From a243336353dc417dded63ea2370fffb7a75ce1dc Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Tue, 21 Oct 2025 10:30:35 +0300 Subject: [PATCH 1/7] Refactor deb/install.sh and add cri-tools installation --- src/deb/install.sh | 153 +++++++++++++++++++++++++-------------------- 1 file changed, 85 insertions(+), 68 deletions(-) diff --git a/src/deb/install.sh b/src/deb/install.sh index 75f88c40..2166dac0 100755 --- a/src/deb/install.sh +++ b/src/deb/install.sh @@ -6,6 +6,78 @@ function usage() { exit 1 } +# Helper function to determine the latest available version of a DEB package +# by trying descending patch/minor versions from an initial version. +# +# Inspired by: +# https://kubernetes.io/blog/2023/10/10/cri-o-community-package-infrastructure/#deb-based-distributions +# +# Arguments: +# - debpkg (for reporting, e.g., "cri-o" or "kubectl") +# - version (initial full version string, e.g., "1.28") +# - relkey_base (base URL, e.g., "https://pkgs.k8s.io/addons:/cri-o:/stable:") +# Returns: +# - Echoes the found version to stdout +# - Exits with an error if the package is not found +function find_debpkg_version() { + local debpkg="$1" + local version="$2" + local relkey_base="$3" + + for _ in 1 2 3 ; do + local relkey + relkey="${relkey_base}/v${version}/deb/Release.key" + if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then + echo "WARNING: The ${debpkg} package version '${version}' not found in the repository. Trying the previous version." >&2 + # Decrement the minor version component + version="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$version")" + relkey="${relkey_base}/v${version}/deb/Release.key" + else + echo "Found '${debpkg}' package version '${version}'" >&2 + echo "${version}" + return + fi + done + + echo "ERROR: Failed to find the '${debpkg}' package in the repository" >&2 + exit 1 +} + +# Generic function for installing a DEB package from a repository. +# +# Inspired by: +# https://kubernetes.io/blog/2023/10/10/cri-o-community-package-infrastructure/#deb-based-distributions +# +# Arguments: +# - debpkg: Name of the main package to install (single package) +# - version: Version string of the package (e.g., "1.28") +# - relkey: URL to the repository Release.key (GPG key) +# - extra_packages: Additional package names to pass to apt-get install (optional) +# Returns: +# - None +function install_debpkg() { + local debpkg="$1" + local version="$2" + local relkey="$3" + local extra_packages="${4:-}" + + local -r outname="${debpkg}-${version}" + local -r gpgkey="/etc/apt/keyrings/${outname}-apt-keyring.gpg" + + # Download the GPG key and add it to the keyring + rm -f "${gpgkey}" + curl -fsSL "${relkey}" | gpg --batch --dearmor -o "${gpgkey}" + + # Add the repository to the sources.list.d directory + echo "deb [signed-by=${gpgkey}] $(dirname "${relkey}") /" > \ + "/etc/apt/sources.list.d/${outname}.list" + + # Install the package and its dependencies + apt-get update -y -q + # shellcheck disable=SC2086 + apt-get install -y -q "${debpkg}=${version}*" ${extra_packages} +} + function install_prereqs() { # Pre-install the required packages export DEBIAN_FRONTEND=noninteractive @@ -27,43 +99,15 @@ function install_firewall() { ufw reload } -# Instructions for installing CRI-O: -# https://kubernetes.io/blog/2023/10/10/cri-o-community-package-infrastructure/#deb-based-distributions function install_crio() { # shellcheck source=/dev/null source "${DEB_DIR}/dependencies.txt" - local criver="${CRIO_VERSION}" - local relkey - # Find the desired CRI-O package in the repository. - # Fall back to the previous version if not found. - local crio_found=false - for _ in 1 2 3 ; do - relkey="https://pkgs.k8s.io/addons:/cri-o:/stable:/v${criver}/deb/Release.key" - if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then - echo "WARNING: The CRI-O package version '${criver}' not found in the repository. Trying the previous version." - criver="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$criver")" - else - echo "Installing CRI-O package version '${criver}'" - crio_found=true - break - fi - done - if [ "${crio_found}" != "true" ] ; then - echo "ERROR: Failed to find the CRI-O package in the repository" - exit 1 - fi - - # Set up the CRI-O repository - local -r gpgkey="/etc/apt/keyrings/cri-o-${criver}-apt-keyring.gpg" - rm -f "${gpgkey}" - curl -fsSL "${relkey}" | gpg --batch --dearmor -o "${gpgkey}" - echo "deb [signed-by=${gpgkey}] $(dirname "${relkey}") /" > \ - "/etc/apt/sources.list.d/cri-o-${criver}.list" - - # Install the CRI-O package and dependencies - apt-get update -y -q - apt-get install -y -q cri-o crun containernetworking-plugins + # Find the desired CRI-O package in the repository + local -r pkgver="$(find_debpkg_version "cri-o" "${CRIO_VERSION}" "https://pkgs.k8s.io/addons:/cri-o:/stable:")" + # Install the package of the found version and its dependencies + local -r relkey="https://pkgs.k8s.io/addons:/cri-o:/stable:/v${pkgver}/deb/Release.key" + install_debpkg "cri-o" "${pkgver}" "${relkey}" "crun containernetworking-plugins" # Disable all CNI plugin configuration files to allow Kindnet override find /etc/cni/net.d -name '*.conflist' -print 2>/dev/null | while read -r cl ; do @@ -85,42 +129,15 @@ EOF systemctl restart crio } -function install_kubectl() { +function install_ctl_tools() { # shellcheck source=/dev/null source "${DEB_DIR}/dependencies.txt" - local kubever="${CRIO_VERSION}" - local relkey - # Find the desired Kubectl package in the repository. - # Fall back to the previous version if not found. - local kubectl_found=false - for _ in 1 2 3 ; do - relkey="https://pkgs.k8s.io/core:/stable:/v${kubever}/deb/Release.key" - if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then - echo "WARNING: The kubectl package version '${kubever}' not found in the repository. Trying the previous version." - kubever="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$kubever")" - else - echo "Installing kubectl package version '${kubever}'" - kubectl_found=true - break - fi - done - - if [ "${kubectl_found}" != "true" ] ; then - echo "ERROR: Failed to find the kubectl package in the repository" - exit 1 - fi - - # Set up the Kubernetes repository - local -r gpgkey="/etc/apt/keyrings/kubernetes-${kubever}-apt-keyring.gpg" - rm -f "${gpgkey}" - curl -fsSL "${relkey}" | gpg --batch --dearmor -o "${gpgkey}" - echo "deb [signed-by=${gpgkey}] $(dirname "${relkey}") /" > \ - "/etc/apt/sources.list.d/kubernetes-${kubever}.list" - - # Install the Kubectl package and dependencies - apt-get update -y -q - apt-get install -y -q kubectl + # Find the desired kubectl package in the repository + local -r pkgver="$(find_debpkg_version "kubectl" "${CRIO_VERSION}" "https://pkgs.k8s.io/core:/stable:")" + # Install the package of the found version and its dependencies + local -r relkey="https://pkgs.k8s.io/core:/stable:/v${pkgver}/deb/Release.key" + install_debpkg "kubectl" "${pkgver}" "${relkey}" cri-tools # Create a symlink to the kubectl command as 'oc' if [ ! -f /usr/bin/oc ] ; then @@ -128,7 +145,7 @@ function install_kubectl() { fi # Set the kubectl configuration - if [ ! -f ~/.kube/config ] ; then + if [ ! -e ~/.kube/config ] && [ ! -L ~/.kube/config ] ; then mkdir -p ~/.kube ln -s /var/lib/microshift/resources/kubeadmin/kubeconfig ~/.kube/config fi @@ -173,6 +190,6 @@ install_prereqs install_firewall # Prerequisites install_crio -install_kubectl +install_ctl_tools # MicroShift install_microshift From d547f243b963433845e7535df38bdbe4ada019a3 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Tue, 21 Oct 2025 10:30:43 +0300 Subject: [PATCH 2/7] Update DEB uninstall instructions --- docs/run.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/run.md b/docs/run.md index 06040925..a832d306 100644 --- a/docs/run.md +++ b/docs/run.md @@ -150,12 +150,22 @@ make stop ### RPM -Run the following command to delete all the MicroShift data and uninstall the +Run the following commands to delete all the MicroShift data and uninstall the MicroShift RPM packages. ```bash echo y | sudo microshift-cleanup-data --all -sudo dnf remove -y microshift* +sudo dnf remove -y 'microshift*' +``` + +### DEB + +Run the following commands to delete all the MicroShift data and uninstall the +MicroShift DEB packages. + +```bash +echo y | sudo microshift-cleanup-data --all +sudo apt purge -y 'microshift*' ``` ### Bootc Containers From c27eeaab19388304d2ce34e722af607e3870fe6f Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Tue, 21 Oct 2025 10:57:56 +0300 Subject: [PATCH 3/7] Add data and package cleanup test to build-deb --- .github/actions/build-deb/action.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index 5a5a8c99..c7da57a2 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -78,6 +78,17 @@ runs: exit 1 fi + - name: Cleanup the MicroShift data and packages + shell: bash + run: | + sudo microshift-cleanup-data --all + sudo apt purge -y 'microshift*' + + if sudo apt list | grep -Eq ^microshift ; then + echo "ERROR: Failed to purge the MicroShift packages" + exit 1 + fi + # Uncomment this to enable tmate-debug on failure # - name: Pause and open tmate debug session # if: failure() From 91f4f071eb48ce34c694c81debb92f49ecb5ffca Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Tue, 21 Oct 2025 19:06:40 +0300 Subject: [PATCH 4/7] Add proper input for microshift-cleanup-data --- .github/actions/build-deb/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index 2af1b517..6c0f41f4 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -81,7 +81,7 @@ runs: - name: Cleanup the MicroShift data and packages shell: bash run: | - sudo microshift-cleanup-data --all + echo y | sudo microshift-cleanup-data --all sudo apt purge -y 'microshift*' if sudo apt list | grep -Eq ^microshift ; then From f16699ccef866de3365c02022160d957acc56a6a Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Wed, 29 Oct 2025 18:57:10 +0200 Subject: [PATCH 5/7] Check for 0 when decrementing minor version component --- src/deb/install.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/deb/install.sh b/src/deb/install.sh index 2166dac0..bf253ef0 100755 --- a/src/deb/install.sh +++ b/src/deb/install.sh @@ -30,8 +30,13 @@ function find_debpkg_version() { if ! curl -fsSL "${relkey}" -o /dev/null 2>/dev/null ; then echo "WARNING: The ${debpkg} package version '${version}' not found in the repository. Trying the previous version." >&2 # Decrement the minor version component - version="$(awk -F. '{printf "%d.%d", $1, $2-1}' <<<"$version")" - relkey="${relkey_base}/v${version}/deb/Release.key" + local xver="${version%%.*}" + local yver="${version#*.}" + if [ "${yver}" -lt 1 ] ; then + echo "ERROR: The minor version component cannot be decremented below 0" >&2 + break + fi + version="${xver}.$(( yver - 1 ))" else echo "Found '${debpkg}' package version '${version}'" >&2 echo "${version}" From f8bd5071b90f1e9e384ac247581914dc960e7027 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Thu, 30 Oct 2025 10:44:52 +0200 Subject: [PATCH 6/7] Use sos report command directly because the script is uninstalled --- .github/actions/build-deb/action.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index 6c0f41f4..3850b04a 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -102,7 +102,11 @@ runs: if: failure() shell: bash run: | - # Change the default profiles and plugins to adapt to the Debian environment + # Cannot use the microshift-sos-report script because it was uninstalled. + # Use the sos command directly instead. + # + # Change the default profiles and plugins used in microshift-sos-report + # to adapt to the Debian environment. # Profiles: # - Remove non-existent microshift # - Add storage @@ -110,10 +114,13 @@ runs: # - Remove unused firewalld and rpm # - Remove non-existent rpmostree # - Add ufw, apt - sudo microshift-sos-report \ + sudo sos report \ + --quiet \ + --batch \ + --all-logs \ + --tmp-dir /mnt/tmp \ --profiles network,security,storage \ --plugins container_log,crio,logs,ufw,apt \ - --tmp-dir /mnt/tmp sudo chmod 644 /mnt/tmp/sosreport-* - name: Upload sos report to the GitHub Actions artifact From 0fa8a8cc40a1b02c8aad955d20e49efe8cf5ab19 Mon Sep 17 00:00:00 2001 From: Gregory Giguashvili Date: Thu, 30 Oct 2025 11:30:13 +0200 Subject: [PATCH 7/7] Fix sos report syntax --- .github/actions/build-deb/action.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/build-deb/action.yaml b/.github/actions/build-deb/action.yaml index 3850b04a..41376bce 100644 --- a/.github/actions/build-deb/action.yaml +++ b/.github/actions/build-deb/action.yaml @@ -120,7 +120,7 @@ runs: --all-logs \ --tmp-dir /mnt/tmp \ --profiles network,security,storage \ - --plugins container_log,crio,logs,ufw,apt \ + --plugins container_log,crio,logs,ufw,apt sudo chmod 644 /mnt/tmp/sosreport-* - name: Upload sos report to the GitHub Actions artifact