fix: Various toolchain fixes, aarch toolchain bootstrap

This commit is contained in:
Stefan Reimer 2022-10-06 20:03:30 +02:00
parent e0b2918d9c
commit 722183b930
5 changed files with 90 additions and 80 deletions

View File

@ -1,27 +1,31 @@
ARG TAG
FROM public.ecr.aws/zero-downtime/alpine-builder:$TAG
FROM alpine:3.16
ARG ALPINE="v3.16"
ARG SYSROOT=/home/alpine/sysroot-aarch64
USER root
RUN echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \
echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/community" >> /etc/apk/repositories && \
echo "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
echo "@edge-community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub
# Workaround for apk fetch bug related to `g++-aarch64` name, todo
RUN wget https://cdn.zero-downtime.net/alpine/v3.16/kubezero/x86_64/g%2B%2B-aarch64-11.2.1_git20220219-r2.apk && \
apk add --no-cache g%2B%2B-aarch64-11.2.1_git20220219-r2.apk && rm -f g%2B%2B-aarch64-11.2.1_git20220219-r2.apk
RUN apk -U --no-cache upgrade && \
apk --no-cache add \
alpine-sdk \
lua-aports \
doas \
pigz \
xz
# gcc-gnat \
RUN apk -U --no-cache add \
build-base-aarch64@kubezero
# gcc-gnat-aarch64@kubezero
RUN adduser -D alpine && \
addgroup alpine abuild && \
echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
install -d -g abuild -m 775 /var/cache/distfiles && \
install -d -g abuild -m 775 /packages
RUN mkdir -p ${SYSROOT} && \
apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main -U --allow-untrusted --no-scripts -p ${SYSROOT} --initdb --arch aarch64 add alpine-base && \
apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --arch aarch64 -p ${SYSROOT} --allow-untrusted add alpine-keys && \
cp /etc/apk/repositories ${SYSROOT}/etc/apk
RUN apk -U --arch aarch64 -p ${SYSROOT} add \
libgcc \
libstdc++ \
musl-dev
COPY abuilder aarch64-toolchain.sh /usr/bin/
WORKDIR /home/alpine
USER alpine
ENTRYPOINT ["abuilder"]

View File

@ -1,31 +0,0 @@
FROM alpine:3.16
ARG ALPINE="v3.16"
RUN echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main" > /etc/apk/repositories && \
echo "http://dl-cdn.alpinelinux.org/alpine/${ALPINE}/community" >> /etc/apk/repositories && \
echo "@edge-main http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
echo "@edge-community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
echo "@kubezero https://cdn.zero-downtime.net/alpine/${ALPINE}/kubezero" >> /etc/apk/repositories && \
wget -q -O /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub
RUN apk -U --no-cache upgrade && \
apk --no-cache add \
alpine-sdk \
lua-aports \
doas \
pigz \
xz
# gcc-gnat \
RUN adduser -D alpine && \
addgroup alpine abuild && \
echo "permit nopass :abuild" > /etc/doas.d/doas.conf && \
install -d -g abuild -m 775 /var/cache/distfiles && \
install -d -g abuild -m 775 /packages
COPY abuilder aarch64-toolchain.sh /usr/bin/
WORKDIR /home/alpine
USER alpine
ENTRYPOINT ["abuilder"]

View File

@ -1,25 +1,40 @@
REGISTRY := public.ecr.aws/zero-downtime
IMAGE := alpine-builder
REGION := us-east-1
include .ci/podman.mk
BUILDER := v3.16.2
RELEASE := v3.16
PKG := '*'
CF_DIST := E1YFUJXMCXT2RN
ARCH := ''
.PHONY: builder aports download upload packages
BUILDER_RELEASE = $(shell echo $(BUILDER) | sed -e 's/-.*$$//')
RELEASE := $(shell echo $(BUILDER_RELEASE) | sed -e 's/\.[0-9]$$//')
all: build
.PHONY: apk aports download upload packages invalidate_cdn
packages:
aarch64-toolchain:
@podman run -it --rm \
-v ${PWD}/distfiles:/var/cache/distfiles \
-v ${PWD}/packages:/home/alpine/packages \
-v ${PWD}/aports:/home/alpine/aports \
-v ${HOME}/.gitconfig/:/home/alpine/.gitconfig:ro \
-v ${HOME}/.abuild/:/home/alpine/.abuild:ro \
$(REGISTRY)/$(IMAGE):$(TAG) aarch64-toolchain
packages: reset-permissions
mkdir -p packages/kubezero/aarch64 packages/kubezero/x86_64
distfiles:
mkdir -p distfiles
aports:
[ -d aports/.git ] && { GIT_DIR=aports/.git cd aports; git pull; } \
|| git clone https://gitlab.alpinelinux.org/alpine/aports.git
aports: reset-permissions
@[ -d aports/.git ] && { cd aports; git pull origin $(BUILDER_RELEASE); }
@[ -d aports/.git ] || { git clone https://gitlab.alpinelinux.org/alpine/aports.git && \
cd aports && git checkout $(BUILDER_RELEASE); }
# Mounts release into /work of the builder container to build all
build: packages distfiles
apk: packages distfiles
podman run -it --rm \
-v ${PWD}/distfiles:/var/cache/distfiles \
-v ${PWD}/packages:/home/alpine/packages \
@ -27,15 +42,22 @@ build: packages distfiles
-v ${PWD}/kubezero:/home/alpine/kubezero \
-v ${HOME}/.gitconfig/:/home/alpine/.gitconfig:ro \
-v ${HOME}/.abuild/:/home/alpine/.abuild:ro \
public.ecr.aws/zero-downtime/alpine-builder:${BUILDER} $(PKG)
$(REGISTRY)/$(IMAGE):$(TAG) $(PKG) $(ARCH)
reset-permissions:
@[ -d aports ] && doas chown -R $(USER): aports
@[ -d distfiles ] && doas chown -R $(USER): distfiles
@[ -d packages ] && doas chown -R $(USER): packages
@[ -d kubezero ] && doas chown -R $(USER): kubezero
download:
aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ packages/work/x86_64/ --exclude APKINDEX.tar.gz
aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ packages/kubezero/x86_64/ --exclude APKINDEX.tar.gz
aws s3 sync s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/aarch64/ packages/kubezero/aarch64/ --exclude APKINDEX.tar.gz
invalidate:
invalidate_cdn:
aws cloudfront create-invalidation --distribution $(CF_DIST) --paths "/alpine/*"
upload: invalidate
upload: invalidate_cdn
aws s3 sync --delete packages/kubezero/x86_64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --exclude APKINDEX.tar.gz
aws s3 sync --delete packages/kubezero/aarch64/ s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/aarch64/ --exclude APKINDEX.tar.gz
aws s3 cp packages/kubezero/x86_64/APKINDEX.tar.gz s3://zero-downtime-web/cdn/alpine/$(RELEASE)/kubezero/x86_64/ --cache-control max-age=1

View File

@ -1,12 +1,15 @@
#!/bin/sh
set -ex
set -e
if [ -d ~/.abuild ]; then
doas cp ~/.abuild/*.rsa.pub /etc/apk/keys/
fi
doas chown -R alpine:abuild ~/packages /var/cache/distfiles ~/aports
for f in ~/packages /var/cache/distfiles ~/aports; do
[ -d $f ] && doas chown -R alpine:abuild $f
done
doas apk update
if [ "$1" == 'debug' ]; then
@ -18,17 +21,27 @@ elif [ "$1" == 'aarch64-toolchain' ]; then
else
# Set ENV for cross compile for aarch64
if [ "$2" == "aarch64" ]; then
ALPINE="v3.16"
TARGET_ARCH=aarch64
SUDO_APK=abuild-apk
APORTS=/home/alpine/aports
CBUILDROOT=/home/alpine/sysroot-aarch64
mkdir -p $CBUILDROOT/etc/apk/keys
doas apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --no-cache --no-scripts -p $CBUILDROOT --initdb --allow-untrusted --arch aarch64 add alpine-base
doas apk -X https://dl-cdn.alpinelinux.org/alpine/${ALPINE}/main --no-cache --arch aarch64 -p $CBUILDROOT --allow-untrusted add alpine-keys
doas cp /etc/apk/keys/stefan@zero-downtime.net-61bb6bfb.rsa.pub ${CBUILDROOT}/etc/apk/keys
doas cp /etc/apk/repositories ${CBUILDROOT}/etc/apk
EXTRADEPENDS_TARGET="libgcc libstdc++ musl-dev fortify-headers libc-dev busybox"
export CBUILDROOT="/home/alpine/sysroot-aarch64/"
. /usr/share/abuild/functions.sh
export CBUILD
export CHOST=$TARGET_ARCH
export GOARCH=arm64
export GOOS=linux
doas apk update -p $CBUILDROOT
fi
for pkg in ~/$1; do
@ -37,7 +50,7 @@ else
# If checksum is OK, build package
APKBUILD=$pkg abuild verify && rc=$? || rc=$?
if [ $rc -eq 0 ]; then
APKBUILD=$pkg abuild -r
CHOST=$TARGET_ARCH APKBUILD=$pkg abuild -r
else
APKBUILD=$pkg abuild checksum

View File

@ -14,9 +14,8 @@ makedepends="
flex
fts-dev
gtest-dev
zlib-dev
yaml-dev
yaml-static
zlib-dev
"
subpackages="
$pkgname-dev
@ -33,28 +32,30 @@ options="!check"
build() {
if [ "$CBUILD" != "$CHOST" ]; then
CMAKE_CROSSOPTS="-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_HOST_SYSTEM_NAME=Linux"
CMAKE_CROSSOPTS="-DCMAKE_SYSTEM_NAME=Linux -DCMAKE_HOST_SYSTEM_NAME=Linux -DCMAKE_C_COMPILER=$CHOST-gcc"
fi
# default CORE_STACK_SIZE=((3 * PTHREAD_STACK_MIN) / 2)=3072 is invalid
# set default to 24576
# Disable stream processor due to issue see: https://github.com/fluent/fluent-bit/issues/2464
cmake -B build \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_INSTALL_LIBDIR=lib \
-DCMAKE_BUILD_TYPE=None \
-DCMAKE_FIND_LIBRARY_SUFFIXES=".a" \
-DBUILD_SHARED_LIBS=OFF \
-DCMAKE_EXE_LINKER_FLAGS="-static" \
-DFLB_CORO_STACK_SIZE=24576 \
-DFLB_RELEASE=Yes \
-DFLB_DEBUG=No \
-DFLB_SHARED_LIB=No \
-DFLB_DEBUG=Off \
-DFLB_SHARED_LIB=Off \
-DFLB_JEMALLOC=Yes \
-DFLB_IN_SYSTEMD=No \
-DFLB_LUAJIT=Yes \
-DFLB_IN_SYSTEMD=Off \
-DFLB_PROXY_GO=No \
-DFLB_HTTP_SERVER=Yes \
-DFLB_STREAM_PROCESSOR=No \
$CMAKE_CROSSOPTS .
make -C build
#-DCMAKE_FIND_LIBRARY_SUFFIXES=".a" \
#-DCMAKE_EXE_LINKER_FLAGS="-static" \
#-DFLB_STREAM_PROCESSOR=No \
#-DFLB_FILTER_LUA=Off \
#-DFLB_TESTS_INTERNAL=Yes \
#-DFLB_AWS=No \
#-DFLB_SIGNV4=No \
@ -64,6 +65,7 @@ build() {
#-DFLB_OUT_KINESIS_STREAMS=No \
#-DFLB_OUT_BIGQUERY=No \
#-DFLB_FILTER_AWS=No \
#-DCMAKE_VERBOSE_MAKEFILE:BOOL=ON \
}
check() {