Skip to content

Commit ac811ab

Browse files
authored
Merge pull request #1216 from flatcar/contrib/torcx-deprecation-docker-sysext
Contrib: Deprecate torcx, ship containerd / docker as sysexts
2 parents 4deb3ba + f81bbeb commit ac811ab

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

61 files changed

+438
-1067
lines changed

.github/workflows/ci.yaml

Lines changed: 3 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -100,14 +100,8 @@ jobs:
100100
[ -z "${{ inputs.image_formats }}" ] || IMAGE_FORMATS="${{ inputs.image_formats }}"
101101
echo "IMAGE_FORMATS=${IMAGE_FORMATS}" >> $GITHUB_ENV
102102
103-
# Artifact root for images and torcx tarball as seen from within the container
103+
# Artifact root for images as seen from within the container
104104
echo "CI_CONTAINER_ARTIFACT_ROOT=/home/sdk/trunk/src/scripts/artifacts" >> $GITHUB_ENV
105-
echo "CI_CONTAINER_TORCX_ROOT=/home/sdk/trunk/src/scripts/artifacts/torcx" >> $GITHUB_ENV
106-
mkdir -p artifacts/torcx
107-
108-
# Placeholder URL for run-kola-tests.yaml, "Extract artifacts" step which will replace
109-
# this with its IP address.
110-
echo "TORCX_TESTS_PACKAGE_URL=http://localhost:12345" >> $GITHUB_ENV
111105
112106
if [ -n "${{ inputs.custom_sdk_version }}" ] ; then
113107
echo "CUSTOM_SDK_VERSION=${{ inputs.custom_sdk_version }}" >> $GITHUB_ENV
@@ -146,9 +140,7 @@ jobs:
146140
# which will be re-used by subsequent build steps.
147141
./run_sdk_container -n "${container_name}" -v "${version}" \
148142
-C "${sdk_image}" \
149-
./build_packages --board="${arch}-usr" \
150-
--torcx_output_root="${CI_CONTAINER_TORCX_ROOT}" \
151-
--torcx_extra_pkg_url="${TORCX_TESTS_PACKAGE_URL}"
143+
./build_packages --board="${arch}-usr"
152144
153145
# Create binpkgs tarball for archiving as artifact later
154146
./run_sdk_container -n "${container_name}" \
@@ -193,7 +185,7 @@ jobs:
193185
./run_sdk_container -n "${container_name}" \
194186
./build_image --board="${arch}-usr" --group="${channel}" \
195187
--output_root="${CI_CONTAINER_ARTIFACT_ROOT}" \
196-
--torcx_root="${CI_CONTAINER_TORCX_ROOT}" prodtar container
188+
prodtar container
197189
198190
- name: Generate reports
199191
shell: bash
@@ -291,12 +283,6 @@ jobs:
291283
mv * ../../images/
292284
)
293285
294-
# create a tarball for torcx package + JSON file because upload-artifacts cannot handle filenames containing colons
295-
# (such as "docker:20.10.torcx.tgz")
296-
mv artifacts/torcx/${arch}-usr/latest/torcx_manifest.json artifacts/torcx/pkgs/
297-
tar -C artifacts/torcx/pkgs/ -cvf torcx.tar .
298-
299-
300286
- name: Upload binpkgs
301287
uses: actions/upload-artifact@v3
302288
with:
@@ -336,14 +322,6 @@ jobs:
336322
path: |
337323
scripts/artifacts/images/flatcar_developer_container*
338324
339-
- name: Upload torcx tarball
340-
uses: actions/upload-artifact@v3
341-
with:
342-
retention-days: 7
343-
name: ${{ matrix.arch }}-torcx
344-
path: |
345-
scripts/torcx.tar
346-
347325
- name: Upload reports
348326
uses: actions/upload-artifact@v3
349327
with:

.github/workflows/containerd-apply-patch.sh

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,21 +28,13 @@ git mv "${containerdEbuildOldSymlink}" "${containerdEbuildNewSymlink}"
2828
sed -i "s/CONTAINERD_COMMIT=\"\(.*\)\"/CONTAINERD_COMMIT=\"${COMMIT_HASH}\"/g" "${containerdEbuildMain}"
2929
sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" "${containerdEbuildMain}"
3030

31-
32-
DOCKER_VERSION=$(sed -n "s/^DIST docker-\([0-9]*\.[0-9]*\.[0-9]*\).*/\1/p" app-containers/docker/Manifest | sort -ruV | head -n1)
33-
# torcx ebuild file has a docker version with only major and minor versions, like 19.03.
34-
versionTorcx=${DOCKER_VERSION%.*}
35-
torcxEbuildFile=$(get_ebuild_filename app-torcx/docker "${versionTorcx}")
36-
sed -i "s/containerd-${VERSION_OLD}/containerd-${VERSION_NEW}/g" "${torcxEbuildFile}"
37-
3831
popd
3932

4033
URL="https://github.com/containerd/containerd/releases/tag/v${VERSION_NEW}"
4134

4235
generate_update_changelog 'containerd' "${VERSION_NEW}" "${URL}" 'containerd'
4336

44-
commit_changes app-containers/containerd "${VERSION_OLD}" "${VERSION_NEW}" \
45-
app-torcx/docker
37+
commit_changes app-containers/containerd "${VERSION_OLD}" "${VERSION_NEW}"
4638

4739
cleanup_repo
4840

.github/workflows/docker-apply-patch.sh

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,6 @@ git mv "${cliEbuildOld}" "${cliEbuildNew}"
3333
sed -i "s/GIT_COMMIT=\(.*\)/GIT_COMMIT=${COMMIT_HASH_CLI}/g" "${cliEbuildNew}"
3434
sed -i "s/v${VERSION_OLD}/v${VERSION_NEW}/g" "${cliEbuildNew}"
3535

36-
# torcx ebuild file has a docker version with only major and minor versions, like 19.03.
37-
versionTorcx=${VERSION_OLD%.*}
38-
torcxEbuildFile=$(get_ebuild_filename app-torcx/docker "${versionTorcx}")
39-
sed -i "s/docker-${VERSION_OLD}/docker-${VERSION_NEW}/g" "${torcxEbuildFile}"
40-
sed -i "s/docker-cli-${VERSION_OLD}/docker-cli-${VERSION_NEW}/g" "${torcxEbuildFile}"
41-
4236
# update also docker versions used by the current runc ebuild file.
4337
versionRunc=$(sed -n "s/^DIST runc-\([0-9]*.[0-9]*.*\)\.tar.*/\1/p" app-containers/runc/Manifest | sort -ruV | head -n1)
4438
runcEbuildFile=$(get_ebuild_filename app-containers/runc "${versionRunc}")
@@ -63,7 +57,6 @@ generate_update_changelog 'Docker' "${VERSION_NEW}" "${URL}" 'docker'
6357
regenerate_manifest app-containers/docker-cli "${VERSION_NEW}"
6458
commit_changes app-containers/docker "${VERSION_OLD}" "${VERSION_NEW}" \
6559
app-containers/docker-cli \
66-
app-torcx/docker \
6760
app-containers/runc
6861

6962
cleanup_repo

.github/workflows/run-kola-tests.yaml

Lines changed: 2 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -99,12 +99,6 @@ jobs:
9999
with:
100100
name: ${{ matrix.arch }}-devcontainer
101101

102-
- name: Download torcx tarball
103-
if: ${{ !inputs.workflow_run_id }}
104-
uses: actions/download-artifact@v3
105-
with:
106-
name: ${{ matrix.arch }}-torcx
107-
108102
- name: Download binpkgs from other workflow
109103
uses: gabriel-samfira/action-download-artifact@v5
110104
if: ${{ inputs.workflow_run_id }}
@@ -141,24 +135,15 @@ jobs:
141135
run_id: ${{ inputs.workflow_run_id }}
142136
name: ${{ matrix.arch }}-devcontainer
143137

144-
- name: Download torcx tarball from other workflow
145-
uses: gabriel-samfira/action-download-artifact@v5
146-
if: ${{ inputs.workflow_run_id }}
147-
with:
148-
workflow: ${{ inputs.workflow_name_or_id }}
149-
workflow_conclusion: success
150-
run_id: ${{ inputs.workflow_run_id }}
151-
name: ${{ matrix.arch }}-torcx
152-
153138
- name: Extract artifacts
154139
shell: bash
155140
run: |
156141
exec 2>&1
157142
set -x
158143
set -euo pipefail
159144
160-
# Set up a webserver for devcontainer and torcx tests.
161-
# The respective tests will download devcontainer and torcx tarball via http.
145+
# Set up a webserver for devcontainer tests.
146+
# The respective tests will download devcontainer via http.
162147
# The devcontainer test will then run a build
163148
# which will download and install binpkgs into the dev container.
164149
# For the sake of that test we will serve both via a temporary local web server.
@@ -174,19 +159,6 @@ jobs:
174159
mv flatcar_developer_container* ${TESTS_WEBSERVER_WEBROOT}
175160
tar -C ${TESTS_WEBSERVER_WEBROOT} -xvf binpkgs.tar
176161
177-
tar -C ${TESTS_WEBSERVER_WEBROOT} -xvf torcx.tar
178-
179-
# Move torcx package into plain webroot
180-
# (path consists of <arch>/<packagename>/<checksum>/<packagename>:<version>.torcx.tar.gz)
181-
mv "${TESTS_WEBSERVER_WEBROOT}/${{ matrix.arch }}-usr"/*/*/*.torcx.tgz \
182-
"${TESTS_WEBSERVER_WEBROOT}"
183-
184-
# Update torcx.json's http URL to point to the webserver IP.
185-
# ci.yaml defines the "localhost" placeholder in its "Set Environment" step.
186-
sed -i "s,http://localhost:12345,http://${TESTS_WEBSERVER_IP}:${TESTS_WEBSERVER_PORT}," \
187-
"${TESTS_WEBSERVER_WEBROOT}/torcx_manifest.json"
188-
cat "${TESTS_WEBSERVER_WEBROOT}/torcx_manifest.json"
189-
190162
# Extract the generic image we'll use for qemu tests.
191163
# Note that the qemu[_uefi] tests use the generic image instead of the
192164
# qemu vendor VM image ("Astronaut: [...] Always have been.").
@@ -221,14 +193,6 @@ jobs:
221193
222194
source ci-automation/test.sh
223195
224-
# Provide our own torcx prepare function so we use our local manifest json.
225-
# This is called by test_run below.
226-
function __prepare_torcx() {
227-
shift; shift # no need for arch or vernum
228-
local destdir="$1"
229-
cp "../${TESTS_WEBSERVER_WEBROOT}/torcx_manifest.json" "${destdir}"
230-
}
231-
232196
PARALLEL_ARCH=10
233197
234198
cat > sdk_container/.env <<EOF

.github/workflows/runc-apply-patch.sh

Lines changed: 1 addition & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -36,20 +36,14 @@ sed -i "s/runc-${VERSION_OLD}/runc-${VERSION_NEW}/g" app-containers/containerd/c
3636

3737
dockerVersion=$(sed -n "s/^DIST docker-\([0-9]*.[0-9]*.[0-9]*\).*/\1/p" app-containers/docker/Manifest | sort -ruV | head -n1)
3838

39-
# torcx ebuild file has a docker version with only major and minor versions, like 19.03.
40-
versionTorcx=${dockerVersion%.*}
41-
torcxEbuildFile=$(get_ebuild_filename app-torcx/docker "${versionTorcx}")
42-
sed -i "s/runc-${VERSION_OLD}/runc-${VERSION_NEW}/g" "${torcxEbuildFile}"
43-
4439
popd
4540

4641
URL="https://github.com/opencontainers/runc/releases/tag/v${VERSION_NEW}"
4742

4843
generate_update_changelog 'runc' "${VERSION_NEW}" "${URL}" 'runc'
4944

5045
commit_changes app-containers/runc "${VERSION_OLD}" "${VERSION_NEW}" \
51-
app-containers/containerd \
52-
app-torcx/docker
46+
app-containers/containerd
5347

5448
cleanup_repo
5549

build_image

Lines changed: 3 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -33,10 +33,8 @@ DEFINE_string base_pkg "coreos-base/coreos" \
3333
"The base portage package to base the build off of (only applies to prod images)"
3434
DEFINE_string base_dev_pkg "coreos-base/coreos-dev" \
3535
"The base portage package to base the build off of (only applies to dev containers)"
36-
DEFINE_string torcx_manifest "${DEFAULT_BUILD_ROOT}/torcx/${DEFAULT_BOARD}/latest/torcx_manifest.json" \
37-
"The torcx manifest describing torcx packages for this image (or blank for none)"
38-
DEFINE_string torcx_root "${DEFAULT_BUILD_ROOT}/torcx" \
39-
"Directory in which torcx packages can be found. Will update the default --torcx_manifest if set."
36+
DEFINE_string base_sysexts "containerd-flatcar:app-containers/containerd,docker-flatcar:app-containers/docker" \
37+
"Comma-separated list of name:package - build 'package' into sysext 'name', and include with OS image and update payload. Must be in order of dependencies, base sysexts come first."
4038
DEFINE_string output_root "${DEFAULT_BUILD_ROOT}/images" \
4139
"Directory in which to place image result directories (named by version)"
4240
DEFINE_string disk_layout "" \
@@ -91,11 +89,6 @@ switch_to_strict_mode
9189

9290
check_gsutil_opts
9391

94-
# Patch around default values not being able to depend on other flags.
95-
if [ "x${FLAGS_torcx_manifest}" = "x${DEFAULT_BUILD_ROOT}/torcx/${DEFAULT_BOARD}/latest/torcx_manifest.json" ]; then
96-
FLAGS_torcx_manifest="${FLAGS_torcx_root}/${FLAGS_board}/latest/torcx_manifest.json"
97-
fi
98-
9992
# If downloading packages is enabled ensure the board is configured properly.
10093
if [[ ${FLAGS_getbinpkg} -eq ${FLAGS_TRUE} ]]; then
10194
"${SRC_ROOT}/scripts/setup_board" --board="${FLAGS_board}" \
@@ -110,7 +103,6 @@ fi
110103
. "${BUILD_LIBRARY_DIR}/prod_image_util.sh" || exit 1
111104
. "${BUILD_LIBRARY_DIR}/dev_container_util.sh" || exit 1
112105
. "${BUILD_LIBRARY_DIR}/test_image_content.sh" || exit 1
113-
. "${BUILD_LIBRARY_DIR}/torcx_manifest.sh" || exit 1
114106
. "${BUILD_LIBRARY_DIR}/vm_image_util.sh" || exit 1
115107

116108
PROD_IMAGE=0
@@ -175,7 +167,7 @@ fi
175167

176168
if [[ "${PROD_IMAGE}" -eq 1 ]]; then
177169
IMAGE_BUILD_TYPE="prod"
178-
create_prod_image ${FLATCAR_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group} ${FLAGS_base_pkg}
170+
create_prod_image ${FLATCAR_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group} ${FLAGS_base_pkg} ${FLAGS_base_sysexts}
179171
if [[ ${FLAGS_generate_update} -eq ${FLAGS_TRUE} ]]; then
180172
generate_update "${FLATCAR_PRODUCTION_IMAGE_NAME}" ${DISK_LAYOUT}
181173
elif [[ ${FLAGS_extract_update} -eq ${FLAGS_TRUE} ]]; then

build_library/build_image_util.sh

Lines changed: 2 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -260,8 +260,8 @@ image_packages_portage() {
260260
ROOT="$1" PORTAGE_CONFIGROOT="${BUILD_DIR}"/configroot \
261261
equery --no-color list --format '$cpv::$repo' '*'
262262
}
263-
# List packages implicitly contained in rootfs, such as in torcx packages or
264-
# initramfs.
263+
264+
# List packages implicitly contained in rootfs, such as in initramfs.
265265
image_packages_implicit() {
266266
local profile="${BUILD_DIR}/configroot/etc/portage/profile"
267267

@@ -290,11 +290,6 @@ image_packages_implicit() {
290290
query_available_package "${pkg}"
291291
done < "${profile}/package.provided"
292292
fi
293-
294-
# Include source packages of all torcx images installed on disk.
295-
[ -z "${FLAGS_torcx_manifest}" ] ||
296-
torcx_manifest::sources_on_disk "${FLAGS_torcx_manifest}" |
297-
while read pkg ; do query_available_package "${pkg}" ; done
298293
}
299294

300295
# Generate a list of packages installed in an image.
@@ -517,8 +512,6 @@ EOF
517512
# Add /usr/share/SLSA reports for packages indirectly contained within the rootfs
518513
# If the package is available in BOARD_ROOT accesses it from there, otherwise
519514
# needs to download binpkg.
520-
# Reports for torcx packages are also included when adding the torcx package to
521-
# rootfs.
522515
insert_extra_slsa() {
523516
info "Inserting additional SLSA file"
524517
local rootfs="$1"
@@ -626,27 +619,6 @@ finish_image() {
626619
local install_grub=0
627620
local disk_img="${BUILD_DIR}/${image_name}"
628621

629-
# Copy in packages from the torcx store that are marked as being on disk
630-
if [ -n "${FLAGS_torcx_manifest}" ]; then
631-
for pkg in $(torcx_manifest::get_pkg_names "${FLAGS_torcx_manifest}"); do
632-
local default_version="$(torcx_manifest::default_version "${FLAGS_torcx_manifest}" "${pkg}")"
633-
for version in $(torcx_manifest::get_versions "${FLAGS_torcx_manifest}" "${pkg}"); do
634-
local on_disk_path="$(torcx_manifest::local_store_path "${FLAGS_torcx_manifest}" "${pkg}" "${version}")"
635-
if [[ -n "${on_disk_path}" ]]; then
636-
local casDigest="$(torcx_manifest::get_digest "${FLAGS_torcx_manifest}" "${pkg}" "${version}")"
637-
sudo cp "${FLAGS_torcx_root}/pkgs/${BOARD}/${pkg}/${casDigest}/${pkg}:${version}.torcx.tgz" \
638-
"${root_fs_dir}${on_disk_path}"
639-
sudo tar xf "${root_fs_dir}${on_disk_path}" -C "${root_fs_dir}" --wildcards "./usr/share/SLSA"
640-
if [[ "${version}" == "${default_version}" ]]; then
641-
# Create the default symlink for this package
642-
sudo ln -fns "${on_disk_path##*/}" \
643-
"${root_fs_dir}/${on_disk_path%/*}/${pkg}:com.coreos.cl.torcx.tgz"
644-
fi
645-
fi
646-
done
647-
done
648-
fi
649-
650622
# Only enable rootfs verification on prod builds.
651623
local disable_read_write="${FLAGS_FALSE}"
652624
if [[ "${IMAGE_BUILD_TYPE}" == "prod" ]]; then

0 commit comments

Comments
 (0)