From 77ea087ae7573e77d627fbf6ea6890109e04beba Mon Sep 17 00:00:00 2001 From: Jakob Naucke Date: Fri, 4 Mar 2022 18:22:19 +0100 Subject: [PATCH] osbuilder: Remove musl installations Remove a lot of cruft of musl installations -- we needed those for the Go agent, but Rustup just takes care of everything. aarch64 on Debian-based & Alpine is an exception -- create a symlink `aarch64-linux-musl-gcc` to `musl-tools`'s `musl-gcc` or `gcc` on Alpine. This is unified -- arch-specific Dockerfiles are removed. Furthermore, we should keep it in Ubuntu for supporting the offline SEV KBC. We also keep it in Clear Linux, as that runs our internal checks, but it is e.g. not shipped in CentOS Stream 9. Signed-off-by: Jakob Naucke --- ci/install_musl.sh | 24 ---- tools/osbuilder/dracut/Dockerfile.in | 3 - .../rootfs-builder/alpine/Dockerfile.in | 2 + .../rootfs-builder/clearlinux/Dockerfile.in | 2 +- .../debian/Dockerfile-aarch64.in | 34 ------ .../rootfs-builder/debian/Dockerfile.in | 4 +- tools/osbuilder/rootfs-builder/rootfs.sh | 9 -- .../template/Dockerfile.template | 1 - .../ubuntu/Dockerfile-aarch64.in | 48 -------- .../rootfs-builder/ubuntu/Dockerfile.in | 4 +- tools/osbuilder/scripts/lib.sh | 103 ++---------------- tools/osbuilder/tests/test_images.sh | 2 - versions.yaml | 13 --- 13 files changed, 15 insertions(+), 234 deletions(-) delete mode 100755 ci/install_musl.sh delete mode 100644 tools/osbuilder/rootfs-builder/debian/Dockerfile-aarch64.in delete mode 100644 tools/osbuilder/rootfs-builder/ubuntu/Dockerfile-aarch64.in diff --git a/ci/install_musl.sh b/ci/install_musl.sh deleted file mode 100755 index 4beec2911..000000000 --- a/ci/install_musl.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash -# Copyright (c) 2020 Ant Group -# -# SPDX-License-Identifier: Apache-2.0 -# - -set -e - -install_aarch64_musl() { - local arch=$(uname -m) - if [ "${arch}" == "aarch64" ]; then - local musl_tar="${arch}-linux-musl-native.tgz" - local musl_dir="${arch}-linux-musl-native" - pushd /tmp - if curl -sLO --fail https://musl.cc/${musl_tar}; then - tar -zxf ${musl_tar} - mkdir -p /usr/local/musl/ - cp -r ${musl_dir}/* /usr/local/musl/ - fi - popd - fi -} - -install_aarch64_musl diff --git a/tools/osbuilder/dracut/Dockerfile.in b/tools/osbuilder/dracut/Dockerfile.in index f84838bc3..e80fa374a 100644 --- a/tools/osbuilder/dracut/Dockerfile.in +++ b/tools/osbuilder/dracut/Dockerfile.in @@ -36,7 +36,4 @@ RUN zypper --non-interactive refresh; \ zypper --non-interactive clean --all; -# This will install the proper golang to build Kata components -@INSTALL_MUSL@ -@INSTALL_GO@ @INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in index 1e34148a2..7e0570422 100644 --- a/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/alpine/Dockerfile.in @@ -30,3 +30,5 @@ RUN apk update && apk add --no-cache \ pkgconfig \ protoc \ tar +# aarch64 requires this name -- link for all +RUN ln -s /usr/bin/gcc "/usr/bin/$(uname -m)-linux-musl-gcc" diff --git a/tools/osbuilder/rootfs-builder/clearlinux/Dockerfile.in b/tools/osbuilder/rootfs-builder/clearlinux/Dockerfile.in index 1206185ad..ceb67c0f4 100644 --- a/tools/osbuilder/rootfs-builder/clearlinux/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/clearlinux/Dockerfile.in @@ -28,6 +28,7 @@ RUN dnf -y update && dnf install -y \ libstdc++-static \ m4 \ make \ + musl-gcc \ openssl-devel \ perl \ perl-IPC-Cmd \ @@ -41,5 +42,4 @@ RUN dnf -y update && dnf install -y \ dnf clean all # This will install the proper packages to build Kata components -@INSTALL_MUSL@ @INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/debian/Dockerfile-aarch64.in b/tools/osbuilder/rootfs-builder/debian/Dockerfile-aarch64.in deleted file mode 100644 index 727506f47..000000000 --- a/tools/osbuilder/rootfs-builder/debian/Dockerfile-aarch64.in +++ /dev/null @@ -1,34 +0,0 @@ -# -# Copyright (c) 2020 ARM Limited -# -# SPDX-License-Identifier: Apache-2.0 - -ARG IMAGE_REGISTRY=docker.io -# NOTE: OS_VERSION is set according to config.sh -FROM ${IMAGE_REGISTRY}/debian:@OS_VERSION@ - -# RUN commands -RUN apt-get update && apt-get install -y \ - autoconf \ - automake \ - binutils \ - build-essential \ - chrony \ - coreutils \ - curl \ - debianutils \ - debootstrap \ - g++ \ - gcc \ - git \ - libc-dev \ - libstdc++-8-dev \ - m4 \ - make \ - sed \ - systemd \ - tar \ - vim -# This will install the proper packages to build Kata components -@INSTALL_MUSL@ -@INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/debian/Dockerfile.in b/tools/osbuilder/rootfs-builder/debian/Dockerfile.in index 685dd0f4d..022059857 100644 --- a/tools/osbuilder/rootfs-builder/debian/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/debian/Dockerfile.in @@ -27,14 +27,14 @@ RUN apt-get update && apt-get --no-install-recommends install -y \ libstdc++-8-dev \ m4 \ make \ - musl \ - musl-dev \ musl-tools \ sed \ systemd \ tar \ vim \ wget +# aarch64 requires this name -- link for all +RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc" # This will install the proper packages to build Kata components @INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/rootfs.sh b/tools/osbuilder/rootfs-builder/rootfs.sh index b7b6798a5..831aba78e 100755 --- a/tools/osbuilder/rootfs-builder/rootfs.sh +++ b/tools/osbuilder/rootfs-builder/rootfs.sh @@ -14,7 +14,6 @@ script_name="${0##*/}" script_dir="$(dirname $(readlink -f $0))" AGENT_VERSION=${AGENT_VERSION:-} RUST_VERSION="null" -MUSL_VERSION=${MUSL_VERSION:-"null"} AGENT_BIN=${AGENT_BIN:-kata-agent} AGENT_INIT=${AGENT_INIT:-no} KERNEL_MODULES_DIR=${KERNEL_MODULES_DIR:-""} @@ -355,11 +354,6 @@ build_rootfs_distro() echo "Required rust version: $RUST_VERSION" - detect_musl_version || - die "Could not detect the required musl version for AGENT_VERSION='${AGENT_VERSION:-main}'." - - echo "Required musl version: $MUSL_VERSION" - if [ -z "${USE_DOCKER}" ] && [ -z "${USE_PODMAN}" ]; then info "build directly" build_rootfs ${ROOTFS_DIR} @@ -569,7 +563,6 @@ EOF fi if [ -z "${AGENT_SOURCE_BIN}" ] ; then - [ "$LIBC" == "musl" ] && bash ${script_dir}/../../../ci/install_musl.sh test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env" # rust agent needs ${arch}-unknown-linux-${LIBC} if ! (rustup show | grep -v linux-${LIBC} > /dev/null); then @@ -580,7 +573,6 @@ EOF bash ${script_dir}/../../../ci/install_rust.sh ${RUST_VERSION} fi test -r "${HOME}/.cargo/env" && source "${HOME}/.cargo/env" - [ "$ARCH" == "aarch64" ] && OLD_PATH=$PATH && export PATH=$PATH:/usr/local/musl/bin agent_dir="${script_dir}/../../../src/agent/" @@ -602,7 +594,6 @@ EOF make clean make LIBC=${LIBC} INIT=${AGENT_INIT} SECCOMP=${SECCOMP} make install DESTDIR="${ROOTFS_DIR}" LIBC=${LIBC} INIT=${AGENT_INIT} - [ "$ARCH" == "aarch64" ] && export PATH=$OLD_PATH && rm -rf /usr/local/musl if [ "${SECCOMP}" == "yes" ]; then rm -rf "${libseccomp_install_dir}" "${gperf_install_dir}" fi diff --git a/tools/osbuilder/rootfs-builder/template/Dockerfile.template b/tools/osbuilder/rootfs-builder/template/Dockerfile.template index b881dac43..863cab3e5 100644 --- a/tools/osbuilder/rootfs-builder/template/Dockerfile.template +++ b/tools/osbuilder/rootfs-builder/template/Dockerfile.template @@ -14,5 +14,4 @@ FROM ${IMAGE_REGISTRY}/@distro@:@OS_VERSION@ # RUN commands # This will install the proper packages to build Kata components -@INSTALL_MUSL@ @INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile-aarch64.in b/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile-aarch64.in deleted file mode 100644 index ef4374ec4..000000000 --- a/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile-aarch64.in +++ /dev/null @@ -1,48 +0,0 @@ -# -# Copyright (c) 2020 ARM Limited -# -# SPDX-License-Identifier: Apache-2.0 - -ARG IMAGE_REGISTRY=docker.io -#ubuntu: docker image to be used to create a rootfs -#@OS_VERSION@: Docker image version to build this dockerfile -FROM ${IMAGE_REGISTRY}/ubuntu:@OS_VERSION@ - -# This dockerfile needs to provide all the componets need to build a rootfs -# Install any package need to create a rootfs (package manager, extra tools) - -# Avoid tzdata setup -ENV DEBIAN_FRONTEND noninteractive - -# RUN commands -RUN apt-get update && apt-get install -y \ - autoconf \ - automake \ - binutils \ - build-essential \ - chrony \ - coreutils \ - curl \ - debianutils \ - debootstrap \ - g++ \ - gcc \ - git \ - golang-go \ - libdevmapper-dev \ - libc6-dev \ - libgpgme-dev \ - libssl-dev \ - libstdc++-8-dev \ - m4 \ - make \ - pkg-config \ - sed \ - systemd \ - tar \ - vim && \ - apt-get clean && rm -rf /var/lib/apt/lists/ - -# This will install the proper packages to build Kata components -@INSTALL_MUSL@ -@INSTALL_RUST@ diff --git a/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in b/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in index f5acbac4e..c0fffd07e 100644 --- a/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in +++ b/tools/osbuilder/rootfs-builder/ubuntu/Dockerfile.in @@ -35,8 +35,6 @@ RUN apt-get update && apt-get --no-install-recommends install -y \ libstdc++-8-dev \ m4 \ make \ - musl \ - musl-dev \ musl-tools \ pkg-config \ protobuf-compiler \ @@ -45,6 +43,8 @@ RUN apt-get update && apt-get --no-install-recommends install -y \ tar \ vim \ wget +# aarch64 requires this name -- link for all +RUN ln -s /usr/bin/musl-gcc "/usr/bin/$(uname -m)-linux-musl-gcc" # This will install the proper packages to build Kata components @INSTALL_RUST@ diff --git a/tools/osbuilder/scripts/lib.sh b/tools/osbuilder/scripts/lib.sh index 96d65d375..7254c92db 100644 --- a/tools/osbuilder/scripts/lib.sh +++ b/tools/osbuilder/scripts/lib.sh @@ -7,7 +7,6 @@ set -e KATA_REPO=${KATA_REPO:-github.com/kata-containers/kata-containers} -MUSL_VERSION=${MUSL_VERSION:-"null"} # Give preference to variable set by CI yq_file="${script_dir}/../../../ci/install_yq.sh" kata_versions_file="${script_dir}/../../../versions.yaml" @@ -228,68 +227,12 @@ generate_dockerfile() dir="$1" [ -d "${dir}" ] || die "${dir}: not a directory" - local architecture=$(uname -m) - local rustarch=${architecture} - local muslarch=${architecture} - local libc=musl - case "$(uname -m)" in - "ppc64le") - rustarch=powerpc64le - muslarch=powerpc64 - libc=gnu - ;; - "s390x") - libc=gnu - ;; - - *) - ;; - esac + local rustarch=$(uname -m) + [ "$rustarch" = ppc64le ] && rustarch=powerpc64le [ -n "${http_proxy:-}" ] && readonly set_proxy="RUN sed -i '$ a proxy="${http_proxy:-}"' /etc/dnf/dnf.conf /etc/yum.conf; true" # Rust agent - # rust installer should set path apropiately, just in case - # install musl for compiling rust-agent - local musl_source_url="https://git.zv.io/toolchains/musl-cross-make.git" - local musl_source_dir="musl-cross-make" - install_musl= - if [ "${muslarch}" == "aarch64" ]; then - local musl_tar="${muslarch}-linux-musl-native.tgz" - local musl_dir="${muslarch}-linux-musl-native" - local aarch64_musl_target="aarch64-linux-musl" - install_musl=" -RUN cd /tmp; \ - mkdir -p /usr/local/musl/; \ - if curl -sLO --fail https://musl.cc/${musl_tar}; then \ - tar -zxf ${musl_tar}; \ - cp -r ${musl_dir}/* /usr/local/musl/; \ - else \ - git clone ${musl_source_url}; \ - TARGET=${aarch64_musl_target} make -j$(nproc) -C ${musl_source_dir} install; \ - cp -r ${musl_source_dir}/output/* /usr/local/musl/; \ - cp /usr/local/musl/bin/aarch64-linux-musl-g++ /usr/local/musl/bin/g++; \ - fi -ENV PATH=\$PATH:/usr/local/musl/bin -RUN ln -sf /usr/local/musl/bin/g++ /usr/bin/g++ -" - else - local musl_tar="musl-${MUSL_VERSION}.tar.gz" - local musl_dir="musl-${MUSL_VERSION}" - install_musl=" -RUN pushd /root; \ - curl -sLO https://www.musl-libc.org/releases/${musl_tar}; tar -zxf ${musl_tar}; \ - cd ${musl_dir}; \ - sed -i \"s/^ARCH = .*/ARCH = ${muslarch}/g\" dist/config.mak; \ - ./configure > /dev/null 2>\&1; \ - make > /dev/null 2>\&1; \ - make install > /dev/null 2>\&1; \ - echo \"/usr/local/musl/lib\" > /etc/ld-musl-${muslarch}.path; \ - popd -ENV PATH=\$PATH:/usr/local/musl/bin -" - fi - readonly install_rust=" RUN curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSLf --output /tmp/rust-init; \ chmod a+x /tmp/rust-init; \ @@ -304,32 +247,13 @@ RUN . /root/.cargo/env; \ RUN ln -sf /usr/bin/g++ /bin/musl-g++ " pushd "${dir}" - dockerfile_template="Dockerfile.in" - dockerfile_arch_template="Dockerfile-${architecture}.in" - # if arch-specific docker file exists, swap the univesal one with it. - if [ -f "${dockerfile_arch_template}" ]; then - dockerfile_template="${dockerfile_arch_template}" - else - [ -f "${dockerfile_template}" ] || die "${dockerfile_template}: file not found" - fi - # ppc64le and s390x have no musl target - if [ "${architecture}" == "ppc64le" ] || [ "${architecture}" == "s390x" ]; then - sed \ - -e "s|@OS_VERSION@|${OS_VERSION:-}|g" \ - -e "s|@INSTALL_MUSL@||g" \ - -e "s|@INSTALL_RUST@|${install_rust//$'\n'/\\n}|g" \ - -e "s|@SET_PROXY@|${set_proxy:-}|g" \ - "${dockerfile_template}" > Dockerfile - else - sed \ - -e "s|@OS_VERSION@|${OS_VERSION:-}|g" \ - -e "s|@INSTALL_MUSL@|${install_musl//$'\n'/\\n}|g" \ - -e "s|@INSTALL_RUST@|${install_rust//$'\n'/\\n}|g" \ - -e "s|@SET_PROXY@|${set_proxy:-}|g" \ - -e "s|@INSTALL_AA_KBC@|${AA_KBC_EXTRAS//$'\n'/\\n}|g" \ - "${dockerfile_template}" > Dockerfile - fi + sed \ + -e "s#@OS_VERSION@#${OS_VERSION:-}#g" \ + -e "s#@INSTALL_RUST@#${install_rust//$'\n'/\\n}#g" \ + -e "s#@SET_PROXY@#${set_proxy:-}#g" \ + -e "s#@INSTALL_AA_KBC@#${AA_KBC_EXTRAS//$'\n'/\\n}#g" \ + Dockerfile.in > Dockerfile popd } @@ -370,17 +294,6 @@ detect_rust_version() [ -n "$RUST_VERSION" ] } -detect_musl_version() -{ - info "Detecting musl version" - local yq_path="externals.musl.version" - - info "Get musl version from ${kata_versions_file}" - MUSL_VERSION="$(get_package_version_from_kata_yaml "$yq_path")" - - [ -n "$MUSL_VERSION" ] -} - before_starting_container() { return 0 } diff --git a/tools/osbuilder/tests/test_images.sh b/tools/osbuilder/tests/test_images.sh index 5def439b7..338e5d3ad 100755 --- a/tools/osbuilder/tests/test_images.sh +++ b/tools/osbuilder/tests/test_images.sh @@ -640,8 +640,6 @@ test_dracut() die "Could not detect the required Go version for AGENT_VERSION='${AGENT_VERSION:-master}'." detect_rust_version || die "Could not detect the required rust version for AGENT_VERSION='${AGENT_VERSION:-master}'." - detect_musl_version || - die "Could not detect the required musl version for AGENT_VERSION='${AGENT_VERSION:-master}'." generate_dockerfile ${dracut_dir} info "Creating container for dracut" diff --git a/versions.yaml b/versions.yaml index 69540d54f..8291d6d0d 100644 --- a/versions.yaml +++ b/versions.yaml @@ -246,19 +246,6 @@ externals: url: "https://github.com/opencontainers/umoci" tag: "v0.4.7" - musl: - description: | - The musl library is used to build the rust agent. - url: "https://www.musl-libc.org/" - uscan-url: >- - https://www.musl-libc.org/releases/ - musl-([\d\.]+)\.tar\.gz - version: "1.1.23" - meta: - description: | - 'newest-version' is the latest version known to work. - newest-version: "1.1.23" - nydus: description: "Nydus image acceleration service" url: "https://github.com/dragonflyoss/image-service"