diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d426109a7b..32b5a7ca3c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -8,11 +8,71 @@ on: jobs: + builder: + env: + REGISTRY: ghcr.io + BUILDER_IMAGE_BASE: ghcr.io/draios/sysdig-builder-pr + SKEL_BUILDER_IMAGE_BASE: ghcr.io/draios/sysdig-skel-builder-pr + BUILDER_DEV: ghcr.io/draios/sysdig-builder:dev + SKEL_BUILDER_DEV: ghcr.io/draios/sysdig-skel-builder:dev + permissions: + packages: write + contents: read + runs-on: ubuntu-latest + steps: + - name: Checkout Sysdig + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Check if builder is modified + id: builder-files + uses: tj-actions/changed-files@v34 + with: + files: | + docker/builder/** + + - name: Set up QEMU + if: steps.builder-files.outputs.any_changed == 'true' + uses: docker/setup-qemu-action@v3 + with: + platforms: 'amd64,arm64' + + - name: Set up Docker Buildx + if: steps.builder-files.outputs.any_changed == 'true' + uses: docker/setup-buildx-action@v3 + + - name: Login to Github Packages + if: steps.builder-files.outputs.any_changed == 'true' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Get new builder image tag + id: get-new-builder + if: steps.builder-files.outputs.any_changed == 'true' + run: | + echo "builder_image=${{ (github.event.pull_request.number != '') && format('{0}:{1}', env.BUILDER_IMAGE_BASE, github.event.pull_request.number) || env.BUILDER_DEV }}" >> $GITHUB_OUTPUT + + - name: Build new builder + id: build-builder + if: steps.builder-files.outputs.any_changed == 'true' + uses: docker/build-push-action@v6 + with: + context: docker/builder + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.get-new-builder.outputs.builder_image }} + push: true + outputs: + builder_image: ${{ (steps.builder-files.outputs.any_changed == 'true') && steps.get-new-builder.outputs.builder_image || env.BUILDER_DEV }} + build-sysdig-linux: + needs: [builder] runs-on: ubuntu-latest container: - image: ubuntu:22.04 - options: --platform ${{ matrix.platform }} + image: ${{ needs.builder.outputs.builder_image }} strategy: matrix: platform: @@ -23,29 +83,14 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v3 - - name: Install deps - run: | - sudo apt update && sudo apt install -y --no-install-recommends ninja-build curl ca-certificates build-essential git clang llvm pkg-config autoconf automake libtool libelf-dev wget libc-ares-dev libcurl4-openssl-dev libssl-dev libtbb-dev libjq-dev libjsoncpp-dev libgrpc++-dev protobuf-compiler-grpc libgtest-dev libprotobuf-dev cmake ninja-build - DIR=$(pwd) - cd /tmp - git clone https://github.com/libbpf/bpftool.git --branch v7.3.0 --single-branch - cd bpftool - git submodule update --init - cd src - sudo make install - cd ${DIR} - - name: Checkout Sysdig uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Install zig - uses: ./.github/actions/install-zig - - name: Build Sysdig run: | - cmake -DUSE_BUNDLED_DEPS=ON -DBUILD_BPF=OFF -DBUILD_SYSDIG_MODERN_BPF=OFF -DBUILD_DRIVER=OFF -DCMAKE_BUILD_TYPE=Release -S . -B build -G Ninja + cmake -DUSE_BUNDLED_DEPS=ON -DBUILD_BPF=OFF -DBUILD_DRIVER=OFF -DCMAKE_BUILD_TYPE=Release -S . -B build -G Ninja cmake --build build --target package --config Release - name: Set artifact name diff --git a/docker/builder/Dockerfile b/docker/builder/Dockerfile index 3f030f89c9..112605a44e 100644 --- a/docker/builder/Dockerfile +++ b/docker/builder/Dockerfile @@ -1,7 +1,4 @@ -FROM centos:7 - -LABEL name="sysdig/sysdig-builder" -LABEL usage="docker run -v $PWD/..:/source -v $PWD/build:/build sysdig/sysdig-builder cmake" +FROM ubuntu:22.04 ARG BUILD_TYPE=release ARG BUILD_DRIVER=OFF @@ -17,31 +14,52 @@ ENV BUILD_VERSION=${BUILD_VERSION} ENV BUILD_WARNINGS_AS_ERRORS=${BUILD_WARNINGS_AS_ERRORS} ENV MAKE_JOBS=${MAKE_JOBS} -COPY ./root / - -WORKDIR / +ARG ZIG_VERSION=0.14.0-dev.2441+3670910f2 -# build toolchain -RUN sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo && \ - sed -i 's/^#.*baseurl=http/baseurl=https/g' /etc/yum.repos.d/*.repo && \ - sed -i 's/^mirrorlist=http/#mirrorlist=https/g' /etc/yum.repos.d/*.repo && \ - yum -y install centos-release-scl; \ - sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo && \ - sed -i 's/^#.*baseurl=http/baseurl=https/g' /etc/yum.repos.d/*.repo && \ - sed -i 's/^mirrorlist=http/#mirrorlist=https/g' /etc/yum.repos.d/*.repo && \ - yum -y install devtoolset-9-gcc devtoolset-9-gcc-c++ git wget make m4 rpm-build clang perl-IPC-Cmd ; \ - source scl_source enable devtoolset-9 +COPY ./zig-cc /usr/bin/ +COPY ./zig-c++ /usr/bin/ -RUN curl -L -o /tmp/cmake.tar.gz https://github.com/Kitware/CMake/releases/download/v3.27.6/cmake-3.27.6-linux-$(uname -m).tar.gz; \ - gzip -d /tmp/cmake.tar.gz; \ - tar -xpf /tmp/cmake.tar --directory=/tmp; \ - cp -R /tmp/cmake-3.27.6-linux-$(uname -m)/* /usr; \ - rm -rf /tmp/cmake-3.27.6-linux-$(uname -m)/ - -# DTS -ENV BASH_ENV=/usr/bin/scl_enable \ - ENV=/usr/bin/scl_enable \ - PROMPT_COMMAND=". /usr/bin/scl_enable" +WORKDIR / -ENTRYPOINT ["build"] -CMD ["usage"] +RUN apt update && \ + apt install -y --no-install-recommends \ + autoconf \ + automake \ + build-essential \ + ca-certificates \ + clang \ + cmake \ + curl \ + git \ + libc-ares-dev \ + libcurl4-openssl-dev \ + libelf-dev \ + libgrpc++-dev \ + libgtest-dev \ + libjq-dev \ + libjsoncpp-dev \ + libprotobuf-dev \ + libssl-dev \ + libtbb-dev \ + libtool \ + llvm \ + ninja-build \ + pkg-config \ + protobuf-compiler-grpc \ + wget \ + xz-utils && \ + git clone https://github.com/libbpf/bpftool.git --branch v7.3.0 --single-branch && \ + cd bpftool && \ + git submodule update --init && \ + cd src && \ + make install && \ + cd ../.. && \ + rm -fr bpftool && \ + curl -LO https://ziglang.org/builds/zig-linux-$(uname -m)-${ZIG_VERSION}.tar.xz && \ + tar -xaf zig-linux-$(uname -m)-${ZIG_VERSION}.tar.xz && \ + rm -v zig-linux-$(uname -m)-${ZIG_VERSION}.tar.xz && \ + cd zig-linux-$(uname -m)-${ZIG_VERSION} && \ + cp -v zig /usr/bin && \ + find lib -exec cp --parents {} /usr/ \; && \ + cd .. && \ + rm -fr zig* diff --git a/docker/builder/zig-c++ b/docker/builder/zig-c++ new file mode 100755 index 0000000000..2b72de4ffe --- /dev/null +++ b/docker/builder/zig-c++ @@ -0,0 +1,2 @@ +#!/bin/bash +exec zig c++ -target $(uname -m)-linux-gnu.2.17 -mcpu=baseline $@ diff --git a/docker/builder/zig-cc b/docker/builder/zig-cc new file mode 100755 index 0000000000..a6449a7f58 --- /dev/null +++ b/docker/builder/zig-cc @@ -0,0 +1,2 @@ +#!/bin/bash +exec zig cc -target $(uname -m)-linux-gnu.2.17 -mcpu=baseline $@