8ab9ef14a0
* Update tools to build packages with dependencies hydrated Hydrated build is a new approach where all the dependencies are hydrated from pre-built RPMs. This provides two advantages. 1. Faster build. As no package need to wait for its dependency's build to complete, all packages will be fired to build in parallel. (Practically with slight delay as firing of pre-built nodes takes place before). 2. Failure of any dependency build will not cause failure to the current package, as the dependency is fetched from cached RPMs. Introduced a new flag HYDRATED_BUILD to enable this feature. Also it is pre-requisite to run `make hydrate-toolchain` and `make hydrate-rpms` with appropriate tar files before using this option. This is achieved by replacing the BUILD to RUN node edge with BUILD to PREBUILT node edge (clone of the RUN node) nodes (if there is a corresponding RPM hydrated already). * Fix go fmt check failures * Fix typos * Introduce graphscrubber graphscrubber is for preprocessing the build graph to scheduler. Currently it is only doing hydrated build related work. Ideally all the graph optimization related jobs to be moved from scheduler to graphscrubber. * go fmt tidy * Remove unnecessary functions from graphscrubber * Fix Make rule to build graphscrubber before using it * Use inline hydrated-build flag * Update documentaion for HYDRATED_BUILD flag * Update changes recommended in PR discussion * go tidy * Remove unnecessary arguments from graphPreprocessor * Update toolkit/tools/graphPreprocessor/graphPreprocessor.go Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> * Update toolkit/tools/graphPreprocessor/graphPreprocessor.go Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> * Update toolkit/tools/graphPreprocessor/graphPreprocessor.go Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> * retrugger checks * Update toolkit/scripts/pkggen.mk Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> * Update toolkit/scripts/pkggen.mk Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> * Update toolkit/scripts/pkggen.mk Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> * Update toolkit/scripts/pkggen.mk Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> * retrugger checks * retrugger checks Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> |
||
|---|---|---|
| .github | ||
| LICENSES-AND-NOTICES | ||
| SPECS | ||
| SPECS-EXTENDED | ||
| SPECS-SIGNED | ||
| toolkit | ||
| .gitignore | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| SUPPORT.md | ||
| cgmanifest.json | ||
README.md
CBL-Mariner
| Release Branch | Status |
|---|---|
| 1.0 |  |
CBL-Mariner is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services. CBL-Mariner is designed to provide a consistent platform for these devices and services and will enhance Microsoft’s ability to stay current on Linux updates. This initiative is part of Microsoft’s increasing investment in a wide range of Linux technologies, such as SONiC, Azure Sphere OS and Windows Subsystem for Linux (WSL). CBL-Mariner is being shared publicly as part of Microsoft’s commitment to Open Source and to contribute back to the Linux community. CBL-Mariner does not change our approach or commitment to any existing third-party Linux distribution offerings.
CBL-Mariner has been engineered with the notion that a small common core set of packages can address the universal needs of first party cloud and edge services while allowing individual teams to layer additional packages on top of the common core to produce images for their workloads. This is made possible by a simple build system that enables:
- Package Generation: This produces the desired set of RPM packages from SPEC files and source files.
- Image Generation: This produces the desired image artifacts like ISOs or VHDs from a given set of packages.
Whether deployed as a container or a container host, CBL-Mariner consumes limited disk and memory resources. The lightweight characteristics of CBL-Mariner also provides faster boot times and a minimal attack surface. By focusing the features in the core image to just what is needed for our internal cloud customers there are fewer services to load, and fewer attack vectors.
When security vulnerabilities arise, CBL-Mariner supports both a package-based update model and an image based update model. Leveraging the common RPM Package Manager system, CBL-Mariner makes the latest security patches and fixes available for download with the goal of fast turn-around times.
Getting Started with CBL-Mariner:
Instructions for building CBL-Mariner may be found here: Toolkit Documentation
Trademarks
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.
Acknowledgments
Any Linux distribution, including CBL-Mariner, benefits from contributions by the open software community. We gratefully acknowledge all contributions made from the broader open source community, in particular:
-
The Photon OS Project for SPEC files originating from the Photon distribution.
-
The Fedora Project for SPEC files, particularly with respect to QT, DNF and several of their dependencies.
-
GNU and the Free Software Foundation
-
Openmamba for SPEC files