From 6ed54fac2e0b4ee81270a417419bc488a1828120 Mon Sep 17 00:00:00 2001 From: Jarrett Tierney Date: Wed, 17 Apr 2024 16:10:52 -0700 Subject: [PATCH] static-pods: move to own package and include in kubernetes-* --- packages/kubernetes-1.23/Cargo.toml | 1 + packages/kubernetes-1.23/kubernetes-1.23.spec | 1 + packages/kubernetes-1.24/Cargo.toml | 1 + packages/kubernetes-1.24/kubernetes-1.24.spec | 1 + packages/kubernetes-1.25/Cargo.toml | 1 + packages/kubernetes-1.25/kubernetes-1.25.spec | 1 + packages/kubernetes-1.26/Cargo.toml | 1 + packages/kubernetes-1.26/kubernetes-1.26.spec | 1 + packages/kubernetes-1.27/Cargo.toml | 1 + packages/kubernetes-1.27/kubernetes-1.27.spec | 1 + packages/kubernetes-1.28/Cargo.toml | 1 + packages/kubernetes-1.28/kubernetes-1.28.spec | 1 + packages/kubernetes-1.29/Cargo.toml | 1 + packages/kubernetes-1.29/kubernetes-1.29.spec | 1 + packages/kubernetes-1.30/Cargo.toml | 1 + packages/kubernetes-1.30/kubernetes-1.30.spec | 1 + packages/os/os.spec | 18 --------- packages/static-pods/Cargo.toml | 14 +++++++ packages/static-pods/static-pods-toml | 15 ++++++++ packages/static-pods/static-pods.spec | 38 +++++++++++++++++++ sources/api/static-pods/src/main.rs | 2 +- .../shared-defaults/kubernetes-services.toml | 6 ++- variants/Cargo.lock | 15 ++++++++ 23 files changed, 104 insertions(+), 20 deletions(-) create mode 100644 packages/static-pods/Cargo.toml create mode 100644 packages/static-pods/static-pods-toml create mode 100644 packages/static-pods/static-pods.spec diff --git a/packages/kubernetes-1.23/Cargo.toml b/packages/kubernetes-1.23/Cargo.toml index 2d4dc3e7fc0..38050ec02ef 100644 --- a/packages/kubernetes-1.23/Cargo.toml +++ b/packages/kubernetes-1.23/Cargo.toml @@ -45,6 +45,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider = { path = "../ecr-credential-provider" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.23/kubernetes-1.23.spec b/packages/kubernetes-1.23/kubernetes-1.23.spec index e75039b6201..5b7b1ddcad8 100644 --- a/packages/kubernetes-1.23/kubernetes-1.23.spec +++ b/packages/kubernetes-1.23/kubernetes-1.23.spec @@ -69,6 +69,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.23 %{summary}. diff --git a/packages/kubernetes-1.24/Cargo.toml b/packages/kubernetes-1.24/Cargo.toml index 6700fea5dc7..a92c9f1d424 100644 --- a/packages/kubernetes-1.24/Cargo.toml +++ b/packages/kubernetes-1.24/Cargo.toml @@ -24,6 +24,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider = { path = "../ecr-credential-provider" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.24/kubernetes-1.24.spec b/packages/kubernetes-1.24/kubernetes-1.24.spec index 7ae8db082eb..f4e1a0c3f6a 100644 --- a/packages/kubernetes-1.24/kubernetes-1.24.spec +++ b/packages/kubernetes-1.24/kubernetes-1.24.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.24 %{summary}. diff --git a/packages/kubernetes-1.25/Cargo.toml b/packages/kubernetes-1.25/Cargo.toml index 3311b6647c9..81d08768ef9 100644 --- a/packages/kubernetes-1.25/Cargo.toml +++ b/packages/kubernetes-1.25/Cargo.toml @@ -24,6 +24,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider = { path = "../ecr-credential-provider" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.25/kubernetes-1.25.spec b/packages/kubernetes-1.25/kubernetes-1.25.spec index de7319c4ee7..a8c0bcd96a2 100644 --- a/packages/kubernetes-1.25/kubernetes-1.25.spec +++ b/packages/kubernetes-1.25/kubernetes-1.25.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.25 %{summary}. diff --git a/packages/kubernetes-1.26/Cargo.toml b/packages/kubernetes-1.26/Cargo.toml index 5060df71392..2c5810b0aa9 100644 --- a/packages/kubernetes-1.26/Cargo.toml +++ b/packages/kubernetes-1.26/Cargo.toml @@ -24,6 +24,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider = { path = "../ecr-credential-provider" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.26/kubernetes-1.26.spec b/packages/kubernetes-1.26/kubernetes-1.26.spec index 84536887c64..16167cba983 100644 --- a/packages/kubernetes-1.26/kubernetes-1.26.spec +++ b/packages/kubernetes-1.26/kubernetes-1.26.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.26 %{summary}. diff --git a/packages/kubernetes-1.27/Cargo.toml b/packages/kubernetes-1.27/Cargo.toml index e49007e0fe3..6708659e1bc 100644 --- a/packages/kubernetes-1.27/Cargo.toml +++ b/packages/kubernetes-1.27/Cargo.toml @@ -25,6 +25,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider-1_27 = { path = "../ecr-credential-provider-1.27" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.27/kubernetes-1.27.spec b/packages/kubernetes-1.27/kubernetes-1.27.spec index f7061661b2f..16f38c6fb94 100644 --- a/packages/kubernetes-1.27/kubernetes-1.27.spec +++ b/packages/kubernetes-1.27/kubernetes-1.27.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider-1.27 Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.27 %{summary}. diff --git a/packages/kubernetes-1.28/Cargo.toml b/packages/kubernetes-1.28/Cargo.toml index 8cb8816f28f..cdddb1a2ddc 100644 --- a/packages/kubernetes-1.28/Cargo.toml +++ b/packages/kubernetes-1.28/Cargo.toml @@ -25,6 +25,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider-1_27 = { path = "../ecr-credential-provider-1.27" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.28/kubernetes-1.28.spec b/packages/kubernetes-1.28/kubernetes-1.28.spec index c8a49a30059..4c4595b7cb6 100644 --- a/packages/kubernetes-1.28/kubernetes-1.28.spec +++ b/packages/kubernetes-1.28/kubernetes-1.28.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider-1.27 Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.28 %{summary}. diff --git a/packages/kubernetes-1.29/Cargo.toml b/packages/kubernetes-1.29/Cargo.toml index a27508ce49d..33c27286d2a 100644 --- a/packages/kubernetes-1.29/Cargo.toml +++ b/packages/kubernetes-1.29/Cargo.toml @@ -25,6 +25,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider-1_29 = { path = "../ecr-credential-provider-1.29" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.29/kubernetes-1.29.spec b/packages/kubernetes-1.29/kubernetes-1.29.spec index 9149941888d..d3b377549c5 100644 --- a/packages/kubernetes-1.29/kubernetes-1.29.spec +++ b/packages/kubernetes-1.29/kubernetes-1.29.spec @@ -70,6 +70,7 @@ Requires: %{_cross_os}containerd Requires: %{_cross_os}findutils Requires: %{_cross_os}ecr-credential-provider-1.29 Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.29 %{summary}. diff --git a/packages/kubernetes-1.30/Cargo.toml b/packages/kubernetes-1.30/Cargo.toml index 8fd9e9ffcd4..f8c8c63e9c0 100644 --- a/packages/kubernetes-1.30/Cargo.toml +++ b/packages/kubernetes-1.30/Cargo.toml @@ -26,6 +26,7 @@ glibc = { path = "../glibc" } [dependencies] aws-signing-helper = { path = "../aws-signing-helper" } ecr-credential-provider-1_29 = { path = "../ecr-credential-provider-1.29" } +static-pods = { path = "../static-pods" } # `conntrack-tools`, `containerd` and `findutils` are only needed at runtime, # and are pulled in by `release`. # conntrack-tools = { path = "../conntrack-tools" } diff --git a/packages/kubernetes-1.30/kubernetes-1.30.spec b/packages/kubernetes-1.30/kubernetes-1.30.spec index c2bb78ec2be..e8049e35be5 100644 --- a/packages/kubernetes-1.30/kubernetes-1.30.spec +++ b/packages/kubernetes-1.30/kubernetes-1.30.spec @@ -72,6 +72,7 @@ Requires: %{_cross_os}findutils # TODO: update to ecr-credential-provider-1.30 Requires: %{_cross_os}ecr-credential-provider-1.29 Requires: %{_cross_os}aws-signing-helper +Requires: %{_cross_os}static-pods %description -n %{_cross_os}kubelet-1.30 %{summary}. diff --git a/packages/os/os.spec b/packages/os/os.spec index 4f083daf5ec..b6c33c52f97 100644 --- a/packages/os/os.spec +++ b/packages/os/os.spec @@ -108,10 +108,6 @@ Requires: %{_cross_os}updog Requires: %{_cross_os}pluto %endif -%if %{with k8s_runtime} -Requires: %{_cross_os}static-pods -%endif - %if %{with aws_platform} Requires: %{_cross_os}shibaken Requires: %{_cross_os}cfsignal @@ -244,13 +240,6 @@ Summary: Dynamic setting generator for kubernetes %{summary}. %endif -%if %{with k8s_runtime} -%package -n %{_cross_os}static-pods -Summary: Manages user-defined K8S static pods -%description -n %{_cross_os}static-pods -%{summary}. -%endif - %if %{with aws_platform} %package -n %{_cross_os}shibaken Summary: Run tasks reliant on IMDS @@ -384,7 +373,6 @@ echo "** Output from non-static builds:" -p bloodhound \ -p xfscli \ %{?with_aws_platform: -p shibaken} \ - %{?with_k8s_runtime: -p static-pods} \ %{?with_nvidia_flavor: -p driverdog} \ %{nil} @@ -418,7 +406,6 @@ for p in \ ghostdog bootstrap-containers \ shimpei bloodhound bottlerocket-checks \ %{?with_aws_platform: shibaken} \ - %{?with_k8s_runtime: static-pods} \ %{?with_nvidia_flavor: driverdog} \ ; do install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/${p} %{buildroot}%{_cross_bindir} @@ -699,11 +686,6 @@ install -p -m 0644 %{S:400} %{S:401} %{S:402} %{buildroot}%{_cross_licensedir} %{_cross_datadir}/eks/eni-max-pods %endif -%if %{with k8s_runtime} -%files -n %{_cross_os}static-pods -%{_cross_bindir}/static-pods -%endif - %files -n %{_cross_os}shimpei %{_cross_bindir}/shimpei %{_cross_templatedir}/oci-default-hooks-json diff --git a/packages/static-pods/Cargo.toml b/packages/static-pods/Cargo.toml new file mode 100644 index 00000000000..85fd40b767a --- /dev/null +++ b/packages/static-pods/Cargo.toml @@ -0,0 +1,14 @@ +[package] +name = "static-pods" +version = "0.1.0" +edition = "2021" +publish = false +build = "../build.rs" + +[lib] +path = "../packages.rs" + +[build-dependencies] +glibc = { path = "../glibc" } + +[dependencies] diff --git a/packages/static-pods/static-pods-toml b/packages/static-pods/static-pods-toml new file mode 100644 index 00000000000..1c6d7bebe49 --- /dev/null +++ b/packages/static-pods/static-pods-toml @@ -0,0 +1,15 @@ +[required-extensions] +kubernetes = "v1" +std = { version = "v1", helpers = ["if_not_null"] } ++++ +{{#if_not_null settings.kubernetes.static-pods}} +{{#each settings.kubernetes.static-pods}} +["{{@key}}"] +{{#if_not_null this.enabled}} +enabled = {{this.enabled}} +{{/if_not_null}} +{{#if_not_null this.manifest}} +manifest = "{{{this.manifest}}}" +{{/if_not_null}} +{{/each}} +{{/if_not_null}} diff --git a/packages/static-pods/static-pods.spec b/packages/static-pods/static-pods.spec new file mode 100644 index 00000000000..13c6d026807 --- /dev/null +++ b/packages/static-pods/static-pods.spec @@ -0,0 +1,38 @@ +%global _cross_first_party 1 +%undefine _debugsource_packages + +Name: %{_cross_os}static-pods +Version: 0.0 +Release: 0%{?dist} +Summary: Manages user-defined K*S static pods +License: Apache-2.0 OR MIT +URL: https://github.com/bottlerocket-os/bottlerocket + +Source0: static-pods-toml + +BuildRequires: %{_cross_os}glibc-devel + +%description +%{summary}. + +%prep +%setup -T -c +%cargo_prep + +%build +mkdir bin + +echo "** Compile static-pods agent" +%cargo_build --manifest-path %{_builddir}/sources/Cargo.toml \ + -p static-pods + +%install +install -d %{buildroot}%{_cross_bindir} +install -p -m 0755 ${HOME}/.cache/%{__cargo_target}/release/static-pods %{buildroot}%{_cross_bindir} + +install -d %{buildroot}%{_cross_templatedir} +install -p -m 0644 %{S:0} %{buildroot}%{_cross_templatedir} + +%files +%{_cross_bindir}/static-pods +%{_cross_templatedir}/static-pods-toml \ No newline at end of file diff --git a/sources/api/static-pods/src/main.rs b/sources/api/static-pods/src/main.rs index c90b86e7e4b..c4af33d49bf 100644 --- a/sources/api/static-pods/src/main.rs +++ b/sources/api/static-pods/src/main.rs @@ -27,7 +27,7 @@ use std::process; use std::str::FromStr; use tempfile::{NamedTempFile, TempDir}; -const DEFAULT_CONFIG_PATH: &str = "/etc/kubernetes/static-pods.toml"; +const DEFAULT_CONFIG_PATH: &str = "/etc/kubernetes/static-pods-manifest.toml"; const STATIC_POD_DIR: &str = "/etc/kubernetes/static-pods"; const ETC_KUBE_DIR: &str = "/etc/kubernetes"; diff --git a/sources/models/shared-defaults/kubernetes-services.toml b/sources/models/shared-defaults/kubernetes-services.toml index a31b389d7a6..fd206df1bb0 100644 --- a/sources/models/shared-defaults/kubernetes-services.toml +++ b/sources/models/shared-defaults/kubernetes-services.toml @@ -57,8 +57,12 @@ path = "/etc/kubernetes/kubelet/credential-provider-config.yaml" template-path = "/usr/share/templates/credential-provider-config-yaml" mode = "0600" +[configuration-files.static-pods-toml] +path = "/etc/kubernetes/static-pods-manifest.toml" +template-path = "/usr/share/templates/static-pods-toml" + [services.static-pods] -configuration-files = [] +configuration-files = ["static-pods-toml"] restart-commands = ["/usr/bin/static-pods"] [metadata.settings.kubernetes.static-pods] diff --git a/variants/Cargo.lock b/variants/Cargo.lock index 6ab5f2857e1..2331fdcec78 100644 --- a/variants/Cargo.lock +++ b/variants/Cargo.lock @@ -626,6 +626,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider", "glibc", + "static-pods", ] [[package]] @@ -635,6 +636,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider", "glibc", + "static-pods", ] [[package]] @@ -644,6 +646,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider", "glibc", + "static-pods", ] [[package]] @@ -653,6 +656,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider", "glibc", + "static-pods", ] [[package]] @@ -662,6 +666,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider-1_27", "glibc", + "static-pods", ] [[package]] @@ -671,6 +676,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider-1_27", "glibc", + "static-pods", ] [[package]] @@ -680,6 +686,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider-1_29", "glibc", + "static-pods", ] [[package]] @@ -689,6 +696,7 @@ dependencies = [ "aws-signing-helper", "ecr-credential-provider-1_29", "glibc", + "static-pods", ] [[package]] @@ -1173,6 +1181,13 @@ version = "0.1.0" name = "shim" version = "0.1.0" +[[package]] +name = "static-pods" +version = "0.1.0" +dependencies = [ + "glibc", +] + [[package]] name = "strace" version = "0.1.0"