Closed
Conversation
daniel-noland
force-pushed
the
pr/daniel-noland/build-system
branch
4 times, most recently
from
05bf11c to
55052c4
Compare
Frostman
requested changes
Mar 19, 2026
Member
There was a problem hiding this comment.
I wasn't really digging into the code changes, mainly trying it and looking at the DX. In general, build & test works fine.
cargo builddoesn't work in nix-shell, you should set some default VERSION env var in the shell, maybe just(devel)or smth, main problem is that this is exactly the version that's going to be set when you do push so it should be working fine, alternatively you can wrap cargo with just to inject properly calculated version (which is IMO better idea)just pushis missing- matrix approach is VERY inefficient, need to decrease usage to max 8 runners in parallel
- we shouldn't be building and pushing all the debug/sanitize by default in PRs
| # Build and push the dataplane container | ||
| [script] | ||
| compile-env *args: | ||
| push-container target="dataplane" *args: (build-container target args) && version |
Member
There was a problem hiding this comment.
We need to have just push (like in other repos) that will push all artifacts used in a product (no debug images) and use it in CI when we're publishing a release or pushing artifacts for the VLAB. Main purpose is to have standard way between repos to push all artifacts needed by product. Additionally, it should depend on build/build-container so push would always build and push everything needed.
Collaborator
Author
There was a problem hiding this comment.
I did this, but if I use it in CI as you say then we won't push the debug image. Is that really what we want?
| @@ -0,0 +1,116 @@ | |||
| #!/usr/bin/env bash | |||
Member
There was a problem hiding this comment.
(not a change request, just opinion) IMO devs should run Zot separately (and all the time) as it's a cache and useful to just push images to it, and it has some gc/cleanup, etc. VLAB is though just a few commands, and IMO doesn't deserve a script that'll potentially break from time to time due to e.g. changed flags
.github/workflows/dev.yml
Outdated
| packages: "write" | ||
| id-token: "write" | ||
| env: | ||
| CACHE_REGISTRY: "run.h.hhdev.io:30000" |
Member
There was a problem hiding this comment.
That env var doesn't make sense anymore, so please delete it or sync changes merged in master from my PR #1349
Frostman
reviewed
Mar 19, 2026
| USER: "runner" | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: |
Member
There was a problem hiding this comment.
The matrix approach is VERY inefficient and consumes too many runners, could you please compact it to be under 8 at least? Or not run most of them by default on PRs as right now you're utilizing all lab runners we have available just in one workflow. You can run them for longer, it's not a problem, but the total number used in parallel should be smaller. Additionally, building and publishing debug and sanitizer artifacts all the time is a waste, we shouldn't be doing that in such amount.
Collaborator
Author
There was a problem hiding this comment.
changed. That was mostly a pre-flight test anyway
daniel-noland
force-pushed
the
pr/daniel-noland/build-system
branch
4 times, most recently
from
a47e905 to
ac93563
Compare
Bump aws-lc-rs 1.16.1 → 1.16.2 and aws-lc-sys 0.38.0 → 0.39.0 to address RUSTSEC-2026-0048. See https://rustsec.org/advisories/RUSTSEC-2026-0048 Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Remove rust-toolchain.toml and the compile-env references from .cargo/config.toml. The Rust toolchain is now provided by the nix shell via rust-overlay, so the toolchain file and the old compile-env path/linker/target settings are no longer needed. Replace them with nix-oriented environment variables: DATAPLANE_SYSROOT, C_INCLUDE_PATH, LIBRARY_PATH, GW_CRD_PATH, LIBCLANG_PATH, and PKG_CONFIG_PATH, all pointing into the nix-managed sysroot and devroot. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add frr-agent, dplane-rpc, and dplane-plugin to gen-pins.sh and run it to regenerate npins/sources.json. Updated pins: crane v0.23.1, FRR stable/10.5, gateway v0.43.5, nixpkgs-unstable, perftest, rust-overlay, Rust 1.94.0. New pins: dplane-plugin, dplane-rpc, frr-agent. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Replace the elaborate .envrc (which sourced compile-env paths, computed RUSTFLAGS per-profile, and set linker/CPU flags) with two lines: export RUSTC_BOOTSTRAP=1 and prepend devroot/bin to PATH. All build flags are now managed by nix profiles. Replace the FHS-based shell.nix (buildFHSEnv with hardcoded package list) with a one-liner that imports default.nix and exposes its devenv attribute. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Reorganize nix/profiles.nix to consolidate build profile settings: - Move --as-needed and --gc-sections from the performance-only link flags into common RUSTFLAGS so dead-code elimination applies to debug builds too (FRR builds are unaffected as they don't use RUSTFLAGS) - Add fuzz profile (aliased to release for now) - Enable Intel CET cf-protection hardening (-fcf-protection=full for CFLAGS, -Zcf-protection=full for RUSTFLAGS) in the x86_64 march block where it belongs, since cf-protection is an x86-only feature Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rework the llvm overlay to use the rust-overlay for toolchain management instead of reading from rust-toolchain.toml. This pins the LLVM toolchain to the same version rustc was built against, ensuring ABI compatibility for LTO and mixed C/Rust compilation. Switch from llvmPackages to llvmPackages' (version-matched to rustc's LLVM), add rustPlatform'-dev for dev tooling, use final instead of prev where appropriate, and remove the redundant separateDebugInfo setting. Also adds the rust-overlay to the overlay registry and removes unused explicit parameters from the overlay entry point since individual overlays destructure what they need from inputs. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add a name attribute to the platform definition that maps bluefield2 to "bluefield" for DPDK compatibility. DPDK internally uses the name "bluefield" for the BF2 SoC definition, even though we generate a correct cross-compile file with armv8.2-a / cortex-a72 (unlike DPDK's own soc meson.build which only half-heartedly picks armv8-a). BF2 is not a primary support target but serves as a useful cross-compilation test target for the build tooling. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Remove the build-params default argument from the dpdk package in favor of using platform.name directly and hardcoding buildtype/lto settings which are always the same for our use case. Reorder and deduplicate meson flags, remove the unused -Ddebug=false flag, and fix unnecessary nix string interpolation in the cross-file argument. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Use version-matched LLVM packages (llvmPackages') consistently across both overlays, following the llvm.nix rework. dataplane-dev: Add optimized gdb' package with LTO, static linking, and minimal features for container-friendly debugging. This gives us a small gdb binary suitable for inclusion in debugger container images without pulling in the full desktop dependency tree. dataplane: Pass platform and profile through to dpdk, remove unnecessary output entries from libmd (man, dev), drop unused ethtool/iproute2 overrides from rdma-core, fix llvmPackages->llvmPackages' for libunwind, fix libX11->libx11 case in hwloc, and fix perftest callPackage argument passing. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add a nix derivation for building FRR (Free Range Routing) from source with only the routing daemons we need (bgpd, bfdd, staticd) and all others disabled. Packaging FRR in nix gives us reproducible builds with precise control over dependencies and compile-time options. The package includes: - clippy-helper.nix: FRR's custom Clippy code generator, built as a native build tool and injected into the FRR build - xrelifo.py.fix.patch: suppress false-positive build errors from FRR's xrelfo ELF annotation tool (error counting and -Werror interaction) - yang-hack.patch: skip the lyd_find_xpath3 check in configure.ac to work with our pinned libyang version which provides equivalent functionality under a different symbol Also registers the frr overlay in the overlay entry point (nix/overlays/default.nix). Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Package FRR runtime configuration as a separate derivation so it can be composed independently into different container images (e.g. the dataplane FRR container vs. the host FRR container). Contents: - daemons: FRR daemon selection and startup options - vtysh.conf: VTY shell configuration - zebra.conf: empty base config (populated at runtime) - passwd/group: FRR service user and group definitions - nsswitch.conf: name service configuration - docker-start: container entrypoint script for FRR Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add nix derivation for the dataplane RPC library. This is a C/C++ library (built with CMake) that provides the gRPC interface used by the FRR dplane-plugin to communicate route updates to the dataplane process. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add nix derivation for the FRR dataplane plugin shared library. This is a CMake-built shared object loaded by FRR at runtime to forward route updates to the dataplane process via dplane-rpc. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add a nix derivation for frr-agent, the Hedgehog FRR management agent. This is a Rust binary built with buildRustPackage from the pinned frr-agent source. References to build-time paths are stripped with nuke-refs to keep the closure minimal. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rework the core build machinery in default.nix to support the new nix-native build pipeline. The old default.nix was structured around the compile-env sysroot approach; this rework introduces proper nix builders and integrates FRR packaging support. Changes: - Add tag parameter for container/version tagging - Add fuzz to cargo-profile map - Add frr-pkgs import with FRR overlay - Add comments explaining libc fully-qualified paths in sysroot - Add skopeo to devroot for container operations - Rework devenv from shellHook to structured env attributes - Add jsonFilter for source filtering - Simplify cargo-cmd-prefix (unconditional build-std-features) - Remove sanitizer-conditional RUSTFLAGS block - Add VERSION env var from tag parameter - Rename package-builder to workspace-builder - Rework test-builder to support building all tests at once - Update crane config (removeReferencesToRustToolchain/VendorDir) - Use clang++ as the linker driver instead of clang so that C++ standard library and exception handling runtime are linked correctly for transitive C++ dependencies (e.g. DPDK PMDs, hwloc) - Add --as-needed,--gc-sections to RUSTFLAGS in invoke Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add docs-builder helper and docs output that runs `cargo doc` through the nix build system with -D warnings. Supports building docs for individual packages or the entire workspace. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rework the dataplane tar to use busybox (providing a shell and coreutils in-container), symlinks instead of copies for binaries, and additional security hardening: - Add /home and /tmp directories - Use symlinks to nix store paths instead of copying binaries - Install busybox for minimal shell access - Change tar permissions to ugo-sw (no write, no setuid/setgid) - Add dontPatchShebangs, dontFixup, dontPatchElf - Include workspace.dataplane, workspace.init, workspace.cli, busybox and glibc.libgcc unconditionally in the tar - Rename attribute from dataplane-tar to dataplane.tar Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add container image definitions using nixpkgs dockerTools: - containers.dataplane: production image with busybox, cli, init - containers.dataplane-debugger: debug image with gdb, rr, libc debug symbols - containers.frr.dataplane: FRR with dplane-plugin, dplane-rpc, frr-agent - containers.frr.host: FRR host variant with fakeNss The FRR containers include fakeRootCommands for /run/frr directory setup and use tini as the entrypoint. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add llvm tools to the dev shell for llvm-cov/llvm-profdata. Set CLANG_PATH, LLVM_COV, LLVM_PROFDATA, and CARGO_LLVM_COV_* env vars in .cargo/config.toml. Inject -ffile-prefix-map into all dataplane-dep builds so coverage data maps /build paths back to nix store source paths. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rework build.rs scripts across the workspace to use the nix build environment. The k8s-intf build.rs now invokes kopium at build time against a nix-provided CRD file instead of downloading CRDs via ureq. Remove build.rs from cli and sysfs (no longer needed). Simplify dpdk-sysroot-helper to read DATAPLANE_SYSROOT from the environment. Update Cargo.toml build-dependencies to match. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Nix builds can't access the network from a build.rs script, so the prior approach of fetching CRDs via ureq at build time won't work. Move CRD binding generation from committed source to build.rs so that bindings are always in sync with the CRD schema provided by nix. This eliminates the need to manually regenerate and commit the 500-line gateway_agent_crd.rs file when the upstream CRD changes. The generated module and its re-exports are removed; consumers now get the bindings via the build-time generation in k8s-intf's build.rs (which invokes kopium against the nix-provided CRD file). Also simplify the version handling: get_gateway_version() now returns a plain String (defaulting to "dev" when VERSION is unset) instead of Option<String> that was always Some. Remove the commented-out npins-based version lookup and the now-unused serde_json build-dependency. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add feature gates to the dataplane and init crates so DPDK and dpdk-sysroot-helper are optional dependencies. The dataplane crate gets a `dpdk` feature (default on) with a corresponding cfg(feature = "dpdk") gate on the DPDK driver module. The init crate gets a `sysroot` feature (default on). This allows building without a DPDK sysroot for development and testing scenarios. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Remove k8s-crd.env, rust.env, and test-runner.sh. These scripts provided environment variables and test execution support for the old compile-env build approach. Their functionality is now provided by: - k8s-crd.env: nix build environment (GW_CRD_PATH in .cargo/config.toml) - rust.env: nix shell and build profiles (nix/profiles.nix) - test-runner.sh: n-vm test runner (#[n_vm::in_vm] annotations) Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Update mgmt tests to use the new vm-based test runner: replace the old fixin::wrap(with_caps(...)) capability-escalation pattern with test_sample_config pending vm runner integration. Add required dev-dependencies (n-vm, tracing-subscriber to mgmt; tokio with full features to routing). Deduplicate tokio feature flags in routing. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rewrite the justfile to work with the nix build environment instead of the old compile-env/docker approach. Key changes: - Remove all compile-env and docker container machinery (image pulling, docker socket handling, container-based builds) - Remove dotenv loading of scripts/rust.env (environment now comes from nix) - Replace target triple (x86_64-unknown-linux-gnu) with platform name (x86-64-v3/bluefield2) to match the nix platform abstraction - Add nix-based build/push recipes that invoke nix build and skopeo - Add sanitizer and instrumentation selection variables (sanitize, instrument) - Simplify cargo invocations (no longer need explicit target/linker flags) - Add FRR container image push alongside dataplane container - Add `push` recipe for pushing all release container images - Wrap test and lint recipes in nix-shell for toolchain access - Rewrite coverage recipe to use nix-built test archives with local llvm-cov/llvm-profdata - Rename clippy recipe to lint - Remove obsolete recipes (hugepages, build-sweep, rustdoc-serve, setup/teardown-test-env) Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rewrite the dev.yml CI workflow to use nix instead of the compile-env/docker build approach. Key changes: - Replace compile-env setup with cachix/install-nix-action and cachix for binary caching - Replace the profile-only build matrix with a target x profile matrix: targets are nix outputs (tests.all, frr.dataplane, dataplane) and profiles include debug and release - Comment out sanitizer matrix entries (address, thread) pending build-time and correctness fixes; when re-enabled they will use the fuzz profile with coverage instrumentation - Wrap just/cargo invocations in nix-shell so the CI runner has access to the full nix-provided toolchain - Use REGISTRY_URL (set by the reusable workflow) for container pushes instead of a hardcoded registry variable - Rename the "check" job to "build" to better reflect what it does - Add FRR version bumping alongside dataplane in the tag-push release job - Remove docker-based cargo/just invocations in favor of nix build commands Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Rewrite README.md and test documentation to reflect the new nix-based development workflow. The old instructions required manually installing Rust via rustup, pulling docker-based compile-env images, and symlinking /nix (the "fake nix" hack). The new workflow is: install nix, enter the dev shell with `just shell`, and use just recipes for building, testing, and linting. Document build arguments (profile, sanitize, instrument, platform, jobs), container build/push workflow, the lint and docs recipes, and setup-roots for the initial sysroot/devroot symlink creation. Also update the test-running docs to reference cargo-nextest and the nix-shell environment instead of the old test-runner.sh script. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Call rte_lcore_id() directly instead of the _w() wrapper variant which has been removed upstream. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Fix "trigging" -> "triggering" typo in hardware/src/os/mod.rs and replace a stale cfg(doc) import with an intra-doc link in net/src/buffer/test_buffer.rs. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Update the KaTeX CDN references in the custom rustdoc header from 0.16.27 to 0.16.28 (stylesheet, main script, and auto-render extension). Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add patterns for TLS-related files (*.pem, *.crt, *.key, *.csr) and creds.json generated by the vlab development environment. These are local development artifacts that should never be committed. Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
Add scripts for running a local virtual lab (vlab) development environment. The vlab provides an isolated environment for testing dataplane images against a simulated Hedgehog fabric without requiring physical hardware. Components: - Dockerfile: development container based on Ubuntu with QEMU, docker, and OCI tooling (zot registry, oras, skopeo) - run.sh: orchestrates vlab lifecycle -- builds the container, generates TLS certificates for the local zot registry, and starts the environment - control.sh: provides SSH access into the running vlab VM for interactive debugging (defaults to launching k9s) - zot config: local OCI registry configuration with TLS for serving container images to the vlab VMs Co-Authored-By: Manish Vachharajani <manish@githedgehog.com> Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Daniel Noland <daniel.noland@gmail.com> Signed-off-by: Daniel Noland <daniel@githedgehog.com>
daniel-noland
force-pushed
the
pr/daniel-noland/build-system
branch
from
b9e8543 to
8122056
Compare
Collaborator
Author
|
closing in favor of #1304 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.