vbatts/containers-bsi
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: vbatts:master
Branches Tags
vbatts:master
vbatts:split_out_skopeo
vbatts:build_subcommand
vbatts:traps
vbatts:v0.1.0
..
compare: vbatts:split_out_skopeo
Branches Tags
vbatts:split_out_skopeo
vbatts:build_subcommand
vbatts:master
vbatts:traps
vbatts:v0.1.0

1 commit
master ... split_out_

Author SHA1 Message Date
Vincent Batts
906951f906 WIP 2019-11-11 14:37:18 +00:00
7 changed files with 124 additions and 192 deletions
Show stats Expand all files Collapse all files

1
.copr/Makefile
View file

@ -1 +0,0 @@
../Makefile

2
.gitignore vendored
View file

@ -2,5 +2,3 @@
.build-container .build-container
.testprep .testprep
.validate .validate
*.rpm
x86_64/

94
BuildSourceImage.sh
View file

@ -16,8 +16,6 @@ _usage() {
_version _version
echo "Usage: $(basename "$0") [-D] [-b <path>] [-c <path>] [-e <path>] [-r <path>] [-o <path>] [-i <image>] [-p <image>] [-l] [-d <drivers>]" echo "Usage: $(basename "$0") [-D] [-b <path>] [-c <path>] [-e <path>] [-r <path>] [-o <path>] [-i <image>] [-p <image>] [-l] [-d <drivers>]"
echo "" echo ""
echo " Container Source Image tool"
echo ""
echo -e " -b <path>\tbase path for source image builds" echo -e " -b <path>\tbase path for source image builds"
echo -e " -c <path>\tbuild context for the container image. Can be provided via CONTEXT_DIR env variable" echo -e " -c <path>\tbuild context for the container image. Can be provided via CONTEXT_DIR env variable"
echo -e " -e <path>\textra src for the container image. Can be provided via EXTRA_SRC_DIR env variable" echo -e " -e <path>\textra src for the container image. Can be provided via EXTRA_SRC_DIR env variable"
@ -41,7 +39,7 @@ _init() {
set -o pipefail set -o pipefail
# check for tools we depend on # check for tools we depend on
for cmd in jq skopeo dnf file find tar stat date ; do for cmd in jq dnf file find tar stat date ; do
if [ -z "$(command -v ${cmd})" ] ; then if [ -z "$(command -v ${cmd})" ] ; then
# TODO: maybe this could be individual checks so it can report # TODO: maybe this could be individual checks so it can report
# where to find the tools # where to find the tools
@ -130,14 +128,6 @@ _tar() {
fi fi
} }
_rpm_download() {
if [ "$(command -v yumdownloader)" != "" ] ; then
yumdownloader "${@}"
else
dnf download "${@}"
fi
}
# output things, only when $DEBUG is set # output things, only when $DEBUG is set
_debug() { _debug() {
if [ -n "${DEBUG}" ] ; then if [ -n "${DEBUG}" ] ; then
@ -219,7 +209,7 @@ parse_img_tag() {
# #
# an inline prefixer for containers/image tools # an inline prefixer for containers/image tools
# # XXX redo this to only validate for 'oci:...', otherwise bail
ref_prefix() { ref_prefix() {
local ref="${1}" local ref="${1}"
local pfxs local pfxs
@ -253,68 +243,6 @@ ref_src_img_tag() {
echo -n "$(parse_img_tag "${ref}")""${source_image_suffix}" echo -n "$(parse_img_tag "${ref}")""${source_image_suffix}"
} }
#
# call out to registry for the image reference's digest checksum
#
fetch_img_digest() {
local ref="${1}"
local dgst
local ret
## TODO: check for authfile, creds, and whether it's an insecure registry
dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \")
ret=$?
if [ $ret -ne 0 ] ; then
echo "ERROR: check the image reference: ${ref}" >&2
return $ret
fi
echo -n "${dgst}"
}
#
# pull down the image to an OCI layout
# arguments: image ref
# returns: path:tag to the OCI layout
#
# any commands should only output to stderr, so that the caller can receive the
# path reference to the OCI layout.
#
fetch_img() {
local ref="${1}"
local dst="${2}"
local base
local tag
local dgst
local from
local ret
_mkdir_p "${dst}"
base="$(parse_img_base "${ref}")"
tag="$(parse_img_tag "${ref}")"
dgst="$(parse_img_digest "${ref}")"
from=""
# skopeo currently only support _either_ tag _or_ digest, so we'll be specific.
if [ -n "${dgst}" ] ; then
from="$(ref_prefix "${base}")@${dgst}"
else
from="$(ref_prefix "${base}"):${tag}"
fi
## TODO: check for authfile, creds, and whether it's an insecure registry
## destination name must have the image tag included (umoci expects it)
skopeo \
copy \
"${from}" \
"oci:${dst}:${tag}" >&2
ret=$?
if [ ${ret} -ne 0 ] ; then
return ${ret}
fi
echo -n "${dst}:${tag}"
}
# #
# upack_img <oci layout path> <unpack path> # upack_img <oci layout path> <unpack path>
# #
@ -437,21 +365,6 @@ unpack_img_umoci() {
return $ret return $ret
} }
#
# copy an image from one location to another
#
push_img() {
local src="${1}"
local dst="${2}"
_debug "pushing image ${src} to ${dst}"
## TODO: check for authfile, creds, and whether it's an insecure registry
skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only
#skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")"
ret=$?
return $ret
}
# #
# sets up a basic new OCI layout, for an image with the provided (or default 'latest') tag # sets up a basic new OCI layout, for an image with the provided (or default 'latest') tag
# #
@ -851,7 +764,7 @@ sourcedriver_rpm_fetch() {
rpm=${srcrpm%*.src.rpm} rpm=${srcrpm%*.src.rpm}
if [ ! -f "${out_dir}/${srcrpm}" ] ; then if [ ! -f "${out_dir}/${srcrpm}" ] ; then
_debug "--> fetching ${srcrpm}" _debug "--> fetching ${srcrpm}"
_rpm_download \ dnf download \
--quiet \ --quiet \
--installroot "${rootfs}" \ --installroot "${rootfs}" \
--release "${release}" \ --release "${release}" \
@ -1268,7 +1181,6 @@ main() {
# TODO maybe look to a directory like /usr/libexec/BuildSourceImage/drivers/ for drop-ins to run # TODO maybe look to a directory like /usr/libexec/BuildSourceImage/drivers/ for drop-ins to run
_info "succesfully packed 'oci:${src_img_dir}:${src_img_tag}'" _info "succesfully packed 'oci:${src_img_dir}:${src_img_tag}'"
_debug "$(skopeo inspect oci:"${src_img_dir}":"${src_img_tag}")"
## if an output directory is provided then save a copy to it ## if an output directory is provided then save a copy to it
if [ -n "${output_dir}" ] ; then if [ -n "${output_dir}" ] ; then

43
BuildSourceImage.spec
View file

@ -1,43 +0,0 @@
Name: BuildSourceImage
Version: 0.2
Release: 1%{?dist}
Summary: Container Source Image tool
Group: containers
License: GPLv2
URL: https://github.com/containers/BuildSourceImage
Source0: BuildSourceImage.sh
#BuildRequires:
Requires: jq
Requires: skopeo
Requires: findutils
Requires: file
%if 0%{?rhel} > 6
Requires: yum-utils
%else
Requires: dnf-command(download)
%endif
%description
%{summary}.
%prep
%build
%install
%{__mkdir_p} %{buildroot}/%{_bindir}
%{__install} -T -m 0755 ${RPM_SOURCE_DIR}/BuildSourceImage.sh %{buildroot}/%{_bindir}/BuildSourceImage
%files
%doc ${RPM_SOURCE_DIR}/LICENSE ${RPM_SOURCE_DIR}/README.md
%{_bindir}/BuildSourceImage
%changelog

63
Makefile
View file

@ -1,29 +1,14 @@
pkgname := BuildSourceImage SRC := ./BuildSourceImage.sh
CTR_IMAGE := localhost/containers/buildsourceimage CTR_IMAGE := localhost/containers/buildsourceimage
CTR_ENGINE ?= podman CTR_ENGINE ?= podman
BATS_OPTS ?= BATS_OPTS ?=
cleanfiles = cleanfiles =
# these are packages whose src.rpms are very small # these are packages whose src.rpms are very small
srpm_urls = \ srpm_urls = \
https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/basesystem-10.0-7.el7.centos.src.rpm \ https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/basesystem-10.0-7.el7.centos.src.rpm \
https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/rootfiles-8.1-11.el7.src.rpm \ https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/rootfiles-8.1-11.el7.src.rpm \
https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/centos-bookmarks-7-1.el7.src.rpm https://archive.kernel.org/centos-vault/7.0.1406/os/Source/SPackages/centos-bookmarks-7-1.el7.src.rpm
srpms = $(addprefix ./.testprep/srpms/,$(notdir $(rpms))) srpms = $(addprefix ./.testprep/srpms/,$(notdir $(rpms)))
spec ?= $(pkgname).spec
pwd := $(shell pwd)
NAME := $(shell rpmspec -q --qf "%{name}" $(spec))
VERSION := $(shell rpmspec -q --qf "%{version}" $(spec))
RELEASE := $(shell rpmspec -q --qf "%{release}" $(spec))
ARCH := $(shell rpmspec -q --qf "%{arch}" $(spec))
NVR := $(NAME)-$(VERSION)-$(RELEASE)
outdir ?= $(pwd)
SHELL_SRC := ./BuildSourceImage.sh
DIST_FILES := \
$(SHELL_SRC) \
LICENSE \
README.md
export CTR_IMAGE export CTR_IMAGE
export CTR_ENGINE export CTR_ENGINE
@ -33,13 +18,13 @@ all: validate
validate: .validate validate: .validate
cleanfiles += .validate cleanfiles += .validate
.validate: $(SHELL_SRC) .validate: $(SRC)
shellcheck $(SHELL_SRC) && touch $@ shellcheck $(SRC) && touch $@
build-container: .build-container build-container: .build-container
cleanfiles += .build-container cleanfiles += .build-container
.build-container: .validate Dockerfile $(SHELL_SRC) .build-container: .validate Dockerfile $(SRC)
@echo @echo
@echo "==> Building BuildSourceImage Container" @echo "==> Building BuildSourceImage Container"
$(CTR_ENGINE) build --quiet --file Dockerfile --tag $(CTR_IMAGE) . && touch $@ $(CTR_ENGINE) build --quiet --file Dockerfile --tag $(CTR_IMAGE) . && touch $@
@ -56,34 +41,6 @@ test-integration: .build-container .testprep
@echo "==> Running integration tests" @echo "==> Running integration tests"
TMPDIR=$(realpath .testprep/tmp) bats $(BATS_OPTS) test/ TMPDIR=$(realpath .testprep/tmp) bats $(BATS_OPTS) test/
.PHONY: srpm
srpm: $(NVR).src.rpm
@echo $^
cleanfiles += $(NVR).src.rpm
$(NVR).src.rpm: $(spec) $(DIST_FILES)
rpmbuild \
--define '_sourcedir $(pwd)' \
--define '_specdir $(pwd)' \
--define '_builddir $(pwd)' \
--define '_srcrpmdir $(outdir)' \
--define '_rpmdir $(outdir)' \
--nodeps \
-bs ./$(spec)
.PHONY: rpm
rpm: $(ARCH)/$(NVR).$(ARCH).rpm
@echo $^
cleanfiles += $(ARCH)/$(NVR).$(ARCH).rpm
$(ARCH)/$(NVR).$(ARCH).rpm: $(spec) $(DIST_FILES)
rpmbuild \
--define '_sourcedir $(pwd)' \
--define '_specdir $(pwd)' \
--define '_builddir $(pwd)' \
--define '_srcrpmdir $(outdir)' \
--define '_rpmdir $(outdir)' \
-bb ./$(spec)
clean: clean:
if [ -n "$(cleanfiles)" ] ; then rm -rf $(cleanfiles) ; fi if [ -n "$(cleanfiles)" ] ; then rm -rf $(cleanfiles) ; fi

5
README.md
View file

@ -1,5 +1,5 @@
[![Build Status](https://travis-ci.org/containers/BuildSourceImage.svg?branch=master)](https://travis-ci.org/containers/BuildSourceImage) [![Build Status](https://travis-ci.org/containers/BuildSourceImage.svg?branch=master)](https://travis-ci.org/containers/BuildSourceImage)
[![Container Image Repository on Quay](https://quay.io/repository/ctrs/bsi/status "Container Image Repository on Quay")](https://quay.io/repository/ctrs/bsi) [![Container Image Repository on Quay](https://quay.io/repository/vbatts/bsi/status "Container Image Repository on Quay")](https://quay.io/repository/vbatts/bsi)
# BuildSourceImage # BuildSourceImage
@ -32,8 +32,9 @@ Usage: BuildSourceImage.sh [-D] [-b <path>] [-c <path>] [-e <path>] [-r <path>]
Nicely usable inside a container: Nicely usable inside a container:
```bash ```bash
$> podman build -t containers/buildsourceimage .
$> mkdir ./output/ $> mkdir ./output/
$> podman run -it -v $(pwd)/output/:/output/ -v $(pwd)/SRCRPMS/:/data/ -u $(id -u) quay.io/ctrs/bsi -s /data/ -o /output/ $> podman run -it -v $(pwd)/output/:/output/ -v $(pwd)/SRCRPMS/:/data/ -u $(id -u) containers/buildsourceimage -s /data/
``` ```
## Examples ## Examples

108
relocate.sh Normal file
View file

@ -0,0 +1,108 @@
#!/bin/bash
## depracted code for moving containers (what skopeo does)
#
# copy an image from one location to another
#
push_img() {
local src="${1}"
local dst="${2}"
_debug "pushing image ${src} to ${dst}"
## TODO: check for authfile, creds, and whether it's an insecure registry
skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only
#skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")"
ret=$?
return $ret
}
#
# call out to registry for the image reference's digest checksum
#
fetch_img_digest() {
local ref="${1}"
local dgst
local ret
## TODO: check for authfile, creds, and whether it's an insecure registry
dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \")
ret=$?
if [ $ret -ne 0 ] ; then
echo "ERROR: check the image reference: ${ref}" >&2
return $ret
fi
echo -n "${dgst}"
}
#
# an inline prefixer for containers/image tools
#
ref_prefix() {
local ref="${1}"
local pfxs
local ret
# get the supported prefixes of the current version of skopeo
mapfile -t pfxs < <(skopeo copy --help | grep -A1 "Supported transports:" | grep -v "Supported transports" | sed 's/, /\n/g')
ret=$?
if [ ${ret} -ne 0 ] ; then
return ${ret}
fi
for pfx in "${pfxs[@]}" ; do
if echo "${ref}" | grep -q "^${pfx}:" ; then
# break if we match a known prefix
echo "${ref}"
return 0
fi
done
# else default
echo "docker://${ref}"
}
#
# pull down the image to an OCI layout
# arguments: image ref
# returns: path:tag to the OCI layout
#
# any commands should only output to stderr, so that the caller can receive the
# path reference to the OCI layout.
#
fetch_img() {
local ref="${1}"
local dst="${2}"
local base
local tag
local dgst
local from
local ret
_mkdir_p "${dst}"
base="$(parse_img_base "${ref}")"
tag="$(parse_img_tag "${ref}")"
dgst="$(parse_img_digest "${ref}")"
from=""
# skopeo currently only support _either_ tag _or_ digest, so we'll be specific.
if [ -n "${dgst}" ] ; then
from="$(ref_prefix "${base}")@${dgst}"
else
from="$(ref_prefix "${base}"):${tag}"
fi
## TODO: check for authfile, creds, and whether it's an insecure registry
## destination name must have the image tag included (umoci expects it)
skopeo \
copy \
"${from}" \
"oci:${dst}:${tag}" >&2
ret=$?
if [ ${ret} -ne 0 ] ; then
return ${ret}
fi
echo -n "${dst}:${tag}"
}