The Toybox images had two issues:
1. Distroless does not support /bin -> /usr/bin so we needed to
create it manually to get /bin/bash for Toybox. However, with this
Openshift image validation complains that we are touching the "base"
image.
2. We could not use buildkit since it fails with /bin symlink
copied over /bin directory from Distroless.
The simple fix is just to move away from all /bin/sh and /bin/bash
and use "/usr/bin/env bash" to resolve the path instead. This allows
to keep /bin untouched.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Our *.Dockefile's allow builders to specify FINAL_BASE base image
to which static binaries are copied for the final image.
Initcontainers install toybox with a minimum set of "coreutils"
needed but with some final base images the minimum set can be
even smaller since they may already have /bin/sh, ls etc. installed.
Make initcontainers to have base image specific toybox-config.
For now, "static" for distroles/static and "ubi8-micro" for
UBI base image configs are created.
At the same time, move the toybox build to "usrmerge" based
setup where everything is installed to /usr/bin and /bin is
a symlink to /usr/bin. buildkit does not seem to like it so
disable buildkit usage for now.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
As a build optimization, allow usage of pre-created licenses.
Together with usage of go mod vendor, the container build
times are significantly shorter.
Dockerfiles are generated from include-snippets on the fly.
Signed-off-by: Ukri Niemimuukko <ukri.niemimuukko@intel.com>
An earlier commit updated the license install paths in our
distroless based images. This updates the remaining ones
to stay consistent.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Added LABELs (name, vendor, version, release, summary, description) to all plugins and updated
scripts/set-version.sh script to include the LABEL version='<image-tag>' by passing TAG parameter
to make set-version TAG=<image-tag>
Signed-off-by: chaitanya1731 <chaitanya.kulkarni@intel.com>
go mod tidy adds more requirements because of the changes in 1.17:
"Go versions 1.17 and higher retain more requirements in order to
support lazy module loading."
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
Add checksum checks for toybox and qat driver
Use toybox version 0.8.5 instead of 0.8.4
Update toybox-config
Signed-off-by: Hyeongju Johannes Lee <hyeongju.lee@intel.com>
This is the part 2 of the work to move our published container images
to new base images. The initcontainers will be based on
distroless/static and the VPU plugin is based on Debian.
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
This reverts commit 6c02ff51fc.
crun fails to build the images [1] but when setting BUILDAH_RUNTIME
to runc the workaround is no longer needed.
[1] https://github.com/containers/podman/issues/9378
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
This adds an nfd-hook for the gpu-plugin, which will create labels
for the GPUs that can then be used for POD deployment purposes or
creation of GPU extended resources which allow then finer grained
GPU resource management.
The nfd-hook will install to the host system when the
intel-gpu-initcontainer is run. It is added into the plugin deployment
yaml.
Signed-off-by: Ukri Niemimuukko <ukri.niemimuukko@intel.com>
