Fedora build instructions && and more reproducible builds (#166)

* Add Fedora build requirements

* Move cmake builds into docker

* Add Docker to requirements

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Co-authored-by: Malte Poll <mp@edgeless.systems>

.github/workflows/build-coordinator.yml

@@ -44,6 +44,7 @@ jobs:
           push: false
           cache-from: type=local,src=/tmp/.buildx-cache
           cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+          target: coordinator-hashed
 
       # This ugly bit is necessary if you don't want your cache to grow forever
       # till it hits GitHub's limit of 5GB.

CMakeLists.txt

@@ -7,8 +7,9 @@ enable_testing()
 # core-os disk-mapper
 #
 add_custom_target(disk-mapper ALL
-  go build -o ${CMAKE_BINARY_DIR}/disk-mapper -ldflags "-s -w"
-  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/state/cmd
+  DOCKER_BUILDKIT=1 docker build -o ${CMAKE_BINARY_DIR} -f Dockerfile.build --target disk-mapper .
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+  BYPRODUCTS disk-mapper
 )
 
 #
@@ -16,8 +17,10 @@ add_custom_target(disk-mapper ALL
 #
 
 add_custom_target(coordinator ALL
-  go build -o ${CMAKE_BINARY_DIR} -tags=gcp,disable_tpm_simulator -buildvcs=false -ldflags "-s -w -buildid='' -X main.version=${PROJECT_VERSION}"
-  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator)
+  DOCKER_BUILDKIT=1 docker build -o ${CMAKE_BINARY_DIR} --build-arg PROJECT_VERSION=${PROJECT_VERSION} -f Dockerfile.build --target coordinator .
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+  BYPRODUCTS coordinator
+)
 
 
 #
@@ -26,15 +29,20 @@ add_custom_target(coordinator ALL
 
 add_custom_target(cli ALL
   CGO_ENABLED=0 go build -o ${CMAKE_BINARY_DIR}/constellation -buildvcs=false -tags=gcp -ldflags "-buildid='' -X github.com/edgelesssys/constellation/internal/constants.CliVersion=${PROJECT_VERSION}"
-  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/cli)
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/cli
+  BYPRODUCTS constellation
+)
 
 #
 # testing / debugging
 #
 
-add_custom_target(debug_coordinator ALL
+add_custom_target(debug_coordinator
   go build -o ${CMAKE_BINARY_DIR}/debug_coordinator -buildvcs=false -ldflags "-buildid='' -X main.version=${PROJECT_VERSION}"
-  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator)
+  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator
+  BYPRODUCTS debug_coordinator
+)
+
 
 add_test(NAME unittest COMMAND go test -race -count=3 ./... WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})
 add_test(NAME integrationtest COMMAND go test -v -tags integration ./test/  WORKING_DIRECTORY ${CMAKE_SOURCE_DIR})

Dockerfile.build

@@ -1,7 +1,7 @@
 FROM fedora@sha256:36af84ba69e21c9ef86a0424a090674c433b2b80c2462e57503886f1d823abe8 as build
 
 RUN dnf -y update && \
-    dnf -y install @development-tools pkg-config cmake iproute iputils wget git jq openssl-devel cryptsetup-libs cryptsetup-devel && \
+    dnf -y install @development-tools pkg-config iproute iputils wget git jq openssl-devel cryptsetup-libs cryptsetup-devel && \
     dnf clean all
 
 # Install Go
@@ -15,17 +15,34 @@ ENV PATH ${PATH}:/usr/local/go/bin
 WORKDIR /constellation/
 COPY go.mod ./
 COPY go.sum ./
+COPY go.work ./
+COPY go.work.sum ./
+COPY hack/go.mod ./hack/go.mod
+COPY hack/go.sum ./hack/go.sum
 RUN go mod download all
 
 # Copy Repo
 COPY . /constellation
 
-# Build
-RUN mkdir -p /constellation/build
-WORKDIR /constellation/build
-RUN cmake .. && make coordinator
+FROM build AS build-coordinator
+WORKDIR /constellation/coordinator/
 
+ARG PROJECT_VERSION
+RUN go build -o coordinator -tags=gcp,disable_tpm_simulator -buildvcs=false -ldflags "-s -w -buildid='' -X main.version=${PROJECT_VERSION}" ./cmd/coordinator/
+
+FROM build-coordinator AS hash-coordinator
 RUN mv coordinator coordinator-$(sha512sum coordinator | cut -d " " -f 1)
 
-FROM scratch AS export
-COPY --from=build /constellation/build/coordinator-* /
+FROM build AS build-disk-mapper
+WORKDIR /constellation/state/
+
+RUN go build -o disk-mapper -ldflags "-s -w" ./cmd/
+
+FROM scratch AS coordinator
+COPY --from=build-coordinator /constellation/coordinator/coordinator /
+
+FROM scratch AS coordinator-hashed
+COPY --from=hash-coordinator /constellation/coordinator/coordinator-* /
+
+FROM scratch AS disk-mapper
+COPY --from=build-disk-mapper /constellation/state/disk-mapper /

README.md

@@ -31,12 +31,20 @@ Additional repositories:
 
 Prerequisites:
 
-* Go 1.18
+* [Go 1.18](https://go.dev/doc/install)
+* [Docker](https://docs.docker.com/engine/install/)
 * Packages on Ubuntu:
+
   ```sh
   sudo apt install build-essential cmake libssl-dev pkg-config libcryptsetup12 libcryptsetup-dev
   ```
 
+* Packages on Fedora:
+
+  ```sh
+  sudo dnf install @development-tools pkg-config cmake openssl-devel cryptsetup-libs cryptsetup-devel
+  ```
+
 ```sh
 mkdir build
 cd build
@@ -56,9 +64,9 @@ For testing, you can use the constellation debug daemon (debugd) to upload your
 
 ## Development Guides
 
-- [Upgrading Kubernetes](/docs/upgrade-kubernetes.md)
-- [Local image testing](/docs/local-image-testing.md)
+* [Upgrading Kubernetes](/docs/upgrade-kubernetes.md)
+* [Local image testing](/docs/local-image-testing.md)
 
 ## Deployment Guides
 
-- [Onboarding Customers](/docs/onboarding-customers.md)
+* [Onboarding Customers](/docs/onboarding-customers.md)