Skip to content

Commit

Permalink
fix minimal-git
Browse files Browse the repository at this point in the history
  • Loading branch information
jaxesn committed Sep 27, 2023
1 parent 7450dc7 commit 9077ede
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 122 deletions.
4 changes: 2 additions & 2 deletions EKS_DISTRO_TAG_FILE.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ al2:
eks-distro-minimal-base-haproxy: 2023-09-13-1694631680.2
eks-distro-minimal-base-kind: 2023-09-21-1695322889.2
eks-distro-minimal-base-nginx: 2023-09-13-1694631680.2
eks-distro-minimal-base-git: 2023-09-13-1694631680.2
eks-distro-minimal-base-git: null
eks-distro-minimal-base-nsenter: 2023-09-13-1694631680.2
eks-distro-minimal-base-python-3.7: 3.7-2023-09-13-1694631680.2
eks-distro-minimal-base-python-3.9: 3.9-2023-09-13-1694631680.2
Expand Down Expand Up @@ -54,7 +54,7 @@ al2023:
eks-distro-minimal-base-haproxy: 2023-08-24-1692903666.2023
eks-distro-minimal-base-kind: 2023-09-08-1694199666.2023
eks-distro-minimal-base-nginx: 2023-08-24-1692903666.2023
eks-distro-minimal-base-git: 2023-09-08-1694199666.2023
eks-distro-minimal-base-git: null
eks-distro-minimal-base-nsenter: 2023-08-24-1692903666.2023
eks-distro-minimal-base-python-3.7: null
eks-distro-minimal-base-python-3.9: 3.9-2023-09-08-1694199666.2023
Expand Down
68 changes: 1 addition & 67 deletions eks-distro-base/Dockerfile.minimal-base-git
Original file line number Diff line number Diff line change
Expand Up @@ -22,69 +22,6 @@ FROM ${BUILDER_IMAGE} as builder
ARG OUTPUT_DEBUG_LOG
ARG TARGETARCH

ENV CMAKE_VERSION=3.20.2
ENV LIBSSH2_VERSION=1.10.0
ENV LIBGIT2_VERSION=1.3.2
ENV BUILD_DEPS="file gcc gzip make openssl-devel tar wget zlib-devel"

COPY "${TARGETARCH}-git-checksums" /tmp/checksums


RUN set -x && \
export TARGETARCH="${TARGETARCH/amd64/x86_64}" && \
export TARGETARCH="${TARGETARCH/arm64/aarch64}" && \
# building libgit2 + libssh2
mkdir -p /tmp/sources && \
cd /tmp/sources && \
yum install -y $BUILD_DEPS && \
wget \
--progress dot:giga \
https://github.com/libssh2/libssh2/releases/download/libssh2-${LIBSSH2_VERSION}/libssh2-${LIBSSH2_VERSION}.tar.gz && \
wget \
--progress dot:giga \
https://github.com/Kitware/CMake/releases/download/v${CMAKE_VERSION}/cmake-${CMAKE_VERSION}-linux-${TARGETARCH}.tar.gz && \
wget \
--progress dot:giga \
https://github.com/libgit2/libgit2/archive/refs/tags/v${LIBGIT2_VERSION}.tar.gz -O libgit2-${LIBGIT2_VERSION}.tar.gz && \
sha256sum -c /tmp/checksums && \
# al2 provided libssh is out of date and does not work with ssh/github
tar -xzf libssh2-${LIBSSH2_VERSION}.tar.gz && \
cd /tmp/sources/libssh2-${LIBSSH2_VERSION} && \
./configure --disable-static --enable-shared --disable-examples-build --prefix=/usr --libdir=/usr/lib64 && \
make && \
make install && \
mkdir -p $NEWROOT/usr/share/doc/libssh2-${LIBSSH2_VERSION}/ && \
cp ./COPYING $NEWROOT/usr/share/doc/libssh2-${LIBSSH2_VERSION}/ && \
cp -d /usr/lib64/libssh2* $NEWROOT/usr/lib64 && \
# CMAKE for libgit build
cd /tmp/sources && \
tar -xzf cmake-${CMAKE_VERSION}-linux-${TARGETARCH}.tar.gz && \
mv cmake-${CMAKE_VERSION}-linux-${TARGETARCH}/bin/cmake /usr/bin && \
mkdir /usr/share/cmake-3.20 && \
mv cmake-${CMAKE_VERSION}-linux-${TARGETARCH}/share/cmake-3.20/* /usr/share/cmake-3.20 && \
# Install Libgit2
cd /tmp/sources && \
tar -xzf libgit2-${LIBGIT2_VERSION}.tar.gz && \
cd /tmp/sources/libgit2-${LIBGIT2_VERSION} && \
mkdir build && \
cd build && \
cmake -DBUILD_CLAR=off -DCMAKE_BUILD_TYPE=Release .. && \
cmake --build . && \
cmake --install . && \
mkdir -p $NEWROOT/usr/share/doc/libgit2-${LIBGIT2_VERSION}/ && \
cp ../COPYING $NEWROOT/usr/share/doc/libgit2-${LIBGIT2_VERSION} && \
cp -d /usr/local/lib64/libgit2* $NEWROOT/usr/lib64 && \
# Since downstream of this image we need to build libgit2 we need the headers and pc files
mkdir -p $NEWROOT/usr/lib64/pkgconfig && \
mkdir -p $NEWROOT/usr/include && \
cp /usr/local/lib64/pkgconfig/libgit2* $NEWROOT/usr/lib64/pkgconfig && \
cp /usr/lib64/pkgconfig/* $NEWROOT/usr/lib64/pkgconfig && \
cp -rf /usr/local/include/git2* $NEWROOT/usr/include && \
cd / && \
rm -rf /tmp/sources && \
yum erase -y --setopt=protected_packages=False $BUILD_DEPS && \
clean_yum

# Copy scripts in every variant since we do not rebuild the base
# every time these scripts change. This ensures whenever a variant is
# built it has the latest scripts in the builder
Expand All @@ -93,17 +30,14 @@ COPY scripts/ /usr/bin
# cyrus-sasl-lib is installed for the libs, but it also includes these bins sasldblistusers2 saslpasswd2 libsasldb cyrusbdb2current
# which are not needed
# /etc/krb5.conf.d/crypto-policies is a broken symlink which is not needed
ENV CLEANUP_UNNECESSARY_FILES="/usr/sbin/sasldblistusers2 /usr/sbin/saslpasswd2 /usr/lib64/sasl2/libsasldb* /usr/bin/cyrusbdb2current /usr/lib64/libkrad* /etc/krb5.conf.d/crypto-policies /usr/lib64/libsystemd.so.* /etc/pki/tls/fips_local.cnf "
ENV CLEANUP_UNNECESSARY_FILES="/usr/sbin/sasldblistusers2 /usr/sbin/saslpasswd2 /usr/lib64/sasl2/libsasldb* /usr/bin/cyrusbdb2current /usr/lib64/libkrad* /etc/krb5.conf.d/crypto-policies /usr/lib64/libsystemd.so.* /usr/lib64/libnss_systemd.so.* /etc/pki/tls/fips_local.cnf "

RUN set -x && \
export OUTPUT_DEBUG_LOG=${OUTPUT_DEBUG_LOG} && \
install_rpm git-core \
openssh-clients \
openssl-libs \
gnupg2 && \
# ensure all lib deps for the built libssh and libgit are included
install_deps_for_binary $NEWROOT/usr/lib64/libssh2.so \
$NEWROOT/usr/lib64/libgit2.so && \
# we are keeping bash on this image since downstream images use to exec git
install_rpm bash && \
cleanup "git"
3 changes: 0 additions & 3 deletions eks-distro-base/amd64-git-checksums

This file was deleted.

3 changes: 0 additions & 3 deletions eks-distro-base/arm64-git-checksums

This file was deleted.

20 changes: 0 additions & 20 deletions eks-distro-base/tests/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -52,23 +52,3 @@ COPY --from=iptables-wrapper-tests-builder /iptables-wrappers/bin/tests /

CMD ["iptables"]

FROM builder as git-builder

ARG GOPROXY
ENV GOPROXY=$GOPROXY

COPY --from=base /usr/lib64/pkgconfig/*.pc /usr/lib64/pkgconfig/
COPY --from=base /usr/include/git2.h /usr/include
COPY --from=base /usr/include/git2 /usr/include/git2
COPY --from=base /usr/lib64/libgit2* /usr/lib64
COPY --from=base /usr/lib64/libssh2* /usr/lib64
RUN ldd /usr/lib64/libgit2.so
RUN --mount=type=secret,id=netrc,target=/root/.netrc \
go get github.com/libgit2/git2go/v33
RUN --mount=type=secret,id=netrc,target=/root/.netrc \
CGO_ENABLED=1 go build -o check-git ./check_git.go

FROM ${BASE_IMAGE} as check-git
COPY --from=git-builder /var/app/check-git /bin

CMD ["/bin/check-git"]
30 changes: 3 additions & 27 deletions eks-distro-base/tests/run_tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -350,43 +350,19 @@ function check_base-csi() {
netrc="--secret id=netrc,src=$HOME/.netrc"
fi

$SCRIPT_ROOT/../../scripts/buildkit.sh \
build \
--frontend dockerfile.v0 \
--opt filename=./tests/Dockerfile \
--opt platform=$PLATFORMS \
--opt build-arg:BASE_IMAGE=$IMAGE_REPO/eks-distro-minimal-base-git:$IMAGE_TAG \
--opt build-arg:AL_TAG=$AL_TAG \
--opt build-arg:GOPROXY=${GOPROXY:-direct} \
--progress plain \
--opt target=check-git \
--local dockerfile=./ \
--local context=./tests $netrc \
--export-cache type=inline \
--import-cache type=registry,ref=$LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest \
--output type=image,oci-mediatypes=true,\"name=$LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest\",push=true

for platform in ${PLATFORMS//,/ }; do
# use git cli to clone private and public repo
build::docker::retry_pull --platform=$platform $LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest
build::docker::retry_pull --platform=$platform $IMAGE_REPO/eks-distro-minimal-base-git:$IMAGE_TAG
docker run --rm --platform=$platform -v $SSH_KEY_FOLDER/id_rsa:/root/.ssh/id_rsa \
-v $SSH_KEY_FOLDER/id_rsa.pub:/root/.ssh/id_rsa.pub \
-v $SSH_KEY_FOLDER/known_hosts:/root/.ssh/known_hosts \
$LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest git clone $PRIVATE_REPO
$IMAGE_REPO/eks-distro-minimal-base-git:$IMAGE_TAG git clone $PRIVATE_REPO

docker run --rm --platform=$platform -v $SSH_KEY_FOLDER/id_rsa:/root/.ssh/id_rsa \
-v $SSH_KEY_FOLDER/id_rsa.pub:/root/.ssh/id_rsa.pub \
-v $SSH_KEY_FOLDER/known_hosts:/root/.ssh/known_hosts \
$LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest git clone https://github.com/aws/eks-distro.git
$IMAGE_REPO/eks-distro-minimal-base-git:$IMAGE_TAG git clone https://github.com/aws/eks-distro.git

# use lib git to clone private and public repo
if docker run --rm --platform=$platform -v $SSH_KEY_FOLDER/id_rsa:/root/.ssh/id_rsa \
-v $SSH_KEY_FOLDER/id_rsa.pub:/root/.ssh/id_rsa.pub \
-v $SSH_KEY_FOLDER/known_hosts:/root/.ssh/known_hosts \
-e PRIVATE_REPO=$PRIVATE_REPO $LOCAL_REGISTRY/eks-distro-minimal-images-base-test:git-latest check-git | grep -v 'Successfully cloned!'; then
echo "git issue!"
exit 1
fi
done

}
Expand Down

0 comments on commit 9077ede

Please sign in to comment.