From fde63a30e858dbbe44b39612021f4c8be047a59a Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Tue, 23 Jul 2024 16:12:18 +0200 Subject: [PATCH 1/3] Makefile: add registry.access.redhat.com to known registries Co-authored-by: Bjorn Neergaard Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 6702eea8932e9e0b23dde029a2a9bc3cabe5bea2) Signed-off-by: Sebastiaan van Stijn --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 72824d1c..e51c3763 100644 --- a/Makefile +++ b/Makefile @@ -67,8 +67,8 @@ endif # make quay.io/centos/centos:stream8 # # It is a shorthand for "make BUILD_IMAGE=mydistro:version build" -.PHONY: docker.io/% quay.io/% -docker.io/% quay.io/%: +.PHONY: docker.io/% quay.io/% registry.access.redhat.com/% +docker.io/% quay.io/% registry.access.redhat.com/%: $(MAKE) BUILD_IMAGE="$@" build .PHONY: checkout From 94d22d14b5b542722598a227491e4976322216ce Mon Sep 17 00:00:00 2001 From: Bjorn Neergaard Date: Thu, 22 Feb 2024 04:11:17 -0700 Subject: [PATCH 2/3] Make build ARCH-aware Signed-off-by: Bjorn Neergaard (cherry picked from commit 58d04e26de173d27520be5f8d31d3287deaa7485) Signed-off-by: Sebastiaan van Stijn --- Jenkinsfile | 2 +- Makefile | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 06a08f50..0aed52c4 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -36,7 +36,7 @@ def generatePackageStep(opts, arch) { ''' checkout scm sh 'make clean' - sh "make CREATE_ARCHIVE=1 ${opts.image}" + sh "make CREATE_ARCHIVE=1 ARCH=${arch} ${opts.image}" archiveArtifacts(artifacts: 'archive/*.tar.gz', onlyIfSuccessful: true) } finally { deleteDir() diff --git a/Makefile b/Makefile index e51c3763..ff220287 100644 --- a/Makefile +++ b/Makefile @@ -14,6 +14,7 @@ include common/common.mk +ARCH=$(shell uname -m) BUILD_IMAGE=ubuntu:focal BUILD_TYPE=$(shell ./scripts/deb-or-rpm $(BUILD_IMAGE)) BUILD_BASE=$(shell ./scripts/determine-base $(BUILD_IMAGE)) @@ -84,7 +85,7 @@ build: @echo "" @echo "containerd : $(REF) (commit: $(shell git -C "src/github.com/containerd/containerd" log -1 --pretty='%h'))" @echo "runc : $$(./scripts/determine-runc-version) (commit: $$(git -C "src/github.com/opencontainers/runc" log -1 --pretty='%h'))" - @echo "architecture : $(shell uname -m)" + @echo "architecture : $(ARCH)" @echo "build image : $(BUILD_IMAGE)" @echo "golang image : $(GOLANG_IMAGE)" @echo "--------------------------------------------------------------------" @@ -96,6 +97,7 @@ build: @set -x; DOCKER_BUILDKIT=1 docker build \ --pull \ + --platform linux/$(ARCH) \ --build-arg GOLANG_IMAGE="$(GOLANG_IMAGE)" \ --build-arg BUILD_IMAGE="$(BUILD_IMAGE)" \ --build-arg BASE="$(BUILD_BASE)" \ From 00b0083c3c589efdebde76d597baf57713702a1f Mon Sep 17 00:00:00 2001 From: Bjorn Neergaard Date: Thu, 22 Feb 2024 04:11:33 -0700 Subject: [PATCH 3/3] rpm: minimal RHEL support Signed-off-by: Bjorn Neergaard Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 29bfe29be6fe2c415e35d1402e49ecda78d49eec) Signed-off-by: Sebastiaan van Stijn --- Makefile | 2 ++ dockerfiles/rpm.dockerfile | 13 +++++++++++++ 2 files changed, 15 insertions(+) diff --git a/Makefile b/Makefile index ff220287..cd7e5ad1 100644 --- a/Makefile +++ b/Makefile @@ -97,6 +97,8 @@ build: @set -x; DOCKER_BUILDKIT=1 docker build \ --pull \ + --secret id=rh-user,env=RH_USER \ + --secret id=rh-pass,env=RH_PASS \ --platform linux/$(ARCH) \ --build-arg GOLANG_IMAGE="$(GOLANG_IMAGE)" \ --build-arg BUILD_IMAGE="$(BUILD_IMAGE)" \ diff --git a/dockerfiles/rpm.dockerfile b/dockerfiles/rpm.dockerfile index 46d90fc0..d5cee2ab 100644 --- a/dockerfiles/rpm.dockerfile +++ b/dockerfiles/rpm.dockerfile @@ -34,6 +34,19 @@ FROM ${BUILD_IMAGE} AS redhat-base RUN yum install -y yum-utils rpm-build git FROM redhat-base AS rhel-base +RUN --mount=type=secret,id=rh-user --mount=type=secret,id=rh-pass <<-EOT + rm -f /etc/rhsm-host + + if [ ! -f /run/secrets/rh-user ] || [ ! -f /run/secrets/rh-pass ]; then + echo "Either RH_USER or RH_PASS is not set. Running build without subscription." + else + subscription-manager register \ + --username="$(cat /run/secrets/rh-user)" \ + --password="$(cat /run/secrets/rh-pass)" + + subscription-manager repos --enable codeready-builder-for-rhel-$(source /etc/os-release && echo "${VERSION_ID%.*}"-$(arch)-rpms) + fi +EOT FROM redhat-base AS centos-base # Using a wildcard: CentOS 7 uses "CentOS-RepoName", CentOS 8 uses "CentOS-Linux-RepoName"