From 5668a0fe05b10139a9720ddfbf9ac08abfac91b3 Mon Sep 17 00:00:00 2001 From: Lucian Petrut Date: Wed, 13 Nov 2024 13:46:20 +0200 Subject: [PATCH] Add 1.16.3 (#12) --- .../cilium-operator-generic}/rockcraft.yaml | 0 1.15.2/cilium/envoy-fixes.patch | 71 +++++ .../cilium}/iptables-wrapper-installer.sh | 0 {cilium => 1.15.2/cilium}/rockcraft.yaml | 5 +- 1.16.3/cilium-operator-generic/rockcraft.yaml | 123 +++++++ 1.16.3/cilium/iptables-wrapper-installer.sh | 219 +++++++++++++ 1.16.3/cilium/rockcraft.yaml | 299 ++++++++++++++++++ 7 files changed, 715 insertions(+), 2 deletions(-) rename {cilium-operator-generic => 1.15.2/cilium-operator-generic}/rockcraft.yaml (100%) create mode 100644 1.15.2/cilium/envoy-fixes.patch rename {cilium => 1.15.2/cilium}/iptables-wrapper-installer.sh (100%) rename {cilium => 1.15.2/cilium}/rockcraft.yaml (97%) create mode 100644 1.16.3/cilium-operator-generic/rockcraft.yaml create mode 100755 1.16.3/cilium/iptables-wrapper-installer.sh create mode 100644 1.16.3/cilium/rockcraft.yaml diff --git a/cilium-operator-generic/rockcraft.yaml b/1.15.2/cilium-operator-generic/rockcraft.yaml similarity index 100% rename from cilium-operator-generic/rockcraft.yaml rename to 1.15.2/cilium-operator-generic/rockcraft.yaml diff --git a/1.15.2/cilium/envoy-fixes.patch b/1.15.2/cilium/envoy-fixes.patch new file mode 100644 index 0000000..561cdc9 --- /dev/null +++ b/1.15.2/cilium/envoy-fixes.patch @@ -0,0 +1,71 @@ +From 9d84536cb003b6ab0b4142b142c238ee531860e3 Mon Sep 17 00:00:00 2001 +From: root +Date: Thu, 7 Nov 2024 09:51:32 +0000 +Subject: [PATCH] Envoy fixes + +* updated checksum +* workaround to allow running as root +--- + WORKSPACE | 3 ++- + patches/0005-ci-change-googleurl-dep.patch | 29 ++++++++++++++++++++++ + 2 files changed, 31 insertions(+), 1 deletion(-) + create mode 100644 patches/0005-ci-change-googleurl-dep.patch + +diff --git a/WORKSPACE b/WORKSPACE +index 115aefc..723fc53 100644 +--- a/WORKSPACE ++++ b/WORKSPACE +@@ -36,6 +36,7 @@ git_repository( + "@//patches:0002-upstream-Add-callback-for-upstream-authorization.patch", + "@//patches:0003-tcp_proxy-Add-filter-state-proxy_read_before_connect.patch", + "@//patches:0004-listener-add-socket-options.patch", ++ "@//patches:0005-ci-change-googleurl-dep.patch", + ], + # // clang-format off: Envoy's format check: Only repository_locations.bzl may contains URL references + remote = "https://github.com/envoyproxy/envoy.git", +@@ -65,7 +66,7 @@ envoy_dependencies() + + load("@envoy//bazel:repositories_extra.bzl", "envoy_dependencies_extra") + +-envoy_dependencies_extra() ++envoy_dependencies_extra(ignore_root_user_error=True) + + load("@envoy//bazel:python_dependencies.bzl", "envoy_python_dependencies") + +diff --git a/patches/0005-ci-change-googleurl-dep.patch b/patches/0005-ci-change-googleurl-dep.patch +new file mode 100644 +index 0000000..e27ec76 +--- /dev/null ++++ b/patches/0005-ci-change-googleurl-dep.patch +@@ -0,0 +1,29 @@ ++From a0da603209681f425f1e1fb2c7abddd24f3e2b1f Mon Sep 17 00:00:00 2001 ++From: Alyssa Wilk ++Date: Wed, 9 Oct 2024 19:30:30 +0000 ++Subject: [PATCH] ci: change googleurl dep ++ ++Signed-off-by: Alyssa Wilk ++--- ++ bazel/repository_locations.bzl | 4 ++-- ++ 1 file changed, 2 insertions(+), 2 deletions(-) ++ ++diff --git a/bazel/repository_locations.bzl b/bazel/repository_locations.bzl ++index b6e02d489b..e42a6e7e2f 100644 ++--- a/bazel/repository_locations.bzl +++++ b/bazel/repository_locations.bzl ++@@ -1222,9 +1222,9 @@ REPOSITORY_LOCATIONS_SPEC = dict( ++ project_name = "Chrome URL parsing library", ++ project_desc = "Chrome URL parsing library", ++ project_url = "https://quiche.googlesource.com/googleurl", ++- # Static snapshot of https://quiche.googlesource.com/googleurl/+archive/dd4080fec0b443296c0ed0036e1e776df8813aa7.tar.gz ++ version = "dd4080fec0b443296c0ed0036e1e776df8813aa7", ++- sha256 = "59f14d4fb373083b9dc8d389f16bbb817b5f936d1d436aa67e16eb6936028a51", +++ sha256 = "fc694942e8a7491dcc1dde1bddf48a31370a1f46fef862bc17acf07c34dc6325", +++ # Static snapshot of https://quiche.googlesource.com/googleurl/+archive/dd4080fec0b443296c0ed0036e1e776df8813aa7.tar.gz ++ urls = ["https://storage.googleapis.com/quiche-envoy-integration/{version}.tar.gz"], ++ use_category = ["controlplane", "dataplane_core"], ++ extensions = [], ++-- ++2.43.0 ++ +-- +2.34.1 \ No newline at end of file diff --git a/cilium/iptables-wrapper-installer.sh b/1.15.2/cilium/iptables-wrapper-installer.sh similarity index 100% rename from cilium/iptables-wrapper-installer.sh rename to 1.15.2/cilium/iptables-wrapper-installer.sh diff --git a/cilium/rockcraft.yaml b/1.15.2/cilium/rockcraft.yaml similarity index 97% rename from cilium/rockcraft.yaml rename to 1.15.2/cilium/rockcraft.yaml index 8e4efbf..ac14459 100644 --- a/cilium/rockcraft.yaml +++ b/1.15.2/cilium/rockcraft.yaml @@ -69,8 +69,9 @@ parts: override-build: | export PKG_BUILD=1 export DESTDIR=$CRAFT_PART_INSTALL - # Workaround for bazel python plugin/bits to ignore running as root - sed -i -e 's/envoy_dependencies_extra()/envoy_dependencies_extra(ignore_root_user_error=True)/g' WORKSPACE + export EMAIL=root@localhost + git am --ignore-whitespace $CRAFT_PROJECT_DIR/envoy-fixes.patch + make -C proxylib all mkdir -p $CRAFT_PART_INSTALL/usr/lib/ cp proxylib/libcilium.so $CRAFT_PART_INSTALL/usr/lib/ diff --git a/1.16.3/cilium-operator-generic/rockcraft.yaml b/1.16.3/cilium-operator-generic/rockcraft.yaml new file mode 100644 index 0000000..442a36c --- /dev/null +++ b/1.16.3/cilium-operator-generic/rockcraft.yaml @@ -0,0 +1,123 @@ +name: cilium-operator-generic +summary: Cilium operator rock for the Cilium CNI. +description: This rock is a drop in replacement for the cilium/operator-generic image. +version: "1.16.3" +license: Apache-2.0 + +base: bare +build-base: ubuntu@22.04 +platforms: + amd64: + arm64: + +environment: + GOPS_CONFIG_DIR: "/" + +services: + cilium: + command: /usr/bin/cilium-operator-generic + override: replace + startup: enabled + +parts: + builder-img-deps: + plugin: nil + build-packages: + - unzip + - binutils + - coreutils + - curl + - gcc + - git + - libc6-dev + - make + + build-deps: + plugin: nil + build-snaps: + - go/1.22/stable + build-packages: + - autoconf + - automake + - autopoint + - autotools-dev + - build-essential + - pkg-config + + debug-wrapper: + after: [build-deps, builder-img-deps] + plugin: go + source-type: git + source: https://github.com/cilium/cilium.git + source-tag: v1.16.3 + source-subdir: images/builder + build-environment: + - CGO_ENABLED: 0 + override-build: | + cd $CRAFT_PART_SRC_WORK + go install github.com/go-delve/delve/cmd/dlv@latest + go install -ldflags "-s -w" debug-wrapper.go + + protoc: + plugin: cmake + source-type: git + source: https://github.com/protocolbuffers/protobuf.git + source-tag: v28.2 + source-submodules: + - third_party/googletest + - third_party/abseil-cpp + - third_party/jsoncpp + cmake-generator: Ninja + build-packages: + - g++ + - git + override-build: | + cmake $CRAFT_PART_SRC -G Ninja \ + -DCMAKE_BUILD_TYPE="Release" \ + -DCMAKE_INSTALL_PREFIX="$CRAFT_PART_INSTALL/usr/local" + ninja install + stage: + - -usr/local/lib + - -usr/local/include/absl + - -usr/local/include/utf8_range.h + - -usr/local/include/utf8_validity.h + + protoplugins: + plugin: go + source: "" + override-build: | + go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@1adbea267b837660726952ed6711b348dee87aa5 + go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.35.1 + go install github.com/mfridman/protoc-gen-go-json@v1.4.0 + go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc@v1.5.1 + + runtime-img-deps: + plugin: nil + stage-packages: + - ca-certificates + + gops: + after: [build-deps] + plugin: go + source-type: git + source: https://github.com/google/gops.git + source-tag: v0.3.27 + build-environment: + - CGO_ENABLED: 0 + override-build: | + go install -ldflags "-s -w" ./... + + cilium-operator: + after: [build-deps, builder-img-deps] + plugin: make + source-type: git + source: https://github.com/cilium/cilium.git + source-tag: v1.16.3 + override-build: | + export VARIANT="generic" + make build-container-operator-$VARIANT + export DESTDIR=$CRAFT_PART_INSTALL + make install-container-binary-operator-$VARIANT + make licenses-all + + cp $CRAFT_PART_BUILD/LICENSE.all $CRAFT_PART_INSTALL/ diff --git a/1.16.3/cilium/iptables-wrapper-installer.sh b/1.16.3/cilium/iptables-wrapper-installer.sh new file mode 100755 index 0000000..400fbce --- /dev/null +++ b/1.16.3/cilium/iptables-wrapper-installer.sh @@ -0,0 +1,219 @@ +#!/bin/sh + +# https://github.com/kubernetes-sigs/iptables-wrappers/blob/e139a115350974aac8a82ec4b815d2845f86997e/iptables-wrapper-installer.sh +# Copyright 2020 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Usage: +# +# iptables-wrapper-installer.sh [--no-sanity-check] +# +# Installs a wrapper iptables script in a container that will figure out +# whether iptables-legacy or iptables-nft is in use on the host and then +# replaces itself with the correct underlying iptables version. +# +# Unless "--no-sanity-check" is passed, it will first verify that the +# container already contains a suitable version of iptables. + +# NOTE: This can only use POSIX /bin/sh features; the build container +# might not contain bash. + +set -eux + +# Find iptables binary location +if [ -n "$OVERRIDE_SBIN" ]; then + sbin="$OVERRIDE_SBIN" +elif [ -d /usr/sbin -a -e /usr/sbin/iptables ]; then + sbin="/usr/sbin" +elif [ -d /sbin -a -e /sbin/iptables ]; then + sbin="/sbin" +else + echo "ERROR: iptables is not present in either /usr/sbin or /sbin" 1>&2 + exit 1 +fi + +if [ -n "$OVERRIDE_PATH" ]; then + target="$OVERRIDE_PATH" +else + target="$sbin" +fi + +# Determine how the system selects between iptables-legacy and iptables-nft +if [ -n "$OVERRIDE_ALTSTYLE" ]; then + altstyle="$OVERRIDE_ALTSTYLE" +elif [ -x /usr/sbin/alternatives ]; then + # Fedora/SUSE style alternatives + altstyle="fedora" +elif [ -x /usr/sbin/update-alternatives ]; then + # Debian style alternatives + altstyle="debian" +else + # No alternatives system + altstyle="none" +fi + +if [ "${1:-}" != "--no-sanity-check" ]; then + # Ensure dependencies are installed + if ! version=$("${sbin}/iptables-nft" --version 2> /dev/null); then + echo "ERROR: iptables-nft is not installed" 1>&2 + exit 1 + fi + if ! "${sbin}/iptables-legacy" --version > /dev/null 2>&1; then + echo "ERROR: iptables-legacy is not installed" 1>&2 + exit 1 + fi + + case "${version}" in + *v1.8.[0123]\ *) + echo "ERROR: iptables 1.8.0 - 1.8.3 have compatibility bugs." 1>&2 + echo " Upgrade to 1.8.4 or newer." 1>&2 + exit 1 + ;; + *) + # 1.8.4+ are OK + ;; + esac +fi + +# Start creating the wrapper... +rm -f "${target}/iptables-wrapper" +cat > "${target}/iptables-wrapper" </dev/null | grep -E '^:(KUBE-IPTABLES-HINT|KUBE-KUBELET-CANARY)' | wc -l) +if [ "\${nft_kubelet_rules}" -ne 0 ]; then + mode=nft +else + # Check for kubernetes 1.17-or-later with iptables-legacy. We + # can't pass "-t mangle" to iptables-legacy-save because it would + # cause the kernel to create that table if it didn't already + # exist, which we don't want. So we have to grab all the rules + legacy_kubelet_rules=\$( (iptables-legacy-save || true; ip6tables-legacy-save || true) 2>/dev/null | grep -E '^:(KUBE-IPTABLES-HINT|KUBE-KUBELET-CANARY)' | wc -l) + if [ "\${legacy_kubelet_rules}" -ne 0 ]; then + mode=legacy + else + # With older kubernetes releases there may not be any _specific_ + # rules we can look for, but we assume that some non-containerized process + # (possibly kubelet) will have created _some_ iptables rules. + num_legacy_lines=\$( (iptables-legacy-save || true; ip6tables-legacy-save || true) 2>/dev/null | grep '^-' | wc -l) + num_nft_lines=\$( (iptables-nft-save || true; ip6tables-nft-save || true) 2>/dev/null | grep '^-' | wc -l) + if [ "\${num_legacy_lines}" -gt "\${num_nft_lines}" ]; then + mode=legacy + else + mode=nft + fi + fi +fi + +EOF + +# Write out the appropriate alternatives-selection commands +case "${altstyle}" in + fedora) +cat >> "${target}/iptables-wrapper" < /dev/null || failed=1 +EOF + ;; + + debian) +cat >> "${target}/iptables-wrapper" < /dev/null || failed=1 +update-alternatives --set ip6tables "/usr/sbin/ip6tables-\${mode}" > /dev/null || failed=1 +EOF + ;; + + *) +cat >> "${target}/iptables-wrapper" </dev/null || failed=1 +EOF + ;; +esac + +# Write out the post-alternatives-selection error checking and final wrap-up +cat >> "${target}/iptables-wrapper" <&2 + # fake it, though this will probably also fail if they aren't root + exec "${sbin}/xtables-\${mode}-multi" "\$0" "\$@" +fi + +# Now re-exec the original command with the newly-selected alternative +exec "\$0" "\$@" +EOF +chmod +x "${target}/iptables-wrapper" + +# Now back in the installer script, point the iptables binaries at our +# wrapper +case "${altstyle}" in + fedora) + alternatives \ + --install /usr/sbin/iptables iptables /usr/sbin/iptables-wrapper 100 \ + --slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/ip6tables iptables /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/ip6tables-restore iptables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/ip6tables-save iptables-save /usr/sbin/iptables-wrapper + ;; + + debian) + update-alternatives \ + --install /usr/sbin/iptables iptables /usr/sbin/iptables-wrapper 100 \ + --slave /usr/sbin/iptables-restore iptables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/iptables-save iptables-save /usr/sbin/iptables-wrapper + update-alternatives \ + --install /usr/sbin/ip6tables ip6tables /usr/sbin/iptables-wrapper 100 \ + --slave /usr/sbin/ip6tables-restore ip6tables-restore /usr/sbin/iptables-wrapper \ + --slave /usr/sbin/ip6tables-save ip6tables-save /usr/sbin/iptables-wrapper + ;; + + *) + for cmd in iptables iptables-save iptables-restore ip6tables ip6tables-save ip6tables-restore; do + rm -f "${target}/${cmd}" + ln -s "${sbin}/iptables-wrapper" "${target}/${cmd}" + done + ;; +esac + +# Cleanup +rm -f "$0" diff --git a/1.16.3/cilium/rockcraft.yaml b/1.16.3/cilium/rockcraft.yaml new file mode 100644 index 0000000..1eb0239 --- /dev/null +++ b/1.16.3/cilium/rockcraft.yaml @@ -0,0 +1,299 @@ +name: cilium +summary: Cilium agent rock for the Cilium CNI. +description: This rock is a drop in replacement for the cilium/cilium image. +version: "1.16.3" +license: Apache-2.0 + +base: ubuntu@24.04 +build-base: ubuntu@24.04 +platforms: + amd64: + arm64: + +environment: + HUBBLE_SERVER: "unix:///var/run/cilium/hubble.sock" + INITSYSTEM: "SYSTEMD" + +services: + cilium: + command: /usr/bin/cilium-dbg + override: replace + startup: enabled + +parts: + bazelisk: + plugin: nil + build-packages: + - wget + overlay-script: | + wget https://github.com/bazelbuild/bazelisk/releases/download/v1.19.0/bazelisk-linux-$CRAFT_ARCH_BUILD_FOR + mv bazelisk-linux-$CRAFT_ARCH_BUILD_FOR /usr/bin/bazelisk + chmod +x /usr/bin/bazelisk + ln -sf /usr/bin/bazelisk /usr/bin/bazel + + cilium-envoy: + after: [bazelisk] + plugin: make + source-type: git + source: https://github.com/cilium/proxy.git + source-tag: v1.29 + source-depth: 1 + build-packages: + - autoconf + - automake + - cmake + - coreutils + - curl + - git + - libtool + - make + - ninja-build + - patch + - patchelf + - python3 + - python-is-python3 + - unzip + - virtualenv + - wget + - zip + - libc6-dev + - gcc + - binutils + - clang-17 + - clang-tools-17 + - lldb-17 + - lld-17 + - clang-format-17 + - libc++-17-dev + - libc++abi-17-dev + override-build: | + export PKG_BUILD=1 + export DESTDIR=$CRAFT_PART_INSTALL + # Workaround for bazel python plugin/bits to ignore running as root + sed -i -e 's/envoy_dependencies_extra()/envoy_dependencies_extra(ignore_root_user_error=True)/g' WORKSPACE + + make -C proxylib all + mkdir -p $CRAFT_PART_INSTALL/usr/lib/ + cp proxylib/libcilium.so $CRAFT_PART_INSTALL/usr/lib/ + cp proxylib/libcilium.so /usr/lib/ + git rev-parse HEAD >SOURCE_VERSION + make bazel-bin/cilium-envoy + make install + rm -rf /root/.cache/bazel + + builder-img-deps: + plugin: nil + build-packages: + - unzip + - binutils + - coreutils + - curl + - gcc + - git + - libc6-dev + - make + + build-deps: + plugin: nil + build-snaps: + - go/1.22/stable + build-packages: + - autoconf + - automake + - autopoint + - autotools-dev + - build-essential + - pkg-config + + debug-wrapper: + after: [build-deps, builder-img-deps] + plugin: go + source-type: git + source: https://github.com/cilium/cilium.git + source-tag: v1.16.3 + source-depth: 1 + source-subdir: images/builder + build-environment: + - CGO_ENABLED: 0 + override-build: | + cd $CRAFT_PART_SRC_WORK + go install github.com/go-delve/delve/cmd/dlv@latest + go install -ldflags "-s -w" debug-wrapper.go + + protoc: + plugin: cmake + source-type: git + source: https://github.com/protocolbuffers/protobuf.git + source-tag: v28.2 + source-depth: 1 + source-submodules: + - third_party/googletest + - third_party/abseil-cpp + - third_party/jsoncpp + cmake-generator: Ninja + build-packages: + - g++ + - git + override-build: | + cmake $CRAFT_PART_SRC -G Ninja \ + -DCMAKE_BUILD_TYPE="Release" \ + -DCMAKE_INSTALL_PREFIX="$CRAFT_PART_INSTALL/usr/local" + ninja install + stage: + - -usr/local/lib + - -usr/local/include/absl + - -usr/local/include/utf8_range.h + - -usr/local/include/utf8_validity.h + + protoplugins: + plugin: go + source: "" + override-build: | + go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@1adbea267b837660726952ed6711b348dee87aa5 + go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.35.1 + go install github.com/mfridman/protoc-gen-go-json@v1.4.0 + go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc@v1.5.1 + + runtime-img-deps: + plugin: nil + stage-packages: + - jq + - bash-completion + - iproute2 + - ipset + - kmod + - ca-certificates + - libz3-dev + + iptables: + plugin: nil + stage-packages: + - iptables + + iptables-wrapper: + after: [iptables] + plugin: nil + source-type: file + source: ./iptables-wrapper-installer.sh + build-environment: + - OVERRIDE_PATH: "$CRAFT_PRIME/usr/sbin" + - OVERRIDE_SBIN: "/usr/sbin" + - OVERRIDE_ALTSTYLE: "none" + override-prime: | + craftctl default + $CRAFT_PART_BUILD/iptables-wrapper-installer.sh --no-sanity-check + + bpftool: + plugin: make + source-type: git + source: https://github.com/libbpf/bpftool.git + source-tag: v7.4.0 + source-depth: 1 + source-subdir: src + source-submodules: + - "libbpf" + build-packages: + - xz-utils + - libzstd-dev + - zlib1g-dev + - libelf-dev + - libiberty-dev + - llvm-17 + - clang-17 + - clang-tools-17 + - lldb-17 + - lld-17 + - clang-format-17 + - libc++-17-dev + - libc++abi-17-dev + build-environment: + - EXTRA_CFLAGS: --static + - LLVM_CONFIG: "/usr/bin/llvm-config-17" + - LLVM_STRIP: "/usr/bin/llvm-strip-17" + override-build: | + # libelf requires zstd on Ubuntu 24.04, this hasn't been addressed + # in bpftool yet. + sed -i 's/-lelf/-lelf -lzstd/g' src/Makefile + + make -C src -j "$(nproc)" + + mkdir -p $CRAFT_PART_INSTALL/usr/local/sbin/ + cp ./src/bpftool $CRAFT_PART_INSTALL/usr/local/sbin/ + chmod 755 $CRAFT_PART_INSTALL/usr/local/sbin/bpftool + + gops: + after: [build-deps] + plugin: go + source-type: git + source: https://github.com/google/gops.git + source-tag: v0.3.27 + source-depth: 1 + build-environment: + - CGO_ENABLED: 0 + override-build: | + go install -ldflags "-s -w" ./... + + cni-plugins: + after: [build-deps] + plugin: go + source-type: git + source: https://github.com/containernetworking/plugins.git + source-tag: v1.5.0 + source-depth: 1 + override-build: | + ./build_linux.sh + cp -r $CRAFT_PART_BUILD/bin $CRAFT_PART_INSTALL + stage: + - -bin + organize: + bin/loopback: cni/loopback + + hubble: + after: [build-deps] + plugin: make + source-type: git + source: "https://github.com/cilium/hubble.git" + source-tag: v1.16.3 + source-depth: 1 + override-build: | + craftctl default + mkdir -p $CRAFT_PART_INSTALL/etc/bash_completion.d + $CRAFT_PART_INSTALL/usr/local/bin/hubble completion bash > $CRAFT_PART_INSTALL/etc/bash_completion.d/hubble + + cilium: + after: [build-deps, builder-img-deps] + plugin: make + source-type: git + source: https://github.com/cilium/cilium.git + source-tag: v1.16.3 + build-packages: + - clang-17 + - llvm-17 + stage-packages: + - clang-17 + - llvm-17 + build-environment: + - DISABLE_ENVOY_INSTALLATION: 1 + - PKG_BUILD: 1 + - NOSTRIP: 0 + - NOOPT: 0 + override-build: | + make build-container + export DESTDIR=$CRAFT_PART_INSTALL + make install-container-binary + make install-bash-completion + make licenses-all + + echo 'install_cni "/usr/bin/cilium-dbg"' >> $CRAFT_PART_BUILD/plugins/cilium-cni/install-plugin.sh + + cp $CRAFT_PART_BUILD/LICENSE.all $CRAFT_PART_INSTALL/ + cp $CRAFT_PART_SRC/images/cilium/init-container.sh $CRAFT_PART_INSTALL/ + cp $CRAFT_PART_BUILD/plugins/cilium-cni/install-plugin.sh $CRAFT_PART_INSTALL/ + cp $CRAFT_PART_SRC/plugins/cilium-cni/cni-uninstall.sh $CRAFT_PART_INSTALL/ + + cp -a $CRAFT_PART_INSTALL/usr/bin/clang-17 $CRAFT_PART_INSTALL/usr/bin/clang + cp -a $CRAFT_PART_INSTALL/usr/bin/llc-17 $CRAFT_PART_INSTALL/usr/bin/llc + cp -a $CRAFT_PART_INSTALL/usr/bin/llvm-objcopy-17 $CRAFT_PART_INSTALL/usr/bin/llvm-objcopy + override-prime: | + craftctl default + rm -rf /root/.cache/go-build