From 4dae31184866f763960f859e83e883083b22e6ec Mon Sep 17 00:00:00 2001 From: cfillekes Date: Fri, 26 Jan 2024 09:36:15 -0500 Subject: [PATCH 1/3] Create README.md issue #3089 It would be helpful for there to be a README.md in the rpm directory instructing maintainers on the configuration of bazeldnf parameters to populate the rpm lists in rpm/BUILD.bazel via the files .bazelrc, repo.yaml and hack/build/rpm-defs.sh, the fact that bazeldnf needs to be invoked through the make target rpm-defs, and also an indication that bazeldnf needs to be installed on the build host in order as it is not present in the builder image. Signed-off-by: cfillekes --- rpm/README.md | 87 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 rpm/README.md diff --git a/rpm/README.md b/rpm/README.md new file mode 100644 index 0000000000..d9442f1864 --- /dev/null +++ b/rpm/README.md @@ -0,0 +1,87 @@ +# HOW-TO Maintain RPM lists for containers when adding new target platforms and architectures + +## Overview + +The file `rpms/BUILD.bazel` provides a list pinned rpms to be built in each category of CDI containers + +These are maintained with bazeldnf with rpm repos and names of packages specified in the following three files: + + 1. `.bazelrc` + 2. `repo.yaml` + 3. `hack/build/rpm-deps.sh` + +Then, running `make rpm-deps` _should_ invoke bazeldnf through the bazel cdi builder container to populate the `rpm/BUILD.bazel` file + +Once rpm/BUILD.bazel is populated, it is used and re-used, pinning the rpms to be built into run & test container images to specific versions. +This is why it is checked in to github per CDI release process. + +## Prerequisites and Caveats + +`bazeldnf` is not provided in the CDI build container; this method of generating lists of pinned rpms uses `bazeldnf` on the host. + +Since `make rpm-defs` only generates text files not executable images, the architecture of the host you run it on doesn't actually matter. + +`bazeldnf` is available as a binary release from https://github.com/rmohr/bazeldnf/releases . + +Note that version 0.5.9-rc2 https://github.com/rmohr/bazeldnf/releases/tag/v0.5.9-rc2 is the first binary release for s390x. + +## Configuring the platform, build, run and test target to maintain pinned rpm lists + +### add platform targets to `.bazelrc` + +This defines which platforms we are going to build for, and how. For example, adding `aarch64` and `s390x` native and cross-built platform targets: + +``` +build:aarch64 --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo --incompatible_use_cc_configure_from_rules_cc +run:aarch64 --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo --incompatible_use_cc_configure_from_rules_cc +test:aarch64 --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo --host_javabase=@local_jdk//:jdk + +build:crossbuild-aarch64 --incompatible_enable_cc_toolchain_resolution --platforms=//bazel/platforms:aarch64-none-linux-gnu --platforms=@io_bazel_rules_go//go/toolchain:lin +ux_arm64_cgo +run:crossbuild-aarch64 --incompatible_enable_cc_toolchain_resolution --platforms=//bazel/platforms:aarch64-none-linux-gnu --platforms=@io_bazel_rules_go//go/toolchain:linu +x_arm64_cgo +test:crossbuild-aarch64 --platforms=@io_bazel_rules_go//go/toolchain:linux_arm64_cgo --host_javabase=@local_jdk//:jdk +``` + +NB in future, when we add native and cross-compiled targets for ppc64le and s390x, they are similarly defined in `.bazelrc` + +### add targets to `repo.yaml` + +`repo.yaml` specifies the URLs of the repositories in which the packages to be installed via rpm are to be found, e.g.: + +``` +- arch: aarch64 + baseurl: http://mirror.stream.centos.org/9-stream/BaseOS/aarch64/os/ + name: centos/stream9-baseos-aarch64 + gpgkey: https://www.stream.centos.org/keys/RPM-GPG-KEY-CentOS-Official +``` + +### add targets to `hack/build/rpm-deps.sh` + +`hack/build/rpm-deps.sh` provides the list of dnf packages from which the rpm meta data is to be extracted for each class of container targets, and the flags to run bazeldnf with from inside the bazel build container. + +``` +centos_base=" + ca-certificates + crypto-policies + acl + curl + vim-minimal + util-linux-core +" +``` +where `centos_base` is referred to in the `bazel run //:bazeldnf` job like so: + +``` +bazel run \ + --config=aarch64 \ + //:bazeldnf -- rpmtree \ + --public --nobest \ + --name centos_base_aarch64 --arch aarch64 \ + --basesystem centos-stream-release \ + ${bazeldnf_repos} \ + $centos_base \ + $centos_extra +``` + +For further documentation on how `bazeldnf` works, please consult https://github.com/rmohr/bazeldnf From 51aceaac98c7693641e8ae31eac6ba762d0d2650 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Tue, 30 Jan 2024 15:29:29 -0500 Subject: [PATCH 2/3] Update rpm/README.md Correct description of how bazeldnf is installed and invoked in the course of make rpm-defs Signed-off-by: cfillekes --- rpm/README.md | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/rpm/README.md b/rpm/README.md index d9442f1864..f3fef0c1d3 100644 --- a/rpm/README.md +++ b/rpm/README.md @@ -10,20 +10,32 @@ These are maintained with bazeldnf with rpm repos and names of packages specifi 2. `repo.yaml` 3. `hack/build/rpm-deps.sh` -Then, running `make rpm-deps` _should_ invoke bazeldnf through the bazel cdi builder container to populate the `rpm/BUILD.bazel` file - -Once rpm/BUILD.bazel is populated, it is used and re-used, pinning the rpms to be built into run & test container images to specific versions. -This is why it is checked in to github per CDI release process. +Then, running `make rpm-deps` invokes bazeldnf installed in the bazel cdi builder container volume to populate the `rpm/BUILD.bazel` file ## Prerequisites and Caveats -`bazeldnf` is not provided in the CDI build container; this method of generating lists of pinned rpms uses `bazeldnf` on the host. - -Since `make rpm-defs` only generates text files not executable images, the architecture of the host you run it on doesn't actually matter. +`bazeldnf` is not provided in the persistent CDI build container; it is built and installed from a pinned source tarball in the `make rpm-defs` step as per https://github.com/kubevirt/containerized-data-importer/blob/main/WORKSPACE#L83-L95 -- so if you _exec_ into the running container, you won't find the executable of bazeldnf in your bash path; rather it is only made available to bazel build as a package, e.g.: -`bazeldnf` is available as a binary release from https://github.com/rmohr/bazeldnf/releases . +``` +[cfillekes@m1325001 containerized-data-importer]$ podman ps +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +3c4b6fed495d icr.io/kubevirt/kubevirt-cdi-bazel-builder:native-s390x hack/build/bazel-... 4 minutes ago Up 4 minutes kubevirt-cdi-volume-bazel-server +[cfillekes@m1325001 containerized-data-importer]$ podman exec -it 3c4b6fed495d /bin/bash +go version go1.21.5 linux/s390x +[root@m1325001 containerized-data-importer]# which bazeldnf +/usr/bin/which: no bazeldnf in (/root/.local/bin:/root/bin:/gimme/.gimme/versions/go1.21.5.linux.s390x/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) +[root@m1325001 containerized-data-importer]# find / -name bazeldnf +find: ‘/sys/fs/pstore’: Permission denied +find: ‘/sys/fs/bpf’: Permission denied +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/execroot/__main__/bazel-out/host/bin/external/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/execroot/__main__/bazel-out/host/bin/external/bazeldnf/pkg/api/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/execroot/__main__/bazel-out/s390x-fastbuild/bin/bazeldnf.bash.runfiles/__main__/external/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/execroot/__main__/bazel-out/s390x-fastbuild/bin/bazeldnf.bash.runfiles/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/execroot/__main__/external/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/external/bazeldnf +/root/.cache/bazel/_bazel_root/e03bf9038fc5089c0dbc8615812d9838/external/bazeldnf/pkg/api/bazeldnf +``` -Note that version 0.5.9-rc2 https://github.com/rmohr/bazeldnf/releases/tag/v0.5.9-rc2 is the first binary release for s390x. ## Configuring the platform, build, run and test target to maintain pinned rpm lists From 88e2204bf72f18905a28257b327c86424dbd1a28 Mon Sep 17 00:00:00 2001 From: cfillekes Date: Thu, 1 Feb 2024 07:35:12 -0500 Subject: [PATCH 3/3] Update rpm/README.md document use of ./hack/build/bazel-docker.sh bash to dig around in the builder container. Signed-off-by: cfillekes --- rpm/README.md | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/rpm/README.md b/rpm/README.md index f3fef0c1d3..60eda26750 100644 --- a/rpm/README.md +++ b/rpm/README.md @@ -17,13 +17,20 @@ Then, running `make rpm-deps` invokes bazeldnf installed in the bazel cdi builde `bazeldnf` is not provided in the persistent CDI build container; it is built and installed from a pinned source tarball in the `make rpm-defs` step as per https://github.com/kubevirt/containerized-data-importer/blob/main/WORKSPACE#L83-L95 -- so if you _exec_ into the running container, you won't find the executable of bazeldnf in your bash path; rather it is only made available to bazel build as a package, e.g.: ``` -[cfillekes@m1325001 containerized-data-importer]$ podman ps -CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES -3c4b6fed495d icr.io/kubevirt/kubevirt-cdi-bazel-builder:native-s390x hack/build/bazel-... 4 minutes ago Up 4 minutes kubevirt-cdi-volume-bazel-server -[cfillekes@m1325001 containerized-data-importer]$ podman exec -it 3c4b6fed495d /bin/bash +[containerized-data-importer]$ ./hack/build/bazel-docker.sh bash +CDI_CRI: podman, CDI_CONTAINER_BUILDCMD: buildah +Making sure output directory exists... +go version go1.21.5 linux/s390x +go version go1.21.5 linux/s390x +Starting rsyncd + +Rsyncing /home/cfillekes/projects/containerized-data-importer to container +8def2759249580cd4b7880fa2a79c554611a1033fe2d3f9bcc15aa3a79008c89 +Starting bazel server +go version go1.21.5 linux/s390x go version go1.21.5 linux/s390x [root@m1325001 containerized-data-importer]# which bazeldnf -/usr/bin/which: no bazeldnf in (/root/.local/bin:/root/bin:/gimme/.gimme/versions/go1.21.5.linux.s390x/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) +/usr/bin/which: no bazeldnf in (/root/.local/bin:/root/bin:/gimme/.gimme/versions/go1.21.5.linux.s390x/bin:/root/go/bin:/go/bin:/opt/gradle/gradle-6.6/bin:/gimme/.gimme/versions/go1.21.5.linux.s390x/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) [root@m1325001 containerized-data-importer]# find / -name bazeldnf find: ‘/sys/fs/pstore’: Permission denied find: ‘/sys/fs/bpf’: Permission denied