Merge branch 'master' into container-mirror-v2

Signed-off-by: Paolo Di Tommaso <[email protected]>

README.md

@@ -14,10 +14,9 @@ images.
 * Augment container images i.e. dynamically add one or more container layers to existing images;
 * Build container images on-demand for a given container file (aka Dockerfile);
 * Build container images on-demand based on one or more Conda packages;
-* Build container images on-demand based on one or more Spack packages, Spack support will be removed in future releases;
 * Build container images for a specified target platform (currently linux/amd64 and linux/arm64);
 * Push and cache built containers to a user-provided container repository;
-* Build Singularity native containers both using a Singularity spec file, Conda package(s) and Spack package(s);
+* Build Singularity native containers both using a Singularity spec file, Conda package(s);
 * Push Singularity native container images to OCI-compliant registries;
 
 

configuration.md

@@ -107,20 +107,6 @@ Below are the standard format for known registries, but you can change registry
 
 - **`wave.build.force-compression`**: determines whether to force the compression for each cache layers produced by the build process. The default is `false`, enabling compression for more efficient storage. *Optional*.
 
-### Spack configuration for wave build process
-
-**Note**: Spack support will be removed in future releases.
-
-Spack configuration consists of the path of its secret file, the mount path for the secret file in the spack container, and the optional S3 bucket name for the spack binary cache.
-
-**Note**: these configuration are mandatory to support Spack in a wave installation.
-
-- **`wave.build.spack.secretKeyFile`**: the path to the file containing the PGP private key used to [sign Spack packages built by Wave](https://spack.readthedocs.io/en/latest/binary_caches.html#build-cache-signing). For example, `/efs/wave/spack/key`. *Mandatory*.
-
-- **`wave.build.spack.secretMountPath`**: sets the mount path inside the Spack Docker image for the PGP private key specified by `wave.build.spack.secretKeyFile`. For instance `/var/seqera/spack/key`. Indicating where the PGP private key should be mounted inside the Spack Docker image. *Mandatory*.
-
-- **`wave.build.spack.cacheBucket`**: specifies the S3 bucket for the Spack binary cache, for example, `s3://spack-binarycache`. *Optional*.
-
 ### Build process logs configuration
 
 This configuration specifies attributes for the persistence of the logs fetched from containers or k8s pods used for building requested images, which can be accessed later and also attached to the build completion email.

docs/api.mdx

@@ -52,7 +52,6 @@ This API endpoint is deprecated in current versions of Wave.
         ]
     },
     condaFile: string,
-    spackFile: string,
     containerPlatform: string,
     buildRepository: string,
     cacheRepository: string,
@@ -81,7 +80,6 @@ This API endpoint is deprecated in current versions of Wave.
 | `containerConfig.layers.gzipSize`   | The size in bytes of the the provided layer tar gzip file.                                                                                         |
 | `containerFile`                     | Dockerfile used for building a new container encoded in base64 (optional). When provided, the attribute `containerImage` must be omitted.        |
 | `condaFile`                         | Conda environment file encoded as base64 string.                                                                                                   |
-| `spackFile`                         | `Deprecated` Spack recipe file encoded as base64 string. Spack support will be removed in future releases.                                                                                                        |
 | `containerPlatform`                 | Target container architecture of the built container, e.g., `linux/amd64` (optional). Currently only supporting amd64 and arm64.                     |
 | `buildRepository`                   | Container repository where container builds should be pushed, e.g., `docker.io/user/my-image` (optional).                                            |
 | `cacheRepository`                   | Container repository used to cache build layers `docker.io/user/my-cache` (optional).                                                              |
@@ -136,7 +134,6 @@ The endpoint returns the name of the container request made available by Wave.
         ]
     },
     condaFile: string,
-    spackFile: string,
     containerPlatform: string,
     buildRepository: string,
     cacheRepository: string,
@@ -157,10 +154,6 @@ The endpoint returns the name of the container request made available by Wave.
                                 commands: string[],
                                 basePackages: string
                               }
-                  spackOpts:{
-                                commands: string[],
-                                basePackages: string
-                            }
 
               },
     nameStrategy: string
@@ -182,7 +175,6 @@ The endpoint returns the name of the container request made available by Wave.
 | `containerConfig.layers.gzipSize`   | The size in bytes of the the provided layer tar gzip file.                                                                                         |
 | `containerFile`                     | Dockerfile used for building a new container encoded in base64 (optional). When provided, the attribute `containerImage` must be omitted.        |
 | `condaFile`                         | Conda environment file encoded as base64 string.                                                                                                   |
-| `spackFile`                         | `Deprecated` Spack recipe file encoded as base64 string. Spack support will be removed in future releases.                                                                                                           |
 | `containerPlatform`                 | Target container architecture of the built container, e.g., `linux/amd64` (optional). Currently only supporting amd64 and arm64.                     |
 | `buildRepository`                   | Container repository where container builds should be pushed, e.g., `docker.io/user/my-image` (optional).                                            |
 | `cacheRepository`                   | Container repository used to cache build layers `docker.io/user/my-cache` (optional).                                                              |

src/main/groovy/io/seqera/wave/controller/ContainerController.groovy

@@ -88,8 +88,6 @@ import static io.seqera.wave.util.ContainerHelper.makeResponseV1
 import static io.seqera.wave.util.ContainerHelper.makeResponseV2
 import static io.seqera.wave.util.ContainerHelper.makeTargetImage
 import static io.seqera.wave.util.ContainerHelper.patchPlatformEndpoint
-import static io.seqera.wave.util.ContainerHelper.spackFileFromRequest
-import static io.seqera.wave.util.SpackHelper.prependBuilderTemplate
 import static java.util.concurrent.CompletableFuture.completedFuture
 /**
  * Implement a controller to receive container token requests
@@ -244,6 +242,10 @@ class ContainerController {
             req = req.copyWith(containerFile: generated.bytes.encodeBase64().toString())
         }
 
+        if( req.spackFile ) {
+            throw new BadRequestException("Spack packages are not supported any more")
+        }
+
         final ip = addressResolver.resolve(httpRequest)
         // check the rate limit before continuing
         if( rateLimiterService )
@@ -324,7 +326,6 @@ class ContainerController {
 
         final containerSpec = decodeBase64OrFail(req.containerFile, 'containerFile')
         final condaContent = condaFileFromRequest(req)
-        final spackContent = spackFileFromRequest(req)
         final format = req.formatSingularity() ? SINGULARITY : DOCKER
         final platform = ContainerPlatform.of(req.containerPlatform)
         final buildRepository = targetRepo( req.buildRepository ?: (req.freeze && buildConfig.defaultPublicRepository
@@ -335,7 +336,6 @@ class ContainerController {
         final containerConfig = req.freeze ? req.containerConfig : null
         final offset = DataTimeUtils.offsetId(req.timestamp)
         final scanId = scanEnabled && format==DOCKER ? LongRndKey.rndHex() : null
-        final containerFile = spackContent ? prependBuilderTemplate(containerSpec,format) : containerSpec
         // use 'imageSuffix' strategy by default for public repo images
         final nameStrategy = req.nameStrategy==null
                 && buildRepository
@@ -345,14 +345,13 @@ class ContainerController {
         checkContainerSpec(containerSpec)
 
         // create a unique digest to identify the build request
-        final containerId = makeContainerId(containerFile, condaContent, spackContent, platform, buildRepository, req.buildContext)
-        final targetImage = makeTargetImage(format, buildRepository, containerId, condaContent, spackContent, nameStrategy)
+        final containerId = makeContainerId(containerSpec, condaContent, platform, buildRepository, req.buildContext)
+        final targetImage = makeTargetImage(format, buildRepository, containerId, condaContent, nameStrategy)
         final maxDuration = buildConfig.buildMaxDuration(req)
         return new BuildRequest(
                 containerId,
-                containerFile,
+                containerSpec,
                 condaContent,
-                spackContent,
                 Path.of(buildConfig.buildWorkspace),
                 targetImage,
                 identity,

src/main/groovy/io/seqera/wave/controller/ViewController.groovy

@@ -93,7 +93,6 @@ class ViewController {
         binding.build_platform = result.platform
         binding.build_containerfile = result.dockerFile ?: '-'
         binding.build_condafile = result.condaFile
-        binding.build_spackfile = result.spackFile
         binding.build_digest = result.digest ?: '-'
         binding.put('server_url', serverUrl)
         binding.scan_url = result.scanId && result.succeeded() ? "$serverUrl/view/scans/${result.scanId}" : null

src/main/groovy/io/seqera/wave/service/builder/BuildCacheStore.groovy

@@ -60,7 +60,7 @@ class BuildCacheStore extends AbstractCacheStore<BuildStoreEntry> implements Bui
     protected Duration getDuration() {
         return buildConfig.statusDuration
     }
-    
+
     @Override
     BuildStoreEntry getBuild(String imageName) {
         return get(imageName)

src/main/groovy/io/seqera/wave/service/builder/BuildRequest.groovy

@@ -60,11 +60,6 @@ class BuildRequest {
      */
     final String condaFile
 
-    /**
-     * The spock file recipe associated with this request
-     */
-    final String spackFile
-
     /**
      * The build context work directory
      */
@@ -116,11 +111,6 @@ class BuildRequest {
     final ContainerConfig containerConfig
 
     /**
-     * Whenever is a spack build
-     */
-    final boolean isSpackBuild
-
-    /** 
      * The ID of the security scan triggered by this build 
      */
     final String scanId
@@ -147,7 +137,6 @@ class BuildRequest {
     BuildRequest(String containerId,
                  String containerFile,
                  String condaFile,
-                 String spackFile,
                  Path workspace,
                  String targetImage,
                  PlatformId identity,
@@ -166,7 +155,6 @@ class BuildRequest {
         this.containerId = containerId
         this.containerFile = containerFile
         this.condaFile = condaFile
-        this.spackFile = spackFile
         this.workspace = workspace
         this.targetImage = targetImage
         this.identity = identity
@@ -177,7 +165,6 @@ class BuildRequest {
         this.configJson = configJson
         this.offsetId = offsetId ?: OffsetDateTime.now().offset.id
         this.containerConfig = containerConfig
-        this.isSpackBuild = spackFile
         this.scanId = scanId
         this.buildContext = buildContext
         this.format = format
@@ -188,7 +175,6 @@ class BuildRequest {
         this.containerId = opts.containerId
         this.containerFile = opts.containerFile
         this.condaFile = opts.condaFile
-        this.spackFile = opts.spackFile
         this.workspace = opts.workspace as Path
         this.targetImage = opts.targetImage
         this.identity = opts.identity as PlatformId
@@ -199,7 +185,6 @@ class BuildRequest {
         this.configJson = opts.configJson
         this.offsetId = opts.offesetId
         this.containerConfig = opts.containerConfig as ContainerConfig
-        this.isSpackBuild = opts.isSpackBuild
         this.scanId = opts.scanId
         this.buildContext = opts.buildContext as BuildContext
         this.format = opts.format as BuildFormat
@@ -210,7 +195,7 @@ class BuildRequest {
 
     @Override
     String toString() {
-        return "BuildRequest[containerId=$containerId; targetImage=$targetImage; identity=$identity; dockerFile=${trunc(containerFile)}; condaFile=${trunc(condaFile)}; spackFile=${trunc(spackFile)}; buildId=$buildId, maxDuration=$maxDuration]"
+        return "BuildRequest[containerId=$containerId; targetImage=$targetImage; identity=$identity; dockerFile=${trunc(containerFile)}; condaFile=${trunc(condaFile)}; buildId=$buildId, maxDuration=$maxDuration]"
     }
 
     String getContainerId() {
@@ -230,10 +215,6 @@ class BuildRequest {
         return condaFile
     }
 
-    String getSpackFile() {
-        return spackFile
-    }
-
     Path getWorkDir() {
         return workDir
     }

src/main/groovy/io/seqera/wave/service/builder/BuildStrategy.groovy

@@ -84,19 +84,6 @@ abstract class BuildStrategy {
             result << "type=registry,ref=$req.cacheRepository:$req.containerId".toString()
         }
 
-        if(req.spackFile){
-            result << '--opt'
-            result << 'build-arg:AWS_STS_REGIONAL_ENDPOINTS=$(AWS_STS_REGIONAL_ENDPOINTS)'
-            result << '--opt'
-            result << 'build-arg:AWS_REGION=$(AWS_REGION)'
-            result << '--opt'
-            result << 'build-arg:AWS_DEFAULT_REGION=$(AWS_DEFAULT_REGION)'
-            result << '--opt'
-            result << 'build-arg:AWS_ROLE_ARN=$(AWS_ROLE_ARN)'
-            result << '--opt'
-            result << 'build-arg:AWS_WEB_IDENTITY_TOKEN_FILE=$(AWS_WEB_IDENTITY_TOKEN_FILE)'
-        }
-
         return result
     }