From patchwork Mon Feb 15 03:39:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Silvano Cirujano Cuesta X-Patchwork-Id: 333 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:c583:0:0:0:0:0 with SMTP id x3csp5401401oop; Mon, 15 Feb 2021 05:49:20 -0800 (PST) X-Received: by 2002:a5d:4c82:: with SMTP id z2mr17835873wrs.220.1613396960779; Mon, 15 Feb 2021 05:49:20 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1613396960; cv=pass; d=google.com; s=arc-20160816; b=jFSdyLdHuK8QkuazU3Uc6lVushazDh+SU0ksZsVhQWNFrkGXUnXtWAzryVZ42mgL/9 b/GD0YQjbg6wUuNBk8kkfUTPkczP4laaBbiKIAor/TVwxaHPpRUd4sqxi3Qv9tHZEWpr VLxdHBzgRJUpxIIWm6BJnXsghFo+tYn92Om/0Wfce1Ti3E1dgwfBYDPv4C/0afknPqri oVKiw+1lvbobS4Q1KUdVO79Bncdryx4LhRh3IuN4FWMA2xRMPBsglc9Q+CDi9kP2WjWM avZ7IzGwQCehiPmzOzpHnZRC9FyFiuTyMVQN25m52Ya2Wn7hAg1CqsNair6B/qauoEQC wAQA== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:to:from:sender:dkim-signature; bh=CchR6M4z3Tap2neysWFjlR/TcH2zZnqMXwSRhHVDYxE=; b=xaqhQuXe0VTuPVFShMallLQXdct/f76+fJijB3mchVkPPWodjNIdQitiHHsHGtaNBJ J93GGsOuAQ/UJ6EaiswLwg/6H3ceMN91bTAjhrqPklrDom310wdwebMC7afXF2G7iHTC NR/SyO13NSskXcs6gAv4OaGHO0aZJ1X5KzhRpIdnnCI9oKgNeDvOXvTxvNcxZ6gVJZQe nviQ/hibhswt9633hfxPObxiEnDkw3i37orzuhSkPRJ2VKbvBuFYvHRXkqlqrHkKLd5O 7ChhZSq1Fk4o4V+fFVT+w6boZ6yWBQGWX0N52lPV8oDqAWEwYuDfJ2m+NtqQqkuo473A Gv4g== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=nbvTYb0v; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbyhxvgaqmgqeix2avka@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBYHXVGAQMGQEIX2AVKA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id 80sor4486344wma.3.2021.02.15.05.49.20 (Google Transport Security); Mon, 15 Feb 2021 05:49:20 -0800 (PST) Received-SPF: pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbyhxvgaqmgqeix2avka@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=nbvTYb0v; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbyhxvgaqmgqeix2avka@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBYHXVGAQMGQEIX2AVKA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com ARC-Seal: i=2; a=rsa-sha256; t=1613396960; cv=pass; d=google.com; s=arc-20160816; b=SRwyHubG7oYgRMknHQzapKX8aSG6Y/eT0WxlPTYqKDPwW6HIbDjjnvrIDw7XgqK5UE 1bcsEJH9vT3ABprJlNJiHBUGv2qm0fOjwXC10ugHsPUiOybR3vF48SqY0KYmWEFoiM8X w2bn0Uaxgq7Exqf+evK+LOn62cD/dGIVbBV74WZRCHYndH5zladScSlQDFYjHmvqBKb2 c5VPzix0F7IDtUtmB2ueMJjEteSqpJe5KNltPiRxAfDOHA4CFuV2K7Ts7gNxdMw18FxV pqbRaCAwJTKK77L9TNJl67VHNJO94qStOYzt3pfXQ3vGkqwWi2tF9+mcPegIXBRUQhXd sl+w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:to:from:sender:dkim-signature; bh=CchR6M4z3Tap2neysWFjlR/TcH2zZnqMXwSRhHVDYxE=; b=Uv9Dzyhzru8ZS0MPHj3lXLK4cZ+Q/lgQKL2ZUoVfMBUMsPtNglwV1/cyRyvMtBpK+Y fHszNziCpsh/eNq4HmCMctmSlwpuyeQ9KEWqRxZ4nGFEyj8kwwd+2qMwbINtwwEdKt1a 0KtoWBvF0Mqa6yr5XsWLQqJqwZtY2YMhot51qx5WTf3/gp6QwUpJ2xe2LxG60OQt2BZg LRD/2zVoXFvl2Txrp9RkfXzny6YDjaryoWYyF7HOHnBHeQcuxPAUCxwMIlrb2jJIpqa0 2uFftUK/QFak/357PaF9JZMYEh4j51bxnwji/1VLJVo0m2Wld+pIF/V4yUpY2egN3Uj5 fITQ== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=CchR6M4z3Tap2neysWFjlR/TcH2zZnqMXwSRhHVDYxE=; b=nbvTYb0vN+DdMDHDqEgc2JwT74tlzjJAeYY65lMmKU6oa2256JldLTGPF0vojWsTKQ dbAKhTT9AMNPYnOtslHQwFJMwxbIo7LPl3BnRPj8NY/BeRZkL24d8026mNAWj5pwo9Ro xMPm6mSEAhcjKpUg9wMsN2OIuy46F+sYXvvOo9rb3p+Bl3TeAgLfdNAqPGw9rcIpW+nD SQ2Owkot9y06MYacBJZeS11TCaUdgkSF36b8kYtWgKMEEmFmi1HEvqZCNk+LuWaMyisu qwHsSm7Wt2Mspu9sxEsVaaCvgyLizIHRmIfBfdAhFvj3I/OeWU1NMLj3bsnl6IU57cL4 tGCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:subject:date:message-id :in-reply-to:references:mime-version:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=CchR6M4z3Tap2neysWFjlR/TcH2zZnqMXwSRhHVDYxE=; b=McdLtvgcdkETq9IjFVGEzPJBH+S6LjDZvADCKYofPpr7r3XM9GChAmu8cXGd4IOqFM A76DpuwfWU2kvP6zFyML+MeQn2YCwKWC/d9pTB1OJHbeqRXrRhQ0I+n9nOoa4hLdNDtk d2KM2y9qHS0w3S42h+nxd7sP8DAr+fWb1vTN3ZyGAITvcNM9OBj2E15qcnaza2uFLhlZ eKYA5PXPmUiPzqPfFBKl2pQ8+HVQrvAA06/+yrLY3A+PumsxbmUwx6osWtQylYFH33h3 W2dHu157OfjnRITqtalnLyAyrdVLiMtfHZuNcwKyx8+XNI7Ud8nIjxKvmOT4MoEjyXEw 7Stg== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM533Pd3+9Gfqd5lnvCwFV4L5fLAn5RFpsOHbJzJGQoc16wnWZiGLc rr+DI7ErhGPhflYh/Wr2eCU= X-Google-Smtp-Source: ABdhPJyXEqbjXydkfmHQMiOfcK5MDSmHCEOBebIKPsKxVfJXzV8pgL9+Fc+oaxQVcCYsD0FIY4BxBw== X-Received: by 2002:a1c:5584:: with SMTP id j126mr14854354wmb.153.1613396960530; Mon, 15 Feb 2021 05:49:20 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a1c:193:: with SMTP id 141ls516003wmb.3.canary-gmail; Mon, 15 Feb 2021 05:49:19 -0800 (PST) X-Received: by 2002:a7b:ca4d:: with SMTP id m13mr2536541wml.118.1613396959826; Mon, 15 Feb 2021 05:49:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613396959; cv=none; d=google.com; s=arc-20160816; b=spaio747tAxUAgilaG5rrwmT+MrdvF9lGiHxfG3a2PWxe9R3sQuwToO/wXzf74DMCM axHtu+W/ZcQD/+utaxQiAbQ4okWNOUmynZ+KdKEi05fnUuTH3LdyW4jd5oD+DnKgMbYL XJJyV0nBZcNOxsWLD2evFVHQHwiTvYTsGYDaL5z4Za3cx3mc5yxKO4dBUKueN0mypTgo iLHc9Si/Kt/cunobYONaAzw+JTjyj5XocdNsXxdzVGtYcExKtJo7ElH+G9Igrr2PmZtP DtmybFBBzbJSzmItN0l7AE4Z2U7t3Q2ZNI25rZctp2Zlu/jJfF01xs1giMxoshjX3R2G YTeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=VzDaXdILORngJmNL34nM1xIixNrnI1wH/mMD5WlXBmw=; b=u9/LBEKZeAUTGjKpAZ3fPZ2lQOdYkKRCYsM1KbsOGnux8SOc4NadBSlMnAgIwqBP3M xLJaNAEd8IpqOHzDlreonnyQHec7u1tXs4Q7dREmZhF6wO0UaRN0w620TiuG3a7lS0EJ 9CqnYHrQXMg1DHb8M774FibtaT56gXNUKi8IIrONm/7dlgqQ+ibfBwMQ6DO4DloqgPqV v3N6FtCxqqyaK1CUYShKPr04QvkmyQLYsZd63AR07hqi/Km1OVhA3YeJLHRblq/hioy/ l5/SpepdatXwchRCl42OtScvl8kPnK98fOuX39YDO6p7Ta3ekOHZdurKA9GB01WZGTfG 1uYQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from gecko.sbs.de (gecko.sbs.de. [194.138.37.40]) by gmr-mx.google.com with ESMTPS id v16si1011641wmh.1.2021.02.15.05.49.19 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 15 Feb 2021 05:49:19 -0800 (PST) Received-SPF: pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.40 as permitted sender) client-ip=194.138.37.40; Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by gecko.sbs.de (8.15.2/8.15.2) with ESMTPS id 11FDnJXX022611 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Mon, 15 Feb 2021 14:49:19 +0100 Received: from md1sf36c.ad001.siemens.net ([139.22.119.30]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 11FDdIHE008716 for ; Mon, 15 Feb 2021 14:39:19 +0100 From: Silvano Cirujano Cuesta To: isar-users@googlegroups.com Subject: [PATCH v5 1/4] classes: add root filesystem containerizing class Date: Mon, 15 Feb 2021 14:39:15 +0100 Message-Id: <20210215133918.50988-2-silvano.cirujano-cuesta@siemens.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210215133918.50988-1-silvano.cirujano-cuesta@siemens.com> References: <20210215133918.50988-1-silvano.cirujano-cuesta@siemens.com> MIME-Version: 1.0 X-Original-Sender: silvano.cirujano-cuesta@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 194.138.37.40 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1691769331731589324?= X-GMAIL-MSGID: =?utf-8?q?1691769331731589324?= This class can be used to create container images which root filesystem is that generated by the do_rootfs task. Containerized root filesystems have following possible use-cases: - Using ISAR as a container image builder. - Simplify distribution of runtime rootfs (binaries, libraries, configurations, ...) for application development or testing. - Distributing SDKs. Signed-off-by: Silvano Cirujano Cuesta --- .../classes/image-container-extension.bbclass | 79 +++++++++++++++++++ meta/classes/image.bbclass | 1 + 2 files changed, 80 insertions(+) create mode 100644 meta/classes/image-container-extension.bbclass diff --git a/meta/classes/image-container-extension.bbclass b/meta/classes/image-container-extension.bbclass new file mode 100644 index 0000000..a49a435 --- /dev/null +++ b/meta/classes/image-container-extension.bbclass @@ -0,0 +1,79 @@ +# This software is a part of ISAR. +# Copyright (C) Siemens AG, 2021 +# +# SPDX-License-Identifier: MIT +# +# This class extends the image.bbclass for containerizing the root filesystem. + +CONTAINER_FORMATS ?= "docker-archive" + +containerize_rootfs() { + local cmd="/bin/dash" + local empty_tag="empty" + local full_tag="latest" + local oci_img_dir="${WORKDIR}/oci-image" + local rootfs="$1" + local rootfs_id="$2" + local container_formats="$3" + + # prepare OCI container image skeleton + bbdebug 1 "prepare OCI container image skeleton" + rm -rf "${oci_img_dir}" + sudo umoci init --layout "${oci_img_dir}" + sudo umoci new --image "${oci_img_dir}:${empty_tag}" + sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + --config.cmd="${cmd}" + sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ + "${oci_img_dir}_unpacked" + + # add root filesystem as the flesh of the skeleton + sudo cp -a "${rootfs}"/* "${oci_img_dir}_unpacked/rootfs/" + + # pack container image + bbdebug 1 "pack container image" + sudo umoci repack --image "${oci_img_dir}:${full_tag}" \ + "${oci_img_dir}_unpacked" + sudo umoci remove --image "${oci_img_dir}:${empty_tag}" + sudo rm -rf "${oci_img_dir}_unpacked" + + # no root needed anymore + sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + + # convert the OCI container image to the desired format + image_name="isar-${rootfs_id}" + for image_type in ${CONTAINER_FORMATS} ; do + image_archive="${DEPLOY_DIR_IMAGE}/${rootfs_id}-${image_type}.tar" + bbdebug 1 "Creating container image type: ${image_type}" + case "${image_type}" in + "docker-archive" | "oci-archive") + if [ "${image_type}" = "oci-archive" ] ; then + target="${image_type}:${image_archive}:latest" + else + target="${image_type}:${image_archive}:${image_name}:latest" + fi + rm -f "${image_archive}" "${image_archive}.xz" + bbdebug 2 "Converting OCI image to ${image_type}" + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" "${target}" + bbdebug 2 "Compressing image" + xz -T0 "${image_archive}" + ;; + "oci") + tar --create --xz --directory "${oci_img_dir}" \ + --file "${image_archive}.xz" . + ;; + "docker-daemon" | "containers-storage") + if [ -f /.dockerenv ] || [ -f /run/.containerenv ] ; then + die "Adding the container image to a container runtime (${image_type}) not supported if running from a container (e.g. 'kas-container')" + fi + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" \ + "${image_type}:${image_name}:latest" + ;; + *) + die "Unsupported format for containerize_rootfs: ${image_type}" + ;; + esac + done +} + diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index eddc444..ec93cab 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -76,6 +76,7 @@ inherit image-tools-extension inherit image-postproc-extension inherit image-locales-extension inherit image-account-extension +inherit image-container-extension # Extra space for rootfs in MB ROOTFS_EXTRA ?= "64"