110..7957b663a5 100644 --- a/.drone.yml +++ b/.drone.yml @@ -18,7 +18,6 @@ steps: - docker pull --quiet rancher/hardened-build-base:v1.16.4b7 - docker pull --quiet alpine:3.12 - dapper -f Dockerfile --target dapper make dapper-ci - volumes: - name: docker path: /var/run/docker.sock @@ -28,6 +27,7 @@ steps: commands: - docker pull --quiet rancher/hardened-build-base:v1.16.4b7 - dapper -f Dockerfile --target dapper make package-images + - dapper -f Dockerfile --target dapper make package-windows-images volumes: - name: docker path: /var/run/docker.sock diff --git a/Dockerfile b/Dockerfile index 0b96b30343..e38737f847 100644 --- a/Dockerfile +++ b/Dockerfile @@ -42,6 +42,19 @@ RUN set -x \ zstd \ jq \ python2 +RUN GOCR_VERSION="v0.5.1" && \ + if [ "${ARCH}" = "arm64" ]; then \ + wget https://github.com/google/go-containerregistry/releases/download/${GOCR_VERSION}/go-containerregistry_Linux_arm64.tar.gz && \ + tar -zxvf go-containerregistry_Linux_arm64.tar.gz && \ + mv crane /usr/local/bin && \ + chmod a+x /usr/local/bin/crane; \ + else \ + wget https://github.com/google/go-containerregistry/releases/download/${GOCR_VERSION}/go-containerregistry_Linux_x86_64.tar.gz && \ + tar -zxvf go-containerregistry_Linux_x86_64.tar.gz && \ + mv crane /usr/local/bin && \ + chmod a+x /usr/local/bin/crane; \ + fi + RUN VERSION=0.16.0 && \ if [ "${ARCH}" = "arm64" ]; then \ wget https://github.com/aquasecurity/trivy/releases/download/v${VERSION}/trivy_${VERSION}_Linux-ARM64.tar.gz && \ diff --git a/Makefile b/Makefile index c914015a24..fe477d8f5b 100644 --- a/Makefile +++ b/Makefile @@ -28,7 +28,7 @@ build-binary: ## Build only the Linux binary using ./scripts/build-binary .PHONY: build-windows-binary -build-windows-binary: ## Build only the Windows binary using host go tools +build-windows-binary: ## Build only the Windows binary using host go tools ./scripts/build-windows-binary .PHONY: build-debug @@ -43,6 +43,10 @@ scan-images: build-images: ## Build all images and image tarballs (including airgap) ./scripts/build-images +.PHONY: build-windows-images +build-windows-images: ## Build only the Windows images and tarballs (including airgap) + ./scripts/build-windows-images + .PHONY: build-image-kubernetes build-image-kubernetes: ## Build the kubernetes image ./scripts/build-image-kubernetes @@ -123,10 +127,18 @@ package: build ## Package the rke2 binary package-images: build-images ## Package docker images for airgap environment ./scripts/package-images +.PHONY: package-windows-images +package-windows-images: build-windows-images ## Package Windows crane images for airgap environment + ./scripts/package-windows-images + .PHONY: package-bundle package-bundle: build ## Package the tarball bundle ./scripts/package-bundle +.PHONY: package-windows-bundle +package-windows-bundle: build ## Package the Windows tarball bundle + ./scripts/package-windows-bundle + .PHONY: test test: codespell-test unit-tests integration-tests diff --git a/scripts/build b/scripts/build index 91c984cb24..1ca2dffe68 100755 --- a/scripts/build +++ b/scripts/build @@ -8,5 +8,6 @@ mkdir -p build/images ./scripts/build-binary ./scripts/build-windows-binary ./scripts/build-images +./scripts/build-windows-images ./scripts/dev-runtime-image ./scripts/build-image-test diff --git a/scripts/build-binary b/scripts/build-binary index 47afb48e74..6add672219 100755 --- a/scripts/build-binary +++ b/scripts/build-binary @@ -27,7 +27,7 @@ VERSION_FLAGS=" -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-${IMAGE_BUILD_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=${REPO}/hardened-kubernetes:${KUBERNETES_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/pause:${PAUSE_VERSION} - -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} + -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} -X ${RKE2_PKG}/pkg/images.DefaultCloudControllerManagerImage=rancher/rke2-cloud-provider:${CCM_VERSION} " diff --git a/scripts/build-image-runtime b/scripts/build-image-runtime index f47a6d6e61..1ff2ea5d09 100755 --- a/scripts/build-image-runtime +++ b/scripts/build-image-runtime @@ -11,7 +11,7 @@ DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} docker image build \ --build-arg MAJOR=${VERSION_MAJOR} \ --build-arg MINOR=${VERSION_MINOR} \ --build-arg CACHEBUST="$(date +%s%N)" \ - --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ + --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} \ --target runtime \ --file Dockerfile \ . @@ -22,7 +22,7 @@ DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} docker image build \ --build-arg MAJOR=${VERSION_MAJOR} \ --build-arg MINOR=${VERSION_MINOR} \ --build-arg CACHEBUST="$(date +%s%N)" \ - --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} \ + --tag ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 \ --target windows-runtime \ --file Dockerfile.windows \ . @@ -30,5 +30,5 @@ DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} docker image build \ mkdir -p build/images docker image save \ --output build/images/${PROG}-runtime.tar \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} \ + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 diff --git a/scripts/build-images b/scripts/build-images index 17b1dc352a..dbab433236 100755 --- a/scripts/build-images +++ b/scripts/build-images @@ -8,8 +8,7 @@ source ./scripts/version.sh ./scripts/build-image-runtime awk '{print $1}' << EOF > build/images-core.txt - ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} - ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} ${REGISTRY}/${REPO}/hardened-kubernetes:${KUBERNETES_VERSION} EOF diff --git a/scripts/build-upload b/scripts/build-upload index efd767e172..9c0f74c986 100755 --- a/scripts/build-upload +++ b/scripts/build-upload @@ -3,14 +3,17 @@ [ -n "$GCLOUD_AUTH" ] || { exit 0 } -[[ $1 =~ rke2\.linux-.+\.tar\.gz ]] || { + +[[ $1 =~ rke2\.(linux|windows)-.+\.tar\.gz ]] || { echo "First argument should be a dist bundle tarball" >&2 exit 1 } -[[ $2 =~ rke2-runtime\..+\.tar\.zst ]] || { + +[[ $2 =~ rke2-runtime\..+\.(tar|tar\.gz)\.zst ]] || { echo "Second argument should be a compressed airgap runtime image tarball" >&2 exit 1 } + [ -n "$3" ] || { echo "Third argument should be a commit hash" >&2 exit 1 @@ -50,9 +53,17 @@ BUNDLE_NAME=$(basename $1 .tar.gz)-$3.tar.gz (cd $(dirname $1) && sha256sum $(basename $1)) >${TMPDIR}/${BUNDLE_NAME}.sha256sum cp $1 ${TMPDIR}/${BUNDLE_NAME} -TARBALL_NAME=$(basename $2 .tar.zst)-$3.tar.zst -(cd $(dirname $2) && sha256sum $(basename $2)) >${TMPDIR}/${TARBALL_NAME}.sha256sum -cp $2 ${TMPDIR}/${TARBALL_NAME} +if [[ TARBALL_NAME == *linux* ]]; then + TARBALL_NAME=$(basename $2 .tar.zst)-$3.tar.zst + (cd $(dirname $2) && sha256sum $(basename $2)) >${TMPDIR}/${TARBALL_NAME}.sha256sum + cp $2 ${TMPDIR}/${TARBALL_NAME} +fi + +if [[ TARBALL_NAME == *windows* ]]; then + TARBALL_NAME=$(basename $2 .tar.gz.zst)-$3.tar.gz.zst + (cd $(dirname $2) && sha256sum $(basename $2)) >${TMPDIR}/${TARBALL_NAME}.sha256sum + cp $2 ${TMPDIR}/${TARBALL_NAME}fi +fi [ -d "${TMPDIR}/gsutil" ] || curl -sfL https://storage.googleapis.com/pub/gsutil.tar.gz | tar xz -C ${TMPDIR} diff --git a/scripts/build-windows-binary b/scripts/build-windows-binary index 02b019b3bf..19191b8555 100755 --- a/scripts/build-windows-binary +++ b/scripts/build-windows-binary @@ -14,7 +14,7 @@ else fi REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .dirty; fi) -RELEASE=${PROG}.${GOOS}-${GOARCH} +RELEASE=${PROG}-windows.amd64 BUILDTAGS="netgo osusergo no_stage static_build sqlite_omit_load_extension" GO_BUILDTAGS="${GO_BUILDTAGS} ${BUILDTAGS} ${DEBUG_TAGS}" @@ -26,8 +26,8 @@ VERSION_FLAGS=" -X ${RKE2_PKG}/pkg/images.DefaultRegistry=${REGISTRY} -X ${RKE2_PKG}/pkg/images.DefaultEtcdImage=rancher/hardened-etcd:${ETCD_VERSION}-${IMAGE_BUILD_VERSION} -X ${RKE2_PKG}/pkg/images.DefaultKubernetesImage=${REPO}/hardened-kubernetes:${DOCKERIZED_VERSION} - -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=rancher/pause:${PAUSE_VERSION} - -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} + -X ${RKE2_PKG}/pkg/images.DefaultPauseImage=mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-1809-amd64 + -X ${RKE2_PKG}/pkg/images.DefaultRuntimeImage=${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows.amd64 " GO_LDFLAGS="${STATIC_FLAGS} ${EXTRA_LDFLAGS}" diff --git a/scripts/build-windows-images b/scripts/build-windows-images new file mode 100755 index 0000000000..8e585a3899 --- /dev/null +++ b/scripts/build-windows-images @@ -0,0 +1,13 @@ +#!/usr/bin/env bash +set -ex + +cd $(dirname $0)/.. + +source ./scripts/version.sh + +awk '{print $1}' << EOF > build/windows-images.txt + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 + mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-1809-amd64 + mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 + mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-20H2-amd64 +EOF diff --git a/scripts/dev-runtime-image b/scripts/dev-runtime-image index 5ba708f9c1..14663e3159 100755 --- a/scripts/dev-runtime-image +++ b/scripts/dev-runtime-image @@ -5,7 +5,13 @@ cd $(dirname $0)/.. source ./scripts/version.sh -docker image save ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} | \ +docker image save \ + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} | \ zstd -T0 -16 -f --long=25 --no-progress - -o build/images/${PROG}-runtime.${PLATFORM}.tar.zst +docker image save \ + ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 | \ + zstd -T0 -16 -f --long=25 --no-progress - -o build/images/${PROG}-runtime.windows-amd64.tar.zst + ./scripts/build-upload dist/artifacts/${RELEASE}.tar.gz build/images/${PROG}-runtime.${PLATFORM}.tar.zst ${COMMIT} +./scripts/build-upload dist/artifacts/${PROG}.windows-amd64.tar.gz build/images/${PROG}-runtime.windows-amd64.tar.zst ${COMMIT} diff --git a/scripts/package b/scripts/package index ac67f9322a..8a4242f149 100755 --- a/scripts/package +++ b/scripts/package @@ -4,7 +4,11 @@ set -ex cd $(dirname $0)/.. source ./scripts/version.sh + mkdir -p dist/{artifacts,bundle} + ./scripts/package-binary +./scripts/package-windows-binary ./scripts/package-bundle +./scripts/package-windows-bundle ./scripts/dev-runtime-image \ No newline at end of file diff --git a/scripts/package-binary b/scripts/package-binary index db6a580d3f..7f17c73792 100755 --- a/scripts/package-binary +++ b/scripts/package-binary @@ -7,5 +7,4 @@ source ./scripts/version.sh mkdir -p dist/artifacts -install -s bin/${PROG} dist/artifacts/${RELEASE} -install -s bin/${PROG}.exe dist/artifacts/${PROG}.windows-${GOARCH}.exe +install -s bin/${PROG} dist/artifacts/${RELEASE} \ No newline at end of file diff --git a/scripts/package-windows-binary b/scripts/package-windows-binary new file mode 100755 index 0000000000..812a8b4786 --- /dev/null +++ b/scripts/package-windows-binary @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +set -ex + +cd $(dirname $0)/.. + +source ./scripts/version.sh + +mkdir -p dist/artifacts + +install -s bin/${PROG}.exe dist/artifacts/${PROG}-windows-amd64.exe \ No newline at end of file diff --git a/scripts/package-windows-bundle b/scripts/package-windows-bundle new file mode 100755 index 0000000000..f8e498b463 --- /dev/null +++ b/scripts/package-windows-bundle @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +set -ex + +cd $(dirname $0)/.. + +source ./scripts/version.sh + +mkdir -p dist/bundle/share/${PROG}-windows + +### bundle underlay +rsync -a bundle/ dist/bundle/ + +### bin/rke2.exe +install -s bin/${PROG}.exe dist/bundle/bin/ + +### share/rke2/LICENSE +cp -vf LICENSE dist/bundle/share/${PROG}/LICENSE.txt + +### (setup directory) +mkdir -p dist/artifacts + +### (make the tarball) +if [ -z "${PACKAGE_SKIP_TARBALL}" ]; then + tar -czf dist/artifacts/${PROG}.windows-amd64.tar.gz -C dist/bundle $(find dist/bundle -mindepth 1 -maxdepth 1 -type d -exec basename {} \;) +fi diff --git a/scripts/package-windows-images b/scripts/package-windows-images new file mode 100755 index 0000000000..9bc38a56bf --- /dev/null +++ b/scripts/package-windows-images @@ -0,0 +1,30 @@ +#!/usr/bin/env bash +set -ex + +cd $(dirname $0)/.. + +source ./scripts/version.sh + +mkdir -p dist/artifacts + +# 1809 +crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-1809-images.tar.gz +crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-1809-amd64 rke2-windows-1809-images.tar.gz + +# 2004 +crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-2004-images.tar.gz +crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-2004-images.tar.gz + +# 20H2 +crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-20H2-images.tar.gz +crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-20H2-images.tar.gz + + +WINDOWS_TARFILES=(rke2-windows-1809-images.tar.gz rke2-windows-2004-images.tar.gz rke2-windows-20H2-images.tar.gz) +for TARFILE in "${WINDOWS_TARFILES[@]}"; do + cp -f ${TARFILE} dist/artifacts/${PROG}-${BASE}.windows-amd64.txt + zstd -T0 -16 -f --long=25 --no-progress ${TARFILE} -o dist/artifacts/${PROG}-${BASE}.windows-amd64.tar.gz.zst + cp -f ${TARFILE} dist/artifacts/ + +done +cat build/windows-images.txt | sort -V | uniq > dist/artifacts/${PROG}-images.windows-amd64.txt \ No newline at end of file diff --git a/scripts/publish-image-runtime b/scripts/publish-image-runtime index b706114116..a4f39fefa6 100755 --- a/scripts/publish-image-runtime +++ b/scripts/publish-image-runtime @@ -5,5 +5,5 @@ cd $(dirname $0)/.. source ./scripts/version.sh -docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} -docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} +docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} +docker image push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 diff --git a/scripts/publish-manifest-runtime b/scripts/publish-manifest-runtime index 3d68d810e7..92004a8eb2 100755 --- a/scripts/publish-manifest-runtime +++ b/scripts/publish-manifest-runtime @@ -8,7 +8,7 @@ export DOCKER_CLI_EXPERIMENTAL=enabled docker manifest create \ --amend ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-linux-${GOARCH} \ - ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-${GOARCH} + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-${GOARCH} \ + ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 docker manifest push ${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION} From 618bbda6d6bb8b8ac75f7e56c7da074af8ea7f4a Mon Sep 17 00:00:00 2001 From: Ross Kirkpatrick Date: Fri, 2 Jul 2021 14:55:43 -0400 Subject: [PATCH 4/4] add new lines to windows scripts --- scripts/package-windows-binary | 2 +- scripts/package-windows-images | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/package-windows-binary b/scripts/package-windows-binary index 812a8b4786..7f550e8d42 100755 --- a/scripts/package-windows-binary +++ b/scripts/package-windows-binary @@ -7,4 +7,4 @@ source ./scripts/version.sh mkdir -p dist/artifacts -install -s bin/${PROG}.exe dist/artifacts/${PROG}-windows-amd64.exe \ No newline at end of file +install -s bin/${PROG}.exe dist/artifacts/${PROG}-windows-amd64.exe diff --git a/scripts/package-windows-images b/scripts/package-windows-images index 9bc38a56bf..1dd4f0e634 100755 --- a/scripts/package-windows-images +++ b/scripts/package-windows-images @@ -8,16 +8,16 @@ source ./scripts/version.sh mkdir -p dist/artifacts # 1809 -crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-1809-images.tar.gz -crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-1809-amd64 rke2-windows-1809-images.tar.gz +crane --platform windows/amd64 pull ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-1809-images.tar.gz +crane --platform windows/amd64 pull mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-1809-amd64 rke2-windows-1809-images.tar.gz # 2004 -crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-2004-images.tar.gz -crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-2004-images.tar.gz +crane --platform windows/amd64 pull ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-2004-images.tar.gz +crane --platform windows/amd64 pull mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-2004-images.tar.gz # 20H2 -crane pull --platform windows/amd64 ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-20H2-images.tar.gz -crane pull --platform windows/amd64 mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-20H2-images.tar.gz +crane --platform windows/amd64 pull ${REGISTRY}/${REPO}/${PROG}-runtime:${DOCKERIZED_VERSION}-windows-amd64 rke2-windows-20H2-images.tar.gz +crane --platform windows/amd64 pull mcr.microsoft.com/oss/kubernetes/pause:3.5-windows-2004-amd64 rke2-windows-20H2-images.tar.gz WINDOWS_TARFILES=(rke2-windows-1809-images.tar.gz rke2-windows-2004-images.tar.gz rke2-windows-20H2-images.tar.gz) @@ -27,4 +27,4 @@ for TARFILE in "${WINDOWS_TARFILES[@]}"; do cp -f ${TARFILE} dist/artifacts/ done -cat build/windows-images.txt | sort -V | uniq > dist/artifacts/${PROG}-images.windows-amd64.txt \ No newline at end of file +cat build/windows-images.txt | sort -V | uniq > dist/artifacts/${PROG}-images.windows-amd64.txt