[v7,00/10] Improving base-apt usage

Message ID	20240725151006.2129-1-ubely@ilbers.de
Headers	show Return-Path: <isar-users+bncBDMIDDH5TIOBBV6VRG2QMGQE3T5QB7Y@googlegroups.com> Sender: isar-users@googlegroups.com Received-SPF: pass (google.com: domain of ubely@ilbers.de designates 85.214.156.166 as permitted sender) client-ip=85.214.156.166; From: Uladzimir Bely <ubely@ilbers.de> To: isar-users@googlegroups.com Subject: [PATCH v7 00/10] Improving base-apt usage Date: Thu, 25 Jul 2024 18:07:32 +0300 Message-ID: <20240725151006.2129-1-ubely@ilbers.de> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com
Series	Improving base-apt usage \| expand [v7,00/10] Improving base-apt usage [v7,01/10] scripts: Add debrepo python script handling base-apt [v7,02/10] meta: Add debrepo bbclass handling base-apt prefetching [v7,03/10] meta: Always use base-apt repo in local mode [v7,04/10] meta: Use cached base-apt repo to debootstrap [v7,05/10] base-apt: Predownload packages to base-apt before install [v7,06/10] meta: Add cache-deb-src functionality in base-apt mode [v7,07/10] testsuite: Set ISAR_PREFETCH_BASE_APT by default [v7,08/10] Disable deb-dl-dir in base-apt prefetch mode [v7,09/10] kas: Add PREFETCH_BASE_APT config entry [v7,10/10] ci_build.sh: Install python3-apt if not installed

Message ID

20240725151006.2129-1-ubely@ilbers.de

Headers

Sender: isar-users@googlegroups.com
Received-SPF: pass (google.com: domain of ubely@ilbers.de designates
 85.214.156.166 as permitted sender) client-ip=85.214.156.166;
From: Uladzimir Bely <ubely@ilbers.de>
To: isar-users@googlegroups.com
Subject: [PATCH v7 00/10] Improving base-apt usage
Date: Thu, 25 Jul 2024 18:07:32 +0300
Message-ID: <20240725151006.2129-1-ubely@ilbers.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list isar-users@googlegroups.com;
 contact isar-users+owners@googlegroups.com

Series

Improving base-apt usage | expand

Message

Uladzimir Bely July 25, 2024, 3:07 p.m. UTC

`base-apt` is a local apt repository containing all upstream (Debian, Raspberry Pi OS, Ubuntu...) packages needed for a particular build. This series implements upfront repository downloading. This is the first step towards local partial mirror management.

The current approach in `next`:

- On the first build, debootstrap and sbuild are used for building Isar artifacts. The packages downloaded from the Internet are cached in local directories.
- On the next build:
- Analyze the logs from the previous build, save packages downloaded by the bootstraps, sbuilds and imagers into `base-apt`.
- Use `base-apt` for bootstrapping, building and image creation.

Some issues with the current approach:

1. Different policies must be followed for the first and the subsequent builds.
2. As we have multiple versions of the same package from the main and security repositories and rely on build logs and `find` for populating `base-apt`, extra care must be taken to ensure that the right package version lands in `base-apt`.
3. We rely on internal implementation of `debootstrap` and `sbuild` for saving and reusing the packages. Changing to e.g. `mmdebstrap` breaks the unrelated `base-apt` functionality.
4. Source packages are stored in a different flat directory, `apt-get source` for upstream packages is not possible.
5. At the moment of `base-apt` creation all we have is the package name. The knowledge about the upstream repositories is lost and no local repository policy implementation is possible (e.g., for the "multiple products, multiple distros" use case).
6. For implementing further use cases like "fetch all sources necessary for bootstrapping the base system itself", additional logic is necessary.

The new approach:

- On the first build:
- All packages necessary for bootstrapping and building are identified and downloaded upfront.
- `base-apt` is used for bootstrapping, building and image creation.
- On the next build:
- `base-apt` is used for bootstrapping, building and image creation.

This series addresses issues 1-5 and provides the architecture for implementing further use cases.

The new approach is enabled by default. Setting `ISAR_PREFETCH_BASE_APT` to zero falls back to the old approach.

The implementation uses `debrepo` script which can also be called manually for pre-fetching packages to the local 'base-apt' repository. It requires `python3-apt` to be installed on the build host. Some examples of its usage in standalone mode:

```
# Create local `/build/ba` repository sufficient to debootstrap Debian system with `armhf` architecture:
debrepo --init --workdir=/build/dr --repodir=/build/ba --arch=armhf

# Add some packages to this repo (e.g., build deps for some recipe):
debrepo --workdir=/build/dr locales gnupg

# Add srcpackages for some package to the repo:
debrepo --workdir=/build/dr --srcmode tzdata
```

Changes since v6:
- Rebased on latest next.
- Fixed possible stuck when `cache-deb-src` feature was enabled.
- Fixed support of debian build profiles.
- Moved locking of `debrepo` context from the bbclass to the script itself. This makes usage from Isar simpler.

Changes since v5:
- Rebased on latest next.
- Changed order of the patches.
- Fixes in `debrepo` script that allow to use it outside Isar in standalone mode.

Changes since v4:
- Rebased on latest next.
- Rearranged patches since some of them are already in next.
- Added possibility to select between new "prefetch" base-apt mode and old behaviour when it's populated on 2nd build with packages downloaded during 1st build. New behaviour is disabled by default, but enabled in local.conf.example for testing purposes.
- Code passes both full and fast CI in both "old" and "new" modes.

Changes since v3:
- Rebased on latest next.
- Cross-building for raspberry supported.
- Code passes both full and fast CI.

Changes since v2:
- Populate base-apt before using at all steps of native build.

Changes since v1:
- Rebased on latest next.
- Updated patchset description.

Uladzimir Bely (10):
scripts: Add debrepo python script handling base-apt
meta: Add debrepo bbclass handling base-apt prefetching
meta: Always use base-apt repo in local mode
meta: Use cached base-apt repo to debootstrap
base-apt: Predownload packages to base-apt before install
meta: Add cache-deb-src functionality in base-apt mode
testsuite: Set ISAR_PREFETCH_BASE_APT by default
Disable deb-dl-dir in base-apt prefetch mode
kas: Add PREFETCH_BASE_APT config entry
ci_build.sh: Install python3-apt if not installed

RECIPE-API-CHANGELOG.md | 10 +
kas/opt/Kconfig | 13 +
kas/opt/prefetch-base-apt.yaml | 9 +
meta-test/conf/local.conf.sample | 3 +
meta/classes/crossvars.bbclass | 1 +
meta/classes/deb-dl-dir.bbclass | 21 +
meta/classes/debrepo.bbclass | 90 +++
meta/classes/dpkg-base.bbclass | 27 +-
meta/classes/dpkg.bbclass | 8 +
meta/classes/image-locales-extension.bbclass | 5 +
meta/classes/image-tools-extension.bbclass | 13 +
meta/classes/rootfs.bbclass | 12 +-
meta/conf/bitbake.conf | 5 +
.../isar-bootstrap/isar-bootstrap-host.bb | 2 +
.../isar-bootstrap/isar-bootstrap.inc | 99 ++-
meta/recipes-devtools/base-apt/base-apt.bb | 21 +-
.../sbuild-chroot/sbuild-chroot-host.bb | 2 +
scripts/ci_build.sh | 8 +-
scripts/debrepo | 590 ++++++++++++++++++
testsuite/cibase.py | 4 +
testsuite/cibuilder.py | 8 +-
21 files changed, 927 insertions(+), 24 deletions(-)
create mode 100644 kas/opt/prefetch-base-apt.yaml
create mode 100644 meta/classes/debrepo.bbclass
create mode 100755 scripts/debrepo

Comments

MOESSBAUER, Felix Aug. 1, 2024, 8:57 a.m. UTC | #1

On Thu, 2024-07-25 at 18:07 +0300, Uladzimir Bely wrote:
> `base-apt` is a local apt repository containing all upstream (Debian,
> Raspberry Pi OS, Ubuntu...) packages needed for a particular build.
> This series implements upfront repository downloading. This is the
> first step towards local partial mirror management.
> 
> The current approach in `next`:
> 
> - On the first build, debootstrap and sbuild are used for building
> Isar artifacts. The packages downloaded from the Internet are cached
> in local directories.
> - On the next build:
>   - Analyze the logs from the previous build, save packages
> downloaded by the bootstraps, sbuilds and imagers into `base-apt`.
>   - Use `base-apt` for bootstrapping, building and image creation.
> 
> Some issues with the current approach:
> 
> 1. Different policies must be followed for the first and the
> subsequent builds.
> 2. As we have multiple versions of the same package from the main and
> security repositories and rely on build logs and `find` for
> populating `base-apt`, extra care must be taken to ensure that the
> right package version lands in `base-apt`.
> 3. We rely on internal implementation of `debootstrap` and `sbuild`
> for saving and reusing the packages. Changing to e.g. `mmdebstrap`
> breaks the unrelated `base-apt` functionality.

Hi, what is the overall plan w.r.t. this patch series? My understanding
was that we want to switch to mmdebstrap rather sooner than later. But
now you write that this will be incompatible with mmdebstrap.

For me, this series still looks pretty experimental.

Felix

> 4. Source packages are stored in a different flat directory, `apt-get
> source` for upstream packages is not possible.
> 5. At the moment of `base-apt` creation all we have is the package
> name. The knowledge about the upstream repositories is lost and no
> local repository policy implementation is possible (e.g., for the
> "multiple products, multiple distros" use case).
> 6. For implementing further use cases like "fetch all sources
> necessary for bootstrapping the base system itself", additional logic
> is necessary.
>

Uladzimir Bely Aug. 2, 2024, 5:37 a.m. UTC | #2

On Thu, 2024-08-01 at 08:57 +0000, MOESSBAUER, Felix wrote:
> On Thu, 2024-07-25 at 18:07 +0300, Uladzimir Bely wrote:
> > `base-apt` is a local apt repository containing all upstream
> > (Debian,
> > Raspberry Pi OS, Ubuntu...) packages needed for a particular build.
> > This series implements upfront repository downloading. This is the
> > first step towards local partial mirror management.
> > 
> > The current approach in `next`:
> > 
> > - On the first build, debootstrap and sbuild are used for building
> > Isar artifacts. The packages downloaded from the Internet are
> > cached
> > in local directories.
> > - On the next build:
> >   - Analyze the logs from the previous build, save packages
> > downloaded by the bootstraps, sbuilds and imagers into `base-apt`.
> >   - Use `base-apt` for bootstrapping, building and image creation.
> > 
> > Some issues with the current approach:
> > 
> > 1. Different policies must be followed for the first and the
> > subsequent builds.
> > 2. As we have multiple versions of the same package from the main
> > and
> > security repositories and rely on build logs and `find` for
> > populating `base-apt`, extra care must be taken to ensure that the
> > right package version lands in `base-apt`.
> > 3. We rely on internal implementation of `debootstrap` and `sbuild`
> > for saving and reusing the packages. Changing to e.g. `mmdebstrap`
> > breaks the unrelated `base-apt` functionality.
> 
> Hi, what is the overall plan w.r.t. this patch series? My
> understanding
> was that we want to switch to mmdebstrap rather sooner than later.
> But
> now you write that this will be incompatible with mmdebstrap.
> 

Hello.

"Rely on internal implementation" means that we currently workaround
some things related to deb-dl-import / deb-dl-export :
 - sbuild: 2-stage deb cache import/export: (downloads/deb => import to
workdir/rootfs => symlinking to apt cache in sbuild chroot => build =>
export to workdir/rootfs => export to downloads/deb):
 - mmdebstrap: since it is not possible to mmdebstrap into non-empty
dir, we can't simply use deb-dl-import before mmdebstrap called and
have to use some hooks to workaround it.

With new base-apt approach, deb-dl import/export (and all related
workarounds) becomes redundant. When new approach becomes stable enough
we could completely remove fallback mode with deb-dl import/export
functionality.

> For me, this series still looks pretty experimental.

That's why currently we saved fallback mode when things should work
like before (ISAR_PREFETCH_BASE_APT = "0")

> 
> Felix
> 
> > 4. Source packages are stored in a different flat directory, `apt-
> > get
> > source` for upstream packages is not possible.
> > 5. At the moment of `base-apt` creation all we have is the package
> > name. The knowledge about the upstream repositories is lost and no
> > local repository policy implementation is possible (e.g., for the
> > "multiple products, multiple distros" use case).
> > 6. For implementing further use cases like "fetch all sources
> > necessary for bootstrapping the base system itself", additional
> > logic
> > is necessary.
> > 
> 
> -- 
> Siemens AG, Technology
> Linux Expert Center
> 
>