reanimator/bee
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Persist builder caches outside container

Browse Source
This commit is contained in:
Mikhail Chusavitin
2026-03-14 07:40:32 +03:00
parent 6aca1682b9
commit e8a52562e7
3 changed files with 75 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
iso/builder/build-in-container.sh
View File

@@ -7,18 +7,29 @@ REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
BUILDER_DIR="${REPO_ROOT}/iso/builder" BUILDER_DIR="${REPO_ROOT}/iso/builder"
CONTAINER_TOOL="${CONTAINER_TOOL:-docker}" CONTAINER_TOOL="${CONTAINER_TOOL:-docker}"
IMAGE_TAG="${BEE_BUILDER_IMAGE:-bee-iso-builder}" IMAGE_TAG="${BEE_BUILDER_IMAGE:-bee-iso-builder}"
CACHE_DIR="${BEE_BUILDER_CACHE_DIR:-${REPO_ROOT}/dist/container-cache}"
AUTH_KEYS="" AUTH_KEYS=""
REBUILD_IMAGE=0
. "${BUILDER_DIR}/VERSIONS" . "${BUILDER_DIR}/VERSIONS"
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "$1" in case "$1" in
--cache-dir)
CACHE_DIR="$2"
shift 2
;;
--rebuild-image)
REBUILD_IMAGE=1
shift
;;
--authorized-keys) --authorized-keys)
AUTH_KEYS="$2" AUTH_KEYS="$2"
shift 2 shift 2
;; ;;
*) *)
echo "unknown arg: $1" >&2 echo "unknown arg: $1" >&2
echo "usage: $0 [--cache-dir /path] [--rebuild-image] [--authorized-keys /path/to/authorized_keys]" >&2
exit 1 exit 1
;; ;;
esac esac
@@ -36,25 +47,48 @@ if [ -n "$AUTH_KEYS" ]; then
AUTH_KEYS_BASE="$(basename "$AUTH_KEYS_ABS")" AUTH_KEYS_BASE="$(basename "$AUTH_KEYS_ABS")"
fi fi
"$CONTAINER_TOOL" build \ mkdir -p \
"${CACHE_DIR}" \
"${CACHE_DIR}/go-build" \
"${CACHE_DIR}/go-mod" \
"${CACHE_DIR}/tmp" \
"${CACHE_DIR}/bee"
IMAGE_REF="${IMAGE_TAG}:debian${DEBIAN_VERSION}"
if [ "$REBUILD_IMAGE" = "1" ] || ! "$CONTAINER_TOOL" image inspect "${IMAGE_REF}" >/dev/null 2>&1; then
"$CONTAINER_TOOL" build \
--build-arg GO_VERSION="${GO_VERSION}" \ --build-arg GO_VERSION="${GO_VERSION}" \
--build-arg DEBIAN_KERNEL_ABI="${DEBIAN_KERNEL_ABI}" \ --build-arg DEBIAN_KERNEL_ABI="${DEBIAN_KERNEL_ABI}" \
-t "${IMAGE_TAG}:debian${DEBIAN_VERSION}" \ -t "${IMAGE_REF}" \
"${BUILDER_DIR}" "${BUILDER_DIR}"
else
echo "=== using existing builder image ${IMAGE_REF} ==="
fi
set -- \ set -- \
run --rm --privileged \ run --rm --privileged \
-v "${REPO_ROOT}:/work" \ -v "${REPO_ROOT}:/work" \
-v "${CACHE_DIR}:/cache" \
-e GOCACHE=/cache/go-build \
-e GOMODCACHE=/cache/go-mod \
-e TMPDIR=/cache/tmp \
-e BEE_CACHE_DIR=/cache/bee \
-w /work \ -w /work \
"${IMAGE_TAG}:debian${DEBIAN_VERSION}" \ "${IMAGE_REF}" \
sh /work/iso/builder/build.sh sh /work/iso/builder/build.sh
if [ -n "$AUTH_KEYS" ]; then if [ -n "$AUTH_KEYS" ]; then
set -- run --rm --privileged \ set -- run --rm --privileged \
-v "${REPO_ROOT}:/work" \ -v "${REPO_ROOT}:/work" \
-v "${CACHE_DIR}:/cache" \
-v "${AUTH_KEYS_DIR}:/tmp/bee-authkeys:ro" \ -v "${AUTH_KEYS_DIR}:/tmp/bee-authkeys:ro" \
-e GOCACHE=/cache/go-build \
-e GOMODCACHE=/cache/go-mod \
-e TMPDIR=/cache/tmp \
-e BEE_CACHE_DIR=/cache/bee \
-w /work \ -w /work \
"${IMAGE_TAG}:debian${DEBIAN_VERSION}" \ "${IMAGE_REF}" \
sh /work/iso/builder/build.sh --authorized-keys "/tmp/bee-authkeys/${AUTH_KEYS_BASE}" sh /work/iso/builder/build.sh --authorized-keys "/tmp/bee-authkeys/${AUTH_KEYS_BASE}"
fi fi

14
iso/builder/build-nvidia-module.sh
View File

@@ -43,6 +43,9 @@ echo "kernel headers (arch): $KDIR_ARCH"
echo "kernel headers (common): $KDIR_COMMON" echo "kernel headers (common): $KDIR_COMMON"
CACHE_DIR="${DIST_DIR}/nvidia-${NVIDIA_VERSION}-${KVER}" CACHE_DIR="${DIST_DIR}/nvidia-${NVIDIA_VERSION}-${KVER}"
CACHE_ROOT="${BEE_CACHE_DIR:-${DIST_DIR}/cache}"
DOWNLOAD_CACHE_DIR="${CACHE_ROOT}/nvidia-downloads"
EXTRACT_CACHE_DIR="${CACHE_ROOT}/nvidia-extract"
if [ -d "$CACHE_DIR/modules" ] && [ -f "$CACHE_DIR/bin/nvidia-smi" ]; then if [ -d "$CACHE_DIR/modules" ] && [ -f "$CACHE_DIR/bin/nvidia-smi" ]; then
echo "=== NVIDIA cached, skipping build ===" echo "=== NVIDIA cached, skipping build ==="
echo "cache: $CACHE_DIR" echo "cache: $CACHE_DIR"
@@ -52,13 +55,14 @@ fi
# Download official NVIDIA .run installer with sha256 verification # Download official NVIDIA .run installer with sha256 verification
BASE_URL="https://download.nvidia.com/XFree86/Linux-x86_64/${NVIDIA_VERSION}" BASE_URL="https://download.nvidia.com/XFree86/Linux-x86_64/${NVIDIA_VERSION}"
RUN_FILE="/var/tmp/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run" mkdir -p "$DOWNLOAD_CACHE_DIR" "$EXTRACT_CACHE_DIR"
SHA_FILE="/var/tmp/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run.sha256sum" RUN_FILE="${DOWNLOAD_CACHE_DIR}/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run"
SHA_FILE="${DOWNLOAD_CACHE_DIR}/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run.sha256sum"
verify_run() { verify_run() {
[ -s "$SHA_FILE" ] || return 1 [ -s "$SHA_FILE" ] || return 1
[ -s "$RUN_FILE" ] || return 1 [ -s "$RUN_FILE" ] || return 1
cd /var/tmp cd "$DOWNLOAD_CACHE_DIR"
sha256sum -c "$SHA_FILE" --status 2>/dev/null sha256sum -c "$SHA_FILE" --status 2>/dev/null
} }
@@ -69,7 +73,7 @@ if ! verify_run; then
echo "sha256: $(cat "$SHA_FILE")" echo "sha256: $(cat "$SHA_FILE")"
wget --show-progress -O "$RUN_FILE" "${BASE_URL}/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run" wget --show-progress -O "$RUN_FILE" "${BASE_URL}/NVIDIA-Linux-x86_64-${NVIDIA_VERSION}.run"
echo "=== verifying sha256 ===" echo "=== verifying sha256 ==="
cd /var/tmp && sha256sum -c "$SHA_FILE" || { echo "ERROR: sha256 mismatch"; rm -f "$RUN_FILE"; exit 1; } cd "$DOWNLOAD_CACHE_DIR" && sha256sum -c "$SHA_FILE" || { echo "ERROR: sha256 mismatch"; rm -f "$RUN_FILE"; exit 1; }
echo "sha256 OK" echo "sha256 OK"
else else
echo "=== NVIDIA installer verified from cache ===" echo "=== NVIDIA installer verified from cache ==="
@@ -78,7 +82,7 @@ fi
# Extract installer contents # Extract installer contents
echo "=== extracting installer ===" echo "=== extracting installer ==="
chmod +x "$RUN_FILE" chmod +x "$RUN_FILE"
EXTRACT_DIR="/var/tmp/nvidia-extract-${NVIDIA_VERSION}" EXTRACT_DIR="${EXTRACT_CACHE_DIR}/nvidia-extract-${NVIDIA_VERSION}"
rm -rf "$EXTRACT_DIR" rm -rf "$EXTRACT_DIR"
"$RUN_FILE" --extract-only --target "$EXTRACT_DIR" "$RUN_FILE" --extract-only --target "$EXTRACT_DIR"

27
iso/builder/build.sh
View File

@@ -16,6 +16,7 @@ DIST_DIR="${REPO_ROOT}/dist"
VENDOR_DIR="${REPO_ROOT}/iso/vendor" VENDOR_DIR="${REPO_ROOT}/iso/vendor"
BUILD_WORK_DIR="${DIST_DIR}/live-build-work" BUILD_WORK_DIR="${DIST_DIR}/live-build-work"
OVERLAY_STAGE_DIR="${DIST_DIR}/overlay-stage" OVERLAY_STAGE_DIR="${DIST_DIR}/overlay-stage"
CACHE_ROOT="${BEE_CACHE_DIR:-${DIST_DIR}/cache}"
AUTH_KEYS="" AUTH_KEYS=""
# parse args # parse args
@@ -29,6 +30,10 @@ done
. "${BUILDER_DIR}/VERSIONS" . "${BUILDER_DIR}/VERSIONS"
export PATH="$PATH:/usr/local/go/bin" export PATH="$PATH:/usr/local/go/bin"
mkdir -p "${DIST_DIR}" mkdir -p "${DIST_DIR}"
mkdir -p "${CACHE_ROOT}"
: "${GOCACHE:=${CACHE_ROOT}/go-build}"
: "${GOMODCACHE:=${CACHE_ROOT}/go-mod}"
export GOCACHE GOMODCACHE
echo "=== bee ISO build ===" echo "=== bee ISO build ==="
echo "Debian: ${DEBIAN_VERSION}, Kernel ABI: ${DEBIAN_KERNEL_ABI}, Go: ${GO_VERSION}" echo "Debian: ${DEBIAN_VERSION}, Kernel ABI: ${DEBIAN_KERNEL_ABI}, Go: ${GO_VERSION}"
@@ -51,7 +56,16 @@ if [ "$NEED_BUILD" = "1" ]; then
-o "$BEE_BIN" \ -o "$BEE_BIN" \
./cmd/bee ./cmd/bee
echo "binary: $BEE_BIN" echo "binary: $BEE_BIN"
echo "size: $(du -sh "$BEE_BIN" | cut -f1)" if command -v stat >/dev/null 2>&1; then
BEE_SIZE_BYTES="$(stat -c '%s' "$BEE_BIN" 2>/dev/null || stat -f '%z' "$BEE_BIN")"
else
BEE_SIZE_BYTES="$(wc -c < "$BEE_BIN" | tr -d ' ')"
fi
if command -v numfmt >/dev/null 2>&1; then
echo "size: $(numfmt --to=iec --suffix=B "$BEE_SIZE_BYTES")"
else
echo "size: ${BEE_SIZE_BYTES} bytes"
fi
else else
echo "=== bee binary up to date, skipping build ===" echo "=== bee binary up to date, skipping build ==="
fi fi
@@ -201,7 +215,16 @@ if [ -f "$ISO_RAW" ]; then
echo "" echo ""
echo "=== done ===" echo "=== done ==="
echo "ISO: $ISO_OUT" echo "ISO: $ISO_OUT"
echo "Size: $(du -sh "$ISO_OUT" | cut -f1)" if command -v stat >/dev/null 2>&1; then
ISO_SIZE_BYTES="$(stat -c '%s' "$ISO_OUT" 2>/dev/null || stat -f '%z' "$ISO_OUT")"
else
ISO_SIZE_BYTES="$(wc -c < "$ISO_OUT" | tr -d ' ')"
fi
if command -v numfmt >/dev/null 2>&1; then
echo "Size: $(numfmt --to=iec --suffix=B "$ISO_SIZE_BYTES")"
else
echo "Size: ${ISO_SIZE_BYTES} bytes"
fi
else else
echo "ERROR: ISO not found at $ISO_RAW" echo "ERROR: ISO not found at $ISO_RAW"
exit 1 exit 1