diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index cfc8b744..9b0408c2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -28,7 +28,7 @@ jobs: linting: name: "Lints, pinned toolchain" runs-on: "ubuntu-24.04" - container: "ghcr.io/trusted-execution-clusters/buildroot:latest" + container: "ghcr.io/trusted-execution-clusters/buildroot:fedora" steps: - name: "Check out repository" uses: actions/checkout@v6 @@ -55,3 +55,5 @@ jobs: run: go vet ./... - name: "Ensure Rust & Go conditions definitions use same strings" run: cargo test --test equal_conditions + - name: "Ensure rustls isn't used" + run: "! { cargo tree -e normal | grep rustls | grep -v rustls-pki-types; }" diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 653443a4..04bf92ab 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -26,7 +26,7 @@ jobs: tests-stable: name: "Tests, stable toolchain" runs-on: "ubuntu-24.04" - container: "ghcr.io/trusted-execution-clusters/buildroot:latest" + container: "ghcr.io/trusted-execution-clusters/buildroot:fedora" steps: - name: "Check out repository" uses: actions/checkout@v6 @@ -50,7 +50,7 @@ jobs: tests-release-stable: name: "Tests (release), stable toolchain" runs-on: "ubuntu-24.04" - container: "ghcr.io/trusted-execution-clusters/buildroot:latest" + container: "ghcr.io/trusted-execution-clusters/buildroot:fedora" steps: - name: "Check out repository" uses: actions/checkout@v6 @@ -74,7 +74,7 @@ jobs: tests-release-msrv: name: "Tests (release), minimum supported toolchain" runs-on: "ubuntu-24.04" - container: "ghcr.io/trusted-execution-clusters/buildroot:latest" + container: "ghcr.io/trusted-execution-clusters/buildroot:fedora" steps: - name: "Check out repository" uses: actions/checkout@v6 @@ -104,7 +104,7 @@ jobs: tests-other-channels: name: "Tests, unstable toolchain" runs-on: "ubuntu-24.04" - container: "ghcr.io/trusted-execution-clusters/buildroot:latest" + container: "ghcr.io/trusted-execution-clusters/buildroot:fedora" continue-on-error: true strategy: matrix: diff --git a/Cargo.lock b/Cargo.lock index b90e8696..a863dcb5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -181,8 +181,8 @@ dependencies = [ "anyhow", "clap", "env_logger", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "log", "serde", "serde_json", @@ -412,6 +412,15 @@ dependencies = [ "strsim", ] +[[package]] +name = "clap_complete" +version = "4.5.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c757a3b7e39161a4e56f9365141ada2a6c915a8622c408ab6bb4b5d047371031" +dependencies = [ + "clap", +] + [[package]] name = "clap_derive" version = "4.5.55" @@ -451,8 +460,8 @@ dependencies = [ "anyhow", "clap", "compute-pcrs-lib", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "serde_json", "tokio", "trusted-cluster-operator-lib", @@ -519,6 +528,16 @@ dependencies = [ "libc", ] +[[package]] +name = "core-foundation" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2a6cd9ae233e7f62ba4e9353e81a88df7fc8a5987b8d445b4d90c879bd156f6" +dependencies = [ + "core-foundation-sys", + "libc", +] + [[package]] name = "core-foundation-sys" version = "0.8.7" @@ -637,6 +656,16 @@ dependencies = [ "darling_macro 0.20.11", ] +[[package]] +name = "darling" +version = "0.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cdf337090841a411e2a7f3deb9187445851f91b309c0c0a29e05f74a00a48c0" +dependencies = [ + "darling_core 0.21.3", + "darling_macro 0.21.3", +] + [[package]] name = "darling" version = "0.23.0" @@ -661,6 +690,20 @@ dependencies = [ "syn 2.0.110", ] +[[package]] +name = "darling_core" +version = "0.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1247195ecd7e3c85f83c8d2a366e4210d588e802133e1e355180a9870b517ea4" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim", + "syn 2.0.110", +] + [[package]] name = "darling_core" version = "0.23.0" @@ -685,6 +728,17 @@ dependencies = [ "syn 2.0.110", ] +[[package]] +name = "darling_macro" +version = "0.21.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d38308df82d1080de0afee5d069fa14b0326a88c14f15c5ccda35b4a6c414c81" +dependencies = [ + "darling_core 0.21.3", + "quote", + "syn 2.0.110", +] + [[package]] name = "darling_macro" version = "0.23.0" @@ -909,6 +963,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a1c3cc8e57274ec99de65301228b537f1e4eedc1b8e0f9411c6caac8ae7308f" dependencies = [ "log", + "regex", ] [[package]] @@ -923,7 +978,10 @@ version = "0.11.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b2daee4ea451f429a58296525ddf28b45a3b64f1acf6587e2067437bb11e218d" dependencies = [ + "anstream", + "anstyle", "env_filter", + "jiff", "log", ] @@ -1324,6 +1382,15 @@ dependencies = [ "digest", ] +[[package]] +name = "home" +version = "0.5.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc627f471c528ff0c4a49e1d5e60450c8f6461dd6d10ba9dcd3a61d3dff7728d" +dependencies = [ + "windows-sys 0.61.2", +] + [[package]] name = "hostname" version = "0.4.1" @@ -1484,9 +1551,27 @@ dependencies = [ "futures-util", "http 0.2.12", "hyper 0.14.32", - "rustls", + "rustls 0.21.12", "tokio", - "tokio-rustls", + "tokio-rustls 0.24.1", +] + +[[package]] +name = "hyper-rustls" +version = "0.27.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58" +dependencies = [ + "http 1.4.0", + "hyper 1.7.0", + "hyper-util", + "log", + "rustls 0.23.36", + "rustls-native-certs", + "rustls-pki-types", + "tokio", + "tokio-rustls 0.26.4", + "tower-service", ] [[package]] @@ -1827,6 +1912,19 @@ dependencies = [ "thiserror 1.0.69", ] +[[package]] +name = "jsonpath-rust" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c00ae348f9f8fd2d09f82a98ca381c60df9e0820d8d79fce43e649b4dc3128b" +dependencies = [ + "pest", + "pest_derive", + "regex", + "serde_json", + "thiserror 2.0.18", +] + [[package]] name = "jsonpath-rust" version = "1.0.4" @@ -1871,6 +1969,18 @@ dependencies = [ "signature", ] +[[package]] +name = "k8s-openapi" +version = "0.26.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "06d9e5e61dd037cdc51da0d7e2b2be10f497478ea7e120d85dad632adb99882b" +dependencies = [ + "base64 0.22.1", + "chrono", + "serde", + "serde_json", +] + [[package]] name = "k8s-openapi" version = "0.27.0" @@ -1884,19 +1994,91 @@ dependencies = [ "serde_json", ] +[[package]] +name = "kopium" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2221570728e1378652d1edccfd722785a78521c9e8f63e044fa91d1b1699caa5" +dependencies = [ + "anyhow", + "clap", + "clap_complete", + "env_logger", + "heck", + "k8s-openapi 0.26.1", + "kube 2.0.1", + "libc", + "log", + "quote", + "regex", + "serde", + "serde_json", + "serde_yaml", + "syn 2.0.110", + "tokio", +] + +[[package]] +name = "kube" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48e7bb0b6a46502cc20e4575b6ff401af45cfea150b34ba272a3410b78aa014e" +dependencies = [ + "k8s-openapi 0.26.1", + "kube-client 2.0.1", + "kube-core 2.0.1", + "kube-derive 2.0.1", +] + [[package]] name = "kube" version = "3.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f96b537b4c4f61fc183594edbecbbefa3037e403feac0701bb24e6eff78e0034" dependencies = [ - "k8s-openapi", - "kube-client", - "kube-core", - "kube-derive", + "k8s-openapi 0.27.0", + "kube-client 3.0.1", + "kube-core 3.0.1", + "kube-derive 3.0.1", "kube-runtime", ] +[[package]] +name = "kube-client" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4987d57a184d2b5294fdad3d7fc7f278899469d21a4da39a8f6ca16426567a36" +dependencies = [ + "base64 0.22.1", + "bytes", + "chrono", + "either", + "futures", + "home", + "http 1.4.0", + "http-body 1.0.1", + "http-body-util", + "hyper 1.7.0", + "hyper-rustls 0.27.7", + "hyper-timeout", + "hyper-util", + "jsonpath-rust 0.7.5", + "k8s-openapi 0.26.1", + "kube-core 2.0.1", + "pem", + "rustls 0.23.36", + "secrecy", + "serde", + "serde_json", + "serde_yaml", + "thiserror 2.0.18", + "tokio", + "tokio-util", + "tower", + "tower-http", + "tracing", +] + [[package]] name = "kube-client" version = "3.0.1" @@ -1915,9 +2097,9 @@ dependencies = [ "hyper-timeout", "hyper-util", "jiff", - "jsonpath-rust", - "k8s-openapi", - "kube-core", + "jsonpath-rust 1.0.4", + "k8s-openapi 0.27.0", + "kube-core 3.0.1", "openssl", "pem", "secrecy", @@ -1932,6 +2114,24 @@ dependencies = [ "tracing", ] +[[package]] +name = "kube-core" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "914bbb770e7bb721a06e3538c0edd2babed46447d128f7c21caa68747060ee73" +dependencies = [ + "chrono", + "derive_more", + "form_urlencoded", + "http 1.4.0", + "k8s-openapi 0.26.1", + "schemars", + "serde", + "serde-value", + "serde_json", + "thiserror 2.0.18", +] + [[package]] name = "kube-core" version = "3.0.1" @@ -1943,7 +2143,7 @@ dependencies = [ "http 1.4.0", "jiff", "json-patch", - "k8s-openapi", + "k8s-openapi 0.27.0", "schemars", "serde", "serde-value", @@ -1951,6 +2151,20 @@ dependencies = [ "thiserror 2.0.18", ] +[[package]] +name = "kube-derive" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "03dee8252be137772a6ab3508b81cd797dee62ee771112a2453bc85cbbe150d2" +dependencies = [ + "darling 0.21.3", + "proc-macro2", + "quote", + "serde", + "serde_json", + "syn 2.0.110", +] + [[package]] name = "kube-derive" version = "3.0.1" @@ -1980,8 +2194,8 @@ dependencies = [ "hashbrown 0.16.0", "hostname", "json-patch", - "k8s-openapi", - "kube-client", + "k8s-openapi 0.27.0", + "kube-client 3.0.1", "parking_lot", "pin-project", "serde", @@ -2197,10 +2411,10 @@ dependencies = [ "libc", "log", "openssl", - "openssl-probe", + "openssl-probe 0.1.6", "openssl-sys", "schannel", - "security-framework", + "security-framework 2.11.1", "security-framework-sys", "tempfile", ] @@ -2385,6 +2599,12 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" +[[package]] +name = "openssl-probe" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7c87def4c32ab89d880effc9e097653c8da5d6ef28e6b539d313baaacfbafcbe" + [[package]] name = "openssl-sys" version = "0.9.111" @@ -2412,8 +2632,8 @@ dependencies = [ "http 1.4.0", "json-patch", "jsonptr", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "log", "oci-client", "oci-spec", @@ -2851,8 +3071,8 @@ dependencies = [ "env_logger", "http 1.4.0", "ignition-config", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "log", "serde", "serde_json", @@ -2878,7 +3098,7 @@ dependencies = [ "http 0.2.12", "http-body 0.4.6", "hyper 0.14.32", - "hyper-rustls", + "hyper-rustls 0.24.2", "ipnet", "js-sys", "log", @@ -2886,7 +3106,7 @@ dependencies = [ "once_cell", "percent-encoding", "pin-project-lite", - "rustls", + "rustls 0.21.12", "rustls-pemfile", "serde", "serde_json", @@ -2894,7 +3114,7 @@ dependencies = [ "sync_wrapper 0.1.2", "system-configuration", "tokio", - "tokio-rustls", + "tokio-rustls 0.24.1", "tower-service", "url", "wasm-bindgen", @@ -3024,10 +3244,37 @@ checksum = "3f56a14d1f48b391359b22f731fd4bd7e43c97f3c50eee276f3aa09c94784d3e" dependencies = [ "log", "ring", - "rustls-webpki", + "rustls-webpki 0.101.7", "sct", ] +[[package]] +name = "rustls" +version = "0.23.36" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c665f33d38cea657d9614f766881e4d510e0eda4239891eea56b4cadcf01801b" +dependencies = [ + "log", + "once_cell", + "ring", + "rustls-pki-types", + "rustls-webpki 0.103.9", + "subtle", + "zeroize", +] + +[[package]] +name = "rustls-native-certs" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "612460d5f7bea540c490b2b6395d8e34a953e52b491accd6c86c8164c5932a63" +dependencies = [ + "openssl-probe 0.2.1", + "rustls-pki-types", + "schannel", + "security-framework 3.6.0", +] + [[package]] name = "rustls-pemfile" version = "1.0.4" @@ -3056,6 +3303,17 @@ dependencies = [ "untrusted", ] +[[package]] +name = "rustls-webpki" +version = "0.103.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7df23109aa6c1567d1c575b9952556388da57401e4ace1d15f79eedad0d8f53" +dependencies = [ + "ring", + "rustls-pki-types", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.22" @@ -3154,7 +3412,20 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02" dependencies = [ "bitflags 2.10.0", - "core-foundation", + "core-foundation 0.9.4", + "core-foundation-sys", + "libc", + "security-framework-sys", +] + +[[package]] +name = "security-framework" +version = "3.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d17b898a6d6948c3a8ee4372c17cb384f90d2e6e912ef00895b14fd7ab54ec38" +dependencies = [ + "bitflags 2.10.0", + "core-foundation 0.10.1", "core-foundation-sys", "libc", "security-framework-sys", @@ -3162,9 +3433,9 @@ dependencies = [ [[package]] name = "security-framework-sys" -version = "2.15.0" +version = "2.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc1f0cbffaac4852523ce30d8bd3c5cdc873501d96ff467ca09b6767bb8cd5c0" +checksum = "321c8673b092a9a42605034a9879d73cb79101ed5fd117bc9a597b89b4e9e61a" dependencies = [ "core-foundation-sys", "libc", @@ -3543,7 +3814,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" dependencies = [ "bitflags 1.3.2", - "core-foundation", + "core-foundation 0.9.4", "system-configuration-sys", ] @@ -3684,6 +3955,7 @@ dependencies = [ "bytes", "libc", "mio", + "parking_lot", "pin-project-lite", "signal-hook-registry", "socket2 0.6.1", @@ -3718,7 +3990,17 @@ version = "0.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c28327cf380ac148141087fbfb9de9d7bd4e84ab5d2c28fbc911d753de8a7081" dependencies = [ - "rustls", + "rustls 0.21.12", + "tokio", +] + +[[package]] +name = "tokio-rustls" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1729aa945f29d91ba541258c8df89027d5792d85a8841fb65e8bf0f4ede4ef61" +dependencies = [ + "rustls 0.23.36", "tokio", ] @@ -3824,8 +4106,9 @@ version = "0.1.0" dependencies = [ "anyhow", "compute-pcrs-lib", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kopium", + "kube 3.0.1", "serde", "serde_json", ] @@ -3844,8 +4127,8 @@ dependencies = [ "fs_extra", "http 1.4.0", "ignition-config", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "log", "rand_core", "serde", @@ -3866,8 +4149,8 @@ dependencies = [ "anyhow", "cfg-if", "compute-pcrs-lib", - "k8s-openapi", - "kube", + "k8s-openapi 0.27.0", + "kube 3.0.1", "regex", "serde_json", "tokio", diff --git a/Containerfile b/Containerfile index 2aa7d88d..5ed99eba 100644 --- a/Containerfile +++ b/Containerfile @@ -9,22 +9,19 @@ FROM ghcr.io/trusted-execution-clusters/buildroot:fedora AS builder ARG build_type WORKDIR /build -COPY Makefile . -RUN make build-tools - -COPY Cargo.toml Cargo.lock go.mod go.sum . +COPY Makefile Cargo.toml Cargo.lock go.mod go.sum . COPY api api COPY lib lib -RUN make crds-rs - COPY operator/Cargo.toml operator/ COPY operator/src/lib.rs operator/src/ # Set only required crates as members to minimize rebuilds upon changes. -# Build dependencies in lower layer to make use of caching. RUN sed -i 's/members = .*/members = ["lib", "operator"]/' Cargo.toml && \ sed -i '/\[dev-dependencies\]/,$d' operator/Cargo.toml && \ - cargo build -p operator --lib $(if [ "$build_type" = release ]; then echo --release; fi) + make crds-rs + +# In debug builds, build dependencies to avoid full rebuild. +RUN if [ "$build_type" = debug ]; then cargo build -p operator; fi # Target build stage COPY operator/src operator/src diff --git a/Makefile b/Makefile index 472ffb17..6259eb14 100644 --- a/Makefile +++ b/Makefile @@ -12,12 +12,11 @@ KUBECTL=kubectl INTEGRATION_TEST_THREADS ?= 1 LOCALBIN ?= $(shell pwd)/bin -CONTROLLER_TOOLS_VERSION ?= v0.19.0 +CONTROLLER_TOOLS_VERSION ?= $(shell go list -m -f '{{.Version}}' sigs.k8s.io/controller-tools) CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen-$(CONTROLLER_TOOLS_VERSION) -YQ_VERSION ?= v4.48.1 +YQ_VERSION ?= $(shell go list -m -f '{{.Version}}' github.com/mikefarah/yq/v4) YQ ?= $(LOCALBIN)/yq-$(YQ_VERSION) -# tracking k8s v1.33, sync with Cargo.toml -KOPIUM_VERSION ?= 0.21.3 +KOPIUM_VERSION ?= $(shell cargo metadata --format-version 1 | jq -r '.resolve.nodes[] | select(.deps[]?.name == "kopium") | .deps[] | select(.name == "kopium") | .pkg | split("@")[1]') KOPIUM ?= $(LOCALBIN)/kopium-$(KOPIUM_VERSION) REGISTRY ?= quay.io/trusted-execution-clusters diff --git a/attestation-key-register/Containerfile b/attestation-key-register/Containerfile index de0677a3..f891ded4 100644 --- a/attestation-key-register/Containerfile +++ b/attestation-key-register/Containerfile @@ -7,21 +7,18 @@ FROM ghcr.io/trusted-execution-clusters/buildroot:fedora AS builder ARG build_type WORKDIR /build -COPY Makefile . -RUN make build-tools - -COPY Cargo.toml Cargo.lock go.mod go.sum . +COPY Makefile Cargo.toml Cargo.lock go.mod go.sum . COPY api api COPY lib lib -RUN make crds-rs - COPY attestation-key-register/Cargo.toml attestation-key-register/ COPY attestation-key-register/src/lib.rs attestation-key-register/src/ # Set only required crates as members to minimize rebuilds upon changes. -# In debug builds, build dependencies to avoid full rebuild. RUN sed -i 's/members =.*/members = ["lib", "attestation-key-register"]/' Cargo.toml && \ - if [ "$build_type" = debug ]; then cargo build -p attestation-key-register; fi + make crds-rs + +# In debug builds, build dependencies to avoid full rebuild. +RUN if [ "$build_type" = debug ]; then cargo build -p attestation-key-register; fi COPY attestation-key-register/src attestation-key-register/src RUN cargo build -p attestation-key-register $(if [ "$build_type" = release ]; then echo --release; fi) diff --git a/compute-pcrs/Containerfile b/compute-pcrs/Containerfile index 6286a0b4..c9d27faa 100644 --- a/compute-pcrs/Containerfile +++ b/compute-pcrs/Containerfile @@ -8,22 +8,19 @@ FROM ghcr.io/trusted-execution-clusters/buildroot:fedora AS builder ARG build_type WORKDIR /build -COPY Makefile . -RUN make build-tools - -COPY Cargo.toml Cargo.lock go.mod go.sum . +COPY Makefile Cargo.toml Cargo.lock go.mod go.sum . COPY api api COPY lib lib -RUN make crds-rs - COPY compute-pcrs/Cargo.toml compute-pcrs/ COPY compute-pcrs/src/lib.rs compute-pcrs/src/ # Set only required crates as members to minimize rebuilds upon changes. -# Build dependencies in lower layer to make use of caching. RUN sed -i 's/members =.*/members = ["compute-pcrs", "lib"]/' Cargo.toml && \ git clone --depth 1 https://github.com/trusted-execution-clusters/reference-values && \ - cargo build -p compute-pcrs --lib $(if [ "$build_type" = release ]; then echo --release; fi) + make crds-rs + +# Build dependencies in lower layer to make use of caching. +RUN if [ "$build_type" = debug ]; then cargo build -p compute-pcrs; fi COPY compute-pcrs/src compute-pcrs/src RUN cargo build -p compute-pcrs $(if [ "$build_type" = release ]; then echo --release; fi) diff --git a/lib/Cargo.toml b/lib/Cargo.toml index a2253938..0f78238e 100644 --- a/lib/Cargo.toml +++ b/lib/Cargo.toml @@ -17,3 +17,7 @@ k8s-openapi.workspace = true kube.workspace = true serde.workspace = true serde_json.workspace = true + +[dev-dependencies] +# Only a generate dependency, not a Rust dependency. Included here for auto-updates. +kopium = "0.22.5" diff --git a/register-server/Containerfile b/register-server/Containerfile index 7124a1cf..fe113d07 100644 --- a/register-server/Containerfile +++ b/register-server/Containerfile @@ -7,22 +7,19 @@ FROM ghcr.io/trusted-execution-clusters/buildroot:fedora AS builder ARG build_type WORKDIR /build -COPY Makefile . -RUN make build-tools - -COPY Cargo.toml Cargo.lock go.mod go.sum . +COPY Makefile Cargo.toml Cargo.lock go.mod go.sum . COPY api api COPY lib lib -RUN make crds-rs - COPY register-server/Cargo.toml register-server/ COPY register-server/src/lib.rs register-server/src/ # Set only required crates as members to minimize rebuilds upon changes. -# In debug builds, build dependencies to avoid full rebuild. RUN sed -i 's/members =.*/members = ["lib", "register-server"]/' Cargo.toml && \ sed -i '/\[dev-dependencies\]/,$d' register-server/Cargo.toml && \ - if [ "$build_type" = debug ]; then cargo build -p register-server --lib; fi + make crds-rs + +# In debug builds, build dependencies to avoid full rebuild. +RUN if [ "$build_type" = debug ]; then cargo build -p register-server --lib; fi COPY register-server/src register-server/src RUN cargo build -p register-server $(if [ "$build_type" = release ]; then echo --release; fi)