This function will push a specific tag to a registry, whenever the
PUSH_TO_REGISTRY environment variable is set, otherwise it's a no-op.
This will be used in the future to avoid replicating that logic in every
builder used by the kata-deploy scripts.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Let's add a function to get the hash of the last commit modifying a
specific file.
This will help to avoid writing `git rev-list ...` into every single
build script used by the kata-deploy.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
CC_BUILD_REGISTRY, which points to quay.io/kata-containers/cc-builder,
will be used for storing the builder images used to build the artefacts
via the kata-deploy scripts.
The plan is to tag, whenever it's possible and makes sense, images like:
* ${CC_BUILDER_REGISTRY}:kernel-${sha}
* ${CC_BUILDER_REGISTRY}:qemu-${sha}
* ${CC_BUILDER_REGISTRY}:ovmf-${sha}
* ${CC_BUILDER_REGISTRY}:shim-v2-${go-toolchain}-{rust-toolchain}-${sha}
* ${CC_BUILDER_REGISTRY}:td-shim-${toolchain}-${sha}
* ${CC_BUILDER_REGISTRY}:virtiofsd-${toolchain}-${sha}
Where ${sha} is the sha of the last commit modifying the Dockerfile used
by the builder.
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
Adds the efi_secret kernel module to the sev initrd.
Adds a rootfs flag for kernel module based on the AA_KBC.
Finding the kernel module in the local build based on kernel version and kernel config version.
Moved kernel config version checking function from kernel builder to lib script.
Fixes: #5118
Signed-Off-By: Alex Carter <alex.carter@ibm.com>
Use the yq installed in the env. Needed
to build kata from docker. The container builder
has not an initial Go env.
Signed-off-by: Carlos Venegas <jos.c.venegas.munoz@intel.com>
When kata used multiple repositories, versions file was
downloaded. This is not needed anymore as the file is part
of the same repository.
Signed-off-by: Carlos Venegas <jos.c.venegas.munoz@intel.com>
There were a couple of issues with the build-scripts discovered while
doing release:
- Relative paths are error prone. Fix error.
- short_commit_length is used to truncate sha for commits when
appending agent version to resulting files. Before this was
in pkglib.sh, which is otherwise an unused file from when we
supported OBS. Add this define to lib.sh, which is sourced by
the applicable packaging scripts.
There's plenty of room for improvement, but these fixes make the
existing scripts functional again.
Fixes: #871
Signed-off-by: Eric Ernst <eric.g.ernst@gmail.com>
Since we always build musl kata-agent, there is no need to build
it inside a musl container. We can just build on the host and then
copy the binary to the target rootfs.
There are still a lot to clean up and it should be made so for ALL
target distros instead of just alpine. But this is at least working
for alpine first.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Kata 2.0 lives in `github.com/kata-containers/kata-containers`, so all scripts
should point to it.
Currently the branch for Kata 2.0 is 2.0-dev not master, then the branch envar
must be used instead of hardcoding `master` as default branch.
Signed-off-by: Julio Montes <julio.montes@intel.com>
