Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce "base" variant of SLE-Micro-for-Rancher #1050

Merged
merged 2 commits into from
Oct 18, 2023
Merged

Introduce "base" variant of SLE-Micro-for-Rancher #1050

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1d2c3ef
Introduce "base" variant of SLE-Micro-for-Rancher
kkaempf Oct 17, 2023
5743155
Merge branch 'main' into slem4r-base
kkaempf Oct 18, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions .obs/dockerfile/slem4r-base-iso/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: suse/sle-micro-rancher-iso/base-%%SLEMICRO_VERSION%%:latest
#!BuildConstraint: hardware:disk:size unit=G 10
#!BuildConstraint: hardware:memory:size unit=G 16

ARG SLEMICRO_VERSION
ARG SLE_VERSION

FROM suse/sle-micro-rancher/base-${SLEMICRO_VERSION}:latest AS os
FROM suse/sle-micro-rancher/${SLEMICRO_VERSION}:latest AS builder

WORKDIR /iso

COPY manifest.yaml manifest.yaml
COPY --from=os / rootfs

# Version value is taken form the elemental repository tags
# Release value of this image and os image are unrelated
RUN elemental --debug --config-dir . build-iso -o /output -n "sle-micro-rancher.$(uname -m)-base-%VERSION%-Build%RELEASE%" dir:rootfs
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In former iso images in OBS this %VERSION% is a placeholder to be replaced with the version computed from github sources, more specific form the elemental.obsinfo file. For that the _service file requires an obs_scm service and replace_with_package_version service. Something like:

  <service name="obs_scm">
    <param name="url">https://github.com/rancher/elemental</param>
    <param name="scm">git</param>
    <param name="include">.obs</param>
    <param name="extract">.obs/dockerfile/slem4r-base-iso/Dockerfile</param>
    <param name="revision">main</param>
    <param name="filename">elemental</param>
    <param name="versionformat">@PARENT_TAG@+git%cd.%h</param>
    <param name="versionrewrite-pattern">v([^-]+)-?.*(\+git.*)</param>
    <param name="versionrewrite-replacement">\1\2</param>
  </service>
  <service name="replace_using_package_version" mode="buildtime">
    <param name="file">Dockerfile</param>
    <param name="regex">%VERSION%</param>
    <param name="package">elemental</param>
    <param name="parse-version">patch</param>
  </service>

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this will be part of the package submission in OBS


# Only keep the ISO as a result
FROM bci/bci-busybox:$SLE_VERSION
COPY --from=builder /output /elemental-iso

ARG SLEMICRO_VERSION
ARG BUILD_REPO=%%IMG_REPO%%
ARG IMAGE_REPO=$BUILD_REPO/suse/sle-micro-rancher-iso/base-$SLEMICRO_VERSION

# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.rancher.slem4r
LABEL org.opencontainers.image.title="SLE Micro for Rancher base-ISO"
LABEL org.opencontainers.image.description="Includes the SLE Micro for Rancher ISO"
LABEL org.opencontainers.image.version="%VERSION%"
LABEL org.opencontainers.image.url="https://github.com/rancher/elemental"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference=$IMAGE_REPO
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="l3"
# endlabelprefix

# By default run a shell
ENTRYPOINT ["busybox"]
CMD ["sh"]
104 changes: 104 additions & 0 deletions .obs/dockerfile/slem4r-base-os/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
# SPDX-License-Identifier: Apache-2.0
# Define the names/tags of the container
#!BuildTag: suse/sle-micro-rancher/base-%%SLEMICRO_VERSION%%:latest
#!BuildTag: suse/sle-micro-rancher/base-%%SLEMICRO_VERSION%%:%VERSION%
#!BuildTag: suse/sle-micro-rancher/base-%%SLEMICRO_VERSION%%:%VERSION%-%RELEASE%
#!BuildConstraint: hardware:disk:size unit=G 8
#

ARG SLE_VERSION
FROM suse/sle15:$SLE_VERSION as host

MAINTAINER SUSE LLC (https://www.suse.com/)

RUN mkdir /osimage

RUN rpm --initdb --root /osimage

RUN zypper --installroot /osimage in --no-recommends -y filesystem

# make system bootable
RUN zypper --installroot /osimage in --no-recommends -y grub2 shim dracut kernel systemd bash

#!ArchExclusiveLine: x86_64
RUN if [ `uname -m` = "x86-64" ]; then zypper --installroot /osimage in --no-recommends -y syslinux; fi

# make dracut happy
RUN zypper --installroot /osimage in --no-recommends -y squashfs NetworkManager device-mapper iproute2 tar curl ca-certificates ca-certificates-mozilla

# make ARM happy
#!ArchExclusiveLine: aarch64
RUN if [ `uname -m` = "aarch64" ]; then zypper --installroot /osimage in -y raspberrypi-firmware-uefi grub2-arm64-efi; fi

# make SUSE happy
RUN zypper --installroot /osimage in --no-recommends -y SLE-Micro-Rancher-release systemd-presets-branding-SLE-Micro-for-Rancher

# make elemental-register happy
RUN zypper --installroot /osimage in --no-recommends -y dmidecode lvm2

# make Rancher (containerd) happy
RUN zypper --installroot /osimage in --no-recommends -y apparmor-parser

# add elemental
RUN zypper --installroot /osimage in --no-recommends -y elemental
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JFYI here we explicitly require elemental package and hence OBS includes this package as part of the buildenv. Then there is the replace_using_package_version OBS buildtime service that finds this package, gets the version of it and replaces a given placeholder with the computed version.

Just something to keep in mind for our own derivatives, we used to compute the tag from elemental package version. We could also compute that version|tag from github tags if the sources are pulled from github. This mostly relates to the images we want to build in OBS.


# end of mandatory package installs for SLE Micro for Rancher

# make derived containers possible
RUN zypper --installroot /osimage in --no-recommends -y zypper

FROM scratch as osimage

COPY --from=host /osimage /

ARG SLEMICRO_VERSION
ARG BUILD_REPO=%%IMG_REPO%%
ARG IMAGE_REPO=$BUILD_REPO/rancher/elemental-teal/$SLEMICRO_VERSION
ARG IMAGE_TAG=%VERSION%-%RELEASE%

# IMPORTANT: Setup elemental-release used for versioning/upgrade. The
# values here should reflect the tag of the image being built
# Also used by elemental-populate-labels
RUN echo IMAGE_REPO=\"${IMAGE_REPO}\" >> /etc/os-release && \
echo IMAGE_TAG=\"${IMAGE_TAG}\" >> /etc/os-release && \
echo IMAGE=\"${IMAGE_REPO}:${IMAGE_TAG}\" >> /etc/os-release && \
echo TIMESTAMP="`date +'%Y%m%d%H%M%S'`" >> /etc/os-release && \
echo GRUB_ENTRY_NAME=\"Elemental\" >> /etc/os-release

# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.sle.micro.rancher
LABEL org.opencontainers.image.title="SLE Micro for Rancher"
LABEL org.opencontainers.image.description="Image containing SLE Micro for Rancher - a containerized OS layer for Kubernetes."
LABEL org.opencontainers.image.version="base-%%SLEMICRO_VERSION%%.%RELEASE%"
LABEL org.opencontainers.image.url="https://www.suse.com/products/micro/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opencontainers.image.source="%SOURCEURL%"
LABEL org.opensuse.reference="registry.suse.com/suse/sle-micro-rancher/%%SLEMICRO_VERSION%%:%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="alpha"
LABEL com.suse.eula="sle-eula"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle#suse-linux-enterprise-micro"
LABEL com.suse.image-type="sle-micro"
LABEL com.suse.release-stage="unreleased"
# endlabelprefix

# Make sure trusted certificates are properly generated
RUN /usr/sbin/update-ca-certificates

# Ensure /tmp is mounted as tmpfs by default
RUN if [ -e /usr/share/systemd/tmp.mount ]; then \
cp /usr/share/systemd/tmp.mount /etc/systemd/system; \
fi

# Save some space
RUN zypper clean --all && \
rm -rf /var/log/update* && \
>/var/log/lastlog && \
rm -rf /boot/vmlinux*

# Rebuild initrd to setup dracut with the boot configurations
RUN elemental init --force immutable-rootfs,grub-config,dracut-config,cloud-config-essentials,elemental-setup && \
# aarch64 has an uncompressed kernel so we need to link it to vmlinuz
kernel=$(ls /boot/Image-* 2>/dev/null | head -n1) && \
if [ -e "$kernel" ]; then ln -sf "${kernel#/boot/}" /boot/vmlinuz; fi