diff --git a/config/peerpods/podvm/Dockerfile.podvm-builder b/config/peerpods/podvm/Dockerfile.podvm-builder index 6803e79c..28fbfd51 100644 --- a/config/peerpods/podvm/Dockerfile.podvm-builder +++ b/config/peerpods/podvm/Dockerfile.podvm-builder @@ -8,7 +8,18 @@ FROM registry.access.redhat.com/ubi9/ubi:9.4 LABEL kata_src=https://github.com/kata-containers/kata-containers -LABEL kata_src_commit=stable-3.6 +LABEL kata_src_commit=stable-3.7 + +ARG ORG_ID +ARG ACTIVATION_KEY + +# This registering RHEL when building on an unsubscribed system +# If you are running a UBI container on a registered and subscribed RHEL host, +# the main RHEL Server repository is enabled inside the standard UBI container +RUN if [[ -n "${ACTIVATION_KEY}" && -n "${ORG_ID}" ]]; then \ + rm -f /etc/rhsm-host && rm -f /etc/pki/entitlement-host; \ + subscription-manager register --org=${ORG_ID} --activationkey=${ACTIVATION_KEY}; \ + fi RUN mkdir -p /scripts @@ -19,6 +30,8 @@ RUN /scripts/azure-podvm-image-handler.sh -- install_rpms ARG CAA_SRC=https://github.com/confidential-containers/cloud-api-adaptor ARG CAA_REF=main ARG CERT_RPM + + ENV CAA_SRC=$CAA_SRC ENV CAA_REF=$CAA_REF ENV CERT_RPM=$CERT_RPM @@ -27,6 +40,7 @@ RUN if [[ -n "$CERT_RPM" ]] ; then \ dnf install -y $CERT_RPM ; \ fi + RUN git clone ${CAA_SRC} -b ${CAA_REF} /src/cloud-api-adaptor ADD podvm-builder.sh /podvm-builder.sh diff --git a/config/peerpods/podvm/azure-podvm-image-handler.sh b/config/peerpods/podvm/azure-podvm-image-handler.sh index b6eed42d..6d936788 100755 --- a/config/peerpods/podvm/azure-podvm-image-handler.sh +++ b/config/peerpods/podvm/azure-podvm-image-handler.sh @@ -98,6 +98,17 @@ function add_azure_repositories() { echo "Azure yum repositories added successfully" } +function set_image_version_and_name() { + # Set the image version + # It should follow the Major(int).Minor(int).Patch(int) + IMAGE_VERSION="${IMAGE_VERSION_MAJ_MIN}.$(date +'%Y%m%d%S')" + export IMAGE_VERSION + + # Set the image name + IMAGE_NAME="${IMAGE_BASE_NAME}-${IMAGE_VERSION}" + export IMAGE_NAME +} + # function to install azure CLI function install_azure_cli() { @@ -234,15 +245,8 @@ function create_image_using_packer() { # If any error occurs, exit the script with an error message # The variables are set before calling the function - # Set the image version - # It should follow the Major(int).Minor(int).Patch(int) - IMAGE_VERSION="${IMAGE_VERSION_MAJ_MIN}.$(date +'%Y%m%d%S')" - export IMAGE_VERSION - - # Set the image name - IMAGE_NAME="${IMAGE_BASE_NAME}-${IMAGE_VERSION}" - export IMAGE_NAME - + # Set the image version and name + set_image_version_and_name # Set the base image details if [[ "${PODVM_DISTRO}" == "rhel" ]]; then @@ -490,6 +494,28 @@ function create_image() { install_binary_packages fi + # Based on the value of `IMAGE_TYPE` the image is either build from scratch or using the prebuilt artifact. + if [[ "${IMAGE_TYPE}" == "operator-built" ]]; then + create_azure_image_from_scratch + elif [[ "${IMAGE_TYPE}" == "pre-built" ]]; then + create_azure_image_from_prebuilt_artifact + fi + + # Get the image id of the newly created image. + # This will set the IMAGE_ID variable + get_image_id + + # Add the image id as annotation to peer-pods-cm configmap + add_image_id_annotation_to_peer_pods_cm + + echo "Azure image created successfully" + +} + +# Function to create the azure image from scratch using packer +function create_azure_image_from_scratch() { + echo "Creating Azure image from scratch" + if [[ "${DOWNLOAD_SOURCES}" == "yes" ]]; then # Download source code from GitHub download_source_code @@ -504,15 +530,133 @@ function create_image() { # Create Azure image using packer create_image_using_packer - # Get the image id of the newly created image. - # This will set the IMAGE_ID variable - get_image_id + echo "Azure image created successfully from scratch" +} - # Add the image id as annotation to peer-pods-cm configmap - add_image_id_annotation_to_peer_pods_cm +# Function to create the azure image from prebuilt artifact +# The prebuilt artifact is expected to be a vhd image - echo "Azure image created successfully" +function create_azure_image_from_prebuilt_artifact() { + echo "Creating Azure image from prebuilt artifact" + + # Set the IMAGE_VERSION and IMAGE_NAME + set_image_version_and_name + + echo "Pulling the podvm image from the provided path" + image_src="/tmp/image" + extraction_destination_path="/image" + image_repo_auth_file="/tmp/regauth/auth.json" + + # Get the PODVM_IMAGE_TYPE, PODVM_IMAGE_TAG and PODVM_IMAGE_SRC_PATH + get_image_type_url_and_path + + case "${PODVM_IMAGE_TYPE}" in + oci) + echo "Extracting the Azure image from the given path." + + mkdir -p "${extraction_destination_path}" || + error_exit "Failed to create the image directory" + + extract_container_image "${PODVM_IMAGE_URL}" \ + "${PODVM_IMAGE_TAG}" \ + "${image_src}" \ + "${extraction_destination_path}" \ + "${image_repo_auth_file}" + + # Form the path of the podvm vhd image. + podvm_image_path="${extraction_destination_path}/rootfs/${PODVM_IMAGE_SRC_PATH}" + + # Convert the podvm image to vhd if it's not a vhd image + # This will set the VHD_IMAGE_PATH global variable + convert_podvm_image_to_vhd "${podvm_image_path}" + + # Upload the vhd to the storage container + # This will set the VHD_URL global variable + upload_vhd_image "${VHD_IMAGE_PATH}" "${IMAGE_NAME}" + + # Create the image version from the VHD + az sig image-version create \ + --resource-group "${AZURE_RESOURCE_GROUP}" \ + --gallery-name "${IMAGE_GALLERY_NAME}" \ + --gallery-image-definition "${IMAGE_DEFINITION_NAME}" \ + --gallery-image-version "${IMAGE_VERSION}" \ + --os-vhd-uri "${VHD_URL}" \ + --os-vhd-storage-account "${STORAGE_ACCOUNT_NAME}" \ + --target-regions "${AZURE_REGION}" || + error_exit "Failed to create the image version" + + # Clean up + rm "${podvm_image_path}" + az storage account delete \ + --name "${STORAGE_ACCOUNT_NAME}" \ + --resource-group "${AZURE_RESOURCE_GROUP}" \ + --yes || + error_exit "Failed to delete the storage account" + + ;; + *) + error_exit "Currently only OCI image unpacking is supported, exiting." + ;; + esac + + echo "Azure image created successfully from prebuilt artifact" +} +# Function to upload the vhd to the volume + +function upload_vhd_image() { + echo "Uploading the vhd to the storage container" + + local vhd_path="${1}" + local image_name="${2}" + + [[ -z "${vhd_path}" ]] && error_exit "VHD path is empty" + + # Create a storage account if it doesn't exist + STORAGE_ACCOUNT_NAME="podvmartifacts$(date +%s)" + az storage account create \ + --name "${STORAGE_ACCOUNT_NAME}" \ + --resource-group "${AZURE_RESOURCE_GROUP}" \ + --location "${AZURE_REGION}" \ + --sku Standard_LRS \ + --encryption-services blob || + error_exit "Failed to create the storage account" + + # Get storage account key + STORAGE_ACCOUNT_KEY=$(az storage account keys list \ + --resource-group "${AZURE_RESOURCE_GROUP}" \ + --account-name "${STORAGE_ACCOUNT_NAME}" \ + --query '[0].value' \ + -o tsv) || + error_exit "Failed to get the storage account key" + + # Create a container in the storage account + CONTAINER_NAME="podvm-artifacts" + az storage container create \ + --name "${CONTAINER_NAME}" \ + --account-name "${STORAGE_ACCOUNT_NAME}" \ + --account-key "${STORAGE_ACCOUNT_KEY}" || + error_exit "Failed to create the storage container" + + # Upload the VHD to the storage container + az storage blob upload --account-name "${STORAGE_ACCOUNT_NAME}" \ + --account-key "${STORAGE_ACCOUNT_KEY}" \ + --container-name "${CONTAINER_NAME}" \ + --file "${vhd_path}" \ + --name "${image_name}" || + error_exit "Failed to upload the VHD to the storage container" + + # Get the URL of the uploaded VHD + VHD_URL=$(az storage blob url \ + --account-name "${STORAGE_ACCOUNT_NAME}" \ + --account-key "${STORAGE_ACCOUNT_KEY}" \ + --container-name "${CONTAINER_NAME}" \ + --name "${image_name}" -o tsv) || + error_exit "Failed to get the URL of the uploaded VHD" + + export VHD_URL + + echo "VHD uploaded successfully" } # Function to delete a specific image version from Azure diff --git a/config/peerpods/podvm/lib.sh b/config/peerpods/podvm/lib.sh index c132caa1..ea5582c4 100644 --- a/config/peerpods/podvm/lib.sh +++ b/config/peerpods/podvm/lib.sh @@ -30,6 +30,7 @@ function install_rpm_packages() { "unzip" "skopeo" "jq" + "qemu-img" # for handling pre-built images. Note that this rpm requires subscription ) # Create a new array to store rpm packages that are not installed @@ -231,15 +232,15 @@ function prepare_source_code() { # disable ssh and unsafe cloud-init modules if [[ "$CONFIDENTIAL_COMPUTE_ENABLED" == "yes" ]] || [[ -n "$CUSTOM_CLOUD_INIT_MODULES" ]]; then - [[ "$CUSTOM_CLOUD_INIT_MODULES" != "no" ]] && [[ "$CLOUD_PROVIDER" != "libvirt" ]] && set_custom_cloud_init_modules + [[ "$CUSTOM_CLOUD_INIT_MODULES" != "no" ]] && [[ "$CLOUD_PROVIDER" != "libvirt" ]] && set_custom_cloud_init_modules fi - # Validate and copy HKD for IBM Z Secure Enablement + # Validate and copy HKD for IBM Z Secure Enablement if [[ "$SE_BOOT" == "true" ]]; then if [[ -z "$HOST_KEY_CERTS" ]]; then error_exit "Error: HKD is not present." else - echo "$HOST_KEY_CERTS" >> "${podvm_dir}/files/HKD.crt" + echo "$HOST_KEY_CERTS" >>"${podvm_dir}/files/HKD.crt" fi fi @@ -278,7 +279,7 @@ function download_and_extract_pause_image() { # Accepts six arguments: # 1. container_image_repo_url: The registry URL of the source container image. # 2. image_tag: The tag of the source container image. -# 3. dest_image: The destination image name. +# 3. dest_image: The destination image name. # 4. destination_path: The destination path where the image is to be extracted. # 5. auth_json_file (optional): Path to the registry secret file to use for downloading the image. function extract_container_image() { @@ -309,6 +310,10 @@ function extract_container_image() { umoci unpack --rootless --image "${dest_image}:${image_tag}" "${destination_path}" || error_exit "Failed to extract the container image" + # Display the content of the destination_path + echo "Extracted container image content:" + ls -l "${destination_path}" + } # These are cloud-init modules we allow for the CoCo case, it's mostly used to disable ssh @@ -336,7 +341,7 @@ cloud_final_modules: - final_message - power_state_change EOF - echo "sudo cp -a /tmp/files/etc/cloud/cloud.cfg.d/* /etc/cloud/cloud.cfg.d/" >> "${podvm_dir}"/qcow2/copy-files.sh + echo "sudo cp -a /tmp/files/etc/cloud/cloud.cfg.d/* /etc/cloud/cloud.cfg.d/" >>"${podvm_dir}"/qcow2/copy-files.sh echo "Inject cloud-init configuration file:" && cat "${cfg_file}" } @@ -374,10 +379,13 @@ EOF function get_image_type_url_and_path() { # Use pattern matching to split on '::' and then on ':', and capture output + # The PODVM_IMAGE_URI is evaluated in the podvm-builder.sh + # It must be set in the {provider}-podvm-image-cm configmap if needed + # shellcheck disable=SC2153 if [[ $PODVM_IMAGE_URI =~ ^([^:]+)::([^:]+)(:([^:]+))?(::(.+))?$ ]]; then PODVM_IMAGE_TYPE="${BASH_REMATCH[1]}" PODVM_IMAGE_URL="${BASH_REMATCH[2]}" - PODVM_IMAGE_TAG="${BASH_REMATCH[4]}" # This will be empty if not present + PODVM_IMAGE_TAG="${BASH_REMATCH[4]}" # This will be empty if not present PODVM_IMAGE_SRC_PATH="${BASH_REMATCH[6]}" # This will be empty if not present fi @@ -392,16 +400,134 @@ function get_image_type_url_and_path() { export PODVM_IMAGE_TYPE PODVM_IMAGE_URL PODVM_IMAGE_TAG PODVM_IMAGE_SRC_PATH } +# Function to get format of the podvm image +# Input: podvm image path +# Use qemu-img info to get the image info +# export the image format as PODVM_IMAGE_FORMAT +function get_podvm_image_format() { + image_path="${1}" + echo "Getting format of the PodVM image: ${image_path}" + + # jq -r when you want to output plain strings without quotes. Otherwise the string will be quoted + PODVM_IMAGE_FORMAT=$(qemu-img info -f raw --output json "${image_path}" | jq -r '.format') || + error_exit "Failed to get podvm image info" + + # vhd images are also raw format. So check the file extension. It's crude but for + # now it's good enough hopefully + if [[ "${image_path}" == *.vhd ]] && [[ "${PODVM_IMAGE_FORMAT}" == "raw" ]]; then + PODVM_IMAGE_FORMAT="vhd" + fi + + echo "PodVM image format for ${image_path}: ${PODVM_IMAGE_FORMAT}" + export PODVM_IMAGE_FORMAT +} + # Function to validate the podvm image type. +# Input: podvm image path function validate_podvm_image() { - PODVM_IMAGE_PATH="${1}" + image_path="${1}" + + echo "Validating PodVM image: ${image_path}" - # Currently only qcow2 based PodVM images are supported for image upload. - if [[ "$(file -b $PODVM_IMAGE_PATH)" != *QCOW2* ]]; then - error_exit "PodVM image is not a valid qcow2, exiting." + # Get the podvm image format. This sets the PODVM_IMAGE_FORMAT global variable + get_podvm_image_format "${image_path}" + + # Check if the format is qcow2, raw or vhd + if [[ "${PODVM_IMAGE_FORMAT}" != "qcow2" && + "${PODVM_IMAGE_FORMAT}" != "raw" && + "${PODVM_IMAGE_FORMAT}" != "vhd" ]]; then + error_exit "PodVM image is neither a valid qcow2, raw or vhd, exiting." fi - echo "Checksum of the PodVM image: $(sha256sum $PODVM_IMAGE_PATH)" + echo "Checksum of the PodVM image: $(sha256sum "$image_path")" +} + +# Function to convert qcow2 image to vhd image +# Input: qcow2 image +# Output: vhddisk image +function convert_qcow2_to_vhd() { + qcow2disk=${1} + rawdisk="$(basename -s qcow2 "${1}")raw" + vhddisk="$(basename -s qcow2 "${1}")vhd" + echo "Qcow2 disk name: ${qcow2disk}" + echo "Raw disk name: ${rawdisk}" + echo "VHD disk name: ${vhddisk}" + + # Convert qcow2 to raw + qemu-img convert -f qcow2 -O raw "${qcow2disk}" "${rawdisk}" || + error_exit "Failed to convert qcow2 to raw" + + # Convert raw to vhd + resize_and_convert_raw_to_vhd_image "${rawdisk}" + + # Clean up the raw disk + rm -f "${rawdisk}" + + echo "Successfully converted qcow2 to vhd image name: ${vhddisk}" + export VHD_IMAGE_PATH="${vhddisk}" +} + +# Function to resize and convert raw image to 1MB aligned vhd image for Azure +# Input: raw disk image +# Output: vhddisk image +function resize_and_convert_raw_to_vhd_image() { + rawdisk=${1} + vhddisk="$(basename -s raw "${1}")vhd" + + echo "Raw disk name: ${rawdisk}" + echo "VHD disk name: ${vhddisk}" + + MB=$((1024 * 1024)) + size=$(qemu-img info -f raw --output json "$rawdisk" | jq '."virtual-size"') || + error_exit "Failed to get raw disk size" + + echo "Raw disk size: ${size}" + + rounded_size=$(((size + MB - 1) / MB * MB)) + + echo "Rounded Size = ${rounded_size}" + + echo "Rounding up raw disk to 1MB" + qemu-img resize -f raw "$rawdisk" "$rounded_size" || + error_exit "Failed to resize raw disk" + + echo "Converting raw to vhd" + qemu-img convert -f raw -o subformat=fixed,force_size -O vpc "$rawdisk" "$vhddisk" || + error_exit "Failed to convert raw to vhd" + + echo "Successfully converted raw to vhd image name: ${vhddisk}" + export VHD_IMAGE_PATH="${vhddisk}" +} + +# Function to check image and convert to vhd if needed +# Input: image +# Output: vhddisk image +function convert_podvm_image_to_vhd() { + image_path=${1} + + # Get the podvm image type. This sets the PODVM_IMAGE_FORMAT global variable + get_podvm_image_format "${image_path}" + + case "${PODVM_IMAGE_FORMAT}" in + "qcow2") + # Convert the qcow2 image to vhd + convert_qcow2_to_vhd "${image_path}" + ;; + "raw") + # Convert the raw image to vhd + resize_and_convert_raw_to_vhd_image "${image_path}" + ;; + "vhd") + echo "PodVM image is already a vhd image" + export VHD_IMAGE_PATH="${image_path}" + ;; + *) + error_exit "Invalid podvm image format: ${PODVM_IMAGE_FORMAT}" + ;; + esac + + echo "Successfully converted podvm image to vhd image name: ${VHD_IMAGE_PATH}" + } # Global variables diff --git a/config/peerpods/podvm/libvirt-podvm-image-handler.sh b/config/peerpods/podvm/libvirt-podvm-image-handler.sh index c6e4017a..45f629ce 100755 --- a/config/peerpods/podvm/libvirt-podvm-image-handler.sh +++ b/config/peerpods/podvm/libvirt-podvm-image-handler.sh @@ -63,7 +63,7 @@ function create_libvirt_image_from_prebuilt_artifact() { mkdir -p "${EXTRACTION_DESTINATION_PATH}" || error_exit "Failed to create the image directory" - + extract_container_image "${PODVM_IMAGE_URL}" "${PODVM_IMAGE_TAG}" "${IMAGE_SRC}" "${EXTRACTION_DESTINATION_PATH}" "${IMAGE_REPO_AUTH_FILE}" # Form the path of the podvm qcow2 image. @@ -102,10 +102,10 @@ function create_libvirt_image_from_scratch() { download_rhel_kvm_guest_qcow2 # Prepare the pause image for embedding into the libvirt image - download_and_extract_pause_image "${PAUSE_IMAGE_REPO}" "${PAUSE_IMAGE_VERSION}" "${PAUSE_IMAGE_REPO_AUTH_FILE}" + download_and_extract_pause_image "${PAUSE_IMAGE_REPO}" "${PAUSE_IMAGE_VERSION}" "${PAUSE_IMAGE_REPO_AUTH_FILE}" - cd "${CAA_SRC_DIR}"/podvm || \ - error_exit "Failed to change directory to "${CAA_SRC_DIR}"/podvm" + cd "${CAA_SRC_DIR}"/podvm || + error_exit "Failed to change directory to ${CAA_SRC_DIR}/podvm" LIBC=gnu make BINARIES= PAUSE_BUNDLE= image PODVM_IMAGE_PATH=/payload/podvm-libvirt.qcow2 @@ -123,8 +123,8 @@ function create_libvirt_image_from_scratch() { function download_rhel_kvm_guest_qcow2() { #Validate RHEL version for IBM Z Secure Enablement if [ "$SE_BOOT" == "true" ]; then - version=$(echo $BASE_OS_VERSION | awk -F "." '{ print $1 }') - release=$(echo $BASE_OS_VERSION | awk -F "." '{ print $2 }') + version=$(echo "$BASE_OS_VERSION" | awk -F "." '{ print $1 }') + release=$(echo "$BASE_OS_VERSION" | awk -F "." '{ print $2 }') if [[ "$version" -lt 9 || ("$version" -eq 9 && "$release" -lt 4) ]]; then error_exit "Libvirt Secure Execution supports RHEL OS version 9.4 or above" fi @@ -137,24 +137,25 @@ function download_rhel_kvm_guest_qcow2() { TOKEN_GENERATOR_URI=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token IMAGES_URI=https://api.access.redhat.com/management/v1/images/rhel/"${BASE_OS_VERSION}"/"${ARCH}" - filename="rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2" + filename="rhel-${BASE_OS_VERSION}-${ARCH}-kvm.qcow2" token=$(curl "${TOKEN_GENERATOR_URI}" \ -d grant_type=refresh_token -d client_id=rhsm-api -d refresh_token="${REDHAT_OFFLINE_TOKEN}" | jq --raw-output .access_token) images=$(curl -X 'GET' "${IMAGES_URI}" \ - -H 'accept: application/json' -H "Authorization: Bearer "${token}"" | jq ) + -H 'accept: application/json' -H "Authorization: Bearer ${token}" | jq) download_href=$(echo "${images}" | jq -r --arg fn "${filename}" '.body[] | select(.filename == $fn) | .downloadHref') download_url=$(curl -X 'GET' "${download_href}" \ - -H "Authorization: Bearer "${token}"" -H 'accept: application/json' | jq -r .body.href ) + -H "Authorization: Bearer ${token}" -H 'accept: application/json' | jq -r .body.href) - curl -X GET "${download_url}" -H "Authorization: Bearer "${token}"" --output rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2 + curl -X GET "${download_url}" -H "Authorization: Bearer ${token}" --output rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2 cp -pr rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2 "${CAA_SRC_DIR}"/podvm/rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2 export IMAGE_URL="${CAA_SRC_DIR}"/podvm/rhel-"${BASE_OS_VERSION}"-"${ARCH}"-kvm.qcow2 - export IMAGE_CHECKSUM=$(sha256sum "${IMAGE_URL}" | awk '{ print $1 }') + IMAGE_CHECKSUM=$(sha256sum "${IMAGE_URL}" | awk '{ print $1 }') + export IMAGE_CHECKSUM } @@ -163,8 +164,8 @@ function download_rhel_kvm_guest_qcow2() { function upload_libvirt_image() { PODVM_IMAGE_PATH="${1}" - echo "LIBVIRT_VOL_NAME: "${LIBVIRT_VOL_NAME}"" && echo "LIBVIRT_POOL: "${LIBVIRT_POOL}"" && \ - echo "LIBVIRT_URI: "${LIBVIRT_URI}"" && echo "PODVM_IMAGE_PATH: "${PODVM_IMAGE_PATH}"" + echo "LIBVIRT_VOL_NAME: ${LIBVIRT_VOL_NAME}" && echo "LIBVIRT_POOL: ${LIBVIRT_POOL}" && + echo "LIBVIRT_URI: ${LIBVIRT_URI}" && echo "PODVM_IMAGE_PATH: ${PODVM_IMAGE_PATH}" echo "Starting to upload the image." virsh -d 0 -c "${LIBVIRT_URI}" vol-upload --vol "${LIBVIRT_VOL_NAME}" "${PODVM_IMAGE_PATH}" --pool "${LIBVIRT_POOL}" --sparse if [ $? -eq 0 ]; then @@ -174,7 +175,7 @@ function upload_libvirt_image() { # Function to add the libvirt_volume_name in the peer-pods-cm configmap -function add_libvirt_vol_to_peer_pods_cm(){ +function add_libvirt_vol_to_peer_pods_cm() { if [ "${UPDATE_PEERPODS_CM}" == "yes" ]; then # Check if the peer-pods-cm configmap exists @@ -186,7 +187,7 @@ function add_libvirt_vol_to_peer_pods_cm(){ # Add the libvirt image id to peer-pods-cm configmap echo "Updating peer-pods-cm configmap with LIBVIRT_IMAGE_ID=${LIBVIRT_VOL_NAME}" kubectl patch configmap peer-pods-cm -n openshift-sandboxed-containers-operator \ - --type merge -p "{\"data\":{\"LIBVIRT_IMAGE_ID\":\"${LIBVIRT_VOL_NAME}\"}}" || + --type merge -p "{\"data\":{\"LIBVIRT_IMAGE_ID\":\"${LIBVIRT_VOL_NAME}\"}}" || error_exit "Failed to add the libvirt image id to peer-pods-cm configmap" fi } @@ -197,7 +198,7 @@ function add_libvirt_vol_to_peer_pods_cm(){ function delete_libvirt_image() { echo "Deleting Libvirt image" - # Delete the Libvirt pool + # Delete the Libvirt pool # If any error occurs, exit the script with an error message # LIBVIRT_POOL shouldn't be empty @@ -207,7 +208,7 @@ function delete_libvirt_image() { echo "Deleting libvirt pool." virsh -d 0 -c "${LIBVIRT_URI}" pool-destroy "${LIBVIRT_POOL}" || error_exit "Failed to destroy the libvirt pool" - + virsh -d 0 -c "${LIBVIRT_URI}" pool-undefine "${LIBVIRT_POOL}" || error_exit "Failed to undefine the libvirt pool" @@ -231,7 +232,7 @@ function delete_libvirt_vol_from_peer_pods_cm() { # Delete the libvirt image id from peer-pods-cm configmap kubectl patch configmap peer-pods-cm -n openshift-sandboxed-containers-operator \ - --type merge -p "{\"data\":{\"LIBVIRT_IMAGE_ID\":\"\"}}" || + --type merge -p "{\"data\":{\"LIBVIRT_IMAGE_ID\":\"\"}}" || error_exit "Failed to delete the libvirt image id from peer-pods-cm configmap" echo "libvirt image id deleted from peer-pods-cm configmap successfully" } @@ -246,7 +247,7 @@ function display_help() { echo "-C Delete image" } -function install_packages(){ +function install_packages() { install_binary_packages @@ -257,28 +258,28 @@ function install_packages(){ subscription-manager register --org="${ORG_ID}" --activationkey="${ACTIVATION_KEY}" || error_exit "Failed to subscribe" fi - + subscription-manager repos --enable codeready-builder-for-rhel-9-"${ARCH}"-rpms || error_exit "Failed to enable codeready-builder" dnf install -y libvirt-client gcc file GO_VERSION="1.21.9" - curl https://dl.google.com/go/go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz -o go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz && \ - rm -rf /usr/local/go && tar -C /usr/local -xzf go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz && \ - rm -f go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz - export PATH="/usr/local/go/bin:"${PATH}"" + curl https://dl.google.com/go/go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz -o go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz && + rm -rf /usr/local/go && tar -C /usr/local -xzf go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz && + rm -f go"${GO_VERSION}".linux-"${ARCH/x86_64/amd64}".tar.gz + export PATH="/usr/local/go/bin:${PATH}" export GOPATH="/src" if [ "${ARCH}" == "s390x" ]; then # Build umoci from source for s390x as there are no prebuilt binaries mkdir -p umoci git clone https://github.com/opencontainers/umoci.git - cd umoci + cd umoci || error_exit "Failed to change directory to umoci" make cp -pr umoci /usr/local/bin/ fi - + if [[ "${IMAGE_TYPE}" == "operator-built" ]]; then dnf install -y genisoimage qemu-kvm @@ -286,7 +287,7 @@ function install_packages(){ # Build packer from source for s390x as there are no prebuilt binaries for the required packer version PACKER_VERSION="v1.9.4" git clone --depth 1 --single-branch https://github.com/hashicorp/packer.git -b "${PACKER_VERSION}" - cd packer + cd packer || error_exit "Failed to change directory to packer" sed -i -- "s/ALL_XC_ARCH=.*/ALL_XC_ARCH=\"${ARCH}\"/g" scripts/build.sh sed -i -- "s/ALL_XC_OS=.*/ALL_XC_OS=\"Linux\"/g" scripts/build.sh make bin && cp bin/packer /usr/local/bin/ @@ -299,7 +300,6 @@ function install_packages(){ git clone https://github.com/canonical/cloud-utils cd cloud-utils && make install fi - }