diff --git a/0001-Bump-kubeos-version-to-1.0.6.patch b/0001-Bump-kubeos-version-to-1.0.6.patch new file mode 100644 index 0000000000000000000000000000000000000000..eb3ccd744061acc1f04342dfae76680080d0de3c --- /dev/null +++ b/0001-Bump-kubeos-version-to-1.0.6.patch @@ -0,0 +1,134 @@ +From dbabd83278e84e21a4e3493150add216012ba230 Mon Sep 17 00:00:00 2001 +From: Yuhang Wei +Date: Mon, 17 Jun 2024 10:30:52 +0800 +Subject: [PATCH 1/2] Bump kubeos version to 1.0.6 + +Signed-off-by: Yuhang Wei +--- + KubeOS-Rust/Cargo.lock | 8 ++++---- + KubeOS-Rust/agent/Cargo.toml | 2 +- + KubeOS-Rust/cli/Cargo.toml | 2 +- + KubeOS-Rust/manager/Cargo.toml | 2 +- + KubeOS-Rust/proxy/Cargo.toml | 6 +++--- + VERSION | 2 +- + 6 files changed, 11 insertions(+), 11 deletions(-) + +diff --git a/KubeOS-Rust/Cargo.lock b/KubeOS-Rust/Cargo.lock +index 4e1619aa..93e3d07d 100644 +--- a/KubeOS-Rust/Cargo.lock ++++ b/KubeOS-Rust/Cargo.lock +@@ -189,7 +189,7 @@ dependencies = [ + + [[package]] + name = "cli" +-version = "1.0.5" ++version = "1.0.6" + dependencies = [ + "anyhow", + "jsonrpc", +@@ -1226,7 +1226,7 @@ dependencies = [ + + [[package]] + name = "manager" +-version = "1.0.5" ++version = "1.0.6" + dependencies = [ + "anyhow", + "env_logger", +@@ -1438,7 +1438,7 @@ dependencies = [ + + [[package]] + name = "os-agent" +-version = "1.0.5" ++version = "1.0.6" + dependencies = [ + "anyhow", + "env_logger", +@@ -1601,7 +1601,7 @@ dependencies = [ + + [[package]] + name = "proxy" +-version = "1.0.5" ++version = "1.0.6" + dependencies = [ + "anyhow", + "assert-json-diff", +diff --git a/KubeOS-Rust/agent/Cargo.toml b/KubeOS-Rust/agent/Cargo.toml +index 739bbbc7..83e1b7c0 100644 +--- a/KubeOS-Rust/agent/Cargo.toml ++++ b/KubeOS-Rust/agent/Cargo.toml +@@ -3,7 +3,7 @@ description = "KubeOS os-agent" + edition = "2021" + license = "MulanPSL-2.0" + name = "os-agent" +-version = "1.0.5" ++version = "1.0.6" + + # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + [dependencies] +diff --git a/KubeOS-Rust/cli/Cargo.toml b/KubeOS-Rust/cli/Cargo.toml +index c3c14c6f..78d5fd51 100644 +--- a/KubeOS-Rust/cli/Cargo.toml ++++ b/KubeOS-Rust/cli/Cargo.toml +@@ -3,7 +3,7 @@ description = "KubeOS os-agent client" + edition = "2021" + license = "MulanPSL-2.0" + name = "cli" +-version = "1.0.5" ++version = "1.0.6" + + # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + [dependencies] +diff --git a/KubeOS-Rust/manager/Cargo.toml b/KubeOS-Rust/manager/Cargo.toml +index e694090c..f60a7c08 100644 +--- a/KubeOS-Rust/manager/Cargo.toml ++++ b/KubeOS-Rust/manager/Cargo.toml +@@ -3,7 +3,7 @@ description = "KubeOS os-agent manager" + edition = "2021" + license = "MulanPSL-2.0" + name = "manager" +-version = "1.0.5" ++version = "1.0.6" + + # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + [dev-dependencies] +diff --git a/KubeOS-Rust/proxy/Cargo.toml b/KubeOS-Rust/proxy/Cargo.toml +index 3b5d96d1..d804ac77 100644 +--- a/KubeOS-Rust/proxy/Cargo.toml ++++ b/KubeOS-Rust/proxy/Cargo.toml +@@ -3,7 +3,7 @@ description = "KubeOS os-proxy" + edition = "2021" + license = "MulanPSL-2.0" + name = "proxy" +-version = "1.0.5" ++version = "1.0.6" + + # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + [lib] +@@ -17,14 +17,14 @@ path = "src/main.rs" + [dependencies] + anyhow = "1.0.44" + async-trait = "0.1" +-cli = { version = "1.0.5", path = "../cli" } ++cli = { version = "1.0.6", path = "../cli" } + env_logger = "0.9.0" + futures = "0.3.17" + h2 = "=0.3.16" + k8s-openapi = { version = "0.13.1", features = ["v1_22"] } + kube = { version = "0.66.0", features = ["derive", "runtime"] } + log = "=0.4.15" +-manager = { version = "1.0.5", path = "../manager" } ++manager = { version = "1.0.6", path = "../manager" } + regex = "=1.7.3" + reqwest = { version = "=0.12.2", default-features = false, features = [ + "json", +diff --git a/VERSION b/VERSION +index 90a27f9c..af0b7ddb 100644 +--- a/VERSION ++++ b/VERSION +@@ -1 +1 @@ +-1.0.5 ++1.0.6 +-- +2.39.3 (Apple Git-146) + diff --git a/0001-KubeOS-add-oci-image-digests-check-when-upgrade-and-.patch b/0001-KubeOS-add-oci-image-digests-check-when-upgrade-and-.patch deleted file mode 100644 index 6cd006fd3262463856ece52d0e7fd253216bf70a..0000000000000000000000000000000000000000 --- a/0001-KubeOS-add-oci-image-digests-check-when-upgrade-and-.patch +++ /dev/null @@ -1,116 +0,0 @@ -From 42f5a3e38ea6e23f5aff146f65ad20025088fc84 Mon Sep 17 00:00:00 2001 -From: liyuanr -Date: Mon, 29 May 2023 11:12:52 +0800 -Subject: [PATCH] KubeOS: add oci image digests check when upgrade and fix the - issue with the software version display - -add check of digests of the oci image for upgrade after -os-agent pulls image when os upgrading. - -Fix the issue where the softwares version is empty - -Signed-off-by: liyuanr ---- - Makefile | 2 +- - cmd/agent/server/containerd_image.go | 3 ++ - cmd/agent/server/docker_image.go | 3 ++ - cmd/agent/server/utils.go | 44 ++++++++++++++++++++++++++++ - docs/quick-start.md | 8 ++--- - 5 files changed, 55 insertions(+), 5 deletions(-) - -diff --git a/Makefile b/Makefile -index 9d9fbea..27cf175 100644 ---- a/Makefile -+++ b/Makefile -@@ -30,7 +30,7 @@ endif - - VERSION_FILE := ./VERSION - VERSION := $(shell cat $(VERSION_FILE)) --PACKAGE:=openeuler.org/saiyan/pkg/version -+PACKAGE:=openeuler.org/KubeOS/pkg/version - BUILDFLAGS = -buildmode=pie -trimpath - LDFLAGS = -w -s -buildid=IdByKubeOS -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-Wl,-z,now -X ${PACKAGE}.Version=${VERSION} - ENV = CGO_CFLAGS="-fstack-protector-all" CGO_CPPFLAGS="-D_FORTIFY_SOURCE=2 -O2" -diff --git a/cmd/agent/server/containerd_image.go b/cmd/agent/server/containerd_image.go -index 0b614b5..b019b72 100644 ---- a/cmd/agent/server/containerd_image.go -+++ b/cmd/agent/server/containerd_image.go -@@ -48,6 +48,9 @@ func (c conImageHandler) getRootfsArchive(req *pb.UpdateRequest, neededPath prep - if err := runCommand("crictl", "pull", imageName); err != nil { - return "", err - } -+ if err := checkOCIImageDigestMatch("containerd", imageName, req.CheckSum); err != nil { -+ return "", err -+ } - if err := checkAndCleanMount(mountPath); err != nil { - logrus.Errorln("containerd clean environment error", err) - return "", err -diff --git a/cmd/agent/server/docker_image.go b/cmd/agent/server/docker_image.go -index 2a52634..e6fa9d6 100644 ---- a/cmd/agent/server/docker_image.go -+++ b/cmd/agent/server/docker_image.go -@@ -38,6 +38,9 @@ func (d dockerImageHandler) getRootfsArchive(req *pb.UpdateRequest, neededPath p - if err := runCommand("docker", "pull", imageName); err != nil { - return "", err - } -+ if err := checkOCIImageDigestMatch("docker", imageName, req.CheckSum); err != nil { -+ return "", err -+ } - containerName := "kubeos-temp" - dockerPsCmd := "docker ps -a -f=name=" + containerName + "| awk 'NR==2' | awk '{print $1}'" - existId, err := runCommandWithOut("bash", "-c", dockerPsCmd) -diff --git a/cmd/agent/server/utils.go b/cmd/agent/server/utils.go -index 111497c..092417b 100644 ---- a/cmd/agent/server/utils.go -+++ b/cmd/agent/server/utils.go -@@ -264,3 +264,47 @@ func checkFileExist(path string) (bool, error) { - return false, err - } - } -+ -+func checkOCIImageDigestMatch(containerRuntime string, imageName string, checkSum string) error { -+ var cmdOutput string -+ var err error -+ switch containerRuntime { -+ case "containerd": -+ cmdOutput, err = runCommandWithOut("crictl", "inspecti", "--output", "go-template", -+ "--template", "{{.status.repoDigests}}", imageName) -+ if err != nil { -+ return err -+ } -+ case "docker": -+ cmdOutput, err = runCommandWithOut("docker", "inspect", "--format", "{{.RepoDigests}}", imageName) -+ if err != nil { -+ return err -+ } -+ default: -+ logrus.Errorln("containerRuntime ", containerRuntime, " cannot be recognized") -+ return fmt.Errorf("containerRuntime %s cannot be recognized", containerRuntime) -+ } -+ // cmdOutput format is as follows: -+ // [imageRepository/imageName:imageTag@sha256:digests] -+ // parse the output and get digest -+ var imageDigests string -+ outArray := strings.Split(cmdOutput, "@") -+ if strings.HasPrefix(outArray[len(outArray)-1], "sha256") { -+ pasredArray := strings.Split(strings.TrimSuffix(outArray[len(outArray)-1], "]"), ":") -+ // 2 is the expected length of the array after dividing "imageName:imageTag@sha256:digests" based on ':' -+ rightLen := 2 -+ if len(pasredArray) == rightLen { -+ digestIndex := 1 // 1 is the index of digest data in pasredArray -+ imageDigests = pasredArray[digestIndex] -+ } -+ } -+ if imageDigests == "" { -+ logrus.Errorln("error when get ", imageName, " digests") -+ return fmt.Errorf("error when get %s digests", imageName) -+ } -+ if imageDigests != checkSum { -+ logrus.Errorln("checkSumFailed ", imageDigests, " mismatch to ", checkSum) -+ return fmt.Errorf("checkSumFailed %s mismatch to %s", imageDigests, checkSum) -+ } -+ return nil -+} --- -2.33.0.windows.2 - diff --git a/0002-KubeOS-support-generate-coredump.patch b/0002-KubeOS-support-generate-coredump.patch deleted file mode 100644 index 4583fc36994096675645b8a688d66a711d3ae20e..0000000000000000000000000000000000000000 --- a/0002-KubeOS-support-generate-coredump.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 20d0487753b045a0a0af19dffd0d5deec25fd672 Mon Sep 17 00:00:00 2001 -From: liyuanr -Date: Wed, 14 Jun 2023 16:00:03 +0800 -Subject: [PATCH] KubeOS:support generate coredump - -For Go language applications, generating coredump -requires declaring the environment variable GOTRACEBACK=crash, -so the service of os agent adds Environment=GOTRACEBACK=crash -to support generating coredump - -Signed-off-by: liyuanr ---- - files/os-agent.service | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/files/os-agent.service b/files/os-agent.service -index cf71d08..f778804 100644 ---- a/files/os-agent.service -+++ b/files/os-agent.service -@@ -12,6 +12,7 @@ - Description=Agent For KubeOS - - [Service] -+Environment=GOTRACEBACK=crash - ExecStart=/usr/bin/os-agent - KillMode=process - Restart=on-failure --- -2.33.0.windows.2 - diff --git a/0002-fix-update-bootloader.sh-paths-for-EFI-boot.patch b/0002-fix-update-bootloader.sh-paths-for-EFI-boot.patch new file mode 100644 index 0000000000000000000000000000000000000000..aac10404c1b4fe4fee281af2101596499b6960e7 --- /dev/null +++ b/0002-fix-update-bootloader.sh-paths-for-EFI-boot.patch @@ -0,0 +1,35 @@ +From e77d86d37c9320547b98b5639dfa328f1b0542fb Mon Sep 17 00:00:00 2001 +From: Yuhang Wei +Date: Mon, 17 Jun 2024 10:34:37 +0800 +Subject: [PATCH 2/2] fix: update bootloader.sh paths for EFI boot + +Signed-off-by: Yuhang Wei +--- + scripts/bootloader.sh | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/scripts/bootloader.sh b/scripts/bootloader.sh +index 75096a38..df4be329 100644 +--- a/scripts/bootloader.sh ++++ b/scripts/bootloader.sh +@@ -19,7 +19,7 @@ function install_grub2_x86 () + cp -r /usr/lib/grub/x86_64-efi boot/efi/EFI/openEuler + eval "grub2-mkimage -d /usr/lib/grub/x86_64-efi -O x86_64-efi --output=/boot/efi/EFI/openEuler/grubx64.efi '--prefix=(,gpt1)/EFI/openEuler' fat part_gpt part_msdos linux" + +- mkdir -p /boot/EFI/BOOT/ ++ mkdir -p /boot/efi/EFI/BOOT/ + cp -f /boot/efi/EFI/openEuler/grubx64.efi /boot/efi/EFI/BOOT/BOOTX64.EFI + fi + } +@@ -29,7 +29,7 @@ function install_grub2_efi () + cp -r /usr/lib/grub/arm64-efi /boot/efi/EFI/openEuler/ + eval "grub2-mkimage -d /usr/lib/grub/arm64-efi -O arm64-efi --output=/boot/efi/EFI/openEuler/grubaa64.efi '--prefix=(,gpt1)/EFI/openEuler' fat part_gpt part_msdos linux" + +- mkdir -p /boot/EFI/BOOT/ ++ mkdir -p /boot/efi/EFI/BOOT/ + cp -f /boot/efi/EFI/openEuler/grubaa64.efi /boot/efi/EFI/BOOT/BOOTAA64.EFI + } + +-- +2.39.3 (Apple Git-146) + diff --git a/KubeOS.spec b/KubeOS.spec index e937c6d41fe643a4026e097af0aab44b78e2a8e1..23e17b653d3de689a18ab8d10bad1695449a9bc9 100644 --- a/KubeOS.spec +++ b/KubeOS.spec @@ -1,16 +1,18 @@ # Copyright (c) Huawei Technologies Co., Ltd. 2021. All rights reserved. Name: KubeOS -Version: 1.0.3 -Release: 3 +Version: 1.0.6 +Release: 2 Summary: O&M platform used to update the whole OS as an entirety License: Mulan PSL v2 Source0: https://gitee.com/openeuler/KubeOS/repository/archive/v%{version}.tar.gz -Patch1: 0001-KubeOS-add-oci-image-digests-check-when-upgrade-and-.patch -Patch2: 0002-KubeOS-support-generate-coredump.patch +Patch1: 0001-Bump-kubeos-version-to-1.0.6.patch +Patch2: 0002-fix-update-bootloader.sh-paths-for-EFI-boot.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: make +BuildRequires: make rust cargo openssl-devel BuildRequires: golang >= 1.13 + %description This is an O&M platform used to update the whole OS as an entirety, it should be running in kubernetes environment. @@ -30,14 +32,24 @@ The scripts package includes scripts which could build the os image and binaries %{nil} %build +mkdir ./KubeOS-Rust/.cargo +cat << EOF >> ./KubeOS-Rust/.cargo/config + +[source.crates-io] +replace-with = "vendored-sources" + +[source.vendored-sources] +directory = "vendor" +EOF + make %install install -d %{buildroot}%{_bindir} #install binary install -d -m 0740 %{buildroot}/opt/kubeOS/bin -install -p -m 0500 ./bin/os-agent %{buildroot}/opt/kubeOS/bin -install -p -m 0500 ./bin/proxy %{buildroot}/opt/kubeOS/bin +install -p -m 0500 ./bin/rust/release/os-agent %{buildroot}/opt/kubeOS/bin +install -p -m 0500 ./bin/rust/release/proxy %{buildroot}/opt/kubeOS/bin install -p -m 0500 ./bin/operator %{buildroot}/opt/kubeOS/bin #install artifacts @@ -72,8 +84,8 @@ install -p -m 0600 ./files/os-agent.service %{buildroot}/opt/kubeOS/files install -p -m 0600 ./files/os-release %{buildroot}/opt/kubeOS/files %files -%attr(0500,root,root) /opt/kubeOS/bin/os-agent %defattr(-,root,root,0500) +%attr(0500,root,root) /opt/kubeOS/bin/os-agent %attr(0600,root,root) /opt/kubeOS/files/boot-efi.mount %attr(0600,root,root) /opt/kubeOS/files/etc.mount %attr(0600,root,root) /opt/kubeOS/files/persist.mount @@ -108,6 +120,12 @@ install -p -m 0600 ./files/os-release %{buildroot}/opt/kubeOS/files rm -rfv %{buildroot} %changelog +* Wed Nov 13 2014 liningjie - 1.0.6-2 +- Type:requirement +- CVE:NA +- SUG:restart +- DESC:sync source from openEuler-24.03-LTS + * Wed June 14 2023 liyuanrong - 1.0.3-3 - Type:requirement - CVE:NA diff --git a/v1.0.3.tar.gz b/v1.0.3.tar.gz deleted file mode 100644 index 751d782ee3df4a1f5da6c30f9789895a7fa2fa36..0000000000000000000000000000000000000000 Binary files a/v1.0.3.tar.gz and /dev/null differ diff --git a/v1.0.6.tar.gz b/v1.0.6.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..08a71593643b124bbc90cfa3911b6ac1e6b56f6b Binary files /dev/null and b/v1.0.6.tar.gz differ