diff --git a/cmd/root_options.go b/cmd/root_options.go index 6c24ff48..fa54ac1e 100644 --- a/cmd/root_options.go +++ b/cmd/root_options.go @@ -33,7 +33,7 @@ type RootOptions struct { Target string `validate:"required,target" name:"target"` KernelConfigData string `validate:"omitempty,base64" name:"kernel config data"` // fixme > tag "name" does not seem to work when used at struct level, but works when used at inner level BuilderImage string `validate:"omitempty,imagename" name:"builder image"` - BuilderRepos []string `validate:"omitempty" name:"docker repositories to look for builder images or absolute path pointing to a file container builder image index"` + BuilderRepos []string `default:"[\"docker.io/falcosecurity/driverkit\"]" validate:"omitempty" name:"docker repositories to look for builder images or absolute path pointing to a file container builder image index"` GCCVersion string `validate:"omitempty,semvertolerant" name:"gcc version"` KernelUrls []string `name:"kernel header urls"` Repo RepoOptions @@ -135,10 +135,6 @@ func (ro *RootOptions) toBuild() *builder.Build { Images: make(builder.ImagesMap), } - if len(build.BuilderRepos) == 0 { - build.BuilderRepos = append(build.BuilderRepos, "docker.io/falcosecurity/driverkit") - } - // loop over BuilderRepos to constuct the list ImagesListers based on the value of the builderRepo, if it's a local path, add FileImagesLister, otherwise add RepoImagesLister for _, builderRepo := range build.BuilderRepos { if strings.HasPrefix(builderRepo, "/") { diff --git a/cmd/testdata/templates/flags.txt b/cmd/testdata/templates/flags.txt index 69c8c848..48bf1d75 100644 --- a/cmd/testdata/templates/flags.txt +++ b/cmd/testdata/templates/flags.txt @@ -1,7 +1,7 @@ Flags: --architecture string target architecture for the built driver, one of {{ .Architectures }} (default "{{ .CurrentArch }}") --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) -c, --config string config file path (default $HOME/.driverkit.yaml if exists) --driverversion string driver version as a git commit hash or as a git tag (default "master") --dryrun do not actually perform the action diff --git a/docs/driverkit.md b/docs/driverkit.md index eb288040..1f062b88 100644 --- a/docs/driverkit.md +++ b/docs/driverkit.md @@ -11,7 +11,7 @@ driverkit ``` --architecture string target architecture for the built driver, one of [amd64,arm64] (default "amd64") --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) -c, --config string config file path (default $HOME/.driverkit.yaml if exists) --driverversion string driver version as a git commit hash or as a git tag (default "master") --dryrun do not actually perform the action diff --git a/docs/driverkit_docker.md b/docs/driverkit_docker.md index 22e6fe0f..8526d2b6 100644 --- a/docs/driverkit_docker.md +++ b/docs/driverkit_docker.md @@ -11,7 +11,7 @@ driverkit docker [flags] ``` --architecture string target architecture for the built driver, one of [amd64,arm64] (default "amd64") --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) -c, --config string config file path (default $HOME/.driverkit.yaml if exists) --driverversion string driver version as a git commit hash or as a git tag (default "master") --dryrun do not actually perform the action diff --git a/docs/driverkit_images.md b/docs/driverkit_images.md index d0be3af8..04accc7a 100644 --- a/docs/driverkit_images.md +++ b/docs/driverkit_images.md @@ -11,7 +11,7 @@ driverkit images [flags] ``` --architecture string target architecture for the built driver, one of [amd64,arm64] (default "amd64") --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) -c, --config string config file path (default $HOME/.driverkit.yaml if exists) --driverversion string driver version as a git commit hash or as a git tag (default "master") --dryrun do not actually perform the action diff --git a/docs/driverkit_kubernetes-in-cluster.md b/docs/driverkit_kubernetes-in-cluster.md index e0255655..c28c276d 100644 --- a/docs/driverkit_kubernetes-in-cluster.md +++ b/docs/driverkit_kubernetes-in-cluster.md @@ -11,7 +11,7 @@ driverkit kubernetes-in-cluster [flags] ``` --architecture string target architecture for the built driver, one of [amd64,arm64] (default "amd64") --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) -c, --config string config file path (default $HOME/.driverkit.yaml if exists) --driverversion string driver version as a git commit hash or as a git tag (default "master") --dryrun do not actually perform the action diff --git a/docs/driverkit_kubernetes.md b/docs/driverkit_kubernetes.md index fcd2662c..eb590ff2 100644 --- a/docs/driverkit_kubernetes.md +++ b/docs/driverkit_kubernetes.md @@ -14,7 +14,7 @@ driverkit kubernetes [flags] --as-group stringArray group to impersonate for the operation, this flag can be repeated to specify multiple groups --as-uid string uID to impersonate for the operation --builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used. - --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 + --builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format ',,[,,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit]) --cache-dir string default cache directory (default "$HOME/.kube/cache") --certificate-authority string path to a cert file for the certificate authority --client-certificate string path to a client certificate file for TLS diff --git a/pkg/driverbuilder/builder/image.go b/pkg/driverbuilder/builder/image.go index c8153f52..ab6d3583 100644 --- a/pkg/driverbuilder/builder/image.go +++ b/pkg/driverbuilder/builder/image.go @@ -27,7 +27,6 @@ type ImagesLister interface { } type FileImagesLister struct { - file *os.File FilePath string } @@ -102,7 +101,7 @@ func NewRepoImagesLister(repo string, build *Build) *RepoImagesLister { if len(repoRegs) == 0 { // Create the proper regexes to load "any" and target-specific images for requested arch arch := kernelrelease.Architecture(build.Architecture).ToNonDeb() - targetFmt := fmt.Sprintf("driverkit-builder-%s-%s(?P(_gcc[0-9]+.[0-9]+.[0-9]+)+)$", build.TargetType.String(), arch) + targetFmt := fmt.Sprintf("driverkit-builder-(?P%s)-%s(?P(_gcc[0-9]+.[0-9]+.[0-9]+)+)$", build.TargetType.String(), arch) repoRegs = append(repoRegs, regexp.MustCompile(targetFmt)) genericFmt := fmt.Sprintf("driverkit-builder-any-%s(?P(_gcc[0-9]+.[0-9]+.[0-9]+)+)$", arch) repoRegs = append(repoRegs, regexp.MustCompile(genericFmt)) @@ -122,19 +121,22 @@ func (repo *RepoImagesLister) LoadImages() []Image { } var res []Image for _, img := range imgs { - for regIdx, reg := range repoRegs { + for _, reg := range repoRegs { match := reg.FindStringSubmatch(img.Name) if len(match) == 0 { continue } var gccVers []string + target := "" for i, name := range reg.SubexpNames() { if i > 0 && i <= len(match) { switch name { case "gccVers": gccVers = strings.Split(match[i], "_gcc") gccVers = gccVers[1:] // remove initial whitespace + case "target": + target = match[i] } } } @@ -155,8 +157,8 @@ func (repo *RepoImagesLister) LoadImages() []Image { GCCVersion: mustParseTolerant(gccVer), Name: img.Name, } - if regIdx == 0 { - buildImage.Target = Type("target-placeholder") + if target != "" { + buildImage.Target = Type(target) } else { buildImage.Target = Type("any") } @@ -173,13 +175,13 @@ func (b *Build) LoadImages() { if b.GCCVersion != "" && b.GCCVersion != image.GCCVersion.String() { continue } - if image.Target == "target-placeholder" { - image.Target = b.TargetType - } // Skip if key already exists: we have a descending prio list of docker repos! if _, ok := b.Images[image.toKey()]; !ok { b.Images[image.toKey()] = image } } } + if len(b.Images) == 0 { + logger.Fatal("Could not load any builder image. Leaving.") + } }