diff --git a/Makefile b/Makefile index bbce0b613d70..007531b34ebc 100644 --- a/Makefile +++ b/Makefile @@ -26,4 +26,3 @@ include mk/kind.mk include mk/k3d.mk include mk/e2e.new.mk include mk/docs.mk -include mk/envoy.mk diff --git a/mk/build.mk b/mk/build.mk index edaa238b5edf..39973ea99efa 100644 --- a/mk/build.mk +++ b/mk/build.mk @@ -13,6 +13,8 @@ LD_FLAGS := -ldflags="-s -w $(build_info_ld_flags) $(EXTRA_LD_FLAGS)" CGO_ENABLED := 0 GOFLAGS := +ENVOY_DISTRO ?= $(GOOS) + TOP := $(shell pwd) BUILD_DIR ?= $(TOP)/build BUILD_ARTIFACTS_DIR ?= $(BUILD_DIR)/artifacts-${GOOS}-${GOARCH} @@ -104,6 +106,14 @@ else @echo "CoreDNS is already built. If you want to rebuild it, remove the binary: rm $(BUILD_ARTIFACTS_DIR)/coredns/coredns" endif +.PHONY: build/envoy +build/envoy: + mkdir -p $(BUILD_ARTIFACTS_DIR)/envoy && \ + if [ ! -f $(BUILD_ARTIFACTS_DIR)/envoy/envoy-$(ENVOY_DISTRO) ]; then \ + curl -s --fail --location https://github.com/kumahq/envoy-builds/releases/download/v$(ENVOY_VERSION)/envoy-$(ENVOY_DISTRO)-$(GOARCH)-v$(ENVOY_VERSION)$(ENVOY_EXT_$(GOOS)_$(GOARCH)).tar.gz | tar -C $(BUILD_ARTIFACTS_DIR)/envoy -xz; \ + mv $(BUILD_ARTIFACTS_DIR)/envoy/envoy $(BUILD_ARTIFACTS_DIR)/envoy/envoy-$(ENVOY_DISTRO); \ + fi + .PHONY: build/test-server build/test-server: ## Dev: Build `test-server` binary $(Build_Go_Application) ./test/server @@ -164,6 +174,14 @@ build/test-server/linux-amd64: build/test-server/linux-arm64: GOOS=linux GOARCH=arm64 $(MAKE) build/test-server +.PHONY: build/envoy/linux-amd64 +build/envoy/linux-amd64: + GOOS=linux GOARCH=amd64 $(MAKE) build/envoy + +.PHONY: build/envoy/linux-arm64 +build/envoy/linux-arm64: + GOOS=linux GOARCH=arm64 $(MAKE) build/envoy + .PHONY: clean clean: clean/build ## Dev: Clean diff --git a/mk/dependencies/deps.lock b/mk/dependencies/deps.lock index 46329ffae293..6a821bb4502c 100644 --- a/mk/dependencies/deps.lock +++ b/mk/dependencies/deps.lock @@ -1 +1 @@ -78b7c50b319d5c3c039973a3ad5eb6daabb40c3e +b947e31d1aa93810696d5fe750c8c7b448228531 diff --git a/mk/dev.mk b/mk/dev.mk index 9ba29625a6be..317d6dff136e 100644 --- a/mk/dev.mk +++ b/mk/dev.mk @@ -1,6 +1,8 @@ KUMA_DIR ?= . -ENVOY_VERSION = $(shell ${KUMA_DIR}/tools/envoy/version.sh) -CI_TOOLS_VERSION = $(word 6, $(shell ${KUMA_DIR}/tools/releases/version.sh)) +TOOLS_DIR ?= $(KUMA_DIR)/tools +BUILD_INFO := $(shell $(TOOLS_DIR)/releases/version.sh) +ENVOY_VERSION = $(word 5, $(BUILD_INFO)) +CI_TOOLS_VERSION = $(word 6, $(BUILD_INFO)) KUMA_CHARTS_URL ?= https://kumahq.github.io/charts CHART_REPO_NAME ?= kuma PROJECT_NAME ?= kuma @@ -25,7 +27,6 @@ KUBECONFIG_DIR := $(HOME)/.kube PROTOS_DEPS_PATH=$(CI_TOOLS_DIR)/protos -TOOLS_DIR ?= $(KUMA_DIR)/tools CLANG_FORMAT=$(CI_TOOLS_BIN_DIR)/clang-format HELM=$(CI_TOOLS_BIN_DIR)/helm K3D_BIN=$(CI_TOOLS_BIN_DIR)/k3d diff --git a/mk/docker.mk b/mk/docker.mk index 4a9488e9ad04..fd5ad736c9b6 100644 --- a/mk/docker.mk +++ b/mk/docker.mk @@ -32,8 +32,8 @@ image/kuma-cp: build/kuma-cp/linux-${GOARCH} ## Dev: Rebuild `kuma-cp` Docker im docker build -t $(KUMA_CP_DOCKER_IMAGE) ${DOCKER_BUILD_ARGS} --build-arg ARCH=${GOARCH} --build-arg BASE_IMAGE_ARCH=${GOARCH} -f tools/releases/dockerfiles/Dockerfile.kuma-cp . .PHONY: image/kuma-dp -image/kuma-dp: build/kuma-dp/linux-${GOARCH} build/coredns/linux-${GOARCH} build/artifacts-linux-${GOARCH}/envoy/envoy ## Dev: Rebuild `kuma-dp` Docker image - docker build -t $(KUMA_DP_DOCKER_IMAGE) ${DOCKER_BUILD_ARGS} --build-arg ARCH=${GOARCH} --build-arg BASE_IMAGE_ARCH=${GOARCH} --build-arg ENVOY_VERSION=${ENVOY_VERSION} -f tools/releases/dockerfiles/Dockerfile.kuma-dp . +image/kuma-dp: build/kuma-dp/linux-${GOARCH} build/coredns/linux-${GOARCH} build/envoy/linux-${GOARCH} ## Dev: Rebuild `kuma-dp` Docker image + docker build -t $(KUMA_DP_DOCKER_IMAGE) ${DOCKER_BUILD_ARGS} --build-arg ARCH=${GOARCH} --build-arg BASE_IMAGE_ARCH=${GOARCH} -f tools/releases/dockerfiles/Dockerfile.kuma-dp . .PHONY: image/kumactl image/kumactl: build/kumactl/linux-${GOARCH} ## Dev: Rebuild `kumactl` Docker image @@ -49,7 +49,7 @@ image/kuma-cni: build/kuma-cni/linux-${GOARCH} build/install-cni/linux-${GOARCH} .PHONY: image/kuma-universal image/kuma-universal: build/linux-${GOARCH} - docker build -t $(KUMA_UNIVERSAL_DOCKER_IMAGE) ${DOCKER_BUILD_ARGS} --build-arg ARCH=${GOARCH} --build-arg ENVOY_VERSION=${ENVOY_VERSION} --build-arg BASE_IMAGE_ARCH=${GOARCH} -f test/dockerfiles/Dockerfile.universal . + docker build -t $(KUMA_UNIVERSAL_DOCKER_IMAGE) ${DOCKER_BUILD_ARGS} --build-arg ARCH=${GOARCH} --build-arg BASE_IMAGE_ARCH=${GOARCH} -f test/dockerfiles/Dockerfile.universal . .PHONY: images images: $(IMAGES_TARGETS) ## Dev: Rebuild release and test Docker images diff --git a/mk/envoy.mk b/mk/envoy.mk deleted file mode 100644 index 11d1da4fdcb6..000000000000 --- a/mk/envoy.mk +++ /dev/null @@ -1,58 +0,0 @@ -BUILD_ENVOY_FROM_SOURCES ?= false -ENVOY_TAG ?= v1.22.10 -ENVOY_ARTIFACT_EXT ?= - -ifeq ($(GOOS),linux) - ENVOY_DISTRO ?= alpine -endif -ENVOY_DISTRO ?= $(GOOS) - -ifeq ($(ENVOY_DISTRO),centos) - BUILD_ENVOY_SCRIPT = $(KUMA_DIR)/tools/envoy/build_centos.sh -endif -BUILD_ENVOY_SCRIPT ?= $(KUMA_DIR)/tools/envoy/build_$(GOOS).sh - -SOURCE_DIR ?= ${TMPDIR}envoy-sources -ifndef TMPDIR - SOURCE_DIR ?= /tmp/envoy-sources -endif - -# Target 'build/envoy' allows to put Envoy binary under the build/artifacts-$GOOS-$GOARCH/envoy directory. -# Depending on the flag BUILD_ENVOY_FROM_SOURCES this target either fetches Envoy from binary registry or -# builds from sources. It's possible to build binaries for darwin, linux and centos by specifying GOOS -# and ENVOY_DISTRO variables. Envoy version could be specified by ENVOY_TAG that accepts git tag or commit -# hash values. -.PHONY: build/envoy -build/envoy: - GOOS=${GOOS} \ - GOARCH=${GOARCH} \ - ENVOY_DISTRO=${ENVOY_DISTRO} \ - ENVOY_VERSION=${ENVOY_VERSION} \ - $(MAKE) build/artifacts-${GOOS}-${GOARCH}/envoy/envoy-${ENVOY_VERSION}-${ENVOY_DISTRO} - -.PHONY: build/artifacts-linux-amd64/envoy/envoy -build/artifacts-linux-amd64/envoy/envoy: - GOOS=linux GOARCH=amd64 $(MAKE) build/envoy - -.PHONY: build/artifacts-linux-arm64/envoy/envoy -build/artifacts-linux-arm64/envoy/envoy: - GOOS=linux GOARCH=arm64 $(MAKE) build/envoy - -build/artifacts-${GOOS}-${GOARCH}/envoy/envoy-${ENVOY_VERSION}-${ENVOY_DISTRO}: -ifeq ($(BUILD_ENVOY_FROM_SOURCES),true) - ENVOY_TAG=$(ENVOY_TAG) \ - SOURCE_DIR=${SOURCE_DIR} \ - KUMA_DIR=${KUMA_DIR} \ - BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS} \ - BINARY_PATH=$@ $(BUILD_ENVOY_SCRIPT) -else - ENVOY_TAG=$(ENVOY_TAG) \ - ENVOY_DISTRO=${ENVOY_DISTRO} \ - ENVOY_ARTIFACT_EXT=${ENVOY_ARTIFACT_EXT} \ - BINARY_PATH=$@ ${KUMA_DIR}/tools/envoy/fetch.sh -endif - -.PHONY: clean/envoy -clean/envoy: - rm -rf ${SOURCE_DIR} - rm -rf build/artifacts-${GOOS}-${GOARCH}/envoy/ diff --git a/test/dockerfiles/Dockerfile.universal b/test/dockerfiles/Dockerfile.universal index c2b37554156a..1dc008ce14a0 100644 --- a/test/dockerfiles/Dockerfile.universal +++ b/test/dockerfiles/Dockerfile.universal @@ -32,12 +32,12 @@ RUN ssh-keygen -A \ && chmod a+rwx /root \ && useradd -U kuma-dp +ARG ENVOY_DISTRO=linux ARG ARCH -ARG ENVOY_VERSION ADD /build/artifacts-linux-$ARCH/kuma-cp/kuma-cp /usr/bin ADD /build/artifacts-linux-$ARCH/kuma-dp/kuma-dp /usr/bin -ADD /build/artifacts-linux-$ARCH/envoy/envoy-$ENVOY_VERSION-alpine /usr/bin/envoy +ADD /build/artifacts-linux-$ARCH/envoy/envoy-${ENVOY_DISTRO} /usr/bin/envoy ADD /build/artifacts-linux-$ARCH/coredns/coredns /usr/bin ADD /build/artifacts-linux-$ARCH/kumactl/kumactl /usr/bin ADD /build/artifacts-linux-$ARCH/test-server/test-server /usr/bin diff --git a/test/e2e_env/universal/healthcheck/policy.go b/test/e2e_env/universal/healthcheck/policy.go index f94c340581b3..12982be4e285 100644 --- a/test/e2e_env/universal/healthcheck/policy.go +++ b/test/e2e_env/universal/healthcheck/policy.go @@ -225,10 +225,12 @@ conf: It("should mark host as unhealthy if it doesn't reply on health checks when Permissive mTLS enabled", func() { // check that test-server-mtls is healthy - cmd := []string{"/bin/bash", "-c", "\"echo request | nc test-server-mtls.mesh 80\""} - stdout, _, err := env.Cluster.ExecWithRetries("", "", "dp-demo-client-mtls", cmd...) - Expect(err).ToNot(HaveOccurred()) - Expect(stdout).To(ContainSubstring("response")) + Eventually(func(g Gomega) { + cmd := []string{"/bin/bash", "-c", "\"echo request | nc test-server-mtls.mesh 80\""} + stdout, _, err := env.Cluster.Exec("", "", "dp-demo-client-mtls", cmd...) + g.Expect(err).ToNot(HaveOccurred()) + g.Expect(stdout).To(ContainSubstring("response")) + }).Should(Succeed()) // update HealthCheck policy to check for another 'recv' line Expect(YamlUniversal(healthCheck(meshName, "test-server-mtls", "foo", "baz"))(env.Cluster)).To(Succeed()) @@ -243,12 +245,13 @@ conf: return strings.Contains(stdout, "health_flags::/failed_active_hc") }, "30s", "500ms").Should(BeTrue()) - cmd = []string{"/bin/bash", "-c", "\"echo request | nc test-server-mtls.mesh 80\""} - stdout, _, _ = env.Cluster.ExecWithRetries("", "", "dp-demo-client-mtls", cmd...) - - // there is no real attempt to setup a connection with test-server, but Envoy may return either - // empty response with EXIT_CODE = 0, or 'Ncat: Connection reset by peer.' with EXIT_CODE = 1 - Expect(stdout).To(Or(BeEmpty(), ContainSubstring("Ncat: Connection reset by peer."))) + Consistently(func(g Gomega) { + cmd := []string{"/bin/bash", "-c", "\"echo request | nc test-server-mtls.mesh 80\""} + stdout, _, _ := env.Cluster.Exec("", "", "dp-demo-client-mtls", cmd...) + // there is no real attempt to setup a connection with test-server, but Envoy may return either + // empty response with EXIT_CODE = 0, or 'Ncat: Connection reset by peer.' with EXIT_CODE = 1 + g.Expect(stdout).To(Or(BeEmpty(), ContainSubstring("Ncat: Connection reset by peer."))) + }).Should(Succeed()) }) }, Ordered) } diff --git a/tools/envoy/Dockerfile.build-centos b/tools/envoy/Dockerfile.build-centos deleted file mode 100644 index 63cf1a44b830..000000000000 --- a/tools/envoy/Dockerfile.build-centos +++ /dev/null @@ -1,10 +0,0 @@ -ARG ENVOY_BUILD_IMAGE -FROM $ENVOY_BUILD_IMAGE - -ARG BUILD_CMD - -COPY . /envoy-sources/ - -RUN bash -c "pushd envoy-sources/ && bazel/setup_clang.sh /opt/llvm" -RUN bash -c "pushd /envoy-sources && $BUILD_CMD" -RUN bash -c "pushd /envoy-sources/bazel-bin/contrib/exe && strip envoy-static -o envoy" diff --git a/tools/envoy/Dockerfile.build-centos.dockerignore b/tools/envoy/Dockerfile.build-centos.dockerignore deleted file mode 100644 index 51dc9f116014..000000000000 --- a/tools/envoy/Dockerfile.build-centos.dockerignore +++ /dev/null @@ -1,3 +0,0 @@ -# Overrides standard .dockerignore file from the project's root directory. -# It's important to have it empty because we're running 'docker build' with envoy's -# source directory as a workspace and by default it's $TMPDIR/envoy-sources. diff --git a/tools/envoy/Dockerfile.build-ubuntu b/tools/envoy/Dockerfile.build-ubuntu deleted file mode 100644 index 73e610920e4a..000000000000 --- a/tools/envoy/Dockerfile.build-ubuntu +++ /dev/null @@ -1,16 +0,0 @@ -ARG ENVOY_BUILD_IMAGE -FROM $ENVOY_BUILD_IMAGE - -ARG BUILD_CMD - -RUN groupadd --gid $(id -g) -f envoygroup \ - && useradd -o --uid $(id -u) --gid $(id -g) --no-create-home --home-dir /build envoybuild \ - && usermod -a -G pcap envoybuild \ - && mkdir /build /source \ - && chown envoybuild:envoygroup /build /source - -COPY . /envoy-sources/ - -RUN sudo -EHs -u envoybuild bash -c "pushd /envoy-sources && bazel/setup_clang.sh /opt/llvm" -RUN sudo -EHs -u envoybuild bash -c "pushd /envoy-sources && $BUILD_CMD" -RUN sudo -EHs -u envoybuild bash -c "pushd /envoy-sources/bazel-bin/contrib/exe && strip envoy-static -o envoy" diff --git a/tools/envoy/Dockerfile.build-ubuntu.dockerignore b/tools/envoy/Dockerfile.build-ubuntu.dockerignore deleted file mode 100644 index 51dc9f116014..000000000000 --- a/tools/envoy/Dockerfile.build-ubuntu.dockerignore +++ /dev/null @@ -1,3 +0,0 @@ -# Overrides standard .dockerignore file from the project's root directory. -# It's important to have it empty because we're running 'docker build' with envoy's -# source directory as a workspace and by default it's $TMPDIR/envoy-sources. diff --git a/tools/envoy/README.md b/tools/envoy/README.md deleted file mode 100644 index b69835f5dd69..000000000000 --- a/tools/envoy/README.md +++ /dev/null @@ -1,44 +0,0 @@ -# Tools for Envoy - -The current directory contains tools for building, publishing and fetching Envoy binaries. - -There is a new Makefile target `build/envoy` that places an `envoy` binary in `build/artifacts-$GOOS-$GOARCH/envoy` directory. -The default behaviour of that target – fetching binaries from [download.konghq.com](download.konghq.com) since it makes more sense for -overwhelming majority of users. However, there is a variable `BUILD_ENVOY_FROM_SOURCES` that allows to build Envoy from -source code. - -### Usage - -Changing default envoy version: - -Update the ENVOY_TAG in version.sh - -Download the latest supported Envoy binary for your host OS: -```shell -$ make build/envoy -``` - -Download the latest supported Envoy binary for specified system: -```shell -$ GOOS=linux make build/envoy # supported OS: linux, centos and darwin -``` - -Download the specific Envoy tag: -```shell -$ ENVOY_TAG=v1.18.4 make build/envoy -``` - -Download the specific Envoy commit hash (if it exists in [download.konghq.com](download.konghq.com)): -```shell -$ ENVOY_TAG=bef18019d8fc33a4ed6aca3679aff2100241ac5e make build/envoy -``` - -If desired commit hash doesn't exist, it could be built from sources: -```shell -$ ENVOY_TAG=bef18019d8fc33a4ed6aca3679aff2100241ac5e BUILD_ENVOY_FROM_SOURCES=true make build/envoy -``` - -When building from sources its still possible to specify OS: -```shell -$ GOOS=linux ENVOY_TAG=bef18019d8fc33a4ed6aca3679aff2100241ac5e BUILD_ENVOY_FROM_SOURCES=true make build/envoy -``` diff --git a/tools/envoy/build_centos.sh b/tools/envoy/build_centos.sh deleted file mode 100755 index d05528b1e921..000000000000 --- a/tools/envoy/build_centos.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset - -echo "Building Envoy for CentOS 7" - -mkdir -p "$(dirname "${BINARY_PATH}")" - -SOURCE_DIR="${SOURCE_DIR}" "${KUMA_DIR:-.}/tools/envoy/fetch_sources.sh" -CONTRIB_ENABLED_MATRIX_SCRIPT=$(realpath "${KUMA_DIR:-.}/tools/envoy/contrib_enabled_matrix.py") - -BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS:-""} -read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS}" -BAZEL_BUILD_OPTIONS=( - "--config=libc++" - "--verbose_failures" - "${BAZEL_BUILD_EXTRA_OPTIONS[@]+"${BAZEL_BUILD_EXTRA_OPTIONS[@]}"}") -BUILD_TARGET=${BUILD_TARGET:-"//contrib/exe:envoy-static"} - -pushd "${SOURCE_DIR}" -CONTRIB_ENABLED_ARGS=$(python "${CONTRIB_ENABLED_MATRIX_SCRIPT}") -popd - -BUILD_CMD=${BUILD_CMD:-"bazel build ${BAZEL_BUILD_OPTIONS[@]} -c opt ${BUILD_TARGET} ${CONTRIB_ENABLED_ARGS} --//source/extensions/transport_sockets/tcp_stats:enabled=false"} - -ENVOY_BUILD_SHA=$(curl --fail --location --silent https://raw.githubusercontent.com/envoyproxy/envoy/"${ENVOY_TAG}"/.bazelrc | grep envoyproxy/envoy-build-ubuntu | sed -e 's#.*envoyproxy/envoy-build-ubuntu:\(.*\)#\1#'| uniq) -ENVOY_BUILD_IMAGE="envoyproxy/envoy-build-centos:${ENVOY_BUILD_SHA}" -LOCAL_BUILD_IMAGE="envoy-builder:${ENVOY_TAG}" - -docker build -t "${LOCAL_BUILD_IMAGE}" --progress=plain \ - --build-arg ENVOY_BUILD_IMAGE="${ENVOY_BUILD_IMAGE}" \ - --build-arg BUILD_CMD="${BUILD_CMD}" \ - -f tools/envoy/Dockerfile.build-centos "${SOURCE_DIR}" - -# copy out the binary -id=$(docker create "${LOCAL_BUILD_IMAGE}") -docker cp "$id":/envoy-sources/bazel-bin/contrib/exe/envoy "${BINARY_PATH}" -docker rm -v "$id" diff --git a/tools/envoy/build_darwin.sh b/tools/envoy/build_darwin.sh deleted file mode 100755 index fb5d85c0a104..000000000000 --- a/tools/envoy/build_darwin.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset - -echo "Building Envoy for Darwin" - -mkdir -p "$(dirname "${BINARY_PATH}")" - -SOURCE_DIR="${SOURCE_DIR}" "${KUMA_DIR:-.}/tools/envoy/fetch_sources.sh" -CONTRIB_ENABLED_MATRIX_SCRIPT=$(realpath "${KUMA_DIR:-.}/tools/envoy/contrib_enabled_matrix.py") - -pushd "${SOURCE_DIR}" - -BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS:-""} -read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS}" -BAZEL_BUILD_OPTIONS=( - "--curses=no" - --show_task_finish - --verbose_failures - --//contrib/vcl/source:enabled=false - "--action_env=PATH=/usr/local/bin:/opt/local/bin:/usr/bin:/bin:/opt/homebrew/bin" - "--define" "wasm=disabled" - "${BAZEL_BUILD_EXTRA_OPTIONS[@]+"${BAZEL_BUILD_EXTRA_OPTIONS[@]}"}") - -CONTRIB_ENABLED_ARGS=$(python "${CONTRIB_ENABLED_MATRIX_SCRIPT}") - -# shellcheck disable=SC2086 -bazel build "${BAZEL_BUILD_OPTIONS[@]}" -c opt //contrib/exe:envoy-static ${CONTRIB_ENABLED_ARGS} - -popd - -cp "${SOURCE_DIR}"/bazel-bin/contrib/exe/envoy-static "${BINARY_PATH}" - diff --git a/tools/envoy/build_linux.sh b/tools/envoy/build_linux.sh deleted file mode 100755 index 447b96dd4a98..000000000000 --- a/tools/envoy/build_linux.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset - -echo "Building Envoy for Linux" - -mkdir -p "$(dirname "${BINARY_PATH}")" - -SOURCE_DIR="${SOURCE_DIR}" "${KUMA_DIR:-.}/tools/envoy/fetch_sources.sh" -CONTRIB_ENABLED_MATRIX_SCRIPT=$(realpath "${KUMA_DIR:-.}/tools/envoy/contrib_enabled_matrix.py") - -BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS:-""} -read -ra BAZEL_BUILD_EXTRA_OPTIONS <<< "${BAZEL_BUILD_EXTRA_OPTIONS}" -BAZEL_BUILD_OPTIONS=( - "--config=clang" - "--verbose_failures" - "${BAZEL_BUILD_EXTRA_OPTIONS[@]+"${BAZEL_BUILD_EXTRA_OPTIONS[@]}"}") -BUILD_TARGET=${BUILD_TARGET:-"//contrib/exe:envoy-static"} - -pushd "${SOURCE_DIR}" -CONTRIB_ENABLED_ARGS=$(python "${CONTRIB_ENABLED_MATRIX_SCRIPT}") -popd - -BUILD_CMD=${BUILD_CMD:-"bazel build ${BAZEL_BUILD_OPTIONS[@]} -c opt ${BUILD_TARGET} ${CONTRIB_ENABLED_ARGS}"} - -ENVOY_BUILD_SHA=$(curl --fail --location --silent https://raw.githubusercontent.com/envoyproxy/envoy/"${ENVOY_TAG}"/.bazelrc | grep envoyproxy/envoy-build-ubuntu | sed -e 's#.*envoyproxy/envoy-build-ubuntu:\(.*\)#\1#'| uniq) -ENVOY_BUILD_IMAGE="envoyproxy/envoy-build-ubuntu:${ENVOY_BUILD_SHA}" -LOCAL_BUILD_IMAGE="envoy-builder:${ENVOY_TAG}" - -echo "BUILD_CMD=${BUILD_CMD}" - -docker build -t "${LOCAL_BUILD_IMAGE}" --progress=plain \ - --build-arg ENVOY_BUILD_IMAGE="${ENVOY_BUILD_IMAGE}" \ - --build-arg BUILD_CMD="${BUILD_CMD}" \ - -f "${KUMA_DIR:-.}/tools/envoy/Dockerfile.build-ubuntu" "${SOURCE_DIR}" - -# copy out the binary -id=$(docker create "${LOCAL_BUILD_IMAGE}") -docker cp "$id":/envoy-sources/bazel-bin/contrib/exe/envoy "${BINARY_PATH}" -docker rm -v "$id" diff --git a/tools/envoy/contrib_enabled_matrix.py b/tools/envoy/contrib_enabled_matrix.py deleted file mode 100644 index 31e877a23960..000000000000 --- a/tools/envoy/contrib_enabled_matrix.py +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/python - -# file in format CONTRIB_EXTENSIONS = {...} -exec(open('contrib/contrib_build_config.bzl').read()) - -enabled = [ - "envoy.filters.network.kafka_broker" -] - -disabled = [] -for k, v in CONTRIB_EXTENSIONS.items(): - disabled.append('--{target}:enabled={enabled}'.format( - target=v.split(":")[0], - enabled=(k in enabled)) - ) - -print(' '.join(disabled)) diff --git a/tools/envoy/fetch.sh b/tools/envoy/fetch.sh deleted file mode 100755 index 2d01bdc9dcd9..000000000000 --- a/tools/envoy/fetch.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/env bash - -# This script fetches Envoy binary from download.konghq.com -# -# Requires: -# - $BINARY_PATH, path where binary will be fetched, for example 'out/envoy' -# - $ENVOY_TAG, tag of the envoy binary to fetch -# - $ENVOY_DISTRO, name of the distributive (i.e darwin, alpine) -# - $ENVOY_ARTIFACT_EXT, optional artifact suffix (i.e. -extended) - -set -o errexit -set -o pipefail -set -o nounset - -source "$(dirname -- "${BASH_SOURCE[0]}")/../common.sh" - -function download_envoy() { - local binary_name=$1 - local bin_dir - bin_dir=$(dirname "${BINARY_PATH}") - echo "Downloading ${binary_name}" - - if [ ! -d "$(dirname "${BINARY_PATH}")" ]; then - mkdir -p "$(dirname "${BINARY_PATH}")" - fi - - local tar_path="${BINARY_PATH}.tar.gz" - - local status - status=$(curl -# --location --output "${tar_path}" --write-out '%{http_code}' \ - "https://github.com/kumahq/envoy-builds/releases/download/${ENVOY_TAG}/${binary_name}.tar.gz") - - if [ "$status" -ne "200" ]; then - msg_err "Error: failed downloading Envoy: ${status} error" - fi - - tar -C "$bin_dir" -xzvf "${tar_path}" - rm "$tar_path" - mv "${bin_dir}/envoy-${ENVOY_DISTRO}" "${BINARY_PATH}" - - [ -f "${BINARY_PATH}" ] && chmod +x "${BINARY_PATH}" -} - -if [[ -n "${ENVOY_TAG}" ]]; then - BINARY_NAME="envoy-${GOOS}-${GOARCH}-${ENVOY_TAG}-${ENVOY_DISTRO}-opt${ENVOY_ARTIFACT_EXT}" - download_envoy "${BINARY_NAME}" - exit 0 -fi diff --git a/tools/envoy/fetch_sources.sh b/tools/envoy/fetch_sources.sh deleted file mode 100755 index c3d5a1b105bc..000000000000 --- a/tools/envoy/fetch_sources.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -# This script fetches Envoy source code to $SOURCE_DIR -# -# Requires: -# - $SOURCE_DIR, a directory where sources will be placed -# - $ENVOY_TAG, git tag to reference specific revision - -set -o errexit -set -o pipefail -set -o nounset - -source "$(dirname -- "${BASH_SOURCE[0]}")/../common.sh" - -# clone Envoy repo if not exists -if [[ ! -d "${SOURCE_DIR}" ]]; then - mkdir -p "${SOURCE_DIR}" - ( - cd "${SOURCE_DIR}" - git init . - git remote add origin https://github.com/envoyproxy/envoy.git - ) -else - echo "Envoy source directory already exists, just fetching" - pushd "${SOURCE_DIR}" && git fetch --all && popd -fi - -pushd "${SOURCE_DIR}" - -git fetch origin --depth=1 "${ENVOY_TAG}" -git reset --hard FETCH_HEAD - -echo "ENVOY_TAG=${ENVOY_TAG}" - -popd diff --git a/tools/envoy/publish.sh b/tools/envoy/publish.sh deleted file mode 100755 index 7fcdf52e3344..000000000000 --- a/tools/envoy/publish.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -# This script publishes binary passed to $1 -# -# Requirements -# * Docker - -set -o errexit -set -o pipefail -set -o nounset - -source "$(dirname -- "${BASH_SOURCE[0]}")/../common.sh" - -if [ $# -eq 0 ]; then - echo "Usage: ./publish.sh path_to_envoy" - echo "Example: ./publish.sh out/envoy-v1.20.0" - exit 1 -fi - -BINARY_PATH=$1 - -PULP_HOST="https://api.pulp.konnect-prod.konghq.com" -PULP_PACKAGE_TYPE="mesh" -PULP_DIST_NAME="alpine" - -[ -z "$PULP_USERNAME" ] && msg_err "PULP_USERNAME required" -[ -z "$PULP_PASSWORD" ] && msg_err "PULP_PASSWORD required" - -docker run --rm \ - -e PULP_USERNAME="${PULP_USERNAME}" \ - -e PULP_PASSWORD="${PULP_PASSWORD}" \ - -e PULP_HOST="${PULP_HOST}" \ - -v "${PWD}":/files:ro -it kong/release-script \ - --file /files/"${BINARY_PATH}" \ - --package-type "${PULP_PACKAGE_TYPE}" --dist-name "${PULP_DIST_NAME}" --publish diff --git a/tools/envoy/version.sh b/tools/envoy/version.sh deleted file mode 100755 index 3245e8862781..000000000000 --- a/tools/envoy/version.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -set -o errexit -set -o pipefail -set -o nounset - -# Returns Envoy version by ENVOY_TAG: -# - if ENVOY_TAG is a real git tag like 'v1.20.0' then the version is equal to '1.20.0' (without the first letter 'v'). -# - if ENVOY_TAG is a commit hash then the version will look like '1.20.1-dev-b16d390f' - -ENVOY_TAG=${ENVOY_TAG:-"v1.22.10"} -ENVOY_VERSION=$(curl --silent --location "https://raw.githubusercontent.com/envoyproxy/envoy/${ENVOY_TAG}/VERSION.txt") - -# for envoy versions older than v1.22.0 file 'VERSION.txt' used to be called 'VERSION' -if [[ "${ENVOY_VERSION}" == "404: Not Found" ]]; then - ENVOY_VERSION=$(curl --silent --location --fail "https://raw.githubusercontent.com/envoyproxy/envoy/${ENVOY_TAG}/VERSION") -fi - -if [[ "${ENVOY_TAG}" =~ ^v[0-9]*\.[0-9]*\.[0-9]*$ ]]; then - echo "${ENVOY_VERSION}" -else - echo "${ENVOY_VERSION}-${ENVOY_TAG:0:8}" -fi diff --git a/tools/releases/distros.sh b/tools/releases/distros.sh index 26572ea18f4d..d5471ae9df19 100755 --- a/tools/releases/distros.sh +++ b/tools/releases/distros.sh @@ -9,14 +9,14 @@ source "${SCRIPT_DIR}/../common.sh" # if present, second is the distribution and third is the envoy distribution # without a distribution we package only kumactl as a static binary DISTRIBUTIONS=( - linux:debian:alpine:amd64 - linux:ubuntu:alpine:amd64 - linux:rhel:centos:amd64 + linux:debian:linux:amd64 + linux:ubuntu:linux:amd64 + linux:rhel:linux:amd64 linux:centos:centos:amd64 darwin:darwin:darwin:amd64 linux:::amd64 - linux:debian:alpine:arm64 - linux:ubuntu:alpine:arm64 + linux:debian:linux:arm64 + linux:ubuntu:linux:arm64 darwin:darwin:darwin:arm64 linux:::arm64 ) @@ -26,7 +26,6 @@ PULP_PACKAGE_TYPE="mesh" PULP_DIST_NAME="alpine" [ -z "$RELEASE_NAME" ] && RELEASE_NAME="kuma" BUILD_INFO=$("${SCRIPT_DIR}/../releases/version.sh") -ENVOY_VERSION=$(echo "$BUILD_INFO" | cut -d " " -f 5) KUMA_VERSION=$(echo "$BUILD_INFO" | cut -d " " -f 1) [ -z "$KUMA_CONFIG_PATH" ] && KUMA_CONFIG_PATH=pkg/config/app/kuma-cp/kuma-cp.defaults.yaml CTL_NAME="kumactl" @@ -105,7 +104,7 @@ function create_tarball() { get_ebpf_programs "$arch" "$system" "$kuma_dir" artifact_dir=$(artifact_dir "$arch" "$system") - cp -p "$artifact_dir/envoy/envoy-$ENVOY_VERSION-$envoy_distro" "$kuma_dir/bin" + cp -p "$artifact_dir/envoy/envoy-$envoy_distro" "$kuma_dir/bin/envoy" cp -p "$artifact_dir/kuma-cp/kuma-cp" "$kuma_dir/bin" cp -p "$artifact_dir/kuma-dp/kuma-dp" "$kuma_dir/bin" cp -p "$artifact_dir/kumactl/kumactl" "$kuma_dir/bin" diff --git a/tools/releases/docker.sh b/tools/releases/docker.sh index c704d86132d7..74c2f9300689 100755 --- a/tools/releases/docker.sh +++ b/tools/releases/docker.sh @@ -9,7 +9,6 @@ KUMA_DOCKER_REPO="${KUMA_DOCKER_REPO:-docker.io}" KUMA_DOCKER_REPO_ORG="${KUMA_DOCKER_REPO_ORG:-${KUMA_DOCKER_REPO}/kumahq}" KUMA_COMPONENTS="${KUMA_COMPONENTS:-kuma-cp kuma-dp kumactl kuma-init kuma-cni}" BUILD_INFO=$("${SCRIPT_DIR}/../releases/version.sh") -ENVOY_VERSION=$(echo "$BUILD_INFO" | cut -d " " -f 5) KUMA_VERSION=$(echo "$BUILD_INFO" | cut -d " " -f 1) BUILD_ARCH="${BUILD_ARCH:-amd64 arm64}" @@ -19,7 +18,6 @@ function build() { msg "Building $component..." build_args=( --build-arg ARCH="${arch}" - --build-arg ENVOY_VERSION="${ENVOY_VERSION}" --build-arg BASE_IMAGE_ARCH="${arch}" ) additional_args=() diff --git a/tools/releases/dockerfiles/Dockerfile.kuma-dp b/tools/releases/dockerfiles/Dockerfile.kuma-dp index d3bfd12a3793..bbc3254659f3 100644 --- a/tools/releases/dockerfiles/Dockerfile.kuma-dp +++ b/tools/releases/dockerfiles/Dockerfile.kuma-dp @@ -1,10 +1,10 @@ ARG BASE_IMAGE_ARCH=amd64 FROM debian:11 as envoy -ARG ENVOY_VERSION ARG ARCH +ARG ENVOY_DISTRO=linux -ADD /build/artifacts-linux-$ARCH/envoy/envoy-$ENVOY_VERSION-alpine /envoy +ADD /build/artifacts-linux-$ARCH/envoy/envoy-$ENVOY_DISTRO /envoy RUN apt-get update && \ apt-get install -y libcap2-bin diff --git a/tools/releases/version.sh b/tools/releases/version.sh index c02520ebbbfa..541c4e188cd8 100755 --- a/tools/releases/version.sh +++ b/tools/releases/version.sh @@ -8,7 +8,7 @@ function envoy_version() { # - if ENVOY_TAG is a real git tag like 'v1.20.0' then the version is equal to '1.20.0' (without the first letter 'v'). # - if ENVOY_TAG is a commit hash then the version will look like '1.20.1-dev-b16d390f' - ENVOY_TAG=${ENVOY_TAG:-"v1.22.10"} + ENVOY_TAG=${ENVOY_TAG:-"v1.24.8"} ENVOY_VERSION=$(curl --silent --location "https://raw.githubusercontent.com/envoyproxy/envoy/${ENVOY_TAG}/VERSION.txt") # for envoy versions older than v1.22.0 file 'VERSION.txt' used to be called 'VERSION'