[master] fix and refactor static packages

[crazy-max]

fixes an issue introduced by #654 while adding buildx static package. also review the bits that generates the static packages:

• with dockerd we need to detect if cross compilation is necessary. this is something we should fix upstream so we don't need this check and can full rely on --platform with buildx.
• makefile has been simplified so we don't need to duplicate goals and rely only on TARGETPLATFORM.
• Jenkinsfile is lighter and additionally generates static packages for additional platforms that were missing (linux/arm/v6, linux/arm/v7, linux/arm64)
• adds a job matrix on GHA so we can also test its behavior on GitHub Runners.
• static packages were missing for buildx against windows and darwin platforms.

Signed-off-by: CrazyMax [email protected]

[crazy-max]

moby engine cross compilation fails for linux/arm/v6. Should be fixed upstream: https://github.com/docker/docker-ce-packaging/runs/5737440583?check_suite_focus=true#step:4:2372

#43 0.132 
#43 0.138 ---> Making bundle: cross (in /build/bundles/cross)
#43 0.139 Cross building: /build/bundles/cross/linux/arm/v6
#43 0.182 Building: /build/bundles/cross/linux/arm/v6-daemon/dockerd-0.0.0-20220329083112-174e51c
#43 0.182 GOOS="linux" GOARCH="arm" GOARM="6"
#43 76.80 # github.com/docker/docker/cmd/dockerd
#43 76.80 loadinternal: cannot find runtime/cgo
#43 76.80 /usr/local/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1
#43 76.80 gcc: error: unrecognized command-line option '-marm'; did you mean '-mabm'?

[thaJeztah]

Just a first glance over the changes, thought I'd post some initial "thinking out loud" comments

[thaJeztah]

didn't xx also have a utility for something like this? (wondering if we can somehow centralise this effort)

[crazy-max]

yes there is the xx-info one and we should use it in a follow-up when we will be able to be sandboxed inside a Dockerfile. See #665 (comment)

[tianon]

Wouldn't it be better (and a lot simpler) to use go env GOARCH / go env GOOS here? 😇

If we don't get to assume access to go, maybe something like docker version --format '{{ .Server.Os }}/{{ .Server.Arch }}'?
(not sure how we reliably get "current variant" but that's pretty complicated/a guess regardless, so letting the auto-detection default to v7 seems pretty sane IMO 🙈)

[thaJeztah]

this no longer needed? was slightly wondering if we must do the reverse and always explicitly specify platform 🤔

[crazy-max]

We can't with moby atm unfortunately. only cli, buildx supports it without effort. hence #665 (comment). if it's fixed on moby we can remove the docker_engine_cross logic in build-static script.

[thaJeztah]

LGTM

[tianon]

@thaJeztah asked me to take a look -- had more comments than I expected, but nothing super major 😅

[tianon]

Wouldn't it be better (and a lot simpler) to use go env GOARCH / go env GOOS here? 😇

If we don't get to assume access to go, maybe something like docker version --format '{{ .Server.Os }}/{{ .Server.Arch }}'?
(not sure how we reliably get "current variant" but that's pretty complicated/a guess regardless, so letting the auto-detection default to v7 seems pretty sane IMO 🙈)

[tianon]

That PR is merged -- does that mean this line can go away now? 👀 (or does it need to point somewhere else for the FIXME now? 😅)

[crazy-max]

Yes for master or 22.06+ but not with 20.10 😣. Can update the comment though.

[thaJeztah]

We don't need to take 20.10 into account (we use the 20.10 branch for that)

[tianon]

😬

This line has several assumptions baked into it and changes the user's default buildx builder -- at the very least, I think we should probably be explicit about --driver docker-container on the create command, right? (so that it explicitly matches what we checked for with inspect)

[crazy-max]

Yes indeed good point

[crazy-max]

Thanks a bunch for the review @tianon!

Wouldn't it be better (and a lot simpler) to use go env GOARCH / go env GOOS here? 😇

If we don't get to assume access to go, maybe something like docker version --format '{{ .Server.Os }}/{{ .Server.Arch }}'?
(not sure how we reliably get "current variant" but that's pretty complicated/a guess regardless, so letting the auto-detection default to v7 seems pretty sane IMO 🙈)

A bunch of the os, arch and variant detection logic is taken from xx which has bats tests to cover these cases. This project is used as cross comp helper in some of our repos. See https://github.com/tonistiigi/xx/blob/master/base/xx-info to have a better understanding of the logic. Maybe it would be better to fetch the scripts instead of just copying part of its logic. Will improve that and see if we can get rid of scripts/target-platform.

[thaJeztah]

So, looks like something's still broken; the cross-compiled versions are missing the containerd binaries. It looks like --target=cross in the moby repository does not include them in the bundles directory (need to check why)

docker buildx build \
    --build-arg CGO_ENABLED= \
    --build-arg CONTAINERD_VERSION \
    --build-arg CROSS=true \
    --build-arg DEFAULT_PRODUCT_LICENSE \
    --build-arg DOCKER_CROSSPLATFORMS=linux/arm64 \
    --build-arg PACKAGER_NAME \
    --build-arg PLATFORM \
    --build-arg PRODUCT \
    --build-arg RUNC_VERSION \
    --build-arg VERSION=22.06.0-beta.1 \
    --output ./bundles \
    --target cross .

tree bundles
bundles
└── cross
    └── linux
        └── arm64-daemon
            ├── docker-proxy -> docker-proxy-22.06.0-beta.1
            ├── docker-proxy-22.06.0-beta.1
            ├── docker-proxy-22.06.0-beta.1.md5
            ├── docker-proxy-22.06.0-beta.1.sha256
            ├── dockerd -> dockerd-22.06.0-beta.1
            ├── dockerd-22.06.0-beta.1
            ├── dockerd-22.06.0-beta.1.md5
            └── dockerd-22.06.0-beta.1.sha256

3 directories, 8 files

[thaJeztah]

I dug a bit further, and currently;

• the cross target on moby/moby only cross-compiles the docker daemon. The confusing bit was that containerd and runc are also built as part of the cross target, but not cross-compiled
• I could make containerd cross-compile by passing the right env-vars, but runc looks to need a bit more work

So, I'll have to dig further to see how feasible that is (given that we hope to build both as part of containerd packaging soon, so it would be temporary).

For platforms that we have machines for in Jenkins this won't be an issue (linux/amd64 and linux/arm64), but for other platforms that may be an issue (arm32 variants including)

[crazy-max]

@thaJeztah moby/moby#43529 would fix this