diff --git a/.werf/defines/image-digest.tmpl b/.werf/defines/image-digest.tmpl new file mode 100644 index 0000000000..1ef649b3ce --- /dev/null +++ b/.werf/defines/image-digest.tmpl @@ -0,0 +1,34 @@ +{{/* +{{ define "images_digest_image" }} +{{- $context := . -}} + +--- +image: images-digests +fromImage: builder/alpine +dependencies: + {{- range $imageDigest := $context.ImagesDigestList }} + {{- $ImageNameCamel := $imageDigest | splitList "/" | last | camelcase | untitle }} +- image: {{ $imageDigest }} + before: setup + imports: + - type: ImageDigest + targetEnv: MODULE_IMAGE_DIGEST_{{ $ImageNameCamel }} + {{- end }} +shell: + beforeInstall: + - apk add --no-cache jq + setup: + - | + env | grep MODULE_IMAGE_DIGEST | jq -Rn ' + reduce inputs as $i ( + {}; + . * ( + $i | ltrimstr("MODULE_IMAGE_DIGEST_") | sub("=";"_") | + split("_") as [$imageName, $digest] | + {($imageName): $digest} + ) + ) + ' > /images_digests.json + cat images_digests.json +{{ end }} +*/}} \ No newline at end of file diff --git a/.werf/defines/parse-base-images-map.tmpl b/.werf/defines/parse-base-images-map.tmpl index 158127c451..a471e5c179 100644 --- a/.werf/defines/parse-base-images-map.tmpl +++ b/.werf/defines/parse-base-images-map.tmpl @@ -1,24 +1,24 @@ {{- define "parse_base_images_map" }} - {{- $virtualizationImages := .Files.Get "base-images/virtualization_images.yml" | fromYaml }} - {{- $deckhouseImages := .Files.Get "base-images/deckhouse_images.yml" | fromYaml }} + {{- $virtualizationImages := .Files.Get "base-images/virtualization_images.yml" | fromYaml -}} + {{- $deckhouseImages := .Files.Get "base-images/deckhouse_images.yml" | fromYaml -}} # virtualizationImages have image format: # BASE_IMAGE: "@sha256abcde12345 {{- range $k, $v := $virtualizationImages }} - {{ $baseImagePath := (printf "%s%s" $virtualizationImages.REGISTRY_PATH (trimSuffix "/" $v)) }} - {{- if ne $k "REGISTRY_PATH" }} - {{- $_ := set $virtualizationImages $k $baseImagePath }} - {{- end }} + {{ $baseImagePath := (printf "%s%s" $virtualizationImages.REGISTRY_PATH (trimSuffix "/" $v)) -}} + {{- if ne $k "REGISTRY_PATH" -}} + {{- $_ := set $virtualizationImages $k $baseImagePath -}} + {{- end -}} {{- end }} {{- $_ := unset $virtualizationImages "REGISTRY_PATH" }} # deckhouse_images has a format # /: "sha256:abcde12345 - {{- range $k, $v := $deckhouseImages }} - {{ $baseImagePath := (printf "%s@%s" $deckhouseImages.REGISTRY_PATH (trimSuffix "/" $v)) }} - {{- if ne $k "REGISTRY_PATH" }} - {{- $_ := set $deckhouseImages $k $baseImagePath }} - {{- end }} + {{- range $k, $v := $deckhouseImages -}} + {{ $baseImagePath := (printf "%s@%s" $deckhouseImages.REGISTRY_PATH (trimSuffix "/" $v)) -}} + {{- if ne $k "REGISTRY_PATH" -}} + {{- $_ := set $deckhouseImages $k $baseImagePath -}} + {{- end -}} {{- end }} {{- $_ := unset $deckhouseImages "REGISTRY_PATH" }} diff --git a/.werf/defines/process-images.tmpl b/.werf/defines/process-images.tmpl new file mode 100644 index 0000000000..a8ad6f48e1 --- /dev/null +++ b/.werf/defines/process-images.tmpl @@ -0,0 +1,52 @@ +{{/* # Common dirs */}} +{{- define "module_image_template" }} +{{- tpl .ImageBuildData . | nindent 0 }} +{{- end }} + +{{ define "process_images" }} + +{{/* # Context inside folder images */}} +{{- $Root := . }} + +{{ $ImagesBuildFiles := .Files.Glob "images/*/{Dockerfile,werf.inc.yaml}" }} + +{{- range $path, $content := $ImagesBuildFiles }} + +{{- $ctx := dict }} +{{- $_ := set $ctx "ImageInstructionType" "Stapel" }} + +{{- $ImageData := regexReplaceAll "^images/([0-9a-z-_]+)/(Dockerfile|werf.inc.yaml)$" $path "${1}#${2}" | split "#" }} + +{{- $_ := set $ctx "ImageName" $ImageData._0 }} +{{- $_ := set $ctx "ModuleNamePrefix" "" }} +{{- $_ := set $ctx "ModulePathPrefix" "" }} +{{- $_ := set $ctx "ImageBuildData" $content }} +{{- $_ := set $ctx "Files" $Root.Files }} +{{- $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }} +{{- $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }} +{{- $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }} +{{- $_ := set $ctx "Version" $Root.Version }} +{{- $_ := set $ctx "Package" $Root.Package }} +{{- $_ := set $ctx "GOPROXY" (env "GOPROXY" "https://proxy.golang.org,direct") }} +{{- $_ := set $ctx "ProjectName" $ctx.ImageName }} +{{- $_ := set $ctx "Commit" $Root.Commit }} +{{- $_ := set $ctx "SVACE_ENABLED" $Root.SVACE_ENABLED }} +{{- $_ := set $ctx "SVACE_ANALYZE_SSH_USER" $Root.SVACE_ANALYZE_SSH_USER }} +{{- $_ := set $ctx "SVACE_ANALYZE_HOST" $Root.SVACE_ANALYZE_HOST }} +{{- $_ := set $ctx "SVACE_IMAGE_SUFFIX" $Root.SVACE_IMAGE_SUFFIX }} + + +{{- include "module_image_template" $ctx }} + +{{- range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "module_image_template" $ctx) -1 }} +{{- $ImageManifest := $ImageYamlMainfest | fromYaml }} +{{- if $ImageManifest | dig "final" true }} +{{- if $ImageManifest.image }} +{{- $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }} +{{- end }} +{{- end }} +{{- end }} + +{{- end }} + +{{- end }} \ No newline at end of file diff --git a/.werf/defines/process-packages-images.tmpl b/.werf/defines/process-packages-images.tmpl new file mode 100644 index 0000000000..8188ebdc84 --- /dev/null +++ b/.werf/defines/process-packages-images.tmpl @@ -0,0 +1,76 @@ +{{/* +# Parse variables for images from their path. +# for example: `packages/binaries/swtpm/werf.inc.yaml` turns into +# ImageType: packages/binaries +# ImageName: swtpm +*/}} + +{{ define "process_packages_images" }} +{{- $Root := . }} + +{{/*{{- $packageImagePathRegex := "^images/(packages)/([0-9a-z-_]+)/([0-9a-z-_]+)/(werf.inc.yaml)$" }}*/}} +{{- $packageImagePathGlob := "images/packages/*/*/{Dockerfile,werf.inc.yaml}" }} +{{- $packageImagePathRegex := "images/(packages)/([0-9a-z-_]+)/([0-9a-z-_]+)/(werf.inc.yaml)$" }} + +{{- if $Root.ModuleName -}} +{{- $modulePath := (printf "%smodules/%s-%s/" $Root.ModulePath $Root.ModulePriority $Root.ModuleName ) }} +{{- $packageImagePathGlob = (printf "%s%s" $modulePath $packageImagePathGlob) -}} +{{- end -}} + +{{ $ImagePackages := $Root.Files.Glob $packageImagePathGlob }} + +{{- range $path, $content := $ImagePackages }} +{{- $ctx := dict }} +{{- $_ := set $ctx "ImageInstructionType" "Stapel" }} + +{{- $ImageData := regexReplaceAll $packageImagePathRegex $path "${1}#${2}#${3}#${4}" | split "#" }} + +{{- $_ := set $ctx "PackagePath" (printf "%s/%s" $ImageData._0 $ImageData._1) }} +{{- $_ := set $ctx "ImageName" $ImageData._2 }} +{{- $_ := set $ctx "ModuleNamePrefix" "" }} +{{- $_ := set $ctx "ModulePathPrefix" "" }} +{{- $_ := set $ctx "ImageBuildData" $content }} +{{- $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }} +{{- $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }} +{{- $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }} +{{- $_ := set $ctx "PackageVersion" $Root.Package }} +{{- $_ := set $ctx "GOPROXY" (env "GOPROXY" "https://proxy.golang.org,direct") }} + +{{- include "module_image_template" $ctx }} + +{{- range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "module_image_template" $ctx) -1 }} +{{- $ImageManifest := $ImageYamlMainfest | fromYaml }} +{{- if $ImageManifest | dig "final" true }} +{{- if $ImageManifest.image }} +{{- $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }} +{{- end }} +{{- end }} +{{- end }} + +{{- end }} + +{{- end }} + + +{{ define "Versions" }} + +{{- $_ := set . "Version" dict -}} +{{- $_ := set . "Package" dict -}} +{{- $versions_path := "component_versions/version_map.yml" -}} + +{{- if .ModuleName -}} +{{- $module_versions_ctx := (printf "%smodules/%s-%s/" .ModulePath .ModulePriority .ModuleName ) }} +{{- $versions_path = (printf "%s%s" $module_versions_ctx $versions_path) -}} +{{- end -}} + +{{- $versions_ctx := (.Files.Get $versions_path | fromYaml) -}} + +{{- range $k, $v := $versions_ctx.firmware -}} +{{- $_ := set $.Version $k $v -}} +{{- end -}} + +{{- range $k, $v := $versions_ctx.package -}} +{{- $_ := set $.Package $k $v -}} +{{- end -}} + +{{ end }} \ No newline at end of file diff --git a/.werf/defines/virtualization-src-artifact.tmpl b/.werf/defines/virtualization-src-artifact.tmpl new file mode 100644 index 0000000000..46744346e5 --- /dev/null +++ b/.werf/defines/virtualization-src-artifact.tmpl @@ -0,0 +1,21 @@ +{{/* common/src-artifact */}} + +{{ define "image-src-artifact" }} +{{- $ctx := . -}} +{{- $fromImage := "" -}} + +{{- if $ctx.ModuleName -}} +{{- $fromImage = "fromImage: common/src-artifact"}} +{{- else -}} +{{- $fromImage = "fromImage: src-artifact"}} +{{- end -}} + +image: {{ include "ImageName" (list . "src-artifact") }} +{{ $fromImage }} +final: false +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO }} +shell: + beforeInstall: +{{ end }} diff --git a/.werf/images.yaml b/.werf/images.yaml index d9259b8048..32749d078e 100644 --- a/.werf/images.yaml +++ b/.werf/images.yaml @@ -1,60 +1 @@ -# Common dirs -{{- define "module_image_template" }} - - {{- if eq .ImageInstructionType "Dockerfile" }} ---- -image: images/{{ .ImageName }} -context: images/{{ .ImageName }} -dockerfile: Dockerfile - {{- else }} - {{- tpl .ImageBuildData . | nindent 0 }} - {{- end }} - -{{- end }} - -# Context inside folder images -{{- $Root := . }} - -{{ $ImagesBuildFiles := .Files.Glob "images/*/{Dockerfile,werf.inc.yaml}" }} - -{{- range $path, $content := $ImagesBuildFiles }} - {{- $ctx := dict }} - - {{- if regexMatch "/werf.inc.yaml$" $path }} - {{- $_ := set $ctx "ImageInstructionType" "Stapel" }} - {{- else }} - {{- $_ := set $ctx "ImageInstructionType" "Dockerfile" }} - {{- end }} - - {{- $ImageData := $path | split "/" }} - - {{- $_ := set $ctx "ImageName" $ImageData._1 }} - {{- $_ := set $ctx "ImageBuildData" $content }} - {{- $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }} - {{- $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }} - {{- $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }} - {{- $_ := set $ctx "Version" $Root.Version }} - {{- $_ := set $ctx "ProjectName" $ctx.ImageName }} - {{- $_ := set $ctx "Commit" $Root.Commit }} - {{- $_ := set $ctx "SVACE_ENABLED" $Root.SVACE_ENABLED }} - {{- $_ := set $ctx "SVACE_ANALYZE_SSH_USER" $Root.SVACE_ANALYZE_SSH_USER }} - {{- $_ := set $ctx "SVACE_ANALYZE_HOST" $Root.SVACE_ANALYZE_HOST }} - {{- $_ := set $ctx "SVACE_IMAGE_SUFFIX" $Root.SVACE_IMAGE_SUFFIX }} - - - {{- include "module_image_template" $ctx }} - - {{- range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "module_image_template" $ctx) -1 }} - {{- $ImageManifest := $ImageYamlMainfest | fromYaml }} - - {{- if $ImageManifest | dig "final" true }} - - {{- if $ImageManifest.image }} - {{- $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }} - {{- end }} - - {{- end }} - - {{- end }} - -{{- end }} \ No newline at end of file +{{ include "process_images" . }} \ No newline at end of file diff --git a/.werf/packages.yaml b/.werf/packages.yaml deleted file mode 100644 index 355aeea4d1..0000000000 --- a/.werf/packages.yaml +++ /dev/null @@ -1,59 +0,0 @@ -{{- define "packages_template" }} - - {{- if eq .ImageInstructionType "Dockerfile" }} ---- -image: images/{{ .ImageName }} -context: images/{{ .ImageName }} -dockerfile: Dockerfile - {{- else }} - {{- tpl .ImageBuildData . | nindent 0 }} - {{- end }} - -{{- end }} - -{{- $Root := . }} - - -{{ $ImagePackages := .Files.Glob "images/packages/*/*/{Dockerfile,werf.inc.yaml}" }} -{{- range $path, $content := $ImagePackages }} - {{- $ctx := dict }} - - {{- if regexMatch "/werf.inc.yaml$" $path }} - {{- $_ := set $ctx "ImageInstructionType" "Stapel" }} - {{- else }} - {{- $_ := set $ctx "ImageInstructionType" "Dockerfile" }} - {{- end }} - -# Parse variables for images from their path. -# for example: `packages/binaries/swtpm/werf.inc.yaml` turns into -# ImageType: packages/binaries -# ImageName: swtpm - - {{- $ImageData := regexReplaceAll "^images/(packages)/([0-9a-z-_]+)/([0-9a-z-_]+)/(Dockerfile|werf.inc.yaml)$" $path "${1}#${2}#${3}#${4}" | split "#" }} - - {{- $_ := set $ctx "ImageType" (printf "%s/%s" $ImageData._0 $ImageData._1) }} - {{- $_ := set $ctx "ImageName" $ImageData._2 }} - {{- $_ := set $ctx "ImageBuildData" $content }} - {{- $_ := set $ctx "Files" $Root.Files }} - {{- $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }} - {{- $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }} - {{- $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }} - {{- $_ := set $ctx "Version" $Root.Version }} - {{- $_ := set $ctx "Package" $Root.Packages }} - - {{- include "packages_template" $ctx }} - - {{- range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "packages_template" $ctx) -1 }} - {{- $ImageManifest := $ImageYamlMainfest | fromYaml }} - - {{- if $ImageManifest | dig "final" true }} - - {{- if $ImageManifest.image }} - {{- $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }} - {{- end }} - - {{- end }} - - {{- end }} - -{{- end }} diff --git a/base-images/deckhouse_images.yml b/base-images/deckhouse_images.yml index f70c51362b..807ef58b39 100644 --- a/base-images/deckhouse_images.yml +++ b/base-images/deckhouse_images.yml @@ -8,8 +8,8 @@ base/python: "sha256:bda80f25bbfb09a9e6793a5fcc3a560ebb058ba6618f413a778056951e6 base/python-v3.12.10: "sha256:bda80f25bbfb09a9e6793a5fcc3a560ebb058ba6618f413a778056951e663461" # fromImage: builder/scratch builder/alpine: "sha256:286e7fddf397a48ed2529f630881876284ff09c84c6dcfce9d982f4e035648cd" # from: alpine:3.20.6 builder/alpine-3.20: "sha256:286e7fddf397a48ed2529f630881876284ff09c84c6dcfce9d982f4e035648cd" # from: alpine:3.20.6 -builder/alt: "sha256:7223768d0f8af786c3621de7761075cf6f8f025b3b4bf7edfdceac21038d5fef" # from: registry.altlinux.org/p11/alt:20250321 -builder/alt-2025-04-24: "sha256:7223768d0f8af786c3621de7761075cf6f8f025b3b4bf7edfdceac21038d5fef" # from: registry.altlinux.org/p11/alt:20250321 +builder/alt: "sha256:ee2b848c440ecbbe0e941bcbc1e7c75001ae05662742a015594edf470e4c5465" # from: registry.altlinux.org/p11/alt:20250321 +builder/alt-2025-05-31: "sha256:ee2b848c440ecbbe0e941bcbc1e7c75001ae05662742a015594edf470e4c5465" # from: registry.altlinux.org/p11/alt:20250321 builder/golang-alpine: "sha256:f6f526535fdfcdf869a9e09831beeb3ed0d0eac3076a18840dfbfcd1b069c895" # from: golang:1.24.2-alpine3.20 builder/golang-alpine-1.23: "sha256:68747b189da26bd5bff8f6ec0a9d614940f4d05adcee91ab50b4ee39e335d1c2" # from: golang:1.23.8-alpine3.20 builder/golang-alpine-1.24: "sha256:f6f526535fdfcdf869a9e09831beeb3ed0d0eac3076a18840dfbfcd1b069c895" # from: golang:1.24.2-alpine3.20 diff --git a/component_versions/version_map.yml b/component_versions/version_map.yml index f043403f33..49d70cbe3b 100644 --- a/component_versions/version_map.yml +++ b/component_versions/version_map.yml @@ -27,3 +27,4 @@ package: dtc: v1.7.2 fuse3: fuse-3.16.2 libgcrypt: libgcrypt-1.10.2 + libtpms: 0.10.0 diff --git a/images/base-alt-p11-binaries/werf.inc.yaml b/images/base-alt-p11-binaries/werf.inc.yaml index d7135798cb..8446fad4f4 100644 --- a/images/base-alt-p11-binaries/werf.inc.yaml +++ b/images/base-alt-p11-binaries/werf.inc.yaml @@ -10,14 +10,16 @@ libraries: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false +{{- if not .ModuleName }} fromImage: BASE_ALT_P11 +{{- else }} +fromImage: builder/alt +{{- end }} git: - - add: /images/{{ $.ImageName }} - to: / - includePaths: - - relocate_binaries.sh + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }}/relocate_binaries.sh + to: /relocate_binaries.sh shell: install: {{- include "alt packages proxy" . | nindent 2 }} diff --git a/images/base-alt-p11/werf.inc.yaml b/images/base-alt-p11/werf.inc.yaml index a5e813ae97..5e7e71456a 100644 --- a/images/base-alt-p11/werf.inc.yaml +++ b/images/base-alt-p11/werf.inc.yaml @@ -1,7 +1,11 @@ --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false +{{- if not .ModuleName }} fromImage: BASE_ALT_P11 +{{- else }} +fromImage: builder/alt +{{- end }} shell: setup: # Create nonroot-user group and user. diff --git a/images/bounder/werf.inc.yaml b/images/bounder/werf.inc.yaml index bc100d3144..fc430cb4e4 100644 --- a/images/bounder/werf.inc.yaml +++ b/images/bounder/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: - - image: {{ $.ImageName }}-cbuilder + - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder add: /bins to: /usr/local/bin after: setup @@ -10,12 +10,12 @@ imageSpec: config: cmd: ["hello_bounder"] --- -image: {{ $.ImageName }}-cbuilder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder final: false fromImage: builder/golang-bookworm-1.23 git: - - add: /images/{{ $.ImageName }}/static_binaries - to: / + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }}/static_binaries + to: /static_binaries stageDependencies: install: - '*.c' @@ -26,6 +26,7 @@ shell: {{- include "debian packages clean" . | nindent 2 }} install: - | + cd /static_binaries echo "Building simple app that prints hello cdi" mkdir -p /bins musl-gcc -static -Os -o /bins/hello_bounder hello_bounder.c diff --git a/images/cdi-apiserver/werf.inc.yaml b/images/cdi-apiserver/werf.inc.yaml index ef2f329a12..fe1a3e7539 100644 --- a/images/cdi-apiserver/werf.inc.yaml +++ b/images/cdi-apiserver/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: cdi-artifact +- image: {{ .ModuleNamePrefix }}cdi-artifact add: /cdi-binaries to: /usr/bin before: setup diff --git a/images/cdi-artifact/werf.inc.yaml b/images/cdi-artifact/werf.inc.yaml index f132c404ce..e80aecc4d0 100644 --- a/images/cdi-artifact/werf.inc.yaml +++ b/images/cdi-artifact/werf.inc.yaml @@ -2,31 +2,58 @@ {{- $version := "v1.60.3-v12n.1" }} {{- $gitRepoUrl := "deckhouse/3p-containerized-data-importer" }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact +final: false +fromImage: builder/src +git: + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} + to: /src + stageDependencies: + install: + - '**/*' + excludePaths: + - patches/README.md +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + echo "Git clone CDI repository..." + git clone --depth 1 --branch {{ $version }} $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} /src/containerized-data-importer + + rm -rf /src/containerized-data-importer/.git + --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false fromImage: builder/golang-bookworm-1.23 mount: - fromPath: ~/go-pkg-cache to: /go/pkg +import: +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /src/containerized-data-importer + to: /containerized-data-importer + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO }} +- id: GOPROXY + value: {{ .GOPROXY }} shell: beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} + {{- include "debian packages proxy" . | nindent 2 }} - | apt-get install --yes libnbd-dev - {{- include "alt packages clean" . | nindent 2 }} + {{- include "debian packages clean" . | nindent 2 }} install: - | + export GOPROXY=$(cat /run/secrets/GOPROXY) mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - echo "Git clone CDI repository..." - git config --global --add advice.detachedHead false - git clone --depth 1 --branch {{ $version }} $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} /containerized-data-importer - - | echo Download Go modules. cd /containerized-data-importer @@ -83,12 +110,14 @@ shell: - ls -la /cdi-binaries --- -image: {{ $.ImageName }}-cbuilder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder final: false fromImage: builder/golang-bookworm-1.23 git: - - add: /images/{{ $.ImageName }}/static_binaries + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: / + includePaths: + - static_binaries stageDependencies: install: - '*.c' @@ -99,6 +128,7 @@ shell: apt-get install --yes musl-dev musl-tools {{- include "debian packages clean" . | nindent 2 }} - | + cd /static_binaries echo "Building simple app that prints hello cdi" mkdir -p /bins musl-gcc -static -Os -o /bins/hello hello.c diff --git a/images/cdi-cloner/werf.inc.yaml b/images/cdi-cloner/werf.inc.yaml index a76e17dd46..a5c48f4663 100644 --- a/images/cdi-cloner/werf.inc.yaml +++ b/images/cdi-cloner/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: {{ $.ImageName }}-bins +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins add: /relocate to: / before: setup @@ -21,23 +21,23 @@ binaries: {{ $virtCDIClonerDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }}-bins +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries import: -- image: {{ $.ImageName }}-gobuild +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-gobuild add: /cdi-binaries to: /usr/bin includePaths: - cloner-startup before: install -- image: cdi-artifact-cbuilder +- image: {{ .ModuleNamePrefix }}cdi-artifact-cbuilder add: /bins to: /usr/bin before: install includePaths: - hello -- image: cdi-artifact +- image: {{ .ModuleNamePrefix }}cdi-artifact add: /cdi-binaries to: /usr/bin includePaths: @@ -49,18 +49,23 @@ shell: - | /relocate_binaries.sh -i "{{ $virtCDIClonerDependencies.binaries | join " " }}" -o /relocate --- -image: {{ $.ImageName }}-gobuild +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-gobuild final: false fromImage: builder/golang-bookworm-1.23 git: - - add: /images/{{ $.ImageName }}/cloner-startup + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }}/cloner-startup to: /app stageDependencies: install: - '**/*' +secrets: +- id: GOPROXY + value: {{ .GOPROXY }} shell: install: - | mkdir -p /cdi-binaries cd /app + export GOPROXY=$(cat /run/secrets/GOPROXY) + go mod download go build -ldflags="-s -w" -o /cdi-binaries/cloner-startup ./cmd/cloner-startup diff --git a/images/cdi-controller/werf.inc.yaml b/images/cdi-controller/werf.inc.yaml index 26895bc2cc..a01afca53e 100644 --- a/images/cdi-controller/werf.inc.yaml +++ b/images/cdi-controller/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: {{ $.ImageName }}-bins +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins add: /relocate to: / before: setup @@ -20,9 +20,9 @@ packages: {{ $cdiClonerDependencies := include "cdi-controller-deps" . | fromYaml }} -image: {{ $.ImageName }}-bins +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries import: - image: tools/util-linux add: / @@ -30,13 +30,13 @@ import: after: setup includePaths: - sbin/blockdev -- image: cdi-artifact-cbuilder +- image: {{ .ModuleNamePrefix }}cdi-artifact-cbuilder add: /bins to: /relocate/usr/bin after: setup includePaths: - printFile -- image: cdi-artifact +- image: {{ .ModuleNamePrefix }}cdi-artifact add: /cdi-binaries to: /usr/bin includePaths: diff --git a/images/cdi-importer/werf.inc.yaml b/images/cdi-importer/werf.inc.yaml index b2b7ad1b7c..10173124b5 100644 --- a/images/cdi-importer/werf.inc.yaml +++ b/images/cdi-importer/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: {{ $.ImageName }}-bins +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins add: /relocate to: / before: setup @@ -31,9 +31,9 @@ binaries: {{ $cdiImporterDependencies := include "cdi-importer-deps" . | fromYaml }} -image: {{ $.ImageName }}-bins +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries import: - image: tools/util-linux add: / @@ -43,7 +43,7 @@ import: - sbin/blockdev - bin/mount - bin/umount -- image: cdi-artifact +- image: {{ .ModuleNamePrefix }}cdi-artifact add: /cdi-binaries to: /usr/bin before: setup @@ -51,11 +51,11 @@ import: - cdi-image-size-detection - cdi-importer - cdi-source-update-poller -- image: qemu +- image: {{ .ModuleNamePrefix }}qemu add: /qemu-img to: /relocate before: setup -- image: packages/binaries/nbdkit +- image: {{ .ModuleNamePrefix }}packages/binaries/nbdkit add: /nbdkit to: /nbdkit before: install diff --git a/images/cdi-operator/werf.inc.yaml b/images/cdi-operator/werf.inc.yaml index b27884c46e..5b6030cd58 100644 --- a/images/cdi-operator/werf.inc.yaml +++ b/images/cdi-operator/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: cdi-artifact +- image: {{ .ModuleNamePrefix }}cdi-artifact add: /cdi-binaries to: /usr/bin includePaths: diff --git a/images/distroless/werf.inc.yaml b/images/distroless/werf.inc.yaml index 555e583025..5d9fa78189 100644 --- a/images/distroless/werf.inc.yaml +++ b/images/distroless/werf.inc.yaml @@ -1,9 +1,9 @@ --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false fromImage: builder/scratch import: - - image: {{ $.ImageName }}-artifact + - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-artifact add: /relocate to: / before: setup @@ -15,8 +15,8 @@ imageSpec: LC_ALL: POSIX user: 64535 --- -image: {{ $.ImageName }}-artifact -fromImage: base-alt-p11-binaries +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-artifact +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries final: false shell: beforeInstall: diff --git a/images/dvcr-artifact/werf.inc.yaml b/images/dvcr-artifact/werf.inc.yaml index c1b6f8a29a..26c59191d2 100644 --- a/images/dvcr-artifact/werf.inc.yaml +++ b/images/dvcr-artifact/werf.inc.yaml @@ -1,9 +1,9 @@ --- -image: {{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder final: false -fromImage: builder/golang-bookworm-1.23{{ $.SVACE_IMAGE_SUFFIX }} +fromImage: {{ eq $.SVACE_ENABLED "false" | ternary "builder/golang-bookworm-1.23" "builder/alt-go-svace" }} git: -- add: /images/{{ $.ImageName }} +- add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: /src stageDependencies: install: @@ -11,20 +11,31 @@ git: - go.sum setup: - "**/*.go" +secrets: +- id: GOPROXY + value: {{ .GOPROXY }} shell: - install: + beforeInstall: +{{- if eq $.SVACE_ENABLED "false" }} {{- include "debian packages proxy" . | nindent 2 }} - apt-get -qq install -y --no-install-recommends libnbd-dev {{- include "debian packages clean" . | nindent 2 }} +{{- else }} + {{- include "alt packages proxy" . | nindent 2 }} + - apt-get -qq install -y libnbd-devel + {{- include "alt packages clean" . | nindent 2 }} +{{- end }} + install: + - cd /src + - export GOPROXY=$(cat /run/secrets/GOPROXY) + - go mod download setup: - mkdir /out - cd /src - | - export GO111MODULE=on export GOOS=linux - export CGO_ENABLED=1 export GOARCH=amd64 - - | + export CGO_ENABLED=1 {{- $_ := set $ "ProjectName" (list $.ImageName "dvcr-importer" | join "/") }} {{- include "image-build.build" (set $ "BuildCommand" `go build -ldflags="-s -w" -o /out/dvcr-importer ./cmd/dvcr-importer`) | nindent 6 }} {{- $_ := set $ "ProjectName" (list $.ImageName "dvcr-uploader" | join "/") }} @@ -56,9 +67,9 @@ binaries: {{ $dvcrDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }}-bins +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries import: - image: tools/util-linux add: / @@ -67,24 +78,24 @@ import: includePaths: - bin/mount - bin/umount -- image: {{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder add: /out to: /usr/local/bin before: setup -- image: packages/binaries/file +- image: {{ .ModuleNamePrefix }}packages/binaries/file add: /file to: /file before: install # deps for file -- image: packages/binaries/bzip2 +- image: {{ .ModuleNamePrefix }}packages/binaries/bzip2 add: /bzip2 to: /bzip2 before: install -- image: packages/binaries/nbdkit +- image: {{ .ModuleNamePrefix }}packages/binaries/nbdkit add: /nbdkit to: /nbdkit before: install -- image: qemu +- image: {{ .ModuleNamePrefix }}qemu add: /qemu-img to: /qemu-img before: install diff --git a/images/dvcr-importer/werf.inc.yaml b/images/dvcr-importer/werf.inc.yaml index 11c74b8e50..a1d5dfd8d3 100644 --- a/images/dvcr-importer/werf.inc.yaml +++ b/images/dvcr-importer/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: dvcr-artifact-bins +- image: {{ .ModuleNamePrefix }}dvcr-artifact-bins add: /relocate to: / after: install diff --git a/images/dvcr-uploader/werf.inc.yaml b/images/dvcr-uploader/werf.inc.yaml index 98258c6e93..0eedc4ca25 100644 --- a/images/dvcr-uploader/werf.inc.yaml +++ b/images/dvcr-uploader/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: dvcr-artifact-bins +- image: {{ .ModuleNamePrefix }}dvcr-artifact-bins add: /relocate to: / after: install diff --git a/images/dvcr/werf.inc.yaml b/images/dvcr/werf.inc.yaml index 36aaeb110f..f49e398f20 100644 --- a/images/dvcr/werf.inc.yaml +++ b/images/dvcr/werf.inc.yaml @@ -1,15 +1,32 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +{{- $version := "2.8.3" }} +{{- $gitRepoUrl := "distribution/distribution.git" }} + +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + echo "Git clone CDI repository..." + git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /distribution + +--- +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: {{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder add: /container-registry-binary to: /usr/bin before: setup includePaths: - registry # Registry configuration is stored in configmap: templates/dvcr/configmap.yaml -- image: {{ $.ImageName }}-artifact-bins +- image: {{ .ModuleNamePrefix }}dvcr-artifact-bins add: /relocate/usr/local/bin/dvcr-cleaner to: /usr/local/bin/dvcr-cleaner before: setup @@ -17,23 +34,24 @@ imageSpec: config: user: 64535 --- -{{- $version := "2.8.3" }} -{{- $gitRepoUrl := "distribution/distribution.git" }} - -image: {{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder final: false -fromImage: builder/golang-bookworm-1.23{{ $.SVACE_IMAGE_SUFFIX }} +fromImage: {{ eq $.SVACE_ENABLED "false" | ternary "builder/golang-bookworm-1.23" "builder/alt-go-svace" }} mount: - fromPath: ~/go-pkg-cache to: /go/pkg +import: +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /distribution + to: /distribution + before: install secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +- id: GOPROXY + value: {{ .GOPROXY }} shell: install: - | - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - + export GOPROXY=$(cat /run/secrets/GOPROXY) export GOOS=linux export GOARCH=amd64 export CGO_ENABLED=0 @@ -47,7 +65,7 @@ shell: mkdir -p $GOPATH/src/github.com/docker cd $GOPATH/src/github.com/docker - git clone --depth 1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} + mv /distribution . cd distribution export VERSION={{ $version }} diff --git a/images/edk2/werf.inc.yaml b/images/edk2/werf.inc.yaml index 422b228415..91408c57f4 100644 --- a/images/edk2/werf.inc.yaml +++ b/images/edk2/werf.inc.yaml @@ -3,45 +3,92 @@ {{- $version := get $.Version $gitRepoName }} {{- $gitRepoUrl := "tianocore/edk2.git" }} -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact final: false -fromImage: base-alt-p11 +fromImage: builder/src git: -- add: /images/{{ $.ImageName }} - to: / - includePaths: - - build.sh +- add: {{ .ModulePathPrefix }}/images/{{ .ImageName }}/build.sh + to: /build.sh stageDependencies: - setup: + install: - build.sh -- add: /images/{{ $.ImageName }}/logo - to: / - includePaths: - - Logo.bmp +- add: {{ .ModulePathPrefix }}/images/{{ .ImageName }}/logo/Logo.bmp + to: /Logo.bmp stageDependencies: - setup: + install: - '**/*' -- add: /images/{{ $.ImageName }}/json +- add: {{ .ModulePathPrefix }}/images/{{ .ImageName }}/json to: /FIRMWARE includePaths: - '*.json' stageDependencies: - setup: + install: - '*.json' -- add: /images/{{ $.ImageName }}/uefi-revocation-list +- add: {{ .ModulePathPrefix }}/images/{{ .ImageName }}/uefi-revocation-list to: /FIRMWARE includePaths: - '*.bin' stageDependencies: - setup: + install: - '*.bin' secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + echo "Git clone Edk2 repository..." + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $gitRepoName }}-{{ $version }} {{ $gitRepoName }}-{{ $version }} + + git clone $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-platforms.git + + cd /{{ $gitRepoName }}-{{ $version }} + + if [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]] ; then + echo "Checkout submodules" + git submodule update --init --recursive + else + echo "Checkout submodules with URL rewrite" + # mbed-tls rewrite is needed for submodules from ARMmbed renamed organization. + git \ + -c url."$(cat /run/secrets/SOURCE_REPO)/mbed-tls/".insteadOf=https://github.com/ARMmbed/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://github.com/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://gitlab.com/ \ + submodule update --init --recursive + fi + +--- + +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +final: false +fromImage: {{ .ModuleNamePrefix }}base-alt-p11 +import: +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /{{ $gitRepoName }}-{{ $version }} + to: /{{ $gitRepoName }}-{{ $version }} + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /edk2-platforms + to: /edk2-platforms + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /FIRMWARE + to: /FIRMWARE + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /Logo.bmp + to: /Logo.bmp + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /build.sh + to: /build.sh + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - - | + - | apt-get install -y \ gcc gcc-c++ \ git curl \ @@ -64,30 +111,7 @@ shell: install: - | - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $gitRepoName }}-{{ $version }} {{ $gitRepoName }}-{{ $version }} - - git clone $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-platforms.git - - cd {{ $gitRepoName }}-{{ $version }} - if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then - echo "Change submodule url" - git submodule set-url -- CryptoPkg/Library/OpensslLib/openssl $(cat /run/secrets/SOURCE_REPO)/openssl/openssl - git submodule set-url -- UnitTestFrameworkPkg/Library/CmockaLib/cmocka $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-cmocka.git - git submodule set-url -- MdeModulePkg/Universal/RegularExpressionDxe/oniguruma $(cat /run/secrets/SOURCE_REPO)/kkos/oniguruma.git - git submodule set-url -- MdeModulePkg/Library/BrotliCustomDecompressLib/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- BaseTools/Source/C/BrotliCompress/brotli $(cat /run/secrets/SOURCE_REPO)/google/brotli.git - git submodule set-url -- RedfishPkg/Library/JsonLib/jansson $(cat /run/secrets/SOURCE_REPO)/akheron/jansson.git - git submodule set-url -- UnitTestFrameworkPkg/Library/GoogleTestLib/googletest $(cat /run/secrets/SOURCE_REPO)/google/googletest.git - git submodule set-url -- UnitTestFrameworkPkg/Library/SubhookLib/subhook $(cat /run/secrets/SOURCE_REPO)/tianocore/edk2-subhook.git - git submodule set-url -- MdePkg/Library/BaseFdtLib/libfdt $(cat /run/secrets/SOURCE_REPO)/devicetree-org/pylibfdt.git - git submodule set-url -- MdePkg/Library/MipiSysTLib/mipisyst $(cat /run/secrets/SOURCE_REPO)/MIPI-Alliance/public-mipi-sys-t.git - git submodule set-url -- CryptoPkg/Library/MbedTlsLib/mbedtls $(cat /run/secrets/SOURCE_REPO)/Mbed-TLS/mbedtls.git - git submodule set-url -- SecurityPkg/DeviceSecurity/SpdmLib/libspdm $(cat /run/secrets/SOURCE_REPO)/DMTF/libspdm.git - fi - - git submodule update --init --recursive + cd /{{ $gitRepoName }}-{{ $version }} # Set env edk export EDK_TOOLS_PATH=$(pwd)/BaseTools diff --git a/images/hooks/werf.inc.yaml b/images/hooks/werf.inc.yaml index 5d13dd4b33..4138baadf0 100644 --- a/images/hooks/werf.inc.yaml +++ b/images/hooks/werf.inc.yaml @@ -1,21 +1,33 @@ --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact final: false -fromImage: builder/golang-bookworm-1.24 +fromImage: builder/src git: -- add: /images/{{ $.ImageName }} +- add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: /app/images/hooks stageDependencies: install: - go.mod - go.sum - setup: - - "**/*.go" + - '**/*.go' +--- +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +final: false +fromImage: builder/golang-bookworm-1.24 +import: + - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /app/images/hooks + to: /app/images/hooks + before: install mount: - fromPath: ~/go-pkg-cache to: /go/pkg +secrets: +- id: GOPROXY + value: {{ .GOPROXY }} shell: install: + - export GOPROXY=$(cat /run/secrets/GOPROXY) - cd /app/images/hooks - go mod download setup: diff --git a/images/kube-api-rewriter/werf.inc.yaml b/images/kube-api-rewriter/werf.inc.yaml index 91531318ff..597a68b776 100644 --- a/images/kube-api-rewriter/werf.inc.yaml +++ b/images/kube-api-rewriter/werf.inc.yaml @@ -1,9 +1,9 @@ --- -image: {{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder final: false fromImage: builder/golang-bookworm-1.23 git: - - add: /images/{{ $.ImageName }} + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: /src/kube-api-rewriter stageDependencies: install: @@ -11,26 +11,30 @@ git: - go.sum setup: - "**/*.go" +secrets: +- id: GOPROXY + value: {{ .GOPROXY }} mount: - fromPath: ~/go-pkg-cache to: /go/pkg shell: install: + - export GOPROXY=$(cat /run/secrets/GOPROXY) - cd /src/kube-api-rewriter - go mod download setup: - cd /src/kube-api-rewriter - - export GO111MODULE=on - export GOOS=linux - export CGO_ENABLED=0 - export GOARCH=amd64 - go build -v -a -o kube-api-rewriter ./cmd/kube-api-rewriter --- -image: {{ $.ImageName }} + +image: {{ .ModuleNamePrefix }}{{ .ImageName }} fromImage: builder/scratch import: - - image: {{ $.ImageName }}-builder + - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder add: /src/kube-api-rewriter/kube-api-rewriter to: /app/kube-api-rewriter after: install diff --git a/images/libvirt/werf.inc.yaml b/images/libvirt/werf.inc.yaml index 6fb3e40ea9..3d712ec52d 100644 --- a/images/libvirt/werf.inc.yaml +++ b/images/libvirt/werf.inc.yaml @@ -3,11 +3,11 @@ {{- $version := get $.Version $gitRepoName }} {{- $gitRepoUrl := "libvirt/libvirt.git" }} -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact final: false -fromImage: base-alt-p11{{ $.SVACE_IMAGE_SUFFIX }} +fromImage: builder/src git: -- add: /images/{{ $.ImageName }}/ +- add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: / includePaths: - install-libvirt.sh @@ -17,100 +17,114 @@ git: stageDependencies: install: - '**/*' - setup: - - install-libvirt.sh +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /{{ $gitRepoName }}-{{ $version }} + + cd /{{ $gitRepoName }}-{{ $version }} + + if [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]] ; then + echo "Checkout submodules" + git submodule update --init --recursive + else + echo "Checkout submodules with URL rewrite" + git \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://github.com/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://gitlab.com/ \ + submodule update --init --recursive + fi + +--- +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- binutils +- gcc-c++ +- git gettext +- bash-completion +- clang ccache +- make cmake +- meson ninja-build +- attr +- iproute iptables iptables-nft iptables-ipv6 +- openvswitch ebtables +- pkgconfig +- polkit kmod +- lvm2 parted +- qemu-img open-iscsi +- xml-utils xsltproc +- systemd-container polkit +- python3 python3-devel +- python3-module-pytest python3-module-docutils +- python3-tools python3-module-pip +- python3-module-black +- mdevctl tshark +- util-linux dmsetup pm-utils +libraries: +- libudev-devel +- libpciaccess-devel +- libyajl-devel sanlock-devel +- libpcap-devel libnl-devel +- libselinux-devel libsasl2-devel +- libssh-devel +- libssh2-devel +- libparted-devel +- libdevmapper-devel +- ceph-devel +- libiscsi-devel libglusterfs-devel +- libnuma-devel libcap-ng-devel +- libcurl-devel libaudit-devel +- libfuse-devel libnbd-devel +- libblkid-devel libgcrypt-devel +- libgnutls-devel libp11-kit-devel +- libreadline-devel libtasn1-devel +- libattr-devel libbsd-devel +- libsystemd-devel libuuid-devel +- libjson-c-devel systemtap-sdt-devel +- libacl-devel glib2-devel glibc-utils +- libgio-devel libxml2-devel +- libtirpc-devel libsasl2-devel +- wireshark-devel +- zlib-devel libclocale +- libfuse3-devel libnuma libslirp-devel +- libyajl-devel libselinux-devel +{{- end -}} + +{{ $builderDependencies := include "$name" . | fromYaml }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +final: false +{{- $baseAltP11 := printf "%sbase-alt-p11" .ModuleNamePrefix }} +fromImage: {{ eq $.SVACE_ENABLED "false" | ternary $baseAltP11 "builder/alt-go-svace" }} import: -- image: packages/binaries/dmidecode +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /{{ $gitRepoName }}-{{ $version }} + to: /{{ $gitRepoName }}-{{ $version }} + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /patches + to: /patches + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /install-libvirt.sh + to: /install-libvirt.sh + before: install +- image: {{ .ModuleNamePrefix }}packages/binaries/dmidecode add: /dmidecode to: /dmidecode before: install -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get install --yes \ - binutils \ - gcc-c++ \ - git \ - gettext \ - bash-completion \ - clang \ - ccache \ - make cmake \ - meson \ - ninja-build \ - libudev-devel \ - libpciaccess-devel \ - libyajl-devel \ - sanlock-devel \ - libpcap-devel \ - libnl-devel \ - libselinux-devel \ - iproute \ - iptables \ - iptables-nft \ - iptables-ipv6 \ - openvswitch \ - ebtables \ - libsasl2-devel \ - pkgconfig \ - libssh-devel \ - libssh2-devel \ - polkit kmod \ - qemu-img \ - lvm2 \ - libparted-devel \ - parted \ - libdevmapper-devel \ - ceph-devel \ - open-iscsi \ - libiscsi-devel \ - libglusterfs-devel \ - libnuma-devel \ - libcap-ng-devel \ - libcurl-devel \ - libaudit-devel \ - libfuse-devel \ - libnbd-devel \ - libblkid-devel \ - libgcrypt-devel \ - libgnutls-devel \ - libp11-kit-devel \ - libreadline-devel \ - libtasn1-devel \ - libattr-devel \ - libbsd-devel \ - libsystemd-devel \ - libuuid-devel \ - libjson-c-devel \ - systemtap-sdt-devel \ - systemd-container \ - attr \ - libacl-devel \ - glib2-devel \ - glibc-utils \ - libgio-devel \ - libxml2-devel \ - xml-utils \ - xsltproc \ - python3 python3-devel \ - python3-module-pytest \ - python3-module-docutils \ - python3-tools \ - python3-module-pip \ - polkit \ - libtirpc-devel \ - libsasl2-devel \ - wireshark-devel \ - tshark \ - zlib-devel \ - mdevctl \ - util-linux dmsetup pm-utils libclocale \ - libfuse3-devel libnuma libslirp-devel \ - libyajl-devel libselinux-devel + apt-get install -y \ + {{ $builderDependencies.packages | join " " }} \ + {{ $builderDependencies.libraries | join " " }} {{- include "alt packages clean" . | nindent 2 }} - | @@ -121,8 +135,6 @@ shell: ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc - pip3 install black - install: - | mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config @@ -137,13 +149,7 @@ shell: export NINJA="/usr/bin/ninja" export PYTHON="/usr/bin/python3" - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} - - cd {{ $gitRepoName }}-{{ $version }} - if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then - echo "Change submodule url" - git submodule set-url -- subprojects/keycodemapdb $(cat /run/secrets/SOURCE_REPO)/keycodemap/keycodemapdb.git - fi + cd /{{ $gitRepoName }}-{{ $version }} for p in /patches/*.patch ; do echo -n "Apply ${p} ... " diff --git a/images/packages/binaries/acl/werf.inc.yaml b/images/packages/binaries/acl/werf.inc.yaml index 6e2b813894..0896b4f24b 100644 --- a/images/packages/binaries/acl/werf.inc.yaml +++ b/images/packages/binaries/acl/werf.inc.yaml @@ -1,16 +1,32 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /{{ $.ImageName }} before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "acl.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + # rm -rf /src/.git +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -23,12 +39,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -41,9 +59,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src cd /src ./autogen.sh diff --git a/images/packages/binaries/bzip2/werf.inc.yaml b/images/packages/binaries/bzip2/werf.inc.yaml index 2cc547ff00..9bde45a9ca 100644 --- a/images/packages/binaries/bzip2/werf.inc.yaml +++ b/images/packages/binaries/bzip2/werf.inc.yaml @@ -1,16 +1,31 @@ --- -# development pkgs -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /{{ $.ImageName }} before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "bzip2/bzip2.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -23,12 +38,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -43,9 +60,6 @@ shell: OUTDIR=/out pkgver=$( echo {{ $version }} | cut -d "-" -f2) - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src mkdir -p $OUTDIR/usr/lib64 diff --git a/images/packages/binaries/dmidecode/werf.inc.yaml b/images/packages/binaries/dmidecode/werf.inc.yaml index 3418899898..4c7154a53a 100644 --- a/images/packages/binaries/dmidecode/werf.inc.yaml +++ b/images/packages/binaries/dmidecode/werf.inc.yaml @@ -1,16 +1,33 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /dmidecode before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "dmidecode.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch dmidecode-{{ $version }} /src + # rm -rf /src/.git + +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -21,12 +38,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -39,9 +58,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch dmidecode-{{ $version }} /src cd /src make -j$(nproc) prefix=/usr diff --git a/images/packages/binaries/dtc/werf.inc.yaml b/images/packages/binaries/dtc/werf.inc.yaml index 817aa124b8..3d36acfa93 100644 --- a/images/packages/binaries/dtc/werf.inc.yaml +++ b/images/packages/binaries/dtc/werf.inc.yaml @@ -1,30 +1,53 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git make rpm-macros-meson +- flex bison meson +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "dtc/dtc.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libfdt before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "dtc/dtc.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git make rpm-macros-meson -- flex bison meson -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -40,9 +63,6 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src export SETUPTOOLS_SCM_PRETEND_VERSION=1.7.2 @@ -51,3 +71,4 @@ shell: meson compile -C build meson install -C build +{{- end }} diff --git a/images/packages/binaries/file/werf.inc.yaml b/images/packages/binaries/file/werf.inc.yaml index d56ffe6011..063efc0278 100644 --- a/images/packages/binaries/file/werf.inc.yaml +++ b/images/packages/binaries/file/werf.inc.yaml @@ -1,15 +1,30 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /{{ $.ImageName }} before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "file/file.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -24,12 +39,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -42,9 +59,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src autoreconf -f -i diff --git a/images/packages/binaries/fuse3/werf.inc.yaml b/images/packages/binaries/fuse3/werf.inc.yaml index a02f5a7a69..289b94ef40 100644 --- a/images/packages/binaries/fuse3/werf.inc.yaml +++ b/images/packages/binaries/fuse3/werf.inc.yaml @@ -1,30 +1,53 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc git +- make rpm-macros-alternatives meson +- ninja-build libudev-devel +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "libfuse/libfuse.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libfuse3 before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "libfuse/libfuse.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc git -- make rpm-macros-alternatives meson -- ninja-build libudev-devel -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -40,12 +63,9 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src meson setup build -Duseroot=false -Dprefix=$OUTDIR/usr meson compile -C build meson install -C build - +{{- end }} diff --git a/images/packages/binaries/glib2/werf.inc.yaml b/images/packages/binaries/glib2/werf.inc.yaml index dd7bb71b5f..4ba16b1b7d 100644 --- a/images/packages/binaries/glib2/werf.inc.yaml +++ b/images/packages/binaries/glib2/werf.inc.yaml @@ -1,51 +1,87 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc gcc-c++ +- git pkg-config meson cmake +- libunwind-devel libelf-devel libffi-devel zlib-devel libpcre2-devel sysprof-devel libgvdb-devel +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "GNOME/glib.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /glib2 before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "GNOME/glib.git" }} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + beforeInstall: + {{- include "alt packages proxy" . | nindent 2}} + - apt-get install -y meson + {{- include "alt packages clean" . | nindent 2}} -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc gcc-c++ -- git pkg-config meson cmake -- libunwind-devel libelf-devel libffi-devel zlib-devel libpcre2-devel sysprof-devel libgvdb-devel -{{- end -}} + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src -image: {{ $.ImageType }}/{{ $.ImageName }}-builder + if [[ ! "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]] ; then + # Clone meson wraps with url rewrite. + # Configure script options require only 3 subprojects. + cd /src + for subproj in gvdb libffi sysprof ; do + echo "Rewrite url for ${subproj} subproject." + wrapfile="subprojects/${subproj}.wrap" + # Rewrite https://HOSTNAME/ to SOURCE_REPO secret in the wrap file. + sed -i '/^#/n ; /^url/ s|\(url\ \?=\ \?\)\(.*:\/\/[^\/]*\/\)|\1'$(cat /run/secrets/SOURCE_REPO)'\/|' ${wrapfile} + meson subprojects download ${subproj} + done + fi + +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | apt-get install -y \ {{ $builderDependencies.packages | join " " }} - + {{- include "alt packages clean" . | nindent 2 }} install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src meson setup _build -Dprefix=$OUTDIR/usr -Dgtk_doc=false -Dbuildtype=release -Dstrip=true meson compile -C _build meson install -C _build +{{- end}} diff --git a/images/packages/binaries/glibc/werf.inc.yaml b/images/packages/binaries/glibc/werf.inc.yaml index 8f377e0384..bc1c4a9325 100644 --- a/images/packages/binaries/glibc/werf.inc.yaml +++ b/images/packages/binaries/glibc/werf.inc.yaml @@ -1,17 +1,3 @@ ---- -image: {{ $.ImageType }}/{{ $.ImageName }} -final: false -fromImage: builder/scratch -import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder - add: /out - to: /glibc - before: setup - ---- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "glibc.git" }} - {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} packages: @@ -21,14 +7,48 @@ packages: - make bison python3 {{- end -}} -{{ $builderDependencies := include "$name" . | fromYaml }} +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "glibc.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false -fromImage: builder/alt +fromImage: builder/scratch +import: +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder + add: /out + to: /glibc + before: setup + +--- +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git + +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder +final: false +fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -41,9 +61,6 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src mkdir /build cd /build @@ -62,3 +79,4 @@ shell: make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/gmp/werf.inc.yaml b/images/packages/binaries/gmp/werf.inc.yaml index 44f9273641..44a9f8a4e8 100644 --- a/images/packages/binaries/gmp/werf.inc.yaml +++ b/images/packages/binaries/gmp/werf.inc.yaml @@ -1,17 +1,3 @@ ---- -image: {{ $.ImageType }}/{{ $.ImageName }} -final: false -fromImage: builder/scratch -import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder - add: /out - to: /libgmp10 - before: setup - ---- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "gmp/gmp" }} - {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} packages: @@ -20,14 +6,48 @@ packages: - make makeinfo autoconf automake {{- end -}} -{{ $builderDependencies := include "$name" . | fromYaml }} +{{- $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "gmp/gmp" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false -fromImage: builder/alt +fromImage: builder/scratch +import: +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder + add: /out + to: /libgmp10 + before: setup + +--- +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git + +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder +final: false +fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -40,9 +60,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./configure \ @@ -171,3 +189,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end}} diff --git a/images/packages/binaries/gnutls/werf.inc.yaml b/images/packages/binaries/gnutls/werf.inc.yaml index aa2e666b21..dc70a0118a 100644 --- a/images/packages/binaries/gnutls/werf.inc.yaml +++ b/images/packages/binaries/gnutls/werf.inc.yaml @@ -1,21 +1,50 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /gnutls before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "gnutls/gnutls.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + + cd /src + + if [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]] ; then + echo "Checkout submodules" + git submodule update --init --recursive + else + echo "Checkout submodules with URL rewrite" + git \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://github.com/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://gitlab.com/ \ + submodule update --init --recursive + fi + +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} packages: -- gcc git gperf glibc-devel-static wget +- gcc git gperf glibc-devel-static - make autoconf automake libtool makeinfo gettext-devel patch - perl-Net-SSLeay perl-IPC-Cmd perl-Pod-Html - gem-gettext-devel gettext po4a @@ -24,36 +53,41 @@ packages: - libtasn1-devel libtasn1-utils libidn2-devel zlib-devel - libunbound-devel bison gtk-doc texinfo texlive - libev4 libev-devel libgcrypt-devel libopencdk-devel +- liboqs-devel libzstd-devel libreadline-devel gcc-c++ {{- end -}} {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | - apt-get install -y \ - {{ $builderDependencies.packages | join " " }} + apt-get install -y {{ $builderDependencies.packages | join " " }} {{- include "alt packages clean" . | nindent 2 }} install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src - ./bootstrap + ./bootstrap --skip-po - ./configure --prefix=/usr --libdir=/usr/lib64 --disable-tests + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib64 \ + --with-default-trust-store-file=/usr/share/ca-certificates/ca-bundle.crt \ + --disable-tests \ + --disable-doc make -j$(nproc) diff --git a/images/packages/binaries/libattr/werf.inc.yaml b/images/packages/binaries/libattr/werf.inc.yaml index 1ea8072c05..c2edc60565 100644 --- a/images/packages/binaries/libattr/werf.inc.yaml +++ b/images/packages/binaries/libattr/werf.inc.yaml @@ -1,28 +1,51 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc git make libtool gettext-tools +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "attr.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libattr before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "attr.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc git make libtool gettext-tools -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -38,9 +61,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./autogen.sh ./configure \ @@ -51,3 +72,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end}} diff --git a/images/packages/binaries/libaudit/werf.inc.yaml b/images/packages/binaries/libaudit/werf.inc.yaml index 4e74fb017c..4608afaa5a 100644 --- a/images/packages/binaries/libaudit/werf.inc.yaml +++ b/images/packages/binaries/libaudit/werf.inc.yaml @@ -1,29 +1,52 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git make libtool +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "linux-audit/audit-userspace.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libaudit before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "linux-audit/audit-userspace.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git make libtool -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -39,9 +62,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./autogen.sh ./configure \ @@ -53,3 +74,4 @@ shell: --disable-zos-remote make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/libblkid/werf.inc.yaml b/images/packages/binaries/libblkid/werf.inc.yaml index 36187f2a23..fee90073b0 100644 --- a/images/packages/binaries/libblkid/werf.inc.yaml +++ b/images/packages/binaries/libblkid/werf.inc.yaml @@ -1,30 +1,53 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git make libtool gettext-devel +- bison flex +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "util-linux/util-linux.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libblkid before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "util-linux/util-linux.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git make libtool gettext-devel -- bison flex -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -40,9 +63,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./autogen.sh ./configure \ @@ -55,3 +76,4 @@ shell: --disable-examples make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/libbrotli/werf.inc.yaml b/images/packages/binaries/libbrotli/werf.inc.yaml index b544438580..929d9d28ad 100644 --- a/images/packages/binaries/libbrotli/werf.inc.yaml +++ b/images/packages/binaries/libbrotli/werf.inc.yaml @@ -1,29 +1,52 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git cmake make +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "google/brotli.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libbrotli before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "google/brotli.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git cmake make -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -38,9 +61,6 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src mkdir /build cd /build @@ -52,3 +72,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/libbsd/werf.inc.yaml b/images/packages/binaries/libbsd/werf.inc.yaml index d7ded9d8a4..193a5f30e2 100644 --- a/images/packages/binaries/libbsd/werf.inc.yaml +++ b/images/packages/binaries/libbsd/werf.inc.yaml @@ -1,29 +1,52 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git make libtool libmd-devel +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "libbsd/libbsd.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libbsd before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "libbsd/libbsd.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git make libtool libmd-devel -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -39,9 +62,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./autogen ./configure \ @@ -52,3 +73,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/libburn/werf.inc.yaml b/images/packages/binaries/libburn/werf.inc.yaml index 9080905343..204e7dca50 100644 --- a/images/packages/binaries/libburn/werf.inc.yaml +++ b/images/packages/binaries/libburn/werf.inc.yaml @@ -1,29 +1,52 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc +- git make libtool +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "libburnia/libburn.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libburn before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "libburnia/libburn.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- gcc -- git make libtool -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - {{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -38,9 +61,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src ./bootstrap ./configure \ @@ -50,3 +71,4 @@ shell: --disable-static make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end}} diff --git a/images/packages/binaries/libgcrypt/werf.inc.yaml b/images/packages/binaries/libgcrypt/werf.inc.yaml index f5f7878f16..4f38604db7 100644 --- a/images/packages/binaries/libgcrypt/werf.inc.yaml +++ b/images/packages/binaries/libgcrypt/werf.inc.yaml @@ -1,30 +1,53 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- git gcc +- make pkgconfig makeinfo autoconf +- libtool libgpg-error-devel +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "gpg/libgcrypt" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libcrypt before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "gpg/libgcrypt" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- git gcc -- make pkgconfig makeinfo autoconf -- libtool libgpg-error-devel -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -40,9 +63,6 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src cd /src autoreconf @@ -60,3 +80,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install libtool --finish /usr/lib64 +{{- end}} diff --git a/images/packages/binaries/libtpms/werf.inc.yaml b/images/packages/binaries/libtpms/werf.inc.yaml new file mode 100644 index 0000000000..83976f5287 --- /dev/null +++ b/images/packages/binaries/libtpms/werf.inc.yaml @@ -0,0 +1,72 @@ +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} +final: false +fromImage: builder/scratch +import: +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder + add: /out + to: /libtpms + before: setup + +--- +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "stefanberger/libtpms.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src +--- + +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- gcc gcc-c++ +- make autoconf automake libtool +- libssl-devel perl-podlators +{{- end -}} + +{{ $builderDependencies := include "$name" . | fromYaml }} + +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder +final: false +fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install +shell: + beforeInstall: + {{- include "alt packages proxy" . | nindent 2 }} + - | + apt-get install -y \ + {{ $builderDependencies.packages | join " " }} + + {{- include "alt packages clean" . | nindent 2 }} + + install: + - | + OUTDIR=/out + + cd /src + + ./autogen.sh + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib64 \ + --with-tpm2 \ + --with-openssl + + make -j$(nproc) + + make DESTDIR=$OUTDIR install diff --git a/images/packages/binaries/lvm2/werf.inc.yaml b/images/packages/binaries/lvm2/werf.inc.yaml index 1c10f91448..6de561b95e 100644 --- a/images/packages/binaries/lvm2/werf.inc.yaml +++ b/images/packages/binaries/lvm2/werf.inc.yaml @@ -1,31 +1,54 @@ +{{- $name := print $.ImageName "-dependencies" -}} +{{- define "$name" -}} +packages: +- git gcc gcc-c++ make autoconf automake +- pkgconfig makeinfo rpm-build-python3 +- libreadline-devel +- libtinfo-devel libudev-devel libaio-devel +{{- end -}} + +{{- $builderDependencies := include "$name" . | fromYaml }} + +{{- $version := get .PackageVersion .ImageName }} +{{- $gitRepoUrl := "lvmteam/lvm2.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +{{/* Temporarily exclude images from build as submodule. TODO remove 'if' when this image is used in import section. */}} +{{- if eq .ModuleNamePrefix "" }} --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /libdevmapper before: setup --- -{{- $version := get $.Package $.ImageName }} -{{- $gitRepoUrl := "lvmteam/lvm2.git" }} - -{{- $name := print $.ImageName "-dependencies" -}} -{{- define "$name" -}} -packages: -- git gcc gcc-c++ make autoconf automake -- pkgconfig makeinfo rpm-build-python3 -- libreadline-devel -- libtinfo-devel libudev-devel libaio-devel -{{- end -}} +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config -{{ $builderDependencies := include "$name" . | fromYaml }} + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + # rm -rf /src/.git -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +--- +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -41,10 +64,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src - cd /src autoconf ./configure \ @@ -64,3 +84,4 @@ shell: make -j$(nproc) make DESTDIR=$OUTDIR install +{{- end }} diff --git a/images/packages/binaries/nbdkit/werf.inc.yaml b/images/packages/binaries/nbdkit/werf.inc.yaml index 01ad4e9f09..eeec67c16d 100644 --- a/images/packages/binaries/nbdkit/werf.inc.yaml +++ b/images/packages/binaries/nbdkit/werf.inc.yaml @@ -1,16 +1,31 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /nbdkit before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "nbdkit/nbdkit.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -34,18 +49,19 @@ packages: - zlib - libblkio - libnbd -- libtorrent-rasterbar-devel - libssh {{- end -}} {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -55,22 +71,20 @@ shell: {{- include "alt packages clean" . | nindent 2 }} - install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src cd /src - + autoreconf -i ./configure \ --disable-static \ --prefix=/usr \ --libdir=/usr/lib64 \ - --without-bash-completions + --without-bash-completions \ + --disable-torrent make -j$(nproc) diff --git a/images/packages/binaries/nftables/werf.inc.yaml b/images/packages/binaries/nftables/werf.inc.yaml index c6276962f1..1bb1bf3aec 100644 --- a/images/packages/binaries/nftables/werf.inc.yaml +++ b/images/packages/binaries/nftables/werf.inc.yaml @@ -1,16 +1,31 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /nftables before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "nftables.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -20,45 +35,35 @@ packages: - automake autoconf make makeinfo libtool - musl-devel-static - flex bison asciidoc-a2x +- libmnl-devel +- libnftnl-devel +- libgmp-devel +- libreadline-devel +- libjansson-devel +- libedit-devel {{- end -}} {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | apt-get install -y \ {{ $builderDependencies.packages | join " " }} - - {{ if not $.DistroPackagesProxy }} - REPO_URL=http://ftp.altlinux.org/pub/distributions - {{- else }} - REPO_URL=http://{{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository - {{- end }} - - cat >/etc/apt/sources.list.d/alt-sisyphus.list< ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src cd /src ./autogen.sh diff --git a/images/packages/binaries/numactl/werf.inc.yaml b/images/packages/binaries/numactl/werf.inc.yaml index f00f9e540c..8e62f7d8f6 100644 --- a/images/packages/binaries/numactl/werf.inc.yaml +++ b/images/packages/binaries/numactl/werf.inc.yaml @@ -1,16 +1,31 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /numactl before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "numactl/numactl.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -22,12 +37,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -40,9 +57,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src cd /src ./autogen.sh diff --git a/images/packages/binaries/openssl/werf.inc.yaml b/images/packages/binaries/openssl/werf.inc.yaml index 714a70e5da..b63813b943 100644 --- a/images/packages/binaries/openssl/werf.inc.yaml +++ b/images/packages/binaries/openssl/werf.inc.yaml @@ -1,16 +1,31 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /openssl before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "openssl/openssl.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -23,12 +38,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -41,9 +58,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch {{ $version }} /src + cd /src ./Configure --prefix=/usr CC=/usr/bin/musl-gcc -static diff --git a/images/packages/binaries/swtpm/werf.inc.yaml b/images/packages/binaries/swtpm/werf.inc.yaml index cca8b69b65..2561fc7297 100644 --- a/images/packages/binaries/swtpm/werf.inc.yaml +++ b/images/packages/binaries/swtpm/werf.inc.yaml @@ -1,16 +1,32 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /swtpm before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "stefanberger/swtpm.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src +--- + {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -31,43 +47,34 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install +- image: {{ .ModuleNamePrefix }}packages/binaries/libtpms + add: /libtpms + to: /libtpms + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} - | apt-get install -y \ {{ $builderDependencies.packages | join " " }} - - {{ if not $.DistroPackagesProxy }} - REPO_URL=http://ftp.altlinux.org/pub/distributions - {{- else }} - REPO_URL=http://{{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository - {{- end }} - - # libtpms libtpms-devel requares version 0.10 that in sisyphus repo - cat >/etc/apt/sources.list.d/alt-sisyphus.list< ~/.ssh/config - - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /src + cd /src ./autogen.sh \ diff --git a/images/packages/binaries/xorriso/werf.inc.yaml b/images/packages/binaries/xorriso/werf.inc.yaml index 0e97414736..22da500524 100644 --- a/images/packages/binaries/xorriso/werf.inc.yaml +++ b/images/packages/binaries/xorriso/werf.inc.yaml @@ -1,16 +1,31 @@ --- -image: {{ $.ImageType }}/{{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }} final: false fromImage: builder/scratch import: -- image: {{ $.ImageType }}/{{ $.ImageName }}-builder +- image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder add: /out to: /xorriso before: setup --- -{{- $version := get $.Package $.ImageName }} +{{- $version := get .PackageVersion .ImageName }} {{- $gitRepoUrl := "libburnia/libisoburn.git" }} +{{- $PkgImageName := (printf "%s/%s" .PackagePath .ImageName) }} + +image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch release-{{ $version }} /src +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} @@ -23,12 +38,14 @@ packages: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageType }}/{{ $.ImageName }}-builder +image: {{ .ModuleNamePrefix }}{{ .PackagePath }}/{{ .ImageName }}-builder final: false fromImage: builder/alt -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} +import: +- image: {{ .ModuleNamePrefix }}{{ $PkgImageName }}-src-artifact + add: /src + to: /src + before: install shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -41,9 +58,7 @@ shell: install: - | OUTDIR=/out - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch release-{{ $version }} /src cd /src ./bootstrap diff --git a/images/packages/werf.inc.yaml b/images/packages/werf.inc.yaml new file mode 100644 index 0000000000..c1a5cefcbe --- /dev/null +++ b/images/packages/werf.inc.yaml @@ -0,0 +1 @@ +{{ include "process_packages_images" . }} \ No newline at end of file diff --git a/images/pre-delete-hook/werf.inc.yaml b/images/pre-delete-hook/werf.inc.yaml index a8c8260778..cb9423be17 100644 --- a/images/pre-delete-hook/werf.inc.yaml +++ b/images/pre-delete-hook/werf.inc.yaml @@ -1,9 +1,9 @@ --- -image: pre-delete-hook-builder +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder final: false fromImage: builder/golang-bookworm-1.23 git: -- add: /images/{{ $.ImageName }} +- add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} to: /pre-delete-hook stageDependencies: install: @@ -11,11 +11,15 @@ git: - go.sum setup: - "**/*.go" +secrets: +- id: GOPROXY + value: {{ .GOPROXY }} mount: - fromPath: ~/go-pkg-cache to: /go/pkg shell: install: + - export GOPROXY=$(cat /run/secrets/GOPROXY) - cd /pre-delete-hook - go mod download setup: @@ -25,10 +29,10 @@ shell: - export CGO_ENABLED=0 - go build -v -a -o pre-delete-hook main.go --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} fromImage: builder/scratch import: -- image: pre-delete-hook-builder +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-builder add: /pre-delete-hook/pre-delete-hook to: /pre-delete-hook after: install diff --git a/images/qemu/werf.inc.yaml b/images/qemu/werf.inc.yaml index 50e972f953..d856bd935d 100644 --- a/images/qemu/werf.inc.yaml +++ b/images/qemu/werf.inc.yaml @@ -3,7 +3,67 @@ {{- $version := get $.Version $gitRepoName }} {{- $gitRepoUrl := "qemu/qemu.git" }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact +final: false +fromImage: builder/src +git: +- add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }} + to: / + includePaths: + - install-qemu.sh + - patches + excludePaths: + - patches/README.md + stageDependencies: + install: + - '**/*' +- add: {{ .ModulePathPrefix }}/images/base-alt-p11-binaries/relocate_binaries.sh + to: /relocate_binaries.sh + stageDependencies: + install: + - '**/*' +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO_GIT }} +shell: + beforeInstall: + {{- include "alt packages proxy" . | nindent 2}} + - apt-get install -y meson + {{- include "alt packages clean" . | nindent 2}} + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} /{{ $gitRepoName }}-{{ $version }} + + cd /{{ $gitRepoName }}-{{ $version }} + + if [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]] ; then + echo "Checkout submodules" + git submodule update --init --recursive + else + echo "Checkout submodules with URL rewrite" + # mbed-tls rewrite is needed for edk2 submodule. + git \ + -c url."$(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git".insteadOf=https://gitlab.com/qemu-project/seabios.git/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/mbed-tls/".insteadOf=https://github.com/ARMmbed/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://github.com/ \ + -c url."$(cat /run/secrets/SOURCE_REPO)/".insteadOf=https://gitlab.com/ \ + submodule update --init --recursive + + echo "Download meson subprojects with URL rewrites." + # Configure script options require only 3 subprojects. + for subproj in berkeley-softfloat-3 berkeley-testfloat-3 keycodemapdb ; do + echo "Rewrite url for ${subproj} subproject." + wrapfile="subprojects/${subproj}.wrap" + # Rewrite https://HOSTNAME/ to SOURCE_REPO secret in the wrap file. + sed -i '/^#/n ; /^url/ s|\(url\ \?=\ \?\)\(.*:\/\/[^\/]*\/\)|\1'$(cat /run/secrets/SOURCE_REPO)'\/|' ${wrapfile} + meson subprojects download ${subproj} + done + + fi +--- {{- $name := print $.ImageName "-dependencies" -}} {{- define "$name" -}} packages: @@ -27,6 +87,7 @@ packages: - python3-module-pip - python3-module-sphinx - python3-module-sphinx_rtd_theme +- python3-module-black libraries: - glibc-devel-static - zlib-devel-static @@ -38,22 +99,18 @@ libraries: - glib2-devel - libdw-devel - perl-devel -- libssh-devel -- libssh2-devel +- libssh-devel libssh2-devel - libcap-ng-devel - libxfs-devel - zlib-devel -- libcurl-devel -- libpci-devel +- libcurl-devel libpci-devel - libgvnc-devel - glibc-kernheaders - libfdt-devel - libpixman-devel - libkeyutils-devel -- libuuid-devel -- libpam0-devel -- libtasn1-devel -- libslirp-devel +- libuuid-devel libpam0-devel +- libtasn1-devel libslirp-devel - libdrm-devel - libxdp-devel libSDL2-devel libSDL2_image-devel - libncursesw-devel libalsa-devel libpulseaudio-devel @@ -77,33 +134,30 @@ libraries: {{ $builderDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false -fromImage: base-alt-p11{{ $.SVACE_IMAGE_SUFFIX }} -git: -- add: /images/{{ $.ImageName }}/ - to: / - includePaths: - - install-qemu.sh - - patches - excludePaths: - - patches/README.md - stageDependencies: - setup: - - install-qemu.sh - -- add: /images/base-alt-p11-binaries - to: / - includePaths: - - relocate_binaries.sh - stageDependencies: - setup: - - '**/*' +{{- $baseAltP11 := printf "%sbase-alt-p11" .ModuleNamePrefix }} +fromImage: {{ eq $.SVACE_ENABLED "false" | ternary $baseAltP11 "builder/alt-go-svace" }} import: -- image: packages/binaries/dmidecode +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /{{ $gitRepoName }}-{{ $version }} + to: /{{ $gitRepoName }}-{{ $version }} + before: install +- image: {{ .ModuleNamePrefix }}packages/binaries/dmidecode add: /dmidecode to: /dmidecode before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /patches + to: /patches + before: install +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: / + to: / + before: install + includePaths: + - install-qemu.sh + - relocate_binaries.sh secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO_GIT }} @@ -125,8 +179,6 @@ shell: ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc - pip3 install black - install: - | mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config @@ -141,27 +193,7 @@ shell: export NINJA="/usr/bin/ninja" export PYTHON="/usr/bin/python3" - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} --branch v{{ $version }} {{ $gitRepoName }}-{{ $version }} - - cd {{ $gitRepoName }}-{{ $version }} - if ! [[ "$(cat /run/secrets/SOURCE_REPO)" =~ "github.com" ]];then - echo "Change submodule url" - git submodule set-url -- roms/seabios $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios.git - git submodule set-url -- roms/SLOF $(cat /run/secrets/SOURCE_REPO)/qemu-project/SLOF.git - git submodule set-url -- roms/ipxe $(cat /run/secrets/SOURCE_REPO)/qemu-project/ipxe.git - git submodule set-url -- roms/openbios $(cat /run/secrets/SOURCE_REPO)/qemu-project/openbios.git - git submodule set-url -- roms/qemu-palcode $(cat /run/secrets/SOURCE_REPO)/qemu-project/qemu-palcode.git - git submodule set-url -- roms/u-boot $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot.git - git submodule set-url -- roms/skiboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/skiboot.git - git submodule set-url -- roms/QemuMacDrivers $(cat /run/secrets/SOURCE_REPO)/qemu-project/QemuMacDrivers.git - git submodule set-url -- roms/seabios-hppa $(cat /run/secrets/SOURCE_REPO)/qemu-project/seabios-hppa.git - git submodule set-url -- roms/u-boot-sam460ex $(cat /run/secrets/SOURCE_REPO)/qemu-project/u-boot-sam460ex.git - git submodule set-url -- roms/edk2 $(cat /run/secrets/SOURCE_REPO)/qemu-project/edk2.git - git submodule set-url -- roms/opensbi $(cat /run/secrets/SOURCE_REPO)/qemu-project/opensbi.git - git submodule set-url -- roms/qboot $(cat /run/secrets/SOURCE_REPO)/qemu-project/qboot.git - git submodule set-url -- roms/vbootrom $(cat /run/secrets/SOURCE_REPO)/qemu-project/vbootrom.git - git submodule set-url -- tests/lcitool/libvirt-ci $(cat /run/secrets/SOURCE_REPO)/libvirt/libvirt-ci.git - fi + cd /{{ $gitRepoName }}-{{ $version }} for p in /patches/*.patch ; do echo -n "Apply ${p} ... " diff --git a/images/src-artifact/werf.inc.yaml b/images/src-artifact/werf.inc.yaml new file mode 100644 index 0000000000..9d877793d9 --- /dev/null +++ b/images/src-artifact/werf.inc.yaml @@ -0,0 +1,4 @@ +--- +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +final: false +fromImage: builder/src diff --git a/images/svace-builder/werf.inc.yaml b/images/svace-builder/werf.inc.yaml deleted file mode 100644 index 103cc9016e..0000000000 --- a/images/svace-builder/werf.inc.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -image: {{ $.ImageName }}-download -final: false -fromImage: builder/alpine -secrets: -- id: SOURCE_REPO - value: {{ $.SOURCE_REPO_GIT }} -shell: - beforeInstall: - - apk update - - apk add wget - - apk add git openssh-client - - mkdir ~/.ssh/ - - echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - install: - - git clone --depth 1 --branch v4.0.250415 $(cat /run/secrets/SOURCE_REPO)/ispras/svace.git /opt/svace - ---- -image: base-alt-p11/svace -final: false -fromImage: BASE_ALT_P11 -import: -- image: {{ $.ImageName }}-download - add: /opt/svace - to: /opt/svace - before: install -shell: - beforeInstall: - {{- include "alt packages proxy" . | nindent 2 }} - - | - apt-get install -y \ - wget rsync bzip2 golang git binutils make gcc \ - glibc-pthread glibc-devel glibc-devel-static - echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - install: - - | - ln -s /opt/svace/bin/svace /usr/local/bin/svace ---- -image: builder/golang-bookworm-1.23/svace -final: false -fromImage: builder/golang-bookworm-1.23 -import: -- image: {{ $.ImageName }}-download - add: /opt/svace - to: /opt/svace - before: install -shell: - beforeInstall: - {{- include "debian packages proxy" . | nindent 2 }} - - | - apt-get install -y \ - bzip2 rsync - mkdir -p /root/.ssh - echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - install: - - | - ln -s /opt/svace/bin/svace /usr/local/bin/svace diff --git a/images/virt-api/werf.inc.yaml b/images/virt-api/werf.inc.yaml index db384f716f..a6183e39b4 100644 --- a/images/virt-api/werf.inc.yaml +++ b/images/virt-api/werf.inc.yaml @@ -1,14 +1,14 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-binaries/ to: /usr/bin includePaths: - virt-api before: setup -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-config-files/ to: /etc includePaths: diff --git a/images/virt-artifact/werf.inc.yaml b/images/virt-artifact/werf.inc.yaml index 60ad5a3a93..aea1f29d5b 100644 --- a/images/virt-artifact/werf.inc.yaml +++ b/images/virt-artifact/werf.inc.yaml @@ -1,9 +1,23 @@ --- # Source https://github.com/kubevirt/kubevirt/blob/v1.3.1/hack/dockerized#L15 {{- $version := "v1.3.1" }} -{{- $tag := print $version "-v12n.2"}} +{{- $tag := print $version "-v12n.1"}} +--- +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact +final: false +fromImage: builder/src +secrets: +- id: SOURCE_REPO + value: {{ $.SOURCE_REPO }} +shell: + install: + - | + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/deckhouse/3p-kubevirt --branch {{ $tag }} /kubevirt + +--- -{{- $name := print $.ImageName "-dependencies" -}} +{{- $name := print .ImageName "-dependencies" -}} {{- define "$name" -}} packages: - git @@ -25,15 +39,23 @@ packages: {{ $virtArtifactDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: false -fromImage: base-alt-p11{{ $.SVACE_IMAGE_SUFFIX }} +{{- $baseAltP11 := printf "%sbase-alt-p11" .ModuleNamePrefix }} +fromImage: {{ eq $.SVACE_ENABLED "false" | ternary $baseAltP11 "builder/alt-go-svace" }} +import: +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact + add: /kubevirt + to: /kubevirt + before: install mount: - fromPath: ~/go-pkg-cache to: /go/pkg secrets: - id: SOURCE_REPO value: {{ $.SOURCE_REPO }} +- id: GOPROXY + value: {{ .GOPROXY }} shell: beforeInstall: {{- include "alt packages proxy" . | nindent 2 }} @@ -45,13 +67,12 @@ shell: install: - | - mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config - git config --global --add advice.detachedHead false - git clone --depth=1 $(cat /run/secrets/SOURCE_REPO)/deckhouse/3p-kubevirt --branch {{ $tag }} /kubevirt - cd /kubevirt - go mod download - go get github.com/opencontainers/runc@v1.1.14 - go get github.com/containers/common@v0.60.4 + export GOPROXY=$(cat /run/secrets/GOPROXY) + mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config + cd /kubevirt + go mod download + go get github.com/opencontainers/runc@v1.1.14 + go get github.com/containers/common@v0.60.4 - | echo Download Go modules. diff --git a/images/virt-controller/werf.inc.yaml b/images/virt-controller/werf.inc.yaml index 7380f31c32..7eef10eecc 100644 --- a/images/virt-controller/werf.inc.yaml +++ b/images/virt-controller/werf.inc.yaml @@ -1,14 +1,14 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-binaries/ to: /usr/bin includePaths: - virt-controller before: setup -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-config-files/ to: /etc includePaths: diff --git a/images/virt-handler/werf.inc.yaml b/images/virt-handler/werf.inc.yaml index f40e4f9129..5aadbfd9eb 100644 --- a/images/virt-handler/werf.inc.yaml +++ b/images/virt-handler/werf.inc.yaml @@ -1,8 +1,8 @@ --- -image: {{ $.ImageName }} -fromImage: distroless +image: {{ .ModuleNamePrefix }}{{ .ImageName }} +fromImage: {{ .ModuleNamePrefix }}distroless import: -- image: {{ $.ImageName }}-bins +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins add: /relocate to: / after: install @@ -15,7 +15,7 @@ import: includePaths: - usr/bin/cp - usr/bin/coreutils -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-binaries/ to: /usr/bin after: install @@ -23,19 +23,17 @@ import: - virt-chroot - virt-handler - container-disk -- image: virt-artifact - add: /kubevirt/cmd/{{ $.ImageName }}/ - to: / +- image: {{ .ModuleNamePrefix }}virt-artifact + add: /kubevirt/cmd/{{ $.ImageName }}/virt_launcher.cil + to: /virt_launcher.cil after: install - includePaths: - - virt_launcher.cil -- image: virt-artifact - add: /kubevirt-config-files/ - to: / +- image: {{ .ModuleNamePrefix }}virt-artifact + add: /kubevirt-config-files/.version + to: /.version after: install includePaths: - .version -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt/cmd/{{ $.ImageName }}/ to: /etc after: install @@ -54,6 +52,7 @@ packages: - libnftnl - libjansson4 binaries: +- /usr/bin/findmnt - /usr/bin/getfacl - /usr/bin/setfacl - /usr/sbin/nft @@ -66,9 +65,9 @@ binaries: {{ $virtHandlerDependencies := include "$name" . | fromYaml }} -image: {{ $.ImageName }}-bins +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-bins final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries import: - image: tools/util-linux add: / @@ -77,19 +76,19 @@ import: includePaths: - bin/mount - bin/umount -- image: packages/binaries/xorriso +- image: {{ .ModuleNamePrefix }}packages/binaries/xorriso add: /xorriso to: /xorriso before: install -- image: packages/binaries/nftables +- image: {{ .ModuleNamePrefix }}packages/binaries/nftables add: /nftables to: /nftables before: install -- image: packages/binaries/acl +- image: {{ .ModuleNamePrefix }}packages/binaries/acl add: /acl to: /acl before: install -- image: qemu +- image: {{ .ModuleNamePrefix }}qemu add: /qemu-img to: /relocate before: setup diff --git a/images/virt-launcher/werf.inc.yaml b/images/virt-launcher/werf.inc.yaml index f2097e9fff..6f0e7f6626 100644 --- a/images/virt-launcher/werf.inc.yaml +++ b/images/virt-launcher/werf.inc.yaml @@ -1,9 +1,9 @@ --- -image: {{ $.ImageName }} +image: {{ .ModuleNamePrefix }}{{ .ImageName }} final: true -fromImage: distroless +fromImage: {{ .ModuleNamePrefix }}distroless import: - - image: {{ $.ImageName }}-binaries + - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-binaries add: /relocate to: / after: install @@ -153,12 +153,12 @@ binaries: {{- $gitRepoName := "libvirt" }} {{- $version := get $.Version $gitRepoName }} -image: {{ $.ImageName }}-binaries +image: {{ .ModuleNamePrefix }}{{ .ImageName }}-binaries final: false -fromImage: base-alt-p11-binaries +fromImage: {{ .ModuleNamePrefix }}base-alt-p11-binaries git: # Add qemu and virtqemud configs - - add: /images/{{ $.ImageName }}/configs + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }}/configs to: /relocate/etc/libvirt stageDependencies: setup: @@ -167,7 +167,7 @@ git: includePaths: - qemu.conf - virtqemud.conf - - add: /images/{{ $.ImageName }}/configs + - add: {{ .ModulePathPrefix }}/images/{{ $.ImageName }}/configs to: /relocate/etc stageDependencies: setup: @@ -176,21 +176,21 @@ git: - nsswitch.conf import: # Libvirt and QEMU libraries and binaries -- image: libvirt +- image: {{ .ModuleNamePrefix }}libvirt add: /BINS to: /libvirt-bins before: install -- image: qemu +- image: {{ .ModuleNamePrefix }}qemu add: /BINS to: /qemu-bins before: install -- image: packages/binaries/dmidecode +- image: {{ .ModuleNamePrefix }}packages/binaries/dmidecode add: /dmidecode to: /dmidecode before: install # EDK2 (uefi firmware) -- image: edk2 +- image: {{ .ModuleNamePrefix }}edk2 add: /FIRMWARE/ to: /relocate/usr/share/edk2/ovmf before: install @@ -199,7 +199,7 @@ import: - '*.bin' - '*.efi' - '*.iso' -- image: edk2 +- image: {{ .ModuleNamePrefix }}edk2 add: /FIRMWARE/ to: /relocate/usr/share/qemu/firmware before: install @@ -207,14 +207,12 @@ import: - '*.json' # Import from virt artifact -- image: virt-artifact - add: /kubevirt-config-files/ - to: / +- image: {{ .ModuleNamePrefix }}virt-artifact + add: /kubevirt-config-files/.version + to: /.version after: install - includePaths: - - .version -- image: virt-artifact +- image: {{ .ModuleNamePrefix }}virt-artifact add: /kubevirt-binaries/ to: /relocate/usr/bin before: setup @@ -225,7 +223,7 @@ import: - virt-launcher-monitor - virt-probe - virt-tail -- image: {{ $.ImageName }}-gobuilder +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-gobuilder add: /binaries to: /relocate/usr/bin before: setup @@ -233,31 +231,38 @@ import: - node-labeller - vlctl -- image: packages/binaries/swtpm +- image: {{ .ModuleNamePrefix }}packages/binaries/swtpm add: /swtpm to: /swtpm before: install -- image: packages/binaries/numactl +- image: {{ .ModuleNamePrefix }}packages/binaries/numactl add: /numactl to: /numactl before: install -- image: packages/binaries/xorriso +- image: {{ .ModuleNamePrefix }}packages/binaries/xorriso add: /xorriso to: /xorriso before: install -- image: packages/binaries/gnutls +- image: {{ .ModuleNamePrefix }}packages/binaries/gnutls add: /gnutls to: /gnutls before: install -- image: packages/binaries/acl +- image: {{ .ModuleNamePrefix }}packages/binaries/acl add: /acl to: /acl before: install +- image: {{ .ModuleNamePrefix }}packages/binaries/libtpms + add: /libtpms + to: /libtpms + before: install + includePaths: + - usr/lib64/*.so + - usr/lib64/*.so.* # Statically builded -- image: packages/binaries/openssl +- image: {{ .ModuleNamePrefix }}packages/binaries/openssl add: /openssl to: /relocate after: setup @@ -281,7 +286,7 @@ import: - usr/bin/coreutils -- image: {{ $.ImageName }}-cbuilder +- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder add: /bins to: /relocate/usr/bin before: setup @@ -293,19 +298,6 @@ shell: - | apt-get install -y {{ $virtLauncherDependencies.libs | join " " }} {{ $virtLauncherDependencies.packages | join " " }} - {{ if not $.DistroPackagesProxy }} - REPO_URL=http://ftp.altlinux.org/pub/distributions - {{- else }} - REPO_URL=http://{{ $.DistroPackagesProxy }}/repository/archive-ALT-Linux-APT-Repository - {{- end }} - # libtpms libtpms-devel require version 0.10 that in sisyphus repo - cat >/etc/apt/sources.list.d/alt-sisyphus.list<" .Values.virtualization }} +{{- if eq $dockercfg "" }} +{{- $dockercfg = .Values.global.modulesImages.registry.dockercfg }} +{{- end }} --- apiVersion: v1 kind: Secret @@ -7,5 +12,5 @@ metadata: {{- include "helm_lib_module_labels" (list .) | nindent 2 }} type: kubernetes.io/dockerconfigjson data: - .dockerconfigjson: {{ .Values.virtualization.registry.dockercfg }} + .dockerconfigjson: {{ $dockercfg | quote }} diff --git a/werf-giterminism.yaml b/werf-giterminism.yaml index b5040b3b48..a397046527 100644 --- a/werf-giterminism.yaml +++ b/werf-giterminism.yaml @@ -1,8 +1,9 @@ giterminismConfigVersion: 1 config: - goTemplateRendering: # The rules for the Go-template functions + goTemplateRendering: # The rules for the Go-template functions allowEnvVariables: - /CI_.+/ + - GOPROXY - MODULES_MODULE_TAG - SOURCE_REPO - SOURCE_REPO_GIT @@ -19,6 +20,7 @@ config: secrets: allowValueIds: - SOURCE_REPO + - GOPROXY helm: allowUncommittedFiles: - "Chart.lock" diff --git a/werf.yaml b/werf.yaml index 29b1671442..5cb0a1267e 100644 --- a/werf.yaml +++ b/werf.yaml @@ -24,28 +24,28 @@ build: # Define packages proxy settings {{- $_ := set . "DistroPackagesProxy" (env "DISTRO_PACKAGES_PROXY" "") }} -# Component versions -{{ $_ := set . "Version" dict }} -{{ $_ := set . "Packages" dict }} -{{- $versions_ctx := (.Files.Get "component_versions/version_map.yml" | fromYaml) }} - # svace analyze toggler {{- $_ := set . "SVACE_ENABLED" (env "SVACE_ENABLED" "false") }} +{{- $_ := set . "SVACE_ANALYZE_HOST" (env "SVACE_ANALYZE_HOST" "example.host") }} +{{- $_ := set . "SVACE_ANALYZE_SSH_USER" (env "SVACE_ANALYZE_SSH_USER" "user") }} -{{- $_ := set . "SVACE_IMAGE_SUFFIX" "" }} -{{- if ne .SVACE_ENABLED "false" }}{{ $_ := set . "SVACE_IMAGE_SUFFIX" "/svace" }}{{ end }} +# Component versions +{{ include "Versions" . }} -{{- $_ := set . "SVACE_ANALYZE_HOST" (env "SVACE_ANALYZE_HOST" "example.host") }} +{{/* +{{ $_ := set . "Version" dict }} +{{ $_ := set . "Package" dict }} +{{- $versions_ctx := (.Files.Get "component_versions/version_map.yml" | fromYaml) }} -{{- $_ := set . "SVACE_ANALYZE_SSH_USER" (env "SVACE_ANALYZE_SSH_USER" "user") }} {{- range $k, $v := $versions_ctx.firmware }} {{- $_ := set $.Version $k $v}} {{- end }} {{- range $k, $v := $versions_ctx.package }} - {{- $_ := set $.Packages $k $v}} + {{- $_ := set $.Package $k $v}} {{- end }} +*/}} {{- $_ := set $ "ImagesIDList" list }} @@ -53,7 +53,6 @@ build: {{- tpl $content $ }} {{- end }} - --- image: images-digests fromImage: builder/alpine @@ -84,7 +83,11 @@ shell: cat images_digests.json --- image: python-dependencies +{{- if not .ModuleName }} fromImage: BASE_ALT_P11 +{{- else }} +fromImage: builder/alt +{{- end }} fromCacheVersion: "2025-28-05.1" git: - add: /lib/python/requirements.txt