From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6927266035414335488
X-Received: by 2002:a19:651b:: with SMTP id z27mr464773lfb.517.1615579126714;
        Fri, 12 Mar 2021 11:58:46 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a2e:9a48:: with SMTP id k8ls2184028ljj.10.gmail; Fri, 12 Mar
 2021 11:58:45 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwHuhTqFvfa3DJpg7phiC7sMF+OvvapNsTnMVbqZ2Y4QUV+lP3Kwns2sR/5Zo1DtGFGT5lF
X-Received: by 2002:a05:651c:54a:: with SMTP id q10mr3375386ljp.454.1615579125691;
        Fri, 12 Mar 2021 11:58:45 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1615579125; cv=none;
        d=google.com; s=arc-20160816;
        b=pfG298E1/sKHYAHxWyEpg5Id1sNK74bKvvz57aeSzeRhsgbhOB21JXfkDZlaj2DDlW
         x94uDflfFW/5hqtZY32I9gAlU6QL61u3CL3H4Wdg3a8jea6iTeVIPMVhpoUQcwab8qz0
         QVl/Jkz3J0vA/STIo/Mlt3hqGxY2OSRokBUmDO7xQng43DFmBPkLSNe0i4Ixhf7QbfDW
         22ql0bnqyoV3nCkAq+74d7hJ6JS/5sUMDJCkixGuxsV9i//cOlQTVAj8FsQ1U8xqz7F3
         F/XaiXWED8VEbZyv3g8eeC7tnHaKZ4bz9Ipp9onyNRz17s0vlPPGeBe0/vHo5lUu7Tw4
         kcTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from;
        bh=Yi+veJnorSahyEKUruceZa4bQHkU8+z8Q0Xc1UQzzdo=;
        b=0C8S80werB0/Ww0rOpuKb0fjhg4/kTLkBu1CRDpFLcImuos2zyZHxdRo3bRuqM7tNN
         ABsxMSNOfXoVtLobTR+sNorOwQuKKA+WLDVH09cGkNs2/Kk1QACONiqDdWuUNJO0KmlM
         B7hCJI8KHTXJejGuptiM0BR8BsA1HwhhpGeKrMUSYADKPTSAxX6Mqz9N7mI9kFlZbO7z
         2FOcxOUF2/5O7VkDJ2D0pky1W3cxjEZuO3W1MNNH4s2H9K+M1fXZLqCQe3vOPJBUS1Gj
         M3TKwPVDLmFq2dNJcCqINxpqQgPSX2JAPk1/Q0nhe3p36eHYu4vL2PHawvs049YCfF2/
         mKVw==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <silvano.cirujano-cuesta@siemens.com>
Received: from lizzard.sbs.de (lizzard.sbs.de. [194.138.37.39])
        by gmr-mx.google.com with ESMTPS id d19si256460ljo.1.2021.03.12.11.58.45
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 12 Mar 2021 11:58:45 -0800 (PST)
Received-SPF: pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.39 as permitted sender) client-ip=194.138.37.39;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.39 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35])
	by lizzard.sbs.de (8.15.2/8.15.2) with ESMTPS id 12CJwiq4014645
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Fri, 12 Mar 2021 20:58:45 +0100
Received: from md1sf36c.ad001.siemens.net ([167.87.3.106])
	by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 12CJwiaM008930
	for <isar-users@googlegroups.com>; Fri, 12 Mar 2021 20:58:44 +0100
From: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
To: isar-users@googlegroups.com
Subject: [PATCH v7 0/5] Add support for containerized root filesystems
Date: Fri, 12 Mar 2021 20:58:38 +0100
Message-Id: <20210312195843.96000-1-silvano.cirujano-cuesta@siemens.com>
X-Mailer: git-send-email 2.30.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUID: vVnffMzLlZKX

NEW: issues in sample configurations and CI script fixed and tested on
two different CI environments.

This patch series provides support for containerized root filesystems,
for both target images and SDKs.

For containerized target images the new image type `container-img` has
been added.

For containerized SDKs the task `populate_sdk` has been extended.

Containerized root filesystems are easy to distribute and run, enabling
this way following scenarios:
 - Use ISAR to build container images meant to be run only in containers.
 - Use the same ISAR configuration to build images for containers, VMs
   and bare-metal.
 - Easy SDK distribution and "installation".
 - Quickly testing certain applications in the workstation using the
   target root filesystem.

In order to build containerized target root filesystems `IMAGE_TYPE` has
to be `container-img`, additionally the container image format can be
selected with the variable `CONTAINER_FORMATS`. The default format is
`docker-archive`.

In order to build containerized SDKs the variable `SDK_FORMAT` has to
provide any of the supported container formats (e.g. `docker-archive`).
The default format is the legacy non-containerized: `tar_xz`.

It also provides a sample machine, multiconfigs and ci-testing.

More information about its usage is documented in the file
docs/user_manual.md.

A PoC/demo of this functionality (only the SDK part) has been created
based on the project https://github.com/siemens/meta-iot2050.
Jan Kiszka already tested and liked it! =>
https://github.com/siemens/meta-iot2050/issues/86#issuecomment-768907845

Successful builds of both containerized target and SDK are available on
the same PoC project:
 - https://github.com/Silvanoc/meta-iot2050/actions/runs/558311580
 - https://github.com/Silvanoc/meta-iot2050/actions/runs/558311581
and also the resulting images:
 - https://github.com/users/Silvanoc/packages/container/package/meta-iot2050%2Fiot2050-debian-arm64
 - https://github.com/users/Silvanoc/packages/container/package/meta-iot2050%2Fiot2050-debian-sdk-arm64

In order to get a feeling about its usage (you need Docker or Podman),
follow these simple copy&paste instructions:
https://github.com/Silvanoc/meta-iot2050/blob/master/kas/BUILDING-SDK-CONTAINER.md#running-the-sdk
Build instructions are available in the upper part of that document.

Two new dependencies (umoci and skopeo -backporting from bullseye to
buster works easily) are required to create containerized root
filesystems (as specified in the documentation).

Typical container image management actions (e.g. push an image to a
container image regitry) are out of scope. Available tools (Docker,
Skopeo, Buildah, Podman,...) should be used for these actions.

A patch will follow this one to get the dependencies into the container
images being provided by the project
https://github.com/siemens/kas (for `kas-container`, for example).

Silvano Cirujano Cuesta (5):
  classes: add root filesystem containerizing class
  classes: add new image type 'container-img'
  sdk: add support for containerized sdk
  docs: document creation of container images
  ci: add container image sample configurations

 doc/user_manual.md                            | 127 ++++++++++++++++++
 meta-isar/conf/local.conf.sample              |   3 +
 meta-isar/conf/machine/container.conf         |   5 +
 .../conf/multiconfig/container-bullseye.conf  |   4 +
 .../conf/multiconfig/container-buster.conf    |   4 +
 .../conf/multiconfig/container-stretch.conf   |   4 +
 meta/classes/container-img.bbclass            |  18 +++
 .../classes/image-container-extension.bbclass |  82 +++++++++++
 meta/classes/image-sdk-extension.bbclass      |  42 +++++-
 meta/classes/image.bbclass                    |   1 +
 scripts/ci_build.sh                           |  29 +++-
 11 files changed, 311 insertions(+), 8 deletions(-)
 create mode 100644 meta-isar/conf/machine/container.conf
 create mode 100644 meta-isar/conf/multiconfig/container-bullseye.conf
 create mode 100644 meta-isar/conf/multiconfig/container-buster.conf
 create mode 100644 meta-isar/conf/multiconfig/container-stretch.conf
 create mode 100644 meta/classes/container-img.bbclass
 create mode 100644 meta/classes/image-container-extension.bbclass

-- 
2.30.1