From patchwork Tue Mar  9 10:52:34 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Silvano Cirujano Cuesta
 <silvano.cirujano-cuesta@siemens.com>
X-Patchwork-Id: 353
Return-Path: <isar-users+bncBCD6JJ6CQQFRB4OET6BAMGQETCHGETI@googlegroups.com>
Delivered-To: ilbers.mnt@gmail.com
Received: by 2002:a4a:c583:0:0:0:0:0 with SMTP id x3csp2947790oop;
	Tue, 9 Mar 2021 13:02:42 -0800 (PST)
X-Received: by 2002:a17:906:3acc:: with SMTP id
	z12mr22839877ejd.494.1615323761986;
	Tue, 09 Mar 2021 13:02:41 -0800 (PST)
ARC-Seal: i=3; a=rsa-sha256; t=1615323761; cv=pass;
	d=google.com; s=arc-20160816;
	b=gPr12u074wxlrGGmXcS4XzdzARH/sWz0i3DZhaRazNCfBRdBXdnlGu7Ir4/txdnlvY
	lkVu3Q8aauCgUbRadiL3OxQjQ7BKGh5qn7fE5qeI12nvJRlc/WT6yBgjwvruYab4sYDA
	UqhmeGL8NMeDamSnqsDBCFDs9twpcXqTl3KAACiRSv9Zi9Ta4QCPmsaEsIJlzkU+IQ5c
	WZZqdTiNfKZL3Kuxczi9KaNAt6OkLWmzBnNFgo40aqhd3YPXDEmmmnYwIMJP8+zWXZUP
	tSAnlJdJbl1/leYtYn1oBr3vxi3CakhajPcBnU2jUWDvVysbQRadbBcDMd3+IGOHknH6
	X0Ww==
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:mime-version:message-id:date
	:subject:to:from:sender:dkim-signature;
	bh=tIQJG9+9lretcX2aObJRUqKYYp9+KezYkKI4Co/Eij8=;
	b=GWFbpy/HVo/KgYNkjAM08+h7qmjg20VKzOjWBT869skq8p6v0eU36RRfoB7wnSpyNC
	FVR6B8RHspSwQVQ6qvHZ0t9rm+oUYNNEGZ5w7vu+n94NUrRcJXX0elBMSgfMi5I11jDb
	2XDV20GnF3FDIsvEjNlfTegS1WQMToWF3rYimmBWEHgX5xY61rL82uxxIBpHg67u8inK
	LX5e+ncQdmcAovHET8RNselZyTkmK/ODM+EUtnj8Qxi/wdZDvQhs7NBBP0k4qfpyOS38
	3kGNcP5ikhhw78PY8IaTLDaAMghgb4OoMXNcNB+TujHbmeQlc3cOTh31DuTB49npBVtq
	RJLQ==
ARC-Authentication-Results: i=3; mx.google.com;
	dkim=pass header.i=@googlegroups.com header.s=20161025
	header.b=pD3Pdd3A;
	arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass
	fromdomain=siemens.com);
	spf=pass (google.com: domain of
	isar-users+bncbcd6jj6cqqfrb4oet6bamgqetchgeti@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRB4OET6BAMGQETCHGETI@googlegroups.com;
	dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com
Received: from mail-sor-f55.google.com (mail-sor-f55.google.com.
	[209.85.220.55])
	by mx.google.com with SMTPS id y2sor8802778ejg.23.2021.03.09.13.02.41
	(Google Transport Security); Tue, 09 Mar 2021 13:02:41 -0800 (PST)
Received-SPF: pass (google.com: domain of
	isar-users+bncbcd6jj6cqqfrb4oet6bamgqetchgeti@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	client-ip=209.85.220.55;
Authentication-Results: mx.google.com;
	dkim=pass header.i=@googlegroups.com header.s=20161025
	header.b=pD3Pdd3A;
	arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass
	fromdomain=siemens.com);
	spf=pass (google.com: domain of
	isar-users+bncbcd6jj6cqqfrb4oet6bamgqetchgeti@googlegroups.com
	designates 209.85.220.55 as permitted sender)
	smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRB4OET6BAMGQETCHGETI@googlegroups.com;
	dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com
ARC-Seal: i=2; a=rsa-sha256; t=1615323761; cv=pass;
	d=google.com; s=arc-20160816;
	b=TXDj9I5i/dj2/vP2S5z4M3lYcNlkZXAylZv3vj4hsh+A9YANkmcw91ewvc9XWvnVig
	lRP2nDbRfYjqg8HosL/mur1jOEnU7yrEa3a9f/erMzozSKVVEIIWaHq13UBvRR6fll+u
	kkbL8ZcZvAWm4UGwmTy5Oyw1YTDgVtNly/KJGUrpSMfU2dkYwQqSyQ6gXAtYAki1pa/p
	wyx/RE8O4gqFaFIjPbPRE6/G+/d2aR212SgC6taabsrxSP4GB4CUTSn1xfBDATogXgYJ
	IsMpstIo02+9xKCFOA7qKiGGsZv/CjcisOXUoY2CMus4wVwm60ZKHj93qv5oLUoDzBZj
	X8Ow==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:mime-version:message-id:date
	:subject:to:from:sender:dkim-signature;
	bh=tIQJG9+9lretcX2aObJRUqKYYp9+KezYkKI4Co/Eij8=;
	b=i3gPHvgQz2XSLYLQJzGvz5/Co90Jtblo36udoBcgOtjfALNR+F67QLprrZinmxzq59
	3xhS2hleskl+SVtP4z6I/wImm/SLEX/METmm1VQ6pLcz75yLOrTNksK2VWD1pO7Okoz6
	7Mon4cb1hR2I4jnJWhKAyINg41nj/zKdhRvPCXcNYlngfgHKPBHRFuRmvmlem+0RW+u0
	ddgFqlCdxOv7pxu7IBZw+wQSSNTvO0jrwUu+GM7hOqZz8ab5eNJGM0otg/KQrXwJ98Jr
	HNeQv8v6ADk7PihL8SPIDfyEIDzzQiv1VIH3N5yUIVz28fz97WhE8NMPcUfhH77Zj6v/
	CwhQ==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
	spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com
	designates 194.138.37.40 as permitted sender)
	smtp.mailfrom=silvano.cirujano-cuesta@siemens.com;
	dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlegroups.com; s=20161025;
	h=sender:from:to:subject:date:message-id:mime-version
	:x-original-sender:x-original-authentication-results:precedence
	:mailing-list:list-id:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=tIQJG9+9lretcX2aObJRUqKYYp9+KezYkKI4Co/Eij8=;
	b=pD3Pdd3A4IBWLLd9qZ4670BCoKKu2Wo24o7/EMDs7gZZFOFEGmdF+FyuQvnpcoILDT
	07luIeubWZTJ43frOX8yBh2EH39d2wwXiMWvSUbNHqeigcFxBIh5PZK7WLfq/Or49zc2
	gsbDZqNOLaa4GH55GcbbNCeicz+klOVbTdm9PD7ONdnn/d8HQVxz0VW3bt6RULkdHItS
	DjG/0fgN+czKZ7MnbY0Ssy0XVNiQ33l192qmhYxzqjv+1f+UIy8uZGXQHsxdwMInNmvP
	3LqT958HOHZGiF8H+NhPgbGclyNhr+UfbL+TLrum4els1yDNJnxIWblXi1IMJsP9Rk1/
	QxBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=sender:x-gm-message-state:from:to:subject:date:message-id
	:mime-version:x-original-sender:x-original-authentication-results
	:precedence:mailing-list:list-id:x-spam-checked-in-group:list-post
	:list-help:list-archive:list-subscribe:list-unsubscribe;
	bh=tIQJG9+9lretcX2aObJRUqKYYp9+KezYkKI4Co/Eij8=;
	b=lYzwnw4o8b5W0hTbPzCf0If5qreOfDHV349whykEZKsu4rQ5DfHydg3/lw92WYeOSW
	bsBUQt+Gz2HeX0XzPkX1AvAUViF/IwhVRZiM0YFQZpVRvOnwBcpfGSMeUZYrAGKxjvEo
	oZipvWpS2BeldtFj1KV31jG55aOfaCcMywPp7/2Xc3oCvG9XsFwNjqKqS5bNLVx5+Dv7
	ApGgFWSl09HCC+FwXrvXofr2YfKAM1oeVN551xGjB5vM14cVu9RM8n062zrafcBMkq1y
	EL/DFLoa6ji6AIqViJDyGULBIVRHp/kfaUWRHQUfYzTPgTgUfCktj11+l+LQCf5l8xoA
	gDMA==
Sender: isar-users@googlegroups.com
X-Gm-Message-State: AOAM533NBoBLX3idPmRM7Xo9b7ELQMOo7e+p0aFnfnWDzDin4fTQ8cPa
	AASXmwEOe1LzgVX0JTi5TRs=
X-Google-Smtp-Source: 
 ABdhPJwLMMFlvHF9fiU7W7Bls605Mo81+QhJ0Pdc42F2TqsrEiMM7jS+q9HIztDzNL6II3+eSfBqQQ==
X-Received: by 2002:a17:906:4146:: with SMTP id
	l6mr23027968ejk.295.1615323761637;
	Tue, 09 Mar 2021 13:02:41 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a05:6402:1432:: with SMTP id c18ls104952edx.0.gmail;
	Tue, 09 Mar 2021 13:02:40 -0800 (PST)
X-Received: by 2002:aa7:d503:: with SMTP id y3mr6292705edq.142.1615323760853;
	Tue, 09 Mar 2021 13:02:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1615323760; cv=none;
	d=google.com; s=arc-20160816;
	b=vbHRreYQoaxOWezKPbTA2yaqfwst0v3cuVmcWAbawJ8C6096cjDY/znljlzldq1bLT
	ZXEJbmBgCo/u6IZMXAu92xtjl9YZIuCMUJRx1NL8Mr8Z+8TtGGEE4jf05mUz2a2+QY1S
	FLbySWPYibIbdp1MVbtICnpBP4Q5lOxdj7JIhMaIy6UlyHOaclt8diD/8Lt75lf+JtWi
	nm7j3FPdBL0nSopL9a2OSzjvNdvWLfe2G06lM1s1G7qwFHnYuDixyFo7TDmzbxhyuMnz
	0SPIVpgiLdVU9GjQDNm8AYJi9AyCP14DwwEPaVpJ7JKEnU92d28J8lJlfnxoTfG9WO2/
	LMLw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=content-transfer-encoding:mime-version:message-id:date:subject:to
	:from;
	bh=cSVciD/fuI2rRbKhugX17SxinPjl3d2VJRnNoGQLz8s=;
	b=qPkq0Ht44yl0qw9G7hB0eOBfvQb1J+UgRbJDR655Aey7Ihfzcul6vTWPRdGkdU9eC6
	13TJM3jqeeWrH+PMxy8KPMIJi6n0XT7aoe5Cu1vk/Zer+xazcZ4UgERCLlABmQS8NA5a
	Y3V79SBYcHJsctjxfcxgoBBKLgm99lbmG6j+Up+cfk9RGIwe2wlMNTj1gUL7Qu5Kx7WZ
	Jb9LyYAt7gbfIXLK10CshBbOJ+/t479QZfvB0xuyqVVlhKdh3T6PpGj0jgvchZtHv4DW
	rQQT6D3PEwFCjb2FpCGK6UzzmLNP5CmeXhpKsCVYPN1xXTH7QHDZnPVkWl9H5ZxuZ0Lr
	+z4A==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
	spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com
	designates 194.138.37.40 as permitted sender)
	smtp.mailfrom=silvano.cirujano-cuesta@siemens.com;
	dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from gecko.sbs.de (gecko.sbs.de. [194.138.37.40])
	by gmr-mx.google.com with ESMTPS id
	w5si252317edv.1.2021.03.09.13.02.40
	for <isar-users@googlegroups.com>
	(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
	Tue, 09 Mar 2021 13:02:40 -0800 (PST)
Received-SPF: pass (google.com: domain of
	silvano.cirujano-cuesta@siemens.com designates 194.138.37.40
	as permitted sender) client-ip=194.138.37.40;
Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35])
	by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id 129L2eAY020800
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Tue, 9 Mar 2021 22:02:40 +0100
Received: from md1sf36c.ad001.siemens.net ([139.22.35.216])
	by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 129Kqeb1031095
	for <isar-users@googlegroups.com>; Tue, 9 Mar 2021 21:52:40 +0100
From: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
To: isar-users@googlegroups.com
Subject: [PATCH v6 0/5] Add support for containerized root filesystems
Date: Tue,  9 Mar 2021 21:52:34 +0100
Message-Id: <20210309205239.652677-1-silvano.cirujano-cuesta@siemens.com>
X-Mailer: git-send-email 2.30.1
MIME-Version: 1.0
X-Original-Sender: silvano.cirujano-cuesta@siemens.com
X-Original-Authentication-Results: gmr-mx.google.com;       spf=pass
	(google.com: domain of silvano.cirujano-cuesta@siemens.com designates
	194.138.37.40 as permitted sender)
	smtp.mailfrom=silvano.cirujano-cuesta@siemens.com;
	dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
	contact isar-users+owners@googlegroups.com
List-ID: <isar-users.googlegroups.com>
X-Spam-Checked-In-Group: isar-users@googlegroups.com
X-Google-Group-Id: 914930254986
List-Post: <https://groups.google.com/group/isar-users/post>,
	<mailto:isar-users@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
	<mailto:isar-users+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/isar-users
List-Subscribe: <https://groups.google.com/group/isar-users/subscribe>,
	<mailto:isar-users+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+914930254986+unsubscribe@googlegroups.com>,
	<https://groups.google.com/group/isar-users/subscribe>
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: =?utf-8?q?1693789729242021162?=
X-GMAIL-MSGID: =?utf-8?q?1693789729242021162?=

This patch series provides support for containerized root filesystems,
for both target images and SDKs.

For containerized target images the new image type `container-img` has
been added.

For containerized SDKs the task `populate_sdk` has been extended.

Containerized root filesystems are easy to distribute and run, enabling
this way following scenarios:
 - Use ISAR to build container images meant to be run only in containers.
 - Use the same ISAR configuration to build images for containers, VMs
   and bare-metal.
 - Easy SDK distribution and "installation".
 - Quickly testing certain applications in the workstation using the
   target root filesystem.

In order to build containerized target root filesystems `IMAGE_TYPE` has
to be `container-img`, additionally the container image format can be
selected with the variable `CONTAINER_FORMATS`. The default format is
`docker-archive`.

In order to build containerized SDKs the variable `SDK_FORMAT` has to
provide any of the supported container formats (e.g. `docker-archive`).
The default format is the legacy non-containerized: `tar_xz`.

It also provides a sample machine, multiconfigs and ci-testing.

More information about its usage is documented in the file
docs/user_manual.md.

A PoC/demo of this functionality (only the SDK part) has been created
based on the project https://github.com/siemens/meta-iot2050.
Jan Kiszka already tested and liked it! =>
https://github.com/siemens/meta-iot2050/issues/86#issuecomment-768907845

Successful builds of both containerized target and SDK are available on
the same PoC project:
 - https://github.com/Silvanoc/meta-iot2050/actions/runs/558311580
 - https://github.com/Silvanoc/meta-iot2050/actions/runs/558311581
and also the resulting images:
 - https://github.com/users/Silvanoc/packages/container/package/meta-iot2050%2Fiot2050-debian-arm64
 - https://github.com/users/Silvanoc/packages/container/package/meta-iot2050%2Fiot2050-debian-sdk-arm64

In order to get a feeling about its usage (you need Docker or Podman),
follow these simple copy&paste instructions:
https://github.com/Silvanoc/meta-iot2050/blob/master/kas/BUILDING-SDK-CONTAINER.md#running-the-sdk
Build instructions are available in the upper part of that document.

Two new dependencies (umoci and skopeo -backporting from bullseye to
buster works easily) are required to create containerized root
filesystems (as specified in the documentation).

Typical container image management actions (e.g. push an image to a
container image regitry) are out of scope. Available tools (Docker,
Skopeo, Buildah, Podman,...) should be used for these actions.

A patch will follow this one to get the dependencies into the container
images being provided by the project
https://github.com/siemens/kas (for `kas-container`, for example).

Silvano Cirujano Cuesta (5):
  classes: add root filesystem containerizing class
  classes: add new image type 'container-img'
  sdk: add support for containerized sdk
  docs: document creation of container images
  ci: add container image testing configurations

 doc/user_manual.md                            | 127 ++++++++++++++++++
 meta-isar/conf/machine/container.conf         |   5 +
 .../conf/multiconfig/container-bullseye.conf  |   4 +
 .../conf/multiconfig/container-buster.conf    |   4 +
 .../conf/multiconfig/container-focal.conf     |   4 +
 .../conf/multiconfig/container-stretch.conf   |   4 +
 meta/classes/container-img.bbclass            |  18 +++
 .../classes/image-container-extension.bbclass |  81 +++++++++++
 meta/classes/image-sdk-extension.bbclass      |  42 +++++-
 meta/classes/image.bbclass                    |   1 +
 scripts/ci_build.sh                           |  11 +-
 11 files changed, 293 insertions(+), 8 deletions(-)
 create mode 100644 meta-isar/conf/machine/container.conf
 create mode 100644 meta-isar/conf/multiconfig/container-bullseye.conf
 create mode 100644 meta-isar/conf/multiconfig/container-buster.conf
 create mode 100644 meta-isar/conf/multiconfig/container-focal.conf
 create mode 100644 meta-isar/conf/multiconfig/container-stretch.conf
 create mode 100644 meta/classes/container-img.bbclass
 create mode 100644 meta/classes/image-container-extension.bbclass