From 0ce6fd7f3ce6619594736449163e263aabc659b7 Mon Sep 17 00:00:00 2001 From: Manfred Touron Date: Thu, 18 Dec 2014 10:03:01 +0000 Subject: [PATCH] Ported scripts to the docker-based builder (Fixes #2) --- .gitignore | 4 +- Dockerfile | 63 ++++++++++++++++++++++++++++ Makefile | 15 +++++++ build | 85 -------------------------------------- lib.sh | 118 ----------------------------------------------------- 5 files changed, 81 insertions(+), 204 deletions(-) create mode 100644 Dockerfile create mode 100644 Makefile delete mode 100755 build delete mode 100644 lib.sh diff --git a/.gitignore b/.gitignore index e8eb52f..7894662 100644 --- a/.gitignore +++ b/.gitignore @@ -7,4 +7,6 @@ source.tar.xz sd*.raw* rootfs* */*.tar -*/*.built \ No newline at end of file +*/*.built +.docker-container.built +docker-rules.mk diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..63c905d --- /dev/null +++ b/Dockerfile @@ -0,0 +1,63 @@ +## -*- docker-image-name: "armbuild/ocs-distrib-archlinux:2014-12-02" -*- +FROM armbuild/archlinux-disk:2014-12-02 +MAINTAINER Online Labs + + +# Environment +ENV OCS_BASE_IMAGE armbuild/ocs-archlinux:2014-12-02 + + +# Install packages +RUN pacman -Sy --noconfirm \ + cronie \ + curl \ + dhcpcd \ + iptables \ + less \ + man \ + mg \ + nano \ + nbd \ + ntp \ + openssh \ + vim \ + wget + + +# sudo umount $TARGET/{sys,dev,proc} || true +# sudo mount -t proc proc $TARGET/proc +# sudo mount -t sysfs sys $TARGET/sys +# sudo mount -o bind /dev $TARGET/dev +# do_in_target 'sed s/root:[^:]\+:/root:x:/ -i /etc/shadow' +# sudo mkdir -p $TARGET/run/systemd/resolve +# sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf +# do_in_target 'curl https://raw.githubusercontent.com/online-labs/ocs-scripts/master/upgrade_root.bash | bash' +# patch_target archlinux/patches +# sudo mkdir -p $TARGET/root/.ssh +# sudo cp -va /root/.ssh/authorized_keys $TARGET/root/.ssh +# echo $LOCALES | sed 's/,/\n/' | while read loc; do +# do_in_target "sed -e s/^\#${loc}/${loc}/ -i /etc/locale.gen" +# done +# do_in_target locale-gen +# do_in_target "systemctl enable sshd.service" +# do_in_target "systemctl disable getty@tty1.service" +# do_in_target "systemctl enable serial-getty@ttyS0.service" +# sudo rm -f $TARGET/run/systemd/resolve/resolv.conf +# sudo umount $TARGET/{sys,dev,proc} || true +# sudo umount $TARGET/{sys,dev,proc} || true +# sudo mount -t proc proc $TARGET/proc +# sudo mount -t sysfs sys $TARGET/sys +# sudo mount -o bind /dev $TARGET/dev +# sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf +# do_in_target "pacman --noconfirm -Suy" +# sudo rm -f $TARGET/run/systemd/resolve/resolv.conf + + +# Patch rootfs +RUN wget -qO - http://j.mp/ocs-scripts | bash +ADD ./patches/etc/ /etc/ + + +# TEMPORARY DEBUG ACCESS +RUN echo root:toor2 | chpasswd +RUN umask 077; mkdir /root/.ssh; echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApvPvDbWDY50Lsx4WyUInw407379iERte63OTTNae6+JgAeYsn52Z43Oeks/2qC0gxweq+sRY9ccqhfReie+r+mvl756T4G8lxX1ND8m6lZ9kM30Rvk0piZn3scF45spmLNzCNXza/Hagxy53P82ej2vq2ewXtjVdvW20G3cMHVLkcdgKJN+2s+UkSYlASW6enUj3no+bukT+6M8lJtlT0/0mZtnBRJtqCCvF0cm9xU0uxILrhIfdYAJ1XqaoqIQLFSDLVo5lILMzDNwV+CfAotRMWIKvWomCszhVQYHCQo2Z+b2Gs0TL4DRb23fRMdeaRufnVhh5ZMlNkb2ajaL6sw== m" >> /root/.ssh/authorized_keys ; echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYQAd3JDHyDnlojqmKlVgoHYEawYKS6NIq1y81PauHPn6v8lHGSjEkcPhl1kf39+dze/NmoLEGowyjpYH6Tc7XJ1z4FQDtgdAMCL5n+cBwd1H1MFAIbFJAtLsno5HUIbO6fhUKx6nKrdUodakPS7yBiCLDUT7uuxX12WhtJAJUlNJj9Cd3o2kWYYfF12AVA0dfT8Rzsbr5JA2IRlrasyisDJxQQ00T6SWEVaJRwPFK7Ipcrqrw+XeYOAeq2Mx8/25ybsbwjXaP6N+R6xCD7Wq0JoiYpzx/qE0lD3JQShQNYPbYfYkKWoVwibKk/W3Xy1QtrPdwUXET+0SssqDxdGHt" >> /root/.ssh/authorized_keys diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..71ff971 --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +DOCKER_NAMESPACE = armbuild/ +NAME = ocs-distrib-archlinux +VERSION = 2014-12-02 +VERSION_ALIASES = latest +TITLE = Archlinux +DESCRIPTION = Archlinux latest +SOURCE_URL = https://github.com/online-labs/image-archlinux + + +## Image tools (https://github.com/online-labs/image-tools) +all: docker-rules.mk +docker-rules.mk: + wget -qO - http://j.mp/image-tools | bash +-include docker-rules.mk +## Below you can add custom makefile commands and overrides diff --git a/build b/build deleted file mode 100755 index 75997b7..0000000 --- a/build +++ /dev/null @@ -1,85 +0,0 @@ -#!/bin/bash - -. ./lib.sh # Include library - -# Image -DISTRIB="archlinux" -ARCH=${ARCH:-"armhf"} -TARGET=${TARGET:-"rootfs-target"} -CLEAN_PATHS="/root/.bash_history /root/.history /etc/resolv.conf /etc/ssh/*_key*" -PKGS_INCLUDE=${PKGS_INCLUDE:-"cronie,curl,iptables,dhcpcd,less,man,nano,nbd,ntp,openssh,wget,vim"} -# MIRROR=${MIRROR:-"http://mirror.cloud.online.net/ubuntu-ports/"} -VERSION=${VERSION:-"latest"} -LOCALES="en_US.UTF-8,fr_FR.UTF-8" -S3_URL=s3://test-images/archlinux/ - -# Required -NAME=${NAME:-"rootfs-$ARCH-$DISTRIB"} -build_image() { - # TODO Mirror - sudo wget -O source.tar.gz \ - http://os.archlinuxarm.org/os/ArchLinuxARM-armv7-$VERSION.tar.gz - sudo mkdir -p "$TARGET" - sudo tar -C "$TARGET" -xzf source.tar.gz -} - -patch_image() { - # prepare chroot - sudo umount $TARGET/{sys,dev,proc} || true - sudo mount -t proc proc $TARGET/proc - sudo mount -t sysfs sys $TARGET/sys - sudo mount -o bind /dev $TARGET/dev - do_in_target 'sed s/root:[^:]\+:/root:x:/ -i /etc/shadow' - sudo mkdir -p $TARGET/run/systemd/resolve - sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf - - do_in_target 'curl https://raw.githubusercontent.com/online-labs/ocs-scripts/master/upgrade_root.bash | bash' - patch_target archlinux/patches - - # TODO Get ssh keys from config - sudo mkdir -p $TARGET/root/.ssh - sudo cp -va /root/.ssh/authorized_keys $TARGET/root/.ssh - - echo $LOCALES | sed 's/,/\n/' | while read loc; do - do_in_target "sed -e s/^\#${loc}/${loc}/ -i /etc/locale.gen" - done - do_in_target locale-gen - - pkgs_pacman=`echo $PKGS_INCLUDE | tr ',' ' '` - do_in_target "pacman -Sy --noconfirm $pkgs_pacman" - do_in_target "systemctl enable sshd.service" - - # tty settings - do_in_target "systemctl disable getty@tty1.service" - do_in_target "systemctl enable serial-getty@ttyS0.service" - - # clean chroot - sudo rm -f $TARGET/run/systemd/resolve/resolv.conf - sudo umount $TARGET/{sys,dev,proc} || true -} - -upgrade_image() { - sudo umount $TARGET/{sys,dev,proc} || true - sudo mount -t proc proc $TARGET/proc - sudo mount -t sysfs sys $TARGET/sys - sudo mount -o bind /dev $TARGET/dev - - sudo cp /etc/resolv.conf $TARGET/run/systemd/resolve/resolv.conf - - do_in_target "pacman --noconfirm -Suy" - - sudo rm -f $TARGET/run/systemd/resolve/resolv.conf - - sudo umount $TARGET/{sys,dev,proc} || true -} - -clean_image() { - # FIXME: clean package achives - clean_target $CLEAN_PATHS - # FIXME: reload package index -} - - -if [ "${1}" != "--source-only" ]; then - cli $@ -fi diff --git a/lib.sh b/lib.sh deleted file mode 100644 index 9f22d89..0000000 --- a/lib.sh +++ /dev/null @@ -1,118 +0,0 @@ -# Declares helpers for image building - -set -e -[ "$DEBUG" = "1" ] && set -x - - -prepare_nbd_volume() { - device=$1 - if ! `mountpoint -q "$TARGET"`; then - sudo mkfs.ext4 "$device" - sudo mkdir -p "$TARGET.device" - sudo mount "$device" "$TARGET.device" - rsync -aHAX "$TARGET/" "$TARGET.device" - fi -} - -require_debootstrap() { - type -P debootstrap >/dev/null && return - sudo apt-get update - sudo apt-get -y install debootstrap -} - -clean_workspace() { - sudo rm -rf $TARGET/* $TARGET/.??* -} - -debootstrap() { - if [ ! -d "$TARGET.debootstrap" ]; then - sudo debootstrap \ - --arch="$ARCH" \ - --variant="$VARIANT" \ - --components="$COMPONENTS" \ - --include="$PKGS_INCLUDE" \ - "$VERSION" \ - "$TARGET.debootstrap" \ - "$MIRROR" \ - "$SCRIPT" - fi - rsync -aHAX "$TARGET.debootstrap/" "$TARGET/" -} - -upgrade_debs() { - do_in_target "apt-get update" - do_in_target "apt-get -y upgrade" -} - -secondstage() { - # This step could be done directly by removing - # do_in_target /debootstrap/debootstrap --second-stage - echo "Not needed anymore (removed the --foreign option)" -} - -patch_target() { - patches_dir=../$1 - for file in $(find "$patches_dir" -type f | sed -n "s|^$patches_dir/||p"); do - sudo mkdir -p "$TARGET/$(dirname $file)" - sudo cp "$patches_dir/$file" "$TARGET/$file" - done -} - -clean_target() { - clean_paths="$@" - for path in $clean_paths; do - if [ -e "$TARGET/$path" ]; then - sudo rm -rf "$TARGET/$path" - fi - done - for file in $(find "$TARGET/var/log" -type f); do - echo | sudo tee $file - done - find "$TARGET" \( -name "*~" -or -name ".??*~" -or -name "#*#" -or -name ".#*" \) -delete -} - -archive_target() { - sudo tar -C "$TARGET" -czf "$NAME.tar.gz" . -} - -do_in_target() { - sudo chroot "$TARGET" su - root -c "$@" -} - -push_to_s3() { - edit_date=$(stat -c %Y "$TARGET") - s3cmd put --acl-public "$NAME.tar.gz" "$S3_URL/$NAME-${edit_date}.tar.gz" - s3cmd put --acl-public "$NAME.tar.gz" "$S3_URL/$NAME-latest.tar.gz" - s3cmd ls "s3://rescue-images/rescue/" - # s3cmd cp --acl-public "s3://rescue-images/rescue/$NAME-${edit_date}.tar.gz" "s3://rescue-images/rescue/$NAME-latest.tar.gz" -} - -cli() { - case $1 in - "tarball") - build_image - patch_image - upgrade_image - clean_image - archive_target - push_to_s3 - exit 0 - ;; - "image") - NBD_DEVICE=${2:-"/dev/nbd1"} - build_image - patch_image - upgrade_image - clean_image - prepare_nbd_volume $NBD_DEVICE - sync - exit 0 - ;; - "build_image"|"patch_image"|"archive_target"|"prepare_nbd_volume"|"upgrade_image"|"clean_image"|"push_to_s3") - eval $@ - exit 0 - ;; - esac - echo >&2 "usage: [DEBUG=1] $0 (tarball|image)" - exit 1 -}