Precompiled: Ubuntu26.04 driver container support

.common-ci.yml

@@ -110,6 +110,14 @@ trigger-pipeline:
         KERNEL_FLAVOR: [aws, azure, azure-fde, generic, nvidia, oracle]
         LTS_KERNEL: ["6.8"]
 
+# Define the matrix of precompiled jobs that can be run in parallel for ubuntu26.04
+.driver-versions-precompiled-ubuntu26.04:
+  parallel:
+    matrix:
+      - DRIVER_BRANCH: [595]
+        KERNEL_FLAVOR: [aws, azure, azure-fde, generic, nvidia, oracle]
+        LTS_KERNEL: ["7.0"]
+
 .dist-ubuntu22.04:
   variables:
     DIST: ubuntu22.04
@@ -467,3 +475,14 @@ release:staging-precompiled-ubuntu24.04:
     - .release:staging-precompiled
   needs:
     - image-precompiled-ubuntu24.04
+
+# Precompiled Ubuntu26.04 release
+release:staging-precompiled-ubuntu26.04:
+  variables:
+    DIST: signed_ubuntu26.04
+    BASE_TARGET: resolute
+  extends:
+    - .driver-versions-precompiled-ubuntu26.04
+    - .release:staging-precompiled
+  needs:
+    - image-precompiled-ubuntu26.04

.github/precompiled-matrix-config.json

@@ -1,14 +1,25 @@
 {
   "driver_branch": ["580", "595"],
   "kernel_flavors": ["aws", "azure", "azure-fde", "generic", "nvidia", "oracle"],
-  "dist": ["ubuntu22.04", "ubuntu24.04"],
-  "lts_kernel": ["5.15", "6.8"],
-  "exclude_build_matrix_pairs": [],
+  "dist": ["ubuntu22.04", "ubuntu24.04", "ubuntu26.04"],
+  "lts_kernel": ["5.15", "6.8", "7.0"],
+  "exclude_build_matrix_pairs": [
+    { "dist": "ubuntu26.04", "driver_branch": "580" }
+  ],
   "exclude_precompiled_build_matrix": [
+    { "dist": "ubuntu26.04", "driver_branch": "580" },
     { "lts_kernel": "5.15", "dist": "ubuntu24.04" },
+    { "lts_kernel": "7.0", "dist": "ubuntu24.04" },
+    { "lts_kernel": "5.15", "dist": "ubuntu26.04" },
+    { "lts_kernel": "6.8", "dist": "ubuntu26.04" },
+    { "lts_kernel": "7.0", "dist": "ubuntu22.04" },
     { "flavor": "azure-fde", "dist": "ubuntu22.04" }
   ],
   "exclude_precompiled_e2e_matrix": [
-    { "lts_kernel": "5.15", "dist": "ubuntu24.04" }
+    { "lts_kernel": "5.15", "dist": "ubuntu24.04" },
+    { "lts_kernel": "7.0", "dist": "ubuntu24.04" },
+    { "lts_kernel": "5.15", "dist": "ubuntu26.04" },
+    { "lts_kernel": "6.8", "dist": "ubuntu26.04" },
+    { "lts_kernel": "7.0", "dist": "ubuntu22.04" }
   ]
 }

.github/workflows/precompiled.yaml

@@ -103,6 +103,8 @@ jobs:
             BASE_TARGET="jammy"
           elif [[ "${{ matrix.dist }}" == "ubuntu24.04" ]]; then
             BASE_TARGET="noble"
+          elif [[ "${{ matrix.dist }}" == "ubuntu26.04" ]]; then
+            BASE_TARGET="resolute"
           fi
           make DRIVER_BRANCH=${{ matrix.driver_branch }} KERNEL_FLAVOR=${{ matrix.flavor }} LTS_KERNEL=${LTS_KERNEL} build-base-${BASE_TARGET}
 
@@ -133,6 +135,8 @@ jobs:
             BASE_TARGET="jammy"
           elif [[ "${{ matrix.dist }}" == "ubuntu24.04" ]]; then
             BASE_TARGET="noble"
+          elif [[ "${{ matrix.dist }}" == "ubuntu26.04" ]]; then
+            BASE_TARGET="resolute"
           fi
           tar -cvf kernel-version-${{ matrix.driver_branch }}-${KERNEL_VERSION}-${DIST}.tar kernel_version.txt
           docker save "${PRIVATE_REGISTRY}/nvidia/driver:base-${BASE_TARGET}-${LTS_KERNEL}-${{ matrix.flavor }}-${{ matrix.driver_branch }}" \
@@ -352,6 +356,9 @@ jobs:
           if [[ "$DIST" == "ubuntu24.04" ]]; then
             yq eval '.spec.instance.os = "ubuntu-24.04"' -i tests/holodeck_ubuntu.yaml
           fi
+          if [[ "$DIST" == "ubuntu26.04" ]]; then
+            yq eval '.spec.instance.os = "ubuntu-26.04"' -i tests/holodeck_ubuntu.yaml
+          fi
 
       - name: Set up Holodeck
         uses: NVIDIA/holodeck@v0.3.4
@@ -467,6 +474,8 @@ jobs:
             BASE_TARGET="jammy"
           elif [[ "${DIST}" == "ubuntu24.04" ]]; then
             BASE_TARGET="noble"
+          elif [[ "${DIST}" == "ubuntu26.04" ]]; then
+            BASE_TARGET="resolute"
           fi
           image_path="./base-images-${{ matrix.driver_branch }}-${{ matrix.kernel_version }}.tar"
           echo "uploading  $image_path"

.gitlab-ci.yml

@@ -137,3 +137,12 @@ image-precompiled-ubuntu24.04:
   extends:
     - .driver-versions-precompiled-ubuntu24.04
     - .image-build-precompiled
+
+image-precompiled-ubuntu26.04:
+  variables:
+    DIST: signed_ubuntu26.04
+    BASE_TARGET: resolute
+    CVE_UPDATES: "curl libc6"
+  extends:
+    - .driver-versions-precompiled-ubuntu26.04
+    - .image-build-precompiled

.nvidia-ci.yml

@@ -112,6 +112,20 @@ image-precompiled-ubuntu24.04:
     - .driver-versions-precompiled-ubuntu24.04
     - .image-pull-generic
 
+image-precompiled-ubuntu26.04:
+  variables:
+    DIST: signed_ubuntu26.04
+    BASE_TARGET: resolute
+    PRECOMPILED: "true"
+    CVE_UPDATES: "curl libc6"
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "schedule"
+      when: delayed
+      start_in: 30 minutes
+  extends:
+    - .driver-versions-precompiled-ubuntu26.04
+    - .image-pull-generic
+
 .image-pull-ubuntu22.04:
   # Perform for each DRIVER_VERSION
   extends:
@@ -282,6 +296,18 @@ image-rocky10:
     - !reference [.scan-rules-common, rules]
     - !reference [.precompiled-rules, rules]
 
+.scan-precompiled-ubuntu26.04:
+  variables:
+    DIST: signed_ubuntu26.04
+    BASE_TARGET: resolute
+    PRECOMPILED: "true"
+  extends:
+    - .driver-versions-precompiled-ubuntu26.04
+    - .scan-generic
+  rules:
+    - !reference [.scan-rules-common, rules]
+    - !reference [.precompiled-rules, rules]
+
 .scan-precompiled-ubuntu22.04:
   variables:
     DIST: signed_ubuntu22.04
@@ -335,6 +361,15 @@ scan-precompiled-ubuntu24.04-amd64:
   needs:
     - image-precompiled-ubuntu24.04
 
+scan-precompiled-ubuntu26.04-amd64:
+  variables:
+    PLATFORM: linux/amd64
+  extends:
+    - .scan-precompiled-ubuntu26.04
+    - .platform-amd64
+  needs:
+    - image-precompiled-ubuntu26.04
+
 scan-precompiled-ubuntu22.04-amd64:
   variables:
     PLATFORM: linux/amd64
@@ -477,6 +512,18 @@ release:ngc-precompiled-ubuntu24.04:
   rules:
   - !reference [.precompiled-rules, rules]
 
+release:ngc-precompiled-ubuntu26.04:
+  variables:
+    DIST: signed_ubuntu26.04
+    BASE_TARGET: resolute
+    PRECOMPILED: "true"
+  extends:
+    - .driver-versions-precompiled-ubuntu26.04
+    - .release-generic
+    - .release:ngc-variables
+  rules:
+    - !reference [.precompiled-rules, rules]
+
 release:ngc-precompiled-ubuntu22.04:
   variables:
     DIST: signed_ubuntu22.04

Makefile

@@ -54,10 +54,10 @@ OUT_IMAGE_TAG = $(OUT_IMAGE_VERSION)-$(OUT_DIST)
 OUT_IMAGE = $(OUT_IMAGE_NAME):$(OUT_IMAGE_TAG)
 
 ##### Public rules #####
-DISTRIBUTIONS := ubuntu22.04 ubuntu24.04 signed_ubuntu22.04 signed_ubuntu24.04 rhel8 rhel9 rhel10 rocky8 rocky9 rocky10 precompiled_rhcos
+DISTRIBUTIONS := ubuntu22.04 ubuntu24.04 signed_ubuntu22.04 signed_ubuntu24.04 signed_ubuntu26.04 rhel8 rhel9 rhel10 rocky8 rocky9 rocky10 precompiled_rhcos
 RHCOS_VERSIONS := rhcos4.14 rhcos4.15 rhcos4.16 rhcos4.17 rhcos4.18 rhel9.6
 PUSH_TARGETS := $(patsubst %, push-%, $(DISTRIBUTIONS))
-BASE_FROM := noble jammy
+BASE_FROM := resolute noble jammy
 PUSH_TARGETS := $(patsubst %, push-%, $(DISTRIBUTIONS))
 VGPU_GUEST_DRIVER_PUSH_TARGETS := $(patsubst %, push-vgpuguest-%, $(DISTRIBUTIONS) $(RHCOS_VERSIONS))
 VGPU_HOST_DRIVER_PUSH_TARGETS := $(patsubst %, push-vgpuhost-%, $(DISTRIBUTIONS) $(RHCOS_VERSIONS))
@@ -98,6 +98,10 @@ pull-signed_ubuntu24.04%: DIST = ubuntu24.04
 pull-signed_ubuntu24.04%: DRIVER_TAG = $(DRIVER_BRANCH)
 pull-signed_ubuntu24.04%: IMAGE_TAG = $(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
 
+pull-signed_ubuntu26.04%: DIST = ubuntu26.04
+pull-signed_ubuntu26.04%: DRIVER_TAG = $(DRIVER_BRANCH)
+pull-signed_ubuntu26.04%: IMAGE_TAG = $(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
+
 PLATFORM ?= linux/amd64
 $(DRIVER_PULL_TARGETS): pull-%:
 	$(DOCKER) pull "--platform=$(PLATFORM)" "$(IMAGE)"
@@ -116,6 +120,10 @@ archive-signed_ubuntu24.04%: DIST = ubuntu24.04
 archive-signed_ubuntu24.04%: DRIVER_TAG = $(DRIVER_BRANCH)
 archive-signed_ubuntu24.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
 
+archive-signed_ubuntu26.04%: DIST = ubuntu26.04
+archive-signed_ubuntu26.04%: DRIVER_TAG = $(DRIVER_BRANCH)
+archive-signed_ubuntu26.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
+
 $(DRIVER_ARCHIVE_TARGETS): archive-%:
 	$(DOCKER) save "$(IMAGE)" -o "archive.tar"
 
@@ -139,6 +147,11 @@ push-signed_ubuntu24.04%: DRIVER_TAG = $(DRIVER_BRANCH)
 push-signed_ubuntu24.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
 push-signed_ubuntu24.04%: OUT_IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
 
+push-signed_ubuntu26.04%: DIST = ubuntu26.04
+push-signed_ubuntu26.04%: DRIVER_TAG = $(DRIVER_BRANCH)
+push-signed_ubuntu26.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
+push-signed_ubuntu26.04%: OUT_IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
+
 # $(DRIVER_BUILD_TARGETS) is in the form of build-$(DIST)-$(DRIVER_VERSION)
 # Parse the target to set the required variables.
 build-%: DIST = $(word 2,$(subst -, ,$@))
@@ -191,6 +204,14 @@ build-signed_ubuntu24.04%: DRIVER_TAG = $(DRIVER_BRANCH)
 build-signed_ubuntu24.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
 build-signed_ubuntu24.04%: DOCKER_BUILD_ARGS =  --build-arg KERNEL_VERSION="$(KERNEL_VERSION)"
 
+# ubuntu26.04 Precompiled Driver
+build-signed_ubuntu26.04%: DIST = ubuntu26.04
+build-signed_ubuntu26.04%: SUBDIR = .
+build-signed_ubuntu26.04%: DOCKERFILE = $(CURDIR)/ubuntu26.04/precompiled/Dockerfile
+build-signed_ubuntu26.04%: DRIVER_TAG = $(DRIVER_BRANCH)
+build-signed_ubuntu26.04%: IMAGE_TAG = $(if $(VERSION),$(VERSION)-)$(DRIVER_BRANCH)-$(KERNEL_VERSION)-$(DIST)
+build-signed_ubuntu26.04%: DOCKER_BUILD_ARGS = --build-arg KERNEL_VERSION="$(KERNEL_VERSION)"
+
 # base is an image used to poll Canonical for the latest kernel version
 # LTS_KERNEL must be defined in the environment when invoking this target.
 LTS_KERNEL ?= ""

base/Dockerfile

@@ -1,3 +1,39 @@
+# Ubuntu 26.04
+FROM ubuntu:resolute-20260421 AS resolute
+
+SHELL ["/bin/bash", "-c"]
+
+ARG DRIVER_BRANCH
+ARG KERNEL_FLAVOR
+ARG LTS_KERNEL
+ENV DRIVER_BRANCH=${DRIVER_BRANCH}
+ENV KERNEL_FLAVOR=${KERNEL_FLAVOR}
+ENV LTS_KERNEL=${LTS_KERNEL}
+
+RUN echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ resolute main restricted universe" > /etc/apt/sources.list && \
+    echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ resolute-updates main restricted universe" >> /etc/apt/sources.list && \
+    echo "deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ resolute-security main restricted universe" >> /etc/apt/sources.list && \
+    echo "deb [arch=amd64] http://us.archive.ubuntu.com/ubuntu resolute-updates main restricted" >> /etc/apt/sources.list && \
+    echo "deb [arch=amd64] http://us.archive.ubuntu.com/ubuntu resolute-security main restricted" >> /etc/apt/sources.list && \
+    rm -f /etc/apt/sources.list.d/ubuntu.sources
+
+RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
+
+ENV NVIDIA_VISIBLE_DEVICES=void
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        apt-utils git curl && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN usermod -o -u 0 -g 0 _apt
+
+COPY generate-ci-config /usr/local/bin/generate-ci-config
+
+RUN chmod +x /usr/local/bin/generate-ci-config && \
+    generate-ci-config
+
+ENTRYPOINT ["/usr/bin/sleep","1000"]
+
 # Ubuntu 24.04
 FROM ubuntu:noble-20260509.1 AS noble
 

multi-arch.mk

@@ -26,3 +26,4 @@ $(DRIVER_PUSH_TARGETS): push-%:
 # No multi-arch support for the following distributions
 build-signed_ubuntu22.04%: DOCKER_BUILD_PLATFORM_OPTIONS = --platform=linux/amd64
 build-signed_ubuntu24.04%: DOCKER_BUILD_PLATFORM_OPTIONS = --platform=linux/amd64
+build-signed_ubuntu26.04%: DOCKER_BUILD_PLATFORM_OPTIONS = --platform=linux/amd64

ubuntu26.04/precompiled/Dockerfile

@@ -0,0 +1,61 @@
+ARG BASE_IMAGE=ubuntu:resolute-20260421
+FROM ${BASE_IMAGE}
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+ARG BASE_URL=https://us.download.nvidia.com/tesla
+ARG TARGETARCH
+ENV TARGETARCH=$TARGETARCH
+ARG DRIVER_BRANCH=595
+ENV DRIVER_BRANCH=$DRIVER_BRANCH
+ARG DRIVER_VERSION=595.71.05
+ENV DRIVER_VERSION=$DRIVER_VERSION
+
+ARG KERNEL_VERSION=7.0.0-12-generic
+ENV KERNEL_VERSION=$KERNEL_VERSION
+
+ENV NVIDIA_VISIBLE_DEVICES=void
+
+RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+        apt-utils \
+        build-essential \
+        ca-certificates \
+        curl \
+        kmod \
+        file \
+        libelf-dev \
+        libglvnd-dev \
+        pkg-config && \
+    rm -rf /var/lib/apt/lists/*
+
+# Fetch GPG keys for CUDA repo
+RUN rm -f /etc/apt/sources.list.d/cuda* && \
+    curl -fsSL https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2604/x86_64/cuda-keyring_1.1-1_all.deb -o cuda-keyring_1.1-1_all.deb && \
+    dpkg -i cuda-keyring_1.1-1_all.deb && \
+    rm -f cuda-keyring_1.1-1_all.deb
+
+RUN usermod -o -u 0 -g 0 _apt
+
+# Install / upgrade packages here that are required to resolve CVEs
+ARG CVE_UPDATES
+RUN if [ -n "${CVE_UPDATES}" ]; then \
+        apt-get update && apt-get --only-upgrade -y install ${CVE_UPDATES} && \
+        rm -rf /var/lib/apt/lists/*; \
+    fi
+
+COPY ubuntu26.04/precompiled/nvidia-driver /usr/local/bin
+
+ADD ubuntu26.04/precompiled/local-repo.sh /tmp
+
+RUN mkdir -p /usr/local/repos && \
+    /tmp/local-repo.sh download_driver_package_deps && \
+    /tmp/local-repo.sh build_local_apt_repo && \
+    /tmp/local-repo.sh fetch_nvidia_installer && \
+    # Remove all other ubuntu apt sources to ensure we only pull from the local apt repo
+    rm /etc/apt/sources.list.d/*
+
+WORKDIR  /drivers
+
+ENTRYPOINT ["nvidia-driver", "init"]