From da91d45e118c65dfd58244bc2b2a079b1999ffd4 Mon Sep 17 00:00:00 2001 From: Santhosh Date: Wed, 18 Oct 2023 14:45:32 -0700 Subject: [PATCH] copy apparmor to /usr/bin and update provider/pe versions (#81) * Update ubuntu-fips kernel for fips * move etcdctl to /usr/bin (#59) (#61) (cherry picked from commit 96372c7ec02cef74ef01f39ab959865e85915e65) Co-authored-by: Nianyu Shen * PE-2558: use fips image for rke2 if fips_enabled is true (#67) (#68) (cherry picked from commit fff7a34e30c294a5cac73bae07161ef97f53070f) Co-authored-by: Santhosh * add support for sles os_distribution (#69) * Release 4.0.6 * update provider versions * update to ghcr * update k3s version * Update provider versions * Update kubeadm and luet repo versions * copied apparmor_parser to /usr/local/bin * disable swap for kubeadm/kubeadm-fips * remove swapoff * copy apparmor to /usr/bin * Update Earthfile v410-alpha6 kubeadm * update pe version --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Nianyu Shen Co-authored-by: vipsharm Co-authored-by: Piyush Kumar --- Earthfile | 25 ++++++++++++------------- README.md | 4 ++-- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/Earthfile b/Earthfile index fddfd03..524eeb2 100644 --- a/Earthfile +++ b/Earthfile @@ -9,17 +9,17 @@ ARG IMAGE_REPO=$OS_DISTRIBUTION ARG K8S_DISTRIBUTION ARG CUSTOM_TAG ARG ARCH -ARG PE_VERSION=v4.0.4 -ARG SPECTRO_LUET_VERSION=v1.1.5 +ARG PE_VERSION=v4.1.0-alpha9 +ARG SPECTRO_LUET_VERSION=v1.1.9 ARG KAIROS_VERSION=v2.3.2 ARG K3S_FLAVOR_TAG=k3s1 ARG RKE2_FLAVOR_TAG=rke2r1 ARG BASE_IMAGE_URL=quay.io/kairos ARG OSBUILDER_VERSION=v0.7.11 ARG OSBUILDER_IMAGE=quay.io/kairos/osbuilder-tools:$OSBUILDER_VERSION -ARG K3S_PROVIDER_VERSION=v2.3.2 -ARG KUBEADM_PROVIDER_VERSION=v4.1.0-alpha2 -ARG RKE2_PROVIDER_VERSION=v2.3.3 +ARG K3S_PROVIDER_VERSION=v4.1.0-alpha3 +ARG KUBEADM_PROVIDER_VERSION=v4.1.0-alpha6 +ARG RKE2_PROVIDER_VERSION=v4.1.0-alpha2 ARG FIPS_ENABLED=false ARG HTTP_PROXY ARG HTTPS_PROXY @@ -40,7 +40,7 @@ ELSE IF [ "$OS_DISTRIBUTION" = "opensuse-leap" ] && [ "$BASE_IMAGE" = "" ] ARG BASE_IMAGE_NAME=core-$OS_DISTRIBUTION ARG BASE_IMAGE_TAG=core-$OS_DISTRIBUTION:$KAIROS_VERSION ARG BASE_IMAGE=$BASE_IMAGE_URL/$BASE_IMAGE_TAG -ELSE IF [ "$OS_DISTRIBUTION" = "rhel" ] +ELSE IF [ "$OS_DISTRIBUTION" = "rhel" ] || [ "$OS_DISTRIBUTION" = "sles" ] # Check for default value for rhel ARG BASE_IMAGE END @@ -148,7 +148,6 @@ provider-image: ARG IMAGE_PATH=$IMAGE_REGISTRY/$IMAGE_REPO:$K8S_DISTRIBUTION-$K8S_VERSION-$PE_VERSION-$CUSTOM_TAG IF [ "$K8S_DISTRIBUTION" = "kubeadm" ] || [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ] - RUN swapoff -a ARG BASE_K8S_VERSION=$K8S_VERSION ELSE IF [ "$K8S_DISTRIBUTION" = "k3s" ] ARG K8S_DISTRIBUTION_TAG=$K3S_FLAVOR_TAG @@ -192,15 +191,15 @@ stylus-image: kairos-provider-image: IF [ "$K8S_DISTRIBUTION" = "kubeadm" ] - ARG PROVIDER_BASE=gcr.io/spectro-images-public/kairos-io/provider-kubeadm:$KUBEADM_PROVIDER_VERSION + ARG PROVIDER_BASE=ghcr.io/kairos-io/provider-kubeadm:$KUBEADM_PROVIDER_VERSION ELSE IF [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ] - ARG PROVIDER_BASE=gcr.io/spectro-images-public/kairos-io/provider-kubeadm-fips:$KUBEADM_PROVIDER_VERSION + ARG PROVIDER_BASE=ghcr.io/kairos-io/provider-kubeadm-fips:$KUBEADM_PROVIDER_VERSION ELSE IF [ "$K8S_DISTRIBUTION" = "k3s" ] - ARG PROVIDER_BASE=gcr.io/spectro-images-public/kairos-io/provider-k3s:$K3S_PROVIDER_VERSION + ARG PROVIDER_BASE=ghcr.io/kairos-io/provider-k3s:$K3S_PROVIDER_VERSION ELSE IF [ "$K8S_DISTRIBUTION" = "rke2" ] && $FIPS_ENABLED - ARG PROVIDER_BASE=gcr.io/spectro-images-public/kairos-io/provider-rke2-fips:$RKE2_PROVIDER_VERSION + ARG PROVIDER_BASE=ghcr.io/kairos-io/provider-rke2-fips:$RKE2_PROVIDER_VERSION ELSE IF [ "$K8S_DISTRIBUTION" = "rke2" ] - ARG PROVIDER_BASE=gcr.io/spectro-images-public/kairos-io/provider-rke2:$RKE2_PROVIDER_VERSION + ARG PROVIDER_BASE=ghcr.io/kairos-io/provider-rke2:$RKE2_PROVIDER_VERSION END FROM --platform=linux/${ARCH} $PROVIDER_BASE SAVE ARTIFACT ./* @@ -295,7 +294,7 @@ base-image: RUN zypper install -y apparmor-parser apparmor-profiles RUN zypper cc && \ zypper clean - RUN cp /sbin/apparmor_parser /usr/local/bin/apparmor_parser + RUN cp /sbin/apparmor_parser /usr/bin/apparmor_parser END IF [ "$ARCH" = "arm64" ] diff --git a/README.md b/README.md index c1e18f0..3d0c36d 100644 --- a/README.md +++ b/README.md @@ -114,9 +114,9 @@ Skip this step if your base image is ubuntu or opensuse-leap. If you are buildin |------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|-------------------------| | CUSTOM_TAG | Environment name for provider image tagging. The default value is `demo`. | String | `demo` | | IMAGE_REGISTRY | Image registry name that will store the image artifacts. The default value points to the *ttl.sh* image registry, an anonymous and ephemeral Docker image registry where images live for a maximum of 24 hours by default. If you wish to make the images exist longer than 24 hours, you can use any other image registry to suit your needs. | String | `ttl.sh` | -| OS_DISTRIBUTION | OS distribution of your choice. For example, it can be `ubuntu` or `opensuse-leap`. | String | `ubuntu` | +| OS_DISTRIBUTION | OS distribution of your choice. For example, it can be `ubuntu`, `opensuse-leap`, `rhel` or `sles` | String | `ubuntu` | | IMAGE_REPO | Image repository name in your chosen registry. | String | `$OS_DISTRIBUTION` | -| OS_VERSION | OS version. For Ubuntu, the possible values are `20`, and `22`. Whereas for openSUSE Leap, the possible value is `15.4`. This example uses `22` for Ubuntu. | String | `22` | +| OS_VERSION | OS version. For Ubuntu, the possible values are `20`, and `22`. Whereas for openSUSE Leap, the possible value is `15.4`. For sles, possible values are `5.4`. This example uses `22` for Ubuntu. | String | `22` | | K8S_DISTRIBUTION | Kubernetes distribution name. It can be one of these: `k3s`, `rke2`, `kubeadm`, or `kubeadm-fips`. | String | `k3s` | | ISO_NAME | Name of the Edge installer ISO image. In this example, the name is *palette-edge-installer*. | String | `palette-edge-installer`| | ARCH | Type of platform to use for the build. Used for Cross Platform Build (arm64 to amd64 as example). | string | `amd64` |