From 10333def057a6e478067ad50afe6c5e4e17c1356 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= <66256922+daniel-weisse@users.noreply.github.com> Date: Mon, 23 May 2022 10:35:14 +0200 Subject: [PATCH] Fedora build instructions && and more reproducible builds (#166) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add Fedora build requirements * Move cmake builds into docker * Add Docker to requirements Signed-off-by: Daniel Weiße Co-authored-by: Malte Poll --- .github/workflows/build-coordinator.yml | 1 + CMakeLists.txt | 22 ++++++++++++------ Dockerfile.build | 31 +++++++++++++++++++------ README.md | 16 +++++++++---- 4 files changed, 52 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build-coordinator.yml b/.github/workflows/build-coordinator.yml index f1754ba17..0a2c6c0fd 100644 --- a/.github/workflows/build-coordinator.yml +++ b/.github/workflows/build-coordinator.yml @@ -44,6 +44,7 @@ jobs: push: false cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + target: coordinator-hashed # This ugly bit is necessary if you don't want your cache to grow forever # till it hits GitHub's limit of 5GB. diff --git a/CMakeLists.txt b/CMakeLists.txt index 3a1246629..ec48a961e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,8 +7,9 @@ enable_testing() # core-os disk-mapper # add_custom_target(disk-mapper ALL - go build -o ${CMAKE_BINARY_DIR}/disk-mapper -ldflags "-s -w" - WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/state/cmd + DOCKER_BUILDKIT=1 docker build -o ${CMAKE_BINARY_DIR} -f Dockerfile.build --target disk-mapper . + WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} + BYPRODUCTS disk-mapper ) # @@ -16,8 +17,10 @@ add_custom_target(disk-mapper ALL # add_custom_target(coordinator ALL - go build -o ${CMAKE_BINARY_DIR} -tags=gcp,disable_tpm_simulator -buildvcs=false -ldflags "-s -w -buildid='' -X main.version=${PROJECT_VERSION}" - WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator) + DOCKER_BUILDKIT=1 docker build -o ${CMAKE_BINARY_DIR} --build-arg PROJECT_VERSION=${PROJECT_VERSION} -f Dockerfile.build --target coordinator . + WORKING_DIRECTORY ${CMAKE_SOURCE_DIR} + BYPRODUCTS coordinator +) # @@ -26,15 +29,20 @@ add_custom_target(coordinator ALL add_custom_target(cli ALL CGO_ENABLED=0 go build -o ${CMAKE_BINARY_DIR}/constellation -buildvcs=false -tags=gcp -ldflags "-buildid='' -X github.com/edgelesssys/constellation/internal/constants.CliVersion=${PROJECT_VERSION}" - WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/cli) + WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/cli + BYPRODUCTS constellation +) # # testing / debugging # -add_custom_target(debug_coordinator ALL +add_custom_target(debug_coordinator go build -o ${CMAKE_BINARY_DIR}/debug_coordinator -buildvcs=false -ldflags "-buildid='' -X main.version=${PROJECT_VERSION}" - WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator) + WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/coordinator/cmd/coordinator + BYPRODUCTS debug_coordinator +) + add_test(NAME unittest COMMAND go test -race -count=3 ./... WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}) add_test(NAME integrationtest COMMAND go test -v -tags integration ./test/ WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}) diff --git a/Dockerfile.build b/Dockerfile.build index 217c85e8a..5b9cd6864 100644 --- a/Dockerfile.build +++ b/Dockerfile.build @@ -1,7 +1,7 @@ FROM fedora@sha256:36af84ba69e21c9ef86a0424a090674c433b2b80c2462e57503886f1d823abe8 as build RUN dnf -y update && \ - dnf -y install @development-tools pkg-config cmake iproute iputils wget git jq openssl-devel cryptsetup-libs cryptsetup-devel && \ + dnf -y install @development-tools pkg-config iproute iputils wget git jq openssl-devel cryptsetup-libs cryptsetup-devel && \ dnf clean all # Install Go @@ -15,17 +15,34 @@ ENV PATH ${PATH}:/usr/local/go/bin WORKDIR /constellation/ COPY go.mod ./ COPY go.sum ./ +COPY go.work ./ +COPY go.work.sum ./ +COPY hack/go.mod ./hack/go.mod +COPY hack/go.sum ./hack/go.sum RUN go mod download all # Copy Repo COPY . /constellation -# Build -RUN mkdir -p /constellation/build -WORKDIR /constellation/build -RUN cmake .. && make coordinator +FROM build AS build-coordinator +WORKDIR /constellation/coordinator/ +ARG PROJECT_VERSION +RUN go build -o coordinator -tags=gcp,disable_tpm_simulator -buildvcs=false -ldflags "-s -w -buildid='' -X main.version=${PROJECT_VERSION}" ./cmd/coordinator/ + +FROM build-coordinator AS hash-coordinator RUN mv coordinator coordinator-$(sha512sum coordinator | cut -d " " -f 1) -FROM scratch AS export -COPY --from=build /constellation/build/coordinator-* / +FROM build AS build-disk-mapper +WORKDIR /constellation/state/ + +RUN go build -o disk-mapper -ldflags "-s -w" ./cmd/ + +FROM scratch AS coordinator +COPY --from=build-coordinator /constellation/coordinator/coordinator / + +FROM scratch AS coordinator-hashed +COPY --from=hash-coordinator /constellation/coordinator/coordinator-* / + +FROM scratch AS disk-mapper +COPY --from=build-disk-mapper /constellation/state/disk-mapper / diff --git a/README.md b/README.md index d44730174..4594ef3d8 100644 --- a/README.md +++ b/README.md @@ -31,12 +31,20 @@ Additional repositories: Prerequisites: -* Go 1.18 +* [Go 1.18](https://go.dev/doc/install) +* [Docker](https://docs.docker.com/engine/install/) * Packages on Ubuntu: + ```sh sudo apt install build-essential cmake libssl-dev pkg-config libcryptsetup12 libcryptsetup-dev ``` +* Packages on Fedora: + + ```sh + sudo dnf install @development-tools pkg-config cmake openssl-devel cryptsetup-libs cryptsetup-devel + ``` + ```sh mkdir build cd build @@ -56,9 +64,9 @@ For testing, you can use the constellation debug daemon (debugd) to upload your ## Development Guides -- [Upgrading Kubernetes](/docs/upgrade-kubernetes.md) -- [Local image testing](/docs/local-image-testing.md) +* [Upgrading Kubernetes](/docs/upgrade-kubernetes.md) +* [Local image testing](/docs/local-image-testing.md) ## Deployment Guides -- [Onboarding Customers](/docs/onboarding-customers.md) +* [Onboarding Customers](/docs/onboarding-customers.md)