From e7a13cbbc39fd61d8192f5d4427111f666c9ab8b Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Fri, 26 Apr 2024 20:52:43 +0000 Subject: containerd: consolidate to "containerd" We no longer need the split between container-docker and containerd-opencontainers and dependent layers have been given over a year to adapt. We do keep the provides and rprovides around for a bit longer, but those will also be removed in the future. Signed-off-by: Bruce Ashfield --- conf/layer.conf | 2 +- ...low-GO_BUILD_FLAGS-to-be-externally-speci.patch | 35 ------- ...001-Makefile-update-default-PACKAGE-to-v2.patch | 28 ------ ...uild-don-t-use-gcflags-to-define-trimpath.patch | 32 ------- .../containerd/containerd-opencontainers_git.bb | 99 -------------------- ...low-GO_BUILD_FLAGS-to-be-externally-speci.patch | 35 +++++++ ...001-Makefile-update-default-PACKAGE-to-v2.patch | 28 ++++++ ...uild-don-t-use-gcflags-to-define-trimpath.patch | 32 +++++++ recipes-containers/containerd/containerd_git.bb | 101 +++++++++++++++++++++ 9 files changed, 197 insertions(+), 195 deletions(-) delete mode 100644 recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch delete mode 100644 recipes-containers/containerd/containerd-opencontainers/0001-Makefile-update-default-PACKAGE-to-v2.patch delete mode 100644 recipes-containers/containerd/containerd-opencontainers/0001-build-don-t-use-gcflags-to-define-trimpath.patch delete mode 100644 recipes-containers/containerd/containerd-opencontainers_git.bb create mode 100644 recipes-containers/containerd/containerd/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch create mode 100644 recipes-containers/containerd/containerd/0001-Makefile-update-default-PACKAGE-to-v2.patch create mode 100644 recipes-containers/containerd/containerd/0001-build-don-t-use-gcflags-to-define-trimpath.patch create mode 100644 recipes-containers/containerd/containerd_git.bb diff --git a/conf/layer.conf b/conf/layer.conf index 7c8e3701..b7cbb092 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -40,7 +40,7 @@ LAYERRECOMMENDS_virtualization-layer = " \ require conf/distro/include/virt_security_flags.inc PREFERRED_PROVIDER_virtual/runc ?= "runc-opencontainers" -PREFERRED_PROVIDER_virtual/containerd ?= "containerd-opencontainers" +PREFERRED_PROVIDER_virtual/containerd ?= "containerd" PREFERRED_PROVIDER_virtual/docker ?= "docker-moby" # Sanity check for meta-virtualization layer. diff --git a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch b/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch deleted file mode 100644 index 63498a86..00000000 --- a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 474b93f8f643651144304a6971ef476add7f06f8 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield -Date: Tue, 25 May 2021 12:49:41 -0400 -Subject: [PATCH] Makefile: allow GO_BUILD_FLAGS to be externally specified - -Since our oe-core go infrastructure insists on both -pie and static -builds (for the most part), and that is not recommended by many -packages, we end up with errors like: - - cannot find package runtime/cgo (using -importcfg) - ... - recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link: - cannot open file : open : no such file or directory - -Upstream-Status: Inappropriate [specific to OE go configuration and build] - -Signed-off-by: Bruce Ashfield ---- - Makefile | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -Index: containerd/Makefile -=================================================================== ---- containerd.orig/Makefile -+++ containerd/Makefile -@@ -129,7 +129,8 @@ - GOPATHS=$(shell $(GO) env GOPATH | tr ":" "\n" | tr ";" "\n") - - TESTFLAGS_RACE= --GO_BUILD_FLAGS ?= -+# allow flags to be exported and picked up. -+# GO_BUILD_FLAGS ?= - # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 - GO_GCFLAGS=$(shell \ - set -- ${GOPATHS}; \ diff --git a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-update-default-PACKAGE-to-v2.patch b/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-update-default-PACKAGE-to-v2.patch deleted file mode 100644 index 74e313b5..00000000 --- a/recipes-containers/containerd/containerd-opencontainers/0001-Makefile-update-default-PACKAGE-to-v2.patch +++ /dev/null @@ -1,28 +0,0 @@ -From eb39888898a9d196e3eb63724c6c07777f3b9402 Mon Sep 17 00:00:00 2001 -From: Changqing Li -Date: Wed, 24 Apr 2024 14:10:11 +0800 -Subject: [PATCH] Makefile: update default PACKAGE to v2 - -Upstream-Status: Submitted [https://github.com/containerd/containerd/pull/10125] - -Signed-off-by: Changqing Li ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index a5b244191..cb9ff4172 100644 ---- a/Makefile -+++ b/Makefile -@@ -34,7 +34,7 @@ TEST_IMAGE_LIST ?= - # Used to populate variables in version package. - VERSION ?= $(shell git describe --match 'v[0-9]*' --dirty='.m' --always) - REVISION ?= $(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi) --PACKAGE=github.com/containerd/containerd -+PACKAGE=github.com/containerd/containerd/v2 - SHIM_CGO_ENABLED ?= 0 - - ifneq "$(strip $(shell command -v $(GO) 2>/dev/null))" "" --- -2.25.1 - diff --git a/recipes-containers/containerd/containerd-opencontainers/0001-build-don-t-use-gcflags-to-define-trimpath.patch b/recipes-containers/containerd/containerd-opencontainers/0001-build-don-t-use-gcflags-to-define-trimpath.patch deleted file mode 100644 index 62580c6c..00000000 --- a/recipes-containers/containerd/containerd-opencontainers/0001-build-don-t-use-gcflags-to-define-trimpath.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 9174091fa1624dbb09ce812792a4102dff693541 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield -Date: Mon, 12 Sep 2022 15:40:08 -0400 -Subject: [PATCH] build: don't use gcflags to define trimpath - -We can pass trimpath in via environment variables. The gcflags -definition of trimpath is for older go versions and is using the -complete path for trimming. If the variable is captured in the -resulting binary, we have a reproducibility and QA issue. - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: Bruce Ashfield ---- - Makefile | 1 - - 1 file changed, 1 deletion(-) - -diff --git git.orig/Makefile git.orig/Makefile -index 4a6c13042..debb57925 100644 ---- git.orig/Makefile -+++ git.orig/Makefile -@@ -130,7 +130,6 @@ TESTFLAGS_RACE= - # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 - GO_GCFLAGS=$(shell \ - set -- ${GOPATHS}; \ -- echo "-gcflags=-trimpath=$${1}/src"; \ - ) - - BINARIES=$(addprefix bin/,$(COMMANDS)) --- -2.19.1 - diff --git a/recipes-containers/containerd/containerd-opencontainers_git.bb b/recipes-containers/containerd/containerd-opencontainers_git.bb deleted file mode 100644 index ed73e398..00000000 --- a/recipes-containers/containerd/containerd-opencontainers_git.bb +++ /dev/null @@ -1,99 +0,0 @@ -HOMEPAGE = "https://github.com/containerd/containerd" -SUMMARY = "containerd is a daemon to control runC" -DESCRIPTION = "containerd is a daemon to control runC, built for performance and density. \ - containerd leverages runC's advanced features such as seccomp and user namespace \ - support as well as checkpoint and restore for cloning and live migration of containers." - - -SRCREV = "b1624c3628954e769dd50783b63823040b2db38c" -SRC_URI = "git://github.com/containerd/containerd;branch=main;protocol=https;destsuffix=git/src/github.com/containerd/containerd/v2 \ - file://0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch \ - file://0001-build-don-t-use-gcflags-to-define-trimpath.patch \ - file://0001-Makefile-update-default-PACKAGE-to-v2.patch \ - " - -# Apache-2.0 for containerd -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=1269f40c0d099c21a871163984590d89" - -CONTAINERD_VERSION = "v2.0.0-beta.0" -CVE_VERSION = "v2.0.0-beta.0" - -# EXTRA_OEMAKE += "GODEBUG=1" - -PROVIDES += "virtual/containerd" -RPROVIDES:${PN} = "virtual-containerd" - -S = "${WORKDIR}/git/src/github.com/containerd/containerd/v2" - -PV = "${CONTAINERD_VERSION}+git" - -inherit go -inherit goarch - -GO_IMPORT = "import" - -INSANE_SKIP:${PN} += "ldflags" - -do_configure[noexec] = "1" - -do_compile() { - export GOARCH="${TARGET_GOARCH}" - - export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go:${WORKDIR}/git/" - export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" - - # Pass the needed cflags/ldflags so that cgo - # can find the needed headers files and libraries - export CGO_ENABLED="1" - export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export BUILDTAGS="no_btrfs static_build netgo" - export CFLAGS="${CFLAGS}" - export LDFLAGS="${LDFLAGS}" - export SHIM_CGO_ENABLED="${CGO_ENABLED}" - # fixes: - # cannot find package runtime/cgo (using -importcfg) - # ... recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link: - # cannot open file : open : no such file or directory - export GO_BUILD_FLAGS="-trimpath -a -pkgdir dontusecurrentpkgs" - export GO111MODULE=off - - cd ${S} - - oe_runmake binaries -} - -inherit systemd -SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" -SYSTEMD_SERVICE:${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','containerd.service','',d)}" - -do_install() { - mkdir -p ${D}/${bindir} - - cp ${S}/bin/containerd ${D}/${bindir}/containerd - cp ${S}/bin/containerd-shim-runc-v2 ${D}/${bindir}/containerd-shim-runc-v2 - cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr - - ln -sf containerd ${D}/${bindir}/docker-containerd - ln -sf containerd-ctr ${D}/${bindir}/docker-containerd-ctr - - ln -sf containerd-ctr ${D}/${bindir}/ctr - - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}${systemd_unitdir}/system - install -m 644 ${S}/containerd.service ${D}/${systemd_unitdir}/system - # adjust from /usr/local/bin to /usr/bin/ - sed -e "s:/usr/local/bin/containerd:${bindir}/containerd:g" -i ${D}/${systemd_unitdir}/system/containerd.service - fi -} - -FILES:${PN} += "${systemd_system_unitdir}/*" - -INSANE_SKIP:${PN} += "ldflags already-stripped" - -COMPATIBLE_HOST = "^(?!(qemu)?mips).*" - -RDEPENDS:${PN} += " ${VIRTUAL-RUNTIME_container_runtime}" - -CVE_PRODUCT = "containerd" diff --git a/recipes-containers/containerd/containerd/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch b/recipes-containers/containerd/containerd/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch new file mode 100644 index 00000000..63498a86 --- /dev/null +++ b/recipes-containers/containerd/containerd/0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch @@ -0,0 +1,35 @@ +From 474b93f8f643651144304a6971ef476add7f06f8 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield +Date: Tue, 25 May 2021 12:49:41 -0400 +Subject: [PATCH] Makefile: allow GO_BUILD_FLAGS to be externally specified + +Since our oe-core go infrastructure insists on both -pie and static +builds (for the most part), and that is not recommended by many +packages, we end up with errors like: + + cannot find package runtime/cgo (using -importcfg) + ... + recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link: + cannot open file : open : no such file or directory + +Upstream-Status: Inappropriate [specific to OE go configuration and build] + +Signed-off-by: Bruce Ashfield +--- + Makefile | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +Index: containerd/Makefile +=================================================================== +--- containerd.orig/Makefile ++++ containerd/Makefile +@@ -129,7 +129,8 @@ + GOPATHS=$(shell $(GO) env GOPATH | tr ":" "\n" | tr ";" "\n") + + TESTFLAGS_RACE= +-GO_BUILD_FLAGS ?= ++# allow flags to be exported and picked up. ++# GO_BUILD_FLAGS ?= + # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 + GO_GCFLAGS=$(shell \ + set -- ${GOPATHS}; \ diff --git a/recipes-containers/containerd/containerd/0001-Makefile-update-default-PACKAGE-to-v2.patch b/recipes-containers/containerd/containerd/0001-Makefile-update-default-PACKAGE-to-v2.patch new file mode 100644 index 00000000..74e313b5 --- /dev/null +++ b/recipes-containers/containerd/containerd/0001-Makefile-update-default-PACKAGE-to-v2.patch @@ -0,0 +1,28 @@ +From eb39888898a9d196e3eb63724c6c07777f3b9402 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Wed, 24 Apr 2024 14:10:11 +0800 +Subject: [PATCH] Makefile: update default PACKAGE to v2 + +Upstream-Status: Submitted [https://github.com/containerd/containerd/pull/10125] + +Signed-off-by: Changqing Li +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index a5b244191..cb9ff4172 100644 +--- a/Makefile ++++ b/Makefile +@@ -34,7 +34,7 @@ TEST_IMAGE_LIST ?= + # Used to populate variables in version package. + VERSION ?= $(shell git describe --match 'v[0-9]*' --dirty='.m' --always) + REVISION ?= $(shell git rev-parse HEAD)$(shell if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi) +-PACKAGE=github.com/containerd/containerd ++PACKAGE=github.com/containerd/containerd/v2 + SHIM_CGO_ENABLED ?= 0 + + ifneq "$(strip $(shell command -v $(GO) 2>/dev/null))" "" +-- +2.25.1 + diff --git a/recipes-containers/containerd/containerd/0001-build-don-t-use-gcflags-to-define-trimpath.patch b/recipes-containers/containerd/containerd/0001-build-don-t-use-gcflags-to-define-trimpath.patch new file mode 100644 index 00000000..62580c6c --- /dev/null +++ b/recipes-containers/containerd/containerd/0001-build-don-t-use-gcflags-to-define-trimpath.patch @@ -0,0 +1,32 @@ +From 9174091fa1624dbb09ce812792a4102dff693541 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield +Date: Mon, 12 Sep 2022 15:40:08 -0400 +Subject: [PATCH] build: don't use gcflags to define trimpath + +We can pass trimpath in via environment variables. The gcflags +definition of trimpath is for older go versions and is using the +complete path for trimming. If the variable is captured in the +resulting binary, we have a reproducibility and QA issue. + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: Bruce Ashfield +--- + Makefile | 1 - + 1 file changed, 1 deletion(-) + +diff --git git.orig/Makefile git.orig/Makefile +index 4a6c13042..debb57925 100644 +--- git.orig/Makefile ++++ git.orig/Makefile +@@ -130,7 +130,6 @@ TESTFLAGS_RACE= + # See Golang issue re: '-trimpath': https://github.com/golang/go/issues/13809 + GO_GCFLAGS=$(shell \ + set -- ${GOPATHS}; \ +- echo "-gcflags=-trimpath=$${1}/src"; \ + ) + + BINARIES=$(addprefix bin/,$(COMMANDS)) +-- +2.19.1 + diff --git a/recipes-containers/containerd/containerd_git.bb b/recipes-containers/containerd/containerd_git.bb new file mode 100644 index 00000000..4d900d01 --- /dev/null +++ b/recipes-containers/containerd/containerd_git.bb @@ -0,0 +1,101 @@ +HOMEPAGE = "https://github.com/containerd/containerd" +SUMMARY = "containerd is a daemon to control runC" +DESCRIPTION = "containerd is a daemon to control runC, built for performance and density. \ + containerd leverages runC's advanced features such as seccomp and user namespace \ + support as well as checkpoint and restore for cloning and live migration of containers." + + +SRCREV = "b1624c3628954e769dd50783b63823040b2db38c" +SRC_URI = "git://github.com/containerd/containerd;branch=main;protocol=https;destsuffix=git/src/github.com/containerd/containerd/v2 \ + file://0001-Makefile-allow-GO_BUILD_FLAGS-to-be-externally-speci.patch \ + file://0001-build-don-t-use-gcflags-to-define-trimpath.patch \ + file://0001-Makefile-update-default-PACKAGE-to-v2.patch \ + " + +# Apache-2.0 for containerd +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=1269f40c0d099c21a871163984590d89" + +CONTAINERD_VERSION = "v2.0.0-beta.0" +CVE_VERSION = "v2.0.0-beta.0" + +# EXTRA_OEMAKE += "GODEBUG=1" + +# containerd-opencontainers is to provide compatibility with external +# packagegroups / recipes that depend on the existing split of containerd +# between docker and opencontainers. We can drop it in the future. +PROVIDES += "virtual/containerd containerd-opencontainers" +RPROVIDES:${PN} = "virtual-containerd containerd-opencontainers" + +S = "${WORKDIR}/git/src/github.com/containerd/containerd/v2" + +PV = "${CONTAINERD_VERSION}+git" + +inherit go +inherit goarch + +GO_IMPORT = "import" + +INSANE_SKIP:${PN} += "ldflags" + +do_configure[noexec] = "1" + +do_compile() { + export GOARCH="${TARGET_GOARCH}" + + export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go:${WORKDIR}/git/" + export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go" + + # Pass the needed cflags/ldflags so that cgo + # can find the needed headers files and libraries + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" + export BUILDTAGS="no_btrfs static_build netgo" + export CFLAGS="${CFLAGS}" + export LDFLAGS="${LDFLAGS}" + export SHIM_CGO_ENABLED="${CGO_ENABLED}" + # fixes: + # cannot find package runtime/cgo (using -importcfg) + # ... recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link: + # cannot open file : open : no such file or directory + export GO_BUILD_FLAGS="-trimpath -a -pkgdir dontusecurrentpkgs" + export GO111MODULE=off + + cd ${S} + + oe_runmake binaries +} + +inherit systemd +SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}" +SYSTEMD_SERVICE:${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','containerd.service','',d)}" + +do_install() { + mkdir -p ${D}/${bindir} + + cp ${S}/bin/containerd ${D}/${bindir}/containerd + cp ${S}/bin/containerd-shim-runc-v2 ${D}/${bindir}/containerd-shim-runc-v2 + cp ${S}/bin/ctr ${D}/${bindir}/containerd-ctr + + ln -sf containerd ${D}/${bindir}/docker-containerd + ln -sf containerd-ctr ${D}/${bindir}/docker-containerd-ctr + + ln -sf containerd-ctr ${D}/${bindir}/ctr + + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 644 ${S}/containerd.service ${D}/${systemd_unitdir}/system + # adjust from /usr/local/bin to /usr/bin/ + sed -e "s:/usr/local/bin/containerd:${bindir}/containerd:g" -i ${D}/${systemd_unitdir}/system/containerd.service + fi +} + +FILES:${PN} += "${systemd_system_unitdir}/*" + +INSANE_SKIP:${PN} += "ldflags already-stripped" + +COMPATIBLE_HOST = "^(?!(qemu)?mips).*" + +RDEPENDS:${PN} += " ${VIRTUAL-RUNTIME_container_runtime}" + -- cgit v1.2.3-54-g00ecf