mirror of
https://github.com/siderolabs/extensions.git
synced 2026-05-05 12:16:46 +02:00
fb4eb042d7
Consolidate extension services to be self contained, don't pollute rootfs or mount up libraries from host unless absolutely needed. Fixes: #876 Fixes: https://github.com/siderolabs/talos/issues/12667 Signed-off-by: Noel Georgi <git@frezbo.dev>
76 lines
2.7 KiB
YAML
76 lines
2.7 KiB
YAML
name: tailscale
|
|
variant: scratch
|
|
shell: /bin/bash
|
|
dependencies:
|
|
- stage: base
|
|
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/fhs:{{ .BUILD_ARG_PKGS }}"
|
|
from: /
|
|
to: /rootfs/usr/local/lib/containers/tailscale
|
|
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/musl:{{ .BUILD_ARG_PKGS }}"
|
|
from: /usr/lib
|
|
to: /rootfs/usr/local/lib/containers/tailscale/usr/lib
|
|
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/libmnl:{{ .BUILD_ARG_PKGS }}"
|
|
from: /usr/lib
|
|
to: /rootfs/usr/local/lib/containers/tailscale/usr/lib
|
|
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/libnftnl:{{ .BUILD_ARG_PKGS }}"
|
|
from: /usr/lib
|
|
to: /rootfs/usr/local/lib/containers/tailscale/usr/lib
|
|
- image: "{{ .BUILD_ARG_PKGS_PREFIX }}/iptables:{{ .BUILD_ARG_PKGS }}"
|
|
from: /usr/lib
|
|
to: /rootfs/usr/local/lib/containers/tailscale/usr/lib
|
|
steps:
|
|
- env:
|
|
GOPATH: /tmp/go
|
|
- cachePaths:
|
|
- /.cache/go-build
|
|
- /tmp/go/pkg
|
|
sources:
|
|
- url: https://github.com/tailscale/tailscale/archive/refs/tags/v{{ .TAILSCALE_VERSION }}.tar.gz
|
|
destination: tailscale.tar.gz
|
|
sha256: {{ .TAILSCALE_SHA256 }}
|
|
sha512: {{ .TAILSCALE_SHA512 }}
|
|
- network: default
|
|
prepare:
|
|
- |
|
|
mkdir tailscale dist
|
|
tar -xzvf tailscale.tar.gz --strip-components=1 -C tailscale
|
|
- |
|
|
cd tailscale
|
|
go mod download
|
|
- network: none
|
|
build:
|
|
- |
|
|
CGO_ENABLED=0 go build \
|
|
-C tailscale \
|
|
-o ../dist \
|
|
-ldflags "-X tailscale.com/version.shortStamp={{ .TAILSCALE_VERSION }} \
|
|
-X tailscale.com/version.longStamp={{ .TAILSCALE_VERSION }}-TalosLinux" \
|
|
tailscale.com/cmd/{tailscale,tailscaled,containerboot}
|
|
install:
|
|
- |
|
|
mkdir -p /rootfs/usr/local/lib/containers/tailscale/usr/local/bin/
|
|
cp -pr dist/tailscale /rootfs/usr/local/lib/containers/tailscale/usr/local/bin
|
|
cp -pr dist/tailscaled /rootfs/usr/local/lib/containers/tailscale/usr/local/bin
|
|
cp -pr dist/containerboot /rootfs/usr/local/lib/containers/tailscale/usr/local/bin
|
|
- |
|
|
mkdir -p /rootfs/usr/local/etc/containers
|
|
cp /pkg/tailscale.yaml /rootfs/usr/local/etc/containers/
|
|
sbom:
|
|
outputPath: /rootfs/usr/local/share/spdx/tailscale.spdx.json
|
|
version: {{ .TAILSCALE_VERSION }}
|
|
cpes:
|
|
- cpe:2.3:a:tailscale:tailscale:{{ .TAILSCALE_VERSION }}:*:*:*:*:*:*:*
|
|
licenses:
|
|
- BSD-3-Clause
|
|
test:
|
|
- |
|
|
mkdir -p /extensions-validator-rootfs
|
|
cp -r /rootfs/ /extensions-validator-rootfs/rootfs
|
|
cp /pkg/manifest.yaml /extensions-validator-rootfs/manifest.yaml
|
|
/extensions-validator validate --rootfs=/extensions-validator-rootfs --pkg-name="${PKG_NAME}"
|
|
finalize:
|
|
- from: /rootfs
|
|
to: /rootfs
|
|
- from: /pkg/manifest.yaml
|
|
to: /
|