fix: Various toolchain fixes, aarch toolchain bootstrap

This commit is contained in:
Stefan Reimer 2022-10-06 20:03:30 +02:00
parent e0b2918d9c
commit 722183b930
5 changed files with 90 additions and 80 deletions

View File

@ -1,27 +1,31 @@
ARG TAG FROM alpine:3.16
FROM public.ecr.aws/zero-downtime/alpine-builder:$TAG
ARG ALPINE="v3.16" ARG ALPINE="v3.16"
ARG SYSROOT=/home/alpine/sysroot-aarch64
USER root RUN echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \
echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/community" >> /etc/apk/repositories && \
echo "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
echo "@edge-community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub
# Workaround for apk fetch bug related to `g++-aarch64` name, todo RUN apk -U --no-cache upgrade && \
RUN wget https://cdn.zero-downtime.net/alpine/v3.16/kubezero/x86_64/g%2B%2B-aarch64-11.2.1_git20220219-r2.apk && \ apk --no-cache add \
apk add --no-cache g%2B%2B-aarch64-11.2.1_git20220219-r2.apk && rm -f g%2B%2B-aarch64-11.2.1_git20220219-r2.apk alpine-sdk \
lua-aports \
doas \
pigz \
xz
# gcc-gnat \
RUN apk -U --no-cache add \ RUN adduser -D alpine && \
build-base-aarch64@kubezero addgroup alpine abuild && \
# gcc-gnat-aarch64@kubezero echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
install -d -g abuild -m 775 /var/cache/distfiles && \
install -d -g abuild -m 775 /packages
RUN mkdir -p ${SYSROOT} && \ COPY abuilder aarch64-toolchain.sh /usr/bin/
apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main -U --allow-untrusted --no-scripts -p ${SYSROOT} --initdb --arch aarch64 add alpine-base && \
apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --arch aarch64 -p ${SYSROOT} --allow-untrusted add alpine-keys && \
cp /etc/apk/repositories ${SYSROOT}/etc/apk
RUN apk -U --arch aarch64 -p ${SYSROOT} add \
libgcc \
libstdc++ \
musl-dev
WORKDIR /home/alpine
USER alpine USER alpine
ENTRYPOINT ["abuilder"]

View File

@ -1,31 +0,0 @@
FROM alpine:3.16
ARG ALPINE="v3.16"
RUN echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \
echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/community" >> /etc/apk/repositories && \
echo "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
echo "@edge-community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub
RUN apk -U --no-cache upgrade && \
apk --no-cache add \
alpine-sdk \
lua-aports \
doas \
pigz \
xz
# gcc-gnat \
RUN adduser -D alpine && \
addgroup alpine abuild && \
echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
install -d -g abuild -m 775 /var/cache/distfiles && \
install -d -g abuild -m 775 /packages
COPY abuilder aarch64-toolchain.sh /usr/bin/
WORKDIR /home/alpine
USER alpine
ENTRYPOINT ["abuilder"]

View File

@ -1,25 +1,40 @@
REGISTRY := public.ecr.aws/zero-downtime
IMAGE := alpine-builder
REGION := us-east-1
include .ci/podman.mk
BUILDER := v3.16.2 BUILDER := v3.16.2
RELEASE := v3.16
PKG := '*' PKG := '*'
CF_DIST := E1YFUJXMCXT2RN CF_DIST := E1YFUJXMCXT2RN
ARCH := ''
.PHONY: builder aports download upload packages BUILDER_RELEASE = $(shell echo $(BUILDER) | sed -e 's/-.*$$//')
RELEASE := $(shell echo $(BUILDER_RELEASE) | sed -e 's/\.[0-9]$$//')
all: build .PHONY: apk aports download upload packages invalidate_cdn
packages: aarch64-toolchain:
@podman run -it --rm \
-v ${PWD}/distfiles:/var/cache/distfiles \
-v ${PWD}/packages:/home/alpine/packages \
-v ${PWD}/aports:/home/alpine/aports \
-v ${HOME}/.gitconfig/:/home/alpine/.gitconfig:ro \
-v ${HOME}/.abuild/:/home/alpine/.abuild:ro \
$(REGISTRY)/$(IMAGE):$(TAG) aarch64-toolchain
packages: reset-permissions
mkdir -p packages/kubezero/aarch64 packages/kubezero/x86_64 mkdir -p packages/kubezero/aarch64 packages/kubezero/x86_64
distfiles: distfiles:
mkdir -p distfiles mkdir -p distfiles
aports: aports: reset-permissions
[ -d aports/.git ] && { GIT_DIR=aports/.git cd aports; git pull; } \ @[ -d aports/.git ] && { cd aports; git pull origin $(BUILDER_RELEASE); }
|| git clone https://gitlab.alpinelinux.org/alpine/aports.git @[ -d aports/.git ] || { git clone https://gitlab.alpinelinux.org/alpine/aports.git && \
cd aports && git checkout $(BUILDER_RELEASE); }
# Mounts release into /work of the builder container to build all apk: packages distfiles
build: packages distfiles
podman run -it --rm \ podman run -it --rm \
-v ${PWD}/distfiles:/var/cache/distfiles \ -v ${PWD}/distfiles:/var/cache/distfiles \
-v ${PWD}/packages:/home/alpine/packages \ -v ${PWD}/packages:/home/alpine/packages \
@ -27,15 +42,22 @@ build: packages distfiles
-v ${PWD}/kubezero:/home/alpine/kubezero \ -v ${PWD}/kubezero:/home/alpine/kubezero \
-v ${HOME}/.gitconfig/:/home/alpine/.gitconfig:ro \ -v ${HOME}/.gitconfig/:/home/alpine/.gitconfig:ro \
-v ${HOME}/.abuild/:/home/alpine/.abuild:ro \ -v ${HOME}/.abuild/:/home/alpine/.abuild:ro \
public.ecr.aws/zero-downtime/alpine-builder:${BUILDER} $(PKG) $(REGISTRY)/$(IMAGE):$(TAG) $(PKG) $(ARCH)
reset-permissions:
@[ -d aports ] && doas chown -R $(USER): aports
@[ -d distfiles ] && doas chown -R $(USER): distfiles
@[ -d packages ] && doas chown -R $(USER): packages
@[ -d kubezero ] && doas chown -R $(USER): kubezero
download: download:
aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ packages/work/x86_64/ --exclude APKINDEX.tar.gz aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ packages/kubezero/x86_64/ --exclude APKINDEX.tar.gz
aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/aarch64/ packages/kubezero/aarch64/ --exclude APKINDEX.tar.gz
invalidate: invalidate_cdn:
aws cloudfront create-invalidation --distribution $(CF_DIST) --paths "/alpine/*" aws cloudfront create-invalidation --distribution $(CF_DIST) --paths "/alpine/*"
upload: invalidate upload: invalidate_cdn
aws s3 sync --delete packages/kubezero/x86_64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --exclude APKINDEX.tar.gz aws s3 sync --delete packages/kubezero/x86_64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --exclude APKINDEX.tar.gz
aws s3 sync --delete packages/kubezero/aarch64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/aarch64/ --exclude APKINDEX.tar.gz aws s3 sync --delete packages/kubezero/aarch64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/aarch64/ --exclude APKINDEX.tar.gz
aws s3 cp packages/kubezero/x86_64/APKINDEX.tar.gz s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --cache-control max-age=1 aws s3 cp packages/kubezero/x86_64/APKINDEX.tar.gz s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --cache-control max-age=1

View File

@ -1,12 +1,15 @@
#!/bin/sh #!/bin/sh
set -ex set -e
if [ -d ~/.abuild ]; then if [ -d ~/.abuild ]; then
doas cp ~/.abuild/*.rsa.pub /etc/apk/keys/ doas cp ~/.abuild/*.rsa.pub /etc/apk/keys/
fi fi
doas chown -R alpine:abuild ~/packages /var/cache/distfiles ~/aports for f in ~/packages /var/cache/distfiles ~/aports; do
[ -d $f ] && doas chown -R alpine:abuild $f
done
doas apk update doas apk update
if [ "$1" == 'debug' ]; then if [ "$1" == 'debug' ]; then
@ -18,17 +21,27 @@ elif [ "$1" == 'aarch64-toolchain' ]; then
else else
# Set ENV for cross compile for aarch64 # Set ENV for cross compile for aarch64
if [ "$2" == "aarch64" ]; then if [ "$2" == "aarch64" ]; then
ALPINE="v3.16"
TARGET_ARCH=aarch64 TARGET_ARCH=aarch64
SUDO_APK=abuild-apk SUDO_APK=abuild-apk
APORTS=/home/alpine/aports APORTS=/home/alpine/aports
CBUILDROOT=/home/alpine/sysroot-aarch64
mkdir -p $CBUILDROOT/etc/apk/keys
doas apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --no-cache --no-scripts -p $CBUILDROOT --initdb --allow-untrusted --arch aarch64 add alpine-base
doas apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --no-cache --arch aarch64 -p $CBUILDROOT --allow-untrusted add alpine-keys
doas cp /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub ${CBUILDROOT}/etc/apk/keys
doas cp /etc/apk/repositories ${CBUILDROOT}/etc/apk
EXTRADEPENDS_TARGET="libgcc libstdc++ musl-dev fortify-headers libc-dev busybox"
export CBUILDROOT="/home/alpine/sysroot-aarch64/"
. /usr/share/abuild/functions.sh . /usr/share/abuild/functions.sh
export CBUILD export CBUILD
export CHOST=$TARGET_ARCH
export GOARCH=arm64 export GOARCH=arm64
export GOOS=linux export GOOS=linux
doas apk update -p $CBUILDROOT
fi fi
for pkg in ~/$1; do for pkg in ~/$1; do
@ -37,7 +50,7 @@ else
# If checksum is OK, build package # If checksum is OK, build package
APKBUILD=$pkg abuild verify && rc=$? || rc=$? APKBUILD=$pkg abuild verify && rc=$? || rc=$?
if [ $rc -eq 0 ]; then if [ $rc -eq 0 ]; then
APKBUILD=$pkg abuild -r CHOST=$TARGET_ARCH APKBUILD=$pkg abuild -r
else else
APKBUILD=$pkg abuild checksum APKBUILD=$pkg abuild checksum

View File

@ -14,9 +14,8 @@ makedepends="
flex flex
fts-dev fts-dev
gtest-dev gtest-dev
zlib-dev
yaml-dev yaml-dev
yaml-static zlib-dev
" "
subpackages=" subpackages="
$pkgname-dev $pkgname-dev
@ -33,28 +32,30 @@ options="!check"
build() { build() {
if [ "$CBUILD" != "$CHOST" ]; then if [ "$CBUILD" != "$CHOST" ]; then
CMAKE_CROSSOPTS="-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_HOST_SYSTEM_NAME=Linux" CMAKE_CROSSOPTS="-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_HOST_SYSTEM_NAME=Linux -DCMAKE_C_COMPILER=$CHOST-gcc"
fi fi
# default CORE_STACK_SIZE=((3 * PTHREAD_STACK_MIN) / 2)=3072 is invalid # default CORE_STACK_SIZE=((3 * PTHREAD_STACK_MIN) / 2)=3072 is invalid
# set default to 24576 # set default to 24576
# Disable stream processor due to issue see: https://github.com/fluent/fluent-bit/issues/2464 # Disable stream processor due to issue see: https://github.com/fluent/fluent-bit/issues/2464
cmake -B build \ cmake -B build \
-DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_INSTALL_LIBDIR=lib \
-DCMAKE_BUILD_TYPE=None \ -DCMAKE_BUILD_TYPE=None \
-DCMAKE_FIND_LIBRARY_SUFFIXES=".a" \
-DBUILD_SHARED_LIBS=OFF \
-DCMAKE_EXE_LINKER_FLAGS="-static" \
-DFLB_CORO_STACK_SIZE=24576 \ -DFLB_CORO_STACK_SIZE=24576 \
-DFLB_RELEASE=Yes \ -DFLB_RELEASE=Yes \
-DFLB_DEBUG=No \ -DFLB_DEBUG=Off \
-DFLB_SHARED_LIB=No \ -DFLB_SHARED_LIB=Off \
-DFLB_JEMALLOC=Yes \ -DFLB_JEMALLOC=Yes \
-DFLB_IN_SYSTEMD=No \ -DFLB_LUAJIT=Yes \
-DFLB_IN_SYSTEMD=Off \
-DFLB_PROXY_GO=No \ -DFLB_PROXY_GO=No \
-DFLB_HTTP_SERVER=Yes \ -DFLB_HTTP_SERVER=Yes \
-DFLB_STREAM_PROCESSOR=No \
$CMAKE_CROSSOPTS . $CMAKE_CROSSOPTS .
make -C build make -C build
#-DCMAKE_FIND_LIBRARY_SUFFIXES=".a" \
#-DCMAKE_EXE_LINKER_FLAGS="-static" \
#-DFLB_STREAM_PROCESSOR=No \
#-DFLB_FILTER_LUA=Off \
#-DFLB_TESTS_INTERNAL=Yes \ #-DFLB_TESTS_INTERNAL=Yes \
#-DFLB_AWS=No \ #-DFLB_AWS=No \
#-DFLB_SIGNV4=No \ #-DFLB_SIGNV4=No \
@ -64,6 +65,7 @@ build() {
#-DFLB_OUT_KINESIS_STREAMS=No \ #-DFLB_OUT_KINESIS_STREAMS=No \
#-DFLB_OUT_BIGQUERY=No \ #-DFLB_OUT_BIGQUERY=No \
#-DFLB_FILTER_AWS=No \ #-DFLB_FILTER_AWS=No \
#-DCMAKE_VERBOSE_MAKEFILE:BOOL=ON \
} }
check() { check() {