Skip to content

Commit 8cc5b7e

Browse files
QxBytesQxBytes
authored
ci: add azure iptables monitor pipeline (#3781)
* add azure iptables monitor to pipelines * strip debug symbols from azure iptables monitor
1 parent 9fad7ca commit 8cc5b7e

File tree

7 files changed

+88
-10
lines changed

7 files changed

+88
-10
lines changed

.github/CODEOWNERS

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,13 @@
77
# review a PR in an area.
88
#
99
# Rules are evaluated in this order, and the last match is used for auto-assignment.
10-
* @azure/azure-sdn-members
11-
/.github/ @azure/acn-admins
12-
/cns/ @azure/acn-cns-reviewers
13-
/cni/ @azure/acn-cni-reviewers
14-
/dropgz/ @rbtr @camrynl @paulyufan2 @ashvindeodhar @thatmattlong
15-
/npm/ @azure/acn-npm-reviewers
16-
/zapai/ @rbtr @ZetaoZhuang
17-
/bpf-prog/ @camrynl
18-
/azure-ip-masq-merger/ @QxBytes @santhoshmprabhu
10+
* @azure/azure-sdn-members
11+
/.github/ @azure/acn-admins
12+
/cns/ @azure/acn-cns-reviewers
13+
/cni/ @azure/acn-cni-reviewers
14+
/dropgz/ @rbtr @camrynl @paulyufan2 @ashvindeodhar @thatmattlong
15+
/npm/ @azure/acn-npm-reviewers
16+
/zapai/ @rbtr @ZetaoZhuang
17+
/bpf-prog/ @camrynl
18+
/azure-ip-masq-merger/ @QxBytes @santhoshmprabhu
19+
/azure-iptables-monitor/ @QxBytes @santhoshmprabhu

.pipelines/build/dockerfiles/azure-iptables-monitor.Dockerfile

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
ARG ARCH
2+
3+
# mcr.microsoft.com/azurelinux/base/core:3.0
4+
FROM mcr.microsoft.com/azurelinux/base/core@sha256:9948138108a3d69f1dae62104599ac03132225c3b7a5ac57b85a214629c8567d AS mariner-core
5+
6+
# mcr.microsoft.com/azurelinux/distroless/minimal:3.0
7+
FROM mcr.microsoft.com/azurelinux/distroless/minimal@sha256:0801b80a0927309572b9adc99bd1813bc680473175f6e8175cd4124d95dbd50c AS mariner-distroless
8+
9+
FROM mariner-core AS iptables
10+
RUN tdnf install -y iptables
11+
12+
FROM mariner-distroless AS linux
13+
ARG ARTIFACT_DIR
14+
COPY --from=iptables /usr/sbin/*tables* /usr/sbin/
15+
COPY --from=iptables /usr/lib /usr/lib
16+
COPY ${ARTIFACT_DIR}/bin/azure-iptables-monitor /azure-iptables-monitor
17+
18+
ENTRYPOINT ["/azure-iptables-monitor"]

.pipelines/build/ob-prepare.steps.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,10 @@ steps:
6262
echo "##vso[task.setvariable variable=azureIpMasqMergerVersion;isOutput=true]$AZUREIPMASQMERGERVERSION"
6363
echo "azureIpMasqMergerVersion: $AZUREIPMASQMERGERVERSION"
6464
65+
AZUREIPTABLESMONITORVERSION=$(make azure-iptables-monitor-version)
66+
echo "##vso[task.setvariable variable=azureIptablesMonitorVersion;isOutput=true]$AZUREIPTABLESMONITORVERSION"
67+
echo "azureIptablesMonitorVersion: $AZUREIPTABLESMONITORVERSION"
68+
6569
CNIVERSION=$(make cni-version)
6670
echo "##vso[task.setvariable variable=cniVersion;isOutput=true]$CNIVERSION"
6771
echo "cniVersion: $CNIVERSION"

.pipelines/build/scripts/azure-iptables-monitor.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
#!/bin/bash
2+
set -eux
3+
4+
[[ $OS =~ windows ]] && { echo "azure-iptables-monitor is not supported on Windows"; exit 1; }
5+
FILE_EXT=''
6+
7+
export CGO_ENABLED=0
8+
9+
mkdir -p "$OUT_DIR"/bin
10+
mkdir -p "$OUT_DIR"/files
11+
12+
pushd "$REPO_ROOT"/azure-iptables-monitor
13+
GOOS="$OS" go build -v -a -trimpath \
14+
-o "$OUT_DIR"/bin/azure-iptables-monitor"$FILE_EXT" \
15+
-ldflags "-s -w -X github.com/Azure/azure-container-networking/azure-iptables-monitor/internal/buildinfo.Version=$AZURE_IPTABLES_MONITOR_VERSION -X main.version=$AZURE_IPTABLES_MONITOR_VERSION" \
16+
-gcflags="-dwarflocationlists=true" \
17+
.
18+
popd

.pipelines/pipeline.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,10 @@ stages:
126126
arch: amd64
127127
name: azure-ip-masq-merger
128128
os: linux
129+
azure_iptables_monitor_linux_amd64:
130+
arch: amd64
131+
name: azure-iptables-monitor
132+
os: linux
129133
cni_linux_amd64:
130134
arch: amd64
131135
name: cni
@@ -175,6 +179,10 @@ stages:
175179
arch: arm64
176180
name: azure-ip-masq-merger
177181
os: linux
182+
azure_iptables_monitor_linux_arm64:
183+
arch: arm64
184+
name: azure-iptables-monitor
185+
os: linux
178186
cni_linux_arm64:
179187
arch: arm64
180188
name: cni
@@ -229,6 +237,9 @@ stages:
229237
azure_ip_masq_merger:
230238
name: azure-ip-masq-merger
231239
platforms: linux/amd64 linux/arm64
240+
azure_iptables_monitor:
241+
name: azure-iptables-monitor
242+
platforms: linux/amd64 linux/arm64
232243
steps:
233244
- template: containers/manifest-template.yaml
234245
parameters:

.pipelines/run-pipeline.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ stages:
3838
IMAGE_REPO_PATH: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.imageRepositoryPath'] ]
3939
AZURE_IPAM_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIpamVersion'] ]
4040
AZURE_IP_MASQ_MERGER_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIpMasqMergerVersion'] ]
41+
AZURE_IPTABLES_MONITOR_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIptablesMonitorVersion'] ]
4142
CNI_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.cniVersion'] ]
4243
CNS_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.cnsVersion'] ]
4344
IPV6_HP_BPF_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.ipv6HpBpfVersion'] ]
@@ -68,6 +69,12 @@ stages:
6869
archiveName: azure-ip-masq-merger
6970
archiveVersion: $(AZURE_IP_MASQ_MERGER_VERSION)
7071
imageTag: $(Build.BuildNumber)
72+
azure_iptables_monitor:
73+
name: azure-iptables-monitor
74+
extraArgs: ''
75+
archiveName: azure-iptables-monitor
76+
archiveVersion: $(AZURE_IPTABLES_MONITOR_VERSION)
77+
imageTag: $(Build.BuildNumber)
7178
cni:
7279
name: cni
7380
extraArgs: '--build-arg CNI_AI_PATH=$(CNI_AI_PATH) --build-arg CNI_AI_ID=$(CNI_AI_ID)'
@@ -152,6 +159,12 @@ stages:
152159
archiveName: azure-ip-masq-merger
153160
archiveVersion: $(AZURE_IP_MASQ_MERGER_VERSION)
154161
imageTag: $(Build.BuildNumber)
162+
azure_iptables_monitor:
163+
name: azure-iptables-monitor
164+
extraArgs: ''
165+
archiveName: azure-iptables-monitor
166+
archiveVersion: $(AZURE_IPTABLES_MONITOR_VERSION)
167+
imageTag: $(Build.BuildNumber)
155168
cni:
156169
name: cni
157170
extraArgs: '--build-arg CNI_AI_PATH=$(CNI_AI_PATH) --build-arg CNI_AI_ID=$(CNI_AI_ID)'
@@ -190,6 +203,7 @@ stages:
190203

191204
AZURE_IPAM_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIpamVersion'] ]
192205
AZURE_IP_MASQ_MERGER_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIpMasqMergerVersion'] ]
206+
AZURE_IPTABLES_MONITOR_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.azureIptablesMonitorVersion'] ]
193207
CNI_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.cniVersion'] ]
194208
CNS_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.cnsVersion'] ]
195209
IPV6_HP_BPF_VERSION: $[ stageDependencies.setup.env.outputs['EnvironmentalVariables.ipv6HpBpfVersion'] ]
@@ -202,6 +216,9 @@ stages:
202216
IP_MASQ_MERGER_LINUX_AMD64_REF: $(IMAGE_REPO_PATH)/linux-amd64/azure-ip-masq-merger:$(Build.BuildNumber)
203217
IP_MASQ_MERGER_LINUX_ARM64_REF: $(IMAGE_REPO_PATH)/linux-arm64/azure-ip-masq-merger:$(Build.BuildNumber)
204218

219+
IPTABLES_MONITOR_LINUX_AMD64_REF: $(IMAGE_REPO_PATH)/linux-amd64/azure-iptables-monitor:$(Build.BuildNumber)
220+
IPTABLES_MONITOR_LINUX_ARM64_REF: $(IMAGE_REPO_PATH)/linux-arm64/azure-iptables-monitor:$(Build.BuildNumber)
221+
205222
CNI_LINUX_AMD64_REF: $(IMAGE_REPO_PATH)/linux-amd64/cni:$(Build.BuildNumber)
206223
CNI_LINUX_ARM64_REF: $(IMAGE_REPO_PATH)/linux-arm64/cni:$(Build.BuildNumber)
207224
CNI_WINDOWS_AMD64_REF: $(IMAGE_REPO_PATH)/windows-amd64/cni:$(Build.BuildNumber)
@@ -241,6 +258,15 @@ stages:
241258
imageReference: $(IP_MASQ_MERGER_LINUX_AMD64_REF)
242259
- platform: linux/arm64
243260
imageReference: $(IP_MASQ_MERGER_LINUX_ARM64_REF)
261+
- job: azure_iptables_monitor
262+
templateContext:
263+
name: azure-iptables-monitor
264+
image_tag: $(AZURE_IPTABLES_MONITOR_VERSION)
265+
platforms:
266+
- platform: linux/amd64
267+
imageReference: $(IPTABLES_MONITOR_LINUX_AMD64_REF)
268+
- platform: linux/arm64
269+
imageReference: $(IPTABLES_MONITOR_LINUX_ARM64_REF)
244270
- job: cni
245271
templateContext:
246272
name: cni

azure-iptables-monitor/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ ARG OS
1515
ARG VERSION
1616
WORKDIR /azure-iptables-monitor
1717
COPY ./azure-iptables-monitor .
18-
RUN GOOS=$OS CGO_ENABLED=0 go build -a -o /go/bin/iptables-monitor -trimpath -ldflags "-X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" .
18+
RUN GOOS=$OS CGO_ENABLED=0 go build -a -o /go/bin/iptables-monitor -trimpath -ldflags "-s -w -X main.version="$VERSION"" -gcflags="-dwarflocationlists=true" .
1919

2020
FROM mariner-core AS iptables
2121
RUN tdnf install -y iptables

0 commit comments

Comments
 (0)