From 6f711e7c67d23a0f4465ed14695228b635ffcc35 Mon Sep 17 00:00:00 2001 From: Daichi Sakaue Date: Thu, 5 Dec 2024 19:16:59 +0900 Subject: [PATCH] wip: Fix cilium-agent image Signed-off-by: Daichi Sakaue --- .../actions/build_cilium-agent/action.yaml | 22 +++++--- .../build_cilium-image-tools/action.yaml | 50 ++++++++++--------- cilium/TAG | 2 +- 3 files changed, 43 insertions(+), 31 deletions(-) diff --git a/.github/actions/build_cilium-agent/action.yaml b/.github/actions/build_cilium-agent/action.yaml index e234739b3..9bce8b2d1 100644 --- a/.github/actions/build_cilium-agent/action.yaml +++ b/.github/actions/build_cilium-agent/action.yaml @@ -30,25 +30,26 @@ runs: github_token: ${{ inputs.github_token }} request-scan: "true" - - name: Build Cilium Envoy + - name: Build Cilium image tools if: ${{ steps.prepare.outputs.build }} - uses: ./.github/actions/build_cilium-envoy + uses: ./.github/actions/build_cilium-image-tools with: github_token: ${{ inputs.github_token }} - cilium-proxy_version: ${{ inputs.cilium-proxy_version }} + image-tools_version: ${{ inputs.image-tools_version }} - - name: Build Cilium image tools + - name: Build Cilium Envoy if: ${{ steps.prepare.outputs.build }} - uses: ./.github/actions/build_cilium-image-tools + uses: ./.github/actions/build_cilium-envoy with: github_token: ${{ inputs.github_token }} - image-tools_version: ${{ inputs.image-tools_version }} + cilium-proxy_version: ${{ inputs.cilium-proxy_version }} - name: Build cilium-agent image and push if: ${{ steps.prepare.outputs.build }} uses: docker/build-push-action@v5 with: context: cilium + load: true platforms: "linux/amd64" provenance: false push: ${{ steps.prepare.outputs.docker_push }} @@ -56,6 +57,15 @@ runs: ${{ steps.prepare.outputs.tag }} ${{ steps.prepare.outputs.branch }} + - name: Test images + if: ${{ steps.prepare.outputs.build }} + shell: bash + run: | + docker run --rm --entrypoint bash ${{ steps.prepare.outputs.tag }} -c 'bpftool version' + docker run --rm --entrypoint bash ${{ steps.prepare.outputs.tag }} -c 'clang --version' + docker run --rm --entrypoint bash ${{ steps.prepare.outputs.tag }} -c 'ip -V' + docker run --rm --entrypoint bash ${{ steps.prepare.outputs.tag }} -c 'ss -V' + - name: Scan images if: ${{ steps.prepare.outputs.scan }} uses: ./.github/actions/trivy_scan diff --git a/.github/actions/build_cilium-image-tools/action.yaml b/.github/actions/build_cilium-image-tools/action.yaml index 3c15365b8..c67775aa9 100644 --- a/.github/actions/build_cilium-image-tools/action.yaml +++ b/.github/actions/build_cilium-image-tools/action.yaml @@ -12,31 +12,11 @@ runs: env: DEBIAN_FRONTEND: noninteractive run: | - sudo apt-get update + sudo apt-get -q update sudo ln -fs /usr/share/zoneinfo/UTC /etc/localtime - sudo apt-get install -y --no-install-recommends \ - automake \ - binutils \ - bison \ - build-essential \ - ca-certificates \ - cmake \ - curl \ - flex \ - g++ \ - gcc-9 \ - git \ - libelf-dev \ - libmnl-dev \ - libtool \ - make \ - ninja-build \ - pkg-config \ + sudo apt-get -q install -y --no-install-recommends \ python2 \ - python3 \ - python3-pip \ - llvm \ - unzip + llvm sudo update-alternatives --install /usr/bin/python python /usr/bin/python2 1 sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-9 2 @@ -47,6 +27,21 @@ runs: curl -sSLf https://github.com/cilium/image-tools/archive/${{ inputs.image-tools_version }}.tar.gz | \ tar zxf - --strip-components 1 -C cilium/src/image-tools + - name: Install dependencies + shell: bash + working-directory: cilium/src/image-tools/images/compilers + run: | + # https://github.com/cilium/image-tools/blob/master/images/compilers/install-deps.sh + PACKAGES_FROM=$(grep -n packages= install-deps.sh | cut -d: -f1 | jq '. + 1') + PACKAGES_TO=$(grep -n ')' install-deps.sh | cut -d: -f1 | jq -n "[inputs | select(. >= ${PACKAGES_FROM})] | min - 1") + PACKAGES=$(cat install-deps.sh | sed -n ${PACKAGES_FROM},${PACKAGES_TO}p | awk '{ print $1 }' | grep -v arm64 | tr '\n' ' ') + sudo apt-get -q install -y --no-install-recommends ${PACKAGES} + + PACKAGES_FROM=$(grep -n packages_amd64= install-deps.sh | cut -d: -f1 | jq '. + 1') + PACKAGES_TO=$(grep -n ')' install-deps.sh | cut -d: -f1 | jq -n "[inputs | select(. >= ${PACKAGES_FROM})] | min - 1") + PACKAGES=$(cat install-deps.sh | sed -n ${PACKAGES_FROM},${PACKAGES_TO}p | awk '{ print $1 }' | grep -v arm64 | tr '\n' ' ') + sudo apt-get -q install -y --no-install-recommends ${PACKAGES} + - name: Build llvm shell: bash run: | @@ -77,7 +72,14 @@ runs: - name: Build bpftool shell: bash run: | + # https://github.com/libbpf/bpftool/tree/main?tab=readme-ov-file#build-bpftool cd cilium/src/image-tools sudo images/bpftool/checkout-linux.sh - sudo images/bpftool/build-bpftool-native.sh + sudo bash -c 'echo ${PATH}' + sudo which clang + sudo clang --version + sudo apt-get install llvm-14-dev + ldconfig -v 2>/dev/null + sudo bash -c "PATH=${WORKSPACE}/bin:${PATH} EXTRA_CFLAGS=--static images/bpftool/build-bpftool-native.sh" + ldd /out/linux/amd64/bin/bpftool sudo mv /out/linux/amd64/bin/bpftool ../workspace/usr/local/bin/ diff --git a/cilium/TAG b/cilium/TAG index 1171808b7..18639a5a3 100644 --- a/cilium/TAG +++ b/cilium/TAG @@ -1 +1 @@ -1.15.11.1-rc.1 +1.15.11.1-rc.2