Add image-builder utility (#66)

* internal/incus: add required helpers for image builder
* implement cmd/image-builder
* remove links for files that are not needed anymore
* update documentation to use image-builder
* fixup LXD install flaky on CI
* add github action workflow to build kubeadm images
* do not lint long lines on cmd package
* allow override haproxy image on clusterclass

---------

Signed-off-by: Angelos Kolaitis <[email protected]>

Author: neoaggelos

.github/workflows/build-kubeadm-images.yml

@@ -0,0 +1,48 @@
+name: Build Kubeadm Images
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        required: true
+        description: Kubernetes version, e.g. "v1.33.0"
+        type: string
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        # amd64 images
+        - { infrastructure: incus,  type: container,        arch: amd64 }
+        - { infrastructure: incus,  type: virtual-machine,  arch: amd64 }
+        - { infrastructure: lxd,    type: virtual-machine,  arch: amd64 }
+
+        # arm64 images
+        - { infrastructure: incus,  type: container,        arch: arm64 }
+        # - { infrastructure: incus,  type: virtual-machine,  arch: arm64 }    # arm64 runners do not support kvm
+        # - { infrastructure: lxd,    type: virtual-machine,  arch: arm64 }    # arm64 runners do not support kvm
+    runs-on: ${{ matrix.arch == 'amd64' && 'ubuntu-24.04' || 'ubuntu-24.04-arm' }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: go.mod
+
+      - name: Setup infrastructure
+        run: |
+          ./hack/scripts/ci/setup-${{ matrix.infrastructure }}.sh
+
+      - name: Build image
+        run: |
+          go run ./cmd/image-builder kubeadm --v=4 --kubernetes-version ${{ inputs.version }} --instance-type=${{ matrix.type }} --output image.tar.gz
+
+      - name: Upload image
+        uses: actions/upload-artifact@v4
+        with:
+          name: kubeadm-${{ inputs.version }}-${{ matrix.infrastructure }}-${{ matrix.type }}-${{ matrix.arch }}
+          path: image.tar.gz

.golangci.yml

@@ -12,6 +12,10 @@ issues:
     - path: "api/*"
       linters:
         - lll
+    - path: "cmd/*"
+      linters:
+        - lll
+        - goconst
     - path: "internal/*"
       linters:
         - dupl

Makefile

@@ -233,13 +233,18 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 GOLANGCI_LINT = $(LOCALBIN)/golangci-lint
 GINKGO = $(LOCALBIN)/ginkgo
+IMAGE_BUILDER = $(LOCALBIN)/image-builder
 
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v5.5.0
 CONTROLLER_TOOLS_VERSION ?= v0.16.4
 ENVTEST_VERSION ?= release-0.19
 GOLANGCI_LINT_VERSION ?= v1.61.0
 
+.PHONY: image-builder
+image-builder: $(LOCALBIN)
+	go build -o $(IMAGE_BUILDER) ./cmd/image-builder
+
 .PHONY: kustomize
 kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary.
 $(KUSTOMIZE): $(LOCALBIN)

cmd/image-builder/command_haproxy.go

@@ -0,0 +1,40 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+var (
+	haproxyCmd = &cobra.Command{
+		Use:          "haproxy",
+		GroupID:      "build",
+		Short:        "Build haproxy images for cluster-api-provider-incus",
+		SilenceUsage: true,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if cfg.imageAlias == "" {
+				cfg.imageAlias = fmt.Sprintf("haproxy-u%s", cfg.ubuntuVersion)
+			}
+
+			log.FromContext(gCtx).WithValues(
+				"ubuntu-version", cfg.ubuntuVersion,
+				"instance-type", cfg.instanceType,
+				"image-alias", cfg.imageAlias,
+			).Info("Building haproxy image")
+
+			return runStages(
+				&stageCreateInstance{},
+				&stagePreRunCommands{},
+				&stageInstallHaproxy{},
+				&stagePostRunCommands{},
+				&stageCleanupInstance{},
+				&stageStopInstance{},
+				&stagePublishHaproxyImage{},
+				&stageExportImage{},
+				&stageRemoveInstance{},
+			)
+		},
+	}
+)

cmd/image-builder/command_kubeadm.go

@@ -0,0 +1,58 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/blang/semver/v4"
+	"github.com/spf13/cobra"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+var (
+	kubeadmCmd = &cobra.Command{
+		Use:          "kubeadm",
+		GroupID:      "build",
+		Short:        "Build kubeadm images for cluster-api-provider-incus",
+		SilenceUsage: true,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			if _, err := semver.ParseTolerant(kubeadmCfg.kubernetesVersion); err != nil {
+				return fmt.Errorf("--kubernetes-version %q is not valid semver: %w", kubeadmCfg.kubernetesVersion, err)
+			}
+
+			if cfg.imageAlias == "" {
+				cfg.imageAlias = fmt.Sprintf("kubeadm-%s-u%s-%s", kubeadmCfg.kubernetesVersion, cfg.ubuntuVersion, cfg.instanceType)
+			}
+
+			log.FromContext(gCtx).WithValues(
+				"kubernetes-version", kubeadmCfg.kubernetesVersion,
+				"ubuntu-version", cfg.ubuntuVersion,
+				"instance-type", cfg.instanceType,
+				"image-alias", cfg.imageAlias,
+			).Info("Building kubeadm image")
+
+			return runStages(
+				&stageCreateInstance{},
+				&stagePreRunCommands{},
+				&stageInstallKubeadm{},
+				&stagePullExtraImages{},
+				&stageGenerateManifest{},
+				&stagePostRunCommands{},
+				&stageCleanupInstance{},
+				&stageStopInstance{},
+				&stagePublishKubeadmImage{},
+				&stageExportImage{},
+				&stageRemoveInstance{},
+			)
+		},
+	}
+)
+
+func init() {
+	kubeadmCmd.Flags().StringVar(&kubeadmCfg.kubernetesVersion, "kubernetes-version", "",
+		"Kubernetes version to create image for")
+
+	kubeadmCmd.Flags().StringSliceVar(&kubeadmCfg.pullExtraImages, "pull-extra-images", defaultPullExtraImages,
+		"Extra OCI images to pull in the image")
+
+	_ = kubeadmCmd.MarkFlagRequired("kubernetes-version")
+}

cmd/image-builder/command_root.go

@@ -0,0 +1,79 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+
+	"github.com/spf13/cobra"
+	cliflag "k8s.io/component-base/cli/flag"
+	logsv1 "k8s.io/component-base/logs/api/v1"
+
+	"github.com/lxc/cluster-api-provider-incus/internal/incus"
+)
+
+var (
+	rootCmd = &cobra.Command{
+		Use:          "image-builder",
+		SilenceUsage: true,
+		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
+			if err := logsv1.ValidateAndApply(logOptions, nil); err != nil {
+				return fmt.Errorf("failed to configure logging: %w", err)
+			}
+
+			switch cfg.instanceType {
+			case "container", "virtual-machine":
+			default:
+				return fmt.Errorf("invalid value for --instance-type argument %q, must be one of [container, virtual-machine]", cfg.instanceType)
+			}
+
+			switch cfg.ubuntuVersion {
+			case "22.04", "24.04":
+			default:
+				return fmt.Errorf("invalid value for --ubuntu-version argument %q, must be one of [22.04, 24.04]", cfg.ubuntuVersion)
+			}
+
+			opts, err := incus.NewOptionsFromConfigFile(cfg.configFile, cfg.configRemoteName, false)
+			if err != nil {
+				return fmt.Errorf("failed to read client credentials: %w", err)
+			}
+
+			client, err = incus.New(gCtx, opts)
+			if err != nil {
+				return fmt.Errorf("failed to create incus client: %w", err)
+			}
+
+			return nil
+		},
+	}
+)
+
+func init() {
+	rootCmd.AddGroup(&cobra.Group{ID: "build", Title: "Available Image Types:"})
+	rootCmd.AddCommand(kubeadmCmd, haproxyCmd)
+
+	logsv1.AddFlags(logOptions, rootCmd.PersistentFlags())
+	rootCmd.SetGlobalNormalizationFunc(cliflag.WordSepNormalizeFunc)
+	rootCmd.PersistentFlags().AddGoFlagSet(flag.CommandLine)
+
+	rootCmd.PersistentFlags().StringVar(&cfg.configFile, "config-file", "",
+		"Read client configuration from file")
+	rootCmd.PersistentFlags().StringVar(&cfg.configRemoteName, "config-remote-name", "",
+		"Override remote to use from configuration file")
+
+	rootCmd.PersistentFlags().StringVar(&cfg.ubuntuVersion, "ubuntu-version", defaultUbuntuVersion,
+		"Ubuntu version to use to launch instance (one of 22.04|24.04)")
+
+	rootCmd.PersistentFlags().StringVar(&cfg.instanceName, "instance-name", defaultInstanceName,
+		"Name for the builder instance")
+	rootCmd.PersistentFlags().StringVar(&cfg.instanceType, "instance-type", defaultInstanceType,
+		"Type of image to build (one of container|virtual-machine)")
+	rootCmd.PersistentFlags().StringSliceVar(&cfg.instanceProfiles, "instance-profile", defaultInstanceProfiles,
+		"Profiles to use to launch the builder instance")
+
+	rootCmd.PersistentFlags().StringVar(&cfg.imageAlias, "image-alias", "",
+		"Create image with alias. If not specified, a default is used based on config")
+
+	rootCmd.PersistentFlags().StringVar(&cfg.outputFile, "output", "image.tar.gz",
+		"Output file for exported image")
+
+}

cmd/image-builder/config.go

@@ -0,0 +1,52 @@
+package main
+
+import (
+	"context"
+
+	"k8s.io/component-base/logs"
+	"k8s.io/klog/v2"
+	ctrl "sigs.k8s.io/controller-runtime"
+
+	"github.com/lxc/cluster-api-provider-incus/internal/incus"
+)
+
+var (
+	gCtx       context.Context
+	gLogger    = ctrl.Log
+	logOptions = logs.NewOptions()
+
+	// command-line arguments
+	cfg struct {
+		// client configuration
+		configFile       string
+		configRemoteName string
+
+		// base image configuration
+		ubuntuVersion string
+
+		// builder configuration
+		instanceName     string
+		instanceProfiles []string
+		instanceType     string
+
+		// image alias configuration
+		imageAlias string
+
+		// output
+		outputFile string
+	}
+
+	kubeadmCfg struct {
+		kubernetesVersion string
+		pullExtraImages   []string
+	}
+
+	// runtime configuration
+	client *incus.Client
+)
+
+func init() {
+	gCtx = ctrl.SetupSignalHandler()
+	ctrl.SetLogger(klog.Background())
+	gCtx = ctrl.LoggerInto(gCtx, gLogger)
+}

cmd/image-builder/default.go

@@ -0,0 +1,14 @@
+package main
+
+var (
+	defaultUbuntuVersion = "24.04"
+
+	defaultInstanceName     = "capn-builder"
+	defaultInstanceType     = "container"
+	defaultInstanceProfiles = []string{"default"}
+
+	defaultPullExtraImages = []string{
+		"docker.io/flannel/flannel-cni-plugin:v1.6.0-flannel1",
+		"docker.io/flannel/flannel:v0.26.3",
+	}
+)

cmd/image-builder/main.go

@@ -0,0 +1,11 @@
+package main
+
+import (
+	"os"
+)
+
+func main() {
+	if err := rootCmd.Execute(); err != nil {
+		os.Exit(1)
+	}
+}

cmd/image-builder/run_stage_cleanup_instance.go

@@ -0,0 +1,35 @@
+package main
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"os"
+
+	"sigs.k8s.io/controller-runtime/pkg/log"
+
+	"github.com/lxc/cluster-api-provider-incus/internal/static"
+)
+
+type stageCleanupInstance struct{}
+
+func (*stageCleanupInstance) name() string { return "cleanup-instance" }
+
+// cat cleanup-instance.sh | incus exec capn-builder -- bash -s
+func (*stageCleanupInstance) run(ctx context.Context) error {
+	log.FromContext(ctx).V(1).Info("Running cleanup-instance.sh script")
+
+	var stdout, stderr io.Writer
+	if log.FromContext(ctx).V(4).Enabled() {
+		stdout = os.Stdout
+		stderr = os.Stderr
+	}
+
+	stdin := bytes.NewBufferString(static.CleanupInstanceScript())
+	if err := client.RunCommand(ctx, cfg.instanceName, []string{"bash", "-s"}, stdin, stdout, stderr); err != nil {
+		return fmt.Errorf("failed to run cleanup-instance.sh script: %w", err)
+	}
+
+	return nil
+}