From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6916819859940573184 X-Received: by 2002:aa7:c707:: with SMTP id i7mr178721edq.183.1610473018624; Tue, 12 Jan 2021 09:36:58 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a17:906:360c:: with SMTP id q12ls1847580ejb.3.gmail; Tue, 12 Jan 2021 09:36:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJzL6kiWE1GUbcLv466pb+7OZWPArb0y/ocmCSSUfQh6Ky8IkmIvOU8MGgWAWG/FhDK5zuxb X-Received: by 2002:a17:906:1393:: with SMTP id f19mr3863420ejc.431.1610473017578; Tue, 12 Jan 2021 09:36:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610473017; cv=none; d=google.com; s=arc-20160816; b=QYBvaihFY3O6kDnQc3biVuuXTDjI2n1l6KjZAdglzf5UBrS3BSMm/U/Q4dlASANQvM N+8DN3PHiHNReH9GTXz9PKRYz3xuKcQ44uXn/JPi2ZH7mRcJdncDHX5fMC/9ShDqdXAT WUEWbWvs+odB4VSSc1XUGinimkbfD+eWNtWwPckwdo7oCllNkXdcmJ65gCQG4CtPW5qg lw7GrB0hhBLNyz2xY1YpUv15UmFaLhajjilPJyRyEYLlDdda2zMoe111J3iWHWK4KHrt 618FFnw9BW5CX7cbmmnT29VqnHqHr3mpy0thdq5GwPCA/sA6HyUtgsp3Vo55Zez+GUe5 MZRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date; bh=2UbgJzXcol3OqA5q7snVPhAXAlnjj7JuJn48nYC2x8o=; b=lqcyFZYEDTJ9ydbYu4NsxuoXnTYcKuend7NCh0uju1V+67D5gOAGjZ7HGoQi4LY5vh DIpWtBOMfZ01+BW0MVYB4pjc8vGiApdYk8CrjlqmZPhoBoJ0kcV2LS7vu1SNb8HT8pDV UzpiwnkDiYherL2x7zy8OH0b15nVjB7u0mxY7Stl5WDQfI3p4uoFfITMLyT35Gd2jkM9 yR7Jf5Q9M8pu76Whv14M2YB9aR92TL2ob7u3M6vvbcVeXbASamMTdwsoRzlbeDJd7XzM ZQ6uBr4iU0m+kY6qOEOUIGctzWf/4IA83HUAUhCDfYFqJ+biCIt1tqh/qXMh0R3B1mX1 CbEQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from lizzard.sbs.de (lizzard.sbs.de. [194.138.37.39]) by gmr-mx.google.com with ESMTPS id f26si183252ejx.0.2021.01.12.09.36.57 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 12 Jan 2021 09:36:57 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) client-ip=194.138.37.39; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id 10CHavc1002706 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Tue, 12 Jan 2021 18:36:57 +0100 Received: from md1za8fc.ad001.siemens.net ([139.22.47.251]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 10CHauYh032402; Tue, 12 Jan 2021 18:36:57 +0100 Date: Tue, 12 Jan 2021 18:36:55 +0100 From: Henning Schild To: "[ext] Silvano Cirujano Cuesta" Cc: isar-users@googlegroups.com Subject: Re: [RFC PATCH 1/2] sdk: support creation of container image Message-ID: <20210112183655.4f227e42@md1za8fc.ad001.siemens.net> In-Reply-To: <20210112103338.14712-2-silvano.cirujano-cuesta@siemens.com> References: <20210112103338.14712-1-silvano.cirujano-cuesta@siemens.com> <20210112103338.14712-2-silvano.cirujano-cuesta@siemens.com> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: DU1M4lXIqwEP Am Tue, 12 Jan 2021 11:33:37 +0100 schrieb "[ext] Silvano Cirujano Cuesta" : > Extend task "populate_sdk" to support the creation of a container > image containing the SDK. > > Signed-off-by: Silvano Cirujano Cuesta > --- > meta/classes/image-sdk-extension.bbclass | 99 > ++++++++++++++++++++++-- 1 file changed, 92 insertions(+), 7 > deletions(-) > > diff --git a/meta/classes/image-sdk-extension.bbclass > b/meta/classes/image-sdk-extension.bbclass index a8c708a..9317256 > 100644 --- a/meta/classes/image-sdk-extension.bbclass > +++ b/meta/classes/image-sdk-extension.bbclass > @@ -6,10 +6,77 @@ > # This class extends the image.bbclass to supply the creation of a > sdk > SDK_INCLUDE_ISAR_APT ?= "0" > +SDK_GENERATE_FORMATS = "${@d.getVar("SDK_FORMATS", "tar")}" > + > +sdk_tar() { > + # Copy mount_chroot.sh for convenience > + sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} > + > + # Create SDK archive > + cd -P ${SDKCHROOT_DIR}/.. > + sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ > + -c rootfs | xz -T0 > > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz +} > + > +sdk_container_images() { > + local cmd="/bin/dash" > + local empty_tag="empty" > + local full_tag="latest" > + local oci_img_dir="${WORKDIR}/oci-image" > + local sdk_container_formats="$1" > + > + # prepare OCI container image skeleton > + sudo umoci init --layout "${oci_img_dir}" > + sudo umoci new --image "${oci_img_dir}:${empty_tag}" > + sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ > + --config.cmd="${cmd}" > + sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ > + "${oci_img_dir}_unpacked" > + > + # add SDK root filesystem as the flesh of the skeleton > + sudo cp -a "${SDKCHROOT_DIR}"/* "${oci_img_dir}_unpacked/rootfs/" > + > + # pack container image > + sudo umoci repack --image "${oci_img_dir}:${full_tag}" \ > + "${oci_img_dir}_unpacked" > + sudo umoci remove --image "${oci_img_dir}:${empty_tag}" > + sudo rm -rf "${oci_img_dir}_unpacked" > + > + # no root needed anymore > + sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" > + > + # convert the OCI container image to the desired format > + sdk_id="sdk-${DISTRO}-${DISTRO_ARCH}" > + image_name="isar-${sdk_id}" > + image_archive="${DEPLOY_DIR_IMAGE}/${sdk_id}-${sdk_format}.tar" > + for sdk_format in ${sdk_container_formats} ; do > + case "${sdk_format}" in > + "docker-archive" | "oci-archive") > + if [ "${sdk_format}" = "oci-archive" ] ; then > + target="${sdk_format}:${image_archive}:latest" > + else > + > target="${sdk_format}:${image_archive}:${image_name}:latest" > + fi > + skopeo --insecure-policy copy \ > + "oci:${oci_img_dir}:${full_tag}" "${target}" > + xz -T0 "${image_archive}" > + ;; > + "oci") > + tar --create --xz --directory "${oci_img_dir}" \ > + --file "${image_archive}.xz" . > + ;; > + "docker-daemon" | "containers-storage") > + skopeo --insecure-policy copy \ > + "oci:${oci_img_dir}:${full_tag}" \ > + "${sdk_format}:${image_name}:latest" > + ;; Jan proposed to make the SDK class wider than x86(64). How is this going to affect docker? (i intentionally use "docker" as synonym for all sorts of ...) The proposed changes should be tested for riscv and arm64 as well. Henning > + esac > + done > +} > > do_populate_sdk[stamp-extra-info] = "${DISTRO}-${MACHINE}" > do_populate_sdk[depends] = "sdkchroot:do_build" > -do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT" > +do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT > SDK_GENERATE_FORMATS" do_populate_sdk() { > if [ "${SDK_INCLUDE_ISAR_APT}" = "1" ]; then > # Copy isar-apt with deployed Isar packages > @@ -48,12 +115,30 @@ do_populate_sdk() { > done > done > > - # Copy mount_chroot.sh for convenience > - sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} > + # separate SDK formats: TAR and container formats > + container_formats="" > + for sdk_format in ${SDK_GENERATE_FORMATS} ; do > + case ${sdk_format} in > + tar) > + sdk_tar > + ;; > + "docker-archive" | "oci" | "oci-archive") > + container_formats="${container_formats} > ${sdk_format}" > + ;; > + "docker-daemon" | "containers-storage") > + if [ -f /.dockerenv ] || [ -f /run/.containerenv ] ; > then > + die "Adding the SDK container image to a > container runtime (${sdk_format}) not supported if running from a > container (e.g. 'kas-container')" > + fi > + ;; > + *) > + die "unsupported SDK format specified: ${sdk_format}" > + ;; > + esac > + done > > - # Create SDK archive > - cd -P ${SDKCHROOT_DIR}/.. > - sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ > - -c rootfs | xz -T0 > > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz > + # generate the SDK in all the desired container formats > + if [ -n "${container_formats}" ] ; then > + sdk_container_images "${container_formats}" > + fi > } > addtask populate_sdk after do_rootfs