diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a8defc5ce..9d2b0501f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -34,6 +34,8 @@ jobs: sudo mv /tmp/artifact/crun-*-linux-arm64-disable-systemd /tmp/artifact/crun-linux-arm64-disable-systemd sudo mv /tmp/artifact/crun-*-linux-ppc64le /tmp/artifact/crun-linux-ppc64le sudo mv /tmp/artifact/crun-*-linux-ppc64le-disable-systemd /tmp/artifact/crun-linux-ppc64le-disable-systemd + sudo mv /tmp/artifact/crun-*-linux-riscv64 /tmp/artifact/crun-linux-riscv64 + sudo mv /tmp/artifact/crun-*-linux-riscv64-disable-systemd /tmp/artifact/crun-linux-riscv64-disable-systemd sudo mv /tmp/artifact/*.tar.gz /tmp/artifact/crun.tar.gz sudo mv /tmp/artifact/*.tar.xz /tmp/artifact/crun.tar.xz (cd /tmp/artifact; sha256sum * | sudo tee CHECKSUMS) @@ -68,6 +70,16 @@ jobs: name: crun-linux-ppc64le-disable-systemd path: /tmp/artifact/crun-linux-ppc64le-disable-systemd + - uses: actions/upload-artifact@v3 + with: + name: crun-linux-riscv64 + path: /tmp/artifact/crun-linux-riscv64 + + - uses: actions/upload-artifact@v3 + with: + name: crun-linux-riscv64-disable-systemd + path: /tmp/artifact/crun-linux-riscv64-disable-systemd + - uses: actions/upload-artifact@v3 with: name: crun.tar.gz diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 49691fb14..eb25b54e0 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -18,6 +18,8 @@ jobs: distro: ubuntu_latest - arch: ppc64le distro: ubuntu_latest + - arch: riscv64 + distro: ubuntu_latest steps: - uses: actions/checkout@v3 with: diff --git a/build-aux/release.sh b/build-aux/release.sh index f97ad15f6..60563d041 100755 --- a/build-aux/release.sh +++ b/build-aux/release.sh @@ -81,6 +81,18 @@ cp ./result/bin/crun $OUTDIR/crun-$VERSION-linux-ppc64le-disable-systemd rm -rf result +$RUNTIME run --rm $RUNTIME_EXTRA_ARGS --privileged -v /nix:/nix -v ${PWD}:${PWD} -w ${PWD} ${NIX_IMAGE} \ + nix $NIX_ARGS build --file nix/default-riscv64.nix +cp ./result/bin/crun $OUTDIR/crun-$VERSION-linux-riscv64 + +rm -rf result + +$RUNTIME run --rm $RUNTIME_EXTRA_ARGS --privileged -v /nix:/nix -v ${PWD}:${PWD} -w ${PWD} ${NIX_IMAGE} \ + nix $NIX_ARGS build --file nix/default-riscv64.nix --arg enableSystemd false +cp ./result/bin/crun $OUTDIR/crun-$VERSION-linux-riscv64-disable-systemd + +rm -rf result + if test x$SKIP_GPG = x; then for i in $OUTDIR/*; do gpg2 -b --armour $i diff --git a/nix/default-riscv64.nix b/nix/default-riscv64.nix new file mode 100644 index 000000000..4945bc324 --- /dev/null +++ b/nix/default-riscv64.nix @@ -0,0 +1,103 @@ +{ enableSystemd ? true }: +let + static = import ./static.nix; + pkgs = (import ./nixpkgs.nix { + crossSystem = { + config = "riscv64-unknown-linux-gnu"; + }; + config = { + packageOverrides = pkg: { + gcrypt = (static pkg.libgcrypt); + gpgme = (static pkg.gpgme); + libassuan = (static pkg.libassuan); + libgpgerror = (static pkg.libgpgerror); + libseccomp = (static pkg.libseccomp); + glib = (static pkg.glib).overrideAttrs (x: { + outputs = [ "bin" "out" "dev" ]; + mesonFlags = [ + "-Ddefault_library=static" + "-Ddevbindir=${placeholder ''dev''}/bin" + "-Dgtk_doc=false" + "-Dnls=disabled" + ]; + postInstall = '' + moveToOutput "share/glib-2.0" "$dev" + substituteInPlace "$dev/bin/gdbus-codegen" --replace "$out" "$dev" + sed -i "$dev/bin/glib-gettextize" -e "s|^gettext_dir=.*|gettext_dir=$dev/share/glib-2.0/gettext|" + sed '1i#line 1 "${x.pname}-${x.version}/include/glib-2.0/gobject/gobjectnotifyqueue.c"' \ + -i "$dev"/include/glib-2.0/gobject/gobjectnotifyqueue.c + ''; + }); + libcap = (static pkg.libcap).overrideAttrs (x: { + postInstall = '' + mkdir -p "$doc/share/doc/${x.pname}-${x.version}" + cp License "$doc/share/doc/${x.pname}-${x.version}/" + mkdir -p "$pam/lib/security" + mv "$lib"/lib/security "$pam/lib" + ''; + }); + systemd = (static pkg.systemd).overrideAttrs (x: { + outputs = [ "out" "dev" ]; + mesonFlags = x.mesonFlags ++ [ + "-Dglib=false" + "-Dbpf-compiler=gcc" + "-Dbpf-framework=false" + "-Dstatic-libsystemd=true" + ]; + }); + yajl = (static pkg.yajl).overrideAttrs (x: { + preConfigure = '' + export CMAKE_STATIC_LINKER_FLAGS="-static" + ''; + }); + zstd = pkg.zstd.overrideAttrs (x: { + cmakeFlags = x.cmakeFlags ++ [ "-DZSTD_BUILD_CONTRIB:BOOL=OFF" ]; + preInstall = ""; + }); + }; + }; + }); + + self = with pkgs; stdenv.mkDerivation rec { + name = "crun"; + src = ./..; + vendorSha256 = null; + doCheck = false; + enableParallelBuilding = true; + outputs = [ "out" ]; + nativeBuildInputs = with buildPackages; [ + autoreconfHook + bash + gitMinimal + pkg-config + python3 + which + ]; + buildInputs = [ + gcrypt + glibc + glibc.static + libcap + libseccomp + systemd + yajl + ]; + configureFlags = [ "--enable-static" ] + ++ lib.optional (!enableSystemd) [ "--disable-systemd" ]; + prePatch = '' + export CFLAGS='-static -pthread' + export LDFLAGS='-s -w -static-libgcc -static' + export EXTRA_LDFLAGS='-s -w -linkmode external -extldflags "-static -lm"' + export CRUN_LDFLAGS='-all-static' + export LIBS='${glibc.static}/lib/libc.a ${glibc.static}/lib/libpthread.a ${glibc.static}/lib/librt.a ${lib.getLib libcap}/lib/libcap.a ${lib.getLib libseccomp}/lib/libseccomp.a ${lib.getLib systemd}/lib/libsystemd.a ${yajl}/lib/libyajl_s.a ${gcrypt}/lib/libgcrypt.a' + ''; + buildPhase = '' + patchShebangs . + make + ''; + installPhase = '' + install -Dm755 crun $out/bin/crun + ''; + }; +in +self diff --git a/rpm/crun.spec b/rpm/crun.spec index dcdd670a8..b46c51503 100644 --- a/rpm/crun.spec +++ b/rpm/crun.spec @@ -45,7 +45,7 @@ URL: https://github.com/containers/%{name} %if %{defined golang_arches_future} ExclusiveArch: %{golang_arches_future} %else -ExclusiveArch: aarch64 ppc64le s390x x86_64 +ExclusiveArch: aarch64 ppc64le riscv64 s390x x86_64 %endif BuildRequires: autoconf BuildRequires: automake