datadog-agent/7.60.0 package update

[octo-sts]

datadog-agent: various fixes to work with latest 7.60.0 update

Included:

• add libpcap
• symlink so build avoids downloading libpcap and uses system lib
• regen dep bump patch
• build with python 3.12 as integration dependencies require it

ERROR: Package 'datadog-slurm' requires a different Python: 3.11.11 not in '>=3.12'

• compile datadog-agent-nvml with python 3.12

[octo-sts]

Gen AI suggestions to solve the build error:

• Detected Error:

/bin/bash: line 1: curl: command not found
xz: (stdin): File format not recognized
tar: Child returned status 1
tar: Error is not recoverable: exiting now

• Error Category: Build/Dependency

• Failure Point: Package build step attempting to download and extract libpcap dependency

• Root Cause Analysis:
The build environment is missing the curl package which is required to download libpcap source code. This is a missing build dependency.

• Suggested Fix:
Add curl to the environment.contents.packages section in the melange YAML:

environment:
  contents:
    packages:
      - curl
      # existing packages...

• Explanation:
The build script attempts to download libpcap using curl but fails because curl is not installed. Adding curl as a build dependency will allow the download step to complete successfully.

• Additional Notes:

• This is a common build dependency issue where required tools are missing from the build environment
• The error occurs during the package compilation phase when trying to fetch external dependencies
• libpcap is likely needed for network packet capture functionality in the datadog agent
• Consider also adding xz-utils if further xz extraction issues occur

• References:

• https://www.tcpdump.org/release/ (libpcap upstream source)
• https://docs.datadoghq.com/integrations/pcap/ (Datadog pcap integration docs)

The fix is simple and just requires adding the missing build tool to the environment section of the melange YAML file.

[octo-sts]

Gen AI suggestions to solve the build error:

• Detected Error:
"tar: libpcap-1.10.5/...: Cannot change ownership to uid 1000, gid 1000: Invalid argument"

• Error Category: Build Configuration

• Failure Point:
Unpacking libpcap source tarball during build process

• Root Cause Analysis:
The error occurs because tar is trying to set ownership of extracted files to uid/gid 1000, but this operation is failing in the build environment. This typically happens in containerized builds where user namespace mapping isn't properly configured.

• Suggested Fix:
Add --no-same-owner flag to the tar extract command in the pipeline. Modify the problematic line to:

- runs: |
    cd /home/build/dev/dist && curl -L https://www.tcpdump.org/release/libpcap-1.10.5.tar.xz | tar xJ --no-same-owner

• Explanation:
The --no-same-owner flag tells tar to extract files with the current user's ownership rather than trying to preserve the ownership from the archive. This avoids permission issues in containerized environments where user mapping may be restricted.

• Additional Notes:

1. This is a common issue in container builds where user namespace isolation affects file ownership operations
2. The fix preserves functionality while avoiding permission-related errors
3. Alternative approach could be to use proper user namespace mapping, but the suggested fix is simpler and sufficient for most build scenarios

• References:

• GNU tar documentation on ownership: https://www.gnu.org/software/tar/manual/html_node/Ownership.html
• Common container build issues: Add ability to mount volume as user other than root moby/moby#2259

This fix aligns with Wolfi's principles of secure, reproducible builds while maintaining package functionality.

[rawlingsj]

Hmm looks like the latest datadog agent update wants to use curl to fetch a dependency, wonder what's needed to use the package from wolfi https://github.com/wolfi-dev/os/blob/main/libpcap.yaml

[octo-sts]

superseded by #37684