Skip to content

Commit

Permalink
Contributing: arm64 support (#3687)
Browse files Browse the repository at this point in the history
* Adds anchors for improved navigation

* updates dependencies

* adds multi -os -arch support

* updates git command

* sets correct arch of the system. fixes arm64

* reverts verbosity, updates comments

* updates macOS instructions

* adds multi-arch support

* adds multi-arch support

* Make hack/crossplane/config folder actually exist

* Small fix

---------

Co-authored-by: Matthew Christopher <matthchr@users.noreply.github.com>
  • Loading branch information
mehighlow and matthchr authored Jan 12, 2024
1 parent 43a5635 commit 89bd8ac
Show file tree
Hide file tree
Showing 8 changed files with 142 additions and 36 deletions.
5 changes: 4 additions & 1 deletion .devcontainer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
# This is pinned to a particular version of go:
FROM mcr.microsoft.com/vscode/devcontainers/go:0-1.20

# https://docs.docker.com/engine/reference/builder/#automatic-platform-args-in-the-global-scope
ARG TARGETARCH

# APT dependencies
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update \
Expand Down Expand Up @@ -32,7 +35,7 @@ RUN setup-envtest use 1.27.1 --bin-dir /usr/local/envtest/bin
# (entrypoint is only run on start, not on exec). Due to that, the following approaches do not work:
# - ~/.bashrc - only works for one user in a shell but we must support -u $(id -u ${USER}):$(id -g ${USER}) which means the container could run as more than 1 user
# - /etc/profile or /etc/profile.d - only works for one user in a login shell
ENV KUBEBUILDER_ASSETS=/usr/local/envtest/bin/k8s/1.27.1-linux-amd64
ENV KUBEBUILDER_ASSETS=/usr/local/envtest/bin/k8s/1.27.1-linux-${TARGETARCH}
ENV PATH=$KUBEBUILDER_ASSETS:$PATH

# Make kubectl completions work with 'k' alias
Expand Down
54 changes: 36 additions & 18 deletions .devcontainer/install-dependencies.sh
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,10 @@ if ! [[ $GOMINORVER -ge $GOMINORREQUIRED ]]; then
exit 1
fi

# Define os and arch
os=$(go env GOOS)
arch=$(go env GOARCH)

# Ensure we have AZ

#doc# | AZ | latest | https://docs.microsoft.com/en-us/cli/azure/install-azure-cli |
Expand All @@ -134,7 +138,12 @@ write-verbose "Installing tools to $TOOL_DEST"
# Install Go tools
TMPDIR=$(mktemp -d)
clean() {
chmod +w -R "$TMPDIR"
# Macos wants different flag order
if [[ ${os} == "darwin" ]]; then
chmod -R +w "$TMPDIR"
else
chmod +w -R "$TMPDIR"
fi
rm -rf "$TMPDIR"
}
trap clean EXIT
Expand All @@ -144,7 +153,7 @@ export GOPATH=$TMPDIR
export GOCACHE=$TMPDIR/cache
export GO111MODULE=on

write-verbose "Installing Go tools"
write-verbose "Installing Go tools..."

# go tools for vscode are preinstalled by base image (see first comment in Dockerfile)

Expand Down Expand Up @@ -216,68 +225,77 @@ fi
write-verbose "Checking for $TOOL_DEST/go-task"
if should-install "$TOOL_DEST/task"; then
write-info "Installing go-task"
curl -sL "https://github.com/go-task/task/releases/download/v3.31.0/task_linux_amd64.tar.gz" | tar xz -C "$TOOL_DEST" task
curl -sL "https://github.com/go-task/task/releases/download/v3.31.0/task_${os}_${arch}.tar.gz" | tar xz -C "$TOOL_DEST" task
fi

# Install Trivy
#doc# | Trivy | v0.37.3 | https://trivy.dev/ |
write-verbose "Checking for $TOOL_DEST/trivy"
if should-install "$TOOL_DEST/trivy"; then
write-info "Installing trivy"
curl -sL "https://github.com/aquasecurity/trivy/releases/download/v0.37.3/trivy_0.37.3_Linux-64bit.tar.gz" | tar xz -C "$TOOL_DEST" trivy
# This guys decided to use different naming conventions for os(go env GOOS) and arch(go env GOARCH) despite trivy is 98.6% written in Go
# This fixes macos arm64 architechture. Every other os/arch is named differently. Consider adding a workaround of your own ¯\_(ツ)_/¯
if [[ ${os} == "darwin" ]] && [[ ${arch} == "arm64" ]]; then
curl -sL "https://github.com/aquasecurity/trivy/releases/download/v0.37.3/trivy_0.37.3_macOS-ARM64.tar.gz" | tar xz -C "$TOOL_DEST" trivy
else
curl -sL "https://github.com/aquasecurity/trivy/releases/download/v0.37.3/trivy_0.37.3_Linux-64bit.tar.gz" | tar xz -C "$TOOL_DEST" trivy
fi
fi

# Install helm
#doc# | Helm | v3.8.0 | https://helm.sh/ |
write-verbose "Checking for $TOOL_DEST/helm"
if should-install "$TOOL_DEST/helm"; then
write-info "Installing helm"
curl -sL "https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz" | tar -C "$TOOL_DEST" --strip-components=1 -xz linux-amd64/helm
write-info "Installing helm..."
curl -sL "https://get.helm.sh/helm-v3.8.0-${os}-${arch}.tar.gz" | tar -C "$TOOL_DEST" --strip-components=1 -xz ${os}-${arch}/helm
fi

# Install yq
#doc# | YQ | v4.13.0 | https://github.com/mikefarah/yq/ |
yq_version=v4.13.0
yq_binary=yq_linux_amd64
yq_binary=yq_${os}_${arch}
write-verbose "Checking for $TOOL_DEST/yq"
if should-install "$TOOL_DEST/yq"; then
write-info "Installing yq"
write-info "Installing yq..."
rm -f "$TOOL_DEST/yq" # remove yq in case we're forcing the install
wget "https://github.com/mikefarah/yq/releases/download/${yq_version}/${yq_binary}.tar.gz" -O - | tar -xz -C "$TOOL_DEST" && mv "$TOOL_DEST/$yq_binary" "$TOOL_DEST/yq"
fi

# Install cmctl, used to wait for cert manager installation during some tests cases
#doc# | cmctl | latest | https://cert-manager.io/docs/reference/cmctl |
os=$(go env GOOS)
arch=$(go env GOARCH)
write-verbose "Checking for $TOOL_DEST/cmctl"
if should-install "$TOOL_DEST/cmctl"; then
write-info "Installing cmctl-${os}_${arch}"
write-info "Installing cmctl-${os}_${arch}..."
curl -L "https://github.com/jetstack/cert-manager/releases/latest/download/cmctl-${os}-${arch}.tar.gz" | tar -xz -C "$TOOL_DEST"
fi

write-verbose "Checking for $BUILDX_DEST/docker-buildx"
#doc# | BuildX | v0.11.2 | https://github.com/docker/buildx |
if should-install "$BUILDX_DEST/docker-buildx"; then
write-info "Installing buildx-${os}_${arch} to $BUILDX_DEST"
mkdir -p "$BUILDX_DEST"
curl -o "$BUILDX_DEST/docker-buildx" -L "https://github.com/docker/buildx/releases/download/v0.11.2/buildx-v0.11.2.${os}-${arch}"
chmod +x "$BUILDX_DEST/docker-buildx"
write-info "Installing buildx-${os}_${arch} to $BUILDX_DEST ..."
if ! test -f $BUILDX_DEST; then
mkdir -p "$BUILDX_DEST"
fi
if ! test -f $BUILDX_DEST/docker-buildx; then
curl -o "$BUILDX_DEST/docker-buildx" -L "https://github.com/docker/buildx/releases/download/v0.11.2/buildx-v0.11.2.${os}-${arch}"
chmod +x "$BUILDX_DEST/docker-buildx"
fi
fi

# Install azwi
#doc# | AZWI | v1.0.0 | https://github.com/Azure/azure-workload-identity |
#doc# | AZWI | v1.2.0 | https://github.com/Azure/azure-workload-identity |
write-verbose "Checking for $TOOL_DEST/azwi"
if should-install "$TOOL_DEST/azwi"; then
write-info "Installing azwi"
curl -sL "https://github.com/Azure/azure-workload-identity/releases/download/v1.0.0/azwi-v1.0.0-${os}-${arch}.tar.gz" | tar xz -C "$TOOL_DEST" azwi
write-info "Installing azwi..."
curl -sL "https://github.com/Azure/azure-workload-identity/releases/download/v1.2.0/azwi-v1.2.0-${os}-${arch}.tar.gz" | tar xz -C "$TOOL_DEST" azwi
fi

# Ensure tooling for Hugo is available
#doc# | PostCSS | latest | https://postcss.org/ |
write-verbose "Checking for /usr/bin/postcss"
if ! which postcss > /dev/null 2>&1; then
write-info "Installing postcss"
npm config set fund false --location=global
npm install --global postcss postcss-cli autoprefixer
fi

Expand Down
4 changes: 2 additions & 2 deletions .devcontainer/library-scripts/docker-debian.sh
Original file line number Diff line number Diff line change
Expand Up @@ -67,12 +67,12 @@ else
DISTRO=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
CODENAME=$(lsb_release -cs)
curl -s https://packages.microsoft.com/keys/microsoft.asc | (OUT=$(apt-key add - 2>&1) || echo $OUT)
echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-${DISTRO}-${CODENAME}-prod ${CODENAME} main" > /etc/apt/sources.list.d/microsoft.list
echo "deb [arch=$(go env GOARCH)] https://packages.microsoft.com/repos/microsoft-${DISTRO}-${CODENAME}-prod ${CODENAME} main" > /etc/apt/sources.list.d/microsoft.list
apt-get update
apt-get -y install --no-install-recommends moby-cli moby-buildx
else
curl -fsSL https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]')/gpg | (OUT=$(apt-key add - 2>&1) || echo $OUT)
echo "deb [arch=amd64] https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]') $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list
echo "deb [arch=$(go env GOARCH)] https://download.docker.com/linux/$(lsb_release -is | tr '[:upper:]' '[:lower:]') $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list
apt-get update
apt-get -y install --no-install-recommends docker-ce-cli
fi
Expand Down
2 changes: 1 addition & 1 deletion Taskfile.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1022,7 +1022,7 @@ tasks:
OBJECT_OPTIONS: object:headerFile={{.HEADER_FILE}}
CRD_OPTIONS: crd:crdVersions=v1,allowDangerousTypes=true output:crd:artifacts:config={{.CROSSPLANE_OUTPUT}}/crd/bases
WEBHOOK_OPTIONS: webhook output:webhook:artifacts:config={{.CROSSPLANE_OUTPUT}}/webhook
RBAC_OPTIONS: rbac:roleName=manager-role # output:rbac:artifacts:config={{.CROSSPLANE_OUTPUT}}/rbac # not output currently?
RBAC_OPTIONS: rbac:roleName=manager-role output:rbac:artifacts:config={{.CROSSPLANE_OUTPUT}}/rbac

crossplane:generate-types:
desc: Run {{.GENERATOR_APP}} to generate input files for controller-gen for {{.CROSSPLANE_APP}}.
Expand Down
6 changes: 3 additions & 3 deletions docs/hugo/content/contributing/dependencies.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@
title: Developer Dependencies
linktitle: Dependencies
---
Development of Azure Service Operator depends on a number of development tools and libraries that need to be installed.
Development of Azure Service Operator depends on a number of development tools and libraries that need to be installed.

If you prefer to install those dependencies manually (instead of using the `.devcontainer/install-dependencies.sh` script), here is a list of what's required.
If you prefer to install those dependencies manually (instead of using the `.devcontainer/install-dependencies.sh` script), here is a list of what's required.

| Dependency | Version | Reference |
|:---------- |:-------:|:--------- |
| AZWI | v1.0.0 | https://github.com/Azure/azure-workload-identity |
| AZWI | v1.2.0 | https://github.com/Azure/azure-workload-identity |
| BuildX | v0.11.2 | https://github.com/docker/buildx |
| cmctl | latest | https://cert-manager.io/docs/reference/cmctl |
| controller-gen | v0.13.0 | https://book.kubebuilder.io/reference/controller-gen |
Expand Down
20 changes: 10 additions & 10 deletions docs/hugo/content/contributing/developer-setup.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ description: "How to set up your developer environment for Azure Service Operato

We support a number of different approaches to ASO development.

- Dev Container with VS Code on Linux
- Dev Container with VS Code on Windows
- Docker on Linux
- CLI on Linux
- CLI on MacOS
- [Dev Container with VS Code on Linux](#dev-container-with-vs-code-on-linux)
- [Dev Container with VS Code on Windows](#dev-container-with-vs-code-on-windows)
- [Docker on Linux](#docker-on-linux)
- [CLI on Linux](#cli-on-linux)
- [CLI on MacOS](#cli-on-macos)

Each of these is described in a different section below. See also the [troubleshooting](#troubleshooting-repo-health) sections below for help with common problems.

Expand Down Expand Up @@ -73,19 +73,19 @@ $ docker run --env-file ~/work/envs.env --env HOSTROOT=$(git rev-parse --show-to

Note: If you mount the source like this from a Windows folder, performance will be poor as file operations between the container and Windows are very slow.


## CLI on Linux

If you are using Linux, instead of using VS Code you can run the `dev.sh` script in the root of the repository. This will install all required tooling into the `hack/tools` directory and then start a new shell with the `PATH` updated to use it.

## CLI on MacOS

Development of ASO on MacOS is possible (one of our team does so), but things are less automated.
Development of ASO on MacOS is also possible.

You'll need to manually install the tools as listed by `.devcontainer/install-dependencies.sh`.
You can either use the VS Code devcontainer approach (recommended) which installs all the tools into a container, or you can install the tools directly on your Mac. In case of the latter, you'll need to install the following tools manually running: `.devcontainer/install-dependencies.sh`.

If you have an ARM based Mac, you'll also need to install [Rosetta](https://support.apple.com/en-nz/HT211861).
This creates `hack/tools` and downloads all the required tools into it based on the architecture(arm64 or amd64) of your machine.

If you have an ARM based Mac, you'll also need to install [Rosetta](https://support.apple.com/en-nz/HT211861).

## Troubleshooting: Repo health

Expand Down Expand Up @@ -115,7 +115,7 @@ If you see a list of tags (as shown above), then you're good to go.
Otherwise, pull tags from your upstream repo and check again:

``` bash
$ git-fetch --all --tags
$ git fetch --all --tags
Fetching origin
$ git tag --list 'v2*'
v2.0.0
Expand Down
3 changes: 2 additions & 1 deletion hack/crossplane/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
config/
config/crd
config/rbac/role.yaml
84 changes: 84 additions & 0 deletions hack/crossplane/config/default/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
# Adds namespace to all resources.
namespace: crossplane-system

# Value of this field is prepended to the
# names of all resources, e.g. a deployment named
# "wordpress" becomes "alices-wordpress".
# Note that it should also match with the prefix (text before '-') of the namespace
# field above.

# Labels to add to all resources and selectors.
#commonLabels:
# someName: someValue

resources: []

bases:
- ../crd
- ../rbac
- ../manager
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in crd/kustomization.yaml
# - ../webhook
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
- ../certmanager
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
#- ../prometheus

patchesStrategicMerge:
# If you want your controller-manager to expose the /metrics
# endpoint w/o any authn/z, uncomment the following line and
# comment manager_auth_proxy_patch.yaml.
# Only one of manager_auth_proxy_patch.yaml and
# manager_prometheus_metrics_patch.yaml should be enabled.
#- manager_prometheus_metrics_patch.yaml

# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in crd/kustomization.yaml
# - manager_webhook_patch.yaml

# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
# 'CERTMANAGER' needs to be enabled to use ca injection
# - webhookcainjection_patch.yaml

# - manager_credentials_patch.yaml

patches:
- patch: |-
- op: add
path: /spec/template/spec/containers/0/args/-
value: --webhook-port=9443
- op: add
path: /spec/template/spec/containers/0/args/-
value: --webhook-cert-dir=/tmp/k8s-webhook-server/serving-certs
target:
kind: Deployment

# the following config is for teaching kustomize how to do var substitution
vars:
## [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
kind: Service
version: v1
name: webhook-service
fieldref:
fieldpath: metadata.namespace
- name: SERVICE_NAME
objref:
kind: Service
version: v1
name: webhook-service

0 comments on commit 89bd8ac

Please sign in to comment.