Add builder for Flatcar

[jepio]

Example output

# Requires the builderimage to be updated, so replicating this might need also a --builderimage argument
./_output/bin/driverkit docker -l debug -t flatcar --kernelrelease 3255.0.0  --output-module=/tmp/falco.ko --driverversion master

DEBU running without a configuration file         
DEBU running with options                          arch=amd64 driverversion=master kernelrelease=3255.0.0 kernelversion=1 output-module=/tmp/falco.ko target=flatcar
INFO driver building, it will take a few seconds   processor=docker
DEBU doing a new docker build                     
DEBU kernel header url found                       url="https://alpha.release.flatcar-linux.net/amd64-usr/3255.0.0/flatcar_production_image_packages.txt"
DEBU kernel header url found                       url="https://alpha.release.flatcar-linux.net/amd64-usr/3255.0.0/flatcar_production_image_kernel_config.txt"
DEBU kernel header url found                       url="https://cdn.kernel.org/pub/linux/kernel/v5.x/linux-5.15.43.tar.xz"
...
DEBU make[1]: Leaving directory '/tmp/kernel' 
DEBU + mv falco.ko /tmp/driver/module.ko  
DEBU + strip -g /tmp/driver/module.ko     
DEBU + modinfo /tmp/driver/module.ko      
DEBU filename:       /tmp/driver/module.ko 
DEBU schema_version: 1.0.0                        
DEBU api_version:    1.0.0                        
DEBU build_commit:   master                       
DEBU version:        master                       
DEBU author:         the Falco authors            
DEBU license:        GPL                          
DEBU srcversion:     F2DE132E5F90A47892185E9      
DEBU depends:                                     
DEBU retpoline:      Y                            
DEBU name:           falco                        
DEBU vermagic:       5.15.43-flatcar SMP mod_unload  
DEBU parm:           max_consumers:Maximum number of consumers that can simultaneously open the devices (uint) 
DEBU parm:           verbose:Enable verbose logging (bool) 
DEBU log pipe close                                error=EOF
INFO kernel module available                       path=/tmp/falco.ko
DEBU context canceled

What type of PR is this?
/kind feature

Any specific area of the project related to this PR?
/area build

What this PR does / why we need it:
This PR introduces a builder for Flatcar. There have been several reports of vanilla builder not working well for Flatcar (https://github.com/falcosecurity/driverkit/issues?q=flatcar), we also have reports on our own issue tracker of the stock Falco build process not working since we shipped a newer GLIBC (flatcar/Flatcar#534). In slack there are occasional questions in slack regarding the kernel module build for Flatcar. So we know that there are plenty of users that would like this to work.

Which issue(s) this PR fixes:

Example output:

Fixes #

Special notes for your reviewer:
I tried to not introduce an extra "osrelease" or "osversion" field but that's actually what we would need. I snuck the "osrelease" into the "kernelrelease" field instead, hope that's ok. Also: any thoughts on getting a GCC newer than 8 into the builder container?

Does this PR introduce a user-facing change?:

Add support for Flatcar Container Linux

[poiana]

Welcome @jepio! It looks like this is your first PR to falcosecurity/driverkit 🎉

[dwindsor]

I wonder if these calls to make oldconfig and modules_prepare are necessary? I don't actually see them in any of the other builders, but this may be required for flatcar?

[jepio]

I copied this part from the vanilla builder. Our own "kernel-devel" package equivalent is compiled against newer glibc, such that it doesn't work with the old debian based builder image. Here we're pulling generic kernel sources (we don't patch our sources) and need to "prepare" those.

[dwindsor]

Makes sense, thanks!

[jepio]

@leodido any chance you could have a look at this?

[dwindsor]

Hi! This looks fine to me. kernel-crawler already has support for Flatcar, so it makes sense to add this.

It's been a while since this PR was originally submitted, so not sure if the vendor has changed its upstream package naming format and/or location (I assume not, it's been only a month).

[jepio]

Hi! This looks fine to me. kernel-crawler already has support for Flatcar, so it makes sense to add this.

It's been a while since this PR was originally submitted, so not sure if the vendor has changed its upstream package naming format and/or location (I assume not, it's been only a month).

Thanks for the link to kernel-crawler, I checked what output it produces, and decided to drop the -flatcar from the kernelrelease value to be consistent with it. None of the package naming/formats/locations have changed, but I did catch 2 minor issues that I fixed: I was missing setting EXTRAVERSION correctly and we need dwarves/pahole in the builder container.

With this, I would be happy to get lgtm's and/or make any necessary changes.

[dwindsor]

Thanks for the link to kernel-crawler, I checked what output it produces, and decided to drop the -flatcar from the kernelrelease value to be consistent with it. None of the package naming/formats/locations have changed, but I did catch 2 minor issues that I fixed: I was missing setting EXTRAVERSION correctly and we need dwarves/pahole in the builder container.

Nice! Thanks for the updates. Have you had a chance to try to load the built drivers/probes on Flatcar yet?

[jepio]

Yes, that's how I came across the issues 2 issues I found. The module now loads correctly on flatcar.

[dwindsor]

Could you update the description with an example command-line invocation building a flatcar driver with successful results as in PR130:

[jepio]

I've added an example command line invocation of this builder and the output that generates (truncated most of the verbose shell output).

Also rebased the series to add a commit to support the architecture flag that was merged to master.

[poiana]

LGTM label has been added.

Git tree hash: 23987d0a536896f42d0ada75d1e9bc3b4fab122a

[dwindsor]

/lgtm

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dwindsor, jepio

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dwindsor]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment