diff --git a/build/docker/build-image.sh b/build/docker/build-image.sh index f070a7b13..f13a9cf53 100755 --- a/build/docker/build-image.sh +++ b/build/docker/build-image.sh @@ -31,7 +31,7 @@ fi BUILD_ARGS="${BUILD_ARGS} --build-arg FINAL_BASE=gcr.io/distroless/static" if [ -z "${BUILDER}" -o "${BUILDER}" = 'docker' -o "${BUILDER}" = 'podman' ] ; then - DOCKER_BUILDKIT=0 ${BUILDER} build --pull -t ${IMG}:${TAG} ${BUILD_ARGS} -f ${DOCKERFILE} . + ${BUILDER} build --pull -t ${IMG}:${TAG} ${BUILD_ARGS} -f ${DOCKERFILE} . elif [ "${BUILDER}" = 'buildah' ] ; then BUILDAH_RUNTIME=runc buildah bud --pull-always -t ${IMG}:${TAG} ${BUILD_ARGS} -f ${DOCKERFILE} . else diff --git a/build/docker/intel-dlb-initcontainer.Dockerfile b/build/docker/intel-dlb-initcontainer.Dockerfile index 230d08e4a..99436224a 100644 --- a/build/docker/intel-dlb-initcontainer.Dockerfile +++ b/build/docker/intel-dlb-initcontainer.Dockerfile @@ -51,7 +51,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \ && cd toybox-$TOYBOX_VERSION \ && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \ - && cd $ROOT && ln -fs usr/bin bin && cd - \ && install -D LICENSE $ROOT/licenses/toybox \ && cp -r /usr/share/doc/musl $ROOT/licenses/ ### @@ -61,4 +60,4 @@ LABEL version='devel' LABEL release='1' COPY --from=builder /install_root / COPY demo/dlb-init.sh /usr/local/bin/ -ENTRYPOINT [ "/bin/bash", "/usr/local/bin/dlb-init.sh"] +ENTRYPOINT ["/usr/local/bin/dlb-init.sh"] diff --git a/build/docker/intel-fpga-initcontainer.Dockerfile b/build/docker/intel-fpga-initcontainer.Dockerfile index f5705e73c..56618c027 100644 --- a/build/docker/intel-fpga-initcontainer.Dockerfile +++ b/build/docker/intel-fpga-initcontainer.Dockerfile @@ -85,7 +85,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \ && cd toybox-$TOYBOX_VERSION \ && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \ - && cd $ROOT && ln -fs usr/bin bin && cd - \ && install -D LICENSE $ROOT/licenses/toybox \ && cp -r /usr/share/doc/musl $ROOT/licenses/ ### @@ -97,4 +96,4 @@ LABEL name='intel-fpga-initcontainer' LABEL summary='Intel® FPGA programming CRI hook for Kubernetes' LABEL description='The FPGA prestart CRI-O hook performs discovery of the requested FPGA function bitstream and programs FPGA devices based on the environment variables in the workload description' COPY --from=builder /install_root / -ENTRYPOINT [ "/bin/sh", "-c", "cp -a /usr/local/fpga-sw/* /opt/intel/fpga-sw/ && ln -sf /opt/intel/fpga-sw/intel-fpga-crihook.json /etc/containers/oci/hooks.d/" ] +ENTRYPOINT [ "/usr/bin/sh", "-c", "cp -a /usr/local/fpga-sw/* /opt/intel/fpga-sw/ && ln -sf /opt/intel/fpga-sw/intel-fpga-crihook.json /etc/containers/oci/hooks.d/" ] diff --git a/build/docker/intel-gpu-initcontainer.Dockerfile b/build/docker/intel-gpu-initcontainer.Dockerfile index 51e4e534d..f07b67d75 100644 --- a/build/docker/intel-gpu-initcontainer.Dockerfile +++ b/build/docker/intel-gpu-initcontainer.Dockerfile @@ -68,7 +68,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \ && cd toybox-$TOYBOX_VERSION \ && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \ - && cd $ROOT && ln -fs usr/bin bin && cd - \ && install -D LICENSE $ROOT/licenses/toybox \ && cp -r /usr/share/doc/musl $ROOT/licenses/ ### @@ -80,4 +79,4 @@ LABEL name='intel-gpu-initcontainer' LABEL summary='Intel® GPU NFD hook for Kubernetes' LABEL description='The GPU fractional resources, such as GPU memory is registered as a kubernetes extended resource using node-feature-discovery (NFD). A custom NFD source hook is installed as part of GPU device plugin operator deployment and NFD is configured to register the GPU memory extended resource reported by the hook' COPY --from=builder /install_root / -ENTRYPOINT [ "/bin/sh", "-c", "cp -a /usr/local/bin/gpu-sw/intel-gpu-nfdhook /etc/kubernetes/node-feature-discovery/source.d/" ] +ENTRYPOINT [ "/usr/bin/sh", "-c", "cp -a /usr/local/bin/gpu-sw/intel-gpu-nfdhook /etc/kubernetes/node-feature-discovery/source.d/" ] diff --git a/build/docker/intel-idxd-config-initcontainer.Dockerfile b/build/docker/intel-idxd-config-initcontainer.Dockerfile index ac917f86f..4afbc60f2 100644 --- a/build/docker/intel-idxd-config-initcontainer.Dockerfile +++ b/build/docker/intel-idxd-config-initcontainer.Dockerfile @@ -21,4 +21,4 @@ COPY demo/dsa.conf /idxd-init/ COPY demo/iaa.conf /idxd-init/ RUN mkdir /idxd-init/scratch WORKDIR /idxd-init -ENTRYPOINT ["bash", "/usr/local/bin/idxd-init.sh"] +ENTRYPOINT ["/usr/local/bin/idxd-init.sh"] diff --git a/build/docker/intel-qat-initcontainer.Dockerfile b/build/docker/intel-qat-initcontainer.Dockerfile index b3bb04949..c130615b7 100644 --- a/build/docker/intel-qat-initcontainer.Dockerfile +++ b/build/docker/intel-qat-initcontainer.Dockerfile @@ -51,7 +51,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \ && cd toybox-$TOYBOX_VERSION \ && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \ - && cd $ROOT && ln -fs usr/bin bin && cd - \ && install -D LICENSE $ROOT/licenses/toybox \ && cp -r /usr/share/doc/musl $ROOT/licenses/ ### @@ -65,4 +64,4 @@ LABEL description='Intel QAT initcontainer initializes devices' COPY --from=builder /install_root / COPY demo/qat-init.sh /usr/local/bin/ WORKDIR /qat-init -ENTRYPOINT [ "/bin/bash", "/usr/local/bin/qat-init.sh"] +ENTRYPOINT ["/usr/local/bin/qat-init.sh"] diff --git a/build/docker/intel-sgx-initcontainer.Dockerfile b/build/docker/intel-sgx-initcontainer.Dockerfile index e30a5612c..cca6c6b37 100644 --- a/build/docker/intel-sgx-initcontainer.Dockerfile +++ b/build/docker/intel-sgx-initcontainer.Dockerfile @@ -68,7 +68,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \ && cd toybox-$TOYBOX_VERSION \ && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \ - && cd $ROOT && ln -fs usr/bin bin && cd - \ && install -D LICENSE $ROOT/licenses/toybox \ && cp -r /usr/share/doc/musl $ROOT/licenses/ ### @@ -80,4 +79,4 @@ LABEL name='intel-sgx-initcontainer' LABEL summary='Intel® SGX NFD hook for Kubernetes' LABEL description='The SGX EPC memory available on each node is registered as a Kubernetes extended resource using node-feature-discovery (NFD). A custom NFD source hook is installed as part of SGX device plugin operator deployment and NFD is configured to register the SGX EPC memory extended resource reported by the hook' COPY --from=builder /install_root / -ENTRYPOINT [ "/bin/sh", "-c", "cp -a /usr/local/bin/sgx-sw/intel-sgx-epchook /etc/kubernetes/node-feature-discovery/source.d/" ] +ENTRYPOINT [ "/usr/bin/sh", "-c", "cp -a /usr/local/bin/sgx-sw/intel-sgx-epchook /etc/kubernetes/node-feature-discovery/source.d/" ] diff --git a/build/docker/lib/nfdhook_end.docker b/build/docker/lib/nfdhook_end.docker index 826f2d28d..ee5fc2c27 100644 --- a/build/docker/lib/nfdhook_end.docker +++ b/build/docker/lib/nfdhook_end.docker @@ -3,4 +3,4 @@ #define string(s) #s COPY --from=builder /install_root / -ENTRYPOINT [ "/bin/sh", "-c", xstring(_ENTRYPOINT_) ] +ENTRYPOINT [ "/usr/bin/sh", "-c", xstring(_ENTRYPOINT_) ] diff --git a/build/docker/lib/toybox_build.docker b/build/docker/lib/toybox_build.docker index 0bb5bbe59..ba1c3c9ff 100644 --- a/build/docker/lib/toybox_build.docker +++ b/build/docker/lib/toybox_build.docker @@ -12,7 +12,6 @@ RUN curl -SL https://github.com/landley/toybox/archive/refs/tags/$TOYBOX_VERSION && rm toybox.tar.gz \N && cd toybox-$TOYBOX_VERSION \N && KCONFIG_CONFIG=${DIR}/build/docker/toybox-config-$(echo ${FINAL_BASE} | xargs basename -s :latest) LDFLAGS="--static" CC=musl-gcc PREFIX=$ROOT/usr/bin V=2 make toybox install_flat \N - && cd $ROOT && ln -fs usr/bin bin && cd - \N && install -D LICENSE $ROOT/licenses/toybox \N && cp -r /usr/share/doc/musl $ROOT/licenses/ ### diff --git a/build/docker/templates/intel-dlb-initcontainer.Dockerfile.in b/build/docker/templates/intel-dlb-initcontainer.Dockerfile.in index 3ffbe7fa7..9a446ee9c 100644 --- a/build/docker/templates/intel-dlb-initcontainer.Dockerfile.in +++ b/build/docker/templates/intel-dlb-initcontainer.Dockerfile.in @@ -16,4 +16,4 @@ FROM ${FINAL_BASE} COPY --from=builder /install_root / COPY demo/dlb-init.sh /usr/local/bin/ -ENTRYPOINT [ "/bin/bash", "/usr/local/bin/dlb-init.sh"] +ENTRYPOINT ["/usr/local/bin/dlb-init.sh"] diff --git a/build/docker/templates/intel-fpga-initcontainer.Dockerfile.in b/build/docker/templates/intel-fpga-initcontainer.Dockerfile.in index 6e287759d..198ed6a82 100644 --- a/build/docker/templates/intel-fpga-initcontainer.Dockerfile.in +++ b/build/docker/templates/intel-fpga-initcontainer.Dockerfile.in @@ -35,5 +35,4 @@ LABEL description='The FPGA prestart CRI-O hook performs discovery of the reques COPY --from=builder /install_root / -ENTRYPOINT [ "/bin/sh", "-c", "cp -a /usr/local/fpga-sw/* /opt/intel/fpga-sw/ && ln -sf /opt/intel/fpga-sw/intel-fpga-crihook.json /etc/containers/oci/hooks.d/" ] - +ENTRYPOINT [ "/usr/bin/sh", "-c", "cp -a /usr/local/fpga-sw/* /opt/intel/fpga-sw/ && ln -sf /opt/intel/fpga-sw/intel-fpga-crihook.json /etc/containers/oci/hooks.d/" ] diff --git a/build/docker/templates/intel-idxd-config-initcontainer.Dockerfile.in b/build/docker/templates/intel-idxd-config-initcontainer.Dockerfile.in index 4e4e17a98..d2791bb42 100644 --- a/build/docker/templates/intel-idxd-config-initcontainer.Dockerfile.in +++ b/build/docker/templates/intel-idxd-config-initcontainer.Dockerfile.in @@ -9,4 +9,4 @@ COPY demo/iaa.conf /idxd-init/ RUN mkdir /idxd-init/scratch WORKDIR /idxd-init -ENTRYPOINT ["bash", "/usr/local/bin/idxd-init.sh"] +ENTRYPOINT ["/usr/local/bin/idxd-init.sh"] diff --git a/build/docker/templates/intel-qat-initcontainer.Dockerfile.in b/build/docker/templates/intel-qat-initcontainer.Dockerfile.in index 49ae9ad99..fd6ba36c6 100644 --- a/build/docker/templates/intel-qat-initcontainer.Dockerfile.in +++ b/build/docker/templates/intel-qat-initcontainer.Dockerfile.in @@ -23,4 +23,4 @@ COPY demo/qat-init.sh /usr/local/bin/ WORKDIR /qat-init -ENTRYPOINT [ "/bin/bash", "/usr/local/bin/qat-init.sh"] +ENTRYPOINT ["/usr/local/bin/qat-init.sh"] diff --git a/build/docker/toybox-config-static b/build/docker/toybox-config-static index 2780fa9ea..9456dfbe8 100644 --- a/build/docker/toybox-config-static +++ b/build/docker/toybox-config-static @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # ToyBox version: KCONFIG_VERSION -# Sat Aug 5 15:52:20 2023 +# Thu Dec 7 19:38:32 2023 # # CONFIG_TOYBOX_ON_ANDROID is not set CONFIG_TOYBOX_FORK=y @@ -30,7 +30,7 @@ CONFIG_CUT=y # CONFIG_DIRNAME is not set # CONFIG_DU is not set CONFIG_ECHO=y -# CONFIG_ENV is not set +CONFIG_ENV=y # CONFIG_EXPAND is not set # CONFIG_FALSE is not set # CONFIG_FILE is not set diff --git a/demo/dlb-init.sh b/demo/dlb-init.sh index 3166e52f5..b540615ff 100755 --- a/demo/dlb-init.sh +++ b/demo/dlb-init.sh @@ -1,4 +1,6 @@ -#!/bin/sh -eu +#!/usr/bin/env bash + +set -u enable_and_configure_vfs() { devpath=$1 diff --git a/demo/qat-init.sh b/demo/qat-init.sh index de8ac4b81..b33c410fb 100755 --- a/demo/qat-init.sh +++ b/demo/qat-init.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/usr/bin/env bash # This script is based on qatlib's qat_init.sh NODE_NAME="${NODE_NAME:-}" ENABLED_QAT_PF_PCIIDS=${ENABLED_QAT_PF_PCIIDS:-37c8 4940 4942 4944}