deckhouse · universal-itengineer · May 28, 2025 · Jun 9, 2025 · Jun 9, 2025 · Jun 11, 2025
@@ -0,0 +1,21 @@
+# Edition module settings
+{{- $_ := set . "MODULE_EDITION" (env "MODULE_EDITION" "EE") }}
+
+# Component versions
+{{- $_ := set . "Version" dict -}}
+{{- $_ := set . "Package" dict -}}
+{{- $versions_path := "/component_versions/version_map.yml" -}}
+
+{{- if .ModuleDir -}}
+{{-   $versions_path = (printf "%s%s" (trimPrefix "/" .ModuleDir ) $versions_path) -}}
+{{- end -}}
+
+{{- $versions_ctx := (.Files.Get $versions_path | fromYaml) -}}
+
+{{- range $k, $v := $versions_ctx.firmware -}}
+{{-   $_ := set $.Version $k $v -}}
+{{- end -}}
+
+{{- range $k, $v := $versions_ctx.package -}}
+{{-   $_ := set $.Package $k $v -}}
+{{- end -}}
@@ -9,4 +9,4 @@
 {{- define "debian packages clean" }}
 - apt-get clean
 - find /var/lib/apt/ /var/cache/apt/ -type f -delete
-{{- end }}
+{{- end }}
@@ -30,4 +30,4 @@ image: {{ $k }}
 from: {{ $v }}
 final: false
   {{- end }}
-{{- end }}
+{{- end }}
@@ -1,60 +1,57 @@
-# Common dirs
+{{/* # Common dirs */}}
 {{- define "module_image_template" }}
-
   {{- if eq .ImageInstructionType "Dockerfile" }}
 ---
 image: images/{{ .ImageName }}
 context: images/{{ .ImageName }}
 dockerfile: Dockerfile
   {{- else }}
-    {{- tpl .ImageBuildData . | nindent 0 }}
+    {{- tpl .ImageBuildData . }}
   {{- end }}
-
 {{- end }}
 
-# Context inside folder images
+
+{{/* # Context inside folder images */}}
 {{- $Root := . }}
 
-{{ $ImagesBuildFiles := .Files.Glob "images/*/{Dockerfile,werf.inc.yaml}" }}
+{{  $ImagesBuildFiles := .Files.Glob "images/*/{Dockerfile,werf.inc.yaml}" }}
 
 {{- range $path, $content := $ImagesBuildFiles }}
-  {{- $ctx := dict }}
-
-  {{- if regexMatch "/werf.inc.yaml$" $path }}
-    {{- $_ := set $ctx "ImageInstructionType" "Stapel" }}
-  {{- else }}
-    {{- $_ := set $ctx "ImageInstructionType" "Dockerfile" }}
-  {{- end }}
-
-  {{- $ImageData := $path | split "/" }}
-
-  {{- $_ := set $ctx "ImageName" $ImageData._1 }}
-  {{- $_ := set $ctx "ImageBuildData" $content }}
-  {{- $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }}
-  {{- $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }}
-  {{- $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }}
-  {{- $_ := set $ctx "Version" $Root.Version }}
-  {{- $_ := set $ctx "ProjectName" $ctx.ImageName }}
-  {{- $_ := set $ctx "Commit" $Root.Commit }}
-  {{- $_ := set $ctx "SVACE_ENABLED" $Root.SVACE_ENABLED }}
-  {{- $_ := set $ctx "SVACE_ANALYZE_SSH_USER" $Root.SVACE_ANALYZE_SSH_USER }}
-  {{- $_ := set $ctx "SVACE_ANALYZE_HOST" $Root.SVACE_ANALYZE_HOST }}
-  {{- $_ := set $ctx "SVACE_IMAGE_SUFFIX" $Root.SVACE_IMAGE_SUFFIX }}
 
+{{-   $ctx := dict }}
+{{-   $_ := set $ctx "ImageInstructionType" "Stapel" }}
+
+{{-   $ImageData := regexReplaceAll "^images/([0-9a-z-_]+)/(Dockerfile|werf.inc.yaml)$" $path "${1}#${2}" | split "#" }}
+
+{{-   $_ := set $ctx "ImageName" $ImageData._0 }}
+{{-   $_ := set $ctx "ImagePath" (printf "/images/%s" $ctx.ImageName) }}
+{{-   $_ := set $ctx "ModuleDir" "/" }}
+{{-   $_ := set $ctx "ModuleNamePrefix" "" }}
+{{-   $_ := set $ctx "ImageBuildData" $content }}
+{{-   $_ := set $ctx "Files" $Root.Files }}
+{{-   $_ := set $ctx "SOURCE_REPO" $Root.SOURCE_REPO }}
+{{-   $_ := set $ctx "SOURCE_REPO_GIT" $Root.SOURCE_REPO_GIT }}
+{{-   $_ := set $ctx "MODULE_EDITION" $Root.MODULE_EDITION }}
+{{-   $_ := set $ctx "Version" $Root.Version }}
+{{-   $_ := set $ctx "Package" $Root.Package }}
+{{-   $_ := set $ctx "GOPROXY" (env "GOPROXY" "https://proxy.golang.org,direct") }}
+{{-   $_ := set $ctx "ProjectName" $ctx.ImageName }}
+{{-   $_ := set $ctx "Commit" $Root.Commit }}
+{{-   $_ := set $ctx "SVACE_ENABLED" $Root.SVACE_ENABLED }}
+{{-   $_ := set $ctx "SVACE_ANALYZE_SSH_USER" $Root.SVACE_ANALYZE_SSH_USER }}
+{{-   $_ := set $ctx "SVACE_ANALYZE_HOST" $Root.SVACE_ANALYZE_HOST }}
+{{-   $_ := set $ctx "SVACE_IMAGE_SUFFIX" $Root.SVACE_IMAGE_SUFFIX }}
+
+
+{{-   include "module_image_template" $ctx }}
+
+{{-   range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "module_image_template" $ctx) -1 }}
+{{-     $ImageManifest := $ImageYamlMainfest | fromYaml }}
+{{-     if $ImageManifest | dig "final" true }}
+{{-       if $ImageManifest.image }}
+{{-         $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }}
+{{-       end }}
+{{-     end }}
+{{-   end }}
 
-  {{- include "module_image_template" $ctx }}
-
-  {{- range $ImageYamlMainfest := regexSplit "\n?---[ \t]*\n" (include "module_image_template" $ctx) -1 }}
-    {{- $ImageManifest := $ImageYamlMainfest | fromYaml }}
-
-      {{- if $ImageManifest | dig "final" true }}
-
-        {{- if $ImageManifest.image }}
-          {{- $_ := set $ "ImagesIDList" (append $.ImagesIDList $ImageManifest.image) }}
-        {{- end }}
-
-      {{- end }}
-
-  {{- end }}
-
-{{- end }}
+{{- end }}
@@ -8,8 +8,8 @@ base/python: "sha256:bda80f25bbfb09a9e6793a5fcc3a560ebb058ba6618f413a778056951e6
 base/python-v3.12.10: "sha256:bda80f25bbfb09a9e6793a5fcc3a560ebb058ba6618f413a778056951e663461" # fromImage: builder/scratch
 builder/alpine: "sha256:286e7fddf397a48ed2529f630881876284ff09c84c6dcfce9d982f4e035648cd" # from: alpine:3.20.6
 builder/alpine-3.20: "sha256:286e7fddf397a48ed2529f630881876284ff09c84c6dcfce9d982f4e035648cd" # from: alpine:3.20.6
-builder/alt: "sha256:7223768d0f8af786c3621de7761075cf6f8f025b3b4bf7edfdceac21038d5fef" # from: registry.altlinux.org/p11/alt:20250321
-builder/alt-2025-04-24: "sha256:7223768d0f8af786c3621de7761075cf6f8f025b3b4bf7edfdceac21038d5fef" # from: registry.altlinux.org/p11/alt:20250321
+builder/alt: "sha256:ee2b848c440ecbbe0e941bcbc1e7c75001ae05662742a015594edf470e4c5465" # from: registry.altlinux.org/p11/alt:20250321
+builder/alt-2025-05-31: "sha256:ee2b848c440ecbbe0e941bcbc1e7c75001ae05662742a015594edf470e4c5465" # from: registry.altlinux.org/p11/alt:20250321
 builder/golang-alpine: "sha256:f6f526535fdfcdf869a9e09831beeb3ed0d0eac3076a18840dfbfcd1b069c895" # from: golang:1.24.2-alpine3.20
 builder/golang-alpine-1.23: "sha256:68747b189da26bd5bff8f6ec0a9d614940f4d05adcee91ab50b4ee39e335d1c2" # from: golang:1.23.8-alpine3.20
 builder/golang-alpine-1.24: "sha256:f6f526535fdfcdf869a9e09831beeb3ed0d0eac3076a18840dfbfcd1b069c895" # from: golang:1.24.2-alpine3.20

@@ -1,5 +1,5 @@
 # REGISTRY_PATH is a special key which is concatenated with other base images
-REGISTRY_PATH: "docker.io/"
+#REGISTRY_PATH: "docker.io/"
 
 # Digest for image created at 2024-09-20.
-BASE_ALT_P11: "alt:p11@sha256:39f03d3bca1a92dc36835c28c2ba2f22ec15257e950b3930e0a3f034466e8dfb"
+#BASE_ALT_P11: "alt:p11@sha256:39f03d3bca1a92dc36835c28c2ba2f22ec15257e950b3930e0a3f034466e8dfb"
@@ -27,3 +27,4 @@ package:
   dtc: v1.7.2
   fuse3: fuse-3.16.2
   libgcrypt: libgcrypt-1.10.2
+  libtpms: 0.10.0
@@ -10,19 +10,17 @@ libraries:
 
 {{ $builderDependencies := include "$name" . | fromYaml }}
 
-image: {{ $.ImageName }}
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}
 final: false
-fromImage: BASE_ALT_P11
+fromImage: builder/alt
 git:
-  - add: /images/{{ $.ImageName }}
-    to: /
-    includePaths:
-    - relocate_binaries.sh
+  - add: {{ .ImagePath }}/relocate_binaries.sh
+    to: /relocate_binaries.sh
 shell:
   install:
   {{- include "alt packages proxy" . | nindent 2 }}
   - |
     apt-get install -y \
         {{ $builderDependencies.packages | join " " }} \
         {{ $builderDependencies.libraries | join " " }}
-  {{- include "alt packages clean" . | nindent 2 }}
+  {{- include "alt packages clean" . | nindent 2 }}
@@ -1,7 +1,7 @@
 ---
-image: {{ $.ImageName }}
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}
 final: false
-fromImage: BASE_ALT_P11
+fromImage: builder/alt
 shell:
   setup:
   # Create nonroot-user group and user.

@@ -1,21 +1,21 @@
 ---
-image: {{ $.ImageName }}
-fromImage: distroless
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}
+fromImage: {{ .ModuleNamePrefix }}distroless
 import:
-  - image: {{ $.ImageName }}-cbuilder
+  - image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder
     add: /bins
     to: /usr/local/bin
     after: setup
 imageSpec:
   config:
     cmd: ["hello_bounder"]
 ---
-image: {{ $.ImageName }}-cbuilder
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder
 final: false
 fromImage: builder/golang-bookworm-1.23
 git:
-  - add: /images/{{ $.ImageName }}/static_binaries
-    to: /
+  - add: {{ .ImagePath }}/static_binaries
+    to: /static_binaries
     stageDependencies:
       install:
         - '*.c'
@@ -26,6 +26,7 @@ shell:
   {{- include "debian packages clean" . | nindent 2 }}
   install:
   - |
+    cd /static_binaries
     echo "Building simple app that prints hello cdi"
     mkdir -p /bins
     musl-gcc -static -Os -o /bins/hello_bounder hello_bounder.c

@@ -1,8 +1,8 @@
 ---
-image: {{ $.ImageName }}
-fromImage: distroless
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}
+fromImage: {{ .ModuleNamePrefix }}distroless
 import:
-- image: cdi-artifact
+- image: {{ .ModuleNamePrefix }}cdi-artifact
   add: /cdi-binaries
   to: /usr/bin
   before: setup

@@ -2,31 +2,58 @@
 {{- $version := "v1.60.3-v12n.1" }}
 {{- $gitRepoUrl := "deckhouse/3p-containerized-data-importer" }}
 
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact
+final: false
+fromImage: builder/src
+git:
+  - add: {{ .ImagePath }}
+    to: /src
+    stageDependencies:
+      install:
+        - '**/*'
+    excludePaths:
+      - patches/README.md
+secrets:
+- id: SOURCE_REPO
+  value: {{ $.SOURCE_REPO }}
+shell:
+  install:
+  - |
+    mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config
+    echo "Git clone CDI repository..."
+    git clone --depth 1 --branch {{ $version }} $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} /src/containerized-data-importer
+
+    rm -rf /src/containerized-data-importer/.git
+
 ---
-image: {{ $.ImageName }}
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}
 final: false
 fromImage: builder/golang-bookworm-1.23
 mount:
   - fromPath: ~/go-pkg-cache
     to: /go/pkg
+import:
+- image: {{ .ModuleNamePrefix }}{{ .ImageName }}-src-artifact
+  add: /src/containerized-data-importer
+  to: /containerized-data-importer
+  before: install
 secrets:
 - id: SOURCE_REPO
   value: {{ $.SOURCE_REPO }}
+- id: GOPROXY
+  value: {{ .GOPROXY }}
 shell:
   beforeInstall:
-  {{- include "alt packages proxy" . | nindent 2 }}
+  {{- include "debian packages proxy" . | nindent 2 }}
   - |
     apt-get install --yes libnbd-dev
-  {{- include "alt packages clean" . | nindent 2 }}
+  {{- include "debian packages clean" . | nindent 2 }}
 
   install:
   - |
+    export GOPROXY=$(cat /run/secrets/GOPROXY)
     mkdir -p ~/.ssh && echo "StrictHostKeyChecking accept-new" > ~/.ssh/config
 
-    echo "Git clone CDI repository..."
-    git config --global --add advice.detachedHead false
-    git clone --depth 1 --branch {{ $version }} $(cat /run/secrets/SOURCE_REPO)/{{ $gitRepoUrl }} /containerized-data-importer
-
   - |
     echo Download Go modules.
     cd /containerized-data-importer
@@ -83,12 +110,14 @@ shell:
   - ls -la /cdi-binaries
 
 ---
-image: {{ $.ImageName }}-cbuilder
+image: {{ .ModuleNamePrefix }}{{ .ImageName }}-cbuilder
 final: false
 fromImage: builder/golang-bookworm-1.23
 git:
-  - add: /images/{{ $.ImageName }}/static_binaries
+  - add: {{ .ImagePath }}
     to: /
+    includePaths:
+    - static_binaries
     stageDependencies:
       install:
         - '*.c'
@@ -99,6 +128,7 @@ shell:
     apt-get install --yes musl-dev musl-tools
   {{- include "debian packages clean" . | nindent 2 }}
   - |
+    cd /static_binaries
     echo "Building simple app that prints hello cdi"
     mkdir -p /bins
     musl-gcc -static -Os -o /bins/hello hello.c