Merge pull request #250 from marineam/refactor

Refactor image building

build_image

@@ -74,7 +74,7 @@ DEFINE_string version "" \
 # Parse command line.
 FLAGS "$@" || exit 1
 
-eval set -- "${FLAGS_ARGV}"
+eval set -- "${FLAGS_ARGV:-dev}"
 
 # Only now can we die on error.  shflags functions leak non-zero error codes,
 # so will die prematurely if 'switch_to_strict_mode' is specified before now.
@@ -87,25 +87,22 @@ check_gsutil_opts
 . "${BUILD_LIBRARY_DIR}/toolchain_util.sh" || exit 1
 . "${BUILD_LIBRARY_DIR}/board_options.sh" || exit 1
 . "${BUILD_LIBRARY_DIR}/build_image_util.sh" || exit 1
-. "${BUILD_LIBRARY_DIR}/base_image_util.sh" || exit 1
 . "${BUILD_LIBRARY_DIR}/prod_image_util.sh" || exit 1
 . "${BUILD_LIBRARY_DIR}/dev_image_util.sh" || exit 1
 . "${BUILD_LIBRARY_DIR}/test_image_content.sh" || exit 1
 
-parse_build_image_args
-
-BASE_PACKAGE="coreos-base/coreos"
-
-PRISTINE_IMAGE_NAME=${CHROMEOS_BASE_IMAGE_NAME}
-
-DEVKEYSDIR="/usr/share/vboot/devkeys"
+PROD_IMAGE=0
+DEV_IMAGE=0
+for arg in "$@"; do
+  case "${arg}" in
+    prod) PROD_IMAGE=1 ;;
+    dev)  DEV_IMAGE=1 ;;
+    *)    die_notrace "Unknown image type ${arg}" ;;
+  esac
+done
 
 eclean-$BOARD -d packages
 
-if [[ ${skip_blacklist_check} -ne 1 ]]; then
-  check_blacklist
-fi
-
 # Check that the build root is sane.
 if [[ ${skip_test_build_root} -ne 1 ]]; then
   info "Checking build root"
@@ -134,42 +131,19 @@ mkdir -p "${BUILD_DIR}"
 
 DISK_LAYOUT="${FLAGS_disk_layout:-base}"
 
-# Create the base image.
-create_base_image "${PRISTINE_IMAGE_NAME}" "${DISK_LAYOUT}" "${FLAGS_group}"
-if should_build_image ${PRISTINE_IMAGE_NAME}; then
-  upload_image "${BUILD_DIR}/${PRISTINE_IMAGE_NAME}"
+if [[ "${DEV_IMAGE}" -eq 1 ]]; then
+  create_dev_image ${COREOS_DEVELOPER_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group}
+  upload_image "${BUILD_DIR}/${COREOS_DEVELOPER_IMAGE_NAME}"
 fi
 
-# Running board-specific setup if any exists.
-if type board_setup &>/dev/null; then
-  board_setup "${BUILD_DIR}/${PRISTINE_IMAGE_NAME}"
-fi
-
-# Create a developer image if an image that is based on it is requested.
-if should_build_image ${CHROMEOS_DEVELOPER_IMAGE_NAME}; then
-  if should_build_image ${COREOS_PRODUCTION_IMAGE_NAME}; then
-    cp "${BUILD_DIR}/${PRISTINE_IMAGE_NAME}" \
-        "${BUILD_DIR}/${CHROMEOS_DEVELOPER_IMAGE_NAME}"
-  else
-    copy_image ${PRISTINE_IMAGE_NAME} ${CHROMEOS_DEVELOPER_IMAGE_NAME}
-  fi
-  install_dev_packages ${CHROMEOS_DEVELOPER_IMAGE_NAME} ${DISK_LAYOUT}
-  upload_image "${BUILD_DIR}/${CHROMEOS_DEVELOPER_IMAGE_NAME}"
-fi
-
-if should_build_image ${COREOS_PRODUCTION_IMAGE_NAME}; then
-  copy_image ${CHROMEOS_BASE_IMAGE_NAME} ${COREOS_PRODUCTION_IMAGE_NAME}
-  setup_prod_image ${COREOS_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT}
+if [[ "${PROD_IMAGE}" -eq 1 ]]; then
+  create_prod_image ${COREOS_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group}
   upload_image "${BUILD_DIR}/${COREOS_PRODUCTION_IMAGE_NAME}"
   if [[ ${FLAGS_generate_update} -eq ${FLAGS_TRUE} ]]; then
     generate_update "${COREOS_PRODUCTION_IMAGE_NAME}" ${DISK_LAYOUT}
   fi
 fi
 
-if ! should_build_image ${PRISTINE_IMAGE_NAME}; then
-  rm -f "${BUILD_DIR}/${PRISTINE_IMAGE_NAME}"
-fi
-
 # Write out a version.txt file, this will be used by image_to_vm.sh
 tee "${BUILD_DIR}/version.txt" <<EOF
 COREOS_BUILD=${COREOS_BUILD}
@@ -203,15 +177,12 @@ EOF
 }
 
 # Print out the images we generated.
-if should_build_image ${COREOS_PRODUCTION_IMAGE_NAME}; then
+if [[ "${PROD_IMAGE}" -eq 1 ]]; then
   echo "CoreOS Production image created as ${COREOS_PRODUCTION_IMAGE_NAME}"
   print_image_to_vm "prod"
 fi
-if should_build_image ${CHROMEOS_BASE_IMAGE_NAME}; then
-  echo "Non-developer CoreOS image created as ${PRISTINE_IMAGE_NAME}"
-fi
-if should_build_image ${CHROMEOS_DEVELOPER_IMAGE_NAME}; then
-  echo "Developer image created as ${CHROMEOS_DEVELOPER_IMAGE_NAME}"
+if [[ "${DEV_IMAGE}" -eq 1 ]]; then
+  echo "Developer image created as ${COREOS_DEVELOPER_IMAGE_NAME}"
   print_image_to_vm
 fi
 

build_library/base_image_util.sh

@@ -1,71 +0,0 @@
-# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-create_base_image() {
-  local image_name=$1
-  local disk_layout=$2
-  local update_group="$3"
-
-  local disk_img="${BUILD_DIR}/${image_name}"
-  local root_fs_dir="${BUILD_DIR}/rootfs"
-
-  info "Using image type ${disk_layout}"
-  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
-      format "${disk_img}"
-
-  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
-      mount "${disk_img}" "${root_fs_dir}"
-  trap "cleanup_mounts '${root_fs_dir}' && delete_prompt" EXIT
-
-  # First thing first, install baselayout with USE=build to create a
-  # working directory tree. Don't use binpkgs due to the use flag change.
-  sudo -E USE=build "emerge-${BOARD}" --root="${root_fs_dir}" \
-      --usepkg=n --buildpkg=n --oneshot --quiet --nodeps sys-apps/baselayout
-
-  # FIXME(marineam): Work around glibc setting EROOT=$ROOT
-  # https://bugs.gentoo.org/show_bug.cgi?id=473728#c12
-  sudo mkdir -p "${root_fs_dir}/etc/ld.so.conf.d"
-
-  # We "emerge --root=${root_fs_dir} --root-deps=rdeps --usepkgonly" all of the
-  # runtime packages for chrome os. This builds up a chrome os image from
-  # binary packages with runtime dependencies only.  We use INSTALL_MASK to
-  # trim the image size as much as possible.
-  emerge_prod_gcc --root="${root_fs_dir}"
-  emerge_to_image --root="${root_fs_dir}" ${BASE_PACKAGE}
-
-  # Make sure profile.env and ld.so.cache has been generated
-  sudo ROOT="${root_fs_dir}" env-update
-
-  # Record directories installed to the state partition.
-  # Explicitly ignore entries covered by existing configs.
-  local tmp_ignore=$(awk '/^[dDfFL]/ {print "--ignore=" $2}' \
-      "${root_fs_dir}"/usr/lib/tmpfiles.d/*.conf)
-  sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
-      --output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_var.conf" \
-      ${tmp_ignore} "${root_fs_dir}/var"
-  sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
-      --output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_etc.conf" \
-      ${tmp_ignore} "${root_fs_dir}/etc"
-
-  # Set /etc/lsb-release on the image.
-  "${BUILD_LIBRARY_DIR}/set_lsb_release" \
-    --root="${root_fs_dir}" \
-    --group="${update_group}" \
-    --board="${BOARD}"
-
-  ${BUILD_LIBRARY_DIR}/configure_bootloaders.sh \
-    --arch=${ARCH} \
-    --disk_layout="${disk_layout}" \
-    --boot_dir="${root_fs_dir}"/usr/boot \
-    --esp_dir="${root_fs_dir}"/boot/efi \
-    --boot_args="${FLAGS_boot_args}"
-
-  # Zero all fs free space to make it more compressible so auto-update
-  # payloads become smaller, not fatal since it won't work on linux < 3.2
-  sudo fstrim "${root_fs_dir}" || true
-  sudo fstrim "${root_fs_dir}/usr" || true
-
-  cleanup_mounts "${root_fs_dir}"
-  trap - EXIT
-}

build_library/build_image_util.sh

@@ -18,7 +18,6 @@ else
 fi
 BUILD_DIR="${FLAGS_output_root}/${BOARD}/${IMAGE_SUBDIR}"
 OUTSIDE_OUTPUT_DIR="../build/images/${BOARD}/${IMAGE_SUBDIR}"
-IMAGES_TO_BUILD=
 
 set_build_symlinks() {
     local build=$(basename ${BUILD_DIR})
@@ -29,95 +28,6 @@ set_build_symlinks() {
     done
 }
 
-# Populates list of IMAGES_TO_BUILD from args passed in.
-# Arguments should be the shortnames of images we want to build.
-get_images_to_build() {
-  local image_to_build
-  for image_to_build in $*; do
-    # Shflags leaves "'"s around ARGV.
-    case ${image_to_build} in
-      \'prod\' )
-        IMAGES_TO_BUILD="${IMAGES_TO_BUILD} ${COREOS_PRODUCTION_IMAGE_NAME}"
-        ;;
-      \'base\' )
-        IMAGES_TO_BUILD="${IMAGES_TO_BUILD} ${CHROMEOS_BASE_IMAGE_NAME}"
-        ;;
-      \'dev\' )
-        IMAGES_TO_BUILD="${IMAGES_TO_BUILD} ${CHROMEOS_DEVELOPER_IMAGE_NAME}"
-        ;;
-      * )
-        die "${image_to_build} is not an image specification."
-        ;;
-    esac
-  done
-
-  # Set default if none specified.
-  if [ -z "${IMAGES_TO_BUILD}" ]; then
-    IMAGES_TO_BUILD=${CHROMEOS_DEVELOPER_IMAGE_NAME}
-  fi
-
-  info "The following images will be built ${IMAGES_TO_BUILD}."
-}
-
-# Look at flags to determine which image types we should build.
-parse_build_image_args() {
-  get_images_to_build ${FLAGS_ARGV}
-}
-
-should_build_image() {
-  # Fast pass back if we should build all incremental images.
-  local image_name
-  local image_to_build
-
-  for image_name in "$@"; do
-    for image_to_build in ${IMAGES_TO_BUILD}; do
-      [ "${image_to_build}" = "${image_name}" ] && return 0
-    done
-  done
-
-  return 1
-}
-
-# Utility function for creating a copy of an image prior to
-# modification from the BUILD_DIR:
-#  $1: source filename
-#  $2: destination filename
-copy_image() {
-  local src="${BUILD_DIR}/$1"
-  local dst="${BUILD_DIR}/$2"
-  if should_build_image $1; then
-    echo "Creating $2 from $1..."
-    cp --sparse=always "${src}" "${dst}" || die "Cannot copy $1 to $2"
-  else
-    mv "${src}" "${dst}" || die "Cannot move $1 to $2"
-  fi
-}
-
-check_blacklist() {
-  info "Verifying that the base image does not contain a blacklisted package."
-  info "Generating list of packages for ${BASE_PACKAGE}."
-  local package_blacklist_file="${BUILD_LIBRARY_DIR}/chromeos_blacklist"
-  if [ ! -e "${package_blacklist_file}" ]; then
-    warn "Missing blacklist file."
-    return
-  fi
-  local blacklisted_packages=$(${SCRIPTS_DIR}/get_package_list \
-      --board="${BOARD}" "${BASE_PACKAGE}" \
-      | grep -x -f "${package_blacklist_file}")
-  if [ -n "${blacklisted_packages}" ]; then
-    die "Blacklisted packages found: ${blacklisted_packages}."
-  fi
-  info "No blacklisted packages found."
-}
-
-make_salt() {
-  # It is not important that the salt be cryptographically strong; it just needs
-  # to be different for each release. The purpose of the salt is just to ensure
-  # that if someone collides a block in one release, they can't reuse it in
-  # future releases.
-  xxd -l 32 -p -c 32 /dev/urandom
-}
-
 cleanup_mounts() {
   echo "Cleaning up mounts"
   "${BUILD_LIBRARY_DIR}/disk_util" umount "$1" || true
@@ -172,6 +82,7 @@ generate_update() {
 # Arguments to this command are passed as addition options/arguments
 # to the basic emerge command.
 emerge_to_image() {
+  local root_fs_dir="$1"; shift
   local mask="${INSTALL_MASK:-$(portageq-$BOARD envvar PROD_INSTALL_MASK)}"
   test -n "$mask" || die "PROD_INSTALL_MASK not defined"
 
@@ -187,26 +98,71 @@ emerge_to_image() {
     emerge_cmd+=" --jobs=$FLAGS_jobs"
   fi
 
-  sudo -E INSTALL_MASK="$mask" ${emerge_cmd} "$@"
+  sudo -E INSTALL_MASK="$mask" ${emerge_cmd} --root="${root_fs_dir}" "$@"
+
+  # Make sure profile.env and ld.so.cache has been generated
+  sudo -E ROOT="${root_fs_dir}" env-update
 }
 
-# The GCC package includes both its libraries and the compiler.
-# In prod images we only need the shared libraries.
-emerge_prod_gcc() {
-    local mask="${INSTALL_MASK:-$(portageq-$BOARD envvar PROD_INSTALL_MASK)}"
-    test -n "$mask" || die "PROD_INSTALL_MASK not defined"
+start_image() {
+  local image_name="$1"
+  local disk_layout="$2"
+  local root_fs_dir="$3"
 
-    mask="${mask}
-        /usr/bin
-        /usr/*/gcc-bin
-        /usr/lib/gcc/*/*/*.o
-        /usr/lib/gcc/*/*/include
-        /usr/lib/gcc/*/*/include-fixed
-        /usr/lib/gcc/*/*/plugin
-        /usr/libexec
-        /usr/share/gcc-data/*/*/c89
-        /usr/share/gcc-data/*/*/c99
-        /usr/share/gcc-data/*/*/python"
+  local disk_img="${BUILD_DIR}/${image_name}"
 
-    INSTALL_MASK="${mask}" emerge_to_image --nodeps sys-devel/gcc "$@"
+  info "Using image type ${disk_layout}"
+  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
+      format "${disk_img}"
+
+  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
+      mount "${disk_img}" "${root_fs_dir}"
+  trap "cleanup_mounts '${root_fs_dir}' && delete_prompt" EXIT
+
+  # First thing first, install baselayout with USE=build to create a
+  # working directory tree. Don't use binpkgs due to the use flag change.
+  sudo -E USE=build "emerge-${BOARD}" --root="${root_fs_dir}" \
+      --usepkg=n --buildpkg=n --oneshot --quiet --nodeps sys-apps/baselayout
+
+  # FIXME(marineam): Work around glibc setting EROOT=$ROOT
+  # https://bugs.gentoo.org/show_bug.cgi?id=473728#c12
+  sudo mkdir -p "${root_fs_dir}/etc/ld.so.conf.d"
+}
+
+finish_image() {
+  local disk_layout="$1"
+  local root_fs_dir="$2"
+  local update_group="$3"
+
+  # Record directories installed to the state partition.
+  # Explicitly ignore entries covered by existing configs.
+  local tmp_ignore=$(awk '/^[dDfFL]/ {print "--ignore=" $2}' \
+      "${root_fs_dir}"/usr/lib/tmpfiles.d/*.conf)
+  sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
+      --output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_var.conf" \
+      ${tmp_ignore} "${root_fs_dir}/var"
+  sudo "${BUILD_LIBRARY_DIR}/gen_tmpfiles.py" --root="${root_fs_dir}" \
+      --output="${root_fs_dir}/usr/lib/tmpfiles.d/base_image_etc.conf" \
+      ${tmp_ignore} "${root_fs_dir}/etc"
+
+  # Set /etc/lsb-release on the image.
+  "${BUILD_LIBRARY_DIR}/set_lsb_release" \
+    --root="${root_fs_dir}" \
+    --group="${update_group}" \
+    --board="${BOARD}"
+
+  ${BUILD_LIBRARY_DIR}/configure_bootloaders.sh \
+    --arch=${ARCH} \
+    --disk_layout="${disk_layout}" \
+    --boot_dir="${root_fs_dir}"/usr/boot \
+    --esp_dir="${root_fs_dir}"/boot/efi \
+    --boot_args="${FLAGS_boot_args}"
+
+  # Zero all fs free space to make it more compressible so auto-update
+  # payloads become smaller, not fatal since it won't work on linux < 3.2
+  sudo fstrim "${root_fs_dir}" || true
+  sudo fstrim "${root_fs_dir}/usr" || true
+
+  cleanup_mounts "${root_fs_dir}"
+  trap - EXIT
 }

build_library/chromeos_blacklist

@@ -1,6 +0,0 @@
-app-text/iso-codes
-dev-java/icedtea
-dev-java/icedtea6-bin
-dev-lang/perl
-media-sound/pulseaudio
-x11-libs/libxklavier

build_library/dev_image_util.sh

@@ -50,11 +50,10 @@ detect_dev_url() {
     fi
 }
 
-# Modifies an existing image to add development packages.
-# Takes as an arg the name of the image to be created.
-install_dev_packages() {
+create_dev_image() {
   local image_name=$1
   local disk_layout=$2
+  local update_group=$3
   local devserver=$(detect_dev_url)
   local auserver=""
 
@@ -65,18 +64,16 @@ install_dev_packages() {
     info "Unable do detect local dev server address."
   fi
 
-  info "Adding developer packages to ${image_name}"
+  info "Building developer image ${image_name}"
   local root_fs_dir="${BUILD_DIR}/rootfs"
 
-  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
-      mount "${BUILD_DIR}/${image_name}" "${root_fs_dir}"
-  trap "cleanup_mounts '${root_fs_dir}' && delete_prompt" EXIT
+  start_image "${image_name}" "${disk_layout}" "${root_fs_dir}"
 
-  # Install developer packages described in coreos-dev.
-  emerge_to_image --root="${root_fs_dir}" coreos-base/coreos-dev
+  emerge_to_image "${root_fs_dir}" coreos-base/coreos-dev
 
-  # Make sure profile.env and ld.so.cache has been generated
-  sudo ROOT="${root_fs_dir}" env-update
+  "${BUILD_LIBRARY_DIR}/set_lsb_release" \
+    --root="${root_fs_dir}" \
+    --board="${BOARD}"
 
   # Setup portage for emerge and gmerge
   configure_dev_portage "${root_fs_dir}" "${devserver}"
@@ -101,12 +98,5 @@ EOF
   sudo mkdir -p "${fs_wants}"
   sudo ln -s ../remount-usr.service "${fs_wants}"
 
-  # Zero all fs free space, not fatal since it won't work on linux < 3.2
-  sudo fstrim "${root_fs_dir}" || true
-  sudo fstrim "${root_fs_dir}/usr" || true
-
-  info "Developer image built and stored at ${image_name}"
-
-  cleanup_mounts "${root_fs_dir}"
-  trap - EXIT
+  finish_image "${disk_layout}" "${root_fs_dir}" "${update_group}"
 }

build_library/prod_image_util.sh

@@ -3,16 +3,41 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
-setup_prod_image() {
+# The GCC package includes both its libraries and the compiler.
+# In prod images we only need the shared libraries.
+emerge_prod_gcc() {
+    local root_fs_dir="$1"; shift
+    local mask="${INSTALL_MASK:-$(portageq-$BOARD envvar PROD_INSTALL_MASK)}"
+    test -n "$mask" || die "PROD_INSTALL_MASK not defined"
+
+    mask="${mask}
+        /usr/bin
+        /usr/*/gcc-bin
+        /usr/lib/gcc/*/*/*.o
+        /usr/lib/gcc/*/*/include
+        /usr/lib/gcc/*/*/include-fixed
+        /usr/lib/gcc/*/*/plugin
+        /usr/libexec
+        /usr/share/gcc-data/*/*/c89
+        /usr/share/gcc-data/*/*/c99
+        /usr/share/gcc-data/*/*/python"
+
+    INSTALL_MASK="${mask}" emerge_to_image "${root_fs_dir}" --nodeps sys-devel/gcc "$@"
+}
+
+create_prod_image() {
   local image_name="$1"
   local disk_layout="$2"
+  local update_group="$3"
 
-  info "Configuring production image ${image_name}"
+  info "Building production image ${image_name}"
   local root_fs_dir="${BUILD_DIR}/rootfs"
 
-  "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \
-      mount "${BUILD_DIR}/${image_name}" "${root_fs_dir}"
-  trap "cleanup_mounts '${root_fs_dir}' && delete_prompt" EXIT
+  start_image "${image_name}" "${disk_layout}" "${root_fs_dir}"
+
+  # Install minimal GCC (libs only) and then everything else
+  emerge_prod_gcc "${root_fs_dir}"
+  emerge_to_image "${root_fs_dir}" coreos-base/coreos
 
   # clean-ups of things we do not need
   sudo rm ${root_fs_dir}/etc/csh.env
@@ -38,8 +63,7 @@ EOF
   sudo rm ${root_fs_dir}/etc/xinetd.d/rsyncd
   sudo rmdir ${root_fs_dir}/etc/xinetd.d
 
-  cleanup_mounts "${root_fs_dir}"
-  trap - EXIT
+  finish_image "${disk_layout}" "${root_fs_dir}" "${update_group}"
 
   # Make the filesystem un-mountable as read-write.
   if [ ${FLAGS_enable_rootfs_verification} -eq ${FLAGS_TRUE} ]; then

common.sh

@@ -404,16 +404,8 @@ DEFAULT_FAST=${FLAGS_FALSE}
 BUILD_DIR=
 
 # Standard filenames
-CHROMEOS_BASE_IMAGE_NAME="coreos_base_image.bin"
-CHROMEOS_DEVELOPER_IMAGE_NAME="coreos_developer_image.bin"
-CHROMEOS_IMAGE_NAME="$CHROMEOS_DEVELOPER_IMAGE_NAME"
-CHROMEOS_RECOVERY_IMAGE_NAME="recovery_image.bin"
-
-COREOS_BASE_IMAGE_NAME=${CHROMEOS_BASE_IMAGE_NAME}
-COREOS_IMAGE_NAME=${CHROMEOS_IMAGE_NAME}
-COREOS_DEVELOPER_IMAGE_NAME=${CHROMEOS_DEVELOPER_IMAGE_NAME}
+COREOS_DEVELOPER_IMAGE_NAME="coreos_developer_image.bin"
 COREOS_PRODUCTION_IMAGE_NAME="coreos_production_image.bin"
-COREOS_RECOVERY_IMAGE_NAME=${CHROMEOS_RECOVERY_IMAGE_NAME}
 
 # -----------------------------------------------------------------------------
 # Functions

image_to_vm.sh

@@ -91,7 +91,7 @@ if [ ${FLAGS_prod_image} -eq ${FLAGS_TRUE} ]; then
   set_vm_paths "${FLAGS_from}" "${FLAGS_to}" "${COREOS_PRODUCTION_IMAGE_NAME}"
 else
   # Use the standard image
-  set_vm_paths "${FLAGS_from}" "${FLAGS_to}" "${CHROMEOS_IMAGE_NAME}"
+  set_vm_paths "${FLAGS_from}" "${FLAGS_to}" "${COREOS_DEVELOPER_IMAGE_NAME}"
 fi
 
 # Make sure things are cleaned up on failure

security_test_image

@@ -1,112 +0,0 @@
-#!/bin/bash
-
-# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-CROS_LOG_PREFIX=${0##*/}
-
-SCRIPT_ROOT=$(dirname "$(readlink -f "$0")")
-. "${SCRIPT_ROOT}/build_library/build_common.sh" || exit 1
-
-# Developer-visible flags.
-DEFINE_string board "${DEFAULT_BOARD}" \
-  "The board to build an image for."
-DEFINE_string image "" \
-  "Source release image to use (${CHROMEOS_RECOVERY_IMAGE_NAME} by default)."
-DEFINE_string baselines "" \
-  "Directory to load security baselines from (default from cros-signing)"
-
-FLAGS_HELP="USAGE: security_test_image [flags]
-This script is used to run security tests on a Chrome OS images.
-
-Note: You probably will need an internal checkout by default for these
-      tests to be useful.  You can provide your own baselines, but you
-      can certainly provide your own set of configs.
-
-Note: These tests will fail on dev images.  They are designed to
-      check recovery images only.
-"
-show_help_if_requested "$@"
-
-# Parse command line.
-FLAGS "$@" || exit 1
-eval set -- "${FLAGS_ARGV}"
-
-# Only now can we die on error.  shflags functions leak non-zero error codes,
-# so will die prematurely if 'switch_to_strict_mode' is specified before now.
-switch_to_strict_mode
-
-SIGNER_DIR="${CHROOT_TRUNK_DIR}/cros-signing"
-SIGNING_TOOLS_DIR="${SIGNER_DIR}/signer/signingtools-bin"
-SECURITY_BASELINE_DIR="${SIGNER_DIR}/security_test_baselines"
-VBOOT_DIR="${CHROOT_TRUNK_DIR}/src/platform/vboot_reference/scripts/"\
-"image_signing"
-
-# No security baselines provided.  Use the standard one.
-if [[ -z ${FLAGS_baselines} ]]; then
-  FLAGS_baselines=${SECURITY_BASELINE_DIR}
-  if [[ ! -d ${FLAGS_baselines} ]]; then
-    if [[ ! -d ${SIGNER_DIR} ]]; then
-      warn "Skipping security tests with public manifest"
-      exit 0
-    else
-      die "Could not locate security baselines from" \
-          "${FLAGS_baselines} with private manifest"
-    fi
-  fi
-fi
-info "Loading baselines from ${FLAGS_baselines}"
-
-# No image was provided.  Use the standard latest image.
-if [[ -z ${FLAGS_image} ]]; then
-  DEFAULT_IMAGE_DIR=$("${SCRIPT_ROOT}"/get_latest_image.sh \
-                        --board="${FLAGS_board}")
-  FLAGS_image="${DEFAULT_IMAGE_DIR}/${CHROMEOS_RECOVERY_IMAGE_NAME}"
-fi
-info "Using ${FLAGS_image}"
-
-# The signer uses these binaries, so we should too.
-PATH="${SIGNING_TOOLS_DIR}:${PATH}"
-
-# Run all the security tests.
-failed_count=0
-run_check() {
-  local cmd=(
-    "${VBOOT_DIR}/ensure_$1.sh"
-    "${FLAGS_image}"
-  )
-  if [[ $# -ge 2 ]]; then
-    cmd+=( "${FLAGS_baselines}/ensure_$1.config" )
-  fi
-  info "Running ensure_$1.sh"
-  if ! "${cmd[@]}"; then
-    error "$1: test failed"
-    : $(( ++failed_count ))
-  fi
-}
-
-sec_checks=(
-  no_nonrelease_files
-  sane_lsb-release
-  secure_kernelparams
-)
-for check in "${sec_checks[@]}"; do
-  run_check "${check}" "${check}"
-done
-
-sec_checks=(
-  not_ASAN
-  # This test requires an update key to be inserted
-  # first which the signer itself currently does.
-  #update_verification
-)
-for check in "${sec_checks[@]}"; do
-  run_check "${check}"
-done
-
-if [[ ${failed_count} -gt 0 ]]; then
-  die_notrace "${failed_count} tests failed"
-else
-  info "All tests passed!"
-fi