Skip to content
This repository has been archived by the owner on Jul 18, 2024. It is now read-only.

Commit

Permalink
Add armhf support for the forthcoming K8s release (GoogleContainerToo…
Browse files Browse the repository at this point in the history
…ls#638)

* Add armhf support for the forthcoming K8s release

* Add publishing arm

* Fix example

* Fix arm imports

* Add arm to all multi-arch images

* Fix buildifier

* Drop arm out of BASE for now, include justification.

* Drop commit sha tags, push multi-arch python w/ debian suffix

* Add nonroot variants of cc
  • Loading branch information
mattmoor authored Nov 17, 2020
1 parent d342160 commit 9e74328
Show file tree
Hide file tree
Showing 11 changed files with 532 additions and 299 deletions.
491 changes: 259 additions & 232 deletions BUILD

Large diffs are not rendered by default.

7 changes: 7 additions & 0 deletions WORKSPACE
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,13 @@ http_file(
urls = ["https://busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-x86_64"],
)

http_file(
name = "busybox_arm",
executable = True,
sha256 = "cd04052b8b6885f75f50b2a280bfcbf849d8710c8e61d369c533acf307eda064",
urls = ["https://busybox.net/downloads/binaries/1.31.0-defconfig-multiarch-musl/busybox-armv7l"],
)

http_file(
name = "busybox_arm64",
executable = True,
Expand Down
10 changes: 10 additions & 0 deletions base/distro.bzl
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
load("@package_bundle_amd64_debian9//file:packages.bzl", packages_amd64_debian9 = "packages")
load("@package_bundle_amd64_debian10//file:packages.bzl", packages_amd64_debian10 = "packages")
load("@package_bundle_arm_debian9//file:packages.bzl", packages_arm_debian9 = "packages")
load("@package_bundle_arm_debian10//file:packages.bzl", packages_arm_debian10 = "packages")
load("@package_bundle_arm64_debian9//file:packages.bzl", packages_arm64_debian9 = "packages")
load("@package_bundle_arm64_debian10//file:packages.bzl", packages_arm64_debian10 = "packages")
load("@package_bundle_s390x_debian9//file:packages.bzl", packages_s390x_debian9 = "packages")
Expand All @@ -14,6 +16,10 @@ DISTRO_PACKAGES = {
"_debian9": packages_amd64_debian9,
"_debian10": packages_amd64_debian10,
},
"arm": {
"_debian9": packages_arm_debian9,
"_debian10": packages_arm_debian10,
},
"arm64": {
"_debian9": packages_arm64_debian9,
"_debian10": packages_arm64_debian10,
Expand All @@ -33,6 +39,10 @@ DISTRO_REPOSITORY = {
"_debian9": "@amd64_debian9",
"_debian10": "@amd64_debian10",
},
"arm": {
"_debian9": "@arm_debian9",
"_debian10": "@arm_debian10",
},
"arm64": {
"_debian9": "@arm64_debian9",
"_debian10": "@arm64_debian10",
Expand Down
47 changes: 34 additions & 13 deletions checksums.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -3,66 +3,87 @@
# TO GENERATE THIS RUN: ./updateWorkspaceSnapshots.sh

BASE_ARCHITECTURES = ["amd64", "arm64"]
ARCHITECTURES = BASE_ARCHITECTURES + ["s390x", "ppc64le"]

# Exceptions:
# - s390x doesn't have libunwind8.
# https://github.com/GoogleContainerTools/distroless/pull/612#issue-500157699
# - ppc64le doesn't have stretch security-channel.
# https://github.com/GoogleContainerTools/distroless/pull/637#issuecomment-728139611
# - arm needs someone with available hardware to generate:
# //experimental/python2.7/ld.so.arm.cache
ARCHITECTURES = BASE_ARCHITECTURES + ["arm", "s390x", "ppc64le"]

VERSIONS = [
("debian9", "stretch"),
("debian10", "buster"),
]

DEBIAN_SNAPSHOT = "20201109T031347Z"
DEBIAN_SNAPSHOT = "20201116T150139Z"

DEBIAN_SECURITY_SNAPSHOT = "20201109T002306Z"
DEBIAN_SECURITY_SNAPSHOT = "20201115T225241Z"

SHA256s = {
"amd64": {
"debian9": {
"main": "90ff32c8226b57b879bf6b8c3cfda15e24f2b8c22de28426872f162db4e8d444",
"backports": "3e9f446541403ffbd2682d82323d3809609115decc275a3943ccfb0421c831bc",
"backports": "531e9bf9e6c2b35d08e68fb803cb1ea7b211ce81a32c158e6bc5c5f6fab7e491",
"updates": "b702e0888f32074ee212accbf56c732beacf0d9f570ca082a9c859b23a2596e9",
"security": "ab0769a23e9dd7d722b01a5d7362014dfd04657a9834ffba0236acb43689ce56",
"security": "b1e17c06ce778bc41941853eae8d28ab8ed33a537b2c038bff5b1061ea00f1c8",
},
"debian10": {
"main": "369d45f6c138af98d8ea8a598564dcabc1f6991ac777fb2d351e846f195cdc13",
"updates": "5182b40388284eb0eb2199906ec6f4b969391460911db3fba8af22dceecf957e",
"security": "bbb94b91b9f7407bb95d99e09fb8117e470bee424e002f36a43abe2eb4008abd",
"security": "27f42bc7006fbf5e4cc64bbe5621ff425c5308bdfd8f7d3ab2bc77eba960fed1",
},
},
"arm": {
"debian9": {
"main": "36521cc720d75810da368854db057b68e0e389b8170611a141cfa4021d03259b",
"backports": "fb57baff6ad1551e71b27c24f5ca048b635ce510ddbb1472c820e3b788174bf2",
"updates": "469b19c81185621bb5e90401b508933d7921a6e0b8a10fd5e4b570ae0a83409e",
"security": "de159411886c53bbe44353a9e2e7d9c8b50e3ea577520c0d71bb58497638296e",
},
"debian10": {
"main": "669fa13fdcb252416df1352a6807f4374eb840098f66b901fcd06ed49b932f0f",
"updates": "9d4f6aa80f3440a4f38eba8696c696102ff20663d3c08c37e0ab30ba1aa2aa26",
"security": "ab1810f3465cba9a058eb9acb97f6c24146c03950111d2de7ba37a2de4dfff6a",
},
},
"arm64": {
"debian9": {
"main": "881d279ca3536ce84dbe9073a150ec2dfba898cb4c5010cbd50d07ba54942b3e",
"backports": "bbee7bcafdd47bcbc1f996cbe2c2e96802c2091edcdf8435f49b52b172ddf082",
"backports": "328f3ec5675e605e7d5f46f6d3fc58a0c45cdeb4907fb3671c03bb9d68b2db51",
"updates": "df9eadde7ef2ea7c7d3c07417e4924aece7bf3ccad8575e13ae68c71dcaa1d40",
"security": "9c4c5f2203bfaeea4645d588601d21b13504a049b8a8fc8e8abf9642234c7a57",
"security": "9055c9c14d87f8c1324d28b40ce6e37d1f4bf6d5c4680555fa3e5afdc8405c30",
},
"debian10": {
"main": "62a7e0c34f45a2524024ef4871e48f061f8d57d54e6f9d75d2aa2bff55ca91b8",
"updates": "2a4daac0602bb750fb90a37928212b0b5a580d1903a585fc651dacfd33853ded",
"security": "ce3272291fe127d0ee867daaf98e0f98e10d81c6d7b30295a0cc88fd9d67f561",
"security": "d2c908cbd9c72526ab0cd77bfd200618864b8d68f6120fc04177c17ea9348ff3",
},
},
"s390x": {
"debian9": {
"main": "f40e0f3d2c203557de8670874703b7462b40c7db3d9ef7ea45bee166c0327abb",
"backports": "4600aebd9956f1a84306df9110022b201ba4ebbe950446a53352a304655e6670",
"backports": "9090debf1f065d0152688f879b03c80fbdf01e880443e6d4cde2458f21d24439",
"updates": "dad6720cfbc75a335005e7c471722a2f67bfc7da9f75e653a74e73b3a7acc89f",
},
"debian10": {
"main": "ad07beb5da6151e8289f1f32b0eb43da061c28bbbb1a625c58974cfe5543cd1b",
"updates": "43bbce98e45ded47ac89bea0a8d2ae5b9d438ca09f1d1a688d509f7f31d1b6cb",
"security": "efb9bb5d5e4449ca1ee09570cd7fc3eb7af7ee12a28ca9ddef3afbb29b3684cc",
"security": "9572e58030490801114740775b6f78ce8ffadd80d96198110deee409059ecba4",
},
},
"ppc64le": {
"debian9": {
"main": "34aef3b450ec40c36b23aa61e8b1d68ed40ee4b496d597364db10a9eadad590e",
"backports": "37ddcb6e6e96e494f3afd409680dbb0c57ef278453599f5e2a6366b6ead6da63",
"backports": "6c4fc3902aad4263ea96c3ee94523bd046fc8ea31da4fd7ecd58fd4aaa99c894",
"updates": "2ef877054f0dd43151aed073c66214f217c25cc4a31efa7004a5aafb2442e809",
},
"debian10": {
"main": "6a60359ca6e3421c2b1ea1a9003f2127cb9e4c8e702a87c0c1074ea212cf171e",
"updates": "5e08f4fd0721fd8c877223b791b1d5d25b35dce10660e20733480443b9399994",
"security": "4f0b53908a67349f040c63be720277f1d1b09ce1d02f0373fcb45950f18f8ae8",
"security": "859326305c4d84f5b0d330854c69d9758dc2c5e457eaac642df2f6959ec580af",
},
},
}
60 changes: 20 additions & 40 deletions cloudbuild_docker.sh
Original file line number Diff line number Diff line change
Expand Up @@ -26,48 +26,28 @@ docker_manifest() {
}

for distro_suffix in "" -debian9 -debian10; do
docker_manifest gcr.io/$PROJECT_ID/static${distro_suffix}:nonroot "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/static${distro_suffix}:latest "amd64 arm64 s390x ppc64le"

docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:nonroot "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:latest "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:debug-nonroot "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:debug "amd64 arm64 s390x ppc64le"

docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:latest "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:debug "amd64 arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/static${distro_suffix}:nonroot "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/static${distro_suffix}:latest "amd64 arm arm64 s390x ppc64le"

docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:nonroot "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:latest "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:debug-nonroot "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/base${distro_suffix}:debug "amd64 arm arm64 s390x ppc64le"

docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:nonroot "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:latest "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:debug-nonroot "amd64 arm arm64 s390x ppc64le"
docker_manifest gcr.io/$PROJECT_ID/cc${distro_suffix}:debug "amd64 arm arm64 s390x ppc64le"

docker_manifest gcr.io/$PROJECT_ID/python2.7${distro_suffix}:latest "amd64 arm64"
docker_manifest gcr.io/$PROJECT_ID/python2.7${distro_suffix}:debug "amd64 arm64"

docker_manifest gcr.io/$PROJECT_ID/python3${distro_suffix}:nonroot "amd64 arm64"
docker_manifest gcr.io/$PROJECT_ID/python3${distro_suffix}:latest "amd64 arm64"
docker_manifest gcr.io/$PROJECT_ID/python3${distro_suffix}:debug-nonroot "amd64 arm64"
docker_manifest gcr.io/$PROJECT_ID/python3${distro_suffix}:debug "amd64 arm64"
done

docker manifest create gcr.io/$PROJECT_ID/python3:nonroot \
gcr.io/$PROJECT_ID/python3:nonroot-amd64 \
gcr.io/$PROJECT_ID/python3:nonroot-arm64
docker manifest push gcr.io/$PROJECT_ID/python3:nonroot

docker manifest create gcr.io/$PROJECT_ID/python3:latest \
gcr.io/$PROJECT_ID/python3:latest-amd64 \
gcr.io/$PROJECT_ID/python3:latest-arm64
docker manifest push gcr.io/$PROJECT_ID/python3:latest

docker manifest create gcr.io/$PROJECT_ID/python3:debug-nonroot \
gcr.io/$PROJECT_ID/python3:debug-nonroot-amd64 \
gcr.io/$PROJECT_ID/python3:debug-nonroot-arm64
docker manifest push gcr.io/$PROJECT_ID/python3:debug-nonroot

docker manifest create gcr.io/$PROJECT_ID/python3:debug \
gcr.io/$PROJECT_ID/python3:debug-amd64 \
gcr.io/$PROJECT_ID/python3:debug-arm64
docker manifest push gcr.io/$PROJECT_ID/python3:debug

docker manifest create gcr.io/$PROJECT_ID/python2.7:latest \
gcr.io/$PROJECT_ID/python2.7:latest-amd64 \
gcr.io/$PROJECT_ID/python2.7:latest-arm64
docker manifest push gcr.io/$PROJECT_ID/python2.7:latest

docker manifest create gcr.io/$PROJECT_ID/python2.7:debug \
gcr.io/$PROJECT_ID/python2.7:debug-amd64 \
gcr.io/$PROJECT_ID/python2.7:debug-arm64
docker manifest push gcr.io/$PROJECT_ID/python2.7:debug

docker manifest create gcr.io/$PROJECT_ID/nodejs:latest \
gcr.io/$PROJECT_ID/nodejs:latest-amd64 \
gcr.io/$PROJECT_ID/nodejs:latest-arm64
Expand Down
2 changes: 1 addition & 1 deletion examples/python3/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image")
py_image(
name = "hello_py",
srcs = ["hello.py"],
base = "//experimental/python3:python3_amd64_debian10",
base = "//experimental/python3:python3_root_amd64_debian10",
main = "hello.py",
)

Expand Down
28 changes: 16 additions & 12 deletions experimental/python3/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ DISTRO_VERSION = {

[
container_image(
name = ("python3" if (not mode) else mode[1:]) + "_" + arch + distro_suffix,
name = ("python3" if (not mode) else mode[1:]) + "_root_" + arch + distro_suffix,
architecture = arch,
# Based on //cc so that C extensions work properly.
base = "//cc" + (mode if mode else ":cc") + "_root_" + arch + distro_suffix,
Expand Down Expand Up @@ -77,7 +77,7 @@ DISTRO_VERSION = {
container_image(
name = ("python3" if (not mode) else mode[1:]) + "_nonroot_" + arch + distro_suffix,
architecture = arch,
base = ("python3" if (not mode) else mode[1:]) + "_" + arch + distro_suffix,
base = ("python3" if (not mode) else mode[1:]) + "_root_" + arch + distro_suffix,
user = "%d" % NONROOT,
workdir = "/home/nonroot",
)
Expand All @@ -91,52 +91,56 @@ DISTRO_VERSION = {

[
container_test(
name = "python3_" + arch + distro_suffix + "_test",
name = "python3_" + user + "_" + arch + distro_suffix + "_test",
size = "medium",
configs = ["testdata/python3.yaml"],
image = ":python3_" + arch + distro_suffix,
image = ":python3_" + user + "_" + arch + distro_suffix,
tags = [
"manual",
arch,
],
)
for arch in ARCHITECTURES
for user in [
"root",
"nonroot",
]
for distro_suffix in DISTRO_SUFFIXES
]

# tests for version-specific things
[
container_test(
name = "debian9" + user + "_" + arch + "_test",
name = "debian9_" + user + "_" + arch + "_test",
size = "medium",
configs = ["testdata/debian9.yaml"],
image = ":python3" + user + "_" + arch + "_debian9",
image = ":python3_" + user + "_" + arch + "_debian9",
tags = [
"manual",
arch,
],
)
for arch in ARCHITECTURES
for user in [
"",
"_nonroot",
"root",
"nonroot",
]
]

[
container_test(
name = "debian10" + user + "_" + arch + "_test",
name = "debian10_" + user + "_" + arch + "_test",
size = "medium",
configs = ["testdata/debian10.yaml"],
image = ":python3" + user + "_" + arch + "_debian10",
image = ":python3_" + user + "_" + arch + "_debian10",
tags = [
"manual",
arch,
],
)
for arch in ARCHITECTURES
for user in [
"",
"_nonroot",
"root",
"nonroot",
]
]
77 changes: 77 additions & 0 deletions package_bundle_arm_debian10.versions
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
{
"base-files": "10.3+deb10u6",
"ca-certificates": "20200601~deb10u1",
"curl": "7.64.0-4+deb10u1",
"dash": "0.5.10.2-5",
"fontconfig-config": "2.13.1-2",
"fonts-dejavu-core": "2.37-1",
"libacl1": "2.2.53-4",
"libattr1": "1:2.4.48-4",
"libbz2-1.0": "1.0.6-9.2~deb10u1",
"libc-bin": "2.28-10",
"libc6": "2.28-10",
"libcomerr2": "1.44.5-1+deb10u3",
"libcurl4": "7.64.0-4+deb10u1",
"libdb5.3": "5.3.28+dfsg1-0.5",
"libexpat1": "2.2.6-2+deb10u1",
"libffi6": "3.2.1-9",
"libfontconfig1": "2.13.1-2",
"libfreetype6": "2.9.1-3+deb10u2",
"libgcc1": "1:8.3.0-6",
"libgcrypt20": "1.8.4-5",
"libgmp10": "2:6.1.2+dfsg-4",
"libgnutls30": "3.6.7-4+deb10u5",
"libgomp1": "8.3.0-6",
"libgpg-error0": "1.35-1",
"libgssapi-krb5-2": "1.17-3",
"libhogweed4": "3.4.1-1",
"libicu63": "63.1-6+deb10u1",
"libidn11": "1.33-2.2",
"libidn2-0": "2.0.5-1+deb10u1",
"libjpeg62-turbo": "1:1.5.2-2+b1",
"libk5crypto3": "1.17-3",
"libkeyutils1": "1.6-6",
"libkrb5-3": "1.17-3",
"libkrb5support0": "1.17-3",
"liblcms2-2": "2.9-3",
"libldap-2.4-2": "2.4.47+dfsg-3+deb10u3",
"libldap-common": "2.4.47+dfsg-3+deb10u3",
"liblttng-ust0": "2.10.3-1",
"liblzma5": "5.2.4-1",
"libmpdec2": "2.4.2-2",
"libncursesw6": "6.1+20181013-2+deb10u2",
"libnettle6": "3.4.1-1",
"libnghttp2-14": "1.36.0-2+deb10u1",
"libp11-kit0": "0.23.15-2",
"libpcre3": "2:8.39-12",
"libpng16-16": "1.6.36-6",
"libpsl5": "0.20.2-2",
"libpython2.7-minimal": "2.7.16-2+deb10u1",
"libpython2.7-stdlib": "2.7.16-2+deb10u1",
"libpython3.7-minimal": "3.7.3-2+deb10u2",
"libpython3.7-stdlib": "3.7.3-2+deb10u2",
"libreadline7": "7.0-5",
"librtmp1": "2.4+20151223.gitfa8646d.1-2",
"libsasl2-2": "2.1.27+dfsg-1+deb10u1",
"libsasl2-modules-db": "2.1.27+dfsg-1+deb10u1",
"libselinux1": "2.8-1+b1",
"libsqlite3-0": "3.27.2-3",
"libssh2-1": "1.8.0-2.1",
"libssl1.1": "1.1.1d-0+deb10u3",
"libstdc++6": "8.3.0-6",
"libtasn1-6": "4.13-3",
"libtinfo6": "6.1+20181013-2+deb10u2",
"libunistring2": "0.9.10-1",
"libuuid1": "2.33.1-0.1",
"mime-support": "3.62",
"netbase": "5.6",
"openjdk-11-jdk-headless": "11.0.9+11-1~deb10u1",
"openjdk-11-jre-headless": "11.0.9+11-1~deb10u1",
"openssl": "1.1.1d-0+deb10u3",
"python2.7-minimal": "2.7.16-2+deb10u1",
"python3-distutils": "3.7.3-1",
"python3.7-minimal": "3.7.3-2+deb10u2",
"readline-common": "7.0-5",
"tzdata": "2020d-0+deb10u1",
"zlib1g": "1:1.2.11.dfsg-1"
}
Loading

0 comments on commit 9e74328

Please sign in to comment.