From 4f6af8d304e9c4f07d4a3000ea7e81b6bc7a076a Mon Sep 17 00:00:00 2001 From: Leonard Cohnen Date: Tue, 19 Apr 2022 12:12:34 +0200 Subject: [PATCH] remove aws image --- .dockerignore | 2 +- .github/workflows/build-ami.yml | 55 -------------- .github/workflows/build-coreos-debug.yml | 2 +- .github/workflows/build-coreos.yml | 2 +- .github/workflows/build-enclave.yml | 74 ------------------- .github/workflows/build-kernel.yml | 36 --------- .../workflows/build-patched-gvisor-proxy.yml | 47 ------------ .gitignore | 19 ++--- {images/fcos => image}/Makefile | 0 {images/fcos => image}/assembler/README.md | 0 {images/fcos => image}/build/.gitkeep | 0 {images/fcos => image}/dependencies/.gitkeep | 0 .../dm-verity/recalculate-dm-verity.sh | 0 {images/fcos => image}/docker.env | 0 {images/fcos => image}/docs/README.md | 0 .../fcos => image}/docs/cloud-providers.md | 0 {images/fcos => image}/images/.gitkeep | 0 {images/fcos => image}/podman.env | 0 {images/fcos => image}/runner/README.md | 0 {images/fcos => image}/runner/cloud-init.txt | 0 .../runner/google-cloud-function.py | 0 21 files changed, 9 insertions(+), 228 deletions(-) delete mode 100644 .github/workflows/build-ami.yml delete mode 100644 .github/workflows/build-enclave.yml delete mode 100644 .github/workflows/build-kernel.yml delete mode 100644 .github/workflows/build-patched-gvisor-proxy.yml rename {images/fcos => image}/Makefile (100%) rename {images/fcos => image}/assembler/README.md (100%) rename {images/fcos => image}/build/.gitkeep (100%) rename {images/fcos => image}/dependencies/.gitkeep (100%) rename {images/fcos => image}/dm-verity/recalculate-dm-verity.sh (100%) rename {images/fcos => image}/docker.env (100%) rename {images/fcos => image}/docs/README.md (100%) rename {images/fcos => image}/docs/cloud-providers.md (100%) rename {images/fcos => image}/images/.gitkeep (100%) rename {images/fcos => image}/podman.env (100%) rename {images/fcos => image}/runner/README.md (100%) rename {images/fcos => image}/runner/cloud-init.txt (100%) rename {images/fcos => image}/runner/google-cloud-function.py (100%) diff --git a/.dockerignore b/.dockerignore index 2fd7f685b..9fc648039 100644 --- a/.dockerignore +++ b/.dockerignore @@ -17,7 +17,7 @@ admin.conf coordinatorConfig.json coordinator-* -/images +/image # Dockerfiles Dockerfile diff --git a/.github/workflows/build-ami.yml b/.github/workflows/build-ami.yml deleted file mode 100644 index 77667fd18..000000000 --- a/.github/workflows/build-ami.yml +++ /dev/null @@ -1,55 +0,0 @@ -name: Build the AMI Template -on: - workflow_dispatch: - workflow_call: - secrets: - AWS_ACCESS_KEY_ID: - required: true - AWS_SECRET_ACCESS_KEY: - required: true - AWS_DEFAULT_REGION: - required: true - BUCKET_NAME: - required: true - - -jobs: - build-enclave: - name: "Build the AMI" - runs-on: ubuntu-latest - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - working-directory: images/aws/ec2 - steps: - - name: Checkout - id: checkout - uses: actions/checkout@v2 - - - name: Install AWS CLI - id: prepare - run: sudo apt-get update && sudo apt-get -y install awscli - - - name: Download eif - id: download_eif - run: aws s3 cp s3://${{ secrets.BUCKET_NAME }}/eif/ ${{ github.workspace }}/${{ env.working-directory }}/ --recursive --quiet - - - name: Download gvproxy - id: download_gvproxy - run: aws s3 cp s3://${{ secrets.BUCKET_NAME }}/gvproxy/gvproxy ${{ github.workspace }}/${{ env.working-directory }}/ --quiet - - - name: Install build dependencies - run: sudo apt-get -y install packer - - - name: Init packer - run: packer init . - working-directory: ${{ env.working-directory }} - - - name: Validate packer - run: packer validate -syntax-only . - working-directory: ${{ env.working-directory }} - - - name: Build packer - run: packer build -color=false . - working-directory: ${{ env.working-directory }} diff --git a/.github/workflows/build-coreos-debug.yml b/.github/workflows/build-coreos-debug.yml index 70956e5bc..f04643b3a 100644 --- a/.github/workflows/build-coreos-debug.yml +++ b/.github/workflows/build-coreos-debug.yml @@ -14,7 +14,7 @@ jobs: run: shell: bash env: - working-directory: ${{ github.workspace }}/images/fcos + working-directory: ${{ github.workspace }}/image SHELL: /bin/bash GOPATH: /home/github-actions-runner-user/go GOCACHE: /home/github-actions-runner-user/.cache/go-build diff --git a/.github/workflows/build-coreos.yml b/.github/workflows/build-coreos.yml index a1c8af42b..43917cd9b 100644 --- a/.github/workflows/build-coreos.yml +++ b/.github/workflows/build-coreos.yml @@ -42,7 +42,7 @@ jobs: run: shell: bash env: - working-directory: ${{ github.workspace }}/images/fcos + working-directory: ${{ github.workspace }}/image SHELL: /bin/bash steps: - name: Checkout diff --git a/.github/workflows/build-enclave.yml b/.github/workflows/build-enclave.yml deleted file mode 100644 index e50d3edf4..000000000 --- a/.github/workflows/build-enclave.yml +++ /dev/null @@ -1,74 +0,0 @@ -name: Build and Upload the Enclave Image File -on: - workflow_dispatch: - inputs: - coordinator-name: - description: Coordinator name - required: true - type: string - - workflow_call: - inputs: - coordinator-name: - required: true - type: string - - secrets: - CI_GITHUB_REPOSITORY: - required: true - AWS_ACCESS_KEY_ID: - required: true - AWS_SECRET_ACCESS_KEY: - required: true - AWS_DEFAULT_REGION: - required: true - BUCKET_NAME: - required: true - PUBLIC_BUCKET_NAME: - required: true - SSH_PUB_KEY: - required: true - - -jobs: - build-enclave: - name: "Build the Enclave" - runs-on: ubuntu-latest - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - steps: - - name: Checkout - id: checkout - uses: actions/checkout@v2 - with: - submodules: recursive - token: ${{ secrets.CI_GITHUB_REPOSITORY }} - - - name: Install AWS CLI - id: prepare - run: sudo apt-get update && sudo apt-get -y install awscli - - - name: Download bzImage, init and nsm.ko to AWS S3 Bucket - id: download-artifacts - run: aws s3 cp s3://${{ secrets.BUCKET_NAME }}/blobs/ ${{ github.workspace }}/images/aws/enclave/userland/dependencies/blobs/ --recursive - - - name: Download Coordinator - id: download-coordinator - run: aws s3 cp s3://${{ secrets.PUBLIC_BUCKET_NAME }}/coordinator/${{ inputs.coordinator-name }}${{ github.event.inputs.coordinator-name }} ${{ github.workspace }}/images/aws/enclave/userland/build/coordinator - - - name: Write ssh public key to file - run: echo $SSH_PUB_KEY >> ${{ env.SSH_PUB_KEY_PATH }} && chmod 644 ${{ env.SSH_PUB_KEY_PATH }} - env: - SSH_PUB_KEY: ${{ secrets.SSH_PUB_KEY }} - SSH_PUB_KEY_PATH: ~/authorized_keys - - - name: Build the eif file - run: make -j$(nproc) SSH_DIR=~/ -C ${{ github.workspace }}/images/aws/enclave/ - - - name: Upload eif file to AWS S3 Bucket - id: upload - run: aws s3 cp ${{ github.workspace }}/images/aws/enclave/userland/build/ s3://${{ secrets.BUCKET_NAME }}/eif/ --recursive --exclude "*" --include "*.eif" --quiet - - diff --git a/.github/workflows/build-kernel.yml b/.github/workflows/build-kernel.yml deleted file mode 100644 index 90f106770..000000000 --- a/.github/workflows/build-kernel.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Build the Kernel -on: - push: - branches: - - main - paths: - - 'kernel/**' - workflow_dispatch: -jobs: - compile-and-upload-kernel: - name: "Compile and upload the Kernel" - runs-on: ubuntu-latest - steps: - - name: Install build dependencies - id: install - run: sudo apt-get update && sudo apt-get install -y git build-essential fakeroot libncurses5-dev libssl-dev ccache bison flex libelf-dev dwarves - - - name: Checkout - id: checkout - uses: actions/checkout@v2 - - - name: Compile using make - id: compile - run: make -C ${{ github.workspace }}/images/aws/kernel/ - - - name: Install AWS CLI - id: prepare - run: sudo apt-get -y install awscli - - - name: Upload bzImage, init and nsm.ko to AWS S3 Bucket - id: upload - run: aws s3 cp ${{ github.workspace }}/images/aws/kernel/build/blobs/ s3://${{ secrets.BUCKET_NAME }}/blobs/ --recursive --quiet - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} diff --git a/.github/workflows/build-patched-gvisor-proxy.yml b/.github/workflows/build-patched-gvisor-proxy.yml deleted file mode 100644 index 1af26e587..000000000 --- a/.github/workflows/build-patched-gvisor-proxy.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: Patch gvisor-tap-vsock and Upload to S3 -on: - workflow_dispatch: - inputs: - version: - description: "gvisor version" - required: true - default: 0.3.0 -jobs: - build: - name: "Build" - runs-on: ubuntu-latest - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} - working-directory: ec2 - steps: - - name: Checkout - id: checkout - uses: actions/checkout@v2 - - - name: Prepare Download - id: prepare - run: sudo apt-get update && sudo apt-get -y install wget tar make - - - name: Download and unpack sources - id: unpack - run: wget -c https://github.com/containers/gvisor-tap-vsock/archive/refs/tags/v${{ github.event.inputs.version }}.tar.gz -O - | tar xz - working-directory: ${{ github.workspace }} - - - name: Install go - uses: actions/setup-go@v2 - with: - go-version: go1.17.6 - - - name: Patch source code - run: patch --ignore-whitespace ${{ github.workspace }}/gvisor-tap-vsock-${{ github.event.inputs.version }}/pkg/services/forwarder/tcp.go < ${{ github.workspace }}/images/aws/ec2/patches/remove_link_local.patch - working-directory: ${{ env.working-directory }} - - - name: Build gvisor - id: build - run: make -C ${{ github.workspace }}/gvisor-tap-vsock-${{ github.event.inputs.version }}/ - - - name: Upload gvproxy - id: upload_gvproxy - run: aws s3 cp ${{ github.workspace }}/gvisor-tap-vsock-${{ github.event.inputs.version }}/bin/gvproxy s3://${{ secrets.BUCKET_NAME }}/gvproxy/gvproxy --quiet diff --git a/.gitignore b/.gitignore index 0856fe2e3..6f4140490 100644 --- a/.gitignore +++ b/.gitignore @@ -25,16 +25,9 @@ util/pcr-reader/pcrs/ # Debug and testing files debug/ -# Images -images/aws/kernel/build/* -images/aws/kernel/sed* -images/aws/enclave/userland/build/* -images/aws/enclave/userland/dependencies/blobs/* -images/aws/enclave/userland/privatekey -images/aws/enclave/userland/publickey -images/aws/enclave/.build-* -images/*.ign -images/fcos/build/* -images/fcos/dependencies/coordinator -images/fcos/images/* -images/fcos/cosa.lock +# Image +image/*.ign +image/build/* +image/dependencies/coordinator +image/images/* +image/cosa.lock diff --git a/images/fcos/Makefile b/image/Makefile similarity index 100% rename from images/fcos/Makefile rename to image/Makefile diff --git a/images/fcos/assembler/README.md b/image/assembler/README.md similarity index 100% rename from images/fcos/assembler/README.md rename to image/assembler/README.md diff --git a/images/fcos/build/.gitkeep b/image/build/.gitkeep similarity index 100% rename from images/fcos/build/.gitkeep rename to image/build/.gitkeep diff --git a/images/fcos/dependencies/.gitkeep b/image/dependencies/.gitkeep similarity index 100% rename from images/fcos/dependencies/.gitkeep rename to image/dependencies/.gitkeep diff --git a/images/fcos/dm-verity/recalculate-dm-verity.sh b/image/dm-verity/recalculate-dm-verity.sh similarity index 100% rename from images/fcos/dm-verity/recalculate-dm-verity.sh rename to image/dm-verity/recalculate-dm-verity.sh diff --git a/images/fcos/docker.env b/image/docker.env similarity index 100% rename from images/fcos/docker.env rename to image/docker.env diff --git a/images/fcos/docs/README.md b/image/docs/README.md similarity index 100% rename from images/fcos/docs/README.md rename to image/docs/README.md diff --git a/images/fcos/docs/cloud-providers.md b/image/docs/cloud-providers.md similarity index 100% rename from images/fcos/docs/cloud-providers.md rename to image/docs/cloud-providers.md diff --git a/images/fcos/images/.gitkeep b/image/images/.gitkeep similarity index 100% rename from images/fcos/images/.gitkeep rename to image/images/.gitkeep diff --git a/images/fcos/podman.env b/image/podman.env similarity index 100% rename from images/fcos/podman.env rename to image/podman.env diff --git a/images/fcos/runner/README.md b/image/runner/README.md similarity index 100% rename from images/fcos/runner/README.md rename to image/runner/README.md diff --git a/images/fcos/runner/cloud-init.txt b/image/runner/cloud-init.txt similarity index 100% rename from images/fcos/runner/cloud-init.txt rename to image/runner/cloud-init.txt diff --git a/images/fcos/runner/google-cloud-function.py b/image/runner/google-cloud-function.py similarity index 100% rename from images/fcos/runner/google-cloud-function.py rename to image/runner/google-cloud-function.py