From 31b2065a727015242aced1809fcfce3e8a0a1bbd Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 14:24:51 +0300 Subject: [PATCH 01/36] chore(core): add proxy settings for packages Signed-off-by: Nikita Korolev --- .werf/defines/packages-proxies.tmpl | 66 +++++++++++++++++++++++++++++ werf-giterminism.yaml | 1 + werf.yaml | 3 ++ 3 files changed, 70 insertions(+) create mode 100644 .werf/defines/packages-proxies.tmpl diff --git a/.werf/defines/packages-proxies.tmpl b/.werf/defines/packages-proxies.tmpl new file mode 100644 index 0000000000..52aab459bf --- /dev/null +++ b/.werf/defines/packages-proxies.tmpl @@ -0,0 +1,66 @@ +{{- define "alt packages proxy" }} +# Replace altlinux repos with our proxy + {{- if $.DistroPackagesProxy }} +- sed -i "s|ftp.altlinux.org/pub/distributions/archive|{{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository|g" /etc/apt/sources.list.d/alt.list + {{- end }} +- export DEBIAN_FRONTEND=noninteractive +- apt-get update -y +{{- end }} + +{{- define "alt dist upgrade" }} +- apt-get dist-upgrade -y +- find /var/cache/apt/ -type f -delete +- rm -rf /var/log/*log /var/log/apt/* /var/lib/dpkg/*-old /var/cache/debconf/*-old +{{- end }} + +{{- define "debian packages proxy" }} +# 5 years 157680000 +- | + echo "Acquire::Check-Valid-Until false;" >> /etc/apt/apt.conf + echo "Acquire::Check-Date false;" >> /etc/apt/apt.conf + echo "Acquire::Max-FutureTime 157680000;" >> /etc/apt/apt.conf +# Replace debian repos with our proxy + {{- if $.DistroPackagesProxy }} +- if [ -f /etc/apt/sources.list ]; then sed -i "s|http://deb.debian.org|http://{{ $.DistroPackagesProxy }}/repository|g" /etc/apt/sources.list; fi +- if [ -f /etc/apt/sources.list.d/debian.sources ]; then sed -i "s|http://deb.debian.org|http://{{ $.DistroPackagesProxy }}/repository|g" /etc/apt/sources.list.d/debian.sources; fi + {{- end }} +- export DEBIAN_FRONTEND=noninteractive +- apt-get update +{{- end }} + +{{- define "ubuntu packages proxy" }} + # Replace ubuntu repos with our proxy + {{- if $.DistroPackagesProxy }} +- sed -i 's|http://archive.ubuntu.com|http://{{ $.DistroPackagesProxy }}/repository/archive-ubuntu|g' /etc/apt/sources.list +- sed -i 's|http://security.ubuntu.com|http://{{ $.DistroPackagesProxy }}/repository/security-ubuntu|g' /etc/apt/sources.list + {{- end }} +- export DEBIAN_FRONTEND=noninteractive +# one year +- apt-get -o Acquire::Check-Valid-Until=false -o Acquire::Check-Date=false -o Acquire::Max-FutureTime=31536000 update +{{- end }} + +{{- define "alpine packages proxy" }} +# Replace alpine repos with our proxy + {{- if $.DistroPackagesProxy }} +- sed -i 's|https://dl-cdn.alpinelinux.org|http://{{ $.DistroPackagesProxy }}/repository|g' /etc/apk/repositories + {{- end }} +- apk update +{{- end }} + +{{- define "node packages proxy" }} + {{- if $.DistroPackagesProxy }} +- npm config set registry http://{{ $.DistroPackagesProxy }}/repository/npmjs/ + {{- end }} +{{- end }} + +{{- define "pypi proxy" }} + {{- if $.DistroPackagesProxy }} +- | + cat <<"EOD" > /etc/pip.conf + [global] + index = http://{{ $.DistroPackagesProxy }}/repository/pypi-proxy/pypi + index-url = http://{{ $.DistroPackagesProxy }}/repository/pypi-proxy/simple + trusted-host = {{ $.DistroPackagesProxy }} + EOD + {{- end }} +{{- end }} diff --git a/werf-giterminism.yaml b/werf-giterminism.yaml index b6e8793ef0..0f74970a62 100644 --- a/werf-giterminism.yaml +++ b/werf-giterminism.yaml @@ -7,6 +7,7 @@ config: - SOURCE_REPO - SOURCE_REPO_GIT - MODULE_EDITION + - DISTRO_PACKAGES_PROXY stapel: mount: allowBuildDir: true diff --git a/werf.yaml b/werf.yaml index e76a2cc505..177155fe4a 100644 --- a/werf.yaml +++ b/werf.yaml @@ -21,6 +21,9 @@ build: # Edition module settings {{- $_ := set . "MODULE_EDITION" (env "MODULE_EDITION") }} +# Define packages proxy settings +{{- $_ := set . "DistroPackagesProxy" (env "DISTRO_PACKAGES_PROXY" "") }} + # Component versions {{ $_ := set . "Version" dict }} {{ $_ := set . "Packages" dict }} From 70bfe0011a201a20bf7b9aeb1d16c207a3842be4 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:24:44 +0300 Subject: [PATCH 02/36] add proxy: base alt p11 Signed-off-by: Nikita Korolev --- images/base-alt-p11-binaries/werf.inc.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index 4d23554f19..4930471373 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -10,6 +10,7 @@ git: shell: install: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install -y \ glibc-utils \ libffi8 libssh-devel libssh2-devel \ From 0b2dcd1eb222b27d0f82fb7146e06eb8ce57312c Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:25:03 +0300 Subject: [PATCH 03/36] add proxy: cdi-artifact Signed-off-by: Nikita Korolev --- images/cdi-artifact/werf.inc.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index 6851503840..c3e6911cdd 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -20,10 +20,12 @@ git: - patches/README.md shell: beforeInstall: - - apt-get update - - apt-get install --yes libnbd-dev - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + - | + {{- include "alt packages proxy" . | nindent 2 }} + apt-get update + apt-get install --yes libnbd-dev + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - git clone --depth 1 --branch v{{ $version }} {{ .SOURCE_REPO }}/kubevirt/containerized-data-importer.git /containerized-data-importer @@ -93,6 +95,7 @@ git: shell: install: - | + {{- include "debian packages proxy" . | nindent 2 }} apt-get update && apt-get install --yes gcc musl-dev musl-tools apt-get clean From 28e02f68e131f7b39a2192a35ddf9ccbd626900d Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:25:35 +0300 Subject: [PATCH 04/36] add proxy: cdi-controller Signed-off-by: Nikita Korolev --- images/cdi-controller/werf.inc.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 959c5cbac9..42a4691274 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -46,6 +46,7 @@ import: shell: install: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install --yes \ {{ $cdiClonerDependencies.packages | join " " }} - | From a95e0620403e0828cf8a19a05629fb607ca446f8 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:25:55 +0300 Subject: [PATCH 05/36] add proxy: cdi-importer Signed-off-by: Nikita Korolev --- images/cdi-importer/werf.inc.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index 6858649727..48a26ff591 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -62,6 +62,7 @@ import: shell: install: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install --yes \ {{ $cdiImporterDependencies.packages | join " " }} \ {{ $cdiImporterDependencies.libraries | join " " }} From a9f8600283c6fb2a0aa33882dd3c6a1ce00fbba9 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:26:22 +0300 Subject: [PATCH 06/36] add proxy: distroless Signed-off-by: Nikita Korolev --- images/distroless/werf.inc.yaml | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/images/distroless/werf.inc.yaml b/images/distroless/werf.inc.yaml index 05fcbae5e1..b6f2a8781c 100644 --- a/images/distroless/werf.inc.yaml +++ b/images/distroless/werf.inc.yaml @@ -20,24 +20,28 @@ fromImage: base-alt-p11-binaries final: false shell: beforeInstall: - - apt-get update && apt-get install ca-certificates tzdata -y - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + - | + {{- include "alt packages proxy" . | nindent 2 }} + apt-get update && apt-get install ca-certificates tzdata -y + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - mkdir -p /relocate/etc/{pki,ssl} /relocate/usr/{bin,sbin,share,lib,lib64} - | + mkdir -p /relocate/etc/{pki,ssl} /relocate/usr/{bin,sbin,share,lib,lib64} + cd /relocate for dir in {bin,sbin,lib,lib64};do ln -s usr/$dir $dir done cd / - - cp -pr /tmp /relocate - - cp -pr /etc/passwd /etc/group /etc/hostname /etc/hosts /etc/shadow /etc/protocols /etc/services /etc/nsswitch.conf /relocate/etc - - cp -pr /usr/share/ca-certificates /relocate/usr/share - - cp -pr /usr/share/zoneinfo /relocate/usr/share - - cp -pr /etc/pki/tls/cert.pem /relocate/etc/ssl - - cp -pr /etc/pki/tls/certs /relocate/etc/ssl - - cp -pr /etc/pki/ca-trust/ /relocate/etc/ - - echo "deckhouse:x:64535:64535:deckhouse:/:/sbin/nologin" >> /relocate/etc/passwd - - echo "deckhouse:x:64535:" >> /relocate/etc/group - - echo "deckhouse:!::0:::::" >> /relocate/etc/shadow \ No newline at end of file + + cp -pr /tmp /relocate + cp -pr /etc/passwd /etc/group /etc/hostname /etc/hosts /etc/shadow /etc/protocols /etc/services /etc/nsswitch.conf /relocate/etc + cp -pr /usr/share/ca-certificates /relocate/usr/share + cp -pr /usr/share/zoneinfo /relocate/usr/share + cp -pr /etc/pki/tls/cert.pem /relocate/etc/ssl + cp -pr /etc/pki/tls/certs /relocate/etc/ssl + cp -pr /etc/pki/ca-trust/ /relocate/etc/ + echo "deckhouse:x:64535:64535:deckhouse:/:/sbin/nologin" >> /relocate/etc/passwd + echo "deckhouse:x:64535:" >> /relocate/etc/group + echo "deckhouse:!::0:::::" >> /relocate/etc/shadow \ No newline at end of file From 5601c38b4f92c13887d334b86fcfd4b69976fb04 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:27:14 +0300 Subject: [PATCH 07/36] add proxy and refactor build dvcr Signed-off-by: Nikita Korolev --- images/dvcr/werf.inc.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index e4e19dd64a..b983b64f78 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -22,9 +22,13 @@ imageSpec: image: {{ $.ImageName }}-builder final: false fromImage: base-alt-p10 +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} shell: install: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install -y \ git openssh golang @@ -36,7 +40,7 @@ shell: mkdir -p $GOPATH/src/github.com/docker cd $GOPATH/src/github.com/docker - git clone --depth 1 --branch v{{ $version }} {{ $.SOURCE_REPO }}/docker/distribution.git + git clone --depth 1 --branch v{{ $version }} $(cat /run/secrets/SOURCE_REPO)/distribution/distribution.git cd distribution go build -o /container-registry-binary/ -ldflags '-s -w -X registry/version.Version=v{{ $version }} -X registry/version.Revision=v{{ $version }}' ./cmd/registry From 708e5f87aec9041116f5b4ab5c800a5e45290a2f Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:27:38 +0300 Subject: [PATCH 08/36] refactor qemu build Signed-off-by: Nikita Korolev --- images/qemu/werf.inc.yaml | 162 +++++++++++++++++++++----------------- 1 file changed, 88 insertions(+), 74 deletions(-) diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index 8eba65f0e4..0a5421c5d8 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -1,7 +1,84 @@ --- {{- $gitRepoName := $.ImageName }} {{- $version := get $.Version $gitRepoName }} -{{- $gitRepoUrl := cat $.SOURCE_REPO "/qemu/qemu.git" | nospace }} +{{- $gitRepoUrl := "/qemu/qemu.git" }} + + +{{- $version := get $.Package $.ImageName }} +{{- $gitRepoUrl := "nbdkit/nbdkit.git" }} + +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- binutils +- dmidecode +- pkgconfig pkg-config +- gcc-c++ clang git +- gettext bash-completion +- ccache +- make cmake meson ninja-build makeinfo +- seabios seavgabios +- qboot flex +- filesystem +- ipxe-roms-qemu +- qemu-kvm-core shadow-utils sysvinit-utils +- hasher-provides-dev-kvm +- python3 python3-dev +- python3-module-pytest +- python3-module-docutils +- python3-tools +- python3-module-pip +- python3-module-sphinx +- python3-module-sphinx_rtd_theme +libraries: +- glibc-devel-static +- zlib-devel-static +- glib2-devel-static +- libpcre2-devel-static +- libattr-devel-static +- libdw-devel-static +- libatomic-devel-static +- glib2-devel +- libdw-devel +- perl-devel +- libssh-devel +- libssh2-devel +- libcap-ng-devel +- libxfs-devel +- zlib-devel +- libcurl-devel +- libpci-devel +- libgvnc-devel +- glibc-kernheaders +- libfdt-devel +- libpixman-devel +- libkeyutils-devel +- libuuid-devel +- libpam0-devel +- libtasn1-devel +- libslirp-devel +- libdrm-devel +- libxdp-devel libSDL2-devel libSDL2_image-devel +- libncursesw-devel libalsa-devel libpulseaudio-devel +- pipewire-libs pipewire-jack-libs-devel +- libsoundio-devel libcapstone-devel libsasl2-devel +- libjpeg-devel libpng-devel libxkbcommon-devel xkeyboard-config-devel +- glusterfs11 libgtk+3-devel libvte libvte-devel libvte3-devel +- libvirglrenderer-devel libusb-devel liburing-devel libbpf-devel +- libspice-server-devel spice-protocol ceph-devel +- libnfs-devel libzstd-devel libseccomp-devel +- libgcrypt-devel libgnutls-devel libnettle-devel +- libudev-devel libmultipath-devel libblkio-devel libpmem-devel +- libdaxctl-devel libfuse3-devel rdma-core-devel libnuma-devel +- bzlib-devel liblzo2-devel libsnappy-devel +- libcacard-devel libusbredir-devel libepoxy-devel libgbm-devel +- libvitastor-devel libiscsi-devel glusterfs-coreutils +- libaio-devel libselinux-devel libqpl-devel +- libglusterfs11-api-devel +- libvdeplug-devel +{{- end -}} + +{{ $builderDependencies := include "$name" . | fromYaml }} image: {{ $.ImageName }} final: false @@ -30,82 +107,16 @@ import: add: /dmidecode to: /dmidecode before: install +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install -y \ - binutils \ - pkgconfig \ - pkg-config \ - dmidecode \ - gcc-c++ \ - git \ - gettext \ - bash-completion \ - clang \ - ccache \ - make cmake \ - meson \ - ninja-build \ - glibc-devel-static \ - zlib-devel-static \ - glib2-devel-static \ - libpcre2-devel-static \ - libattr-devel-static \ - libdw-devel-static \ - libatomic-devel-static \ - glib2-devel \ - libdw-devel \ - makeinfo \ - perl-devel \ - python3 python3-dev \ - python3-module-pytest \ - python3-module-docutils \ - python3-tools \ - python3-module-pip \ - python3-module-sphinx \ - python3-module-sphinx_rtd_theme \ - pkgconfig \ - libssh-devel \ - libssh2-devel \ - libcap-ng-devel \ - libxfs-devel \ - zlib-devel \ - libcurl-devel \ - libpci-devel \ - libgvnc-devel \ - glibc-kernheaders \ - ipxe-roms-qemu \ - seavgabios \ - seabios \ - libfdt-devel \ - qboot \ - libpixman-devel \ - libkeyutils-devel \ - flex \ - libuuid-devel \ - libpam0-devel \ - libtasn1-devel \ - libslirp-devel \ - libdrm-devel \ - libxdp-devel libSDL2-devel libSDL2_image-devel \ - libncursesw-devel libalsa-devel libpulseaudio-devel \ - pipewire-libs pipewire-jack-libs-devel \ - libsoundio-devel libcapstone-devel libsasl2-devel \ - libjpeg-devel libpng-devel libxkbcommon-devel xkeyboard-config-devel \ - glusterfs11 libgtk+3-devel libvte libvte-devel libvte3-devel \ - libvirglrenderer-devel libusb-devel liburing-devel libbpf-devel \ - libspice-server-devel spice-protocol ceph-devel \ - libnfs-devel libzstd-devel libseccomp-devel \ - libgcrypt-devel libgnutls-devel libnettle-devel \ - libudev-devel libmultipath-devel libblkio-devel libpmem-devel \ - libdaxctl-devel libfuse3-devel rdma-core-devel libnuma-devel \ - bzlib-devel liblzo2-devel libsnappy-devel \ - libcacard-devel libusbredir-devel libepoxy-devel libgbm-devel \ - libvitastor-devel libiscsi-devel glusterfs-coreutils \ - libaio-devel libselinux-devel libqpl-devel \ - qemu-kvm-core shadow-utils sysvinit-utils libglusterfs11-api-devel hasher-provides-dev-kvm \ - filesystem libvdeplug-devel + {{ $builderDependencies.packages | join " " }} \ + {{ $builderDependencies.libraries | join " " }} apt-get clean rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin @@ -121,6 +132,8 @@ shell: install: - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + cp -a /dmidecode/. / rm -rf /dmidecode export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers" @@ -131,7 +144,8 @@ shell: export NINJA="/usr/bin/ninja" export PYTHON="/usr/bin/python3" - git clone --depth=1 --branch v{{ $version }} {{ $gitRepoUrl }} {{ $gitRepoName }}-{{ $version }} + # TODO git submodules + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} From 32771c78a2532600fc3a25cc43e534883ac2ce52 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:28:45 +0300 Subject: [PATCH 09/36] add proxy and refactor virt-artifact Signed-off-by: Nikita Korolev --- images/virt-artifact/werf.inc.yaml | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index cc01af9feb..7be34d8181 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -2,6 +2,7 @@ # Source https://github.com/kubevirt/kubevirt/blob/v1.3.1/hack/dockerized#L15 {{- $version := "1.3.1" }} {{- $goVersion := "1.22.7" }} +{{- $gitRepoUrl := "kubevirt/kubevirt.git" }} {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -25,10 +26,12 @@ packages: {{ $virtArtifactDependencies := include "$name" . | fromYaml }} - image: {{ $.ImageName }} final: false fromImage: base-alt-p11 +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO }} mount: - fromPath: ~/go-pkg-cache to: /go/pkg @@ -44,23 +47,28 @@ git: - patches/README.md shell: beforeInstall: - - apt-get update - | + {{- include "alt packages proxy" . | nindent 2 }} + apt-get update apt-get install -y \ {{ $virtArtifactDependencies.packages | join " " }} - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - git clone --depth 1 --branch v{{ $version }} {{ $.SOURCE_REPO }}/kubevirt/kubevirt.git /kubevirt - - cd /kubevirt - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /kubevirt + + - | + cd /kubevirt for p in /patches/*.patch ; do echo -n "Apply ${p} ... " git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) done - - go mod edit -go={{ $goVersion }} - - go mod download + go mod edit -go={{ $goVersion }} + go mod download - | go get github.com/opencontainers/runc@v1.1.14 go get github.com/containers/common@v0.60.4 From 0d509ca1b2a657f14645b23a8ce4a598ce7f112f Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:34:59 +0300 Subject: [PATCH 10/36] add proxy: virt-launcher Signed-off-by: Nikita Korolev --- images/virt-handler/werf.inc.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/images/virt-handler/werf.inc.yaml b/images/virt-handler/werf.inc.yaml index 1a381a9b50..2e5d7a6799 100644 --- a/images/virt-handler/werf.inc.yaml +++ b/images/virt-handler/werf.inc.yaml @@ -96,12 +96,14 @@ import: shell: install: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install --yes \ {{ $virtHandlerDependencies.packages | join " " }} - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - - cp -a /xorriso/. / - - cp -a /nftables/. / + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + + cp -a /xorriso/. / + cp -a /nftables/. / - cp -a /acl/. / - rm -rf /{xorriso,nftables,acl} From ae2b9eb3e99fd701b43aa546d08a6f70782a2207 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 16:37:54 +0300 Subject: [PATCH 11/36] add proxy: virt-launcher Signed-off-by: Nikita Korolev --- images/virt-launcher/werf.inc.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index a058325331..1f3ac060ec 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -286,6 +286,7 @@ import: shell: beforeInstall: - | + {{- include "alt packages proxy" . | nindent 2 }} apt-get update && apt-get install -y {{ $virtLauncherDependencies.libs | join " " }} {{ $virtLauncherDependencies.packages | join " " }} # libtpms libtpms-devel require version 0.10 that in sisyphus repo @@ -455,6 +456,7 @@ git: shell: install: - | + {{- include "debian packages proxy" . | nindent 2 }} echo "install deps libvirt-dev" apt-get update && apt-get install -y libvirt-dev apt-get clean @@ -487,6 +489,7 @@ git: shell: beforeInstall: - | + {{- include "debian packages proxy" . | nindent 2 }} apt-get update && apt-get install --yes gcc musl-dev musl-tools apt-get clean install: From 54c9ab7281dab6f6cf514a44fe3a0d71da9149b0 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 6 May 2025 19:39:02 +0300 Subject: [PATCH 12/36] refactor and fix build Signed-off-by: Nikita Korolev --- images/base-alt-p11-binaries/werf.inc.yaml | 18 ++++++++++++++---- images/bounder/werf.inc.yaml | 4 +++- images/cdi-artifact/werf.inc.yaml | 14 +++++++------- images/cdi-controller/werf.inc.yaml | 2 +- images/cdi-importer/werf.inc.yaml | 10 ++++++---- images/distroless/werf.inc.yaml | 2 +- images/dvcr/werf.inc.yaml | 7 ++++--- images/libvirt/werf.inc.yaml | 9 ++++++--- images/qemu/werf.inc.yaml | 7 ++----- images/virt-artifact/werf.inc.yaml | 2 +- images/virt-handler/werf.inc.yaml | 2 +- images/virt-launcher/werf.inc.yaml | 6 +++--- 12 files changed, 49 insertions(+), 34 deletions(-) diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index 4930471373..928b50f81a 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -1,4 +1,15 @@ --- +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- glibc-utils +- mount xfsprogs xfstests util-linux e2fsprogs +libraries: +- libffi8 libssh-devel libssh2-devel +{{- end -}} + +{{ $builderDependencies := include "$name" . | fromYaml }} + image: {{ $.ImageName }} final: false fromImage: BASE_ALT_P11 @@ -9,12 +20,11 @@ git: - relocate_binaries.sh shell: install: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install -y \ - glibc-utils \ - libffi8 libssh-devel libssh2-devel \ - mount xfsprogs xfstests util-linux e2fsprogs + {{ $builderDependencies.packages | join " " }} \ + {{ $builderDependencies.libraries | join " " }} - | apt-get clean rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin \ No newline at end of file diff --git a/images/bounder/werf.inc.yaml b/images/bounder/werf.inc.yaml index 292d7e0dd7..6457b9c84a 100644 --- a/images/bounder/werf.inc.yaml +++ b/images/bounder/werf.inc.yaml @@ -21,8 +21,10 @@ git: - '*.c' shell: beforeInstall: + {{- include "debian packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes gcc musl-dev musl-tools + apt-get update && apt-get install --yes \ + gcc musl-dev musl-tools apt-get clean install: - | diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index c3e6911cdd..1005a3fefa 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -20,12 +20,12 @@ git: - patches/README.md shell: beforeInstall: - - | - {{- include "alt packages proxy" . | nindent 2 }} - apt-get update - apt-get install --yes libnbd-dev - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update + apt-get install --yes libnbd-dev + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - git clone --depth 1 --branch v{{ $version }} {{ .SOURCE_REPO }}/kubevirt/containerized-data-importer.git /containerized-data-importer @@ -94,8 +94,8 @@ git: - '*.c' shell: install: - - | {{- include "debian packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install --yes gcc musl-dev musl-tools apt-get clean diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 42a4691274..624b98eda6 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -45,8 +45,8 @@ import: # Source https://github.com/kubevirt/containerized-data-importer/blob/v1.60.3/cmd/cdi-controller/BUILD.bazel shell: install: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install --yes \ {{ $cdiClonerDependencies.packages | join " " }} - | diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index 48a26ff591..d14ba5c6ff 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -61,14 +61,16 @@ import: before: setup shell: install: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install --yes \ {{ $cdiImporterDependencies.packages | join " " }} \ {{ $cdiImporterDependencies.libraries | join " " }} - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + + cp -a /nbdkit/. / + rm -rf /nbdkit setup: - | - cp -a /nbdkit/. / /relocate_binaries.sh -i "{{ $cdiImporterDependencies.binaries | join " " }}" -o /relocate diff --git a/images/distroless/werf.inc.yaml b/images/distroless/werf.inc.yaml index b6f2a8781c..b531444e36 100644 --- a/images/distroless/werf.inc.yaml +++ b/images/distroless/werf.inc.yaml @@ -20,8 +20,8 @@ fromImage: base-alt-p11-binaries final: false shell: beforeInstall: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install ca-certificates tzdata -y apt-get clean rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index b983b64f78..b1b6b6a6a6 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -18,6 +18,7 @@ imageSpec: user: 64535 --- {{- $version := "2.8.3" }} +{{- $gitRepoUrl := "distribution/distribution.git" }} image: {{ $.ImageName }}-builder final: false @@ -27,10 +28,10 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: install: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install -y \ - git openssh golang + git openssh golang export GOPATH=$(go env GOPATH) export GOROOT=$(go env GOROOT) @@ -40,7 +41,7 @@ shell: mkdir -p $GOPATH/src/github.com/docker cd $GOPATH/src/github.com/docker - git clone --depth 1 --branch v{{ $version }} $(cat /run/secrets/SOURCE_REPO)/distribution/distribution.git + git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} cd distribution go build -o /container-registry-binary/ -ldflags '-s -w -X registry/version.Version=v{{ $version }} -X registry/version.Revision=v{{ $version }}' ./cmd/registry diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index d58adee260..e156556857 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -1,7 +1,7 @@ --- {{- $gitRepoName := $.ImageName }} {{- $version := get $.Version $gitRepoName }} -{{- $gitRepoUrl := cat $.SOURCE_REPO "/libvirt/libvirt.git" | nospace }} +{{- $gitRepoUrl := "libvirt/libvirt.git" }} image: {{ $.ImageName }} final: false @@ -24,8 +24,12 @@ import: add: /dmidecode to: /dmidecode before: install +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get update && apt-get install --yes \ binutils \ @@ -132,11 +136,10 @@ shell: export NINJA="/usr/bin/ninja" export PYTHON="/usr/bin/python3" - git clone --depth=1 --branch v{{ $version }} {{ $gitRepoUrl }} {{ $gitRepoName }}-{{ $version }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} - for p in /patches/*.patch ; do echo -n "Apply ${p} ... " git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index 0a5421c5d8..d653c16577 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -1,12 +1,9 @@ --- {{- $gitRepoName := $.ImageName }} {{- $version := get $.Version $gitRepoName }} -{{- $gitRepoUrl := "/qemu/qemu.git" }} +{{- $gitRepoUrl := "qemu/qemu.git" }} -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "nbdkit/nbdkit.git" }} - {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} packages: @@ -112,8 +109,8 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} \ {{ $builderDependencies.libraries | join " " }} diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index 7be34d8181..b08eeaf59d 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -47,8 +47,8 @@ git: - patches/README.md shell: beforeInstall: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update apt-get install -y \ {{ $virtArtifactDependencies.packages | join " " }} diff --git a/images/virt-handler/werf.inc.yaml b/images/virt-handler/werf.inc.yaml index 2e5d7a6799..53125a118e 100644 --- a/images/virt-handler/werf.inc.yaml +++ b/images/virt-handler/werf.inc.yaml @@ -95,8 +95,8 @@ import: before: setup shell: install: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install --yes \ {{ $virtHandlerDependencies.packages | join " " }} apt-get clean diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index 1f3ac060ec..4278055e05 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -285,8 +285,8 @@ import: - temp_pod shell: beforeInstall: - - | {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install -y {{ $virtLauncherDependencies.libs | join " " }} {{ $virtLauncherDependencies.packages | join " " }} # libtpms libtpms-devel require version 0.10 that in sisyphus repo @@ -455,8 +455,8 @@ git: - '**/*' shell: install: - - | {{- include "debian packages proxy" . | nindent 2 }} + - | echo "install deps libvirt-dev" apt-get update && apt-get install -y libvirt-dev apt-get clean @@ -488,8 +488,8 @@ git: - '*.c' shell: beforeInstall: - - | {{- include "debian packages proxy" . | nindent 2 }} + - | apt-get update && apt-get install --yes gcc musl-dev musl-tools apt-get clean install: From 2403495b2a7511abc5cdf79b2fb2b8f66cb4b5e3 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Mon, 12 May 2025 09:25:49 +0300 Subject: [PATCH 13/36] dvcr-artifact: use self-build nbdkit Signed-off-by: Nikita Korolev --- images/dvcr-artifact/werf.inc.yaml | 10 +++++----- images/packages/binaries/nbdkit/werf.inc.yaml | 2 -- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index a4bd7d77cb..8e8b018c57 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -70,6 +70,10 @@ import: add: /bzip2 to: /bzip2 before: install +- image: packages/binaries/nbdkit + add: /nbdkit + to: /nbdkit + before: install - image: qemu add: /qemu-img to: /qemu-img @@ -77,14 +81,10 @@ import: shell: install: - | - apt-get update && apt-get install --yes \ - libnbd - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - cp -a /qemu-img/. / cp -a /bzip2/. / cp -a /file/. / + cp -a /nbdkit/. / rm -rf /{file,bzip2,qemu-img} setup: - | diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index da8cb2fbe4..bcffdc3792 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -50,10 +50,8 @@ secrets: shell: beforeInstall: - | - # /etc/init.d/udevd umount apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} - # /etc/init.d/udevd restart apt-get update apt-get clean From 5531e47fad916dfafd30dc45b5a9d22ecc360ac0 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Mon, 12 May 2025 15:52:03 +0300 Subject: [PATCH 14/36] refactor build, add source_repo_git var Signed-off-by: Nikita Korolev --- images/cdi-artifact/werf.inc.yaml | 22 +++++++++++++++------- images/dvcr/werf.inc.yaml | 2 ++ images/edk2/werf.inc.yaml | 11 ++++++++--- images/libvirt/werf.inc.yaml | 2 ++ images/virt-artifact/werf.inc.yaml | 6 +++--- 5 files changed, 30 insertions(+), 13 deletions(-) diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index 1005a3fefa..a07a19fe86 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -1,6 +1,7 @@ --- {{- $version := "1.60.3" }} {{- $goVersion := "1.22.7" }} +{{- $gitRepoUrl := "kubevirt/containerized-data-importer.git" }} image: {{ $.ImageName }} final: false @@ -18,6 +19,9 @@ git: - patches excludePaths: - patches/README.md +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -28,15 +32,19 @@ shell: rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - git clone --depth 1 --branch v{{ $version }} {{ .SOURCE_REPO }}/kubevirt/containerized-data-importer.git /containerized-data-importer - - cd /containerized-data-importer + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /containerized-data-importer + + cd /containerized-data-importer - - echo Download Go modules. - - go get golang.org/x/crypto@v0.31.0 - - go mod download + echo Download Go modules. + go get golang.org/x/crypto@v0.31.0 + go mod download - - go mod tidy - - go mod vendor + go mod tidy + go mod vendor - | for p in /patches/*.patch ; do diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index b1b6b6a6a6..a463874b2d 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -32,6 +32,8 @@ shell: - | apt-get update && apt-get install -y \ git openssh golang + + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config export GOPATH=$(go env GOPATH) export GOROOT=$(go env GOROOT) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 4eae5c7630..84acd2fbd2 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -1,7 +1,7 @@ --- {{- $gitRepoName := $.ImageName }} {{- $version := get $.Version $gitRepoName }} -{{- $gitRepoUrl := cat $.SOURCE_REPO "/tianocore/edk2.git" | nospace }} +{{- $gitRepoUrl := "tianocore/edk2.git" }} image: {{ $.ImageName }} final: false @@ -35,6 +35,9 @@ git: stageDependencies: setup: - '*.bin' +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - | @@ -61,9 +64,11 @@ shell: install: - | - git clone --depth=1 --branch {{ $gitRepoName }}-{{ $version }} {{ $gitRepoUrl }} {{ $gitRepoName }}-{{ $version }} + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} {{ $gitRepoName }}-{{ $version }} - git clone {{ $.SOURCE_REPO }}/tianocore/edk2-platforms.git + git clone $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-platforms.git cd {{ $gitRepoName }}-{{ $version }} git submodule update --init --recursive diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index e156556857..53a692d9b3 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -126,6 +126,8 @@ shell: install: - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + cp -a /dmidecode/. / rm -rf /dmidecode export CCACHE_WRAPPERSDIR="/usr/libexec/ccache-wrappers" diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index b08eeaf59d..991456e3a7 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -29,9 +29,6 @@ packages: image: {{ $.ImageName }} final: false fromImage: base-alt-p11 -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO }} mount: - fromPath: ~/go-pkg-cache to: /go/pkg @@ -45,6 +42,9 @@ git: - patches excludePaths: - patches/README.md +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO }} shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} From 4090020ae21db75d674c54f4250bb9c2b1284af3 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Mon, 12 May 2025 16:34:42 +0300 Subject: [PATCH 15/36] change submodule edk2 Signed-off-by: Nikita Korolev --- images/cdi-importer/werf.inc.yaml | 2 +- images/dvcr-artifact/werf.inc.yaml | 2 +- images/dvcr/werf.inc.yaml | 3 +- images/edk2/werf.inc.yaml | 18 ++++++++- images/libvirt/werf.inc.yaml | 4 ++ images/virt-artifact/werf.inc.yaml | 65 +++++++++++++++--------------- images/virt-launcher/werf.inc.yaml | 44 ++++++++++---------- 7 files changed, 80 insertions(+), 58 deletions(-) diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index d14ba5c6ff..d31967ae06 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -58,7 +58,7 @@ import: - image: packages/binaries/nbdkit add: /nbdkit to: /nbdkit - before: setup + before: install shell: install: {{- include "alt packages proxy" . | nindent 2 }} diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index 8e8b018c57..7ec86da13c 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -35,7 +35,7 @@ shell: {{- define "$name" -}} binaries: - /usr/local/bin/dvcr-importer -- /usr/bin/nbd* +- /usr/sbin/nbd* - /usr/bin/file - /usr/share/misc/magic.mgc - /usr/local/bin/dvcr-uploader diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index a463874b2d..c58618e3ce 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -22,13 +22,14 @@ imageSpec: image: {{ $.ImageName }}-builder final: false +# fromImage: builder/alt fromImage: base-alt-p10 secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} shell: install: - {{- include "alt packages proxy" . | nindent 2 }} + # {{/* {{- include "alt packages proxy" . | nindent 2 }} */}} - | apt-get update && apt-get install -y \ git openssh golang diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 84acd2fbd2..af9d6d2457 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -66,11 +66,27 @@ shell: - | mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} {{ $gitRepoName }}-{{ $version }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $gitRepoName }}-{{ $version }} {{ $gitRepoName }}-{{ $version }} git clone $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-platforms.git cd {{ $gitRepoName }}-{{ $version }} + {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} + echo "Change submodule url" + git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl + git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git + git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git + git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git + git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git + git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git + git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git + git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git + git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git + git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git + {{- end }} + git submodule update --init --recursive # Set env edk diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index 53a692d9b3..af346aa5e1 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -141,6 +141,10 @@ shell: git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} + {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} + echo "Change submodule url" + git submodule set-url -- subprojects/keycodemapdb $(cat /run/secrets/SOURCE_REPO)/keycodemap/keycodemapdb.git + {{- end }} for p in /patches/*.patch ; do echo -n "Apply ${p} ... " diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index 991456e3a7..4f507ff587 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -47,40 +47,41 @@ secrets: value: {{ $.SOURCE_REPO }} shell: beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} - - | - apt-get update - apt-get install -y \ - {{ $virtArtifactDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update + apt-get install -y \ + {{ $virtArtifactDependencies.packages | join " " }} + apt-get clean + echo "rm -rf" + rm -rf /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /kubevirt - - - | - cd /kubevirt - for p in /patches/*.patch ; do - echo -n "Apply ${p} ... " - git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) - done - go mod edit -go={{ $goVersion }} - go mod download - - | - go get github.com/opencontainers/runc@v1.1.14 - go get github.com/containers/common@v0.60.4 - - go get github.com/go-openapi/strfmt@v0.23.0 - go get github.com/onsi/gomega/matchers/support/goraph/bipartitegraph@v1.34.1 - go get github.com/cilium/ebpf/btf@v0.11.0 - go get github.com/cilium/ebpf/internal@v0.11.0 - - go get golang.org/x/crypto@v0.31.0 - - go mod vendor + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /kubevirt + + - | + cd /kubevirt + for p in /patches/*.patch ; do + echo -n "Apply ${p} ... " + git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) + done + go mod edit -go={{ $goVersion }} + go mod download + - | + go get github.com/opencontainers/runc@v1.1.14 + go get github.com/containers/common@v0.60.4 + + go get github.com/go-openapi/strfmt@v0.23.0 + go get github.com/onsi/gomega/matchers/support/goraph/bipartitegraph@v1.34.1 + go get github.com/cilium/ebpf/btf@v0.11.0 + go get github.com/cilium/ebpf/internal@v0.11.0 + + go get golang.org/x/crypto@v0.31.0 + + go mod vendor setup: - mkdir /kubevirt-binaries diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index 4278055e05..b7c01081ad 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -455,27 +455,27 @@ git: - '**/*' shell: install: - {{- include "debian packages proxy" . | nindent 2 }} - - | - echo "install deps libvirt-dev" - apt-get update && apt-get install -y libvirt-dev - apt-get clean - - mkdir -p /binaries - - | - echo "Build node-labeller binaries" - cd /node-labeller - echo '== go build -ldflags="-s -w" -o /binaries/node-labeller ./cmd/node-labeller ==' - go build -ldflags="-s -w" -o /binaries/node-labeller ./cmd/node-labeller - echo "Done" - - | - cd /src-vlctl - export GO111MODULE=on - export GOOS=linux - export CGO_ENABLED=0 - export GOARCH=amd64 - echo '== go build -ldflags="-s -w" -o /binaries/vlctl ./cmd/vlctl/main.go ==' - go build -ldflags="-s -w" -o /binaries/vlctl ./cmd/vlctl/main.go - echo "Done" + {{- include "debian packages proxy" . | nindent 2 }} + - | + echo "install deps libvirt-dev" + apt-get update && apt-get install -y libvirt-dev + apt-get clean + - mkdir -p /binaries + - | + echo "Build node-labeller binaries" + cd /node-labeller + echo '== go build -ldflags="-s -w" -o /binaries/node-labeller ./cmd/node-labeller ==' + go build -ldflags="-s -w" -o /binaries/node-labeller ./cmd/node-labeller + echo "Done" + - | + cd /src-vlctl + export GO111MODULE=on + export GOOS=linux + export CGO_ENABLED=0 + export GOARCH=amd64 + echo '== go build -ldflags="-s -w" -o /binaries/vlctl ./cmd/vlctl/main.go ==' + go build -ldflags="-s -w" -o /binaries/vlctl ./cmd/vlctl/main.go + echo "Done" --- image: {{ $.ImageName }}-cbuilder final: false @@ -488,7 +488,7 @@ git: - '*.c' shell: beforeInstall: - {{- include "debian packages proxy" . | nindent 2 }} + {{- include "debian packages proxy" . | nindent 2 }} - | apt-get update && apt-get install --yes gcc musl-dev musl-tools apt-get clean From d48b430925ba2faff911cbde375096f106d71136 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 13 May 2025 19:19:24 +0300 Subject: [PATCH 16/36] add proxy to packages build Signed-off-by: Nikita Korolev --- images/packages/binaries/acl/werf.inc.yaml | 35 ++++---- images/packages/binaries/bzip2/werf.inc.yaml | 53 ++++++------ .../packages/binaries/dmidecode/werf.inc.yaml | 33 ++++---- images/packages/binaries/file/werf.inc.yaml | 35 ++++---- images/packages/binaries/glib2/werf.inc.yaml | 25 +++--- images/packages/binaries/glibc/werf.inc.yaml | 43 +++++----- images/packages/binaries/gnutls/werf.inc.yaml | 29 +++---- images/packages/binaries/nbdkit/werf.inc.yaml | 44 +++++----- .../packages/binaries/nftables/werf.inc.yaml | 65 +++++++-------- .../packages/binaries/numactl/werf.inc.yaml | 41 +++++----- .../packages/binaries/openssl/werf.inc.yaml | 35 ++++---- images/packages/binaries/swtpm/werf.inc.yaml | 81 ++++++++++--------- .../packages/binaries/xorriso/werf.inc.yaml | 39 ++++----- images/qemu/werf.inc.yaml | 2 +- 14 files changed, 286 insertions(+), 274 deletions(-) diff --git a/images/packages/binaries/acl/werf.inc.yaml b/images/packages/binaries/acl/werf.inc.yaml index 44cee140c5..6f749e2021 100644 --- a/images/packages/binaries/acl/werf.inc.yaml +++ b/images/packages/binaries/acl/werf.inc.yaml @@ -31,28 +31,29 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src - ./autogen.sh + ./autogen.sh - ./configure \ - --prefix=/usr \ - --libdir=/usr/lib64 \ - CFLAGS="-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib64 \ + CFLAGS="-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install + make DESTDIR=$OUTDIR install - strip $OUTDIR/usr/bin/* + strip $OUTDIR/usr/bin/* diff --git a/images/packages/binaries/bzip2/werf.inc.yaml b/images/packages/binaries/bzip2/werf.inc.yaml index 562b7db87a..56add20a63 100644 --- a/images/packages/binaries/bzip2/werf.inc.yaml +++ b/images/packages/binaries/bzip2/werf.inc.yaml @@ -31,37 +31,38 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - pkgver=$( echo {{ $version }} | cut -d "-" -f2) + - | + OUTDIR=/out + pkgver=$( echo {{ $version }} | cut -d "-" -f2) - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src - - mkdir -p $OUTDIR/usr/lib64 - - sed -i \ - -e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \ - -e 's:ln -s -f \$(PREFIX)/bin/:ln -s :' \ - Makefile + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src + + mkdir -p $OUTDIR/usr/lib64 + + sed -i \ + -e 's:\$(PREFIX)/man:\$(PREFIX)/share/man:g' \ + -e 's:ln -s -f \$(PREFIX)/bin/:ln -s :' \ + Makefile - make -f Makefile-libbz2_so all -j $(nproc) - make all + make -f Makefile-libbz2_so all -j $(nproc) + make all - make -j $(nproc) PREFIX=${OUTDIR}/usr install + make -j $(nproc) PREFIX=${OUTDIR}/usr install - install -D libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so.$pkgver - ln -s libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so - ln -s libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so.${pkgver%%.*} + install -D libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so.$pkgver + ln -s libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so + ln -s libbz2.so.$pkgver "${OUTDIR}"/usr/lib64/libbz2.so.${pkgver%%.*} - rm -rf $OUTDIR/usr/share + rm -rf $OUTDIR/usr/share diff --git a/images/packages/binaries/dmidecode/werf.inc.yaml b/images/packages/binaries/dmidecode/werf.inc.yaml index d3697fcf0e..93e40c3577 100644 --- a/images/packages/binaries/dmidecode/werf.inc.yaml +++ b/images/packages/binaries/dmidecode/werf.inc.yaml @@ -29,26 +29,27 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - apt-get update - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get update + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch dmidecode-{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch dmidecode-{{ $version }} /src + cd /src - make -j$(nproc) prefix=/usr + make -j$(nproc) prefix=/usr - make strip - make DESTDIR=$OUTDIR install + make strip + make DESTDIR=$OUTDIR install - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/share + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/share diff --git a/images/packages/binaries/file/werf.inc.yaml b/images/packages/binaries/file/werf.inc.yaml index 1ac039caee..7691463404 100644 --- a/images/packages/binaries/file/werf.inc.yaml +++ b/images/packages/binaries/file/werf.inc.yaml @@ -32,24 +32,25 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src - - autoreconf -f -i - ./configure --prefix=/usr --libdir=/usr/lib64 --datadir=/usr/share - - make install -j $(nproc) DESTDIR=$OUTDIR + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src + + autoreconf -f -i + ./configure --prefix=/usr --libdir=/usr/lib64 --datadir=/usr/share + + make install -j $(nproc) DESTDIR=$OUTDIR - rm -rf $OUTDIR/share/man + rm -rf $OUTDIR/share/man diff --git a/images/packages/binaries/glib2/werf.inc.yaml b/images/packages/binaries/glib2/werf.inc.yaml index 597f712093..f0a1bf8aca 100644 --- a/images/packages/binaries/glib2/werf.inc.yaml +++ b/images/packages/binaries/glib2/werf.inc.yaml @@ -30,20 +30,21 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src - meson setup _build -Dprefix=$OUTDIR/usr -Dgtk_doc=false -Dbuildtype=release -Dstrip=true - meson compile -C _build - meson install -C _build + meson setup _build -Dprefix=$OUTDIR/usr -Dgtk_doc=false -Dbuildtype=release -Dstrip=true + meson compile -C _build + meson install -C _build diff --git a/images/packages/binaries/glibc/werf.inc.yaml b/images/packages/binaries/glibc/werf.inc.yaml index 1c626a4b30..0376864635 100644 --- a/images/packages/binaries/glibc/werf.inc.yaml +++ b/images/packages/binaries/glibc/werf.inc.yaml @@ -31,32 +31,33 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - mkdir /build - cd /build + mkdir /build + cd /build - ../src/configure \ - --prefix=/usr \ - --libdir=/usr/lib64 \ - --disable-crypt \ - --disable-profile \ - --enable-bind-now \ - --enable-obsolete-rpc \ - --enable-stack-protector=strong \ - --enable-fortify-source=3 \ + ../src/configure \ + --prefix=/usr \ + --libdir=/usr/lib64 \ + --disable-crypt \ + --disable-profile \ + --enable-bind-now \ + --enable-obsolete-rpc \ + --enable-stack-protector=strong \ + --enable-fortify-source=3 \ - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install + make DESTDIR=$OUTDIR install diff --git a/images/packages/binaries/gnutls/werf.inc.yaml b/images/packages/binaries/gnutls/werf.inc.yaml index 62dc1a1957..09cbc59071 100644 --- a/images/packages/binaries/gnutls/werf.inc.yaml +++ b/images/packages/binaries/gnutls/werf.inc.yaml @@ -36,24 +36,25 @@ secrets: value: {{ $.SOURCE_REPO }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src - ./bootstrap + ./bootstrap - ./configure --prefix=/usr --libdir=/usr/lib64 --disable-tests + ./configure --prefix=/usr --libdir=/usr/lib64 --disable-tests - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install-strip + make DESTDIR=$OUTDIR install-strip diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index bcffdc3792..5f0f6dd842 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -17,7 +17,6 @@ import: packages: - git gcc - automake autoconf-archive make libtool -# - MAKEDEV - bash-completion - curl - qemu @@ -49,33 +48,34 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - apt-get update - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get update + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src - autoreconf -i + autoreconf -i - ./configure \ - --disable-static \ - --prefix=/usr \ - --without-bash-completions + ./configure \ + --disable-static \ + --prefix=/usr \ + --without-bash-completions - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install-strip + make DESTDIR=$OUTDIR install-strip - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/include - rm -rf $OUTDIR/usr/share + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/include + rm -rf $OUTDIR/usr/share diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index d1858d04ca..07acecc294 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -32,46 +32,47 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - cat >/etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list< ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src - ./autogen.sh + ./autogen.sh - ./configure \ - --prefix=/usr \ - --libdir=/usr/lib64 \ - --with-json \ - --with-cli=readline + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib64 \ + --with-json \ + --with-cli=readline - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install + make DESTDIR=$OUTDIR install - strip $OUTDIR/usr/sbin/nft - ldd $OUTDIR/usr/sbin/nft + strip $OUTDIR/usr/sbin/nft + ldd $OUTDIR/usr/sbin/nft - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/include - rm -rf $OUTDIR/usr/share - rm -rf $OUTDIR/usr/lib64/pkgconfig + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/include + rm -rf $OUTDIR/usr/share + rm -rf $OUTDIR/usr/lib64/pkgconfig diff --git a/images/packages/binaries/numactl/werf.inc.yaml b/images/packages/binaries/numactl/werf.inc.yaml index ecc81e6e4a..2e768f0292 100644 --- a/images/packages/binaries/numactl/werf.inc.yaml +++ b/images/packages/binaries/numactl/werf.inc.yaml @@ -30,32 +30,33 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src - ./autogen.sh + ./autogen.sh - ./configure --prefix=/usr --libdir=/usr/lib64 --enable-static=no + ./configure --prefix=/usr --libdir=/usr/lib64 --enable-static=no - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install + make DESTDIR=$OUTDIR install - strip $OUTDIR/usr/bin/* + strip $OUTDIR/usr/bin/* - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/include - rm -rf $OUTDIR/usr/share - rm -rf $OUTDIR/usr/lib64/pkgconfig - rm -rf $OUTDIR/usr/bin/numademo + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/include + rm -rf $OUTDIR/usr/share + rm -rf $OUTDIR/usr/lib64/pkgconfig + rm -rf $OUTDIR/usr/bin/numademo diff --git a/images/packages/binaries/openssl/werf.inc.yaml b/images/packages/binaries/openssl/werf.inc.yaml index 56a825d325..c94acce24b 100644 --- a/images/packages/binaries/openssl/werf.inc.yaml +++ b/images/packages/binaries/openssl/werf.inc.yaml @@ -28,25 +28,26 @@ final: false fromImage: builder/alt secrets: - id: SOURCE_REPO - value: {{ $.SOURCE_REPO }} + value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src - - ./Configure --prefix=/usr CC=/usr/bin/musl-gcc -static - make -j $(nproc) - make install_sw -j $(nproc) DESTDIR=$OUTDIR - strip $OUTDIR/usr/bin/openssl + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src + + ./Configure --prefix=/usr CC=/usr/bin/musl-gcc -static + make -j $(nproc) + make install_sw -j $(nproc) DESTDIR=$OUTDIR + strip $OUTDIR/usr/bin/openssl diff --git a/images/packages/binaries/swtpm/werf.inc.yaml b/images/packages/binaries/swtpm/werf.inc.yaml index 1e69474151..1cfce8afa0 100644 --- a/images/packages/binaries/swtpm/werf.inc.yaml +++ b/images/packages/binaries/swtpm/werf.inc.yaml @@ -39,47 +39,48 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - - # libtpms libtpms-devel requares version 0.10 that in sisyphus repo - cat >/etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list< ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src - cd /src - - ./autogen.sh \ - --disable-tests \ - --with-openssl \ - --with-gnutls \ - --with-cuse \ - --prefix=/usr \ - --with-tss-user=root \ - --with-tss-group=root \ - --libdir=/usr/lib64 - - make -j$(nproc) - - make DESTDIR=$OUTDIR install - strip $OUTDIR/usr/bin/* + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src + + ./autogen.sh \ + --disable-tests \ + --with-openssl \ + --with-gnutls \ + --with-cuse \ + --prefix=/usr \ + --with-tss-user=root \ + --with-tss-group=root \ + --libdir=/usr/lib64 + + make -j$(nproc) + + make DESTDIR=$OUTDIR install + strip $OUTDIR/usr/bin/* - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/include - rm -rf $OUTDIR/usr/share - rm -rf $OUTDIR/usr/libexec/installed-tests + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/include + rm -rf $OUTDIR/usr/share + rm -rf $OUTDIR/usr/libexec/installed-tests diff --git a/images/packages/binaries/xorriso/werf.inc.yaml b/images/packages/binaries/xorriso/werf.inc.yaml index f013370f80..bc64098ab5 100644 --- a/images/packages/binaries/xorriso/werf.inc.yaml +++ b/images/packages/binaries/xorriso/werf.inc.yaml @@ -31,31 +31,32 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - - | - apt-get update && apt-get install -y \ - {{ $builderDependencies.packages | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: - - | - OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + - | + OUTDIR=/out + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch release-{{ $version }} /src - cd /src + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch release-{{ $version }} /src + cd /src - ./bootstrap + ./bootstrap - ./configure --prefix=/usr --libdir=/usr/lib64 + ./configure --prefix=/usr --libdir=/usr/lib64 - make -j$(nproc) + make -j$(nproc) - make DESTDIR=$OUTDIR install + make DESTDIR=$OUTDIR install - strip $OUTDIR/usr/bin/xorriso + strip $OUTDIR/usr/bin/xorriso - # We don't need man, test and samples files - rm -rf $OUTDIR/usr/include - rm -rf $OUTDIR/usr/share - rm -rf $OUTDIR/usr/lib64/pkgconfig + # We don't need man, test and samples files + rm -rf $OUTDIR/usr/include + rm -rf $OUTDIR/usr/share + rm -rf $OUTDIR/usr/lib64/pkgconfig diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index d653c16577..9a4dcc4fb5 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -109,7 +109,7 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} \ From 4baf97331a02bc55adc0a34acc905a1bf40d62b1 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 13 May 2025 23:10:44 +0300 Subject: [PATCH 17/36] refactor dvcr build Signed-off-by: Nikita Korolev --- images/dvcr/werf.inc.yaml | 45 +++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index c58618e3ce..972035eec6 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -22,34 +22,33 @@ imageSpec: image: {{ $.ImageName }}-builder final: false -# fromImage: builder/alt -fromImage: base-alt-p10 +fromImage: builder/alt secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} shell: install: - # {{/* {{- include "alt packages proxy" . | nindent 2 }} */}} - - | - apt-get update && apt-get install -y \ - git openssh golang - - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + git openssh golang + + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - export GOPATH=$(go env GOPATH) - export GOROOT=$(go env GOROOT) - export GO111MODULE=off - - mkdir -p /container-registry-binary - mkdir -p $GOPATH/src/github.com/docker + export GOPATH=$(go env GOPATH) + export GOROOT=$(go env GOROOT) + export GO111MODULE=off + + mkdir -p /container-registry-binary + mkdir -p $GOPATH/src/github.com/docker - cd $GOPATH/src/github.com/docker - git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} - cd distribution + cd $GOPATH/src/github.com/docker + git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} + cd distribution - go build -o /container-registry-binary/ -ldflags '-s -w -X registry/version.Version=v{{ $version }} -X registry/version.Revision=v{{ $version }}' ./cmd/registry - - | - echo "Clean up" - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - rm -rf $(go env GOCACHE) + go build -o /container-registry-binary/ -ldflags '-s -w -X registry/version.Version=v{{ $version }} -X registry/version.Revision=v{{ $version }}' ./cmd/registry + - | + echo "Clean up" + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + rm -rf $(go env GOCACHE) From 54be9f9a831b8802b7d0e1f2abceb36fba68ed18 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Tue, 13 May 2025 23:23:29 +0300 Subject: [PATCH 18/36] qemu: add submodule change url for closed env Signed-off-by: Nikita Korolev --- images/qemu/werf.inc.yaml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index 9a4dcc4fb5..130848ce18 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -141,10 +141,27 @@ shell: export NINJA="/usr/bin/ninja" export PYTHON="/usr/bin/python3" - # TODO git submodules git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} + {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} + echo "Change submodule url" + git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git + git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git + git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git + git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git + git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git + git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git + git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git + git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git + git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git + git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git + git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git + git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git + git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git + git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git + git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git + {{- end }} for p in /patches/*.patch ; do echo -n "Apply ${p} ... " From 0baa66569834372233b7882ead014bb06e3b9df9 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 12:12:11 +0300 Subject: [PATCH 19/36] fix build nbdkit, add lib to dvcr-importer Signed-off-by: Nikita Korolev --- images/dvcr-artifact/werf.inc.yaml | 20 +++++++++++++++++++ images/packages/binaries/nbdkit/werf.inc.yaml | 1 + 2 files changed, 21 insertions(+) diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index 7ec86da13c..bc3e8a0baa 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -33,6 +33,8 @@ shell: --- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} +libraries: +- libnbd binaries: - /usr/local/bin/dvcr-importer - /usr/sbin/nbd* @@ -42,6 +44,7 @@ binaries: - /usr/local/bin/dvcr-cleaner - /usr/bin/qemu-img - /usr/bin/qemu-nbd +- /usr/lib64/libnbd.s* {{- end -}} {{ $dvcrDependencies := include "$name" . | fromYaml }} @@ -79,6 +82,16 @@ import: to: /qemu-img before: install shell: + beforeInstall: + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get update && apt-get install -y \ + {{ $dvcrDependencies.libraries | join " " }} + + apt-get update + apt-get clean + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + install: - | cp -a /qemu-img/. / @@ -86,6 +99,13 @@ shell: cp -a /file/. / cp -a /nbdkit/. / rm -rf /{file,bzip2,qemu-img} + setup: - | /relocate_binaries.sh -i "{{ $dvcrDependencies.binaries | join " " }}" -o /relocate + SO_FILES=$(find /usr/lib64/nbdkit/ -name '*.so') + for file in $SO_FILES;do + new_place="/relocate$(dirname ${file})" + mkdir -p ${new_place} + cp -a ${file} ${new_place} || true + done diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 5f0f6dd842..4eadce1e6d 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -70,6 +70,7 @@ shell: ./configure \ --disable-static \ --prefix=/usr \ + --libdir=/usr/lib64 \ --without-bash-completions make -j$(nproc) From 826455cfc8445daa63c4b402c31fccf72f6e0957 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 14:59:13 +0300 Subject: [PATCH 20/36] add cache Signed-off-by: Nikita Korolev --- images/packages/binaries/nbdkit/werf.inc.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 4eadce1e6d..004fc7b9ec 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -43,6 +43,7 @@ packages: image: {{ $.ImageType }}/{{ $.ImageName }}-builder final: false fromImage: builder/alt +cacheVersion: "14052025.0" secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -64,7 +65,7 @@ shell: git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src cd /src - + autoreconf -i ./configure \ From ad8ae058d348a0db7bfe842fdc1dbf097fd76e18 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 15:41:52 +0300 Subject: [PATCH 21/36] add cache ver to nbdkit Signed-off-by: Nikita Korolev --- images/cdi-controller/werf.inc.yaml | 2 +- images/cdi-importer/werf.inc.yaml | 4 ++-- images/dvcr-artifact/werf.inc.yaml | 1 + images/packages/binaries/nbdkit/werf.inc.yaml | 1 + 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 624b98eda6..603cca89e8 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -45,7 +45,7 @@ import: # Source https://github.com/kubevirt/containerized-data-importer/blob/v1.60.3/cmd/cdi-controller/BUILD.bazel shell: install: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get update && apt-get install --yes \ {{ $cdiClonerDependencies.packages | join " " }} diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index d31967ae06..826df29c13 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -21,8 +21,8 @@ packages: binaries: # nbd bins and libs - /usr/sbin/nbdkit - - /usr/lib/nbdkit/filters/* - - /usr/lib/nbdkit/plugins/* + - /usr/lib64/nbdkit/filters/*.so + - /usr/lib64/nbdkit/plugins/*.so # Sqlite libs - /usr/lib64/libsqlite3.so.0 # CDI binaries diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index bc3e8a0baa..d944586e95 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -103,6 +103,7 @@ shell: setup: - | /relocate_binaries.sh -i "{{ $dvcrDependencies.binaries | join " " }}" -o /relocate + SO_FILES=$(find /usr/lib64/nbdkit/ -name '*.so') for file in $SO_FILES;do new_place="/relocate$(dirname ${file})" diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 004fc7b9ec..0736edd44a 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -2,6 +2,7 @@ image: {{ $.ImageType }}/{{ $.ImageName }} final: false fromImage: builder/scratch +cacheVersion: "14052025.0" import: - image: {{ $.ImageType }}/{{ $.ImageName }}-builder add: /out From 22933f633ae8866a6271cb01f0749bf32ae3c123 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 18:57:46 +0300 Subject: [PATCH 22/36] replcae git submodule set-url to git config --global url. Signed-off-by: Nikita Korolev --- images/edk2/werf.inc.yaml | 25 +++++++++++++------------ images/qemu/werf.inc.yaml | 31 ++++++++++++++++--------------- 2 files changed, 29 insertions(+), 27 deletions(-) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index af9d6d2457..20d4f56321 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -73,18 +73,19 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl - git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git - git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git - git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git - git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git - git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git - git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git - git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git - git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git - git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git + git config --global url."https://$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" + # git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl + # git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git + # git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git + # git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + # git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + # git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git + # git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git + # git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git + # git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git + # git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git + # git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git + # git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git {{- end }} git submodule update --init --recursive diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index 130848ce18..c2750a5c71 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -146,21 +146,22 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git - git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git - git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git - git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git - git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git - git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git - git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git - git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git - git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git - git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git - git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git - git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git - git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git - git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git - git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git + git config --global url."https://$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" + # git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git + # git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git + # git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git + # git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git + # git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git + # git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git + # git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git + # git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git + # git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git + # git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git + # git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git + # git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git + # git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git + # git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git + # git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git {{- end }} for p in /patches/*.patch ; do From 698f65fbcc49ef3dee56ac0fa566cf316d1ae6c6 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 19:48:16 +0300 Subject: [PATCH 23/36] fix cleanup whae no proxy Signed-off-by: Nikita Korolev --- images/cdi-artifact/werf.inc.yaml | 2 ++ images/dvcr-artifact/werf.inc.yaml | 2 ++ images/dvcr/werf.inc.yaml | 8 ++------ images/edk2/werf.inc.yaml | 4 ++-- images/qemu/werf.inc.yaml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index a07a19fe86..750113a62a 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -29,7 +29,9 @@ shell: apt-get update apt-get install --yes libnbd-dev apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index d944586e95..f27c395aa7 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -90,7 +90,9 @@ shell: apt-get update apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index 972035eec6..ce722955ab 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -22,17 +22,13 @@ imageSpec: image: {{ $.ImageName }}-builder final: false -fromImage: builder/alt +fromImage: builder/golang-bookworm-1.23 secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} shell: install: - {{- include "alt packages proxy" . | nindent 2 }} - - | - apt-get update && apt-get install -y \ - git openssh golang - + - | mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config export GOPATH=$(go env GOPATH) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 20d4f56321..1faab79ea8 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -73,7 +73,7 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git config --global url."https://$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" + git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" # git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl # git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git # git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git @@ -84,7 +84,7 @@ shell: # git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git # git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git # git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git - # git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git + git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git # git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git {{- end }} diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index c2750a5c71..f8f074ee79 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -146,7 +146,7 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git config --global url."https://$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" + git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" # git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git # git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git # git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git From d3d2f2a768f5ee2d6112326cf3b298cc2303d317 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 20:26:45 +0300 Subject: [PATCH 24/36] edk2 back git submodule set-url Signed-off-by: Nikita Korolev --- images/edk2/werf.inc.yaml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 1faab79ea8..301093a71f 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -73,19 +73,19 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" - # git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl - # git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git - # git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git - # git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - # git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - # git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git - # git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git - # git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git - # git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git - # git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git + # git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" + git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl + git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git + git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git + git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git + git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git + git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git + git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git + git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git - # git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git + git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git {{- end }} git submodule update --init --recursive From 788f4afdff16aa740e9568070d18e6c7766325fa Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 20:53:14 +0300 Subject: [PATCH 25/36] fix numactl Signed-off-by: Nikita Korolev --- images/packages/binaries/numactl/werf.inc.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/images/packages/binaries/numactl/werf.inc.yaml b/images/packages/binaries/numactl/werf.inc.yaml index 2e768f0292..b3bf22a851 100644 --- a/images/packages/binaries/numactl/werf.inc.yaml +++ b/images/packages/binaries/numactl/werf.inc.yaml @@ -35,7 +35,9 @@ shell: apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | From c1c3d115d37b20a6b378394c05494333a6ee4e8a Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Wed, 14 May 2025 20:53:31 +0300 Subject: [PATCH 26/36] fix nbdkit Signed-off-by: Nikita Korolev --- images/cdi-importer/werf.inc.yaml | 4 +++- images/dvcr-artifact/werf.inc.yaml | 9 ++------- images/packages/binaries/nbdkit/werf.inc.yaml | 10 ++++++++-- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index 826df29c13..297817b4fd 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -61,13 +61,15 @@ import: before: install shell: install: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get update && apt-get install --yes \ {{ $cdiImporterDependencies.packages | join " " }} \ {{ $cdiImporterDependencies.libraries | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} cp -a /nbdkit/. / rm -rf /nbdkit diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index f27c395aa7..810e295da0 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -38,6 +38,8 @@ libraries: binaries: - /usr/local/bin/dvcr-importer - /usr/sbin/nbd* +- /usr/lib64/nbdkit/filters/*.so +- /usr/lib64/nbdkit/plugins/*.so - /usr/bin/file - /usr/share/misc/magic.mgc - /usr/local/bin/dvcr-uploader @@ -105,10 +107,3 @@ shell: setup: - | /relocate_binaries.sh -i "{{ $dvcrDependencies.binaries | join " " }}" -o /relocate - - SO_FILES=$(find /usr/lib64/nbdkit/ -name '*.so') - for file in $SO_FILES;do - new_place="/relocate$(dirname ${file})" - mkdir -p ${new_place} - cp -a ${file} ${new_place} || true - done diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 0736edd44a..43b60324d5 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -2,7 +2,7 @@ image: {{ $.ImageType }}/{{ $.ImageName }} final: false fromImage: builder/scratch -cacheVersion: "14052025.0" +# cacheVersion: "14052025.0" import: - image: {{ $.ImageType }}/{{ $.ImageName }}-builder add: /out @@ -37,6 +37,8 @@ packages: - libnbd - libtorrent-rasterbar-devel - libssh +# debug +- tree {{- end -}} {{ $builderDependencies := include "$name" . | fromYaml }} @@ -44,7 +46,7 @@ packages: image: {{ $.ImageType }}/{{ $.ImageName }}-builder final: false fromImage: builder/alt -cacheVersion: "14052025.0" +# cacheVersion: "14052025.0" secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -57,7 +59,9 @@ shell: apt-get update apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | @@ -82,3 +86,5 @@ shell: # We don't need man, test and samples files rm -rf $OUTDIR/usr/include rm -rf $OUTDIR/usr/share + + tree $OUTDIR From 2a32ad599b1b3907993d7158a115df70c582ef44 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 10:26:18 +0300 Subject: [PATCH 27/36] dvcr change docker to distribution Signed-off-by: Nikita Korolev --- images/dvcr/werf.inc.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index ce722955ab..06f4c7a060 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -45,6 +45,5 @@ shell: go build -o /container-registry-binary/ -ldflags '-s -w -X registry/version.Version=v{{ $version }} -X registry/version.Revision=v{{ $version }}' ./cmd/registry - | echo "Clean up" - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin rm -rf $(go env GOCACHE) + - ls -la /container-registry-binary From f0d3b963ee04856f11ea6d33cb0040407707fbe1 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 12:18:24 +0300 Subject: [PATCH 28/36] dvcr CGO_ENABLED=0 Signed-off-by: Nikita Korolev --- images/dvcr/werf.inc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index 06f4c7a060..7f4c09e042 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -34,6 +34,7 @@ shell: export GOPATH=$(go env GOPATH) export GOROOT=$(go env GOROOT) export GO111MODULE=off + export CGO_ENABLED=0 mkdir -p /container-registry-binary mkdir -p $GOPATH/src/github.com/docker @@ -46,4 +47,3 @@ shell: - | echo "Clean up" rm -rf $(go env GOCACHE) - - ls -la /container-registry-binary From 735498d55b745ab9263d6fb33e9437572c635317 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 13:48:27 +0300 Subject: [PATCH 29/36] use git-submodule for change url in submodules Signed-off-by: Nikita Korolev --- images/edk2/werf.inc.yaml | 1 - images/qemu/werf.inc.yaml | 31 +++++++++++++++---------------- 2 files changed, 15 insertions(+), 17 deletions(-) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 301093a71f..af9d6d2457 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -73,7 +73,6 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - # git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index f8f074ee79..130848ce18 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -146,22 +146,21 @@ shell: cd {{ $gitRepoName }}-{{ $version }} {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} echo "Change submodule url" - git config --global url."$(cat /run/secrets/SOURCE_REPO)".insteadOf "https://github.com" - # git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git - # git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git - # git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git - # git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git - # git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git - # git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git - # git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git - # git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git - # git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git - # git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git - # git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git - # git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git - # git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git - # git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git - # git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git + git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git + git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git + git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git + git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git + git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git + git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git + git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git + git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git + git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git + git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git + git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git + git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git + git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git + git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git + git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git {{- end }} for p in /patches/*.patch ; do From f60ac713ac22a4941a260c2e5302786f60658f6c Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 14:08:20 +0300 Subject: [PATCH 30/36] fix cleanup if no proxy set Signed-off-by: Nikita Korolev --- images/packages/binaries/acl/werf.inc.yaml | 2 ++ images/packages/binaries/bzip2/werf.inc.yaml | 2 ++ images/packages/binaries/dmidecode/werf.inc.yaml | 2 ++ images/packages/binaries/file/werf.inc.yaml | 2 ++ images/packages/binaries/glib2/werf.inc.yaml | 2 ++ images/packages/binaries/glibc/werf.inc.yaml | 2 ++ images/packages/binaries/gnutls/werf.inc.yaml | 2 ++ 7 files changed, 14 insertions(+) diff --git a/images/packages/binaries/acl/werf.inc.yaml b/images/packages/binaries/acl/werf.inc.yaml index 6f749e2021..81d662c263 100644 --- a/images/packages/binaries/acl/werf.inc.yaml +++ b/images/packages/binaries/acl/werf.inc.yaml @@ -35,7 +35,9 @@ shell: - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/bzip2/werf.inc.yaml b/images/packages/binaries/bzip2/werf.inc.yaml index 56add20a63..7e287d8847 100644 --- a/images/packages/binaries/bzip2/werf.inc.yaml +++ b/images/packages/binaries/bzip2/werf.inc.yaml @@ -37,7 +37,9 @@ shell: {{ $builderDependencies.packages | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/dmidecode/werf.inc.yaml b/images/packages/binaries/dmidecode/werf.inc.yaml index 93e40c3577..b4a3feae7c 100644 --- a/images/packages/binaries/dmidecode/werf.inc.yaml +++ b/images/packages/binaries/dmidecode/werf.inc.yaml @@ -36,7 +36,9 @@ shell: apt-get update apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/file/werf.inc.yaml b/images/packages/binaries/file/werf.inc.yaml index 7691463404..c17297fe12 100644 --- a/images/packages/binaries/file/werf.inc.yaml +++ b/images/packages/binaries/file/werf.inc.yaml @@ -38,7 +38,9 @@ shell: {{ $builderDependencies.packages | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/glib2/werf.inc.yaml b/images/packages/binaries/glib2/werf.inc.yaml index f0a1bf8aca..81ee68f971 100644 --- a/images/packages/binaries/glib2/werf.inc.yaml +++ b/images/packages/binaries/glib2/werf.inc.yaml @@ -34,7 +34,9 @@ shell: - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/glibc/werf.inc.yaml b/images/packages/binaries/glibc/werf.inc.yaml index 0376864635..385b563e72 100644 --- a/images/packages/binaries/glibc/werf.inc.yaml +++ b/images/packages/binaries/glibc/werf.inc.yaml @@ -35,7 +35,9 @@ shell: - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/gnutls/werf.inc.yaml b/images/packages/binaries/gnutls/werf.inc.yaml index 09cbc59071..583b281b13 100644 --- a/images/packages/binaries/gnutls/werf.inc.yaml +++ b/images/packages/binaries/gnutls/werf.inc.yaml @@ -41,7 +41,9 @@ shell: apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | From 26542d2c5ea0cc99453f1dca51172f327361bd9e Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 14:08:56 +0300 Subject: [PATCH 31/36] nftables fix repourl if proxy set Signed-off-by: Nikita Korolev --- images/packages/binaries/nftables/werf.inc.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index 07acecc294..5b50d103b8 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -36,10 +36,17 @@ shell: - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} + + PROXY={{ $.DistroPackagesProxy }} + if [ -z $PROXY ];then + REPO_URL=http://ftp.altlinux.org/pub/distributions + else + REPO_URL={{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository + fi cat >/etc/apt/sources.list.d/alt-sisyphus.list< Date: Thu, 15 May 2025 14:58:02 +0300 Subject: [PATCH 32/36] fix proxu settings for alt-p11-nibs,openssl,swtpm,xorriso Signed-off-by: Nikita Korolev --- images/base-alt-p11-binaries/werf.inc.yaml | 4 +++- images/packages/binaries/openssl/werf.inc.yaml | 2 ++ images/packages/binaries/swtpm/werf.inc.yaml | 15 ++++++++++++--- images/packages/binaries/xorriso/werf.inc.yaml | 2 ++ 4 files changed, 19 insertions(+), 4 deletions(-) diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index 928b50f81a..de72f767d2 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -27,4 +27,6 @@ shell: {{ $builderDependencies.libraries | join " " }} - | apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin \ No newline at end of file + {{- if not $.DistroPackagesProxy }} + rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} \ No newline at end of file diff --git a/images/packages/binaries/openssl/werf.inc.yaml b/images/packages/binaries/openssl/werf.inc.yaml index c94acce24b..2c64755fe5 100644 --- a/images/packages/binaries/openssl/werf.inc.yaml +++ b/images/packages/binaries/openssl/werf.inc.yaml @@ -37,7 +37,9 @@ shell: {{ $builderDependencies.packages | join " " }} apt-get clean + {{- if not $.DistroPackagesProxy }} rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- end }} install: - | diff --git a/images/packages/binaries/swtpm/werf.inc.yaml b/images/packages/binaries/swtpm/werf.inc.yaml index 1cfce8afa0..8b0105fd3b 100644 --- a/images/packages/binaries/swtpm/werf.inc.yaml +++ b/images/packages/binaries/swtpm/werf.inc.yaml @@ -44,10 +44,17 @@ shell: apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} + PROXY={{ $.DistroPackagesProxy }} + if [ -z $PROXY ];then + REPO_URL=http://ftp.altlinux.org/pub/distributions + else + REPO_URL={{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository + fi + # libtpms libtpms-devel requares version 0.10 that in sisyphus repo - cat >/etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list< Date: Thu, 15 May 2025 15:16:24 +0300 Subject: [PATCH 33/36] fix formatting nftables Signed-off-by: Nikita Korolev --- images/packages/binaries/nftables/werf.inc.yaml | 11 +++++------ images/packages/binaries/swtpm/werf.inc.yaml | 7 +++---- images/virt-launcher/werf.inc.yaml | 11 +++++++++-- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index 5b50d103b8..6a69e2b358 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -36,14 +36,13 @@ shell: - | apt-get update && apt-get install -y \ {{ $builderDependencies.packages | join " " }} - - PROXY={{ $.DistroPackagesProxy }} - if [ -z $PROXY ];then + + {{ if not $.DistroPackagesProxy }} REPO_URL=http://ftp.altlinux.org/pub/distributions - else + {{- else }} REPO_URL={{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository - fi - + {{- end }} + cat >/etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list< Date: Thu, 15 May 2025 17:51:47 +0300 Subject: [PATCH 34/36] refactor cleanup Signed-off-by: Nikita Korolev --- .werf/defines/packages-clean.tmpl | 7 +++++++ images/base-alt-p11-binaries/werf.inc.yaml | 2 +- images/cdi-controller/werf.inc.yaml | 2 +- images/cdi-importer/werf.inc.yaml | 2 +- images/distroless/werf.inc.yaml | 2 +- images/dvcr-artifact/werf.inc.yaml | 8 ++------ images/libvirt/werf.inc.yaml | 2 +- images/packages/binaries/acl/werf.inc.yaml | 7 +++---- images/packages/binaries/bzip2/werf.inc.yaml | 7 ++----- images/packages/binaries/dmidecode/werf.inc.yaml | 8 ++------ images/packages/binaries/file/werf.inc.yaml | 7 ++----- images/packages/binaries/glib2/werf.inc.yaml | 7 +++---- images/packages/binaries/glibc/werf.inc.yaml | 7 +++---- images/packages/binaries/gnutls/werf.inc.yaml | 8 ++++---- images/packages/binaries/nbdkit/werf.inc.yaml | 15 +++------------ images/packages/binaries/nftables/werf.inc.yaml | 11 ++++------- images/packages/binaries/numactl/werf.inc.yaml | 8 +++----- images/packages/binaries/openssl/werf.inc.yaml | 7 ++----- images/packages/binaries/swtpm/werf.inc.yaml | 11 ++++------- images/packages/binaries/xorriso/werf.inc.yaml | 8 +++----- images/qemu/werf.inc.yaml | 2 +- images/virt-handler/werf.inc.yaml | 10 +++++----- images/virt-launcher/werf.inc.yaml | 9 +++------ 23 files changed, 61 insertions(+), 96 deletions(-) create mode 100644 .werf/defines/packages-clean.tmpl diff --git a/.werf/defines/packages-clean.tmpl b/.werf/defines/packages-clean.tmpl new file mode 100644 index 0000000000..99f4423802 --- /dev/null +++ b/.werf/defines/packages-clean.tmpl @@ -0,0 +1,7 @@ +{{- define "alt packages clean" }} +- apt-get clean +- rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- if $.DistroPackagesProxy }} +- rm --recursive --force /var/lib/apt/lists/{{ $.DistroPackagesProxy }}* + {{- end }} +{{- end }} \ No newline at end of file diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index de72f767d2..c3367cf7ab 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -22,7 +22,7 @@ shell: install: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} \ {{ $builderDependencies.libraries | join " " }} - | diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 603cca89e8..741aeba383 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -47,7 +47,7 @@ shell: install: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes \ + apt-get install --yes \ {{ $cdiClonerDependencies.packages | join " " }} - | apt-get clean diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index 297817b4fd..d162e179c0 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -63,7 +63,7 @@ shell: install: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes \ + apt-get install --yes \ {{ $cdiImporterDependencies.packages | join " " }} \ {{ $cdiImporterDependencies.libraries | join " " }} apt-get clean diff --git a/images/distroless/werf.inc.yaml b/images/distroless/werf.inc.yaml index b531444e36..24fe430ebb 100644 --- a/images/distroless/werf.inc.yaml +++ b/images/distroless/werf.inc.yaml @@ -22,7 +22,7 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install ca-certificates tzdata -y + apt-get install ca-certificates tzdata -y apt-get clean rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin install: diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index 810e295da0..34955c96d1 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -87,14 +87,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $dvcrDependencies.libraries | join " " }} - apt-get update - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index af346aa5e1..734a17b753 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -31,7 +31,7 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes \ + apt-get install --yes \ binutils \ gcc-c++ \ git \ diff --git a/images/packages/binaries/acl/werf.inc.yaml b/images/packages/binaries/acl/werf.inc.yaml index 81d662c263..6e2b813894 100644 --- a/images/packages/binaries/acl/werf.inc.yaml +++ b/images/packages/binaries/acl/werf.inc.yaml @@ -33,11 +33,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/bzip2/werf.inc.yaml b/images/packages/binaries/bzip2/werf.inc.yaml index 7e287d8847..2cc547ff00 100644 --- a/images/packages/binaries/bzip2/werf.inc.yaml +++ b/images/packages/binaries/bzip2/werf.inc.yaml @@ -33,13 +33,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/dmidecode/werf.inc.yaml b/images/packages/binaries/dmidecode/werf.inc.yaml index b4a3feae7c..3418899898 100644 --- a/images/packages/binaries/dmidecode/werf.inc.yaml +++ b/images/packages/binaries/dmidecode/werf.inc.yaml @@ -31,14 +31,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - apt-get update - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/file/werf.inc.yaml b/images/packages/binaries/file/werf.inc.yaml index c17297fe12..d56ffe6011 100644 --- a/images/packages/binaries/file/werf.inc.yaml +++ b/images/packages/binaries/file/werf.inc.yaml @@ -34,13 +34,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/glib2/werf.inc.yaml b/images/packages/binaries/glib2/werf.inc.yaml index 81ee68f971..dd7bb71b5f 100644 --- a/images/packages/binaries/glib2/werf.inc.yaml +++ b/images/packages/binaries/glib2/werf.inc.yaml @@ -32,11 +32,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/glibc/werf.inc.yaml b/images/packages/binaries/glibc/werf.inc.yaml index 385b563e72..8f377e0384 100644 --- a/images/packages/binaries/glibc/werf.inc.yaml +++ b/images/packages/binaries/glibc/werf.inc.yaml @@ -33,11 +33,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/packages/binaries/gnutls/werf.inc.yaml b/images/packages/binaries/gnutls/werf.inc.yaml index 583b281b13..178795a6b3 100644 --- a/images/packages/binaries/gnutls/werf.inc.yaml +++ b/images/packages/binaries/gnutls/werf.inc.yaml @@ -38,12 +38,12 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + + {{- include "alt packages clean" . | nindent 2 }} + install: - | diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 43b60324d5..01ad4e9f09 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -2,7 +2,6 @@ image: {{ $.ImageType }}/{{ $.ImageName }} final: false fromImage: builder/scratch -# cacheVersion: "14052025.0" import: - image: {{ $.ImageType }}/{{ $.ImageName }}-builder add: /out @@ -37,8 +36,6 @@ packages: - libnbd - libtorrent-rasterbar-devel - libssh -# debug -- tree {{- end -}} {{ $builderDependencies := include "$name" . | fromYaml }} @@ -46,7 +43,6 @@ packages: image: {{ $.ImageType }}/{{ $.ImageName }}-builder final: false fromImage: builder/alt -# cacheVersion: "14052025.0" secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -54,14 +50,11 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} - apt-get update - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} + install: - | @@ -86,5 +79,3 @@ shell: # We don't need man, test and samples files rm -rf $OUTDIR/usr/include rm -rf $OUTDIR/usr/share - - tree $OUTDIR diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index 6a69e2b358..185890a683 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -34,13 +34,13 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ {{ $builderDependencies.packages | join " " }} {{ if not $.DistroPackagesProxy }} REPO_URL=http://ftp.altlinux.org/pub/distributions {{- else }} - REPO_URL={{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository + REPO_URL=http://{{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository {{- end }} cat >/etc/apt/sources.list.d/alt-sisyphus.list</etc/apt/sources.list.d/alt-sisyphus.list< Date: Thu, 15 May 2025 21:54:15 +0300 Subject: [PATCH 35/36] refactor Signed-off-by: Nikita Korolev --- .werf/defines/packages-clean.tmpl | 5 + images/base-alt-p11-binaries/werf.inc.yaml | 8 +- images/bounder/werf.inc.yaml | 6 +- images/cdi-artifact/werf.inc.yaml | 102 +++++++++--------- images/cdi-controller/werf.inc.yaml | 4 +- images/cdi-importer/werf.inc.yaml | 7 +- images/distroless/werf.inc.yaml | 5 +- images/dvcr-artifact/werf.inc.yaml | 5 +- images/edk2/werf.inc.yaml | 6 +- images/libvirt/werf.inc.yaml | 5 +- images/packages/binaries/gnutls/werf.inc.yaml | 2 - .../packages/binaries/nftables/werf.inc.yaml | 1 - images/qemu/werf.inc.yaml | 4 +- images/virt-artifact/werf.inc.yaml | 6 +- images/virt-launcher/werf.inc.yaml | 6 +- 15 files changed, 78 insertions(+), 94 deletions(-) diff --git a/.werf/defines/packages-clean.tmpl b/.werf/defines/packages-clean.tmpl index 99f4423802..0f770bd611 100644 --- a/.werf/defines/packages-clean.tmpl +++ b/.werf/defines/packages-clean.tmpl @@ -4,4 +4,9 @@ {{- if $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/{{ $.DistroPackagesProxy }}* {{- end }} +{{- end }} + +{{- define "debian packages clean" }} +- apt-get clean +- find /var/lib/apt/ /var/cache/apt/ -type f -delete {{- end }} \ No newline at end of file diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index c3367cf7ab..d7135798cb 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -20,13 +20,9 @@ git: - relocate_binaries.sh shell: install: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get install -y \ {{ $builderDependencies.packages | join " " }} \ {{ $builderDependencies.libraries | join " " }} - - | - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} \ No newline at end of file + {{- include "alt packages clean" . | nindent 2 }} \ No newline at end of file diff --git a/images/bounder/werf.inc.yaml b/images/bounder/werf.inc.yaml index 6457b9c84a..e3b817387e 100644 --- a/images/bounder/werf.inc.yaml +++ b/images/bounder/werf.inc.yaml @@ -21,11 +21,11 @@ git: - '*.c' shell: beforeInstall: - {{- include "debian packages proxy" . | nindent 2 }} + {{- include "debian packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes \ + apt-get install --yes \ gcc musl-dev musl-tools - apt-get clean + {{- include "debian packages clean" . | nindent 2 }} install: - | echo "Building simple app that prints hello cdi" diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index 750113a62a..47ebae70ae 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -24,73 +24,69 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} - - | - apt-get update + {{- include "alt packages proxy" . | nindent 2 }} + - | apt-get install --yes libnbd-dev - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} + {{- include "alt packages clean" . | nindent 2 }} install: - - | - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /containerized-data-importer + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - cd /containerized-data-importer + git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /containerized-data-importer + + cd /containerized-data-importer - echo Download Go modules. - go get golang.org/x/crypto@v0.31.0 - go mod download - - go mod tidy - go mod vendor + echo Download Go modules. + go get golang.org/x/crypto@v0.31.0 + go mod download + + go mod tidy + go mod vendor - - | - for p in /patches/*.patch ; do - echo -n "Apply ${p} ... " - git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) - done + - | + for p in /patches/*.patch ; do + echo -n "Apply ${p} ... " + git apply --ignore-space-change --ignore-whitespace ${p} && echo OK || (echo FAIL ; exit 1) + done setup: - - mkdir /cdi-binaries - - cd /containerized-data-importer + - mkdir /cdi-binaries + - cd /containerized-data-importer - - export GO111MODULE=on - - export GOOS=linux - - export CGO_ENABLED=0 - - export GOARCH=amd64 + - export GO111MODULE=on + - export GOOS=linux + - export CGO_ENABLED=0 + - export GOARCH=amd64 - - echo ============== Build cdi-apiserver =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-apiserver ./cmd/cdi-apiserver + - echo ============== Build cdi-apiserver =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-apiserver ./cmd/cdi-apiserver - - echo ============== Build cdi-cloner =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-cloner ./cmd/cdi-cloner + - echo ============== Build cdi-cloner =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-cloner ./cmd/cdi-cloner - - echo ============== Build cdi-controller =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-controller ./cmd/cdi-controller + - echo ============== Build cdi-controller =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-controller ./cmd/cdi-controller - - echo ============== Build cdi-uploadproxy =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-uploadproxy ./cmd/cdi-uploadproxy + - echo ============== Build cdi-uploadproxy =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-uploadproxy ./cmd/cdi-uploadproxy - - echo ============== Build cdi-importer =========== - - CGO_ENABLED=1 go build -ldflags="-s -w" -o /cdi-binaries/cdi-importer ./cmd/cdi-importer + - echo ============== Build cdi-importer =========== + - CGO_ENABLED=1 go build -ldflags="-s -w" -o /cdi-binaries/cdi-importer ./cmd/cdi-importer - - echo ============== Build cdi-image-size-detection =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-image-size-detection ./tools/cdi-image-size-detection + - echo ============== Build cdi-image-size-detection =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-image-size-detection ./tools/cdi-image-size-detection - - echo ============== Build cdi-source-update-poller =========== - - CGO_ENABLED=1 go build -ldflags="-s -w" -o /cdi-binaries/cdi-source-update-poller ./tools/cdi-source-update-poller + - echo ============== Build cdi-source-update-poller =========== + - CGO_ENABLED=1 go build -ldflags="-s -w" -o /cdi-binaries/cdi-source-update-poller ./tools/cdi-source-update-poller - - echo ============== Build cdi-operator =========== - - go build -ldflags="-s -w" -o /cdi-binaries/cdi-operator ./cmd/cdi-operator + - echo ============== Build cdi-operator =========== + - go build -ldflags="-s -w" -o /cdi-binaries/cdi-operator ./cmd/cdi-operator - - strip /cdi-binaries/* - - chmod +x /cdi-binaries/* - - chown -R 64535:64535 /cdi-binaries/* - - ls -la /cdi-binaries + - strip /cdi-binaries/* + - chmod +x /cdi-binaries/* + - chown -R 64535:64535 /cdi-binaries/* + - ls -la /cdi-binaries --- image: {{ $.ImageName }}-cbuilder @@ -104,11 +100,11 @@ git: - '*.c' shell: install: - {{- include "debian packages proxy" . | nindent 2 }} + {{- include "debian packages proxy" . | nindent 2 }} + - | + apt-get install --yes gcc musl-dev musl-tools + {{- include "debian packages clean" . | nindent 2 }} - | - apt-get update && apt-get install --yes gcc musl-dev musl-tools - apt-get clean - echo "Building simple app that prints hello cdi" mkdir -p /bins musl-gcc -static -Os -o /bins/hello hello.c diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 741aeba383..26895bc2cc 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -49,9 +49,7 @@ shell: - | apt-get install --yes \ {{ $cdiClonerDependencies.packages | join " " }} - - | - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages clean" . | nindent 2 }} setup: - /relocate_binaries.sh -i "{{ $cdiClonerDependencies.binaries | join " " }}" -o /relocate # tmp folder need for ready file diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index d162e179c0..b2b7ad1b7c 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -66,11 +66,8 @@ shell: apt-get install --yes \ {{ $cdiImporterDependencies.packages | join " " }} \ {{ $cdiImporterDependencies.libraries | join " " }} - apt-get clean - {{- if not $.DistroPackagesProxy }} - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - {{- end }} - + {{- include "alt packages clean" . | nindent 2 }} + - | cp -a /nbdkit/. / rm -rf /nbdkit setup: diff --git a/images/distroless/werf.inc.yaml b/images/distroless/werf.inc.yaml index 24fe430ebb..555e583025 100644 --- a/images/distroless/werf.inc.yaml +++ b/images/distroless/werf.inc.yaml @@ -20,11 +20,10 @@ fromImage: base-alt-p11-binaries final: false shell: beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "alt packages proxy" . | nindent 2 }} - | apt-get install ca-certificates tzdata -y - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages clean" . | nindent 2 }} install: - | mkdir -p /relocate/etc/{pki,ssl} /relocate/usr/{bin,sbin,share,lib,lib64} diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index 34955c96d1..d88e730096 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -13,10 +13,9 @@ git: - "**/*.go" shell: install: - - apt-get -qq update +{{- include "debian packages proxy" . | nindent 2 }} - apt-get -qq install -y --no-install-recommends libnbd-dev - - apt-get clean - - rm --recursive --force /var/lib/apt/lists/* /var/cache/apt/* +{{- include "debian packages clean" . | nindent 2 }} setup: - mkdir /out - cd /src diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index af9d6d2457..1c40ba2ee0 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -40,8 +40,9 @@ secrets: value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: + {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install -y \ + apt-get install -y \ gcc gcc-c++ \ git curl \ bash-completion \ @@ -59,8 +60,7 @@ shell: qemu-img xorriso libssl-devel \ bc zlib-devel perl-PathTools perl-IPC-Cmd perl-JSON - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index 734a17b753..f3ec272af4 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -112,9 +112,8 @@ shell: libfuse3-devel libnuma libslirp-devel \ libyajl-devel libselinux-devel - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin - + {{- include "alt packages clean" . | nindent 2 }} + - | rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED rpm -qa | sort > /packages.txt mkdir -p /usr/libexec/ccache-wrappers diff --git a/images/packages/binaries/gnutls/werf.inc.yaml b/images/packages/binaries/gnutls/werf.inc.yaml index 178795a6b3..aa2e666b21 100644 --- a/images/packages/binaries/gnutls/werf.inc.yaml +++ b/images/packages/binaries/gnutls/werf.inc.yaml @@ -40,11 +40,9 @@ shell: - | apt-get install -y \ {{ $builderDependencies.packages | join " " }} - apt-get clean {{- include "alt packages clean" . | nindent 2 }} - install: - | OUTDIR=/out diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index 185890a683..c6276962f1 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -53,7 +53,6 @@ shell: {{- include "alt packages clean" . | nindent 2 }} - install: - | OUTDIR=/out diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index b65a555965..a18f6d6fd9 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -115,8 +115,8 @@ shell: {{ $builderDependencies.packages | join " " }} \ {{ $builderDependencies.libraries | join " " }} - apt-get clean - rm --recursive --force /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + {{- include "alt packages clean" . | nindent 2 }} + - | rm -f /usr/lib*/python3*/EXTERNALLY-MANAGED rpm -qa | sort > /packages.txt diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index 4f507ff587..7c79656aa2 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -49,12 +49,10 @@ shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get update apt-get install -y \ {{ $virtArtifactDependencies.packages | join " " }} - apt-get clean - echo "rm -rf" - rm -rf /var/lib/apt/lists/ftp.altlinux.org* /var/cache/apt/*.bin + + {{- include "alt packages clean" . | nindent 2 }} install: - | diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index 1f3f319c5d..0e5af6610e 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -463,7 +463,7 @@ shell: - | echo "install deps libvirt-dev" apt-get update && apt-get install -y libvirt-dev - apt-get clean + {{- include "alt packages proxy" . | nindent 2 }} - mkdir -p /binaries - | echo "Build node-labeller binaries" @@ -494,8 +494,8 @@ shell: beforeInstall: {{- include "debian packages proxy" . | nindent 2 }} - | - apt-get update && apt-get install --yes gcc musl-dev musl-tools - apt-get clean + apt-get install --yes gcc musl-dev musl-tools + {{- include "alt packages clean" . | nindent 2 }} install: - | echo "Building simple app that prints I'am temp pod" From fa60b4059d7ade1ed862e8b153465b2388a45a92 Mon Sep 17 00:00:00 2001 From: Nikita Korolev Date: Thu, 15 May 2025 22:45:10 +0300 Subject: [PATCH 36/36] refactor go template to bash Signed-off-by: Nikita Korolev --- images/edk2/werf.inc.yaml | 30 +++++++++++++++--------------- images/libvirt/werf.inc.yaml | 8 ++++---- images/qemu/werf.inc.yaml | 36 ++++++++++++++++++------------------ 3 files changed, 37 insertions(+), 37 deletions(-) diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 1c40ba2ee0..422b228415 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -71,21 +71,21 @@ shell: git clone $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-platforms.git cd {{ $gitRepoName }}-{{ $version }} - {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} - echo "Change submodule url" - git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl - git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git - git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git - git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git - git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git - git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git - git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git - git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git - git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git - git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git - {{- end }} + if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then + echo "Change submodule url" + git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl + git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git + git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git + git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git + git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git + git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git + git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git + git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git + git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git + git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git + git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git + fi git submodule update --init --recursive diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index f3ec272af4..621e9e525a 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -140,10 +140,10 @@ shell: git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} - {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} - echo "Change submodule url" - git submodule set-url -- subprojects/keycodemapdb $(cat /run/secrets/SOURCE_REPO)/keycodemap/keycodemapdb.git - {{- end }} + if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then + echo "Change submodule url" + git submodule set-url -- subprojects/keycodemapdb $(cat /run/secrets/SOURCE_REPO)/keycodemap/keycodemapdb.git + fi for p in /patches/*.patch ; do echo -n "Apply ${p} ... " diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index a18f6d6fd9..a3b283d39d 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -144,24 +144,24 @@ shell: git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} cd {{ $gitRepoName }}-{{ $version }} - {{- if ne "$(cat /run/secrets/SOURCE_REPO)" "https://github.com" }} - echo "Change submodule url" - git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git - git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git - git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git - git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git - git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git - git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git - git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git - git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git - git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git - git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git - git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git - git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git - git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git - git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git - git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git - {{- end }} + if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then + echo "Change submodule url" + git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git + git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git + git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git + git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git + git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git + git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git + git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git + git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git + git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git + git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git + git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git + git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git + git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git + git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git + git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git + fi for p in /patches/*.patch ; do echo -n "Apply ${p} ... "