diff --git a/krm-functions/cloud-init/Dockerfile b/krm-functions/cloud-init/Dockerfile index eaa107c75..5b4f86f2c 100644 --- a/krm-functions/cloud-init/Dockerfile +++ b/krm-functions/cloud-init/Dockerfile @@ -1,6 +1,5 @@ ARG GO_IMAGE=quay.io/airshipit/golang:1.16.8-buster -ARG RELEASE_IMAGE=quay.io/airshipit/image-builder:k8s-1.21-latest-ubuntu_focal - +ARG RELEASE_IMAGE=quay.io/airshipit/alpine:3.13.5 FROM ${GO_IMAGE} as builder ARG GOPROXY="" @@ -29,4 +28,5 @@ RUN make ${MAKE_TARGET} FROM ${RELEASE_IMAGE} as release ARG MAKE_TARGET=bin/cloud-init COPY --from=builder /usr/src/airshipctl/${MAKE_TARGET} /usr/local/bin/config-function +USER 65534 CMD ["/usr/local/bin/config-function"] diff --git a/krm-functions/cloud-init/main.go b/krm-functions/cloud-init/main.go index c2bbf16d0..3870093b7 100644 --- a/krm-functions/cloud-init/main.go +++ b/krm-functions/cloud-init/main.go @@ -17,9 +17,7 @@ package main import ( "errors" "fmt" - "io" "os" - "os/exec" "path/filepath" "sigs.k8s.io/kustomize/api/provider" @@ -69,15 +67,6 @@ func docFromRNode(rnode *yaml.RNode) (document.Document, error) { return collection[0], nil } -func runCmd(cmd string, opts ...string) error { - c := exec.Command(cmd, opts...) - // allows to observe realtime output from script - w := io.Writer(os.Stderr) - c.Stdout = w - c.Stderr = w - return c.Run() -} - func main() { fn := func(rl *framework.ResourceList) error { functionConfigDocument, err := docFromRNode(rl.FunctionConfig) @@ -124,7 +113,7 @@ func main() { } rl.Items = []*yaml.RNode{} - return runCmd("/usr/bin/local/entrypoint.sh") + return nil } cmd := command.Build(framework.ResourceListProcessorFunc(fn), command.StandaloneEnabled, false) if err := cmd.Execute(); err != nil { diff --git a/manifests/phases/executors.yaml b/manifests/phases/executors.yaml index 133e05ee6..0a2dc3139 100644 --- a/manifests/phases/executors.yaml +++ b/manifests/phases/executors.yaml @@ -252,7 +252,7 @@ spec: apiVersion: airshipit.org/v1alpha1 kind: GenericContainer metadata: - name: iso-build-image + name: iso-cloud-init-data labels: airshipit.org/deploy-k8s: "false" spec: @@ -263,19 +263,6 @@ spec: src: /srv/images dst: /config rw: true - envVars: - - IMAGE_TYPE=iso - - BUILDER_CONFIG=/config/builder-conf.yaml - - USER_DATA_FILE=user-data - - NET_CONFIG_FILE=network-data - - OUTPUT_FILE_NAME=ephemeral.iso - - OUTPUT_METADATA_FILE_NAME=output1-metadata.yaml - - http_proxy - - https_proxy - - HTTP_PROXY - - HTTPS_PROXY - - no_proxy - - NO_PROXY config: | apiVersion: airshipit.org/v1alpha1 kind: IsoConfiguration @@ -294,6 +281,47 @@ config: | outputFileName: ephemeral.iso container: volume: /srv/images:/config # for compatibility with image-builder + +--- +apiVersion: airshipit.org/v1alpha1 +kind: GenericContainer +metadata: + name: iso-build-image + labels: + airshipit.org/deploy-k8s: "false" +spec: + type: airship + airship: + privileged: true + containerRuntime: docker + cmd: + - /bin/bash + - -c + - /usr/bin/local/entrypoint.sh 1>&2 + image: quay.io/airshipit/image-builder:k8s-1.19-latest-ubuntu_focal + mounts: + - type: bind + src: /srv/images + dst: /config + rw: true + envVars: + - IMAGE_TYPE=iso + - BUILDER_CONFIG=/config/builder-conf.yaml + - USER_DATA_FILE=user-data + - NET_CONFIG_FILE=network-data + - OUTPUT_FILE_NAME=ephemerial.iso + - OUTPUT_METADATA_FILE_NAME=output-metadata.yaml + - http_proxy + - https_proxy + - HTTP_PROXY + - HTTPS_PROXY + - no_proxy + - NO_PROXY +config: | + apiVersion: airshipit.org/v1alpha1 + kind: DoesNotMatter + metadata: + name: isogen --- apiVersion: airshipit.org/v1alpha1 kind: GenericContainer diff --git a/manifests/phases/phases.yaml b/manifests/phases/phases.yaml index 627830d7f..44ab8cbfc 100644 --- a/manifests/phases/phases.yaml +++ b/manifests/phases/phases.yaml @@ -249,6 +249,17 @@ config: --- apiVersion: airshipit.org/v1alpha1 kind: Phase +metadata: + name: iso-cloud-init-data +config: + executorRef: + apiVersion: airshipit.org/v1alpha1 + kind: GenericContainer + name: iso-cloud-init-data + documentEntryPoint: ephemeral/bootstrap +--- +apiVersion: airshipit.org/v1alpha1 +kind: Phase metadata: name: iso-build-image config: @@ -256,7 +267,6 @@ config: apiVersion: airshipit.org/v1alpha1 kind: GenericContainer name: iso-build-image - documentEntryPoint: ephemeral/bootstrap --- apiVersion: airshipit.org/v1alpha1 kind: Phase diff --git a/manifests/phases/replacements/versions.yaml b/manifests/phases/replacements/versions.yaml index 20dd99f3d..9d8c924a1 100644 --- a/manifests/phases/replacements/versions.yaml +++ b/manifests/phases/replacements/versions.yaml @@ -6,4 +6,15 @@ metadata: config.kubernetes.io/function: |- container: image: localhost/replacement-transformer -replacements: [] +replacements: +- source: + objref: + kind: VersionsCatalogue + name: versions-airshipctl + fieldref: spec.images.image_builder.image_builder.image_builder.image + target: + objref: + kind: GenericContainer + name: iso-build-image + fieldrefs: ["spec.image"] + diff --git a/manifests/type/gating/phases/plan.yaml b/manifests/type/gating/phases/plan.yaml index ac9b7421e..95d408eb5 100644 --- a/manifests/type/gating/phases/plan.yaml +++ b/manifests/type/gating/phases/plan.yaml @@ -131,6 +131,7 @@ metadata: name: iso description: "Runs phases to build iso image" phases: + - name: iso-cloud-init-data - name: iso-build-image validation: kindsToSkip: diff --git a/tools/deployment/24_build_images.sh b/tools/deployment/24_build_images.sh index 78d0f0bdf..f45ecfadd 100755 --- a/tools/deployment/24_build_images.sh +++ b/tools/deployment/24_build_images.sh @@ -31,7 +31,7 @@ sudo chown -R ${USER_NAME} ${IMAGE_DIR} unset IFS for plan in $IMAGE_PHASE_PLANS; do echo "Build phase plan: $plan" - sudo --preserve-env=SOPS_IMPORT_PGP airshipctl plan run $plan --debug + airshipctl plan run $plan --debug done echo "List generated images"