[RFC 12/12] apt-fetcher: implement support for unshare backend

["'Felix Moessbauer' via isar-users" <isar-users@googlegroups.com>]

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 meta/lib/aptsrc_fetcher.py | 78 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)

diff --git a/meta/lib/aptsrc_fetcher.py b/meta/lib/aptsrc_fetcher.py
index 37c84fa7..5cacbec2 100644
--- a/meta/lib/aptsrc_fetcher.py
+++ b/meta/lib/aptsrc_fetcher.py
@@ -7,10 +7,13 @@ from bb.fetch2 import FetchError
 from bb.fetch2 import FetchMethod
 from bb.fetch2 import logger
 from bb.fetch2 import runfetchcmd
+import os
 
 class AptSrc(FetchMethod):
     @classmethod
     def create(cls, d):
+        if d.getVar('ISAR_CHROOT_MODE') == 'unshare':
+            return AptSrcUnshare()
         return AptSrcSchroot()
 
     def supports(self, ud, d):
@@ -92,3 +95,78 @@ class AptSrcSchroot(AptSrc):
         finally:
             runfetchcmd(f'schroot -q -f -e -c {session_id}', d)
             bb.build.exec_func('schroot_delete_configs', d)
+
+
+class AptSrcUnshare(AptSrc):
+    def _setup_chroot(self, rootfsdir, d):
+        sbuild_chroot = d.getVar('SBUILD_CHROOT')
+        workdir = d.getVar('WORKDIR')
+        uid_base = d.getVar('UNSHARE_SUBUID_BASE')
+        unshare_cmd = d.getVar('RUN_PRIVILEGED_CMD')
+
+        runfetchcmd(
+                f'''
+setfacl -m u:{uid_base}:rwX {workdir}
+{unshare_cmd} /bin/bash -s <<EOF
+    mkdir -p {rootfsdir}
+    tar -xf {sbuild_chroot} -C {rootfsdir}
+    cp /etc/resolv.conf {os.path.join(rootfsdir, 'etc/resolv.conf')}
+EOF
+        ''', d)
+        logger.info(f'rootfs extracted to: {rootfsdir}')
+
+    def _teardown_chroot(self, rootfsdir, d):
+        unshare_cmd = d.getVar('RUN_PRIVILEGED_CMD')
+        runfetchcmd(f'{unshare_cmd} rm -rf {rootfsdir}', d)
+
+    def download(self, ud, d):
+        bb.utils.exec_flat_python_func('isar_export_proxies', d)
+
+        workdir = d.getVar('WORKDIR')
+        rootfsdir = os.path.join(workdir, 'rootfs-fetcher')
+        unshare_cmd = d.getVar('RUN_PRIVILEGED_CMD')
+
+        if not os.path.exists(os.path.join(rootfsdir, 'etc')):
+            self._setup_chroot(rootfsdir, d)
+
+        repo_isar_dir = d.getVar('REPO_ISAR_DIR')
+        lockfile = bb.utils.lockfile(f'{repo_isar_dir}/isar.lock')
+        os.makedirs(self.localpath(ud, d))
+
+        try:
+            runfetchcmd(f'''
+set -e
+{unshare_cmd} /bin/bash -s <<'EOF' | tar -C {self.localpath(ud, d)} -x
+    chroot {rootfsdir} /bin/bash -c '
+        set -e
+        TMPDIR=$(mktemp -d)
+        mkdir -p $TMPDIR/{ud.localfile}
+        cd $TMPDIR/{ud.localfile}
+        apt-get -y -oDebug::NoLocking=1 --download-only --only-source source {ud.src_package} >/dev/null;
+        tar -c --owner=0 --group=0 --numeric-owner .
+        '
+EOF
+            ''', d)
+        except (OSError, FetchError):
+            raise
+        finally:
+            bb.utils.unlockfile(lockfile)
+            self._teardown_chroot(rootfsdir, d)
+
+    def unpack(self, ud, rootdir, d):
+        workdir = d.getVar('WORKDIR')
+        rootfsdir = os.path.join(workdir, 'rootfs-fetcher')
+        extractto = f'{d.getVar("S")}.dpkg'
+        bb.utils.remove(extractto, recurse=True)
+
+        try:
+            runfetchcmd(f'''
+                set -e
+                find {self.localpath(ud, d)} -print -type f -name '*.dsc' -exec dpkg-source -su -x {{}} {extractto} \\;
+                find {extractto} -mindepth 1 -maxdepth 1 -exec mv {{}} {d.getVar('S')}/ \\;
+            ''', d)
+        except (OSError, FetchError):
+            raise
+        finally:
+            bb.utils.remove(extractto, recurse=True)
+            self._teardown_chroot(rootfsdir, d)
-- 
2.51.0

-- 
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/20260218115827.3947145-13-felix.moessbauer%40siemens.com.