From 6fc3cca1b82f24027670f155e6beff97af2ae7d5 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 13:21:13 +0300 Subject: [PATCH 01/11] Add Debian conversion and installation scripts --- src/deb/convert.sh | 53 ++++++++++++++ src/deb/install.sh | 170 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 223 insertions(+) create mode 100755 src/deb/convert.sh create mode 100755 src/deb/install.sh diff --git a/src/deb/convert.sh b/src/deb/convert.sh new file mode 100755 index 00000000..4c2672e5 --- /dev/null +++ b/src/deb/convert.sh @@ -0,0 +1,53 @@ +#!/bin/bash +set -euo pipefail + +RPM2DEB_IMAGE="docker.io/library/ubuntu:latest" + +function usage() { + echo "Usage: $(basename "$0") " + exit 1 +} + +# +# Main +# +if [ $# -ne 1 ]; then + usage +fi + +# Check if the script is running as root +if [ "$(id -u)" -ne 0 ]; then + echo "ERROR: This script must be run as root (use sudo)" + exit 1 +fi + +RPM_DIR="$1" +if ! find "${RPM_DIR}" -type f -iname "microshift*.rpm" | grep -q "." ; then + echo "Error: No MicroShift RPMs found in '${RPM_DIR}' directory" + exit 1 +fi + +# Note that: +# - The OVN-K and Greenboot packages are not supported on Ubuntu +# - The MicroShift source RPM is ignored to avoid overwriting the binary RPM +echo "Converting the MicroShift RPMs to Debian packages" +podman run --rm -i \ + --volume "${RPM_DIR}:/mnt:Z" \ + "${RPM2DEB_IMAGE}" bash <<'EOF' +set -euo pipefail + +apt-get update -y -q && apt-get install -y -qq alien + +rm -rf /mnt/deb && mkdir -p /mnt/deb && cd /mnt/deb +for rpm in $(find /mnt -type f -iname "*.rpm" -not -iname "*.src.rpm") ; do + echo "Converting ${rpm} to Debian package" + # Omit the --scripts option because some of them do not work on Ubuntu + alien --to-deb --keep-version "${rpm}" + # Save cri-o dependency to a file + crio_ver="$(rpm -qpR "${rpm}" | awk '/cri-o/ {print $3}' | sort -u | head -1 | cut -d. -f1,2)" + [ -n "${crio_ver}" ] && echo "CRIO_VERSION=${crio_ver}" >> "dependencies.txt" +done + +rm -f /mnt/deb/microshift-networking*.deb +rm -f /mnt/deb/microshift-greenboot*.deb +EOF diff --git a/src/deb/install.sh b/src/deb/install.sh new file mode 100755 index 00000000..caa81993 --- /dev/null +++ b/src/deb/install.sh @@ -0,0 +1,170 @@ +#!/bin/bash +set -euo pipefail + +function usage() { + echo "Usage: $(basename "$0") " + exit 1 +} + +function install_prereqs() { + # Pre-install the required packages + export DEBIAN_FRONTEND=noninteractive + export TZ=Etc/UTC + + apt-get update -y -q + apt-get install -y -q tzdata curl gnupg1 policycoreutils sosreport +} + +function install_firewall() { + apt-get install -y -q ufw + + ufw allow from 10.42.0.0/16 + ufw allow from 169.254.169.1 + ufw allow ssh + + # The 'enable' command may prompt for a confirmation + echo y | ufw enable + ufw reload +} + +# Instructions for installing CRI-O: +# https://kubernetes.io/blog/2023/10/10/cri-o-community-package-infrastructure/#deb-based-distributions +function install_crio() { + # shellcheck source=/dev/null + source "${RPM_DIR}/deb/dependencies.txt" + local criver="${CRIO_VERSION}" + local relkey + + # Find the desired CRI-O package in the repository. + # Fall back to the previous version if not found. + local crio_found=false + for _ in 1 2 3 ; do + relkey="https://pkgs.k8s.io/addons:/cri-o:/stable:/v${criver}/deb/Release.key" + if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then + echo "Warning: The CRI-O package version '${criver}' not found in the repository. Trying the previous version." + criver="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$criver")" + else + echo "Installing CRI-O package version '${criver}'" + crio_found=true + break + fi + done + if ! "${crio_found}" ; then + echo "Error: Failed to find the CRI-O package in the repository" + exit 1 + fi + + # Set up the CRI-O repository + local -r gpgkey="/etc/apt/keyrings/cri-o-${criver}-apt-keyring.gpg" + rm -f "${gpgkey}" + curl -fsSL "${relkey}" | gpg --batch --dearmor -o "${gpgkey}" + echo "deb [signed-by=${gpgkey}] $(dirname "${relkey}") /" > \ + "/etc/apt/sources.list.d/cri-o-${criver}.list" + + # Install the CRI-O package and dependencies + apt-get update -y -q + apt-get install -y -q cri-o crun containernetworking-plugins + + # Query the containernetworking-plugins package installation directory + # and update the CRI-O configuration file to use it + local -r cni_dir="$(dpkg -L containernetworking-plugins | grep -E '/portmap$' | xargs dirname)" + cat > /etc/crio/crio.conf.d/14-microshift-cni.conf </dev/null ; then + echo "Warning: The kubectl package version '${kubever}' not found in the repository. Trying the previous version." + kubever="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$kubever")" + else + echo "Installing kubectl package version '${kubever}'" + kubectl_found=true + break + fi + done + + if ! "${kubectl_found}" ; then + echo "Error: Failed to find the kubectl package in the repository" + exit 1 + fi + + # Set up the Kubernetes repository + local -r gpgkey="/etc/apt/keyrings/kubernetes-${kubever}-apt-keyring.gpg" + rm -f "${gpgkey}" + curl -fsSL "${relkey}" | gpg --batch --dearmor -o "${gpgkey}" + echo "deb [signed-by=${gpgkey}] $(dirname "${relkey}") /" > \ + "/etc/apt/sources.list.d/kubernetes-${kubever}.list" + + # Install the Kubectl package and dependencies + apt-get update -y -q + apt-get install -y -q kubectl + + # Create a symlink to the kubectl command as 'oc' + if [ ! -f /usr/bin/oc ] ; then + ln -s "$(which kubectl)" /usr/bin/oc + fi + + # Set the kubectl configuration + if [ ! -f ~/.kube/config ] ; then + mkdir -p ~/.kube + ln -s /var/lib/microshift/resources/kubeadmin/kubeconfig ~/.kube/config + fi +} + +function install_microshift() { + # Install the MicroShift Debian packages and fix the dependencies + find "${RPM_DIR}" -type f -iname "microshift*.deb" | sort | while read -r deb_package; do + dpkg -i "${deb_package}" + done + apt-get install -y -q -f + + # Enable and start the MicroShift service + systemctl enable microshift + systemctl restart --no-block microshift +} + +# +# Main +# +if [ $# -ne 1 ]; then + usage +fi + +# Check if the script is running as root +if [ "$(id -u)" -ne 0 ]; then + echo "ERROR: This script must be run as root (use sudo)" + exit 1 +fi + +RPM_DIR="$1" +if ! find "${RPM_DIR}" -type f -iname "microshift*.deb" | grep -q "." ; then + echo "Error: No MicroShift Debian packages found in '${RPM_DIR}' directory" + exit 1 +fi + +# System setup +install_prereqs +install_firewall +# Prerequisites +install_crio +install_kubectl +# MicroShift +install_microshift From 08c0716f0d73f18ef57310568cbfdf5f27c1e180 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 13:25:22 +0300 Subject: [PATCH 02/11] Add rpm-deb target to Makefile --- Makefile | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 900f480f..940eba40 100644 --- a/Makefile +++ b/Makefile @@ -22,6 +22,7 @@ ISOLATED_NETWORK ?= 0 SHELL := /bin/bash BUILDER_IMAGE := microshift-okd-builder USHIFT_IMAGE := microshift-okd +RPM2DEB_IMAGE ?= docker.io/library/ubuntu:latest LVM_DISK := /var/lib/microshift-okd/lvmdisk.image VG_NAME := myvg1 @@ -40,6 +41,7 @@ all: @echo " check: run the presubmit checks" @echo "" @echo "Sub-targets:" + @echo " rpm-deb: convert the MicroShift RPMs to Debian packages" @echo " run-ready: wait until the MicroShift service is ready" @echo " run-healthy: wait until the MicroShift service is healthy" @echo " clean-all: perform a full cleanup, including the container images" @@ -64,11 +66,22 @@ rpm: echo "Build completed successfully" && \ echo "RPMs are available in '$${outdir}'" +.PHONY: rpm-deb +rpm-deb: + if [ -z "${RPM_OUTDIR}" ] ; then \ + echo "Error: RPM_OUTDIR is not set" ; \ + exit 1 ; \ + fi && \ + sudo ./src/debian/convert.sh "${RPM_OUTDIR}" && \ + echo "" && \ + echo "Conversion completed successfully" && \ + echo "Debian packages are available in '${RPM_OUTDIR}/deb'" + .PHONY: image image: @if ! sudo podman image exists microshift-okd-builder ; then \ - echo "Error: Run 'make rpm' to build the MicroShift RPMs"; \ - exit 1; \ + echo "Error: Run 'make rpm' to build the MicroShift RPMs" ; \ + exit 1 ; \ fi @echo "Building the MicroShift bootc container image" From 487238ebed857389514136635ac0f299d0805f24 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 13:26:43 +0300 Subject: [PATCH 03/11] Create src/rpm folder for consistency --- packaging/microshift-runner.Containerfile | 4 ++-- src/{ => rpm}/create_repos.sh | 6 ++++++ src/{image => rpm}/postinstall.sh | 15 ++++----------- 3 files changed, 12 insertions(+), 13 deletions(-) rename src/{ => rpm}/create_repos.sh (89%) rename src/{image => rpm}/postinstall.sh (89%) diff --git a/packaging/microshift-runner.Containerfile b/packaging/microshift-runner.Containerfile index 2bd4fd90..f5c5b3a3 100644 --- a/packaging/microshift-runner.Containerfile +++ b/packaging/microshift-runner.Containerfile @@ -21,7 +21,7 @@ ENV WITH_OLM=${WITH_OLM:-0} ENV EMBED_CONTAINER_IMAGES=${EMBED_CONTAINER_IMAGES:-0} # Run repository configuration script, install MicroShift and cleanup -COPY --chmod=755 ./src/create_repos.sh ${REPO_CONFIG_SCRIPT} +COPY --chmod=755 ./src/rpm/create_repos.sh ${REPO_CONFIG_SCRIPT} COPY --from=builder ${BUILDER_RPM_REPO_PATH} ${USHIFT_RPM_REPO_PATH} RUN ${REPO_CONFIG_SCRIPT} -create ${USHIFT_RPM_REPO_PATH} && \ dnf install -y microshift microshift-release-info && \ @@ -40,7 +40,7 @@ RUN ${REPO_CONFIG_SCRIPT} -create ${USHIFT_RPM_REPO_PATH} && \ dnf clean all # Post-install MicroShift configuration -COPY --chmod=755 ./src/image/postinstall.sh ${USHIFT_POSTINSTALL_SCRIPT} +COPY --chmod=755 ./src/rpm/postinstall.sh ${USHIFT_POSTINSTALL_SCRIPT} RUN ${USHIFT_POSTINSTALL_SCRIPT} && rm -vf "${USHIFT_POSTINSTALL_SCRIPT}" # If the EMBED_CONTAINER_IMAGES environment variable is set to 1, temporarily diff --git a/src/create_repos.sh b/src/rpm/create_repos.sh similarity index 89% rename from src/create_repos.sh rename to src/rpm/create_repos.sh index 0ae7b57d..bac5f175 100755 --- a/src/create_repos.sh +++ b/src/rpm/create_repos.sh @@ -41,6 +41,12 @@ if [ $# -lt 1 ] ; then usage fi +# Check if the script is running as root +if [ "$(id -u)" -ne 0 ]; then + echo "ERROR: This script must be run as root (use sudo)" + exit 1 +fi + case $1 in -create) repo_path="$2" diff --git a/src/image/postinstall.sh b/src/rpm/postinstall.sh similarity index 89% rename from src/image/postinstall.sh rename to src/rpm/postinstall.sh index 4a8c6288..3dbcf0c1 100755 --- a/src/image/postinstall.sh +++ b/src/rpm/postinstall.sh @@ -26,13 +26,6 @@ install_cni_plugins() { rm -f "/tmp/${CNP_PKG}" } -microshift_config() { - cat > "/etc/microshift/config.yaml" < Date: Sun, 19 Oct 2025 13:27:16 +0300 Subject: [PATCH 04/11] Update documentation --- README.md | 17 ++++++++------- docs/build.md | 60 ++++++++++++++++++++++++++++++++++++++------------- docs/run.md | 60 +++++++++++++++++++++++++++++++++++++++------------ 3 files changed, 100 insertions(+), 37 deletions(-) diff --git a/README.md b/README.md index f987dd90..e51adf4e 100644 --- a/README.md +++ b/README.md @@ -18,14 +18,15 @@ outside the downstream Red Hat payloads. # Operating System Support MicroShift and its main components are available on the `x86_64` architecture. -RPM packages built in a CentOS Stream 9 Bootc container can be installed and -run on the following operating systems. - -| OS | Bootc| OVN-K | Kindnet | TopoLVM | Comments | -|-----------|------|-------|---------|---------|----------| -| CentOS 9 | Y | Y | Y | Y | Latest version in Stream 9 -| CentOS 10 | Y | Y | Y | Y | Latest version in Stream 10 -| Fedora | Y | N | Y | Y | Latest released version (e.g. 42) +RPM and DEB packages built in a container can be installed and run on the +following operating systems. + +| OS |Package|Bootc|OVN-K|Kindnet|TopoLVM|Greenboot|Comments| +|-----------|-------|-----|-----|-------|-------|---------|--------| +| CentOS 9 | RPM | Y | Y | Y | Y | Y | Latest version in Stream 9 | +| CentOS 10 | RPM | Y | Y | Y | Y | Y | Latest version in Stream 10 | +| Fedora | RPM | Y | N | Y | Y | Y | Latest released version (e.g. 42) | +| Ubuntu | DEB | N | N | Y | Y | N | Latest released version (e.g. 24.04) | Notes: - MicroShift Bootc container images can be run on any operating system supported diff --git a/docs/build.md b/docs/build.md index d6bcfc21..45b58ec8 100644 --- a/docs/build.md +++ b/docs/build.md @@ -16,21 +16,21 @@ Install the software necessary for running the build process: sudo dnf install -y make podman ``` -### Build MicroShift RPMs +### Create RPM Packages -Building MicroShift RPMs is performed by running the `make rpm` command. +Create the MicroShift RPM packages by running the `make rpm` command. The following options can be specified in the make command line using the `NAME=VAL` format. -| Name | Required | Default | Comments -|-----------------|----------|----------|--------- -| USHIFT_BRANCH | no | main | [MicroShift repository branches](https://github.com/openshift/microshift/branches) -| OKD_VERSION_TAG | no | latest | [OKD version tags](https://quay.io/repository/okd/scos-release?tab=tags) -| RPM_OUTDIR | no | /tmp/... | RPM repository output directory +| Name | Required | Default | Comments | +|-----------------|----------|----------|----------| +| USHIFT_BRANCH | no | main | [MicroShift repository branches](https://github.com/openshift/microshift/branches) | +| OKD_VERSION_TAG | no | latest | [OKD version tags](https://quay.io/repository/okd/scos-release?tab=tags) | +| RPM_OUTDIR | no | /tmp/... | RPM repository output directory | -Run `make rpm` to build MicroShift RPMs based on CentOS Stream 9 operating system. -The `main` MicroShift repository branch and the latest OKD version tag are used by -default if unspecified. +The `make rpm` command builds MicroShift RPMs based on CentOS Stream 9 operating +system. The `main` MicroShift repository branch and the latest OKD version tag +are used by default if unspecified. ``` make rpm @@ -55,9 +55,39 @@ Notes: - The path to the `RPM_OUTDIR` directory (either temporary or specified in the `make rpm` command line) is displayed in the end of the build procedure. -### Build MicroShift Bootc Image +### Create DEB Packages -Building a MicroShift Bootc image is performed by running the `make image` command. +Create the MicroShift DEB packages by running the `make rpm-deb` command. + +The following options can be specified in the make command line using the `NAME=VAL` format. + +| Name | Required | Default | Comments | +|------------|----------|----------|----------| +| RPM_OUTDIR | yes | none | RPM repository directory to convert | + +The `make rpm-deb` command converts MicroShift RPMs to Debian packages. The path +to an existing RPM repository must be specified using the mandatory `RPM_OUTDIR` +make command line. + +``` +RPM_OUTDIR=/tmp/microshift-rpms +make rpm-deb RPM_OUTDIR="${RPM_OUTIDIR}" +``` + +If the conversion completes successfully, the Debian packages are copied to the +`${RPM_OUTDIR}/deb` directory on the host. The packages from this directory can +be used to install MicroShift on the supported operating systems. + +``` +... +... +Conversion completed successfully" +Debian packages are available in '/tmp/microshift-rpms/deb'" +``` + +### Create Bootc Image + +Create the MicroShift Bootc image by running the `make image` command. The following options can be specified in the make command line using the `NAME=VAL` format. @@ -70,9 +100,9 @@ The following options can be specified in the make command line using the `NAME= | WITH_OLM | no | 0 | Enable OLM support | EMBED_CONTAINER_IMAGES | no | 0 | Embed all component container dependencies in Bootc images -Run `make image` to build a MicroShift Bootc image based on CentOS Stream 9 -operating system with the default options. The command uses artifacts from -the `microshift-okd-builder` container image created by `make rpm`. +The `make image` command builds a MicroShift Bootc image based on CentOS Stream 9 +operating system with the default options. The command uses artifacts from the +`microshift-okd-builder` container image created by `make rpm`. ```bash make image diff --git a/docs/run.md b/docs/run.md index 3fa5487a..055348e4 100644 --- a/docs/run.md +++ b/docs/run.md @@ -2,20 +2,20 @@ MicroShift can be run on the host or inside a Bootc container. -## MicroShift RPMs +## MicroShift RPM Packages -### Install RPM Packages +### Install RPM -Run the following command to install MicroShift RPM package from the local +Run the following command to install MicroShift RPM packages from the local repository copied from the build container image. -See [Build MicroShift RPMs](../docs/build.md#build-microshift-rpms) for more information. +See [Create RPM Packages](../docs/build.md#create-rpm-packages) for more information. ```bash RPM_REPO_DIR=/tmp/microshift-rpms -sudo ./src/create_repos.sh -create "${RPM_REPO_DIR}" +sudo ./src/rpm/create_repos.sh -create "${RPM_REPO_DIR}" sudo dnf install -y microshift microshift-kindnet -sudo ./src/create_repos.sh -delete +sudo ./src/rpm/create_repos.sh -delete ``` The following optional RPM packages are available in the repository. It is @@ -35,16 +35,48 @@ Run the following commands to configure the minimum required firewall rules, disable LVMS, and start the MicroShift service. ```bash -sudo firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 -sudo firewall-cmd --permanent --zone=trusted --add-source=169.254.169.1 -sudo firewall-cmd --reload +sudo ./src/rpm/postinstall.sh +sudo systemctl start microshift.service +``` + +Verify that all the MicroShift pods are up and running successfully. + +```bash +mkdir -p ~/.kube +sudo cat /var/lib/microshift/resources/kubeadmin/kubeconfig > ~/.kube/config + +oc get pods -A +``` + +## MicroShift DEB Packages -cat << EOF | sudo tee -a /etc/microshift/config.yaml >/dev/null -storage: - driver: "none" -EOF +### Install DEB -sudo systemctl enable --now microshift.service +Run the following command to install MicroShift DEB packages from the local +repository copied from the build container image. +See [Create DEB Packages](../docs/build.md#create-deb-packages) for more information. + +```bash +DEB_REPO_DIR=/tmp/microshift-rpms/deb +sudo ./src/deb/install.sh "${DEB_REPO_DIR}" +``` + +The following optional DEB packages are available in the repository. + +| Package | Description | Comments | +|--------------------|----------------------------|----------| +| microshift-topolvm | TopoLVM CSI | +| microshift-olm | Operator Lifecycle Manager | See [Operator Hub Catalogs](https://okd.io/docs/operators/) + +> Note: All of these optional packages are installed by default. + +### Start MicroShift Service + +Run the following command start the MicroShift service. All the necessary system +configuration was performed during the installation step. + +```bash +sudo systemctl start microshift.service ``` Verify that all the MicroShift pods are up and running successfully. From 412231f4e2daf7eda681c46014657b2405f16551 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 13:28:00 +0300 Subject: [PATCH 05/11] Create a new Ubuntu GitHub action --- .github/actions/build-deb/action.yaml | 95 +++++++++++++++++++++++++++ .github/actions/build/action.yaml | 21 +----- .github/actions/prebuild/action.yaml | 27 ++++++++ .github/workflows/builders.yaml | 16 +++++ 4 files changed, 139 insertions(+), 20 deletions(-) create mode 100644 .github/actions/build-deb/action.yaml create mode 100644 .github/actions/prebuild/action.yaml diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml new file mode 100644 index 00000000..f4db1d3b --- /dev/null +++ b/.github/actions/build-deb/action.yaml @@ -0,0 +1,95 @@ +name: build-deb-packages +description: Reusable action to build MicroShift Debian packages + +inputs: + ushift-branch: + description: MicroShift branch from https://github.com/openshift/microshift/branches + required: true + type: string + okd-version-tag: + description: OKD version tag from https://quay.io/repository/okd/scos-release?tab=tags + required: true + type: string + +runs: + using: "composite" + steps: + - name: Detect the CPU architecture + id: detect-cpu-arch + uses: ./.github/actions/arch + + - name: Collect debug information before the build + if: always() + uses: ./.github/actions/debug-info + + - name: Prepare the build and run environment + uses: ./.github/actions/prebuild + + - name: Build MicroShift RPMs + shell: bash + run: | + # See https://github.com/microshift-io/microshift/blob/main/docs/build.md + # for more information about the build process. + + # Run the RPM build process. + cd ${GITHUB_WORKSPACE}/ + make rpm \ + USHIFT_BRANCH=${{ inputs.ushift-branch }} \ + OKD_VERSION_TAG=${{ inputs.okd-version-tag }} \ + RPM_OUTDIR=/mnt/rpms + + - name: Convert the MicroShift RPMs to Debian packages + shell: bash + run: | + make rpm-deb RPM_OUTDIR=/mnt/rpms + + - name: Install the MicroShift Debian packages + shell: bash + run: | + make _topolvm_create + sudo ./src/debian/install.sh /mnt/rpms + + - name: Run a test to verify that MicroShift is functioning properly + shell: bash + run: | + echo "Waiting 5m for the MicroShift service to be ready" + for _ in $(seq 60); do + if sudo systemctl -q is-active microshift.service ; then + printf "\nOK\n" + break + fi + echo -n "." && sleep 5 + done + if ! sudo systemctl -q is-active microshift.service ; then + printf "\nFAILED\n" && exit 1 + fi + + # Storage deployments and daemonsets are last to become ready, so it is + # a good indicator of the MicroShift service being healthy + echo "Waiting 15m for the MicroShift service to be healthy" + if ! sudo microshift healthcheck -v=2 --timeout="900s" --custom \ + '{"topolvm-system":{"deployments": ["topolvm-controller"], "daemonsets": ["topolvm-node"]}}'; then + echo "Failed to verify that the MicroShift service is healthy" + exit 1 + fi + + - name: Collect debug information after the build + if: always() + uses: ./.github/actions/debug-info + + - name: Collect sos report for MicroShift + if: failure() + shell: bash + run: | + # Exclude the microshift profile, which does not exist on Ubuntu + sudo microshift-sos-report \ + --profiles network,security,storage \ + --tmp-dir /mnt/tmp + + - name: Upload sos report to the GitHub Actions artifact + if: failure() + uses: actions/upload-artifact@v4 + with: + name: sosreport-microshift-okd-${{ github.job }}-${{ steps.detect-cpu-arch.outputs.arch }}-${{ github.run_id }} + path: /mnt/tmp/sosreport-* + compression-level: 0 diff --git a/.github/actions/build/action.yaml b/.github/actions/build/action.yaml index a989f078..09340e64 100644 --- a/.github/actions/build/action.yaml +++ b/.github/actions/build/action.yaml @@ -51,26 +51,7 @@ runs: uses: ./.github/actions/debug-info - name: Prepare the build and run environment - shell: bash - run: | - set -euo pipefail - set -x - - # The /dev/sdb1 partition is mounted as /mnt. - sudo mkdir -p /mnt/tmp /mnt/rpms /mnt/release - sudo chmod 1777 /mnt/tmp - - sudo apt-get install -y make lvm2 podman - - # Redirect the container build directories to /mnt/ to avoid running out of disk space. - sudo mv /var/tmp /var/tmp.orig - sudo mv /var/lib/containers /mnt/containers - sudo ln -s /mnt/tmp /var/tmp - sudo ln -s /mnt/containers /var/lib/containers - - # Raise open file limits to avoid "too many open files" errors - echo '* soft nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null - echo '* hard nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null + uses: ./.github/actions/prebuild - name: Build MicroShift RPMs shell: bash diff --git a/.github/actions/prebuild/action.yaml b/.github/actions/prebuild/action.yaml new file mode 100644 index 00000000..f17fd945 --- /dev/null +++ b/.github/actions/prebuild/action.yaml @@ -0,0 +1,27 @@ +name: prebuild-rpms-and-images +description: Reusable action to configure the build environment for MicroShift RPMs and images build + +runs: + using: "composite" + steps: + - name: Prepare the build and run environment + shell: bash + run: | + set -euo pipefail + set -x + + # The /dev/sdb1 partition is mounted as /mnt. + sudo mkdir -p /mnt/tmp /mnt/rpms /mnt/release + sudo chmod 1777 /mnt/tmp + + sudo apt-get install -y make lvm2 podman + + # Redirect the container build directories to /mnt/ to avoid running out of disk space. + sudo mv /var/tmp /var/tmp.orig + sudo mv /var/lib/containers /mnt/containers + sudo ln -s /mnt/tmp /var/tmp + sudo ln -s /mnt/containers /var/lib/containers + + # Raise open file limits to avoid "too many open files" errors + echo '* soft nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null + echo '* hard nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null diff --git a/.github/workflows/builders.yaml b/.github/workflows/builders.yaml index 4be4e174..5143aadf 100644 --- a/.github/workflows/builders.yaml +++ b/.github/workflows/builders.yaml @@ -62,6 +62,22 @@ jobs: bootc-image-tag: latest build: bootc-image + ubuntu-rpm2deb: + runs-on: ubuntu-latest + steps: + - name: Check out MicroShift upstream repository + uses: actions/checkout@v4 + + - name: Detect OKD version tag + id: detect-okd-version + uses: ./.github/actions/okd-version + + - name: Run the build action + uses: ./.github/actions/build-deb + with: + ushift-branch: main + okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }} + isolated-network-kindnet: runs-on: ubuntu-latest steps: From dd3f1458c454966d85a3145d6e727225a1474e24 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 17:43:17 +0300 Subject: [PATCH 06/11] Add tmate-debug action --- .github/actions/tmate-debug/action.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/actions/tmate-debug/action.yaml diff --git a/.github/actions/tmate-debug/action.yaml b/.github/actions/tmate-debug/action.yaml new file mode 100644 index 00000000..f831748a --- /dev/null +++ b/.github/actions/tmate-debug/action.yaml @@ -0,0 +1,19 @@ +# +# Copy the following code to an action or a workflow to open a tmate debug +# session on failure. +# Change the if condition to 'always()' to open the session unconditionally. +# +# - name: Pause and open tmate debug session +# if: failure() +# uses: ./.github/actions/tmate-debug +# +name: tmate-debug +description: Reusable action to open a tmate debug session + +runs: + using: "composite" + steps: + - name: Pause and open tmate debug session + uses: mxschmitt/action-tmate@v3 + with: + limit-access-to-actor: false From cc43289fabc596db967e44987b1d36b718712f18 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 18:44:08 +0300 Subject: [PATCH 07/11] Address CodeRabbitAI review comments --- .github/actions/build-deb/action.yaml | 24 +++++++++++++-- .github/actions/build/action.yaml | 9 ++++-- .github/actions/okd-version/action.yaml | 2 +- .github/actions/prebuild/action.yaml | 11 +++---- Makefile | 7 +++-- docs/build.md | 6 ++-- docs/run.md | 16 +++++----- packaging/microshift-builder.Containerfile | 2 +- src/config_isolated_net.sh | 2 +- src/deb/convert.sh | 13 ++++---- src/deb/install.sh | 35 ++++++++++++---------- 11 files changed, 77 insertions(+), 50 deletions(-) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index f4db1d3b..5a5a8c99 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -44,10 +44,15 @@ runs: make rpm-deb RPM_OUTDIR=/mnt/rpms - name: Install the MicroShift Debian packages + shell: bash + run: | + sudo ./src/deb/install.sh /mnt/rpms/deb + + - name: Start the MicroShift service shell: bash run: | make _topolvm_create - sudo ./src/debian/install.sh /mnt/rpms + sudo systemctl start --no-block microshift.service - name: Run a test to verify that MicroShift is functioning properly shell: bash @@ -69,10 +74,15 @@ runs: echo "Waiting 15m for the MicroShift service to be healthy" if ! sudo microshift healthcheck -v=2 --timeout="900s" --custom \ '{"topolvm-system":{"deployments": ["topolvm-controller"], "daemonsets": ["topolvm-node"]}}'; then - echo "Failed to verify that the MicroShift service is healthy" + echo "ERROR: Failed to verify that the MicroShift service is healthy" exit 1 fi + # Uncomment this to enable tmate-debug on failure + # - name: Pause and open tmate debug session + # if: failure() + # uses: ./.github/actions/tmate-debug + - name: Collect debug information after the build if: always() uses: ./.github/actions/debug-info @@ -81,10 +91,18 @@ runs: if: failure() shell: bash run: | - # Exclude the microshift profile, which does not exist on Ubuntu + # Change the default profiles and plugins to adapt to the Debian environment + # Profiles: + # - Remove microshift + # - Add storage + # Plugins: + # - Remove firewalld, rpmostree, rpm + # - Add ufw, apt sudo microshift-sos-report \ --profiles network,security,storage \ + --plugins container_log,crio,logs,ufw,apt \ --tmp-dir /mnt/tmp + sudo chmod 644 /mnt/tmp/sosreport-* - name: Upload sos report to the GitHub Actions artifact if: failure() diff --git a/.github/actions/build/action.yaml b/.github/actions/build/action.yaml index 09340e64..81c5ed61 100644 --- a/.github/actions/build/action.yaml +++ b/.github/actions/build/action.yaml @@ -105,7 +105,7 @@ runs: if [ "${{ inputs.isolated-network }}" = "1" ]; then for cmd in "ping -c1 8.8.8.8" "curl -I quay.io" "curl -I ghcr.io"; do if sudo podman exec -i microshift-okd ${cmd} ; then - echo "Error: Internet access is available in the isolated network container" + echo "ERROR: Internet access is available in the isolated network container" exit 1 fi done @@ -118,6 +118,11 @@ runs: # Stop the MicroShift container make stop + # Uncomment this to enable tmate-debug on failure + # - name: Pause and open tmate debug session + # if: failure() + # uses: ./.github/actions/tmate-debug + - name: Collect debug information after the build if: always() uses: ./.github/actions/debug-info @@ -131,7 +136,7 @@ runs: # Check if the MicroShift container is running if ! sudo podman ps --format "{{.Names}}" | grep -q '^microshift-okd$' ; then - echo "Warning: MicroShift container is not running - cannot collect sos report" + echo "WARNING: MicroShift container is not running - cannot collect sos report" exit 0 fi diff --git a/.github/actions/okd-version/action.yaml b/.github/actions/okd-version/action.yaml index f0c71998..fc4a7cba 100644 --- a/.github/actions/okd-version/action.yaml +++ b/.github/actions/okd-version/action.yaml @@ -17,7 +17,7 @@ runs: # Get the latest OKD version tag okd_version_tag="$(curl -s https://quay.io/api/v1/repository/okd/scos-release/tag/ | jq -r ".tags[].name" | sort | tail -1)" if [ -z "${okd_version_tag}" ]; then - echo "Error: No OKD version tag found" + echo "ERROR: No OKD version tag found" exit 1 fi echo "okd_version_tag=${okd_version_tag}" >> $GITHUB_OUTPUT diff --git a/.github/actions/prebuild/action.yaml b/.github/actions/prebuild/action.yaml index f17fd945..aba521ea 100644 --- a/.github/actions/prebuild/action.yaml +++ b/.github/actions/prebuild/action.yaml @@ -1,5 +1,5 @@ -name: prebuild-rpms-and-images -description: Reusable action to configure the build environment for MicroShift RPMs and images build +name: prebuild-environment-setup +description: Reusable action to configure the build environment for MicroShift runs: using: "composite" @@ -14,14 +14,11 @@ runs: sudo mkdir -p /mnt/tmp /mnt/rpms /mnt/release sudo chmod 1777 /mnt/tmp - sudo apt-get install -y make lvm2 podman + sudo apt-get update -y -q + sudo apt-get install -y -q make lvm2 podman jq curl alien # Redirect the container build directories to /mnt/ to avoid running out of disk space. sudo mv /var/tmp /var/tmp.orig sudo mv /var/lib/containers /mnt/containers sudo ln -s /mnt/tmp /var/tmp sudo ln -s /mnt/containers /var/lib/containers - - # Raise open file limits to avoid "too many open files" errors - echo '* soft nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null - echo '* hard nofile 524288' | sudo tee -a /etc/security/limits.conf &>/dev/null diff --git a/Makefile b/Makefile index 940eba40..9312a4c5 100644 --- a/Makefile +++ b/Makefile @@ -69,10 +69,10 @@ rpm: .PHONY: rpm-deb rpm-deb: if [ -z "${RPM_OUTDIR}" ] ; then \ - echo "Error: RPM_OUTDIR is not set" ; \ + echo "ERROR: RPM_OUTDIR is not set" ; \ exit 1 ; \ fi && \ - sudo ./src/debian/convert.sh "${RPM_OUTDIR}" && \ + sudo ./src/deb/convert.sh "${RPM_OUTDIR}" && \ echo "" && \ echo "Conversion completed successfully" && \ echo "Debian packages are available in '${RPM_OUTDIR}/deb'" @@ -80,13 +80,14 @@ rpm-deb: .PHONY: image image: @if ! sudo podman image exists microshift-okd-builder ; then \ - echo "Error: Run 'make rpm' to build the MicroShift RPMs" ; \ + echo "ERROR: Run 'make rpm' to build the MicroShift RPMs" ; \ exit 1 ; \ fi @echo "Building the MicroShift bootc container image" sudo podman build \ -t "${USHIFT_IMAGE}" \ + --ulimit nofile=524288:524288 \ --label microshift.branch="${USHIFT_BRANCH}" \ --label okd.version="${OKD_VERSION_TAG}" \ --build-arg BOOTC_IMAGE_URL="${BOOTC_IMAGE_URL}" \ diff --git a/docs/build.md b/docs/build.md index 45b58ec8..315e92ba 100644 --- a/docs/build.md +++ b/docs/build.md @@ -32,7 +32,7 @@ The `make rpm` command builds MicroShift RPMs based on CentOS Stream 9 operating system. The `main` MicroShift repository branch and the latest OKD version tag are used by default if unspecified. -``` +```bash make rpm ``` @@ -69,9 +69,9 @@ The `make rpm-deb` command converts MicroShift RPMs to Debian packages. The path to an existing RPM repository must be specified using the mandatory `RPM_OUTDIR` make command line. -``` +```bash RPM_OUTDIR=/tmp/microshift-rpms -make rpm-deb RPM_OUTDIR="${RPM_OUTIDIR}" +make rpm-deb RPM_OUTDIR="${RPM_OUTDIR}" ``` If the conversion completes successfully, the Debian packages are copied to the diff --git a/docs/run.md b/docs/run.md index 055348e4..06040925 100644 --- a/docs/run.md +++ b/docs/run.md @@ -24,10 +24,10 @@ to enable the Kindnet or OVN-K networking support. | Package | Description | Comments | |-----------------------|----------------------------|----------| -| microshift-kindnet | Kindnet CNI | Overrides OVN-K -| microshift-networking | OVN-K CNI | Uninstall Kindnet to enable OVN-K -| microshift-topolvm | TopoLVM CSI | -| microshift-olm | Operator Lifecycle Manager | See [Operator Hub Catalogs](https://okd.io/docs/operators/) +| microshift-kindnet | Kindnet CNI | Overrides OVN-K | +| microshift-networking | OVN-K CNI | Uninstall Kindnet to enable OVN-K | +| microshift-topolvm | TopoLVM CSI | Install to enable storage support | +| microshift-olm | Operator Lifecycle Manager | See [Operator Hub Catalogs](https://okd.io/docs/operators/) | ### Start MicroShift Service @@ -65,14 +65,14 @@ The following optional DEB packages are available in the repository. | Package | Description | Comments | |--------------------|----------------------------|----------| -| microshift-topolvm | TopoLVM CSI | -| microshift-olm | Operator Lifecycle Manager | See [Operator Hub Catalogs](https://okd.io/docs/operators/) +| microshift-topolvm | TopoLVM CSI | Install to enable storage support | +| microshift-olm | Operator Lifecycle Manager | See [Operator Hub Catalogs](https://okd.io/docs/operators/) | -> Note: All of these optional packages are installed by default. +> Note: All of the optional packages are installed by default. ### Start MicroShift Service -Run the following command start the MicroShift service. All the necessary system +Run the following command to start the MicroShift service. All the necessary system configuration was performed during the installation step. ```bash diff --git a/packaging/microshift-builder.Containerfile b/packaging/microshift-builder.Containerfile index 2350e7fa..21a338b6 100644 --- a/packaging/microshift-builder.Containerfile +++ b/packaging/microshift-builder.Containerfile @@ -15,7 +15,7 @@ ARG USHIFT_POSTBUILD_SCRIPT=/tmp/postbuild.sh # Verify mandatory build arguments RUN if [ -z "${OKD_VERSION_TAG}" ]; then \ - echo "Error: OKD_VERSION_TAG is not set"; \ + echo "ERROR: OKD_VERSION_TAG is not set"; \ echo "See quay.io/okd/scos-release for a list of tags"; \ exit 1; \ fi diff --git a/src/config_isolated_net.sh b/src/config_isolated_net.sh index dfcf7961..39ae2b56 100755 --- a/src/config_isolated_net.sh +++ b/src/config_isolated_net.sh @@ -33,7 +33,7 @@ wait_for_network_manager() { sleep 1 done if ! systemctl is-active --quiet NetworkManager; then - echo "Error: NetworkManager is not running" + echo "ERROR: NetworkManager is not running" exit 1 fi } diff --git a/src/deb/convert.sh b/src/deb/convert.sh index 4c2672e5..7dfa737a 100755 --- a/src/deb/convert.sh +++ b/src/deb/convert.sh @@ -1,7 +1,7 @@ #!/bin/bash set -euo pipefail -RPM2DEB_IMAGE="docker.io/library/ubuntu:latest" +RPM2DEB_IMAGE="docker.io/library/ubuntu:24.04" function usage() { echo "Usage: $(basename "$0") " @@ -23,7 +23,7 @@ fi RPM_DIR="$1" if ! find "${RPM_DIR}" -type f -iname "microshift*.rpm" | grep -q "." ; then - echo "Error: No MicroShift RPMs found in '${RPM_DIR}' directory" + echo "ERROR: No MicroShift RPMs found in '${RPM_DIR}' directory" exit 1 fi @@ -39,10 +39,13 @@ set -euo pipefail apt-get update -y -q && apt-get install -y -qq alien rm -rf /mnt/deb && mkdir -p /mnt/deb && cd /mnt/deb -for rpm in $(find /mnt -type f -iname "*.rpm" -not -iname "*.src.rpm") ; do - echo "Converting ${rpm} to Debian package" +for rpm in $(find /mnt -type f -iname "*.rpm" -not -iname "*.src.rpm" | sort -u) ; do + echo "Converting '${rpm}' to Debian package..." # Omit the --scripts option because some of them do not work on Ubuntu - alien --to-deb --keep-version "${rpm}" + if ! alien --to-deb --keep-version "${rpm}" ; then + echo "ERROR: Failed to convert '${rpm}' to Debian package" + exit 1 + fi # Save cri-o dependency to a file crio_ver="$(rpm -qpR "${rpm}" | awk '/cri-o/ {print $3}' | sort -u | head -1 | cut -d. -f1,2)" [ -n "${crio_ver}" ] && echo "CRIO_VERSION=${crio_ver}" >> "dependencies.txt" diff --git a/src/deb/install.sh b/src/deb/install.sh index caa81993..15260fbd 100755 --- a/src/deb/install.sh +++ b/src/deb/install.sh @@ -2,7 +2,7 @@ set -euo pipefail function usage() { - echo "Usage: $(basename "$0") " + echo "Usage: $(basename "$0") " exit 1 } @@ -31,7 +31,7 @@ function install_firewall() { # https://kubernetes.io/blog/2023/10/10/cri-o-community-package-infrastructure/#deb-based-distributions function install_crio() { # shellcheck source=/dev/null - source "${RPM_DIR}/deb/dependencies.txt" + source "${DEB_DIR}/dependencies.txt" local criver="${CRIO_VERSION}" local relkey @@ -41,7 +41,7 @@ function install_crio() { for _ in 1 2 3 ; do relkey="https://pkgs.k8s.io/addons:/cri-o:/stable:/v${criver}/deb/Release.key" if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then - echo "Warning: The CRI-O package version '${criver}' not found in the repository. Trying the previous version." + echo "WARNING: The CRI-O package version '${criver}' not found in the repository. Trying the previous version." criver="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$criver")" else echo "Installing CRI-O package version '${criver}'" @@ -49,8 +49,8 @@ function install_crio() { break fi done - if ! "${crio_found}" ; then - echo "Error: Failed to find the CRI-O package in the repository" + if [ "${crio_found}" != "true" ] ; then + echo "ERROR: Failed to find the CRI-O package in the repository" exit 1 fi @@ -67,7 +67,7 @@ function install_crio() { # Query the containernetworking-plugins package installation directory # and update the CRI-O configuration file to use it - local -r cni_dir="$(dpkg -L containernetworking-plugins | grep -E '/portmap$' | xargs dirname)" + local -r cni_dir="$(dpkg -L containernetworking-plugins | grep -E '/portmap$' | tail -1 | xargs dirname)" cat > /etc/crio/crio.conf.d/14-microshift-cni.conf </dev/null ; then - echo "Warning: The kubectl package version '${kubever}' not found in the repository. Trying the previous version." + echo "WARNING: The kubectl package version '${kubever}' not found in the repository. Trying the previous version." kubever="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$kubever")" else echo "Installing kubectl package version '${kubever}'" @@ -101,8 +101,8 @@ function install_kubectl() { fi done - if ! "${kubectl_found}" ; then - echo "Error: Failed to find the kubectl package in the repository" + if [ "${kubectl_found}" != "true" ] ; then + echo "ERROR: Failed to find the kubectl package in the repository" exit 1 fi @@ -131,14 +131,13 @@ function install_kubectl() { function install_microshift() { # Install the MicroShift Debian packages and fix the dependencies - find "${RPM_DIR}" -type f -iname "microshift*.deb" | sort | while read -r deb_package; do + find "${DEB_DIR}" -maxdepth 1 -name 'microshift*.deb' -print 2>/dev/null | sort | while read -r deb_package; do dpkg -i "${deb_package}" done apt-get install -y -q -f - # Enable and start the MicroShift service + # Enable the MicroShift service systemctl enable microshift - systemctl restart --no-block microshift } # @@ -154,9 +153,13 @@ if [ "$(id -u)" -ne 0 ]; then exit 1 fi -RPM_DIR="$1" -if ! find "${RPM_DIR}" -type f -iname "microshift*.deb" | grep -q "." ; then - echo "Error: No MicroShift Debian packages found in '${RPM_DIR}' directory" +DEB_DIR="$1" +if ! find "${DEB_DIR}" -maxdepth 1 -name 'microshift*.deb' -print 2>/dev/null | grep -q . ; then + echo "ERROR: No MicroShift Debian packages found in '${DEB_DIR}' directory" + exit 1 +fi +if ! [ -f "${DEB_DIR}/dependencies.txt" ] ; then + echo "ERROR: No dependencies.txt file found in '${DEB_DIR}' directory" exit 1 fi From 5358f2c804ecf36627f5842ede157eee6c164bf3 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Sun, 19 Oct 2025 21:12:13 +0300 Subject: [PATCH 08/11] Use ubuntu-24.04 images for runners --- .github/workflows/builders.yaml | 12 ++++++------ .github/workflows/installers.yaml | 2 +- .github/workflows/linters.yaml | 4 ++-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/builders.yaml b/.github/workflows/builders.yaml index 5143aadf..98472be0 100644 --- a/.github/workflows/builders.yaml +++ b/.github/workflows/builders.yaml @@ -6,7 +6,7 @@ on: jobs: centos9-bootc: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -25,7 +25,7 @@ jobs: build: bootc-image centos10-bootc: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -44,7 +44,7 @@ jobs: build: bootc-image fedora-bootc: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -63,7 +63,7 @@ jobs: build: bootc-image ubuntu-rpm2deb: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -79,7 +79,7 @@ jobs: okd-version-tag: ${{ steps.detect-okd-version.outputs.okd-version-tag }} isolated-network-kindnet: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -98,7 +98,7 @@ jobs: build: bootc-image isolated-network-ovnk: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 diff --git a/.github/workflows/installers.yaml b/.github/workflows/installers.yaml index a5a6737e..fcc960f6 100644 --- a/.github/workflows/installers.yaml +++ b/.github/workflows/installers.yaml @@ -6,7 +6,7 @@ on: jobs: quick-start-and-clean: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 diff --git a/.github/workflows/linters.yaml b/.github/workflows/linters.yaml index 169c3ec0..8b4fbba0 100644 --- a/.github/workflows/linters.yaml +++ b/.github/workflows/linters.yaml @@ -6,7 +6,7 @@ on: jobs: shellcheck: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 @@ -16,7 +16,7 @@ jobs: make _shellcheck hadolint: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Check out MicroShift upstream repository uses: actions/checkout@v4 From 95405cf28f6c020bb134967dec2b5c26d264b187 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Mon, 20 Oct 2025 20:16:11 +0300 Subject: [PATCH 09/11] Disable CNI plugin configuration files to allow Kindnet override --- src/deb/install.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/deb/install.sh b/src/deb/install.sh index 15260fbd..75f88c40 100755 --- a/src/deb/install.sh +++ b/src/deb/install.sh @@ -65,6 +65,11 @@ function install_crio() { apt-get update -y -q apt-get install -y -q cri-o crun containernetworking-plugins + # Disable all CNI plugin configuration files to allow Kindnet override + find /etc/cni/net.d -name '*.conflist' -print 2>/dev/null | while read -r cl ; do + mv "${cl}" "${cl}.disabled" + done + # Query the containernetworking-plugins package installation directory # and update the CRI-O configuration file to use it local -r cni_dir="$(dpkg -L containernetworking-plugins | grep -E '/portmap$' | tail -1 | xargs dirname)" @@ -136,8 +141,8 @@ function install_microshift() { done apt-get install -y -q -f - # Enable the MicroShift service - systemctl enable microshift + # Enable the MicroShift service + systemctl enable microshift } # From 0124201ad283bf291955f3de7082d8420b99be4e Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Mon, 20 Oct 2025 23:01:16 +0300 Subject: [PATCH 10/11] Ubuntu version precisions --- Makefile | 3 +-- README.md | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 9312a4c5..3d4a87aa 100644 --- a/Makefile +++ b/Makefile @@ -22,7 +22,6 @@ ISOLATED_NETWORK ?= 0 SHELL := /bin/bash BUILDER_IMAGE := microshift-okd-builder USHIFT_IMAGE := microshift-okd -RPM2DEB_IMAGE ?= docker.io/library/ubuntu:latest LVM_DISK := /var/lib/microshift-okd/lvmdisk.image VG_NAME := myvg1 @@ -155,7 +154,7 @@ run-healthy: .PHONY: login login: @echo "Logging into the MicroShift container" - sudo podman exec -it "${USHIFT_IMAGE}" bash + sudo podman exec -it "${USHIFT_IMAGE}" bash -l .PHONY: stop stop: diff --git a/README.md b/README.md index e51adf4e..03dcc48f 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ following operating systems. | CentOS 9 | RPM | Y | Y | Y | Y | Y | Latest version in Stream 9 | | CentOS 10 | RPM | Y | Y | Y | Y | Y | Latest version in Stream 10 | | Fedora | RPM | Y | N | Y | Y | Y | Latest released version (e.g. 42) | -| Ubuntu | DEB | N | N | Y | Y | N | Latest released version (e.g. 24.04) | +| Ubuntu | DEB | N | N | Y | Y | N | Latest LTS version (e.g. 24.04) | Notes: - MicroShift Bootc container images can be run on any operating system supported From 14e66f9b08fd2531a67b220dd7d07b8487924ee9 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Tue, 21 Oct 2025 14:47:30 +0300 Subject: [PATCH 11/11] Address human code review comments --- .github/actions/build-deb/action.yaml | 7 ++++--- .github/actions/prebuild/action.yaml | 2 +- Makefile | 6 +++--- docs/build.md | 10 +++++----- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index 5a5a8c99..16a75e15 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -41,7 +41,7 @@ runs: - name: Convert the MicroShift RPMs to Debian packages shell: bash run: | - make rpm-deb RPM_OUTDIR=/mnt/rpms + make rpm-to-deb RPM_OUTDIR=/mnt/rpms - name: Install the MicroShift Debian packages shell: bash @@ -93,10 +93,11 @@ runs: run: | # Change the default profiles and plugins to adapt to the Debian environment # Profiles: - # - Remove microshift + # - Remove non-existent microshift # - Add storage # Plugins: - # - Remove firewalld, rpmostree, rpm + # - Remove unused firewalld and rpm + # - Remove non-existent rpmostree # - Add ufw, apt sudo microshift-sos-report \ --profiles network,security,storage \ diff --git a/.github/actions/prebuild/action.yaml b/.github/actions/prebuild/action.yaml index aba521ea..96320b83 100644 --- a/.github/actions/prebuild/action.yaml +++ b/.github/actions/prebuild/action.yaml @@ -15,7 +15,7 @@ runs: sudo chmod 1777 /mnt/tmp sudo apt-get update -y -q - sudo apt-get install -y -q make lvm2 podman jq curl alien + sudo apt-get install -y -q make lvm2 podman jq curl # Redirect the container build directories to /mnt/ to avoid running out of disk space. sudo mv /var/tmp /var/tmp.orig diff --git a/Makefile b/Makefile index 3d4a87aa..cd1952b0 100644 --- a/Makefile +++ b/Makefile @@ -40,7 +40,7 @@ all: @echo " check: run the presubmit checks" @echo "" @echo "Sub-targets:" - @echo " rpm-deb: convert the MicroShift RPMs to Debian packages" + @echo " rpm-to-deb: convert the MicroShift RPMs to Debian packages" @echo " run-ready: wait until the MicroShift service is ready" @echo " run-healthy: wait until the MicroShift service is healthy" @echo " clean-all: perform a full cleanup, including the container images" @@ -65,8 +65,8 @@ rpm: echo "Build completed successfully" && \ echo "RPMs are available in '$${outdir}'" -.PHONY: rpm-deb -rpm-deb: +.PHONY: rpm-to-deb +rpm-to-deb: if [ -z "${RPM_OUTDIR}" ] ; then \ echo "ERROR: RPM_OUTDIR is not set" ; \ exit 1 ; \ diff --git a/docs/build.md b/docs/build.md index 315e92ba..0198a2ea 100644 --- a/docs/build.md +++ b/docs/build.md @@ -57,7 +57,7 @@ Notes: ### Create DEB Packages -Create the MicroShift DEB packages by running the `make rpm-deb` command. +Create the MicroShift DEB packages by running the `make rpm-to-deb` command. The following options can be specified in the make command line using the `NAME=VAL` format. @@ -65,13 +65,13 @@ The following options can be specified in the make command line using the `NAME= |------------|----------|----------|----------| | RPM_OUTDIR | yes | none | RPM repository directory to convert | -The `make rpm-deb` command converts MicroShift RPMs to Debian packages. The path -to an existing RPM repository must be specified using the mandatory `RPM_OUTDIR` -make command line. +The `make rpm-to-deb` command converts MicroShift RPMs to Debian packages. +The path to an existing RPM repository must be specified using the mandatory +`RPM_OUTDIR` make command line. ```bash RPM_OUTDIR=/tmp/microshift-rpms -make rpm-deb RPM_OUTDIR="${RPM_OUTDIR}" +make rpm-to-deb RPM_OUTDIR="${RPM_OUTDIR}" ``` If the conversion completes successfully, the Debian packages are copied to the