diff --git a/doozerlib/cli/ci_transforms/rhel-9/base-repos/Dockerfile b/doozerlib/cli/ci_transforms/rhel-9/base-repos/Dockerfile new file mode 100644 index 000000000..efa4b01d0 --- /dev/null +++ b/doozerlib/cli/ci_transforms/rhel-9/base-repos/Dockerfile @@ -0,0 +1,4 @@ +FROM replaced-by-buildconfig +# Baseline Dockerfile for layering repos atop an ART image to construct an +# ART equivalent image. +# Used as a template for 'images:streams gen-buildconfigs' diff --git a/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/Dockerfile b/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/Dockerfile new file mode 100644 index 000000000..894b04238 --- /dev/null +++ b/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/Dockerfile @@ -0,0 +1,60 @@ +FROM replaced-by-buildconfig +# Serves as a standard build environment for OpenShift builds. It is based on the +# ART golang builder and has packages layered on top of support CI only use cases +# (e.g. compiling test cases) that simply don't occur downstream. +# Used as a template for 'images:streams gen-buildconfigs' + +# Install protobuf-3.0.0 (used by upstream k8s) for CI only testing +# Context: https://coreos.slack.com/archives/CB95J6R4N/p1600340218406400 +ENV PATH=/opt/google/protobuf/bin:$PATH +RUN set -euxo pipefail && \ + f=$( mktemp ) && \ + curl --fail -L http://mirror.openshift.com/pub/openshift-static-ci-deps/protobuf-3.0.0/protoc-3.0.0-linux-x86_64.zip > "${f}" && \ + mkdir -p /opt/google/protobuf && \ + unzip "${f}" -d /opt/google/protobuf && \ + curl --fail -L https://github.com/coreos/etcd/releases/download/v3.4.13/etcd-v3.4.13-linux-amd64.tar.gz | tar -f - -xz --no-same-owner -C /usr/local/bin --strip-components=1 etcd-v3.4.13-linux-amd64/etcd + +# Install common CI tools and epel for packages like tito. +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ + INSTALL_PKGS="bc procps-ng util-linux bind-utils bsdtar createrepo_c device-mapper device-mapper-persistent-data e2fsprogs ethtool file findutils gcc git glib2-devel gpgme gpgme-devel hostname iptables jq krb5-devel libassuan libassuan-devel libseccomp-devel libvirt-devel lsof make mercurial nmap-ncat openssl rsync socat systemd-devel tar tito tree wget which xfsprogs zip goversioninfo gettext python3 iproute" && \ + yum install -y $INSTALL_PKGS && \ + alternatives --set python /usr/bin/python3 && \ + yum clean all && \ + touch /os-build-image && \ + git config --system user.name origin-release-container && \ + git config --system user.email origin-release@redhat.com + +# Install common go tools upstream devs are expecting in CI. +# Pure cargo culting from https://github.com/openshift/release/blob/51d92eb6a6d730e932a5daf68829ca7936739904/projects/origin-release/golang-1.13/Dockerfile#L41 +# Clear GOFLAGS temporarily for 1.12 bug:https://github.com/golang/go/issues/32502 +RUN GOFLAGS='' go get golang.org/x/tools/cmd/cover \ + github.com/Masterminds/glide \ + golang.org/x/tools/cmd/goimports \ + github.com/tools/godep \ + golang.org/x/lint/golint \ + gotest.tools/gotestsum \ + github.com/openshift/release/tools/gotest2junit \ + github.com/openshift/imagebuilder/cmd/imagebuilder && \ + GOFLAGS='' GO111MODULE=on go get gotest.tools/gotestsum@v0.5.2 && \ + mv $GOPATH/bin/* /usr/bin/ && \ + rm -rf $GOPATH/* $GOPATH/.cache && \ + mkdir $GOPATH/bin && \ + mkdir -p /go/src/github.com/openshift/origin && \ + ln -s /usr/bin/imagebuilder $GOPATH/bin/imagebuilder && \ + ln -s /usr/bin/goimports $GOPATH/bin/goimports && \ + curl --fail -L https://github.com/golang/dep/releases/download/v0.5.4/dep-linux-amd64 > /usr/bin/dep && \ + chmod +x /usr/bin/dep + +# make go related directories writeable since builds in CI will run as non-root. +RUN mkdir -p $GOPATH && \ + chmod g+xw -R $GOPATH && \ + chmod g+xw -R $(go env GOROOT) + +# Assert packages in separate RUN block so we are sure env variables are set up correctly +RUN set -euxo pipefail && \ + command -v protoc && protoc --version && [ "$( protoc --version )" = "libprotoc 3.0.0" ] && \ + command -v etcd && etcd --version && [ "$( etcd --version | head -n1 )" = "etcd Version: 3.4.13" ] + +# Some image building tools don't create a missing WORKDIR +RUN mkdir -p /go/src/github.com/openshift/origin +WORKDIR /go/src/github.com/openshift/origin diff --git a/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/OWNERS b/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/OWNERS new file mode 100644 index 000000000..494c29e0a --- /dev/null +++ b/doozerlib/cli/ci_transforms/rhel-9/ci-build-root/OWNERS @@ -0,0 +1,14 @@ +approvers: +- tnozicka +- jupierce +- sttts +- hexfusion +- mfojtik +- soltysh +reviewers: +- tnozicka +- jupierce +- sttts +- hexfusion +- mfojtik +- soltysh diff --git a/doozerlib/cli/ci_transforms/rhel-9/golang/Dockerfile b/doozerlib/cli/ci_transforms/rhel-9/golang/Dockerfile new file mode 100644 index 000000000..1147c3d52 --- /dev/null +++ b/doozerlib/cli/ci_transforms/rhel-9/golang/Dockerfile @@ -0,0 +1,19 @@ +FROM replaced-by-buildconfig +# Layers CI appropriate yum repository configurations on top of the ART builder images. +# Used as a template for 'images:streams gen-buildconfigs' + +ENV GOARM=5 \ + LOGNAME=deadbeef \ + GOCACHE=/go/.cache \ + GOPATH=/go \ + LOGNAME=deadbeef +ENV PATH=$PATH:$GOPATH/bin + +# make go related directories writeable since builds in CI will run as non-root. +RUN mkdir -p $GOPATH && \ + chmod g+xw -R $GOPATH && \ + chmod g+xw -R $(go env GOROOT) + +# Some image building tools don't create a missing WORKDIR +RUN mkdir -p /go/src/github.com/openshift/origin +WORKDIR /go/src/github.com/openshift/origin diff --git a/doozerlib/cli/images_streams.py b/doozerlib/cli/images_streams.py index de17eb3fb..99c0880c2 100644 --- a/doozerlib/cli/images_streams.py +++ b/doozerlib/cli/images_streams.py @@ -264,19 +264,25 @@ def images_streams_gen_buildconfigs(runtime, streams, output, as_user, apply, li transform_rhel_7_base_repos = 'rhel-7/base-repos' transform_rhel_8_base_repos = 'rhel-8/base-repos' + transform_rhel_9_base_repos = 'rhel-9/base-repos' transform_rhel_7_golang = 'rhel-7/golang' transform_rhel_8_golang = 'rhel-8/golang' + transform_rhel_9_golang = 'rhel-9/golang' transform_rhel_7_ci_build_root = 'rhel-7/ci-build-root' transform_rhel_8_ci_build_root = 'rhel-8/ci-build-root' + transform_rhel_9_ci_build_root = 'rhel-9/ci-build-root' # The set of valid transforms transforms = set([ transform_rhel_7_base_repos, transform_rhel_8_base_repos, + transform_rhel_9_base_repos, transform_rhel_7_golang, transform_rhel_8_golang, + transform_rhel_9_golang, transform_rhel_7_ci_build_root, transform_rhel_8_ci_build_root, + transform_rhel_9_ci_build_root, ]) major = runtime.group_config.vars['MAJOR'] @@ -370,6 +376,17 @@ def add_localdev_repo_profile(profile): raise IOError(f'Expected x86_64 baseurl for repo {repo_name}') dfp.add_lines(f"RUN echo -e '[{localdev_repo_name}]\\nname = {localdev_repo_name}\\nid = {localdev_repo_name}\\nbaseurl = {x86_64_url}\\nenabled = 1\\ngpgcheck = 0\\n' > /etc/yum.repos.d/{localdev_repo_name}.repo") + if transform == transform_rhel_9_base_repos or config.transform == transform_rhel_9_golang: + # The repos transform create a build config that will layer the base image with CI appropriate yum + # repository definitions. + dfp.add_lines(f'RUN rm -rf /etc/yum.repos.d/*.repo && curl http://base-{major}-{minor}-rhel9.ocp.svc > /etc/yum.repos.d/ci-rpm-mirrors.repo') + + # Allow the base repos to be used BEFORE art begins mirroring 4.x to openshift mirrors. + # This allows us to establish this locations later -- only disrupting CI for those + # components that actually need reposync'd RPMs from the mirrors. + dfp.add_lines('RUN yum config-manager --setopt=skip_if_unavailable=True --save') + add_localdev_repo_profile('el9') + if transform == transform_rhel_8_base_repos or config.transform == transform_rhel_8_golang: # The repos transform create a build config that will layer the base image with CI appropriate yum # repository definitions.