From patchwork Thu Feb 4 23:08:26 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Silvano Cirujano Cuesta X-Patchwork-Id: 297 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:3788:0:0:0:0:0 with SMTP id r130csp2035946oor; Fri, 5 Feb 2021 01:08:30 -0800 (PST) X-Received: by 2002:a1c:6a16:: with SMTP id f22mr2657295wmc.176.1612516109834; Fri, 05 Feb 2021 01:08:29 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1612516109; cv=pass; d=google.com; s=arc-20160816; b=ulXJAIz/sy8yxfcerc7sSScHsJC/D1lUV0xTuLw7kwUMNi7FqqSq4AK4babWRpcgCx 3EcMiGK6uBNHHqXdAkxTXez9S8zKZwbAimwxFVUArchLAo6Wptab9Sn91igfDjpDnLtU 27Rt0Ok1DkQKDAF67oSFx1vrQbnj6cfZJqCK0lAf9YsojG5GqIJnrg9STjz9iJAc+/xP UQQb84wFfqEjDcWIKIwY2YXM9Yd+F+wH1aFnvg/JElzaaOAo016FO/BVsNpFOgdVO2hz oUvp8/+J+P7UKy8j7hDHDbYnc6bpq2LebURfp6iyzrN6pLmnHC2q/HyfxVgmZtCWhTCE p48g== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:to:from:sender:dkim-signature; bh=Cm9UUlPp3K6spWUogprblAd73rZVtNkqWuwFv2ydJFk=; b=ALV4W2xoiP7ALBalK2PlS4ERIo2SgLJwiDs0/CqqOi+4YerdNz01jLD/qCpUNw0O88 IzIxbzal+WGU8PeHN45tr4p6c/2u0+hUk/CchYQclT00yNOSR0+y16BRD8b2XoUbAdb7 lOFpwYpu3yT+Y4MI4IhUtRkx1a3bt4ZGnh91rMimPnO+zL02nKxsUahzmgYHNnlyvv5O JwVk4kCGpVu6dT3QIQ+8sfomEJKlK45z3XLPWKU7+mauWAg+0RC1iXO321WwqG+CoAu0 WjRKv7cu8EdvhL7erGdjLwiZMX+HMHzstLfC8rgi6jloCWpjXZp+SqfqwdvZAUsZmJay n3GA== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=sHH7WEwT; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBDMW6SAAMGQEGXLPENA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id z15sor4804070wrr.45.2021.02.05.01.08.29 (Google Transport Security); Fri, 05 Feb 2021 01:08:29 -0800 (PST) Received-SPF: pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=sHH7WEwT; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBDMW6SAAMGQEGXLPENA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com ARC-Seal: i=2; a=rsa-sha256; t=1612516109; cv=pass; d=google.com; s=arc-20160816; b=psFQIgpkDi/egjx0msyfE86+1q0j20UrpMx4JOOPd1+5XxSF0JlbJgzzozr/WXGRyO p3D/qXhFypllvHugiE4jHedxsCQoVO2kvlDCDJ7dCi3M54K5SJgE2e6mz/DTp0KOWvTS pv129lATMEoWCPoM/dJ7YxhZR8zCvIqAAtaKShc0es7S3aQ/sYF6mz/i191uHkHDaFrq QnVAKtkXceQKWFWqlAc5EgK6PmUGrGlrpPCewVQYL0BM0qhLbs3yAHXkRs9rEB1rLZ7M t6ty/1ScUSex75IulFQS9+/a9vpGmFXsLBLUgCou8dK4J6YCsCUOjWTmVBVI3MXZVXjm ALFQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:to:from:sender:dkim-signature; bh=Cm9UUlPp3K6spWUogprblAd73rZVtNkqWuwFv2ydJFk=; b=zIOCNUhunMU7RM8u/31LJvLdyq2q7YeS4T7HZaY9l3hGi13L54NWicPQBY7YoM5cCa RkJu+wTT2yScB0Qo3+9/tC8I9SYtKyRYIiy+oma4DKt/ZUYlCenQPXEzjjwpyt+ONG1f H/t9RC2XYLIQY8FxUdSOT58xmD0c+jGrKrHqPsKeNW0uKp0SRE1PkOzSyP59q/ddvc42 c9a2IR6ZTBSrEpzDX80E14z4r2r/O6qsddStpDXZ3dx18e2uUv5XnqMss5J6LnRH/EYy q5cq94UcuPPEQ4qOzT2mNkvPyHKF11+eyuPBLgBuZ3/6pev7Kt9oO20bj0nAfCkId3MR cz5g== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=Cm9UUlPp3K6spWUogprblAd73rZVtNkqWuwFv2ydJFk=; b=sHH7WEwTNEGjhFHKVdLfHnx4kVHlkUCRhIq5rZrU8VwGIkVzhwR29NVkm4gpw0R6mK q0N+5EEb2B2GywI+rdQkNueng/L3NVEdV4K8MTnimq68lgHuJ/hFwTriMPkEwczB+E26 oowfGIY6u1Cg6Jf607rn6yGpQay6weeqayHwRr3C0rnd5yHomxRlArPlFwUemfR8zQA1 VaxmkEPI/qcWji3h0tATBHNaDd8Z3oH7eZYxTGNmTSZxgDu/NR5rItZGyWFpKOrw50UL 4jgGvtDqIpvsW097L5aw4L13/vox1Ka2zf8OEklNufGmbly+D9u11txEavELPpcDspI4 Wkhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:subject:date:message-id :in-reply-to:references:mime-version:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=Cm9UUlPp3K6spWUogprblAd73rZVtNkqWuwFv2ydJFk=; b=Qj+KL4GcrECIws+5RcXd9/gqnWtr0ope67pFBxD7PewrLE0dabd9MY78S/VdbYpk4g BrbkPsZTq0kjAqDtA1Gw4T9k5zurKoNg5I34rxWAkJW3gEJFebGkD6MkAuOBtk5gmCxQ A9lPAJ3OoXNdMWwM7n0PKq/0UA0IhDKGFD4nPMgViLQ9Wm87Aoqx/3DBwe2+inhiAxGr UYFMHMfEynFaAr+VgIr6d0C7Tm/CyusYZEqm0w8ImhXu4JA72dM76wSDBSGZOZguF+0S 0U+fKWadry5Q0W6izmMVJkiC01s+byIXFdKn9Cns559ZZLyI7e0CE8FyyAmoOfu3hMB/ qCCw== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM531hsJg+t2exH9fOhU8uVPdRiPvcPEMAIBw+7emfSJOhgbw/vjr0 gEn9S7Hut+7n0BIze9OJMK8= X-Google-Smtp-Source: ABdhPJzROCgwjLwD3KfQops8x1zRjJfPgvKpEPvOb0UtL9BL5PS4kLX3wO3ykmpkl7a8vcem+pakoQ== X-Received: by 2002:adf:decb:: with SMTP id i11mr3785542wrn.78.1612516109251; Fri, 05 Feb 2021 01:08:29 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:fd09:: with SMTP id e9ls3451641wrr.0.gmail; Fri, 05 Feb 2021 01:08:28 -0800 (PST) X-Received: by 2002:adf:ecc5:: with SMTP id s5mr3682427wro.423.1612516108523; Fri, 05 Feb 2021 01:08:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612516108; cv=none; d=google.com; s=arc-20160816; b=SGmAENvw9oDThMuRrlISiosljQlOfe4SwGxjKmo9jk8XTT88s6Ubjw4HFwDyI7jq+c dmTz0eYmtpqf4VbqRI25IqULCflMWWT4UZuwRKLne9DklOjLhMXjPArkVFD2ch94Tuqz VTPH/Ux8k+JAL9unINH6ffkrQPLx7IQG3vSlQBtieel+qkFum3zu41vSltVI/zCqcHWa 6fCrXfATimMgc9egMA8Tv3xanlILhsCsKjAto6uI0/YZE7f8i5OR33RaXvxA0B/WtvYB 1AVNlH+AMT5GwK7mxdTF5tk/mJnewe7sQ9MmDrdti1qvchZl7RqdkWx4mIO/BrrkUWGr UnIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=x1bex1S5jfGN+5RU0xL3cT71qpKfvW9t76cf5QR17i4=; b=oAKm1LVgC6P5D3bI/8ay6CMZVs+70K7t+59qaOqAwgvccYzZDslWx86cPHPZYkkffq gyzJFfIO9+Pa/g0AMqI7ijQHbSgSrIh/bLCQHNeqWwEjZg5KQr5W7ENoZ1vFqL+xfU1c OGgBc69Ps0CDgiyV1vy/aO0zNQ0U1YmduXKMzY6SWwDrf+DS4cxyUYMCeLEQAivsJjCy afiFNHtGHR1F49V5/ZUaojsCn3mPD5Xp2PNnpIE9ItbaEjUBKYWblu5dU75mL0riqv85 WTNWY68zpCeVpTyl45pv8q5DZKB+cxKpLOWPTLKwhu75/MmGGWbac6aMQ3xsqtf20Mqo HL7w== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2]) by gmr-mx.google.com with ESMTPS id f196si350548wme.2.2021.02.05.01.08.28 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 05 Feb 2021 01:08:28 -0800 (PST) Received-SPF: pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2; Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id 11598So1005204 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 5 Feb 2021 10:08:28 +0100 Received: from md1sf36c.ad001.siemens.net ([167.87.60.163]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 11598RVx000712 for ; Fri, 5 Feb 2021 10:08:27 +0100 From: Silvano Cirujano Cuesta To: isar-users@googlegroups.com Subject: [PATCH 1/2] sdk: support creation of container image Date: Fri, 5 Feb 2021 10:08:26 +0100 Message-Id: <20210205090827.17788-2-silvano.cirujano-cuesta@siemens.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210205090827.17788-1-silvano.cirujano-cuesta@siemens.com> References: <20210205090827.17788-1-silvano.cirujano-cuesta@siemens.com> MIME-Version: 1.0 X-Original-Sender: silvano.cirujano-cuesta@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1690845692060127922?= X-GMAIL-MSGID: =?utf-8?q?1690845692060127922?= Extend task "populate_sdk" to support the creation of a container image containing the SDK. Signed-off-by: Silvano Cirujano Cuesta --- meta/classes/image-sdk-extension.bbclass | 104 +++++++++++++++++++++-- 1 file changed, 97 insertions(+), 7 deletions(-) diff --git a/meta/classes/image-sdk-extension.bbclass b/meta/classes/image-sdk-extension.bbclass index a8c708a..082b16d 100644 --- a/meta/classes/image-sdk-extension.bbclass +++ b/meta/classes/image-sdk-extension.bbclass @@ -6,10 +6,81 @@ # This class extends the image.bbclass to supply the creation of a sdk SDK_INCLUDE_ISAR_APT ?= "0" +SDK_FORMATS ?= "tar-xz" + +sdk_tar_xz() { + # Copy mount_chroot.sh for convenience + sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} + + # Create SDK archive + cd -P ${SDKCHROOT_DIR}/.. + sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ + -c rootfs | xz -T0 > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz + bbnote "SDK rootfs available in ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz" +} + +sdk_container_images() { + local cmd="/bin/dash" + local empty_tag="empty" + local full_tag="latest" + local oci_img_dir="${WORKDIR}/oci-image" + local sdk_container_formats="$1" + + # prepare OCI container image skeleton + sudo umoci init --layout "${oci_img_dir}" + sudo umoci new --image "${oci_img_dir}:${empty_tag}" + sudo umoci config --image "${oci_img_dir}:${empty_tag}" \ + --config.cmd="${cmd}" + sudo umoci unpack --image "${oci_img_dir}:${empty_tag}" \ + "${oci_img_dir}_unpacked" + + # add SDK root filesystem as the flesh of the skeleton + sudo cp -a "${SDKCHROOT_DIR}"/* "${oci_img_dir}_unpacked/rootfs/" + + # pack container image + sudo umoci repack --image "${oci_img_dir}:${full_tag}" \ + "${oci_img_dir}_unpacked" + sudo umoci remove --image "${oci_img_dir}:${empty_tag}" + sudo rm -rf "${oci_img_dir}_unpacked" + + # no root needed anymore + sudo chown --recursive $(id -u):$(id -g) "${oci_img_dir}" + + # convert the OCI container image to the desired format + sdk_id="sdk-${DISTRO}-${DISTRO_ARCH}" + image_name="isar-${sdk_id}" + image_archive="${DEPLOY_DIR_IMAGE}/${sdk_id}-${sdk_format}.tar" + for sdk_format in ${sdk_container_formats} ; do + case "${sdk_format}" in + "docker-archive" | "oci-archive") + if [ "${sdk_format}" = "oci-archive" ] ; then + target="${sdk_format}:${image_archive}:latest" + else + target="${sdk_format}:${image_archive}:${image_name}:latest" + fi + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" "${target}" + xz -T0 "${image_archive}" + bbnote "Containerized SDK available in ${image_archive}.xz" + ;; + "oci") + tar --create --xz --directory "${oci_img_dir}" \ + --file "${image_archive}.xz" . + bbnote "Containerized SDK available in ${image_archive}.xz" + ;; + "docker-daemon" | "containers-storage") + skopeo --insecure-policy copy \ + "oci:${oci_img_dir}:${full_tag}" \ + "${sdk_format}:${image_name}:latest" + bbnote "Containerized SDK available in ${sdk_format} as '${image_name}:latest'" + ;; + esac + done +} do_populate_sdk[stamp-extra-info] = "${DISTRO}-${MACHINE}" do_populate_sdk[depends] = "sdkchroot:do_build" -do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT" +do_populate_sdk[vardeps] += "SDK_INCLUDE_ISAR_APT SDK_FORMATS" do_populate_sdk() { if [ "${SDK_INCLUDE_ISAR_APT}" = "1" ]; then # Copy isar-apt with deployed Isar packages @@ -48,12 +119,31 @@ do_populate_sdk() { done done - # Copy mount_chroot.sh for convenience - sudo cp ${SCRIPTSDIR}/mount_chroot.sh ${SDKCHROOT_DIR} + # separate SDK formats: TAR and container formats + container_formats="" + for sdk_format in ${SDK_FORMATS} ; do + case ${sdk_format} in + "tar-xz") + sdk_tar_xz + ;; + "docker-archive" | "oci" | "oci-archive") + container_formats="${container_formats} ${sdk_format}" + ;; + "docker-daemon" | "containers-storage") + if [ -f /.dockerenv ] || [ -f /run/.containerenv ] ; then + die "Adding the SDK container image to a container runtime (${sdk_format}) not supported if running from a container (e.g. 'kas-container')" + fi + ;; + *) + die "unsupported SDK format specified: ${sdk_format}" + ;; + esac + done - # Create SDK archive - cd -P ${SDKCHROOT_DIR}/.. - sudo tar --transform="s|^rootfs|sdk-${DISTRO}-${DISTRO_ARCH}|" \ - -c rootfs | xz -T0 > ${DEPLOY_DIR_IMAGE}/sdk-${DISTRO}-${DISTRO_ARCH}.tar.xz + # generate the SDK in all the desired container formats + if [ -n "${container_formats}" ] ; then + bbnote "Generating SDK container in${container_formats} format" + sdk_container_images "${container_formats}" + fi } addtask populate_sdk after do_rootfs From patchwork Thu Feb 4 23:08:27 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Silvano Cirujano Cuesta X-Patchwork-Id: 298 Return-Path: Delivered-To: ilbers.mnt@gmail.com Received: by 2002:a4a:3788:0:0:0:0:0 with SMTP id r130csp2035944oor; Fri, 5 Feb 2021 01:08:29 -0800 (PST) X-Received: by 2002:a05:600c:2351:: with SMTP id 17mr2720909wmq.2.1612516109835; Fri, 05 Feb 2021 01:08:29 -0800 (PST) ARC-Seal: i=3; a=rsa-sha256; t=1612516109; cv=pass; d=google.com; s=arc-20160816; b=CZdqLKZt7HLfrDe8DNyni0DFGzW3oh9C7QepY5KI8Yebi7ggT3o+Yoijhp27DvVORU 7wdhXhM4EZJus95uVQLG8eVxgGLXJAfYfbuLgZPXOY8dM5Gvrbq5QyT/nGfYZUQGuGvl VqvFWvDSSLtGF3aFQPgP8svIpt6t8mD2bsg7GAXIa5X7uDBG8Pz7EUerKlYB+HBynIk2 DhEaL6hNmm463Co2n1txZKGRV5u/50yITT4xdUIEIcNZ+GElHVs2a2eUE7EorRP7uty0 SRjCCLJYbID8LK9bDAocU3nBZINSgka6GBG/N3w8OBjsUObm+ZxBfwPc0js2WCF8nQqC 51jg== ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :sender:dkim-signature; bh=98E/tRJMnjK/eHsZqXInk3Y8HX6igVwBzi5sOz0ikE8=; b=NdXPRujSXG8XSiWvvDthww0Ls+PnvLXszUYBnFt9yJQdTWlDPjhdMOvjx75YHW2dds D2waw7dRk7b6/4dzyczEsTbKo981gc9u9jg0ZbzGg/vVMPwZrGADTybJflUT3xqmDfgx oAUyYNzt6iY7Ik8Yfq6knRpR6EkHaUWCJbt45WkRmc3KAR22yU+BeeLP4Ntwc5eNeuGN zLq/oAHE/zNSIHKwf1A29PhpeeZbFWIBd2QN4sv8ZMXjBYNTSzq3E4kjxJbEz8wjQD84 R2divSQyp3uTA4TPeUhlXgF0dVBkbt6SjDio31RDbZJWd7FqE8HXib52gTV9JI77uQhI jzpg== ARC-Authentication-Results: i=3; mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=jw2urGWn; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBDMW6SAAMGQEGXLPENA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com Received: from mail-sor-f55.google.com (mail-sor-f55.google.com. [209.85.220.55]) by mx.google.com with SMTPS id j190sor4279909wmb.16.2021.02.05.01.08.29 (Google Transport Security); Fri, 05 Feb 2021 01:08:29 -0800 (PST) Received-SPF: pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) client-ip=209.85.220.55; Authentication-Results: mx.google.com; dkim=pass header.i=@googlegroups.com header.s=20161025 header.b=jw2urGWn; arc=pass (i=2 spf=pass spfdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of isar-users+bncbcd6jj6cqqfrbdmw6saamgqegxlpena@googlegroups.com designates 209.85.220.55 as permitted sender) smtp.mailfrom=isar-users+bncBCD6JJ6CQQFRBDMW6SAAMGQEGXLPENA@googlegroups.com; dmarc=fail (p=NONE sp=NONE dis=NONE arc=pass) header.from=siemens.com ARC-Seal: i=2; a=rsa-sha256; t=1612516109; cv=pass; d=google.com; s=arc-20160816; b=PRZcCQnE+19hrzp+HD0caTrCkUsrAqy+HAc0WYKFqzjsv5rdiQOJ/QfkOap24RCYiO 2CXSxWJc40BLcObF+aln9QfzkKY9hwfgRtzv99/qhS+bI2vq2TU/OD7+wWX6wXtv3jZ3 W9GpIjpr3l/F7vBpnPuXl29dsXYGwogrEgZfzqciZFBajacxJnT+PrapLgZA/WWl/dWc hgOsDf2vi3AUPufPg78RsYzpg4wtOgJblxfXDexiGkNzpUXaXAZL/JqBOcLmEdeVzQwW mXCEOhZ5yG5dW7pwtxk38zPl+5vP3AX02hTXukdEPed+tJkSZ+M9PK1PNESqxkhIasK7 BnBA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :sender:dkim-signature; bh=98E/tRJMnjK/eHsZqXInk3Y8HX6igVwBzi5sOz0ikE8=; b=CGSvkEO/VBxMUg4NrvZ5JP9RftlWcJwJquL2znqcVXlEPmA8VAHyL1QNzQmzIwlYqF pRP+TUeLdFeoTTNdN58E9sHf7lWFgoFc0hqJSprBwWXEKVTHjOO6diV6+l23IjrHD7Vt ENRU17tce9RKRHV/m/ahz9f1AwB9VdxzqXTSGLIP0DkvajMswlqxTvHdqoAWg61AZSRQ XeyNEV4wosDR0c4gst0lH63wOvqgyeM+tIwQhC42iAGFEC5s7EgeUlky7kuvCawKrJ87 iWD9bzNodhDBOrEjf3r8Al4erI8tjO4r5HsxsixcbVJmesqmkVQXYx/JOQ/aX2jzT7pU 4fmg== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :list-post:list-help:list-archive:list-subscribe:list-unsubscribe; bh=98E/tRJMnjK/eHsZqXInk3Y8HX6igVwBzi5sOz0ikE8=; b=jw2urGWnWdbjZCw8LPPjKC8JuuE/lN9axpyx0X+S0dvLUiFvOyb4ejit6QlaET1hQb wRPxohnlsz3gG+prMh/rG8BFKIAQUpqjjghdNQtegrXLoZv4URZY7+SSTc6g3f8Mo4jR QuHyBlchtrrHy8szZhdFWdLsXPyMCP0mc4UhvVdzszzEV8S1BrAQ2xhn9rzmy7SDeSDy 9/lZ2MunxyFuZ3mZeBa2vg9a0MA+UWAoXcp9eEV7J+xwwe9qYub5OUiUo/OKqN/Iy1Mh 2P8SJmiWU0i6iNSRWS9mEYLHuUh1rYh3mRG62AuTX2ywyYFaaWj6Tr4E5rExcXZAyFKM cagA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:x-spam-checked-in-group:list-post:list-help :list-archive:list-subscribe:list-unsubscribe; bh=98E/tRJMnjK/eHsZqXInk3Y8HX6igVwBzi5sOz0ikE8=; b=cyrA965Q73CL2z2lWTpyBO/gUKHMWWvvo+0b60HzYywM3eyY4eajWjCcprMFBiVlA3 larfhpdkI80JTPlh+pGrdWWSZNiGCTSK40HQm9shQQP31v9OMS21xjfcpxP+2th5k9KU BV8IqjxIZinBNDC9S0YfCsoNaltdkkp1sH9UIQyqsNJoBxqWCI8c60qca8NbTlop3VHs gPlm4LFyper1Gdmx728sAt78+NY4dMJq0DjkeqDoy0r+4fP5AK/jz7p324M/NFsC5KGG XZ+/reiBBBfnUudT4yUrZdqpOZJFhsYeWHxT4UB6ndkSGeImFcUzh6ADjLzd3eTU4CLx K+sA== Sender: isar-users@googlegroups.com X-Gm-Message-State: AOAM5307tYfzR4rAN3qkp/1OJ8meCocymsS9vWObzL/VMHDc55BQiA9D V7PBAOfchQdfBMTc1HlFsJM= X-Google-Smtp-Source: ABdhPJwGOuhhkwW4bi8z9bdk1Y3ZDM221rLw9tILcvNWBd1Js/LsdzplDlF64uUEEMZP3HZou3GAQw== X-Received: by 2002:a05:600c:4f48:: with SMTP id m8mr2746253wmq.12.1612516109341; Fri, 05 Feb 2021 01:08:29 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:adf:fd09:: with SMTP id e9ls3451648wrr.0.gmail; Fri, 05 Feb 2021 01:08:28 -0800 (PST) X-Received: by 2002:a5d:4402:: with SMTP id z2mr3779811wrq.265.1612516108697; Fri, 05 Feb 2021 01:08:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1612516108; cv=none; d=google.com; s=arc-20160816; b=bBq0KGVaHeNeiwVQu6JxpBYfzH165MTBMlSWbGd1KUa4EtFkCxa3ZTwVom7MmjCtcO F8vR9v4LPw/l5qTnwMCVIqLc5JN3am523ULJmwQCmE+eHjBYPcrbPErLX53R+rDKRKYf xjXb40OiYfJw4xrAo/5gZsqykxRSyRNxbkd/sw4vZL3WJE0bjN+87WVbZQZ1iUr/eAnf nzk6iHFZgAIA+dp/365/yUhtDkJAeghTHQXOk+3XjviAnJj/1zpg30L5QnzTAftVDeXT y3wC1EqRPPYzJvvA7TV/N9BaUetB5QgwFxCum01S+yfz4bOhtEnaW0LyqNdFSUSgMU/E dlsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from; bh=upoybnwR79jsndVV7zJ9DQ+OpYVoQ75BGx+eOz3azmU=; b=oufmsG7VAYSa9xBySPuAP/93QiJXiC+BAAwqHVaymtJMqn/ZpjpyrACbTbyNRVmOMF f0viZyu5kMzOOqMCbBKQIbauB201Kxw7Gqr+JRo2P4BWOadivufJ4NZ+vXumJwIvB++W ZdQrN6PIvX+8YYRMzBpHsQU3i3TXh7pcoPUR1CbO3uXOuGNhRqsKMUSRfg7jZnS4zSJ/ 1MwpgH/xB0J8lj6yCDC6GW3Kxjsr4GfiALV0vXNM1IySOJJolXdLdYs1Tf6x8012Rt/z GpQd/J6md30rXMz0gT5BtGQ50lgdEVrfOhyS5WyBZPoZkMjQXVtEO6Nd1N/ZA1Au83D3 7lKw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from david.siemens.de (david.siemens.de. [192.35.17.14]) by gmr-mx.google.com with ESMTPS id t16si966757wmi.3.2021.02.05.01.08.28 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 05 Feb 2021 01:08:28 -0800 (PST) Received-SPF: pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.14 as permitted sender) client-ip=192.35.17.14; Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by david.siemens.de (8.15.2/8.15.2) with ESMTPS id 11598SwB031215 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Fri, 5 Feb 2021 10:08:28 +0100 Received: from md1sf36c.ad001.siemens.net ([167.87.60.163]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 11598RW0000712 for ; Fri, 5 Feb 2021 10:08:28 +0100 From: Silvano Cirujano Cuesta To: isar-users@googlegroups.com Subject: [PATCH 2/2] docs: document usage of sdk container images Date: Fri, 5 Feb 2021 10:08:27 +0100 Message-Id: <20210205090827.17788-3-silvano.cirujano-cuesta@siemens.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210205090827.17788-1-silvano.cirujano-cuesta@siemens.com> References: <20210205090827.17788-1-silvano.cirujano-cuesta@siemens.com> MIME-Version: 1.0 X-Original-Sender: silvano.cirujano-cuesta@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of silvano.cirujano-cuesta@siemens.com designates 192.35.17.14 as permitted sender) smtp.mailfrom=silvano.cirujano-cuesta@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: =?utf-8?q?1690845692724795149?= X-GMAIL-MSGID: =?utf-8?q?1690845692724795149?= Signed-off-by: Silvano Cirujano Cuesta --- doc/user_manual.md | 79 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) diff --git a/doc/user_manual.md b/doc/user_manual.md index a4f3d1d..7863241 100644 --- a/doc/user_manual.md +++ b/doc/user_manual.md @@ -19,6 +19,7 @@ Copyright (C) 2016-2019, ilbers GmbH - [Add a Custom Application](#add-a-custom-application) - [Enabling Cross-compilation](#isar-cross-compilation) - [Create an ISAR SDK root filesystem](#create-an-isar-sdk-root-filesystem) + - [Create a containerized ISAR SDK root filesystem](#create-a-containerized-isar-sdk-root-filesystem) - [Creation of local apt repo caching upstream Debian packages](#creation-of-local-apt-repo-caching-upstream-debian-packages) @@ -84,6 +85,9 @@ If your host is >= buster, also install the following package. apt install python3-distutils ``` +If you want to generate containerized SDKs, also install the following packages: `umoci` and `skopeo`. +Umoci is provided by Debian Buster and can be installed with `apt install umoci`, Skopeo is provided by Debian Bullseye/Unstable and has to be installed either manually downloading the DEB and installing it (no other packages required) or with `apt install -t bullseye skopeo` (if unstable/bullseye included in `/etc/apt/sources.list[.d]`). + Notes: * BitBake requires Python 3.4+. @@ -834,6 +838,81 @@ ii crossbuild-essential-armhf 12.3 all Inf ~# ``` +## Create a containerized ISAR SDK root filesystem + +### Motivation + +Distributing and using the SDK root filesystem created following the instructions in "[Create an ISAR SDK root filesystem](#create-an-isar-sdk-root-filesystem)" becomes easier using container images (at least for those using containers anyway) +A "containerized" SDK adds to those advantages of a normal SDK root filesystem the comfort of container images. + +### Approach + +Create container image with SDK root filesystem with installed cross-toolchain for target architecture and ability to install already prebuilt target binary artifacts. +Developer: + - runs a container based on the resulting container image mounting the source code to be built, + - develops applications for target platform on the container and + - leaves the container getting the results on the mounted directory. + +### Solution + +User specifies the variable `SDK_FORMAT` providing a space-separated list of SDK formats to generate. + +Supported formats are: + - `tar-xz`: (default) is the non-containerized format that results from following the instructions in "[Create an ISAR SDK root filesystem](#create-an-isar-sdk-root-filesystem)" + - `docker-archive`: an archive containing a Docker image that can be imported with [`docker import`](https://docs.docker.com/engine/reference/commandline/import/) + - `docker-daemon`: resulting container image is made available on the local Docker Daemon + - `containers-storage`: resulting container image is made available to tools using containers/storage back-end (e.g. Podman, CRIO, buildah,...) + - `oci-archive`: an archive containing an OCI image, mostly for archiving as seed for any of the above formats + +User manually triggers creation of SDK formats for his target platform by launching the task `do_populate_sdk` for target image, f.e. +`bitbake -c do_populate_sdk mc:${MACHINE}-${DISTRO}:isar-image-base`. +Packages that should be additionally installed into the SDK can be appended to `SDK_PREINSTALL` (external repositories) and `SDK_INSTALL` (self-built). + +Following formats don't work if running `bitbake -c do_populate_sdk ...` (to generate the containerized SDK) from inside of a container (e.g. using `kas-container`): `docker-daemon` and `containers-storage`. +It's technically possible, but requires making host resources (e.g. the Docker Daemon socket) accessible in the container. +What can endanger the stability and security of the host. + +The resulting SDK formats are archived into `tmp/deploy/images/${MACHINE}/sdk-${DISTRO}-${DISTRO_ARCH}-${sdk_format}.tar.xz` (being `sdk_format` each one of the formats specified in `SDK_FORMATS`). +The SDK container directory `/isar-apt` contains a copy of isar-apt repo with locally prebuilt target debian packages (for ). +One may get into an SDK container and install required target packages with the help of `apt-get install :` command. +The directory with the source code to develop on should be mounted on the container (with `--volume :`) to be able to edit files in the host with an IDE and build in the container. + +### Example + + - Make the SDK formats to generate available to the task + +For one-shot builds (use `local.conf` otherwise): + +``` +export BB_ENV_EXTRAWHITE="$BB_ENV_EXTRAWHITE SDK_FORMATS" +export SDK_FORMATS="docker-archive" +``` + + - Trigger creation of SDK root filesystem + +``` +bitbake -c do_populate_sdk mc:qemuarm-buster:isar-image-base +``` + + - Load the SDK container image into the Docker Daemon + +``` +xzcat build/tmp/deploy/images/qemuarm/sdk-debian-buster-armhf-docker-archive.tar.xz | docker load +``` + + - Run a container using the SDK container image (following commands starting with `#~:` are to be run in the container) + +``` +docker run --rm -ti --volume "$(pwd):/build" isar-sdk-buster-armhf:latest +``` + + - Check that cross toolchains are installed + +``` +:~# dpkg -l | grep crossbuild-essential-armhf +ii crossbuild-essential-armhf 12.3 all Informational list of cross-build-essential packages +``` + ## Creation of local apt repo caching upstream Debian packages ### Motivation