-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
caa-provisioner-cli -action=install has odd dependency on cmctl #2207
Comments
I think this is because the |
I think you might be right. I think Frank ran into similar and extended arch to support what the target cluster would have as arch. Perhaps we need to have CLUSTER_ARCH and CLIENT_ARCH. I'll look more in there on mine too and see if I can confirm this and come up with a fix PR for you. |
I actually just noticed this which might help make BUILTIN_CLOUD_PROVIDERS="ibmcloud" all Seems like those vars could be reused for cmdctl? |
I have another option in the works also of just examining the curl we're using to get cmctl and just match that platform. Let me test out both and I'll send over a PR on this to fix this. Something like curl --version | awk 'NR==1 && match($0, /\(.*\)/) {
platform=substr($0, RSTART+1, RLENGTH-2);
split(platform, a, "-");
if (length(a) >= 3) {
os=a[3]; arch=a[1];
if (arch == "x86_64") arch="amd64";
else if (arch ~ /^(arm64|aarch64)$/) arch="arm64";
if (os ~ /^(linux|darwin|windows)$/) print os "_" arch;
else print "unsupported";
} else print "unsupported";
}' This output generates based on the curl string something like linux_amd64 which can be assigned to a variable CLIENT_ARCH? and then get the right file. Just saving the thought here for my own notes. I'll PR this up as a suggestion. |
Can you do just do something like:
to select the correct os for the download? It seems much simpler than your curl approach? |
ARCH has to be defined by something and right now I think we're only letting you define the target platform for the podvm image which doesn't match the orchestrator/laptop that's instantiating caa. The core problem is my laptop is ARM so I need cmctl for ARM but I'm deploying to amd64 which is what I pass the caa-provisioner-cli |
uname -m , so we match the machine it is running on?
|
I'm rebuilding the env today where I have some tdx hosts. When I get to that part I'll examine what my ARCH is set to and dig deeper on why it didn't get the right thing. I thought it was defined from the flag Frank added to specify arch. |
I just noticed earlier, you said we grab curl -fsSL -o cmctl https://github.com/cert-manager/cmctl/releases/latest/download/cmctl_linux_${ARCH} (note "linux") when I look here https://github.com/cert-manager/cmctl/releases/ the one I need is darwin_arm64. uname -m only gives you the arm64. I think the problem might be a little further left in the URL where we presume linux ... which you can also get from the curl if we decide to do that. Golang defines OS and ARCH. Seems this Makefile only defines ARCH and assumes linux. |
Oh I should add one reason I went with the curl specifics to identify OS/ARCH is I tested what the uname output would look like if someone ran this code in Ubuntu on WSL on Windows. Obviously not supported today but that's what prompted me to consider a wider method of defining these. |
Yes, this is why I have
|
I missed that and confirmed on ubuntu on wsl which sent me down this path that'd return linux also so that would be a good approach. |
Describe the bug
I'll look at finding/fixing also but I wanted to capture a note about something odd. I'm on Mac OS Sonoma 14.6.1 following recently updated instructions to deploy on OCP in IBM cloud. It got to here and died:
I hadn't installed or even realized at that pointed I would need cmctl. brew install cmctl && cmctl check api --wait=2m
The cert-manager API is ready
Assuming it had completed like the output said, I rerun ./caa-provisioner-cli -action=install
where it again fails same way
Is it trying to run cmctl from literally whatever directory I'm in? I'll help chase this down when I have a moment. I just didn't want to forget to open an issue about this.
How to reproduce
I was going through these instructions https://github.com/confidential-containers/cloud-api-adaptor/blob/main/src/cloud-api-adaptor/ibmcloud/ROKS_SETUP.md and got all the way to
( ~/gits/cloud-api-adaptor/src/cloud-api-adaptor/test/tools/) $ ./caa-provisioner-cli -action=install
CoCo version information
main from this repo.
What TEE are you seeing the problem on
Tdx
Failing command and relevant log output
The text was updated successfully, but these errors were encountered: