From 4243965ed5575ecc4d0c28b971d4850cadfa69cc Mon Sep 17 00:00:00 2001 From: Luis Sampaio Date: Thu, 10 Nov 2022 15:29:37 -0800 Subject: [PATCH] Update LAT container to support patches This commit adds the necessary tooling and env variables to the LAT container in order to support patch creation. The current patch process that has the option to reuse initramfs and for that we need access to the gpg keys used by LAT to check in and sign the ostree commit, as LAT already builds the image it makes sense to also build the patches in the LAT container. Story: 2008862 Task: 46788 Signed-off-by: Luis Sampaio Change-Id: I1ae93bfe29e8003b64b65eb06d1d1ae65ef94067 --- stx/dockerfiles/stx-lat-tool.Dockerfile | 11 +++++-- stx/lib/stx/stx_control.py | 15 +++++++++ .../stx-lat-tool/configmap/patch.env.sample | 17 ++++++++++ .../stx-lat-tool/templates/configmap.yaml | 7 +++++ .../stx-lat-tool/templates/deployment.yaml | 22 ++++++++----- .../dependency_chart/stx-lat-tool/values.yaml | 31 +++++++++++++------ 6 files changed, 82 insertions(+), 21 deletions(-) create mode 100644 stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/configmap/patch.env.sample create mode 100644 stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/configmap.yaml diff --git a/stx/dockerfiles/stx-lat-tool.Dockerfile b/stx/dockerfiles/stx-lat-tool.Dockerfile index b37d21e9..346f8df4 100644 --- a/stx/dockerfiles/stx-lat-tool.Dockerfile +++ b/stx/dockerfiles/stx-lat-tool.Dockerfile @@ -21,6 +21,7 @@ ARG LAT_BINARY_RESOURCE_PATH=http://mirror.starlingx.cengn.ca/mirror/lat-sdk/lat # Install necessary packages RUN apt-get -y update && apt-get --no-install-recommends -y install \ python3 \ + python3-pip \ xz-utils \ file \ bzip2 \ @@ -28,10 +29,15 @@ RUN apt-get -y update && apt-get --no-install-recommends -y install \ tini \ wget \ locales-all \ - python3-yaml && \ + python3-yaml \ + rsync \ + cpio \ + vim \ + && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* && \ - mkdir -p /opt/LAT/SDK + mkdir -p /opt/LAT/SDK && \ + pip3 install pycryptodomex requests_toolbelt # Insert pubkey of the package repository COPY stx/toCOPY/builder/pubkey.rsa /opt/LAT/ @@ -56,7 +62,6 @@ RUN sed -i 's/linux-image-amd64/linux-image-5.10.0-6-amd64-unsigned/g' /opt/LAT/ RUN sed -i 's/Wind River Linux Graphics development .* ostree/StarlingX ostree/g' /opt/LAT/SDK/sysroots/corei7-64-wrs-linux/boot/efi/EFI/BOOT/grub.cfg # Add vimrc -RUN mkdir /etc/vim COPY stx/toCOPY/common/vimrc.local /etc/vim/vimrc.local RUN chmod 0644 /etc/vim/vimrc.local diff --git a/stx/lib/stx/stx_control.py b/stx/lib/stx/stx_control.py index 5782d735..76e2552b 100644 --- a/stx/lib/stx/stx_control.py +++ b/stx/lib/stx/stx_control.py @@ -17,6 +17,7 @@ import getpass import logging import os +import shutil import subprocess import sys import time @@ -188,6 +189,20 @@ stx-pkgbuilder/configmap/') with open(localrc, "w") as wf: wf.write(message) + # Update LAT configmap for patching + lat_configmap_dir = os.path.join(self.abs_helmchartdir, + 'dependency_chart/stx-lat-tool/configmap/') + patch_env_sample = os.path.join(lat_configmap_dir, 'patch.env.sample') + patch_env = os.path.join(lat_configmap_dir, 'stx-patch-env.sh') + + with open(patch_env_sample, "r") as rf: + message = rf.read() + message = message.replace("@PROJECT@", projectname) + message = message.replace("@MYUNAME@", builder_myuname) + + with open(patch_env, "w") as wf: + wf.write(message) + # Copy stx-localrc file of builder container to pkgbuilder cmd = 'cp -f %s %s' % (localrc, pkgbuilder_configmap_dir) os.system(cmd) diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/configmap/patch.env.sample b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/configmap/patch.env.sample new file mode 100644 index 00000000..849a011f --- /dev/null +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/configmap/patch.env.sample @@ -0,0 +1,17 @@ +# Patch environment variables +LOCALDISK="/localdisk" + +export PROJECT=@PROJECT@ +export MYUNAME=@MYUNAME@ + +export MY_BUILD_PKG_DIR=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/ +export MY_WORKSPACE=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/ +export MY_LOCAL_DISK=${LOCALDISK}/designer/$MYUNAME +export MY_REPO_ROOT_DIR=$MY_LOCAL_DISK/$PROJECT +export MY_REPO=$MY_REPO_ROOT_DIR/cgcs-root +export MY_BUILD_TOOLS_DIR=$MY_REPO/build-tools +export PATCH_TOOLS=${MY_REPO}/stx/update/sw-patch/cgcs-patch/cgcs_make_patch +export STX_BUILD_HOME="/" +export DEPLOY_DIR=${LOCALDISK}/deploy + +export PATH=$PATH:$MY_BUILD_TOOLS_DIR:/opt/LAT/SDK/sysroots/x86_64-wrlinuxsdk-linux/usr/bin \ No newline at end of file diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/configmap.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/configmap.yaml new file mode 100644 index 00000000..79cf59df --- /dev/null +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/configmap.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.volumes.patchConfig.configMapName }} +data: +{{ (.Files.Glob "configmap/stx*").AsConfig | indent 2 }} \ No newline at end of file diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml index e8abed0a..a3c13419 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/templates/deployment.yaml @@ -35,10 +35,13 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} tty: true volumeMounts: - - name: {{ .Values.volumes.name }} - mountPath: {{ .Values.volumeMounts.mountPath }} - - name: {{ .Values.volumes.entropyname }} - mountPath: {{ .Values.volumeMounts.entropymountPath }} + - name: {{ .Values.volumeMounts.workspace.name }} + mountPath: {{ .Values.volumeMounts.workspace.mountPath }} + - name: {{ .Values.volumeMounts.entropy.name }} + mountPath: {{ .Values.volumeMounts.entropy.mountPath }} + - name: {{ .Values.volumeMounts.patchConfig.name }} + mountPath: {{ .Values.volumeMounts.patchConfig.mountPath }} + subPath: {{ .Values.volumeMounts.patchConfig.subPath }} resources: {{- toYaml .Values.resources | nindent 12 }} @@ -47,12 +50,15 @@ spec: {{- toYaml .Values.dnsConfig | nindent 8 }} volumes: - - name: {{ .Values.volumes.name }} + - name: {{ .Values.volumes.workspace.name }} hostPath: - path: {{ .Values.global.hostDir }}{{ .Values.volumes.hostPath.path }} - - name: {{ .Values.volumes.entropyname }} + path: {{ .Values.global.hostDir }}{{ .Values.volumes.workspace.hostPath.path }} + - name: {{ .Values.volumes.entropy.name }} hostPath: - path: {{ .Values.volumes.entropyhostPath.path }} + path: {{ .Values.volumes.entropy.hostPath.path }} + - name: {{ .Values.volumes.patchConfig.name }} + configMap: + name: {{ .Values.volumes.patchConfig.configMapName }} {{- with .Values.nodeSelector }} diff --git a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml index 974633f4..8527884d 100644 --- a/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml +++ b/stx/stx-build-tools-chart/stx-builder/dependency_chart/stx-lat-tool/values.yaml @@ -12,18 +12,29 @@ image: tag: "v0.1.0" volumeMounts: - name: latd-shared-workspace - mountPath: /localdisk - entropyname: entropy-device - entropymountPath: /dev/random + workspace: + name: latd-shared-workspace + mountPath: /localdisk + entropy: + name: entropy-device + mountPath: /dev/random + patchConfig: + name: patch-env + mountPath: /etc/profile.d/stx-patch-env.sh + subPath: stx-patch-env.sh volumes: - name: latd-shared-workspace - hostPath: - path: /localdisk - entropyname: entropydevice - entropyhostPath: - path: /dev/urandom + workspace: + name: latd-shared-workspace + hostPath: + path: /localdisk + entropy: + name: entropy-device + hostPath: + path: /dev/urandom + patchConfig: + name: patch-env + configMapName: lat-patch imagePullSecrets: [] nameOverride: ""