From: Henning Schild <henning.schild@siemens.com>
To: "Hosgor, Tolga (CT RDA DS EU TR MTS)" <tlghosgor@gmail.com>
Cc: <isar-users@googlegroups.com>
Subject: Re: [PATCH] isar-bootstrap: debootstrap --include flag to support https:// sources
Date: Wed, 5 Dec 2018 18:12:42 +0100 [thread overview]
Message-ID: <20181205181242.37c507fa@md1za8fc.ad001.siemens.net> (raw)
In-Reply-To: <20181204133544.50621-1-tolga.hosgor@siemens.com>
Very good idea and thanks for looking into that. Please make sure
to add a CI test. Would be simple as changing one of our .list files to
have http in the first line and at least one https in another. And
maybe comment on the weird mix inside the file. I would suggest the
buster one.
Henning
Am Tue, 4 Dec 2018 16:35:44 +0300
schrieb "Hosgor, Tolga (CT RDA DS EU TR MTS)" <tlghosgor@gmail.com>:
> Building 'isar-bootstrap-target' fails when there are HTTPS URIs in
> the distro APT sources and the first URI is not HTTPS.
> The first URI in the APT sources is passed to 'debootstrap' and
> the distro APT sources file is written to the isar bootstrap rootfs.
> Then, following 'apt-get update' fails due to apt-transport-https,
> ca-certificates being missing. In a normal workflow, 'debootstrap'
> automatically includes them if the MIRROR is HTTPS.
>
> Signed-off-by: Hosgor, Tolga (CT RDA DS EU TR MTS)
> <tolga.hosgor@siemens.com> ---
> .../isar-bootstrap/isar-bootstrap.inc | 28
> +++++++++++++++++-- 1 file changed, 25 insertions(+), 3 deletions(-)
>
> diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc index
> cfad136..33ad8e8 100644 ---
> a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc +++
> b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc @@ -109,11
> +109,15 @@ def aggregate_aptsources_list(d, file_list, file_out):
> out_fd.write("\n".encode()) out_fd.write("\n".encode())
>
> -def get_distro_primary_source_entry(d, is_host=False):
> +def get_aptsources_list(d, is_host=False):
> if is_host:
> apt_sources_list = (d.getVar("HOST_DISTRO_APT_SOURCES",
> True) or "").split() else:
> apt_sources_list = (d.getVar("DISTRO_APT_SOURCES", True) or
> "").split()
> + return apt_sources_list
> +
> +def get_distro_primary_source_entry(d, is_host=False):
> + apt_sources_list = get_aptsources_list(d, is_host)
> for entry in apt_sources_list:
> entry_real = bb.parse.resolve_file(entry, d)
> with open(entry_real, "r") as in_fd:
> @@ -125,6 +129,18 @@ def get_distro_primary_source_entry(d,
> is_host=False): return parsed[2:]
> return ["", "", ""]
>
> +def get_distro_have_https_source(d, is_host=False):
> + for entry in get_aptsources_list(d, is_host):
> + entry_real = bb.parse.resolve_file(entry, d)
> + with open(entry_real, "r") as in_fd:
> + for line in in_fd:
> + parsed = parse_aptsources_list_line(line)
> + if parsed:
> + parsed = get_apt_source_mirror(d, parsed)
> + if parsed[2].startswith("https://"):
> + return True
> + return False
> +
> def get_distro_source(d, is_host):
> return get_distro_primary_source_entry(d, is_host)[0]
>
> @@ -138,6 +154,12 @@ def get_distro_components_argument(d, is_host):
> else:
> return ""
>
> +def get_debootstrap_includes(d, is_host=False):
> + if get_distro_have_https_source(d, is_host):
> + return "locales,apt-transport-https,ca-certificates"
> + else:
> + return "locales"
> +
> do_generate_keyring[dirs] = "${DL_DIR}"
> do_generate_keyring[vardeps] += "DISTRO_APT_KEYS"
> do_generate_keyring() {
> @@ -183,7 +205,7 @@ isar_bootstrap() {
> if [ ${IS_HOST} ]; then
> ${DEBOOTSTRAP} --verbose \
> --variant=minbase \
> - --include=locales \
> +
> --include="${@get_debootstrap_includes(d, True)}" \
> ${@get_distro_components_argument(d, True)} \ ${DEBOOTSTRAP_KEYRING} \
> "${@get_distro_suite(d, True)}" \
> @@ -194,7 +216,7 @@ isar_bootstrap() {
> "${DEBOOTSTRAP}" --verbose \
> --variant=minbase \
> --arch="${DISTRO_ARCH}" \
> - --include=locales \
> +
> --include="${@get_debootstrap_includes(d, False)}" \
> ${@get_distro_components_argument(d, False)} \ ${DEBOOTSTRAP_KEYRING}
> \ "${@get_distro_suite(d, False)}" \
next prev parent reply other threads:[~2018-12-05 17:12 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-04 13:35 Hosgor, Tolga (CT RDA DS EU TR MTS)
2018-12-04 14:11 ` Jan Kiszka
2018-12-04 14:23 ` Claudius Heine
2018-12-04 14:28 ` Jan Kiszka
2018-12-04 14:46 ` Claudius Heine
2018-12-05 10:28 ` Tolga Hoşgör
2018-12-05 12:27 ` Claudius Heine
2018-12-05 12:55 ` Claudius Heine
2018-12-05 12:58 ` Jan Kiszka
2018-12-05 13:04 ` Claudius Heine
2018-12-05 17:09 ` Henning Schild
2018-12-05 17:12 ` Henning Schild [this message]
2018-12-11 7:17 ` Henning Schild
2018-12-11 17:08 ` Tolga Hoşgör
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181205181242.37c507fa@md1za8fc.ad001.siemens.net \
--to=henning.schild@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=tlghosgor@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox