diff --git a/.copr/Makefile b/.copr/Makefile deleted file mode 120000 index d0b0e8e..0000000 --- a/.copr/Makefile +++ /dev/null @@ -1 +0,0 @@ -../Makefile \ No newline at end of file diff --git a/.gitignore b/.gitignore index 34913a3..50554ee 100644 --- a/.gitignore +++ b/.gitignore @@ -2,5 +2,3 @@ .build-container .testprep .validate -*.rpm -x86_64/ diff --git a/BuildSourceImage.sh b/BuildSourceImage.sh index 8bb713e..96a505b 100755 --- a/BuildSourceImage.sh +++ b/BuildSourceImage.sh @@ -16,8 +16,6 @@ _usage() { _version echo "Usage: $(basename "$0") [-D] [-b ] [-c ] [-e ] [-r ] [-o ] [-i ] [-p ] [-l] [-d ]" echo "" - echo " Container Source Image tool" - echo "" echo -e " -b \tbase path for source image builds" echo -e " -c \tbuild context for the container image. Can be provided via CONTEXT_DIR env variable" echo -e " -e \textra src for the container image. Can be provided via EXTRA_SRC_DIR env variable" @@ -41,7 +39,7 @@ _init() { set -o pipefail # check for tools we depend on - for cmd in jq skopeo dnf file find tar stat date ; do + for cmd in jq dnf file find tar stat date ; do if [ -z "$(command -v ${cmd})" ] ; then # TODO: maybe this could be individual checks so it can report # where to find the tools @@ -130,14 +128,6 @@ _tar() { fi } -_rpm_download() { - if [ "$(command -v yumdownloader)" != "" ] ; then - yumdownloader "${@}" - else - dnf download "${@}" - fi -} - # output things, only when $DEBUG is set _debug() { if [ -n "${DEBUG}" ] ; then @@ -219,7 +209,7 @@ parse_img_tag() { # # an inline prefixer for containers/image tools -# +# XXX redo this to only validate for 'oci:...', otherwise bail ref_prefix() { local ref="${1}" local pfxs @@ -253,68 +243,6 @@ ref_src_img_tag() { echo -n "$(parse_img_tag "${ref}")""${source_image_suffix}" } -# -# call out to registry for the image reference's digest checksum -# -fetch_img_digest() { - local ref="${1}" - local dgst - local ret - - ## TODO: check for authfile, creds, and whether it's an insecure registry - dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \") - ret=$? - if [ $ret -ne 0 ] ; then - echo "ERROR: check the image reference: ${ref}" >&2 - return $ret - fi - - echo -n "${dgst}" -} - -# -# pull down the image to an OCI layout -# arguments: image ref -# returns: path:tag to the OCI layout -# -# any commands should only output to stderr, so that the caller can receive the -# path reference to the OCI layout. -# -fetch_img() { - local ref="${1}" - local dst="${2}" - local base - local tag - local dgst - local from - local ret - - _mkdir_p "${dst}" - - base="$(parse_img_base "${ref}")" - tag="$(parse_img_tag "${ref}")" - dgst="$(parse_img_digest "${ref}")" - from="" - # skopeo currently only support _either_ tag _or_ digest, so we'll be specific. - if [ -n "${dgst}" ] ; then - from="$(ref_prefix "${base}")@${dgst}" - else - from="$(ref_prefix "${base}"):${tag}" - fi - - ## TODO: check for authfile, creds, and whether it's an insecure registry - ## destination name must have the image tag included (umoci expects it) - skopeo \ - copy \ - "${from}" \ - "oci:${dst}:${tag}" >&2 - ret=$? - if [ ${ret} -ne 0 ] ; then - return ${ret} - fi - echo -n "${dst}:${tag}" -} - # # upack_img # @@ -437,21 +365,6 @@ unpack_img_umoci() { return $ret } -# -# copy an image from one location to another -# -push_img() { - local src="${1}" - local dst="${2}" - - _debug "pushing image ${src} to ${dst}" - ## TODO: check for authfile, creds, and whether it's an insecure registry - skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only - #skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" - ret=$? - return $ret -} - # # sets up a basic new OCI layout, for an image with the provided (or default 'latest') tag # @@ -851,7 +764,7 @@ sourcedriver_rpm_fetch() { rpm=${srcrpm%*.src.rpm} if [ ! -f "${out_dir}/${srcrpm}" ] ; then _debug "--> fetching ${srcrpm}" - _rpm_download \ + dnf download \ --quiet \ --installroot "${rootfs}" \ --release "${release}" \ @@ -1268,7 +1181,6 @@ main() { # TODO maybe look to a directory like /usr/libexec/BuildSourceImage/drivers/ for drop-ins to run _info "succesfully packed 'oci:${src_img_dir}:${src_img_tag}'" - _debug "$(skopeo inspect oci:"${src_img_dir}":"${src_img_tag}")" ## if an output directory is provided then save a copy to it if [ -n "${output_dir}" ] ; then diff --git a/BuildSourceImage.spec b/BuildSourceImage.spec deleted file mode 100644 index 879399e..0000000 --- a/BuildSourceImage.spec +++ /dev/null @@ -1,43 +0,0 @@ -Name: BuildSourceImage -Version: 0.2 -Release: 1%{?dist} -Summary: Container Source Image tool - -Group: containers -License: GPLv2 -URL: https://github.com/containers/BuildSourceImage -Source0: BuildSourceImage.sh - -#BuildRequires: -Requires: jq -Requires: skopeo -Requires: findutils -Requires: file -%if 0%{?rhel} > 6 -Requires: yum-utils -%else -Requires: dnf-command(download) -%endif - -%description -%{summary}. - -%prep - - -%build - - -%install -%{__mkdir_p} %{buildroot}/%{_bindir} -%{__install} -T -m 0755 ${RPM_SOURCE_DIR}/BuildSourceImage.sh %{buildroot}/%{_bindir}/BuildSourceImage - - -%files -%doc ${RPM_SOURCE_DIR}/LICENSE ${RPM_SOURCE_DIR}/README.md -%{_bindir}/BuildSourceImage - - - -%changelog - diff --git a/Makefile b/Makefile index f8b4969..c38791d 100644 --- a/Makefile +++ b/Makefile @@ -1,29 +1,14 @@ -pkgname := BuildSourceImage -CTR_IMAGE := localhost/containers/buildsourceimage -CTR_ENGINE ?= podman -BATS_OPTS ?= -cleanfiles = +SRC := ./BuildSourceImage.sh +CTR_IMAGE := localhost/containers/buildsourceimage +CTR_ENGINE ?= podman +BATS_OPTS ?= +cleanfiles = # these are packages whose src.rpms are very small -srpm_urls = \ +srpm_urls = \ https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/basesystem-10.0-7.el7.centos.src.rpm \ https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/rootfiles-8.1-11.el7.src.rpm \ https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/centos-bookmarks-7-1.el7.src.rpm -srpms = $(addprefix ./.testprep/srpms/,$(notdir $(rpms))) - -spec ?= $(pkgname).spec -pwd := $(shell pwd) -NAME := $(shell rpmspec -q --qf "%{name}" $(spec)) -VERSION := $(shell rpmspec -q --qf "%{version}" $(spec)) -RELEASE := $(shell rpmspec -q --qf "%{release}" $(spec)) -ARCH := $(shell rpmspec -q --qf "%{arch}" $(spec)) -NVR := $(NAME)-$(VERSION)-$(RELEASE) -outdir ?= $(pwd) - -SHELL_SRC := ./BuildSourceImage.sh -DIST_FILES := \ - $(SHELL_SRC) \ - LICENSE \ - README.md +srpms = $(addprefix ./.testprep/srpms/,$(notdir $(rpms))) export CTR_IMAGE export CTR_ENGINE @@ -33,13 +18,13 @@ all: validate validate: .validate cleanfiles += .validate -.validate: $(SHELL_SRC) - shellcheck $(SHELL_SRC) && touch $@ +.validate: $(SRC) + shellcheck $(SRC) && touch $@ build-container: .build-container cleanfiles += .build-container -.build-container: .validate Dockerfile $(SHELL_SRC) +.build-container: .validate Dockerfile $(SRC) @echo @echo "==> Building BuildSourceImage Container" $(CTR_ENGINE) build --quiet --file Dockerfile --tag $(CTR_IMAGE) . && touch $@ @@ -56,34 +41,6 @@ test-integration: .build-container .testprep @echo "==> Running integration tests" TMPDIR=$(realpath .testprep/tmp) bats $(BATS_OPTS) test/ -.PHONY: srpm -srpm: $(NVR).src.rpm - @echo $^ - -cleanfiles += $(NVR).src.rpm -$(NVR).src.rpm: $(spec) $(DIST_FILES) - rpmbuild \ - --define '_sourcedir $(pwd)' \ - --define '_specdir $(pwd)' \ - --define '_builddir $(pwd)' \ - --define '_srcrpmdir $(outdir)' \ - --define '_rpmdir $(outdir)' \ - --nodeps \ - -bs ./$(spec) - -.PHONY: rpm -rpm: $(ARCH)/$(NVR).$(ARCH).rpm - @echo $^ - -cleanfiles += $(ARCH)/$(NVR).$(ARCH).rpm -$(ARCH)/$(NVR).$(ARCH).rpm: $(spec) $(DIST_FILES) - rpmbuild \ - --define '_sourcedir $(pwd)' \ - --define '_specdir $(pwd)' \ - --define '_builddir $(pwd)' \ - --define '_srcrpmdir $(outdir)' \ - --define '_rpmdir $(outdir)' \ - -bb ./$(spec) clean: if [ -n "$(cleanfiles)" ] ; then rm -rf $(cleanfiles) ; fi diff --git a/README.md b/README.md index da5e1a0..6fdb4ed 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ [![Build Status](https://travis-ci.org/containers/BuildSourceImage.svg?branch=master)](https://travis-ci.org/containers/BuildSourceImage) -[![Container Image Repository on Quay](https://quay.io/repository/ctrs/bsi/status "Container Image Repository on Quay")](https://quay.io/repository/ctrs/bsi) +[![Container Image Repository on Quay](https://quay.io/repository/vbatts/bsi/status "Container Image Repository on Quay")](https://quay.io/repository/vbatts/bsi) # BuildSourceImage @@ -32,8 +32,9 @@ Usage: BuildSourceImage.sh [-D] [-b ] [-c ] [-e ] [-r ] Nicely usable inside a container: ```bash +$> podman build -t containers/buildsourceimage . $> mkdir ./output/ -$> podman run -it -v $(pwd)/output/:/output/ -v $(pwd)/SRCRPMS/:/data/ -u $(id -u) quay.io/ctrs/bsi -s /data/ -o /output/ +$> podman run -it -v $(pwd)/output/:/output/ -v $(pwd)/SRCRPMS/:/data/ -u $(id -u) containers/buildsourceimage -s /data/ ``` ## Examples diff --git a/relocate.sh b/relocate.sh new file mode 100644 index 0000000..8d52a87 --- /dev/null +++ b/relocate.sh @@ -0,0 +1,108 @@ +#!/bin/bash + +## depracted code for moving containers (what skopeo does) + +# +# copy an image from one location to another +# +push_img() { + local src="${1}" + local dst="${2}" + + _debug "pushing image ${src} to ${dst}" + ## TODO: check for authfile, creds, and whether it's an insecure registry + skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only + #skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" + ret=$? + return $ret +} + + +# +# call out to registry for the image reference's digest checksum +# +fetch_img_digest() { + local ref="${1}" + local dgst + local ret + + ## TODO: check for authfile, creds, and whether it's an insecure registry + dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \") + ret=$? + if [ $ret -ne 0 ] ; then + echo "ERROR: check the image reference: ${ref}" >&2 + return $ret + fi + + echo -n "${dgst}" +} + + +# +# an inline prefixer for containers/image tools +# +ref_prefix() { + local ref="${1}" + local pfxs + local ret + + # get the supported prefixes of the current version of skopeo + mapfile -t pfxs < <(skopeo copy --help | grep -A1 "Supported transports:" | grep -v "Supported transports" | sed 's/, /\n/g') + ret=$? + if [ ${ret} -ne 0 ] ; then + return ${ret} + fi + + for pfx in "${pfxs[@]}" ; do + if echo "${ref}" | grep -q "^${pfx}:" ; then + # break if we match a known prefix + echo "${ref}" + return 0 + fi + done + # else default + echo "docker://${ref}" +} + +# +# pull down the image to an OCI layout +# arguments: image ref +# returns: path:tag to the OCI layout +# +# any commands should only output to stderr, so that the caller can receive the +# path reference to the OCI layout. +# +fetch_img() { + local ref="${1}" + local dst="${2}" + local base + local tag + local dgst + local from + local ret + + _mkdir_p "${dst}" + + base="$(parse_img_base "${ref}")" + tag="$(parse_img_tag "${ref}")" + dgst="$(parse_img_digest "${ref}")" + from="" + # skopeo currently only support _either_ tag _or_ digest, so we'll be specific. + if [ -n "${dgst}" ] ; then + from="$(ref_prefix "${base}")@${dgst}" + else + from="$(ref_prefix "${base}"):${tag}" + fi + + ## TODO: check for authfile, creds, and whether it's an insecure registry + ## destination name must have the image tag included (umoci expects it) + skopeo \ + copy \ + "${from}" \ + "oci:${dst}:${tag}" >&2 + ret=$? + if [ ${ret} -ne 0 ] ; then + return ${ret} + fi + echo -n "${dst}:${tag}" +} \ No newline at end of file