From 13899d921ed7a941c945299b3ecc9ce9912a4f46 Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Wed, 5 Jul 2023 10:39:14 +0200 Subject: [PATCH] setcap: switch to debian bookworm Signed-off-by: Sascha Grunert --- dependencies.yaml | 43 +++++++++++++++---------------- images/build/setcap/Dockerfile | 6 ++--- images/build/setcap/Makefile | 6 ++--- images/build/setcap/variants.yaml | 5 ++++ 4 files changed, 31 insertions(+), 29 deletions(-) diff --git a/dependencies.yaml b/dependencies.yaml index 433a05d76f4..c3b659a45a4 100644 --- a/dependencies.yaml +++ b/dependencies.yaml @@ -431,10 +431,11 @@ dependencies: match: OS_CODENAME\ \?=\ bullseye - path: images/build/go-runner/variants.yaml match: "OS_CODENAME: 'bullseye'" - - path: images/build/setcap/Makefile - match: CONFIG\ \?=\ bullseye - - path: images/build/setcap/variants.yaml - match: "CONFIG: 'bullseye'" + # TODO: revert once all images are on bookworm + # - path: images/build/setcap/Makefile + # match: CONFIG\ \?=\ bullseye + # - path: images/build/setcap/variants.yaml + # match: "CONFIG: 'bullseye'" - path: images/releng/ci/variants.yaml match: "OS_CODENAME: 'bullseye'" - path: images/releng/k8s-ci-builder/Makefile @@ -468,17 +469,16 @@ dependencies: match: "IMAGE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - name: "registry.k8s.io/build-image/debian-base: dependents" - version: bullseye-v1.4.3 + version: bookworm-v1.0.0 refPaths: - # TODO: revert once all images are on bookworm - # - path: images/build/debian-iptables/Makefile - # match: DEBIAN_BASE_VERSION\ \?=\ bullseye-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) - # - path: images/build/debian-iptables/variants.yaml - # match: "DEBIAN_BASE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + - path: images/build/debian-iptables/Makefile + match: DEBIAN_BASE_VERSION\ \?=\ bookworm-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) + - path: images/build/debian-iptables/variants.yaml + match: "DEBIAN_BASE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - path: images/build/setcap/Makefile - match: DEBIAN_BASE_VERSION\ \?=\ bullseye-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) + match: DEBIAN_BASE_VERSION\ \?=\ bookworm-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) - path: images/build/setcap/variants.yaml - match: "DEBIAN_BASE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + match: "DEBIAN_BASE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - name: "registry.k8s.io/build-image/debian-iptables" version: bookworm-v1.0.0 @@ -503,12 +503,12 @@ dependencies: match: GORUNNER_VERSION \?= v\d+\.\d+\.\d+-go\d+.\d+(alpha|beta|rc)?\.?(\d+)?-bullseye\.\d+ - name: "registry.k8s.io/build-image/setcap" - version: bullseye-v1.4.2 + version: bookworm-v1.0.0 refPaths: - path: images/build/setcap/Makefile - match: IMAGE_VERSION\ \?=\ bullseye-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) + match: IMAGE_VERSION\ \?=\ bookworm-v((([0-9]+)\.([0-9]+)\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?) - path: images/build/setcap/variants.yaml - match: "IMAGE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + match: "IMAGE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" # Base images (next candidate) - name: "registry.k8s.io/build-image/debian-base (next candidate)" @@ -518,13 +518,12 @@ dependencies: match: "IMAGE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - name: "registry.k8s.io/build-image/debian-base: dependents (next candidate)" - version: bullseye-v1.4.3 + version: bookworm-v1.0.0 refPaths: - # TODO: revert once all images are on bookworm - # - path: images/build/debian-iptables/variants.yaml - # match: "DEBIAN_BASE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + - path: images/build/debian-iptables/variants.yaml + match: "DEBIAN_BASE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - path: images/build/setcap/variants.yaml - match: "DEBIAN_BASE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + match: "DEBIAN_BASE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - name: "registry.k8s.io/build-image/debian-iptables (next candidate)" version: bookworm-v1.0.0 @@ -533,10 +532,10 @@ dependencies: match: "IMAGE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" - name: "registry.k8s.io/build-image/setcap (next candidate)" - version: bullseye-v1.4.2 + version: bookworm-v1.0.0 refPaths: - path: images/build/setcap/variants.yaml - match: "IMAGE_VERSION: 'bullseye-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" + match: "IMAGE_VERSION: 'bookworm-v((([0-9]+)\\.([0-9]+)\\.([0-9]+)(?:-([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)'" # Build environments - name: "gcr.io/k8s-staging-test-infra/gcb-docker-gcloud" diff --git a/images/build/setcap/Dockerfile b/images/build/setcap/Dockerfile index 1a6ba8ef704..0602611cd07 100644 --- a/images/build/setcap/Dockerfile +++ b/images/build/setcap/Dockerfile @@ -18,7 +18,5 @@ FROM ${BASEIMAGE} ARG BASEIMAGE -RUN apt-get update \ - && CODENAME=$(. /etc/os-release; echo $VERSION_CODENAME) && \ - if [ "bullseye" = "$CODENAME" ]; then apt-get -y --allow-change-held-packages install libcap2; fi \ - && apt-get -y --no-install-recommends install libcap2-bin +RUN apt-get update && \ + apt-get -y --allow-change-held-packages install libcap2 libcap2-bin diff --git a/images/build/setcap/Makefile b/images/build/setcap/Makefile index 94d85181a02..aea41b32aa3 100644 --- a/images/build/setcap/Makefile +++ b/images/build/setcap/Makefile @@ -18,9 +18,9 @@ REGISTRY?="gcr.io/k8s-staging-build-image" IMAGE=$(REGISTRY)/setcap TAG ?= $(shell git describe --tags --always --dirty) -IMAGE_VERSION ?= bullseye-v1.4.2 -CONFIG ?= bullseye -DEBIAN_BASE_VERSION ?= bullseye-v1.4.3 +IMAGE_VERSION ?= bookworm-v1.0.0 +CONFIG ?= bookworm +DEBIAN_BASE_VERSION ?= bookworm-v1.0.0 ARCH?=amd64 ALL_ARCH = amd64 arm arm64 ppc64le s390x diff --git a/images/build/setcap/variants.yaml b/images/build/setcap/variants.yaml index da17457a9a8..d176a76eda1 100644 --- a/images/build/setcap/variants.yaml +++ b/images/build/setcap/variants.yaml @@ -4,3 +4,8 @@ variants: CONFIG: 'bullseye' IMAGE_VERSION: 'bullseye-v1.4.2' DEBIAN_BASE_VERSION: 'bullseye-v1.4.3' + # Debian 12 - Kubernetes 1.28 and newer + bookworm: + CONFIG: 'bookworm' + IMAGE_VERSION: 'bookworm-v1.0.0' + DEBIAN_BASE_VERSION: 'bookworm-v1.0.0'