-
Notifications
You must be signed in to change notification settings - Fork 169
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add proof of concept for building with osbuild
This is proof of concept code with many things hardcoded in the coreos.osbuild.mpp.yaml that need to become more dynamically defined. To use this you can set the COSA_USE_OSBUILD env var to have a value. COSA_USE_OSBUILD=1 should work just fine.
- Loading branch information
Showing
9 changed files
with
422 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
92 changes: 92 additions & 0 deletions
92
src/0001-objectstore-also-mount-etc-containers-for-host-build.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
From d4b3e3655deb7d55792e52fe6a11c609fb24e3b8 Mon Sep 17 00:00:00 2001 | ||
From: Dusty Mabe <[email protected]> | ||
Date: Tue, 24 Oct 2023 14:08:44 -0400 | ||
Subject: [PATCH] objectstore: also mount /etc/containers for "host" buildroot | ||
|
||
In the case we are not using a buildroot (i.e. we are using | ||
the host as the buildroot) let's also mount in /etc/containers | ||
into the environment. There are sometimes where software running | ||
from /usr can't operate without configuration in /etc and this | ||
will allow it to work. | ||
|
||
An example of software hitting this problem is skopeo. With a | ||
simple config like: | ||
|
||
``` | ||
version: '2' | ||
mpp-vars: | ||
release: 38 | ||
pipelines: | ||
- name: skopeo-tree | ||
# build: name:build | ||
source-epoch: 1659397331 | ||
stages: | ||
- type: org.osbuild.skopeo | ||
inputs: | ||
images: | ||
type: org.osbuild.containers | ||
origin: org.osbuild.source | ||
mpp-resolve-images: | ||
images: | ||
- source: quay.io/fedora/fedora-coreos | ||
tag: stable | ||
name: localhost/fcos | ||
options: | ||
destination: | ||
type: containers-storage | ||
storage-path: /usr/share/containers/storage | ||
``` | ||
|
||
We end up hitting an error like this: | ||
|
||
``` | ||
time="2023-10-24T18:27:14Z" level=fatal msg="Error loading trust policy: open /etc/containers/policy.json: no such file or directory" | ||
Traceback (most recent call last): | ||
File "/run/osbuild/bin/org.osbuild.skopeo", line 90, in <module> | ||
r = main(args["inputs"], args["tree"], args["options"]) | ||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
File "/run/osbuild/bin/org.osbuild.skopeo", line 73, in main | ||
subprocess.run(["skopeo", "copy", image_source, dest], check=True) | ||
File "/usr/lib64/python3.11/subprocess.py", line 571, in run | ||
raise CalledProcessError(retcode, process.args, | ||
subprocess.CalledProcessError: Command '['skopeo', 'copy', 'dir:/tmp/tmp5_qcng99/image', 'containers-storage:[overlay@/run/osbuild/tree/usr/share/containers/storage+/run/containers/storage]localhost/fcos']' returned non-zero exit status 1. | ||
``` | ||
|
||
This PR adds in a mount for /etc/containers from the host so that | ||
/etc/containers/policy.json can be accessed. | ||
--- | ||
osbuild/objectstore.py | 12 ++++++++++-- | ||
1 file changed, 10 insertions(+), 2 deletions(-) | ||
|
||
diff --git a/osbuild/objectstore.py b/osbuild/objectstore.py | ||
index 4a19ce9..922d5ee 100644 | ||
--- a/osbuild/objectstore.py | ||
+++ b/osbuild/objectstore.py | ||
@@ -283,14 +283,22 @@ class HostTree: | ||
self._root = self.store.tempdir(prefix="host") | ||
|
||
root = self._root.name | ||
- # Create a bare bones root file system | ||
- # with just /usr mounted from the host | ||
+ # Create a bare bones root file system. Starting with just | ||
+ # /usr mounted from the host. | ||
usr = os.path.join(root, "usr") | ||
os.makedirs(usr) | ||
+ # Also add in /etc/containers, which will allow us to access | ||
+ # /etc/containers/policy.json and enable moving containers | ||
+ # (skopeo): https://github.com/osbuild/osbuild/pull/1410 | ||
+ # If https://github.com/containers/image/issues/2157 ever gets | ||
+ # fixed we can probably remove this bind mount. | ||
+ etc_containers = os.path.join(root, "etc", "containers") | ||
+ os.makedirs(etc_containers) | ||
|
||
# ensure / is read-only | ||
mount(root, root) | ||
mount("/usr", usr) | ||
+ mount("/etc/containers", etc_containers) | ||
|
||
@property | ||
def tree(self) -> os.PathLike: | ||
-- | ||
2.41.0 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
From 2e34303f2e9ef1d48b965703976ef1029d7309f1 Mon Sep 17 00:00:00 2001 | ||
From: Dusty Mabe <[email protected]> | ||
Date: Fri, 1 Sep 2023 12:18:25 -0400 | ||
Subject: [PATCH] Mount boot from host in host builder case | ||
|
||
--- | ||
osbuild/buildroot.py | 2 +- | ||
osbuild/objectstore.py | 3 +++ | ||
2 files changed, 4 insertions(+), 1 deletion(-) | ||
|
||
diff --git a/osbuild/buildroot.py b/osbuild/buildroot.py | ||
index 5b47d70..a0f654d 100644 | ||
--- a/osbuild/buildroot.py | ||
+++ b/osbuild/buildroot.py | ||
@@ -196,7 +196,7 @@ class BuildRoot(contextlib.AbstractContextManager): | ||
|
||
# Import directories from the caller-provided root. | ||
imports = ["usr"] | ||
- if self.mount_boot: | ||
+ if True: | ||
imports.insert(0, "boot") | ||
|
||
for p in imports: | ||
diff --git a/osbuild/objectstore.py b/osbuild/objectstore.py | ||
index 922d5ee..6a3f89a 100644 | ||
--- a/osbuild/objectstore.py | ||
+++ b/osbuild/objectstore.py | ||
@@ -294,11 +294,14 @@ class HostTree: | ||
# fixed we can probably remove this bind mount. | ||
etc_containers = os.path.join(root, "etc", "containers") | ||
os.makedirs(etc_containers) | ||
+ boot = os.path.join(root, "boot") | ||
+ os.makedirs(boot) | ||
|
||
# ensure / is read-only | ||
mount(root, root) | ||
mount("/usr", usr) | ||
mount("/etc/containers", etc_containers) | ||
+ mount("/boot", boot) | ||
|
||
@property | ||
def tree(self) -> os.PathLike: | ||
-- | ||
2.41.0 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.