Skip to content

Commit

Permalink
Merge pull request #89 from webern/sdk-schema
Browse files Browse the repository at this point in the history 
add sdk to project schema
  • Loading branch information
@webern
webern authored Oct 3, 2023
2 parents 96edb18 + af96ef7 commit bca8e8b
Show file tree
Hide file tree
Showing 14 changed files with 261 additions and 71 deletions.
22 changes: 22 additions & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions tools/buildsys/src/builder.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ the repository's top-level Dockerfile.
pub(crate) mod error;
use error::Result;

use crate::constants::{SDK_VAR, TOOLCHAIN_VAR};
use duct::cmd;
use lazy_static::lazy_static;
use nonzero_ext::nonzero;
Expand Down Expand Up @@ -283,8 +284,8 @@ fn build(
let tag = format!("{}-{}", tag, token);

// Our SDK and toolchain are picked by the external `cargo make` invocation.
let sdk = getenv("BUILDSYS_SDK_IMAGE")?;
let toolchain = getenv("BUILDSYS_TOOLCHAIN")?;
let sdk = getenv(SDK_VAR)?;
let toolchain = getenv(TOOLCHAIN_VAR)?;

// Avoid using a cached layer from a previous build.
let nocache = rand::thread_rng().gen::<u32>();
Expand Down
2 changes: 2 additions & 0 deletions tools/buildsys/src/constants.rs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
pub(crate) const SDK_VAR: &str = "TLPRIVATE_SDK_IMAGE";
pub(crate) const TOOLCHAIN_VAR: &str = "TLPRIVATE_TOOLCHAIN";
5 changes: 2 additions & 3 deletions tools/buildsys/src/gomod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ when the docker-go script is invoked.
pub(crate) mod error;
use error::Result;

use crate::constants::SDK_VAR;
use buildsys::manifest;
use duct::cmd;
use snafu::{ensure, OptionExt, ResultExt};
Expand Down Expand Up @@ -111,9 +112,7 @@ impl GoMod {
);

// Our SDK and toolchain are picked by the external `cargo make` invocation.
let sdk = env::var("BUILDSYS_SDK_IMAGE").context(error::EnvironmentSnafu {
var: "BUILDSYS_SDK_IMAGE",
})?;
let sdk = env::var(SDK_VAR).context(error::EnvironmentSnafu { var: SDK_VAR })?;

let args = DockerGoArgs {
module_path: package_dir,
Expand Down
1 change: 1 addition & 0 deletions tools/buildsys/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ The implementation is closely tied to the top-level Dockerfile.
*/
mod builder;
mod cache;
mod constants;
mod gomod;
mod project;
mod spec;
Expand Down
1 change: 1 addition & 0 deletions twoliter/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ env_logger = "0.10"
flate2 = "1"
hex = "0.4"
log = "0.4"
non-empty-string = { version = "0.2", features = [ "serde" ] }
serde = { version = "1", features = ["derive"] }
sha2 = "0.10"
tar = "0.4"
Expand Down
66 changes: 36 additions & 30 deletions twoliter/embedded/Makefile.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,6 @@ BUILDSYS_NAME = "bottlerocket"
# If you're building a Bottlerocket remix, you'd want to set this to something like
# "Bottlerocket Remix by ${CORP}" or "${CORP}'s Bottlerocket Remix"
BUILDSYS_PRETTY_NAME = "Bottlerocket OS"
# SDK name used for building
BUILDSYS_SDK_NAME="bottlerocket"
# SDK version used for building
BUILDSYS_SDK_VERSION="v0.33.0"
# Site for fetching the SDK
BUILDSYS_REGISTRY="public.ecr.aws/bottlerocket"

# These can be overridden with -e to change configuration for pubsys (`cargo
# make repo`). In addition, you can set RELEASE_START_TIME to determine when
Expand Down Expand Up @@ -142,11 +136,6 @@ TESTSYS_LOG_LEVEL = "info"
# Certain variables are defined here to allow us to override a component value
# on the command line.

# Depends on ${BUILDSYS_ARCH}, ${BUILDSYS_REGISTRY}, ${BUILDSYS_SDK_NAME}, and
# ${BUILDSYS_SDK_VERSION}.
BUILDSYS_SDK_IMAGE = { script = [ "echo ${BUILDSYS_REGISTRY}/${BUILDSYS_SDK_NAME}-sdk-${BUILDSYS_ARCH}:${BUILDSYS_SDK_VERSION}" ] }
BUILDSYS_TOOLCHAIN = { script = [ "echo ${BUILDSYS_REGISTRY}/${BUILDSYS_SDK_NAME}-toolchain-${BUILDSYS_ARCH}:${BUILDSYS_SDK_VERSION}" ] }

# Depends on ${BUILDSYS_JOBS}.
CARGO_MAKE_CARGO_LIMIT_JOBS = "--jobs ${BUILDSYS_JOBS}"
CARGO_MAKE_CARGO_ARGS = "--offline --locked"
Expand Down Expand Up @@ -238,7 +227,17 @@ fi
'''
] }

# These are variables that are not meant to be set by users of `twoliter make`. These are intended
# to be set only by Twoliter itself when it invokes `cargo make`.
[env.private]
# The URIs for the SDK image and the toolchain image must be provided.
TLPRIVATE_SDK_IMAGE = ""
TLPRIVATE_TOOLCHAIN = ""

####################################################################################################

[tasks.setup]
script_runner = "bash"
script = [
'''
# Ensure we use a supported architecture
Expand All @@ -256,6 +255,13 @@ if [ -z "${TWOLITER_TOOLS_DIR}" ];then
exit 1
fi
# Ensure TLPRIVATE_SDK_IMAGE and TLPRIVATE_TOOLCHAIN are set
if [[ -z "${TLPRIVATE_SDK_IMAGE}" || -z "{TLPRIVATE_TOOLCHAIN}" ]];then
echo "TLPRIVATE_SDK_IMAGE and TLPRIVATE_TOOLCHAIN must be defined and must be non-zero in length."
echo "Are you using Twoliter? It is a bug if Twoliter has invoked cargo make without these."
exit 1
fi
mkdir -p ${BUILDSYS_BUILD_DIR}
mkdir -p ${BUILDSYS_OUTPUT_DIR}
mkdir -p ${BUILDSYS_PACKAGES_DIR}
Expand Down Expand Up @@ -290,9 +296,9 @@ dependencies = ["setup-build"]
script_runner = "bash"
script = [
'''
if ! docker image inspect "${BUILDSYS_SDK_IMAGE}" >/dev/null 2>&1 ; then
if ! docker pull "${BUILDSYS_SDK_IMAGE}" ; then
echo "failed to pull '${BUILDSYS_SDK_IMAGE}'" >&2
if ! docker image inspect "${TLPRIVATE_SDK_IMAGE}" >/dev/null 2>&1 ; then
if ! docker pull "${TLPRIVATE_SDK_IMAGE}" ; then
echo "failed to pull '${TLPRIVATE_SDK_IMAGE}'" >&2
exit 1
fi
fi
Expand All @@ -304,7 +310,7 @@ dependencies = ["setup-build"]
script_runner = "bash"
script = [
'''
if docker image inspect "${BUILDSYS_TOOLCHAIN}-${BUILDSYS_ARCH}" >/dev/null 2>&1 ; then
if docker image inspect "${TLPRIVATE_TOOLCHAIN}-${BUILDSYS_ARCH}" >/dev/null 2>&1 ; then
exit 0
fi
Expand All @@ -315,14 +321,14 @@ esac
# We want the image with the target's native toolchain, rather than one that matches the
# host architecture.
if ! docker pull --platform "${docker_arch}" "${BUILDSYS_TOOLCHAIN}" ; then
echo "could not pull '${BUILDSYS_TOOLCHAIN}' for ${docker_arch}" >&2
if ! docker pull --platform "${docker_arch}" "${TLPRIVATE_TOOLCHAIN}" ; then
echo "could not pull '${TLPRIVATE_TOOLCHAIN}' for ${docker_arch}" >&2
exit 1
fi
# Apply a tag to distinguish the image from other architectures.
if ! docker tag "${BUILDSYS_TOOLCHAIN}" "${BUILDSYS_TOOLCHAIN}-${BUILDSYS_ARCH}" ; then
echo "could not tag '${BUILDSYS_TOOLCHAIN}-${BUILDSYS_ARCH}'" >&2
if ! docker tag "${TLPRIVATE_TOOLCHAIN}" "${TLPRIVATE_TOOLCHAIN}-${BUILDSYS_ARCH}" ; then
echo "could not tag '${TLPRIVATE_TOOLCHAIN}-${BUILDSYS_ARCH}'" >&2
exit 1
fi
'''
Expand Down Expand Up @@ -350,7 +356,7 @@ go_fetch() {
module="${1:?}"
${TWOLITER_TOOLS_DIR}/docker-go \
--module-path "${BUILDSYS_SOURCES_DIR}/${module}" \
--sdk-image ${BUILDSYS_SDK_IMAGE} \
--sdk-image ${TLPRIVATE_SDK_IMAGE} \
--go-mod-cache ${GO_MOD_CACHE} \
--command "go list -mod=readonly ./... >/dev/null && go mod vendor"
}
Expand Down Expand Up @@ -379,7 +385,7 @@ test_go_module() {
module="${1:?}"
${TWOLITER_TOOLS_DIR}/docker-go \
--module-path "${BUILDSYS_SOURCES_DIR}/${module}" \
--sdk-image ${BUILDSYS_SDK_IMAGE} \
--sdk-image ${TLPRIVATE_SDK_IMAGE} \
--go-mod-cache ${GO_MOD_CACHE} \
--command "cd cmd/$module; go test -v"
}
Expand Down Expand Up @@ -410,7 +416,7 @@ go_fmt() {
module="${1:?}"
${TWOLITER_TOOLS_DIR}/docker-go \
--module-path "${BUILDSYS_SOURCES_DIR}/${module}" \
--sdk-image ${BUILDSYS_SDK_IMAGE} \
--sdk-image ${TLPRIVATE_SDK_IMAGE} \
--go-mod-cache ${GO_MOD_CACHE} \
--command "gofmt -l cmd/$module"
}
Expand All @@ -429,7 +435,7 @@ if ! docker run --rm \
-e CARGO_HOME="/tmp/.cargo" \
-v "${CARGO_HOME}":/tmp/.cargo \
-v "${BUILDSYS_ROOT_DIR}/sources":/tmp/sources \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
cargo fmt \
--manifest-path /tmp/sources/Cargo.toml \
--message-format short \
Expand Down Expand Up @@ -466,7 +472,7 @@ if ! docker run --rm \
-v "${CARGO_HOME}":/tmp/.cargo \
-v "${BUILDSYS_ROOT_DIR}/sources":/tmp/sources \
-e VARIANT \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
cargo clippy \
--manifest-path /tmp/sources/Cargo.toml \
--locked -- -D warnings --no-deps; then
Expand All @@ -491,7 +497,7 @@ if ! docker run --rm \
--user "$(id -u):$(id -g)" \
--security-opt="label=disable" \
-v "${BUILDSYS_TOOLS_DIR}":/tmp/tools \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
bash -c \
'flagged_scripts=0 && \
cd /tmp/tools && \
Expand Down Expand Up @@ -657,7 +663,7 @@ echo "Generating local keys." >&2
mkdir -p "${BUILDSYS_SBKEYS_PROFILE_DIR}"
${BUILDSYS_SBKEYS_DIR}/generate-local-sbkeys \
--sdk-image "${BUILDSYS_SDK_IMAGE}" \
--sdk-image "${TLPRIVATE_SDK_IMAGE}" \
--output-dir "${BUILDSYS_SBKEYS_PROFILE_DIR}"
'''
]
Expand Down Expand Up @@ -714,7 +720,7 @@ docker run --rm \
--security-opt="label=disable" \
-v "${BOOT_CONFIG_INPUT}":/tmp/bootconfig-input \
-v "${boot_config}":/tmp/bootconfig.data \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
bootconfig -a /tmp/bootconfig-input /tmp/bootconfig.data
if [ -e "${boot_config_tmp}" ] ; then
Expand All @@ -734,7 +740,7 @@ docker run --rm \
--user "$(id -u):$(id -g)" \
--security-opt="label=disable" \
-v "${BOOT_CONFIG}":/tmp/bootconfig.data \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
bootconfig -l /tmp/bootconfig.data
'''
]
Expand Down Expand Up @@ -816,7 +822,7 @@ docker run --rm \
-e CARGO_HOME="/tmp/.cargo" \
-v "${CARGO_HOME}":/tmp/.cargo \
-v "${BUILDSYS_ROOT_DIR}/sources":/tmp/sources \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
bash -c "${run_cargo_deny}"
[ "${?}" -eq 0 ] || [ "${BUILDSYS_ALLOW_FAILED_LICENSE_CHECK}" = "true" ]
'''
Expand Down Expand Up @@ -854,7 +860,7 @@ docker run --rm \
-v "${CARGO_HOME}":/tmp/.cargo \
-v "${BUILDSYS_ROOT_DIR}/licenses:/tmp/licenses" \
-v "${BUILDSYS_ROOT_DIR}/Licenses.toml:/tmp/Licenses.toml" \
"${BUILDSYS_SDK_IMAGE}" \
"${TLPRIVATE_SDK_IMAGE}" \
bash -c "${run_fetch_licenses}"
'''
]
Expand Down
6 changes: 3 additions & 3 deletions twoliter/src/cmd/build.rs
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
use crate::docker;
use crate::project::{Project, Sdk};
use crate::project::Project;
use crate::{docker, project};
use anyhow::Result;
use clap::Parser;
use log::debug;
Expand Down Expand Up @@ -44,7 +44,7 @@ impl BuildVariant {
Some(p) => Project::load(p).await?,
};
// TODO - get smart about sdk: https://github.com/bottlerocket-os/twoliter/issues/11
let sdk = Sdk::default();
let sdk = project::default_sdk();
let _ = docker::create_twoliter_image_if_not_exists(&sdk.uri(&self.arch)).await?;
Ok(())
}
Expand Down
Loading

0 comments on commit bca8e8b

Please sign in to comment.