diff --git a/bootstrap_sdk b/bootstrap_sdk index 089141eb1c..2193b8f357 100755 --- a/bootstrap_sdk +++ b/bootstrap_sdk @@ -33,7 +33,7 @@ SCRIPT_ROOT=$(dirname $(readlink -f "$0")) . "${SCRIPT_ROOT}/common.sh" || exit 1 -TYPE="coreos-sdk" +TYPE="flatcar-sdk" . "${BUILD_LIBRARY_DIR}/catalyst.sh" || exit 1 @@ -63,7 +63,7 @@ catalyst_init "$@" check_gsutil_opts if [[ "$STAGES" =~ stage4 ]]; then - info "Setting release to ${COREOS_VERSION}" + info "Setting release to ${FLATCAR_VERSION}" rm -rf "${TEMPDIR}/stage4_overlay" # need to setup the lib->lib64 symlink correctly libdir=$(get_sdk_libdir) diff --git a/build_docker_aci b/build_docker_aci index b62648608a..cdd12dd61a 100755 --- a/build_docker_aci +++ b/build_docker_aci @@ -94,7 +94,7 @@ case "${version}" in "/usr/bin/docker-containerd-shim" "/usr/bin/docker-proxy" "/usr/bin/docker-runc" - "/usr/lib/coreos/dockerd" + "/usr/lib/flatcar/dockerd" ) ebuild_aci_create "users.developer.core-os.net/skim/docker" \ "coreos_docker-${BOARD}-${version}_coreos.${aci_version}" \ diff --git a/build_image b/build_image index ca490b7bc1..8d3632aa65 100755 --- a/build_image +++ b/build_image @@ -166,16 +166,16 @@ fix_mtab if [[ "${CONTAINER}" -eq 1 ]]; then IMAGE_BUILD_TYPE="container" - create_dev_container "${COREOS_DEVELOPER_CONTAINER_NAME}" "${CONTAINER_LAYOUT}" "${FLAGS_group}" ${FLAGS_base_dev_pkg} + create_dev_container "${FLATCAR_DEVELOPER_CONTAINER_NAME}" "${CONTAINER_LAYOUT}" "${FLAGS_group}" ${FLAGS_base_dev_pkg} fi if [[ "${PROD_IMAGE}" -eq 1 ]]; then IMAGE_BUILD_TYPE="prod" - create_prod_image ${COREOS_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group} ${FLAGS_base_pkg} + create_prod_image ${FLATCAR_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group} ${FLAGS_base_pkg} if [[ ${FLAGS_generate_update} -eq ${FLAGS_TRUE} ]]; then - generate_update "${COREOS_PRODUCTION_IMAGE_NAME}" ${DISK_LAYOUT} + generate_update "${FLATCAR_PRODUCTION_IMAGE_NAME}" ${DISK_LAYOUT} elif [[ ${FLAGS_extract_update} -eq ${FLAGS_TRUE} ]]; then - extract_update "${COREOS_PRODUCTION_IMAGE_NAME}" "${DISK_LAYOUT}" + extract_update "${FLATCAR_PRODUCTION_IMAGE_NAME}" "${DISK_LAYOUT}" fi fi @@ -186,15 +186,15 @@ then fi # Write out a version.txt file, this will be used by image_to_vm.sh -split_ver "${COREOS_VERSION_ID}" SPLIT +split_ver "${FLATCAR_VERSION_ID}" SPLIT tee "${BUILD_DIR}/version.txt" <"${BUILD_DIR}/pcrs/kernel.config" fi @@ -564,6 +570,9 @@ EOF if [[ "${install_grub}" -eq 1 ]]; then local target local target_list="i386-pc x86_64-efi x86_64-xen" + if [[ ${BOARD} == "arm64-usr" ]]; then + target_list="arm64-efi" + fi local grub_args=() if [[ ${disable_read_write} -eq ${FLAGS_TRUE} ]]; then grub_args+=(--verity) @@ -587,7 +596,7 @@ EOF if [[ -n "${pcr_policy}" ]]; then ${BUILD_LIBRARY_DIR}/generate_grub_hashes.py \ - "${disk_img}" /usr/lib/grub/ "${BUILD_DIR}/pcrs" ${COREOS_VERSION} + "${disk_img}" /usr/lib/grub/ "${BUILD_DIR}/pcrs" ${FLATCAR_VERSION} info "Generating $pcr_policy" pushd "${BUILD_DIR}" >/dev/null diff --git a/build_library/catalyst.sh b/build_library/catalyst.sh index 6b3f571966..48923f7920 100644 --- a/build_library/catalyst.sh +++ b/build_library/catalyst.sh @@ -12,7 +12,7 @@ : ${TYPE:="coreos-sdk"} : ${ARCH:=$(get_sdk_arch)} : ${DEFAULT_CATALYST_ROOT:="${DEFAULT_BUILD_ROOT}/catalyst"} -: ${DEFAULT_SEED:=${COREOS_SDK_TARBALL_PATH}} +: ${DEFAULT_SEED:=${FLATCAR_SDK_TARBALL_PATH}} : ${DEFAULT_PROFILE:=$(get_sdk_profile)} # Set to something like "stage4" to restrict what to build # FORCE_STAGES= @@ -34,7 +34,7 @@ DEFINE_string coreos_overlay "${SRC_ROOT}/third_party/coreos-overlay" \ "Path to the coreos-overlay git checkout." DEFINE_string seed_tarball "${DEFAULT_SEED}" \ "Path to an existing stage tarball to start from." -DEFINE_string version "${COREOS_VERSION}" \ +DEFINE_string version "${FLATCAR_VERSION}" \ "Version to use for portage snapshot and stage tarballs." DEFINE_string profile "${DEFAULT_PROFILE}" \ "Portage profile, may be prefixed with repo:" @@ -196,7 +196,7 @@ catalyst_init() { DISTDIR="$CATALYST_ROOT/distfiles" # automatically download the current SDK if it is the seed tarball. - if [[ "$FLAGS_seed_tarball" == "${COREOS_SDK_TARBALL_PATH}" ]]; then + if [[ "$FLAGS_seed_tarball" == "${FLATCAR_SDK_TARBALL_PATH}" ]]; then sdk_download_tarball fi diff --git a/build_library/catalyst_toolchains.sh b/build_library/catalyst_toolchains.sh index 2ab4c46dae..f5ef591e5f 100644 --- a/build_library/catalyst_toolchains.sh +++ b/build_library/catalyst_toolchains.sh @@ -35,6 +35,11 @@ build_target_toolchain() { # --root is required because run_merge overrides ROOT= PORTAGE_CONFIGROOT="$ROOT" \ run_merge -u --root="$ROOT" --sysroot="$ROOT" "${TOOLCHAIN_PKGS[@]}" + + export clst_myemergeopts="$( echo "$clst_myemergeopts" | sed -e 's/--newuse//' )" + + PORTAGE_CONFIGROOT="$ROOT" \ + run_merge --root="$ROOT" --sysroot="$ROOT" dev-lang/rust } configure_crossdev_overlay / /tmp/crossdev diff --git a/build_library/check_root b/build_library/check_root index a0d8359028..2efb15e3c4 100755 --- a/build_library/check_root +++ b/build_library/check_root @@ -29,11 +29,39 @@ IGNORE_MISSING = { SonameAtom("x86_64", "libc.so.6")], # RPATHs and symlinks apparently confuse the perl-5.24 package - "dev-lang/perl": [SonameAtom("x86_64", "libperl.so.5.26.2")], - "sys-apps/texinfo": [SonameAtom("x86_64", "libperl.so.5.26")], + "dev-lang/perl": [SonameAtom("arm_64", "libperl.so.5.26.2"), + SonameAtom("x86_64", "libperl.so.5.26.2")], + "dev-perl/XML-Parser": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libexpat.so.1")], + "dev-perl/libintl-perl": [SonameAtom("x86_64", "libc.so.6")], + "dev-util/boost-build": [SonameAtom("x86_64", "libc.so.6")], + "net-dns/dnsmasq": [SonameAtom("x86_64", "libc.so.6")], + "sys-apps/texinfo": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libperl.so.5.26")], # https://bugs.gentoo.org/show_bug.cgi?id=554582 - "net-firewall/ebtables": [SonameAtom("x86_64", "libebt_802_3.so"), + "net-firewall/ebtables": [SonameAtom("arm_64", "libebt_802_3.so"), + SonameAtom("arm_64", "libebt_among.so"), + SonameAtom("arm_64", "libebt_arp.so"), + SonameAtom("arm_64", "libebt_arpreply.so"), + SonameAtom("arm_64", "libebt_ip.so"), + SonameAtom("arm_64", "libebt_ip6.so"), + SonameAtom("arm_64", "libebt_limit.so"), + SonameAtom("arm_64", "libebt_log.so"), + SonameAtom("arm_64", "libebt_mark.so"), + SonameAtom("arm_64", "libebt_mark_m.so"), + SonameAtom("arm_64", "libebt_nat.so"), + SonameAtom("arm_64", "libebt_nflog.so"), + SonameAtom("arm_64", "libebt_pkttype.so"), + SonameAtom("arm_64", "libebt_redirect.so"), + SonameAtom("arm_64", "libebt_standard.so"), + SonameAtom("arm_64", "libebt_stp.so"), + SonameAtom("arm_64", "libebt_ulog.so"), + SonameAtom("arm_64", "libebt_vlan.so"), + SonameAtom("arm_64", "libebtable_broute.so"), + SonameAtom("arm_64", "libebtable_filter.so"), + SonameAtom("arm_64", "libebtable_nat.so"), + SonameAtom("x86_64", "libebt_802_3.so"), SonameAtom("x86_64", "libebt_among.so"), SonameAtom("x86_64", "libebt_arp.so"), SonameAtom("x86_64", "libebt_arpreply.so"), @@ -56,13 +84,23 @@ IGNORE_MISSING = { SonameAtom("x86_64", "libebtable_nat.so")], # Ignore the Rust libraries in their own libdir. - "dev-libs/rustlib": [SonameAtom("x86_64", "librustc_data_structures.so"), + "dev-libs/rustlib": [SonameAtom("arm_64", "librustc_data_structures.so"), + SonameAtom("arm_64", "librustc_errors.so"), + SonameAtom("arm_64", "libserialize.so"), + SonameAtom("arm_64", "libstd.so"), + SonameAtom("arm_64", "libsyntax.so"), + SonameAtom("arm_64", "libsyntax_pos.so"), + SonameAtom("arm_64", "libterm.so"), + SonameAtom("x86_64", "librustc_data_structures.so"), SonameAtom("x86_64", "librustc_errors.so"), SonameAtom("x86_64", "libserialize.so"), SonameAtom("x86_64", "libstd.so"), SonameAtom("x86_64", "libsyntax.so"), SonameAtom("x86_64", "libsyntax_pos.so"), SonameAtom("x86_64", "libterm.so")], + + "sys-kernel/coreos-modules": [SonameAtom("x86_64", "libc.so.6"), + SonameAtom("x86_64", "libcrypto.so.1.0.0")], } USR_LINKS = ("/bin/", "/sbin/", "/lib/", "/lib32/", "/lib64/") @@ -88,7 +126,9 @@ IGNORE_SYMLINK = ( b"/etc/motd", # Other - b"/etc/lsb-release" # set later in the build process + b"/etc/lsb-release", # set later in the build process + b"/usr/share/coreos", # set later in the build process + b"/etc/coreos" # set later in the build process ) diff --git a/build_library/configure_bootloaders.sh b/build_library/configure_bootloaders.sh index 27b862cbec..f163074f72 100755 --- a/build_library/configure_bootloaders.sh +++ b/build_library/configure_bootloaders.sh @@ -45,11 +45,11 @@ configure_pvgrub() { sudo_clobber "${GRUB_DIR}/menu.lst.A" < "${GRUB_TEMP_DIR}/grub.cfg" fi - sudo tar cf "${ESP_DIR}/coreos/grub/grub.cfg.tar" \ + sudo tar cf "${ESP_DIR}/flatcar/grub/grub.cfg.tar" \ -C "${GRUB_TEMP_DIR}" "grub.cfg" fi @@ -162,7 +176,7 @@ sudo grub-mkimage \ --format "${FLAGS_target}" \ --directory "${GRUB_SRC}" \ --config "${ESP_DIR}/${GRUB_DIR}/load.cfg" \ - --memdisk "${ESP_DIR}/coreos/grub/grub.cfg.tar" \ + --memdisk "${ESP_DIR}/flatcar/grub/grub.cfg.tar" \ --output "${ESP_DIR}/${GRUB_DIR}/${CORE_NAME}" \ "${CORE_MODULES[@]}" @@ -216,6 +230,18 @@ case "${FLAGS_target}" in sudo cp "${BUILD_LIBRARY_DIR}/menu.lst" \ "${ESP_DIR}/boot/grub/menu.lst" ;; + arm64-efi) + info "Installing default arm64 UEFI bootloader." + sudo mkdir -p "${ESP_DIR}/EFI/boot" + #FIXME(andrejro): shim not ported to aarch64 + sudo cp "${ESP_DIR}/${GRUB_DIR}/${CORE_NAME}" \ + "${ESP_DIR}/EFI/boot/bootaa64.efi" + if [[ -n "${FLAGS_copy_efi_grub}" ]]; then + # copying from vfat so ignore permissions + cp --no-preserve=mode "${ESP_DIR}/EFI/boot/bootaa64.efi" \ + "${FLAGS_copy_efi_grub}" + fi + ;; esac cleanup diff --git a/build_library/modify_image_util.sh b/build_library/modify_image_util.sh index a81122b55e..f8ed535762 100755 --- a/build_library/modify_image_util.sh +++ b/build_library/modify_image_util.sh @@ -14,7 +14,7 @@ start_modify_image() { FLAGS_from="$(readlink -f "${FLAGS_from}")" fi - local src_image="${FLAGS_from}/${COREOS_PRODUCTION_IMAGE_NAME}" + local src_image="${FLAGS_from}/${FLATCAR_PRODUCTION_IMAGE_NAME}" if [[ ! -f "${src_image}" ]]; then die_notrace "Source image does not exist: ${src_image}" fi @@ -24,7 +24,7 @@ start_modify_image() { die_notrace "Source version info does not exist: ${FLAGS_from}/version.txt" fi source "${FLAGS_from}/version.txt" - COREOS_VERSION_STRING="${COREOS_VERSION}" + FLATCAR_VERSION_STRING="${FLATCAR_VERSION}" # Load after version.txt to set the correct output paths . "${BUILD_LIBRARY_DIR}/toolchain_util.sh" @@ -44,7 +44,7 @@ start_modify_image() { fi # Create the output directory and temporary mount points. - DST_IMAGE="${BUILD_DIR}/${COREOS_PRODUCTION_IMAGE_NAME}" + DST_IMAGE="${BUILD_DIR}/${FLATCAR_PRODUCTION_IMAGE_NAME}" ROOT_FS_DIR="${BUILD_DIR}/rootfs" mkdir -p "${ROOT_FS_DIR}" @@ -52,10 +52,10 @@ start_modify_image() { cp "${src_image}" "${DST_IMAGE}" # Copy all extra useful things, these do not need to be modified. - local update_prefix="${COREOS_PRODUCTION_IMAGE_NAME%_image.bin}_update" - local production_prefix="${COREOS_PRODUCTION_IMAGE_NAME%.bin}" - local container_prefix="${COREOS_DEVELOPER_CONTAINER_NAME%.bin}" - local pcr_data="${COREOS_PRODUCTION_IMAGE_NAME%.bin}_pcr_policy.zip" + local update_prefix="${FLATCAR_PRODUCTION_IMAGE_NAME%_image.bin}_update" + local production_prefix="${FLATCAR_PRODUCTION_IMAGE_NAME%.bin}" + local container_prefix="${FLATCAR_DEVELOPER_CONTAINER_NAME%.bin}" + local pcr_data="${FLATCAR_PRODUCTION_IMAGE_NAME%.bin}_pcr_policy.zip" EXTRA_FILES=( "version.txt" "${update_prefix}.bin" @@ -64,7 +64,7 @@ start_modify_image() { "${production_prefix}_contents.txt" "${production_prefix}_packages.txt" "${production_prefix}_kernel_config.txt" - "${COREOS_DEVELOPER_CONTAINER_NAME}" + "${FLATCAR_DEVELOPER_CONTAINER_NAME}" "${container_prefix}_contents.txt" "${container_prefix}_packages.txt" ) diff --git a/build_library/oem_aci_util.sh b/build_library/oem_aci_util.sh index f7a19987ae..90fcd4d700 100644 --- a/build_library/oem_aci_util.sh +++ b/build_library/oem_aci_util.sh @@ -2,7 +2,7 @@ # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. -# Expects BOARD, BUILD_DIR, BUILD_LIBRARY_DIR, and COREOS_VERSION in env. +# Expects BOARD, BUILD_DIR, BUILD_LIBRARY_DIR, and FLATCAR_VERSION in env. # There must be a manifest template included with the ebuild at # files/manifest.in, which will have some variable values substituted before @@ -74,13 +74,14 @@ oem_aci_write_manifest() { case "${BOARD}" in amd64-usr) appc_arch=amd64 ;; + arm64-usr) appc_arch=aarch64 ;; *) die_notrace "Cannot map \"${BOARD}\" to an appc arch" ;; esac sudo cp "${manifest_template}" "${manifest}" sudo sed "${manifest}" -i \ -e "s,@ACI_NAME@,${name}," \ - -e "s,@ACI_VERSION@,${COREOS_VERSION}," \ + -e "s,@ACI_VERSION@,${FLATCAR_VERSION}," \ -e "s,@ACI_ARCH@,${appc_arch}," } @@ -112,7 +113,7 @@ oem_aci_create() { "coreos.com/oem-${oem}" # Write a tar ACI file containing the manifest and mounted rootfs contents. - sudo tar -C "${aciroot}" -czf "${BUILD_DIR}/coreos-oem-${oem}.aci" \ + sudo tar -C "${aciroot}" -czf "${BUILD_DIR}/flatcar-oem-${oem}.aci" \ manifest rootfs # Unmount the staging image, and delete it to save space. diff --git a/build_library/prod_image_util.sh b/build_library/prod_image_util.sh index 83400892c6..b3b707381d 100755 --- a/build_library/prod_image_util.sh +++ b/build_library/prod_image_util.sh @@ -85,7 +85,7 @@ create_prod_image() { # Assert that if this is supposed to be an official build that the # official update keys have been used. - if [[ ${COREOS_OFFICIAL:-0} -eq 1 ]]; then + if [[ ${COREOS_OFFICIAL:-0} -eq 1 && "${BOARD}" != arm64-usr ]]; then grep -q official \ "${root_fs_dir}"/var/db/pkg/coreos-base/coreos-au-key-*/USE \ || die_notrace "coreos-au-key is missing the 'official' use flag" @@ -141,8 +141,11 @@ EOF "${BUILD_DIR}/${image_kernel}" "${BUILD_DIR}/${image_pcr_policy}" "${BUILD_DIR}/${image_grub}" - "${BUILD_DIR}/${image_shim}" "${BUILD_DIR}/${image_kconfig}" ) + # FIXME(bgilbert): no shim on arm64 + if [[ -f "${BUILD_DIR}/${image_shim}" ]]; then + to_upload+=("${BUILD_DIR}/${image_shim}") + fi upload_image -d "${BUILD_DIR}/${image_name}.bz2.DIGESTS" "${to_upload[@]}" } diff --git a/build_library/qemu_template.sh b/build_library/qemu_template.sh index e287f1b958..cd84b2116d 100755 --- a/build_library/qemu_template.sh +++ b/build_library/qemu_template.sh @@ -21,6 +21,7 @@ SAFE_ARGS=0 USAGE="Usage: $0 [-a authorized_keys] [--] [qemu options...] Options: -i FILE File containing an Ignition config + (needs \"-append 'flatcar.first_boot=1'\" for already-booted or PXE images) -u FILE Cloudinit user-data as either a cloud config or script. -c FILE Config drive as an iso or fat filesystem image. -a FILE SSH public keys for login access. [~/.ssh/id_{dsa,rsa}.pub] @@ -33,7 +34,8 @@ The -a option may be used to specify a particular ssh public key to give login access to. If -a is not provided ~/.ssh/id_{dsa,rsa}.pub is used. If no public key is provided or found the VM will still boot but you may be unable to login unless you built the image yourself after setting a -password for the core user with the 'set_shared_user_password.sh' script. +password for the core user with the 'set_shared_user_password.sh' script +or provide the option \"-append 'flatcar.autologin'\". Any arguments after -a and -p will be passed through to qemu, -- may be used as an explicit separator. See the qemu(1) man page for more details. @@ -153,6 +155,10 @@ else set -- -machine accel=kvm -cpu host -smp "${VM_NCPUS}" "$@" ;; amd64-usr+*) set -- -machine pc-q35-2.8 -cpu kvm64 -smp 1 -nographic "$@" ;; + arm64-usr+aarch64) + set -- -machine virt,accel=kvm,gic-version=3 -cpu host -smp "${VM_NCPUS}" -nographic "$@" ;; + arm64-usr+*) + set -- -machine virt -cpu cortex-a57 -smp 1 -nographic "$@" ;; *) die "Unsupported arch" ;; esac @@ -173,6 +179,10 @@ if [ -n "${VM_IMAGE}" ]; then case "${VM_BOARD}" in amd64-usr) set -- -drive if=virtio,file="${SCRIPT_DIR}/${VM_IMAGE}" "$@" ;; + arm64-usr) + set -- -drive if=none,id=blk,file="${SCRIPT_DIR}/${VM_IMAGE}" \ + -device virtio-blk-device,drive=blk "$@" + ;; *) die "Unsupported arch" ;; esac fi @@ -201,7 +211,7 @@ if [ -n "${VM_PFLASH_RO}" ] && [ -n "${VM_PFLASH_RW}" ]; then fi if [ -n "${IGNITION_CONFIG_FILE}" ]; then - set -- -fw_cfg name=opt/com.coreos/config,file="${IGNITION_CONFIG_FILE}" "$@" + set -- -fw_cfg name=opt/org.flatcar-linux/config,file="${IGNITION_CONFIG_FILE}" "$@" fi case "${VM_BOARD}" in @@ -215,6 +225,15 @@ case "${VM_BOARD}" in -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \ "$@" ;; + arm64-usr) + qemu-system-aarch64 \ + -name "$VM_NAME" \ + -m ${VM_MEMORY} \ + -netdev user,id=eth0,hostfwd=tcp::"${SSH_PORT}"-:22,hostname="${VM_NAME}" \ + -device virtio-net-device,netdev=eth0 \ + -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 \ + "$@" + ;; *) die "Unsupported arch" ;; esac diff --git a/build_library/release_util.sh b/build_library/release_util.sh index c48576f286..12d8a82807 100644 --- a/build_library/release_util.sh +++ b/build_library/release_util.sh @@ -11,8 +11,8 @@ UPLOAD_DEFAULT=${FLAGS_FALSE} # Default upload root can be overridden from the environment. _user="${USER}" [[ ${USER} == "root" ]] && _user="${SUDO_USER}" -: ${COREOS_UPLOAD_ROOT:=gs://users.developer.core-os.net/${_user}} -: ${COREOS_TORCX_UPLOAD_ROOT:=${COREOS_UPLOAD_ROOT}/torcx} +: ${FLATCAR_UPLOAD_ROOT:=gs://users.developer.core-os.net/${_user}} +: ${FLATCAR_TORCX_UPLOAD_ROOT:=${FLATCAR_UPLOAD_ROOT}/torcx} unset _user IMAGE_ZIPPER="lbzip2 --compress --keep" @@ -22,7 +22,7 @@ DEFINE_boolean parallel ${FLAGS_TRUE} \ "Enable parallelism in gsutil." DEFINE_boolean upload ${UPLOAD_DEFAULT} \ "Upload all packages/images via gsutil." -DEFINE_string upload_root "${COREOS_UPLOAD_ROOT}" \ +DEFINE_string upload_root "${FLATCAR_UPLOAD_ROOT}" \ "Upload prefix, board/version/etc will be appended. Must be a gs:// URL." DEFINE_string upload_path "" \ "Full upload path, overrides --upload_root. Must be a full gs:// URL." @@ -30,7 +30,7 @@ DEFINE_string download_root "" \ "HTTP download prefix, board/version/etc will be appended." DEFINE_string download_path "" \ "HTTP download path, overrides --download_root." -DEFINE_string torcx_upload_root "${COREOS_TORCX_UPLOAD_ROOT}" \ +DEFINE_string torcx_upload_root "${FLATCAR_TORCX_UPLOAD_ROOT}" \ "Tectonic torcx package and manifest Upload prefix. Must be a gs:// URL." DEFINE_string tectonic_torcx_download_root "" \ "HTTP download prefix for tectonic torcx packages and manifests." @@ -155,7 +155,7 @@ upload_packages() { [[ -n "${BOARD}" ]] || die "board_options.sh must be sourced first" local board_packages="${1:-"${BOARD_ROOT}/packages"}" - local def_upload_path="${UPLOAD_ROOT}/boards/${BOARD}/${COREOS_VERSION}" + local def_upload_path="${UPLOAD_ROOT}/boards/${BOARD}/${FLATCAR_VERSION}" sign_and_upload_files packages ${def_upload_path} "pkgs/" \ "${board_packages}"/* } @@ -214,7 +214,7 @@ upload_image() { fi local log_msg=$(basename "$digests" .DIGESTS) - local def_upload_path="${UPLOAD_ROOT}/boards/${BOARD}/${COREOS_VERSION}" + local def_upload_path="${UPLOAD_ROOT}/boards/${BOARD}/${FLATCAR_VERSION}" sign_and_upload_files "${log_msg}" "${def_upload_path}" "" "${uploads[@]}" } @@ -229,18 +229,21 @@ download_image_url() { local download_root="${FLAGS_download_root:-${UPLOAD_ROOT}}" local download_path + local download_channel if [[ -n "${FLAGS_download_path}" ]]; then download_path="${FLAGS_download_path%%/}" - elif [[ "${download_root}" = *release.core-os.net* ]]; then + elif [[ "${download_root}" == *flatcar-jenkins* ]]; then + download_channel="${download_root##*/}" + download_root="gs://${download_channel}.release.flatcar-linux.net" # Official release download paths don't include the boards directory - download_path="${download_root%%/}/${BOARD}/${COREOS_VERSION}" + download_path="${download_root%%/}/${BOARD}/${FLATCAR_VERSION}" else - download_path="${download_root%%/}/boards/${BOARD}/${COREOS_VERSION}" + download_path="${download_root%%/}/boards/${BOARD}/${FLATCAR_VERSION}" fi # Just in case download_root was set from UPLOAD_ROOT if [[ "${download_path}" == gs://* ]]; then - download_path="http://${download_path#gs://}" + download_path="https://${download_path#gs://}" fi echo "${download_path}/$1" diff --git a/build_library/set_lsb_release b/build_library/set_lsb_release index cfc9967297..c6a680135d 100755 --- a/build_library/set_lsb_release +++ b/build_library/set_lsb_release @@ -25,52 +25,59 @@ ROOT_FS_DIR="$FLAGS_root" [ -n "$ROOT_FS_DIR" ] || die "--root is required." [ -d "$ROOT_FS_DIR" ] || die "Root FS does not exist? ($ROOT_FS_DIR)" -OS_NAME="Container Linux by CoreOS" +OS_NAME="Flatcar Container Linux by Kinvolk" OS_CODENAME="Rhyolite" -OS_ID="coreos" -OS_PRETTY_NAME="$OS_NAME $COREOS_VERSION (${OS_CODENAME})" +OS_ID="flatcar" +OS_ID_LIKE="coreos" +OS_PRETTY_NAME="$OS_NAME $FLATCAR_VERSION (${OS_CODENAME})" -COREOS_APPID="{e96281a6-d1af-4bde-9a0a-97b76e56dc57}" +# temporarily point arm at a different appid until update support +# is completed in update_engine and the CoreUpdate service. +FLATCAR_APPID="{e96281a6-d1af-4bde-9a0a-97b76e56dc57}" +if [[ "${FLAGS_board}" == arm64-* ]]; then + FLATCAR_APPID="{103867da-e3a2-4c92-b0b3-7fbd7f7d8b71}" +fi # DISTRIB_* are the standard lsb-release names -sudo mkdir -p "${ROOT_FS_DIR}/usr/share/coreos" "${ROOT_FS_DIR}/etc/coreos" -sudo_clobber "${ROOT_FS_DIR}/usr/share/coreos/lsb-release" <"${VM_TMP_DIR}/extra" # Set correct group for PXE/ISO, which has no writeable /etc - echo /usr/share/coreos/update.conf f 644 root root \ - "sed -e 's/GROUP=.*$/GROUP=${VM_GROUP}/' ${base_dir}/share/coreos/update.conf" \ + echo /usr/share/flatcar/update.conf f 644 root root \ + "sed -e 's/GROUP=.*$/GROUP=${VM_GROUP}/' ${base_dir}/share/flatcar/update.conf" \ >> "${VM_TMP_DIR}/extra" # Build the squashfs, embed squashfs into a gzipped cpio @@ -614,14 +617,15 @@ _write_cpio_disk() { local grub_name="$(_dst_name "_grub.efi")" _write_cpio_common $@ # Pull the kernel and loader out of the filesystem - cp "${base_dir}"/boot/coreos/vmlinuz-a "${dst_dir}/${vmlinuz_name}" + cp "${base_dir}"/boot/flatcar/vmlinuz-a "${dst_dir}/${vmlinuz_name}" local grub_arch case $BOARD in amd64-usr) grub_arch="x86_64-efi" ;; + arm64-usr) grub_arch="arm64-efi" ;; esac - cp "${base_dir}/boot/coreos/grub/${grub_arch}/core.efi" "${dst_dir}/${grub_name}" + cp "${base_dir}/boot/flatcar/grub/${grub_arch}/core.efi" "${dst_dir}/${grub_name}" VM_GENERATED_FILES+=( "${dst_dir}/${vmlinuz_name}" "${dst_dir}/${grub_name}" ) } @@ -633,22 +637,22 @@ _write_iso_disk() { mkdir "${iso_target}" pushd "${iso_target}" >/dev/null - mkdir isolinux syslinux coreos - _write_cpio_common "$1" "${iso_target}/coreos/cpio.gz" - cp "${base_dir}"/boot/vmlinuz "${iso_target}/coreos/vmlinuz" + mkdir isolinux syslinux flatcar + _write_cpio_common "$1" "${iso_target}/flatcar/cpio.gz" + cp "${base_dir}"/boot/vmlinuz "${iso_target}/flatcar/vmlinuz" cp -R /usr/share/syslinux/* isolinux/ cat< isolinux/isolinux.cfg INCLUDE /syslinux/syslinux.cfg EOF cat< syslinux/syslinux.cfg -default coreos +default flatcar prompt 1 timeout 15 -label coreos +label flatcar menu default - kernel /coreos/vmlinuz - append initrd=/coreos/cpio.gz coreos.autologin + kernel /flatcar/vmlinuz + append initrd=/flatcar/cpio.gz flatcar.autologin EOF mkisofs -v -l -r -J -o $2 -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table . isohybrid $2 @@ -715,6 +719,19 @@ _write_qemu_uefi_conf() { cp "/usr/share/edk2-ovmf/OVMF_CODE.fd" "$(_dst_dir)/${flash_ro}" cp "/usr/share/edk2-ovmf/OVMF_VARS.fd" "$(_dst_dir)/${flash_rw}" ;; + arm64-usr) + # Get edk2 files into local build workspace. + info "Updating edk2 in /build/${BOARD}" + emerge-${BOARD} --nodeps --select -qugN sys-firmware/edk2-aarch64 + # Create 64MiB flash device image files. + dd if=/dev/zero bs=1M count=64 of="$(_dst_dir)/${flash_rw}" \ + status=none + cp "/build/${BOARD}/usr/share/edk2-aarch64/QEMU_EFI.fd" \ + "$(_dst_dir)/${flash_ro}.work" + truncate --reference="$(_dst_dir)/${flash_rw}" \ + "$(_dst_dir)/${flash_ro}.work" + mv "$(_dst_dir)/${flash_ro}.work" "$(_dst_dir)/${flash_ro}" + ;; esac sed -e "s%^VM_PFLASH_RO=.*%VM_PFLASH_RO='${flash_ro}'%" \ @@ -1091,10 +1108,10 @@ EOF cat >"${json}" </dev/null +# Source qemu library path +. /etc/profile.d/qemu-aarch64.sh 2> /dev/null || true + # Output a backtrace all the way back to the raw invocation, suppressing # only the _dump_trace frame itself. _dump_trace() { @@ -233,7 +236,7 @@ get_gclient_root() { # Populate the ENVIRONMENT_WHITELIST array. load_environment_whitelist() { ENVIRONMENT_WHITELIST=( - COREOS_BUILD_ID + FLATCAR_BUILD_ID COREOS_OFFICIAL GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME @@ -287,39 +290,39 @@ BUILD_LIBRARY_DIR="${SCRIPTS_DIR}/build_library" REPO_CACHE_DIR="${REPO_ROOT}/.cache" REPO_MANIFESTS_DIR="${REPO_ROOT}/.repo/manifests" -# Source COREOS_VERSION_ID from manifest. +# Source FLATCAR_VERSION_ID from manifest. if [[ -f "${REPO_MANIFESTS_DIR}/version.txt" ]]; then # The build id may be provided externally by the build system. - if [[ -n ${COREOS_BUILD_ID} ]]; then + if [[ -n ${FLATCAR_BUILD_ID} ]]; then load_environment_var "${REPO_MANIFESTS_DIR}/version.txt" \ - COREOS_VERSION_ID COREOS_SDK_VERSION + FLATCAR_VERSION_ID FLATCAR_SDK_VERSION else load_environment_var "${REPO_MANIFESTS_DIR}/version.txt" \ - COREOS_VERSION_ID COREOS_BUILD_ID COREOS_SDK_VERSION - # Don't promote COREOS_BUILD_ID into an environment variable when it + FLATCAR_VERSION_ID FLATCAR_BUILD_ID FLATCAR_SDK_VERSION + # Don't promote FLATCAR_BUILD_ID into an environment variable when it # didn't start as one, since we don't want it leaking into the SDK # chroot environment via ENVIRONMENT_WHITELIST. - declare +x COREOS_BUILD_ID + declare +x FLATCAR_BUILD_ID fi - : ${COREOS_BUILD_ID:=$(date +%Y-%m-%d-%H%M)} + : ${FLATCAR_BUILD_ID:=$(date +%Y-%m-%d-%H%M)} elif [[ -f "${SCRIPT_LOCATION}/version.txt" ]]; then # This only happens in update.zip where we must use the current build id. load_environment_var "${SCRIPT_LOCATION}/version.txt" \ - COREOS_VERSION_ID COREOS_BUILD_ID COREOS_SDK_VERSION + FLATCAR_VERSION_ID FLATCAR_BUILD_ID FLATCAR_SDK_VERSION else die "Unable to locate version.txt" fi # Official builds must set COREOS_OFFICIAL=1 to use an official version. # Unofficial builds always appended the build identifier. -if [[ ${COREOS_OFFICIAL:-0} -ne 1 && -n "${COREOS_BUILD_ID}" ]]; then - COREOS_VERSION="${COREOS_VERSION_ID}+${COREOS_BUILD_ID}" +if [[ ${COREOS_OFFICIAL:-0} -ne 1 && -n "${FLATCAR_BUILD_ID}" ]]; then + FLATCAR_VERSION="${FLATCAR_VERSION_ID}+${FLATCAR_BUILD_ID}" else - COREOS_VERSION="${COREOS_VERSION_ID}" + FLATCAR_VERSION="${FLATCAR_VERSION_ID}" fi # Compatibility alias -COREOS_VERSION_STRING="${COREOS_VERSION}" +FLATCAR_VERSION_STRING="${FLATCAR_VERSION}" # Calculate what today's build version should be, used by release # scripts to provide a reasonable default value. The value is the number @@ -328,7 +331,7 @@ readonly COREOS_EPOCH=1372636800 TODAYS_VERSION=$(( (`date +%s` - ${COREOS_EPOCH}) / 86400 )) # Download URL prefix for SDK and board binary packages -: ${COREOS_DEV_BUILDS:=http://builds.developer.core-os.net} +: ${FLATCAR_DEV_BUILDS:=https://storage.googleapis.com/flatcar-jenkins} # Load developer's custom settings. Default location is in scripts dir, # since that's available both inside and outside the chroot. By convention, @@ -383,16 +386,15 @@ if [[ -f ${GCLIENT_ROOT}/src/scripts/.default_board ]]; then die ".default_board: invalid name detected; please fix:" \ "'${DEFAULT_BOARD}'" fi -elif [ -z "${DEFAULT_BOARD-}" ]; then - DEFAULT_BOARD=amd64-usr fi +DEFAULT_BOARD="${DEFAULT_BOARD-amd64-usr}" # Directory to store built images. Should be set by sourcing script when used. BUILD_DIR= # Standard filenames -COREOS_DEVELOPER_CONTAINER_NAME="coreos_developer_container.bin" -COREOS_PRODUCTION_IMAGE_NAME="coreos_production_image.bin" +FLATCAR_DEVELOPER_CONTAINER_NAME="flatcar_developer_container.bin" +FLATCAR_PRODUCTION_IMAGE_NAME="flatcar_production_image.bin" # ----------------------------------------------------------------------------- # Functions @@ -928,10 +930,21 @@ BOAT } # The binfmt_misc support in the kernel is required. +# The aarch64 binaries should be executed through +# "/usr/bin/qemu-aarch64-static" setup_qemu_static() { local root_fs_dir="$1" case "${BOARD}" in amd64-usr) return 0;; + arm64-usr) + if [[ -f "${root_fs_dir}/sbin/ldconfig" ]]; then + sudo cp /usr/bin/qemu-aarch64 "${root_fs_dir}"/usr/bin/qemu-aarch64-static + echo export QEMU_LD_PREFIX=\"/build/arm64-usr/\" | sudo tee /etc/profile.d/qemu-aarch64.sh + . /etc/profile.d/qemu-aarch64.sh + else + die "Missing basic layout in target rootfs" + fi + ;; *) die "Unsupported arch" ;; esac } @@ -940,6 +953,13 @@ clean_qemu_static() { local root_fs_dir="$1" case "${BOARD}" in amd64-usr) return 0;; + arm64-usr) + if [[ -f "${root_fs_dir}/usr/bin/qemu-aarch64-static" ]]; then + sudo rm "${root_fs_dir}"/usr/bin/qemu-aarch64-static + else + die "File not found" + fi + ;; *) die "Unsupported arch" ;; esac } diff --git a/contrib/create-coreos-vdi b/contrib/create-coreos-vdi index 4788720ced..9aa34caee2 100755 --- a/contrib/create-coreos-vdi +++ b/contrib/create-coreos-vdi @@ -4,16 +4,16 @@ VERSION_ID=stable USAGE="Usage: $0 [-V version] [-d /target/path] Options: - -d DEST Create CoreOS VDI image to the given path. + -d DEST Create Flatcar VDI image to the given path. -V VERSION Version to install (e.g. alpha) [default: ${VERSION_ID}] -h This help -This tool creates a CoreOS VDI image to be used with VirtualBox. +This tool creates a Flatcar VDI image to be used with VirtualBox. " -# Image signing key: buildbot@coreos.com -GPG_KEY_URL="https://coreos.com/security/image-signing-key/CoreOS_Image_Signing_Key.pem" -GPG_LONG_ID="50E0885593D2DCB4" +# Image signing key: buildbot@flatcar-linux.org +GPG_KEY_URL="https://flatcar-linux.org/security/image-signing-key/Flatcar_Image_Signing_Key.pem" +GPG_LONG_ID="E25D9AED0593B34A" GPG_KEY="$(wget -qO- $GPG_KEY_URL)" while getopts "V:d:a:h" OPTION @@ -52,15 +52,15 @@ WORKDIR="${DEST}/tmp.${RANDOM}" mkdir "$WORKDIR" trap "rm -rf '${WORKDIR}'" EXIT -RAW_IMAGE_NAME="coreos_production_image.bin" +RAW_IMAGE_NAME="flatcar_production_image.bin" IMAGE_NAME="${RAW_IMAGE_NAME}.bz2" DIGESTS_NAME="${IMAGE_NAME}.DIGESTS.asc" case ${VERSION_ID} in - stable) BASE_URL="https://stable.release.core-os.net/amd64-usr/current" ;; - alpha) BASE_URL="https://alpha.release.core-os.net/amd64-usr/current" ;; - beta) BASE_URL="https://beta.release.core-os.net/amd64-usr/current" ;; - *) BASE_URL="https://alpha.release.core-os.net/amd64-usr/${VERSION_ID}" ;; + stable) BASE_URL="https://stable.release.flatcar-linux.net/amd64-usr/current" ;; + alpha) BASE_URL="https://alpha.release.flatcar-linux.net/amd64-usr/current" ;; + beta) BASE_URL="https://beta.release.flatcar-linux.net/amd64-usr/current" ;; + *) BASE_URL="https://alpha.release.flatcar-linux.net/amd64-usr/${VERSION_ID}" ;; esac IMAGE_URL="${BASE_URL}/${IMAGE_NAME}" @@ -77,12 +77,12 @@ if ! wget --spider --quiet "${DIGESTS_URL}"; then exit 1 fi -# Gets CoreOS verion from version.txt file +# Gets Flatcar verion from version.txt file VERSION_NAME="version.txt" VERSION_URL="${BASE_URL}/${VERSION_NAME}" wget --no-verbose -O "${WORKDIR}/${VERSION_NAME}" "${VERSION_URL}" . "${WORKDIR}/${VERSION_NAME}" -VDI_IMAGE_NAME="coreos_production_${COREOS_BUILD}.${COREOS_BRANCH}.${COREOS_PATCH}.vdi" +VDI_IMAGE_NAME="flatcar_production_${FLATCAR_BUILD}.${FLATCAR_BRANCH}.${FLATCAR_PATCH}.vdi" VDI_IMAGE="${DEST}/${VDI_IMAGE_NAME}" # Setup GnuPG for verifying the image signature @@ -118,6 +118,6 @@ VBoxManage convertdd "${DOWN_IMAGE}" "${VDI_IMAGE}" --format VDI rm -rf "${WORKDIR}" trap - EXIT -echo "Success! CoreOS ${VERSION_ID} VDI image was created on ${VDI_IMAGE_NAME}" +echo "Success! Flatcar ${VERSION_ID} VDI image was created on ${VDI_IMAGE_NAME}" # vim: ts=4 et diff --git a/core_date b/core_date index 74272cb626..bddf452f73 100755 --- a/core_date +++ b/core_date @@ -35,7 +35,7 @@ case "$1" in v="$1" shift else - v="${COREOS_VERSION}" + v="${FLATCAR_VERSION}" fi # strip of a v prefix or .0.0 suffix diff --git a/core_dev_sign_update b/core_dev_sign_update index d08b9a5c71..46704653a4 100755 --- a/core_dev_sign_update +++ b/core_dev_sign_update @@ -6,7 +6,7 @@ SCRIPT_ROOT=$(dirname $(readlink -f "$0")) assert_inside_chroot DEFINE_string data_dir "" "Directory containing downloaded release artifacts" -DEFINE_string board "amd64-usr" "Board to sign artifacts for" +DEFINE_string board "" "Board to sign artifacts for" DEFINE_string version "" "Version to sign artifacts for" DEFINE_integer n_signatures "2" "Number of signatures this release will be signed with" DEFINE_string output_dir "" "Output directory" diff --git a/core_pre_alpha b/core_pre_alpha index c05b60dc44..c11bd7954f 100755 --- a/core_pre_alpha +++ b/core_pre_alpha @@ -12,7 +12,7 @@ export GCLIENT_ROOT=$(readlink -f "${SCRIPT_ROOT}/../../") DEFINE_string board "amd64-usr" \ "Board type of the image" -DEFINE_string version "${COREOS_VERSION}" \ +DEFINE_string version "${FLATCAR_VERSION}" \ "Version number to promote." DEFINE_string build_storage "gs://builds.release.core-os.net" \ diff --git a/core_roller_upload b/core_roller_upload index a358e708b5..a20ef5e845 100755 --- a/core_roller_upload +++ b/core_roller_upload @@ -14,7 +14,7 @@ DEFINE_string board "amd64-usr" \ "Board type of the image" DEFINE_string payload "coreos_production_update.gz" \ "Path to the update payload" -DEFINE_string version "${COREOS_VERSION}" \ +DEFINE_string version "${FLATCAR_VERSION}" \ "Version number of this build." DEFINE_string app_id "e96281a6-d1af-4bde-9a0a-97b76e56dc57" \ "CoreOS AppId in roller." diff --git a/image_inject_bootchain b/image_inject_bootchain index 2430ee21b6..721f86da1d 100755 --- a/image_inject_bootchain +++ b/image_inject_bootchain @@ -28,7 +28,7 @@ DEFINE_string board "${DEFAULT_BOARD}" \ DEFINE_string disk_layout "base" \ "The disk layout type to use for this image." DEFINE_string from "" \ - "Directory containing ${COREOS_PRODUCTION_IMAGE_NAME}" + "Directory containing ${FLATCAR_PRODUCTION_IMAGE_NAME}" DEFINE_string output_root "${DEFAULT_BUILD_ROOT}/images" \ "Directory in which to place image result directories (named by version)" DEFINE_boolean replace ${FLAGS_FALSE} \ @@ -74,12 +74,14 @@ do_copy() { start_modify_image if [[ -n "${FLAGS_kernel_path}" ]]; then - do_copy "${FLAGS_kernel_path}" "/boot/coreos/vmlinuz-a" + do_copy "${FLAGS_kernel_path}" "/boot/flatcar/vmlinuz-a" fi +# FIXME(bgilbert): no shim on arm64 if [[ -n "${FLAGS_efi_grub_path}" ]]; then case "${BOARD}" in amd64-usr) image_name="grub.efi" ;; + arm64-usr) image_name="bootaa64.efi" ;; *) die "GRUB filename not known for this board" ;; esac diff --git a/image_set_group b/image_set_group index d0e6701297..77a6fd1653 100755 --- a/image_set_group +++ b/image_set_group @@ -20,7 +20,7 @@ DEFINE_string board "${DEFAULT_BOARD}" \ DEFINE_string disk_layout "base" \ "The disk layout type to use for this image." DEFINE_string from "" \ - "Directory containing ${COREOS_PRODUCTION_IMAGE_NAME}" + "Directory containing ${FLATCAR_PRODUCTION_IMAGE_NAME}" DEFINE_string output_root "${DEFAULT_BUILD_ROOT}/images" \ "Directory in which to place image result directories (named by version)" DEFINE_boolean replace ${FLAGS_FALSE} \ @@ -56,9 +56,9 @@ fi start_modify_image -info "Replacing /etc/coreos/update.conf" -sudo mkdir -p "${ROOT_FS_DIR}/etc/coreos" -sudo_clobber "${ROOT_FS_DIR}/etc/coreos/update.conf" < ${coreosimg} +curl --fail -s -L ${image_url} | bunzip2 > ${flatcarimg} # perform actual image creation # here we set the os_release, os_verison, os_family, and os_distro variables # for intelligent consumption of images by scripts -glance --os-image-api-version 1 image-create --name CoreOS-${release}-v${COREOS_VERSION} --progress \ - --is-public true --property os_distro=coreos --property os_family=coreos \ - --property os_version=${COREOS_VERSION} \ - --disk-format qcow2 --container-format bare --min-disk 6 --file $coreosimg +glance --os-image-api-version 1 image-create --name Flatcar-${release}-v${FLATCAR_VERSION} --progress \ + --is-public true --property os_distro=flatcar --property os_family=flatcar \ + --property os_version=${FLATCAR_VERSION} \ + --disk-format qcow2 --container-format bare --min-disk 6 --file $flatcarimg # optionally, set --property os_release=${release} in the glance image-create # command above and uncomment the two commands below to support searching by diff --git a/sdk_lib/sdk_util.sh b/sdk_lib/sdk_util.sh index 5c60e46159..62c8066676 100644 --- a/sdk_lib/sdk_util.sh +++ b/sdk_lib/sdk_util.sh @@ -5,13 +5,13 @@ # found in the LICENSE file. # common.sh must be properly sourced before this file. -[[ -n "${COREOS_SDK_VERSION}" ]] || exit 1 +[[ -n "${FLATCAR_SDK_VERSION}" ]] || exit 1 -COREOS_SDK_ARCH="amd64" # We are unlikely to support anything else. -COREOS_SDK_TARBALL="coreos-sdk-${COREOS_SDK_ARCH}-${COREOS_SDK_VERSION}.tar.bz2" -COREOS_SDK_TARBALL_CACHE="${REPO_CACHE_DIR}/sdks" -COREOS_SDK_TARBALL_PATH="${COREOS_SDK_TARBALL_CACHE}/${COREOS_SDK_TARBALL}" -COREOS_SDK_URL="${COREOS_DEV_BUILDS}/sdk/${COREOS_SDK_ARCH}/${COREOS_SDK_VERSION}/${COREOS_SDK_TARBALL}" +FLATCAR_SDK_ARCH="amd64" # We are unlikely to support anything else. +FLATCAR_SDK_TARBALL="flatcar-sdk-${FLATCAR_SDK_ARCH}-${FLATCAR_SDK_VERSION}.tar.bz2" +FLATCAR_SDK_TARBALL_CACHE="${REPO_CACHE_DIR}/sdks" +FLATCAR_SDK_TARBALL_PATH="${FLATCAR_SDK_TARBALL_CACHE}/${FLATCAR_SDK_TARBALL}" +FLATCAR_SDK_URL="${FLATCAR_DEV_BUILDS}/sdk/${FLATCAR_SDK_ARCH}/${FLATCAR_SDK_VERSION}/${FLATCAR_SDK_TARBALL}" # Download the current SDK tarball (if required) and verify digests/sig sdk_download_tarball() { @@ -19,13 +19,13 @@ sdk_download_tarball() { return 0 fi - info "Downloading ${COREOS_SDK_TARBALL}" - info "URL: ${COREOS_SDK_URL}" + info "Downloading ${FLATCAR_SDK_TARBALL}" + info "URL: ${FLATCAR_SDK_URL}" local suffix for suffix in "" ".DIGESTS"; do # TODO(marineam): download .asc wget --tries=3 --timeout=30 --continue \ - -O "${COREOS_SDK_TARBALL_PATH}${suffix}" \ - "${COREOS_SDK_URL}${suffix}" \ + -O "${FLATCAR_SDK_TARBALL_PATH}${suffix}" \ + "${FLATCAR_SDK_URL}${suffix}" \ || die_notrace "SDK download failed!" done @@ -34,21 +34,21 @@ sdk_download_tarball() { } sdk_verify_digests() { - if [[ ! -f "${COREOS_SDK_TARBALL_PATH}" || \ - ! -f "${COREOS_SDK_TARBALL_PATH}.DIGESTS" ]]; then + if [[ ! -f "${FLATCAR_SDK_TARBALL_PATH}" || \ + ! -f "${FLATCAR_SDK_TARBALL_PATH}.DIGESTS" ]]; then return 1 fi # TODO(marineam): Add gpg signature verification too. - verify_digests "${COREOS_SDK_TARBALL_PATH}" || return 1 + verify_digests "${FLATCAR_SDK_TARBALL_PATH}" || return 1 } sdk_clean_cache() { - pushd "${COREOS_SDK_TARBALL_CACHE}" >/dev/null + pushd "${FLATCAR_SDK_TARBALL_CACHE}" >/dev/null local filename for filename in *; do - if [[ "${filename}" == "${COREOS_SDK_TARBALL}"* ]]; then + if [[ "${filename}" == "${FLATCAR_SDK_TARBALL}"* ]]; then continue fi info "Cleaning up ${filename}" diff --git a/setup_board b/setup_board index 73a8b8cb73..24e3fa11cf 100755 --- a/setup_board +++ b/setup_board @@ -27,6 +27,8 @@ DEFINE_boolean getbinpkg "${FLAGS_TRUE}" \ "Download binary packages from remote repository." DEFINE_string getbinpkgver "" \ "Use binary packages from a specific version." +DEFINE_string binhost "" \ + "Use binary packages from a specific location (e.g. https://storage.googleapis.com/flatcar-jenkins/sdk/amd64/2000.0.0/pkgs)" DEFINE_boolean toolchainpkgonly "${FLAGS_FALSE}" \ "Use binary packages only for the board toolchain." DEFINE_integer jobs "${NUM_JOBS}" \ @@ -59,7 +61,7 @@ DEFINE_string variant "" \ "Board variant." -# builds wrappers like equery-amd64-usr. +# builds wrappers like equery-arm-generic. # args: # $1: command to wrap # rest: extra arguments to pass to the command @@ -120,9 +122,9 @@ EOF generate_binhost_list() { local t [[ "${FLAGS_toolchainpkgonly}" -eq "${FLAGS_TRUE}" ]] && t="-t" - FLAGS_getbinpkgver="${FLAGS_getbinpkgver/current/${COREOS_VERSION_ID}}" - FLAGS_getbinpkgver="${FLAGS_getbinpkgver/latest/${COREOS_VERSION_ID}}" - FLAGS_getbinpkgver="${FLAGS_getbinpkgver/sdk/${COREOS_SDK_VERSION}}" + FLAGS_getbinpkgver="${FLAGS_getbinpkgver/current/${FLATCAR_VERSION_ID}}" + FLAGS_getbinpkgver="${FLAGS_getbinpkgver/latest/${FLATCAR_VERSION_ID}}" + FLAGS_getbinpkgver="${FLAGS_getbinpkgver/sdk/${FLATCAR_SDK_VERSION}}" get_board_binhost $t "${BOARD}" ${FLAGS_getbinpkgver} } @@ -159,7 +161,7 @@ BOARD_ETC="${BOARD_ROOT}/etc" BOARD_ARCH=$(get_board_arch "$BOARD") BOARD_CHOST=$(get_board_chost ${BOARD}) PORTAGE_PROFILE=$(get_board_profile "$BOARD") -BOARD_BINHOST=$(generate_binhost_list) +BOARD_BINHOST="$FLAGS_binhost $(generate_binhost_list)" if [[ ${FLAGS_regen_configs_only} -eq ${FLAGS_TRUE} ]]; then FLAGS_regen_configs=${FLAGS_TRUE} @@ -198,6 +200,9 @@ if [ "${FLAGS_usepkg}" -eq "${FLAGS_TRUE}" ]; then else UPDATE_ARGS+=" --nogetbinpkg " fi + if [[ -n "${FLAGS_binhost}" ]]; then + UPDATE_ARGS+=" --binhost=${FLAGS_binhost} " + fi else UPDATE_ARGS+=" --nousepkg" fi @@ -318,6 +323,10 @@ if [[ ${FLAGS_regen_configs} -eq ${FLAGS_FALSE} ]]; then info "Installing toolchain build dependencies" install_cross_libs "${BOARD_CHOST}" ${EMERGE_FLAGS} --buildpkg=n + info "Building toolchain dependencies" + "${EMERGE_WRAPPER}" --buildpkg --buildpkgonly --onlydeps -e \ + --root="/usr/${BOARD_CHOST}" --sysroot="/usr/${BOARD_CHOST}" \ + ${EMERGE_TOOLCHAIN_FLAGS} "${TOOLCHAIN_PKGS[@]}" info "Building toolchain" "${EMERGE_WRAPPER}" --buildpkg --buildpkgonly \ --root="/usr/${BOARD_CHOST}" --sysroot="/usr/${BOARD_CHOST}" \ diff --git a/signing/sign.sh b/signing/sign.sh index 4cc5d4fb2a..fe852b7cbf 100755 --- a/signing/sign.sh +++ b/signing/sign.sh @@ -14,12 +14,12 @@ SERVER_ADDR="${3:-10.7.68.102}" SERVER_PORT="${4:-50051}" echo "=== Verifying update payload... ===" -gpg2 --verify "${DATA_DIR}/coreos_production_update.bin.bz2.sig" -gpg2 --verify "${DATA_DIR}/coreos_production_image.vmlinuz.sig" -gpg2 --verify "${DATA_DIR}/coreos_production_update.zip.sig" +gpg2 --verify "${DATA_DIR}/flatcar_production_update.bin.bz2.sig" +gpg2 --verify "${DATA_DIR}/flatcar_production_image.vmlinuz.sig" +gpg2 --verify "${DATA_DIR}/flatcar_production_update.zip.sig" echo "=== Decompressing update payload... ===" -bunzip2 --keep "${DATA_DIR}/coreos_production_update.bin.bz2" -unzip "${DATA_DIR}/coreos_production_update.zip" -d "${DATA_DIR}" +bunzip2 --keep "${DATA_DIR}/flatcar_production_update.bin.bz2" +unzip "${DATA_DIR}/flatcar_production_update.zip" -d "${DATA_DIR}" payload_signature_files="" for i in ${SIGS_DIR}/update.sig.*; do @@ -29,10 +29,10 @@ payload_signature_files="${payload_signature_files:1:${#payload_signature_files} pushd "${DATA_DIR}" ./core_sign_update \ - --image "${DATA_DIR}/coreos_production_update.bin" \ - --kernel "${DATA_DIR}/coreos_production_image.vmlinuz" \ - --output "${DATA_DIR}/coreos_production_update.gz" \ - --private_keys "${KEYS_DIR}/devel.key.pem+fero:coreos-image-signing-key" \ + --image "${DATA_DIR}/flatcar_production_update.bin" \ + --kernel "${DATA_DIR}/flatcar_production_image.vmlinuz" \ + --output "${DATA_DIR}/flatcar_production_update.gz" \ + --private_keys "${KEYS_DIR}/devel.key.pem+fero:flatcar-image-signing-key" \ --public_keys "${KEYS_DIR}/devel.pub.pem+${KEYS_DIR}/prod-2.pub.pem" \ --keys_separator "+" \ --signing_server_address "$SERVER_ADDR" \ @@ -53,7 +53,7 @@ fero-client \ sign \ --file "${DATA_DIR}/torcx_manifest.json" \ --output "${DATA_DIR}/torcx_manifest.json.sig-fero" \ - --secret-key coreos-app-signing-key \ + --secret-key flatcar-app-signing-key \ ${torcx_signature_arg} gpg2 --enarmor \ --output - \ diff --git a/signing/transfer.sh b/signing/transfer.sh index 4a152f82c7..361146c773 100755 --- a/signing/transfer.sh +++ b/signing/transfer.sh @@ -2,8 +2,9 @@ set -eux -APPID=e96281a6-d1af-4bde-9a0a-97b76e56dc57 -BOARD=amd64-usr +declare -A APPID +APPID[amd64-usr]=e96281a6-d1af-4bde-9a0a-97b76e56dc57 +APPID[arm64-usr]=103867da-e3a2-4c92-b0b3-7fbd7f7d8b71 declare -A RELEASE_CHANNEL RELEASE_CHANNEL[alpha]=Alpha @@ -13,22 +14,23 @@ RELEASE_CHANNEL[stable]=Stable download() { local channel="$1" local version="$2" + local board="$3" - local gs="gs://builds.release.core-os.net/${channel}/boards/${BOARD}/${version}" - local dir="${BASEDIR}/${BOARD}/${version}" + local gs="gs://builds.release.core-os.net/${channel}/boards/${board}/${version}" + local dir="${BASEDIR}/${board}/${version}" mkdir -p "${dir}" pushd "${dir}" >/dev/null gsutil -m cp \ - "${gs}/coreos_production_image.vmlinuz" \ - "${gs}/coreos_production_image.vmlinuz.sig" \ - "${gs}/coreos_production_update.bin.bz2" \ - "${gs}/coreos_production_update.bin.bz2.sig" \ - "${gs}/coreos_production_update.zip" \ - "${gs}/coreos_production_update.zip.sig" ./ + "${gs}/flatcar_production_image.vmlinuz" \ + "${gs}/flatcar_production_image.vmlinuz.sig" \ + "${gs}/flatcar_production_update.bin.bz2" \ + "${gs}/flatcar_production_update.bin.bz2.sig" \ + "${gs}/flatcar_production_update.zip" \ + "${gs}/flatcar_production_update.zip.sig" ./ # torcx manifest: try embargoed release bucket first - local torcx_base="gs://builds.release.core-os.net/embargoed/devfiles/torcx/manifests/${BOARD}/${version}" + local torcx_base="gs://builds.release.core-os.net/embargoed/devfiles/torcx/manifests/${board}/${version}" if ! gsutil -q stat "${torcx_base}/torcx_manifest.json"; then # Non-embargoed release local torcx_base="gs://builds.developer.core-os.net/torcx/manifests/${BOARD}/${version}" @@ -38,9 +40,9 @@ download() { "${torcx_base}/torcx_manifest.json.sig" \ ./ - gpg2 --verify "coreos_production_image.vmlinuz.sig" - gpg2 --verify "coreos_production_update.bin.bz2.sig" - gpg2 --verify "coreos_production_update.zip.sig" + gpg2 --verify "flatcar_production_image.vmlinuz.sig" + gpg2 --verify "flatcar_production_update.bin.bz2.sig" + gpg2 --verify "flatcar_production_update.zip.sig" gpg2 --verify "torcx_manifest.json.sig" popd >/dev/null @@ -49,6 +51,7 @@ download() { devsign() { local channel="$1" local version="$2" + local board="$3" "$(dirname $0)/../core_dev_sign_update" \ --data_dir "${BASEDIR}" \ @@ -62,18 +65,20 @@ devsign() { sign() { local channel="$1" local version="$2" + local board="$3" "$(dirname $0)/sign.sh" \ - "${BASEDIR}/${BOARD}/${version}" \ - "${SIGDIR}/${BOARD}/${version}" + "${BASEDIR}/${board}/${version}" \ + "${SIGDIR}/${board}/${version}" } upload() { local channel="$1" local version="$2" + local board="$3" - local dir="${BASEDIR}/${BOARD}/${version}" - local payload="${dir}/coreos_production_update.gz" + local dir="${BASEDIR}/${board}/${version}" + local payload="${dir}/flatcar_production_update.gz" local torcx_manifest="${dir}/torcx_manifest.json" local torcx_manifest_sig="${dir}/torcx_manifest.json.asc" local path @@ -87,8 +92,8 @@ upload() { "$(dirname $0)/../core_roller_upload" \ --user="${ROLLER_USERNAME}" \ --api_key="${ROLLER_API_KEY}" \ - --app_id="${APPID}" \ - --board="${BOARD}" \ + --app_id="${APPID[${board}]}" \ + --board="${board}" \ --version="${version}" \ --payload="${payload}" @@ -96,7 +101,7 @@ upload() { gsutil cp \ "${torcx_manifest}" \ "${torcx_manifest_sig}" \ - "gs://coreos-tectonic-torcx/manifests/${BOARD}/${version}/" + "gs://coreos-tectonic-torcx/manifests/${board}/${version}/" # Update version in a canary channel if one is defined. local -n canary_channel="ROLLER_CANARY_CHANNEL_${channel^^}" @@ -106,7 +111,7 @@ upload() { --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ channel update \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --channel="${canary_channel}" \ --version="${version}" fi @@ -115,16 +120,17 @@ upload() { ready() { local channel="$1" local version="$2" + local board="$3" # setting the percent will deactivate (not delete) any existing rollouts for # this specific group. - echo "Rollout set to 0%" + echo "Rollout set to 0% for ${board}" updateservicectl \ --server="https://public.update.core-os.net" \ --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ group percent \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --group-id="${channel}" \ --update-percent=0 @@ -135,7 +141,7 @@ ready() { --user="${ROLLER_USERNAME}" \ --key="${ROLLER_API_KEY}" \ channel update \ - --app-id="${APPID}" \ + --app-id="${APPID[${board}]}" \ --channel="${RELEASE_CHANNEL[${channel}]}" \ --publish=true \ --version="${version}" @@ -144,26 +150,40 @@ ready() { roll() { local channel="$1" local hours="$2" + local board="$3" local seconds=$((${hours} * 3600)) - # creating a new rollout deletes any existing rollout for this group and - # automatically activates the new one. - echo "Creating linear rollout that will get to 100% in ${hours}h" - updateservicectl \ - --server="https://public.update.core-os.net" \ - --user="${ROLLER_USERNAME}" \ - --key="${ROLLER_API_KEY}" \ - rollout create linear \ - --app-id="${APPID}" \ - --group-id="${channel}" \ - --duration="${seconds}" \ - --frame-size="60" + # Only ramp rollouts on AMD64; ARM64 is too small + if [[ "$board" = "arm64-usr" ]]; then + echo "Setting rollout for arm64-usr to 100%" + updateservicectl \ + --server="https://public.update.core-os.net" \ + --user="${ROLLER_USERNAME}" \ + --key="${ROLLER_API_KEY}" \ + group percent \ + --app-id="${APPID[${board}]}" \ + --group-id="${channel}" \ + --update-percent=100 + else + # creating a new rollout deletes any existing rollout for this group and + # automatically activates the new one. + echo "Creating linear rollout for ${board} that will get to 100% in ${hours}h" + updateservicectl \ + --server="https://public.update.core-os.net" \ + --user="${ROLLER_USERNAME}" \ + --key="${ROLLER_API_KEY}" \ + rollout create linear \ + --app-id="${APPID[${board}]}" \ + --group-id="${channel}" \ + --duration="${seconds}" \ + --frame-size="60" + fi } usage() { echo "Usage: $0 {download|upload} [{-a|-b|-s} ]..." >&2 - echo "Usage: $0 {devsign|sign} [{-a|-b|-s} ]..." >&2 + echo "Usage: $0 {devsign|sign} [{-a|-b|-s} ]..." >&2 echo "Usage: $0 ready [{-a|-b|-s} ]..." >&2 echo "Usage: $0 roll [{-a|-b|-s} ]..." >&2 exit 1 @@ -226,13 +246,15 @@ while [[ $# > 0 ]]; do case "${c}" in -a) - $CMD "alpha" "${v}" + $CMD "alpha" "${v}" "amd64-usr" + $CMD "alpha" "${v}" "arm64-usr" ;; -b) - $CMD "beta" "${v}" + $CMD "beta" "${v}" "amd64-usr" + $CMD "beta" "${v}" "arm64-usr" ;; -s) - $CMD "stable" "${v}" + $CMD "stable" "${v}" "amd64-usr" ;; *) usage diff --git a/tag_release b/tag_release index 8ad71342d3..f97ee53aac 100755 --- a/tag_release +++ b/tag_release @@ -28,7 +28,7 @@ DEFAULT_MINOR=0 DEFAULT_BRANCH=${FLAGS_FALSE} DEFAULT_BRANCH_PROJECTS= -CURRENT_VERSION=( ${COREOS_VERSION_ID//./ } ) +CURRENT_VERSION=( ${FLATCAR_VERSION_ID//./ } ) # Detect if we are on a branch or still tracking master. DEFAULT_MANIFEST=$(readlink "${REPO_MANIFESTS_DIR}/default.xml") \ @@ -48,8 +48,8 @@ fi DEFINE_integer major ${DEFAULT_MAJOR} "Branch major version (aka 'build')" DEFINE_integer minor ${DEFAULT_MINOR} "Branch revision or minor version" DEFINE_integer patch 0 "Branch patch id, normally 0" -DEFINE_string sdk_version "${COREOS_VERSION_ID}" \ - "SDK version to use, or 'keep'. (current: ${COREOS_SDK_VERSION})" +DEFINE_string sdk_version "${FLATCAR_VERSION_ID}" \ + "SDK version to use, or 'keep'. (current: ${FLATCAR_SDK_VERSION})" DEFINE_boolean branch ${DEFAULT_BRANCH} "Release branch, diverge from master" DEFINE_string branch_projects "${DEFAULT_BRANCH_PROJECTS}" \ "Branch the named projects (with a 'coreos/' prefix) in the manifest." @@ -82,7 +82,7 @@ TAG_NAME="v${BRANCH_VERSION}" if [[ "${FLAGS_sdk_version}" == keep || "${FLAGS_sdk_version}" == current ]] then - FLAGS_sdk_version="${COREOS_SDK_VERSION}" + FLAGS_sdk_version="${FLATCAR_SDK_VERSION}" fi if [[ "${FLAGS_sdk_version}" == "${BRANCH_VERSION}" ]]; then @@ -92,9 +92,9 @@ if [[ "${FLAGS_sdk_version}" == "${BRANCH_VERSION}" ]]; then fi # Verify that the specified SDK version exists -COREOS_SDK_VERSION="${FLAGS_sdk_version}" +FLATCAR_SDK_VERSION="${FLAGS_sdk_version}" . "${SCRIPT_ROOT}/sdk_lib/sdk_util.sh" -if ! curl --head --fail --silent "${COREOS_SDK_URL}" > /dev/null ; then +if ! curl --head --fail --silent "${FLATCAR_SDK_URL}" > /dev/null ; then die_notrace "SDK version does not exist." \ "Try --sdk_version keep to use the existing SDK." fi @@ -140,10 +140,10 @@ if [[ ${FLAGS_branch} -eq ${FLAGS_TRUE} ]]; then fi tee version.txt <