From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6916819859940573184 X-Received: by 2002:a17:906:8151:: with SMTP id z17mr2804199ejw.48.1610447620233; Tue, 12 Jan 2021 02:33:40 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6402:22d3:: with SMTP id dm19ls2879002edb.2.gmail; Tue, 12 Jan 2021 02:33:39 -0800 (PST) X-Google-Smtp-Source: ABdhPJwaW5mjipphGx4SBIW6/9gwqPf9A8EAouRWJW3yi+C5NNP6E4607+XOL9+lLSZG2ODhwz0M X-Received: by 2002:a05:6402:17cb:: with SMTP id s11mr2728297edy.119.1610447619367; Tue, 12 Jan 2021 02:33:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610447619; cv=none; d=google.com; s=arc-20160816; b=ml5fa4++WPBvLbN6WOGqjUi6WxbN7/emITm8UVFuP8U/7nX5f9lmFTAETDOfeFCIha kyA8cQVIqPHzGT1tmaRHudkMR4SS4uiUnIXlrej7f3Gv0eCNnAFAbdwce5TAQBNM41XK 8JBLOgaoJPEZsMFDm1e62B8FRMmz7pHML2HqH4+wqCqexrfFHsqFIqotQWRbuhIPzDCM CAs4aoczX8Sz2GJcaRBUjJdf4yb6IiePvimSVNUYE2uwWMDmLeySbYzLmGvdXNZxGJtp VzjUVyYrLcbKvDUYgOQZbkhDmflhsTgoNUkaFPPejyOE8JzUuhJ2/vJaxRmQJGsou19j IRxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=K/KeYD+pyCpaCQr2Dt+uhxBzlNo4AwW5H10SerJR40A=; b=Ux9tKAzTH2PwjD5V5GmDvHX0ziYxZQ4FFie8aGzfNSfcpEfeKT+8cJUdgVJ9Xgkr+s kqBzGrabqlYoHjZx7FBT6VWC3pL1EUCBzmcDhxk1AyUgL2NYYGquCl48VYps7eLFHMFX ywgsuX7k47XEQJI1jT7z/0O0k/q/sA8DhZTZdUgy1jdEdHh5Px5yz816R/8Zfb8KtGWV Z27D2JwejrNPOvqUFh1MnnraI/Cg0siR5Uc/GikZyAyw8MGDPiFIO/2hBJdDZPdMBmHD 4cWVFgIRBjO7h39ykJPeW8KRnJQikCMfJHQjxTwzFAO0VMJDk9h2eFlj+J89akIvLEhh Sqzg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2]) by gmr-mx.google.com with ESMTPS id z13si97504ejb.1.2021.01.12.02.33.39 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 12 Jan 2021 02:33:39 -0800 (PST) Received-SPF: pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id 10CAXclN026019 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 12 Jan 2021 11:33:39 +0100 Received: from md1sf36c.ad001.siemens.net ([139.22.36.115]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 10CAXc39010059 for ; Tue, 12 Jan 2021 11:33:38 +0100 From: Silvano Cirujano Cuesta To: isar-users@googlegroups.com Subject: [RFC PATCH 1/2] sdk: support creation of container image Date: Tue, 12 Jan 2021 11:33:37 +0100 Message-Id: <20210112103338.14712-2-silvano.cirujano-cuesta@siemens.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210112103338.14712-1-silvano.cirujano-cuesta@siemens.com> References: <20210112103338.14712-1-silvano.cirujano-cuesta@siemens.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUID: EKAwQjH3i6vE Extend task "populate_sdk" to support the creation of a container image containing the SDK. Signed-off-by: Silvano Cirujano Cuesta --- meta/classes/image-sdk-extension.bbclass | 99 ++++++++++++++++++++++-- 1 file changed, 92 insertions(+), 7 deletions(-) diff --git a/meta/classes/image-sdk-extension.bbclass b/meta/classes/image-sdk-extension.bbclass index a8c708a..9317256 100644 --- a/meta/classes/image-sdk-extension.bbclass +++ b/meta/classes/image-sdk-extension.bbclass @@ -6,10 +6,77 @@ # This class extends the image.bbclass to supply the creation of a sdk SDK_INCLUDE_ISAR_APT ?= "0" +SDK_GENERATE_FORMATS = "${@d.getVar("SDK_FORMATS", "tar")}" + +sdk_tar() { + # Copy mount_chroot.sh for convenience + sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} + + # Create SDK archive + cd -P ${SDKCHROOT_DIR}/.. + sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ + -c rootfs | xz -T0 > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz +} + +sdk_container_images() { + local cmd="/bin/dash" + local empty_tag="empty" + local full_tag="latest" + local oci_img_dir="${WORKDIR}/oci-image" + local sdk_container_formats="$1" + + # prepare OCI container image skeleton + sudo umoci init --layout "${oci_img_dir}" + sudo umoci new --image "${oci_img_dir}:${empty_tag}" + sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + --config.cmd="${cmd}" + sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ + "${oci_img_dir}_unpacked" + + # add SDK root filesystem as the flesh of the skeleton + sudo cp -a "${SDKCHROOT_DIR}"/* "${oci_img_dir}_unpacked/rootfs/" + + # pack container image + sudo umoci repack --image "${oci_img_dir}:${full_tag}" \ + "${oci_img_dir}_unpacked" + sudo umoci remove --image "${oci_img_dir}:${empty_tag}" + sudo rm -rf "${oci_img_dir}_unpacked" + + # no root needed anymore + sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + + # convert the OCI container image to the desired format + sdk_id="sdk-${DISTRO}-${DISTRO_ARCH}" + image_name="isar-${sdk_id}" + image_archive="${DEPLOY_DIR_IMAGE}/${sdk_id}-${sdk_format}.tar" + for sdk_format in ${sdk_container_formats} ; do + case "${sdk_format}" in + "docker-archive" | "oci-archive") + if [ "${sdk_format}" = "oci-archive" ] ; then + target="${sdk_format}:${image_archive}:latest" + else + target="${sdk_format}:${image_archive}:${image_name}:latest" + fi + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" "${target}" + xz -T0 "${image_archive}" + ;; + "oci") + tar --create --xz --directory "${oci_img_dir}" \ + --file "${image_archive}.xz" . + ;; + "docker-daemon" | "containers-storage") + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" \ + "${sdk_format}:${image_name}:latest" + ;; + esac + done +} do_populate_sdk[stamp-extra-info] = "${DISTRO}-${MACHINE}" do_populate_sdk[depends] = "sdkchroot:do_build" -do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT" +do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT SDK_GENERATE_FORMATS" do_populate_sdk() { if [ "${SDK_INCLUDE_ISAR_APT}" = "1" ]; then # Copy isar-apt with deployed Isar packages @@ -48,12 +115,30 @@ do_populate_sdk() { done done - # Copy mount_chroot.sh for convenience - sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} + # separate SDK formats: TAR and container formats + container_formats="" + for sdk_format in ${SDK_GENERATE_FORMATS} ; do + case ${sdk_format} in + tar) + sdk_tar + ;; + "docker-archive" | "oci" | "oci-archive") + container_formats="${container_formats} ${sdk_format}" + ;; + "docker-daemon" | "containers-storage") + if [ -f /.dockerenv ] || [ -f /run/.containerenv ] ; then + die "Adding the SDK container image to a container runtime (${sdk_format}) not supported if running from a container (e.g. 'kas-container')" + fi + ;; + *) + die "unsupported SDK format specified: ${sdk_format}" + ;; + esac + done - # Create SDK archive - cd -P ${SDKCHROOT_DIR}/.. - sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ - -c rootfs | xz -T0 > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz + # generate the SDK in all the desired container formats + if [ -n "${container_formats}" ] ; then + sdk_container_images "${container_formats}" + fi } addtask populate_sdk after do_rootfs -- 2.29.2