Merge pull request #22 from flatcar/kai/release-with-arch

release: Rework publishing to mark the arch and add sysupdate conf files
flatcar · Sep 1, 2023 · c0322ce · c0322ce
2 parents 6344016 + db18f79
commit c0322ce
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 65 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -15,7 +15,7 @@ jobs:
       # build the images and generate a manifest
       - name: build
         run: |
-          set -euo pipefail
+          set -euxo pipefail
 
           sudo apt update -qq && sudo apt install -yqq \
             curl \
@@ -33,10 +33,35 @@ jobs:
           for image in ${images[@]}; do
               component="${image%-*}"
               version="${image#*-}"
-              "./create_${component}_sysext.sh" "${version}" "${component}"
-              mv "${component}.raw" "${image}.raw"
+              for arch in x86-64 arm64; do
+                ARCH="${arch}" "./create_${component}_sysext.sh" "${version}" "${component}"
+                mv "${component}.raw" "${image}-${arch}.raw"
+              done
+              cat << EOF > "${component}.conf"
+           [Transfer]
+           Verify=false
+           [Source]
+           Type=url-file
+           Path=https://github.com/flatcar/sysext-bakery/releases/latest/download/
+           MatchPattern=${component}-@v-%a.raw
+           [Target]
+           InstancesMax=3
+           Type=regular-file
+           Path=/opt/extensions/${component}
+           CurrentSymlink=/etc/extensions/${component}.raw
+          EOF
           done
 
+          cat << EOF > "noop.conf"
+          [Source]
+          Type=regular-file
+          Path=/
+          MatchPattern=invalid@v.raw
+          [Target]
+          Type=regular-file
+          Path=/
+          EOF
+
           sha256sum *.raw > SHA256SUMS
       # create a Github release with the generated artifacts
       - name: release
@@ -45,3 +70,4 @@ jobs:
           files: |
             SHA256SUMS
             *.raw
+            *.conf
diff --git a/README.md b/README.md
@@ -88,18 +88,27 @@ variant: flatcar
 version: 1.0.0
 storage:
   files:
-    - path: /opt/extensions/docker/docker-24.0.5.raw
+    - path: /opt/extensions/docker/docker-24.0.5-x86-64.raw
       contents:
-        source: https://github.com/flatcar/sysext-bakery/releases/download/20230803/docker-24.0.5.raw
-    - path: /opt/extensions/kubernetes/kubernetes-v1.27.4.raw
+        source: https://github.com/flatcar/sysext-bakery/releases/download/20230901/docker-24.0.5-x86-64.raw
+    - path: /opt/extensions/kubernetes/kubernetes-v1.27.4-x86-64.raw
       contents:
-        source: https://github.com/flatcar/sysext-bakery/releases/download/20230803/kubernetes-v1.27.4.raw
+        source: https://github.com/flatcar/sysext-bakery/releases/download/20230901/kubernetes-v1.27.4-x86-64.raw
     - path: /etc/systemd/system-generators/torcx-generator
+    - path: /etc/sysupdate.d/noop.conf
+      contents:
+        source: https://github.com/flatcar/sysext-bakery/releases/download/20230901/noop.conf
+    - path: /etc/sysupdate.docker.d/docker.conf
+      contents:
+        source: https://github.com/flatcar/sysext-bakery/releases/download/20230901/docker.conf
+    - path: /etc/sysupdate.kubernetes.d/kubernetes.conf
+      contents:
+        source: https://github.com/flatcar/sysext-bakery/releases/download/20230901/kubernetes.conf
   links:
-    - target: /opt/extensions/docker/docker-24.0.5.raw
+    - target: /opt/extensions/docker/docker-24.0.5-x86-64.raw
       path: /etc/extensions/docker.raw
       hard: false
-    - target: /opt/extensions/kubernetes/kubernetes-v1.27.4.raw
+    - target: /opt/extensions/kubernetes/kubernetes-v1.27.4-x86-64.raw
       path: /etc/extensions/kubernetes.raw
       hard: false
     - path: /etc/extensions/docker-flatcar.raw
@@ -108,58 +117,6 @@ storage:
     - path: /etc/extensions/containerd-flatcar.raw
       target: /dev/null
       overwrite: true
-```
-
-In the generated artifacts, there is a `SHA256SUMS` holding the list of built images with their respective SHA256 digest. It allows to use `https://github.com/flatcar/sysext-bakery/releases/latest/download/` in a [`systemd-sysupdate`](https://www.freedesktop.org/software/systemd/man/sysupdate.d.html) configuration file, example:
-```yaml
-# butane < config.yaml > config.json
-# ./flatcar_production_qemu.sh -i ./config.json
-variant: flatcar
-version: 1.0.0
-storage:
-  files:
-    - path: /etc/sysupdate.d/noop.conf
-      contents:
-        inline: |
-          [Source]
-          Type=regular-file
-          Path=/
-          MatchPattern=invalid@v.raw
-          [Target]
-          Type=regular-file
-          Path=/
-    - path: /etc/sysupdate.kubernetes.d/kubernetes.conf
-      contents:
-        inline: |
-          [Transfer]
-          Verify=false
-
-          [Source]
-          Type=url-file
-          Path=https://github.com/flatcar/sysext-bakery/releases/latest/download/
-          MatchPattern=kubernetes-@v.raw
-
-          [Target]
-          InstancesMax=3
-          Type=regular-file
-          Path=/opt/extensions/kubernetes
-          CurrentSymlink=/etc/extensions/kubernetes.raw
-    - path: /etc/sysupdate.docker.d/docker.conf
-      contents:
-        inline: |
-          [Transfer]
-          Verify=false
-
-          [Source]
-          Type=url-file
-          Path=https://github.com/flatcar/sysext-bakery/releases/latest/download/
-          MatchPattern=docker-@v.raw
-
-          [Target]
-          InstancesMax=3
-          Type=regular-file
-          Path=/opt/extensions/docker
-          CurrentSymlink=/etc/extensions/docker.raw
 systemd:
   units:
     - name: systemd-sysupdate.timer
@@ -180,6 +137,13 @@ systemd:
             ExecStartPost=systemctl restart systemd-sysext
 ```
 
+This also configures systemd-sysupdate for auto-updates. The `noop.conf` is a workaround for systemd-sysupdate to run without error messages.
+Since the configuration sets up a custom Docker version, it also disables Torcx and the future `docker-flatcar` and `containerd-flatcar` extensions to prevent conflicts.
+
+In the [Flatcar docs](https://www.flatcar.org/docs/latest/provisioning/sysext/) you can find an Ignition configuration that explicitly sets the update configurations instead of downloading them.
+
+The updates works by [`systemd-sysupdate`](https://www.freedesktop.org/software/systemd/man/sysupdate.d.html) fetching the `SHA256SUMS` file of the generated artifacts, which holds the list of built images with their respective SHA256 digest.
+
 ### Creating a custom Docker sysext image
 
 The Docker releases publish static binaries including containerd and the only missing piece are the systemd units.
@@ -193,7 +157,7 @@ To ease the process, the `create_docker_sysext.sh` helper script takes care of d
 Pass the `OS` or `ARCH` environment variables to build for another target than Flatcar amd64, e.g., for any distro with arm64:
 
 ```
-OS=_any ARCH=aarch64 ./create_docker_sysext.sh 20.10.13 mydocker
+OS=_any ARCH=arm64 ./create_docker_sysext.sh 20.10.13 mydocker
 [… writes mydocker.raw into current directory …]
 ```
 

diff --git a/create_kubernetes_sysext.sh b/create_kubernetes_sysext.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 set -euo pipefail
 
-export ARCH="${ARCH-amd64}"
+export ARCH="${ARCH-x86-64}"
 SCRIPTFOLDER="$(dirname "$(readlink -f "$0")")"
 
 if [ $# -lt 2 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
@@ -18,9 +18,15 @@ fi
 VERSION="$1"
 SYSEXTNAME="$2"
 CNI_VERSION="${3-latest}"
-if [ "${ARCH}" = aarch64 ]; then
-  ARCH=arm64
+
+# The github release uses different arch identifiers (not the same as in the other scripts here),
+# we map them here and rely on bake.sh to map them back to what systemd expects
+if [ "${ARCH}" = "x86_64" ] || [ "${ARCH}" = "x86-64" ]; then
+  ARCH="amd64"
+elif [ "${ARCH}" = "aarch64" ]; then
+  ARCH="arm64"
 fi
+
 rm -f kubectl kubeadm kubelet
 
 # install kubernetes binaries.