Skip to content

Commit e9016a2

Browse files
mergify[bot]mergify[bot]
authored
Merge pull request bpfman#1141 from astoycos/spec-license
Update image spec to support multiple images, add build tooling for bytecode images
2 parents f5af4aa + b72009c commit e9016a2

File tree

35 files changed

+1713
-617
lines changed

35 files changed

+1713
-617
lines changed

.github/workflows/image-build.yaml

Lines changed: 102 additions & 120 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,27 @@ on: # yamllint disable-line rule:truthy
1010
workflow_dispatch:
1111

1212
jobs:
13+
build:
14+
runs-on: ubuntu-latest
15+
steps:
16+
- name: Checkout bpfman
17+
uses: actions/checkout@v4
18+
19+
- name: Build bpfman binary
20+
run: cargo build -p bpfman --verbose
21+
22+
- name: archive bpfman binary
23+
run: |
24+
cd target/debug
25+
tar -czvf bpfman.tar.gz bpfman
26+
27+
- name: Archive bpfman Binaries
28+
uses: actions/upload-artifact@v4
29+
with:
30+
name: bpfman
31+
path: |
32+
./target/debug/bpfman.tar.gz
33+
1334
build-and-push-images:
1435
permissions:
1536
contents: read
@@ -206,6 +227,7 @@ jobs:
206227
done
207228
208229
build-and-push-bytecode-images:
230+
needs: [build]
209231
permissions:
210232
contents: read
211233
packages: write
@@ -221,13 +243,9 @@ jobs:
221243
bpf_build_wrapper: go
222244
repository: bpfman-bytecode
223245
image: go-xdp-counter
224-
context: ./examples/go-xdp-counter
225-
dockerfile: ./Containerfile.bytecode
226-
build_args: |
227-
PROGRAM_NAME=go-xdp-counter
228-
BPF_FUNCTION_NAME=xdp_stats
229-
PROGRAM_TYPE=xdp
230-
BYTECODE_FILENAME=bpf_bpfel.o
246+
context: .
247+
dockerfile: ./Containerfile.bytecode.multi.arch
248+
bytecode_dir: ./examples/go-xdp-counter
231249
tags: |
232250
type=ref,event=branch
233251
type=ref,event=tag
@@ -241,13 +259,9 @@ jobs:
241259
bpf_build_wrapper: go
242260
repository: bpfman-bytecode
243261
image: go-tc-counter
244-
context: ./examples/go-tc-counter
245-
dockerfile: ./Containerfile.bytecode
246-
build_args: |
247-
PROGRAM_NAME=go-tc-counter
248-
BPF_FUNCTION_NAME=stats
249-
PROGRAM_TYPE=tc
250-
BYTECODE_FILENAME=bpf_bpfel.o
262+
context: .
263+
dockerfile: ./Containerfile.bytecode.multi.arch
264+
bytecode_dir: ./examples/go-tc-counter
251265
tags: |
252266
type=ref,event=branch
253267
type=ref,event=tag
@@ -261,13 +275,9 @@ jobs:
261275
bpf_build_wrapper: go
262276
repository: bpfman-bytecode
263277
image: go-tracepoint-counter
264-
context: ./examples/go-tracepoint-counter
265-
dockerfile: ./Containerfile.bytecode
266-
build_args: |
267-
PROGRAM_NAME=go-tracepoint-counter
268-
BPF_FUNCTION_NAME=tracepoint_kill_recorder
269-
PROGRAM_TYPE=tracepoint
270-
BYTECODE_FILENAME=bpf_bpfel.o
278+
context: .
279+
dockerfile: ./Containerfile.bytecode.multi.arch
280+
bytecode_dir: ./examples/go-tracepoint-counter
271281
tags: |
272282
type=ref,event=branch
273283
type=ref,event=tag
@@ -281,13 +291,9 @@ jobs:
281291
bpf_build_wrapper: go
282292
repository: bpfman-bytecode
283293
image: go-kprobe-counter
284-
context: ./examples/go-kprobe-counter
285-
dockerfile: ./Containerfile.bytecode
286-
build_args: |
287-
PROGRAM_NAME=kprobe_counter
288-
BPF_FUNCTION_NAME=kprobe_counter
289-
PROGRAM_TYPE=kprobe
290-
BYTECODE_FILENAME=bpf_bpfel.o
294+
context: .
295+
dockerfile: ./Containerfile.bytecode.multi.arch
296+
bytecode_dir: ./examples/go-kprobe-counter
291297
tags: |
292298
type=ref,event=branch
293299
type=ref,event=tag
@@ -301,13 +307,9 @@ jobs:
301307
bpf_build_wrapper: go
302308
repository: bpfman-bytecode
303309
image: go-uprobe-counter
304-
context: ./examples/go-uprobe-counter
305-
dockerfile: ./Containerfile.bytecode
306-
build_args: |
307-
PROGRAM_NAME=uprobe_counter
308-
BPF_FUNCTION_NAME=uprobe_counter
309-
PROGRAM_TYPE=uprobe
310-
BYTECODE_FILENAME=bpf_bpfel.o
310+
context: .
311+
dockerfile: ./Containerfile.bytecode.multi.arch
312+
bytecode_dir: ./examples/go-uprobe-counter
311313
tags: |
312314
type=ref,event=branch
313315
type=ref,event=tag
@@ -321,13 +323,9 @@ jobs:
321323
bpf_build_wrapper: go
322324
repository: bpfman-bytecode
323325
image: go-uretprobe-counter
324-
context: ./examples/go-uretprobe-counter
325-
dockerfile: ./Containerfile.bytecode
326-
build_args: |
327-
PROGRAM_NAME=uretprobe_counter
328-
BPF_FUNCTION_NAME=uretprobe_counter
329-
PROGRAM_TYPE=uretprobe
330-
BYTECODE_FILENAME=bpf_x86_bpfel.o
326+
context: .
327+
dockerfile: ./Containerfile.bytecode.multi.arch
328+
bytecode_dir: ./examples/go-uretprobe-counter
331329
tags: |
332330
type=ref,event=branch
333331
type=ref,event=tag
@@ -341,10 +339,9 @@ jobs:
341339
bpf_build_wrapper: go
342340
repository: bpfman-bytecode
343341
image: go-app-counter
344-
context: ./examples/go-app-counter
345-
dockerfile: ./Containerfile.bytecode
346-
build_args: |
347-
BYTECODE_FILENAME=bpf_bpfel.o
342+
context: .
343+
dockerfile: ./Containerfile.bytecode.multi.arch
344+
bytecode_dir: ./examples/go-app-counter
348345
tags: |
349346
type=ref,event=branch
350347
type=ref,event=tag
@@ -358,13 +355,9 @@ jobs:
358355
bpf_build_wrapper: rust
359356
repository: bpfman-bytecode
360357
image: xdp_pass
361-
context: ./tests/integration-test/bpf/.output
362-
dockerfile: ./Containerfile.bytecode
363-
build_args: |
364-
PROGRAM_NAME=xdp_pass
365-
BPF_FUNCTION_NAME=pass
366-
PROGRAM_TYPE=xdp
367-
BYTECODE_FILENAME=xdp_pass.bpf.o
358+
context: .
359+
dockerfile: ./Containerfile.bytecode.multi.arch
360+
bytecode_dir: ./tests/integration-test/bpf/.output/xdp_pass.bpf
368361
tags: |
369362
type=ref,event=branch
370363
type=ref,event=tag
@@ -378,13 +371,9 @@ jobs:
378371
bpf_build_wrapper: rust
379372
repository: bpfman-bytecode
380373
image: xdp_pass_private
381-
context: ./tests/integration-test/bpf/.output
382-
dockerfile: ./Containerfile.bytecode
383-
build_args: |
384-
PROGRAM_NAME=xdp_pass_private
385-
BPF_FUNCTION_NAME=pass
386-
PROGRAM_TYPE=xdp
387-
BYTECODE_FILENAME=xdp_pass.bpf.o
374+
context: .
375+
dockerfile: ./Containerfile.bytecode.multi.arch
376+
bytecode_dir: ./tests/integration-test/bpf/.output/xdp_pass.bpf
388377
tags: |
389378
type=ref,event=branch
390379
type=ref,event=tag
@@ -398,13 +387,9 @@ jobs:
398387
bpf_build_wrapper: rust
399388
repository: bpfman-bytecode
400389
image: tc_pass
401-
context: ./tests/integration-test/bpf/.output
402-
dockerfile: ./Containerfile.bytecode
403-
build_args: |
404-
PROGRAM_NAME=tc_pass
405-
BPF_FUNCTION_NAME=pass
406-
PROGRAM_TYPE=tc
407-
BYTECODE_FILENAME=tc_pass.bpf.o
390+
context: .
391+
dockerfile: ./Containerfile.bytecode.multi.arch
392+
bytecode_dir: ./tests/integration-test/bpf/.output/tc_pass.bpf
408393
tags: |
409394
type=ref,event=branch
410395
type=ref,event=tag
@@ -418,13 +403,9 @@ jobs:
418403
bpf_build_wrapper: rust
419404
repository: bpfman-bytecode
420405
image: tracepoint
421-
context: ./tests/integration-test/bpf/.output
422-
dockerfile: ./Containerfile.bytecode
423-
build_args: |
424-
PROGRAM_NAME=tracepoint
425-
BPF_FUNCTION_NAME=enter_openat
426-
PROGRAM_TYPE=tracepoint
427-
BYTECODE_FILENAME=tp_openat.bpf.o
406+
context: .
407+
dockerfile: ./Containerfile.bytecode.multi.arch
408+
bytecode_dir: ./tests/integration-test/bpf/.output/tp_openat.bpf
428409
tags: |
429410
type=ref,event=branch
430411
type=ref,event=tag
@@ -438,13 +419,9 @@ jobs:
438419
bpf_build_wrapper: rust
439420
repository: bpfman-bytecode
440421
image: uprobe
441-
context: ./tests/integration-test/bpf/.output
442-
dockerfile: ./Containerfile.bytecode
443-
build_args: |
444-
PROGRAM_NAME=uprobe
445-
BPF_FUNCTION_NAME=my_uprobe
446-
PROGRAM_TYPE=uprobe
447-
BYTECODE_FILENAME=uprobe.bpf.o
422+
context: .
423+
dockerfile: ./Containerfile.bytecode.multi.arch
424+
bytecode_dir: ./tests/integration-test/bpf/.output/uprobe.bpf
448425
tags: |
449426
type=ref,event=branch
450427
type=ref,event=tag
@@ -458,13 +435,9 @@ jobs:
458435
bpf_build_wrapper: rust
459436
repository: bpfman-bytecode
460437
image: uretprobe
461-
context: ./tests/integration-test/bpf/.output
462-
dockerfile: ./Containerfile.bytecode
463-
build_args: |
464-
PROGRAM_NAME=uretprobe
465-
BPF_FUNCTION_NAME=my_uretprobe
466-
PROGRAM_TYPE=uretprobe
467-
BYTECODE_FILENAME=uprobe.bpf.o
438+
context: .
439+
dockerfile: ./Containerfile.bytecode.multi.arch
440+
bytecode_dir: ./tests/integration-test/bpf/.output/uprobe.bpf
468441
tags: |
469442
type=ref,event=branch
470443
type=ref,event=tag
@@ -478,13 +451,9 @@ jobs:
478451
bpf_build_wrapper: rust
479452
repository: bpfman-bytecode
480453
image: kprobe
481-
context: ./tests/integration-test/bpf/.output
482-
dockerfile: ./Containerfile.bytecode
483-
build_args: |
484-
PROGRAM_NAME=kprobe
485-
BPF_FUNCTION_NAME=my_kprobe
486-
PROGRAM_TYPE=kprobe
487-
BYTECODE_FILENAME=kprobe.bpf.o
454+
context: .
455+
dockerfile: ./Containerfile.bytecode.multi.arch
456+
bytecode_dir: ./tests/integration-test/bpf/.output/kprobe.bpf
488457
tags: |
489458
type=ref,event=branch
490459
type=ref,event=tag
@@ -498,13 +467,9 @@ jobs:
498467
bpf_build_wrapper: rust
499468
repository: bpfman-bytecode
500469
image: kretprobe
501-
context: ./tests/integration-test/bpf/.output
502-
dockerfile: ./Containerfile.bytecode
503-
build_args: |
504-
PROGRAM_NAME=kretprobe
505-
BPF_FUNCTION_NAME=my_kretprobe
506-
PROGRAM_TYPE=kretprobe
507-
BYTECODE_FILENAME=kprobe.bpf.o
470+
context: .
471+
dockerfile: ./Containerfile.bytecode.multi.arch
472+
bytecode_dir: ./tests/integration-test/bpf/.output/kprobe.bpf
508473
tags: |
509474
type=ref,event=branch
510475
type=ref,event=tag
@@ -518,13 +483,9 @@ jobs:
518483
bpf_build_wrapper: rust
519484
repository: bpfman-bytecode
520485
image: fentry
521-
context: ./tests/integration-test/bpf/.output
522-
dockerfile: ./Containerfile.bytecode
523-
build_args: |
524-
PROGRAM_NAME=do_unlinkat
525-
BPF_FUNCTION_NAME=test_fentry
526-
PROGRAM_TYPE=fentry
527-
BYTECODE_FILENAME=fentry.bpf.o
486+
context: .
487+
dockerfile: ./Containerfile.bytecode.multi.arch
488+
bytecode_dir: ./tests/integration-test/bpf/.output/fentry.bpf
528489
tags: |
529490
type=ref,event=branch
530491
type=ref,event=tag
@@ -538,13 +499,9 @@ jobs:
538499
bpf_build_wrapper: rust
539500
repository: bpfman-bytecode
540501
image: fexit
541-
context: ./tests/integration-test/bpf/.output
542-
dockerfile: ./Containerfile.bytecode
543-
build_args: |
544-
PROGRAM_NAME=do_unlinkat
545-
BPF_FUNCTION_NAME=test_fexit
546-
PROGRAM_TYPE=fexit
547-
BYTECODE_FILENAME=fentry.bpf.o
502+
context: .
503+
dockerfile: ./Containerfile.bytecode.multi.arch
504+
bytecode_dir: ./tests/integration-test/bpf/.output/fentry.bpf
548505
tags: |
549506
type=ref,event=branch
550507
type=ref,event=tag
@@ -559,7 +516,8 @@ jobs:
559516
repository: bpfman
560517
image: xdp-dispatcher
561518
context: .
562-
dockerfile: ./Containerfile.xdp_dispatcher_v1
519+
dockerfile: ./Containerfile.bytecode.multi.arch
520+
bytecode_dir: ./.output/xdp_dispatcher_v1.bpf
563521
tags: |
564522
type=ref,event=branch
565523
type=ref,event=tag
@@ -573,7 +531,8 @@ jobs:
573531
repository: bpfman
574532
image: xdp-dispatcher
575533
context: .
576-
dockerfile: ./Containerfile.xdp_dispatcher_v2
534+
dockerfile: ./Containerfile.bytecode.multi.arch
535+
bytecode_dir: ./.output/xdp_dispatcher_v2.bpf
577536
tags: |
578537
type=ref,event=branch
579538
type=ref,event=tag
@@ -587,7 +546,8 @@ jobs:
587546
repository: bpfman
588547
image: tc-dispatcher
589548
context: .
590-
dockerfile: ./Containerfile.tc_dispatcher
549+
dockerfile: ./Containerfile.bytecode.multi.arch
550+
bytecode_dir: ./.output/tc_dispatcher.bpf
591551
tags: |
592552
type=ref,event=branch
593553
type=ref,event=tag
@@ -656,6 +616,15 @@ jobs:
656616
username: ${{ secrets.BPFMAN_BYTECODE_USERNAME }}
657617
password: ${{ secrets.BPFMAN_BYTECODE_ROBOT_TOKEN }}
658618

619+
- name: Download bpfman binary
620+
uses: actions/download-artifact@v4
621+
with:
622+
name: bpfman
623+
624+
- name: Unpack bpfman binary
625+
run: |
626+
tar -C /usr/local/bin -xzvf bpfman.tar.gz
627+
659628
- name: Extract metadata (tags, labels) for image
660629
id: meta
661630
uses: docker/[email protected]
@@ -669,15 +638,28 @@ jobs:
669638
- name: Set up Docker Buildx
670639
uses: docker/setup-buildx-action@v3
671640

641+
- name: Manually generate build args
642+
id: build-tags
643+
run: |
644+
bytecode_data=$(bpfman image generate-build-args --cilium-ebpf-project ${{ matrix.image.bytecode_dir }})
645+
build_args="${bytecode_data}\n"
646+
printf BUILD_ARGS="$build_args" >> $GITHUB_ENV
647+
{
648+
echo 'BUILD_ARGS<<EOF'
649+
printf "$build_args"
650+
echo EOF
651+
} >> "$GITHUB_ENV"
652+
672653
- name: Build and push
673654
id: build-push-image
674655
uses: docker/build-push-action@v6
675656
with:
657+
platforms: linux/amd64, linux/arm64, linux/ppc64le, linux/s390x
676658
push: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') }}
677659
tags: ${{ steps.meta.outputs.tags }}
678660
labels: ${{ steps.meta.outputs.labels }}
679661
file: ${{ matrix.image.dockerfile }}
680-
build-args: ${{ matrix.image.build_args }}
662+
build-args: ${{ env.BUILD_ARGS }}
681663
context: ${{ matrix.image.context }}
682664

683665
- name: Sign the images with GitHub OIDC Token

0 commit comments

Comments
 (0)