Skip to content

Commit

Permalink
feat(builder-indexes): yaml file for builderrepo
Browse files Browse the repository at this point in the history
Signed-off-by: Lyonel Martinez <lyonel.martinez@numberly.com>
  • Loading branch information
Lowaiz authored and poiana committed Mar 24, 2023
1 parent f5ce926 commit 197a3a9
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 24 deletions.
2 changes: 1 addition & 1 deletion cmd/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ func NewRootCmd() *RootCmd {
flags.StringVar(&rootOpts.ModuleDeviceName, "moduledevicename", rootOpts.ModuleDeviceName, "kernel module device name (the default is falco, so the device will be under /dev/falco*)")
flags.StringVar(&rootOpts.ModuleDriverName, "moduledrivername", rootOpts.ModuleDriverName, "kernel module driver name, i.e. the name you see when you check installed modules via lsmod")
flags.StringVar(&rootOpts.BuilderImage, "builderimage", rootOpts.BuilderImage, "docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.")
flags.StringSliceVar(&rootOpts.BuilderRepos, "builderrepo", rootOpts.BuilderRepos, "list of docker repositories or file (absolute path) containing builder images index with the format '<image>,<target>,<gcc-version>[,<gcc-version>,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0")
flags.StringSliceVar(&rootOpts.BuilderRepos, "builderrepo", rootOpts.BuilderRepos, "list of docker repositories or yaml file (absolute path) containing builder images index with the format 'images: [ { target:<target>, name:<image-name>, gcc_versions: [ <gcc-tag> ] },...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo '/path/to/my/index.yaml'.")
flags.StringVar(&rootOpts.GCCVersion, "gccversion", rootOpts.GCCVersion, "enforce a specific gcc version for the build")

flags.StringSliceVar(&rootOpts.KernelUrls, "kernelurls", nil, "list of kernel header urls (e.g. --kernelurls <URL1> --kernelurls <URL2> --kernelurls \"<URL3>,<URL4>\")")
Expand Down
2 changes: 1 addition & 1 deletion cmd/root_options.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ type RootOptions struct {
Target string `validate:"required,target" name:"target"`
KernelConfigData string `validate:"omitempty,base64" name:"kernel config data"` // fixme > tag "name" does not seem to work when used at struct level, but works when used at inner level
BuilderImage string `validate:"omitempty,imagename" name:"builder image"`
BuilderRepos []string `default:"[\"docker.io/falcosecurity/driverkit\"]" validate:"omitempty" name:"docker repositories to look for builder images or absolute path pointing to a file container builder image index"`
BuilderRepos []string `default:"[\"docker.io/falcosecurity/driverkit\"]" validate:"omitempty" name:"docker repositories to look for builder images or absolute path pointing to a yaml file containing builder image index"`
GCCVersion string `validate:"omitempty,semvertolerant" name:"gcc version"`
KernelUrls []string `name:"kernel header urls"`
Repo RepoOptions
Expand Down
2 changes: 1 addition & 1 deletion cmd/testdata/templates/flags.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
Flags:
--architecture string target architecture for the built driver, one of {{ .Architectures }} (default "{{ .CurrentArch }}")
--builderimage string docker image to be used to build the kernel module and eBPF probe. If not provided, an automatically selected image will be used.
--builderrepo strings list of docker repositories or file (absolute path) containing builder images index with the format '<image>,<target>,<gcc-version>[,<gcc-version>,...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo /path/to/my/index.txt. Index file line exmaple: yourorg/driverkit-builder;any;4.9.0;5.0.0;6.0.0;8.0.0 (default [docker.io/falcosecurity/driverkit])
--builderrepo strings list of docker repositories or yaml file (absolute path) containing builder images index with the format 'images: [ { target:<target>, name:<image-name>, gcc_versions: [ <gcc-tag> ] },...]', in descending priority order. Used to search for builder images. eg: --builderrepo myorg/driverkit --builderrepo falcosecurity/driverkit --builderrepo '/path/to/my/index.yaml'. (default [docker.io/falcosecurity/driverkit])
-c, --config string config file path (default $HOME/.driverkit.yaml if exists)
--driverversion string driver version as a git commit hash or as a git tag (default "master")
--dryrun do not actually perform the action
Expand Down
9 changes: 9 additions & 0 deletions docs/index.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
images:
- name: docker.io/falcosecurity/driverkit-builder-any-x86_64_gcc8.0.0_gcc6.0.0_gcc5.0.0_gcc4.9.0_gcc4.8.0
target: any
gcc_versions:
- 8.0.0
- 6.0.0
- 5.0.0
- 4.9.0
- 4.8.0
51 changes: 30 additions & 21 deletions pkg/driverbuilder/builder/image.go
Original file line number Diff line number Diff line change
@@ -1,21 +1,30 @@
package builder

import (
"bufio"
"context"
"fmt"
"github.com/blang/semver"
"github.com/docker/docker/api/types"
"github.com/docker/docker/client"
"github.com/falcosecurity/driverkit/pkg/kernelrelease"
logger "github.com/sirupsen/logrus"
"gopkg.in/yaml.v3"
"log"
"os"
"regexp"
"strconv"
"strings"
)

type YAMLImage struct {
Target string `yaml:"target"`
GCCVersions []string `yaml:"gcc_versions"` // we expect images to internally link eg: gcc5 to gcc5.0.0
Name string `yaml:"name"`
}

type YAMLImagesList struct {
Images []YAMLImage `yaml:"images"`
}

type Image struct {
Target Type
GCCVersion semver.Version // we expect images to internally link eg: gcc5 to gcc5.0.0
Expand Down Expand Up @@ -64,36 +73,36 @@ func (im ImagesMap) findImage(target Type, gccVers semver.Version) (Image, bool)

func (f *FileImagesLister) LoadImages() []Image {
// loop over lines in file to print them
file, err := os.Open(f.FilePath)
file, err := os.ReadFile(f.FilePath)
if err != nil {
logger.WithError(err).WithField("FilePath", f.FilePath).Fatal("error opening builder repo file")
}
scanner := bufio.NewScanner(file)

var imageList YAMLImagesList
var res []Image
for scanner.Scan() {
infos := strings.Split(scanner.Text(), ",")
if len(infos) < 3 {
logger.WithField("FilePath", f.FilePath).WithField("line", scanner.Text()).Fatal("Invalid image list file: expected at least 3 fields (name,target,gcc_version) but got " + strconv.Itoa(len(infos)) + ".")

err = yaml.Unmarshal(file, &imageList)
if err != nil {
logger.WithError(err).WithField("FilePath", f.FilePath).Fatal("error unmarshalling builder repo file")
}

if len(imageList.Images) == 0 {
logger.WithField("FilePath", f.FilePath).Warning("Invalid image list file: expected at least 1 image")
}

for _, image := range imageList.Images {
if len(image.GCCVersions) == 0 {
logger.WithField("FilePath", f.FilePath).WithField("image", image).Fatal("Invalid image list file: expected at least 1 gcc version")
}
name := infos[0]
target := Type(infos[1])
gccVersions := infos[2:]
for _, gcc := range gccVersions {
for _, gcc := range image.GCCVersions {
buildImage := Image{
Name: name,
Target: target,
Name: image.Name,
Target: Type(image.Target),
GCCVersion: mustParseTolerant(gcc),
}
res = append(res, buildImage)
}
}
if err := scanner.Err(); err != nil {
logger.WithField("file", file.Name()).WithError(err).Fatal()
}
err = file.Close()
if err != nil {
logger.WithField("file", file.Name()).WithError(err).Fatal()
}
return res
}

Expand Down

0 comments on commit 197a3a9

Please sign in to comment.