Add support for Windows (cross compiled) #108
Conversation
There was a problem hiding this comment.
For tests, I'd like to move over to using the new integration test suite.
Additionally I really don't want to be building containerd (or runc) on every test run.
This is part of why I'm pushing for inline sources (#98).
We can test that a spec does everything we expect it to without having to build a bunch of projects.
We can of course add an e2e suite (later) that double checks real projects, but probably I'd only run it either on merge or before releases.
|
This same logic of entering a subshell, adding env vars with export before command, and writing the command, is re-used now across several places (RPM, Jammy PR, now here). I wonder if we can abstract this out into a separate function or consider how best to reduce duplicated code here
I copied/pasted this from Brian's jammy PR, we should definitely abstract 🙂
|
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
fcdb783
to
7e2e52c
Compare
|
Looks like the rebase on this was incomplete. |
Working on it now |
frontend/windows/handle_zip.go
Outdated
| ) | ||
|
|
||
| var ( | ||
| varCacheAptMount = llb.AddMount("/var/cache/apt", llb.Scratch(), llb.AsPersistentCacheDir("dalec-windows-var-cache-apt", llb.CacheMountLocked)) |
There was a problem hiding this comment.
For these to work, we also need to remove /etc/apt/apt.conf.d/docker-clean from the base image.
You should be able to acheive this by mounting over the file, like llb.AddMount("/etc/apt/apt.conf.d/docker-clean", llb.Scratch())
There was a problem hiding this comment.
Just a thought, you could have all this stored as a RunOpt.
There was a problem hiding this comment.
- (Peter) Fix this
test/fixtures/moby-containerd.yml
Outdated
| # syntax=ghcr.io/azure/dalec/frontend:latest | ||
|
|
||
| # TODO: The spec is not currently setting the revision in the containerd version | ||
| # This should be fixed before this spec is used to build a real package. | ||
|
|
||
| args: | ||
| CONTAINERD_COMMIT: 7c3aca7a610df76212171d200ca3811ff6096eb8 | ||
| REVISION: 1 | ||
| VERSION: "1.7.13" | ||
| HCS_SHIM_REPO: https://github.com/Microsoft/hcsshim.git | ||
|
|
||
| name: moby-containerd | ||
| description: | | ||
| Industry-standard container runtime | ||
| containerd is an industry-standard container runtime with an emphasis on | ||
| simplicity, robustness and portability. It is available as a daemon for Linux | ||
| and Windows, which can manage the complete container lifecycle of its host | ||
| system: image transfer and storage, container execution and supervision, | ||
| low-level storage and network attachments, etc. | ||
| . | ||
| containerd is designed to be embedded into a larger system, rather than being | ||
| used directly by developers or end-users. | ||
| website: https://containerd.io/ | ||
| version: ${VERSION} | ||
| revision: ${REVISION} | ||
| vendor: Moby | ||
|
|
||
| targets: # Distro specific build requirements | ||
| windows: | ||
| dependencies: | ||
| build: | ||
| golang-1.20: | ||
|
|
||
| packager: Microsoft <[email protected]> | ||
| license: Apache 2.0 | ||
| sources: | ||
| containerd: | ||
| git: | ||
| url: https://github.com/containerd/containerd.git | ||
| commit: "${CONTAINERD_COMMIT}" | ||
| hcsshim: | ||
| path: /build/_out | ||
| image: | ||
| ref: mcr.microsoft.com/oss/go/microsoft/golang:1.20 | ||
| cmd: | ||
| dir: /build/containerd | ||
| steps: | ||
| - command: | | ||
| apt update && apt install -y jq | ||
| shim_mod_dir="$( | ||
| go mod download -json github.com/Microsoft/hcsshim | jq -r '.Dir' | ||
| )" | ||
| chmod +w -R "$shim_mod_dir" | ||
| mv "$shim_mod_dir"/* /build/_out | ||
| cd /build/_out | ||
| go mod vendor | ||
| mounts: | ||
| - dest: /build/containerd/go.mod | ||
| spec: | ||
| path: /go.mod | ||
| git: | ||
| url: https://github.com/containerd/containerd.git | ||
| commit: "${CONTAINERD_COMMIT}" | ||
|
|
||
|
|
||
| build: | ||
| env: | ||
| CGO_ENABLED: 1 | ||
| GOOS: windows | ||
| GOGC: "off" | ||
| GOPROXY: "off" | ||
| GOFLAGS: -trimpath | ||
| VERSION: ${VERSION} | ||
| COMMIT: ${CONTAINERD_COMMIT} | ||
| GOROOT: /usr/lib/go-1.20 | ||
| CC: x86_64-w64-mingw32-gcc | ||
| steps: | ||
| - command: | | ||
| set -e | ||
| export PATH="${GOROOT}/bin:${PATH}" | ||
| cd containerd | ||
| make VERSION="$VERSION" REVISION="$COMMIT" DESTDIR=./bin binaries | ||
| rm -f bin/containerd-stress.exe | ||
| - command: | | ||
| set -e | ||
| export PATH="${GOROOT}/bin:${PATH}" | ||
| cd hcsshim | ||
| GO111MODULE=on go build \ | ||
| -mod=vendor \ | ||
| -o bin/containerd-shim-runhcs-v1.exe \ | ||
| ./cmd/containerd-shim-runhcs-v1 | ||
|
|
||
| artifacts: | ||
| binaries: | ||
| hcsshim/bin/containerd-shim-runhcs-v1.exe: | ||
| containerd/bin/containerd.exe: | ||
| containerd/bin/ctr.exe: |
There was a problem hiding this comment.
Can we move this to an integration test?
We do have a (somewhat) generic test function that could possible be reused here.
It may need an extra option or something since we can't really test any container output at this time.
There was a problem hiding this comment.
- Move yaml fixtures to integration test suit
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
e2e16b0
to
76545ad
Compare
|
Just pushed a few changes. We should have a working container target, but I haven't migrated the test yet. |
frontend/windows/handle_zip.go
Outdated
| ) | ||
|
|
||
| var ( | ||
| varCacheAptMount = llb.AddMount("/var/cache/apt", llb.Scratch(), llb.AsPersistentCacheDir("dalec-windows-var-cache-apt", llb.CacheMountLocked)) |
There was a problem hiding this comment.
Just a thought, you could have all this stored as a RunOpt.
frontend/windows/handle_zip.go
Outdated
|
|
||
| func SpecToSourcesLLB(spec *dalec.Spec, sOpt dalec.SourceOpts) (map[string]llb.State, error) { | ||
| m := make(map[string]llb.State, len(spec.Sources)) | ||
| keys := dalec.SortMapKeys(spec.Sources) |
There was a problem hiding this comment.
This sorting isn't doing anything since it is putting everything back into a map.
There was a problem hiding this comment.
The calls to AsState don't matter? I was thinking that because we're manipulating LLB we want to do them in the same order so we don't get cache misses. LMK if that doesn't matter here.
There was a problem hiding this comment.
The states are all separate from each other and do not interact at all until we actually copy them to a merged llb.State.
There was a problem hiding this comment.
- Remove sorting here
frontend/windows/handle_zip.go
Outdated
| f(ei) | ||
| } | ||
|
|
||
| func SpecToSourcesLLB(spec *dalec.Spec, sOpt dalec.SourceOpts) (map[string]llb.State, error) { |
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
fc38d4f
to
014b5da
Compare
Creates the broad structure for a windows target. Modeled after the mariner target. Signed-off-by: Peter Engelbert <[email protected]>
Inspired by github.com/Azure/moby-packaging Signed-off-by: Peter Engelbert <[email protected]>
This will be used for testing during the development of the target. Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Currently this has only been tested for the moby-containerd spec in test/fixtures. Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
This reverts commit 251a6b1.
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Please the linter Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]> Refactor Signed-off-by: Peter Engelbert <[email protected]> Revert "Refactor" This reverts commit 9ac4675b4c3d3c19539266b5f20d76f97e9d6b84.
This reverts parts of commit 845d6a1. Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
c317605
to
b4cfaa5
Compare
Signed-off-by: Peter Engelbert <[email protected]>
frontend/imgconfig.go
Outdated
| return &img, nil | ||
| } | ||
|
|
||
| func getBaseOutputImage(spec *dalec.Spec, target, defaultBase string) string { |
There was a problem hiding this comment.
Let's make this exported.
Then we can pass in the output of this as in input to BuildImageConfig, which removes a function paramerter for BuildImageConfig.
Signed-off-by: Peter Engelbert <[email protected]>
Dockerfile
Outdated
| @@ -4,8 +4,8 @@ FROM go AS frontend-build | |||
| WORKDIR /build | |||
| COPY . . | |||
| ENV CGO_ENABLED=0 GOFLAGS=-trimpath | |||
| ARG TARGETARCH TARGETOS | |||
| ENV GOOS=${TARGETOS} GOARCH=${TARGETARCH} | |||
| ARG TARGETARCH TARGETOS GOFLAGS | |||
There was a problem hiding this comment.
The purpose of this is to make it easier to build the binaries with debug symbols and without optimizations. I find it helpful to compile a debug version, and then attach to the frontend process with a debugger. I had been manually editing the Dockerfile to add -gcflags=all="-N -l" in the go compilation commands. I kept accidentally checking in the changes. It also got annoying having to add it over and over.
There was a problem hiding this comment.
I think this would need to go above the ENV line with GOFLAGS with the default value for the arg as -trimpath.
source.go
Outdated
| states[sourceName] = patchSource(worker, sourceState, states, patches, withConstraints(opts)) | ||
|
|
||
| var nestedPath string | ||
| if SourceIsDir(spec.Sources[sourceName]) { |
There was a problem hiding this comment.
This is new behavior that is not mimicked in the rpm patcher.
Was there a particular reason to add it?
There was a problem hiding this comment.
I think the reason it was added here (correct me if I'm wrong @pmengelbert) is because specToSourcesLLB takes the extra step of nesting a source within a directory in the LLB itself. I.e., the LLB contains the directory as well as the contents. I think that nesting step could be moved out of spectToSourcesLLB (if indeed it is needed), so we don't have to handle that behavior here. Otherwise, we could use patch -d which I believe is how it works in the rpm patcher?
There was a problem hiding this comment.
@adamperlin yes that's correct. I went back and changed specToSourcesLLB so that it doesn't nest the sources in the directories. Now that's happening in the RunOpt that mounts the sources. I restored the two patching functions (the public and private) to the original versions. This is much cleaner. Thanks for pointing this out @cpuguy83.
This is done
There was a problem hiding this comment.
This is not done. Working on it now.
There was a problem hiding this comment.
Now this is done.
frontend/windows/handle_container.go
Outdated
| case 1: | ||
| platform = bc.TargetPlatforms[0] | ||
| default: | ||
| return ocispecs.Platform{}, fmt.Errorf("multiple targets for a windows build, only amd64 is supported") |
There was a problem hiding this comment.
This error mentions amd64 but doesn't validate it.
Also I'm not sure why it would matter since we aren't trying to run anything.
There was a problem hiding this comment.
We are making sure there are not multiple platforms specified. Because only one platform is supported (windows/amd64), if there is more than one platform requested by the user, the request cannot be satisfied.
The amd64 mention was an attempt at providing additional information. The idea was to tell the user, "try again, but only with amd64".
I improved the error message. LMK if you want something different.
There was a problem hiding this comment.
done unless you want me to change it again.
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
fce5b0f
to
3a56e6d
Compare
Dockerfile
Outdated
| ENV CGO_ENABLED=0 GOFLAGS=-trimpath | ||
| ARG TARGETARCH TARGETOS | ||
| ENV GOOS=${TARGETOS} GOARCH=${TARGETARCH} | ||
| ARG TARGETARCH TARGETOS GOFLAGS | ||
| ENV GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOFLAGS=${GOFLAGS} |
There was a problem hiding this comment.
| ENV CGO_ENABLED=0 GOFLAGS=-trimpath | |
| ARG TARGETARCH TARGETOS | |
| ENV GOOS=${TARGETOS} GOARCH=${TARGETARCH} | |
| ARG TARGETARCH TARGETOS GOFLAGS | |
| ENV GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOFLAGS=${GOFLAGS} | |
| ENV CGO_ENABLED=0 | |
| ARG TARGETARCH TARGETOS GOFLAGS=-trimpath |
Makes running the frontend in a container much easier Signed-off-by: Peter Engelbert <[email protected]>
The files are actually copied to their new locations, rather than linked. This will likely change in the future when Windows-in-buildkit reaches stable status. Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
Signed-off-by: Peter Engelbert <[email protected]>
pmengelbert
force-pushed
the
pmengelbert/windows_target/1
branch
from
3a56e6d
to
ce6fd9b
Compare
|
Great work, @pmengelbert. |
Very rough, mostly looking to get feedback. To test (of course with the re-built frontend):