mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-05-05 04:06:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #858 from flatcar/krnowak/azure-oem-sysext

Browse Source 
export portage db, oem sysext utils, sysext for azure
This commit is contained in:
Krzesimir Nowak 2023-06-06 15:13:24 +02:00 committed by GitHub
commit c22ce03960
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
46 changed files with 1102 additions and 982 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
build_library/build_image_util.sh
View File

@ -19,6 +19,8 @@ fi
BUILD_DIR="${FLAGS_output_root}/${BOARD}/${IMAGE_SUBDIR}"
OUTSIDE_OUTPUT_DIR="../build/images/${BOARD}/${IMAGE_SUBDIR}"
source "${BUILD_LIBRARY_DIR}/reports_util.sh" || exit 1
set_build_symlinks() {
local build=$(basename ${BUILD_DIR})
local link
@ -239,65 +241,6 @@ systemd_enable() {
sudo ln -sf "../${unit_file}" "${wants_dir}/${unit_alias}"
}
# Generate a ls-like listing of a directory tree.
# The ugly printf is used to predictable time format and size in bytes.
write_contents() {
info "Writing ${2##*/}"
pushd "$1" >/dev/null
# %M - file permissions
# %n - number of hard links to file
# %u - file's user name
# %g - file's group name
# %s - size in bytes
# %Tx - modification time (Y - year, m - month, d - day, H - hours, M - minutes)
# %P - file's path
# %l - symlink target (empty if not a symlink)
sudo TZ=UTC find -printf \
'%M %2n %-7u %-7g %7s %TY-%Tm-%Td %TH:%TM ./%P -> %l\n' \
| sed -e 's/ -> $//' > "$2"
popd >/dev/null
}
# Generate a listing that can be used by other tools to analyze
# image/file size changes.
write_contents_with_technical_details() {
info "Writing ${2##*/}"
pushd "$1" >/dev/null
# %M - file permissions
# %D - ID of a device where file resides
# %i - inode number
# %n - number of hard links to file
# %s - size in bytes
# %P - file's path
sudo find -printf \
'%M %D %i %n %s ./%P\n' > "$2"
popd >/dev/null
}
# Generate a report like the following:
#
# File Size Used Avail Use% Type
# /boot 127M 62M 65M 50% vfat
# /usr 983M 721M 212M 78% ext2
# / 6,0G 13M 5,6G 1% ext4
# SUM 7,0G 796M 5,9G 12% -
write_disk_space_usage() {
info "Writing ${2##*/}"
pushd "${1}" >/dev/null
# The sed's first command turns './<path>' into '/<path> ', second
# command replaces '- ' with 'SUM' for the total row. All this to
# keep the numbers neatly aligned in columns.
sudo df \
--human-readable \
--total \
--output='file,size,used,avail,pcent,fstype' \
./boot ./usr ./ | \
sed \
-e 's#^\.\(/[^ ]*\)#\1 #' \
-e 's/^- /SUM/' >"${2}"
popd >/dev/null
}
# "equery list" a potentially uninstalled board package
query_available_package() {
local pkg="$1"

15
build_library/disk_util
View File

@ -743,18 +743,29 @@ def Tune(options):
config, partitions = LoadPartitionConfig(options)
GetPartitionTableFromImage(options, config, partitions)
part = GetPartition(partitions, options.partition)
action_done = False
if not part['image_compat']:
raise InvalidLayout("Disk layout is incompatible with existing image")
if options.disable2fs_rw is not None:
action_done = True
if part.get('fs_type', None) in ('ext2', 'ext4'):
Tune2fsReadWrite(options, part, options.disable2fs_rw)
elif part.get('fs_type', None) == 'btrfs':
ReadWriteSubvol(options, part, options.disable2fs_rw)
else:
raise Exception("Partition %s is not a ext2 or ext4 or btrfs" % options.partition)
else:
if options.randomize_uuid is not None:
action_done = True
if part.get('fs_type', None) == 'btrfs':
with PartitionLoop(options, part) as loop_dev:
Sudo(['btrfstune', '-m', loop_dev])
else:
raise Exception("Partition %s is not btrfs" % options.partition)
if not action_done:
raise Exception("No options specified!")
@ -1059,6 +1070,8 @@ def main(argv):
help='disable mounting ext2 filesystems read-write')
a.add_argument('--enable2fs_rw', action='store_false', dest='disable2fs_rw',
help='re-enable mounting ext2 filesystems read-write')
a.add_argument('--randomize_uuid', action='store_true', default=None,
help='randomize btrfs UUIDs in the partition')
a.add_argument('disk_image', help='path to disk image file')
a.add_argument('partition', help='number or label of partition to edit')
a.set_defaults(func=Tune)

206
build_library/oem_sysext_util.sh Executable file
View File

@ -0,0 +1,206 @@
#!/bin/bash
#
# Copyright (c) 2023 The Flatcar Maintainers.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
source "${BUILD_LIBRARY_DIR}/reports_util.sh" || exit 1
_generate_listing() {
local rootfs="${1%/}"; shift
local listing="${1}"; shift
local slashes="${rootfs//[^\/]}"
local slash_count="${#slashes}"
# Invoking find with sudo as it's used for traversing root-owned
# rootfs, which means that some places may be unreachable by the
# sdk user.
sudo find "${rootfs}//" | cut -d/ -f$((slash_count + 2))- | sort >"${listing}"
}
_prepend_action () {
local -n prepend_array="${1}"; shift
prepend_array=( "${#}" "${@}" "${prepend_array[@]}" )
}
_invoke_actions () {
local arg_count
local command
while [[ "${#}" -gt 0 ]]; do
arg_count="${1}"
shift
command=( "${@:1:${arg_count}}" )
shift "${arg_count}"
"${command[@]}" || :
done
}
# Architecture values are taken from systemd.unit(5).
declare -A SYSEXT_ARCHES
SYSEXT_ARCHES['amd64-usr']='x86-64'
SYSEXT_ARCHES['arm64-usr']='arm64'
declare -r SYSEXT_ARCHES
# Usage: _get_sysext_arch board [board...]
_get_sysext_arch() {
local board
for board in "$@"; do
if [[ ${#SYSEXT_ARCHES["${board}"]} -ne 0 ]]; then
echo "${SYSEXT_ARCHES["${board}"]}"
else
die "Unknown board '${board}'"
fi
done
}
oem_sysext_create() {
local oem="${1}"; shift
local board="${1}"; shift
local version_id="${1}"; shift
local prod_image="${1}"; shift
local prod_pkgdb="${1}"; shift
local work_dir="${1}"; shift
local base_pkg="coreos-base/${oem}"
local sysext_work_dir="${work_dir}/sysext-${oem}"
local prod_rw_image="${sysext_work_dir}/prod_for_sysext.bin"
local prod_rw_rootfs="${sysext_work_dir}/prod_rw_rootfs"
local cleanup_actions=()
trap '_invoke_actions "${cleanup_actions[@]}"' EXIT
_prepend_action cleanup_actions rmdir "${sysext_work_dir}"
mkdir -p "${sysext_work_dir}"
info 'Creating a production image copy for work rootfs'
_prepend_action cleanup_actions rm -f "${prod_rw_image}"
cp --sparse=always "${prod_image}" "${prod_rw_image}"
info 'Preparing work image for mounting'
"${BUILD_LIBRARY_DIR}/disk_util" --disk_layout=base \
tune --randomize_uuid "${prod_rw_image}" OEM
"${BUILD_LIBRARY_DIR}/disk_util" --disk_layout=base \
tune --enable2fs_rw "${prod_rw_image}" USR-A
info "Mounting work image to ${prod_rw_rootfs}"
_prepend_action cleanup_actions rmdir "${prod_rw_rootfs}"
_prepend_action cleanup_actions "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout=base \
umount "${prod_rw_rootfs}"
"${BUILD_LIBRARY_DIR}/disk_util" --disk_layout=base \
mount --writable_verity "${prod_rw_image}" "${prod_rw_rootfs}"
local initial_files="${sysext_work_dir}/initial_files"
info "Generating list of initial files in work image"
_prepend_action cleanup_actions rm -f "${initial_files}"
_generate_listing "${prod_rw_rootfs}" "${initial_files}"
info "Stuffing package database into into ${prod_rw_rootfs}"
sudo tar -xf "${prod_pkgdb}" -C "${prod_rw_rootfs}"
# Split into two steps because we want to always install
# $${base_pkg} from the ebuild (build_packages doesn't handle it)
# *but* we never want to build anything else from source
# here. emerge doesn't have a way to enforce this in a single
# command.
info "Building ${base_pkg}"
"emerge-${board}" --nodeps --buildpkgonly --usepkg n --verbose "${base_pkg}"
info "Installing ${base_pkg} to ${prod_rw_rootfs}"
sudo emerge \
--config-root="/build/${board}" \
--root="${prod_rw_rootfs}" \
--sysroot="${prod_rw_rootfs}" \
--root-deps=rdeps \
--usepkgonly \
--verbose \
"${base_pkg}"
info "Removing portage db from ${prod_rw_rootfs}"
sudo rm -rf \
"${prod_rw_rootfs}/var/cache/edb" \
"${prod_rw_rootfs}/var/db/pkg"
local all_files="${sysext_work_dir}/all_files"
local sysext_files="${sysext_work_dir}/sysext_files"
info "Generating list of files in work image after installing OEM package"
_prepend_action cleanup_actions rm -f "${all_files}"
_generate_listing "${prod_rw_rootfs}" "${all_files}"
info "Generating list of files for sysext image"
_prepend_action cleanup_actions rm -f "${sysext_files}"
comm -1 -3 "${initial_files}" "${all_files}" >"${sysext_files}"
info "Copying files for sysext image"
local sysext_rootfs="${sysext_work_dir}/sysext_rootfs"
_prepend_action cleanup_actions rm -rf "${sysext_rootfs}"
rsync --links --files-from="${sysext_files}" "${prod_rw_rootfs}" "${sysext_rootfs}"
info "Mangling files for sysext image"
local overlay_path mangle_fs
overlay_path=$(portageq get_repo_path / coreos)
mangle_fs="${overlay_path}/${base_pkg}/files/manglefs.sh"
if [[ -x "${mangle_fs}" ]]; then
"${mangle_fs}" "${sysext_rootfs}"
fi
local entry
info "Removing non-/usr directories from sysext image"
for entry in "${sysext_rootfs}"/*; do
if [[ "${entry}" = */usr ]]; then
continue
fi
info " Removing ${entry##*/}"
rm -rf "${entry}"
done
local metadata metadata_file metadata_version_entry
info "Adding sysext metadata"
mkdir -p "${sysext_rootfs}/usr/lib/extension-release.d"
if [[ "${version_id}" = 'initial' ]]; then
metadata_version_entry="SYSEXT_LEVEL=1.0"
else
metadata_version_entry="VERSION_ID=${version_id}"
fi
metadata=(
'ID=flatcar'
"${metadata_version_entry}"
"ARCHITECTURE=$(_get_sysext_arch "${board}")"
)
metadata_file="${sysext_rootfs}/usr/lib/extension-release.d/extension-release.${oem}"
printf '%s\n' "${metadata[@]}" >"${metadata_file}"
info "Generating a squashfs image"
local sysext_raw_image_filename="${oem}.raw"
local output_raw_image="${sysext_work_dir}/${sysext_raw_image_filename}"
_prepend_action cleanup_actions rm -f "${output_raw_image}"
mksquashfs "${sysext_rootfs}" "${output_raw_image}" -all-root
info "Generating image reports"
local sysext_mounted="${sysext_work_dir}/squashfs_mounted"
_prepend_action cleanup_actions rmdir "${sysext_mounted}"
mkdir "${sysext_mounted}"
_prepend_action cleanup_actions sudo umount "${sysext_mounted}"
sudo mount -t squashfs -o loop "${output_raw_image}" "${sysext_mounted}"
local contents="${sysext_raw_image_filename%.raw}_contents.txt"
local contents_wtd="${sysext_raw_image_filename%.raw}_contents_wtd.txt"
local disk_usage="${sysext_raw_image_filename%.raw}_disk_usage.txt"
_prepend_action cleanup_actions rm -f "${sysext_work_dir}/${contents}"
write_contents "${sysext_mounted}" "${sysext_work_dir}/${contents}"
_prepend_action cleanup_actions rm -f "${sysext_work_dir}/${contents_wtd}"
write_contents_with_technical_details "${sysext_mounted}" "${sysext_work_dir}/${contents_wtd}"
_prepend_action cleanup_actions rm -f "${sysext_work_dir}/${disk_usage}"
write_disk_space_usage_in_paths "${sysext_mounted}" "${sysext_work_dir}/${disk_usage}"
local to_move
for to_move in "${sysext_raw_image_filename}" "${contents}" "${contents_wtd}" "${disk_usage}"; do
mv "${sysext_work_dir}/${to_move}" "${work_dir}/${to_move}"
done
info "Alles jut, cleaning up"
trap - EXIT
_invoke_actions "${cleanup_actions[@]}"
}

3
build_library/prod_image_util.sh
View File

@ -77,6 +77,7 @@ create_prod_image() {
local image_initrd_contents="${image_name%.bin}_initrd_contents.txt"
local image_initrd_contents_wtd="${image_name%.bin}_initrd_contents_wtd.txt"
local image_disk_usage="${image_name%.bin}_disk_usage.txt"
local image_pkgdb="${image_name%.bin}_pkgdb.tar.xz"
start_image "${image_name}" "${disk_layout}" "${root_fs_dir}" "${update_group}"
@ -100,6 +101,8 @@ create_prod_image() {
|| die_notrace "coreos-au-key is missing the 'official' use flag"
fi
tar -cf "${BUILD_DIR}/${image_pkgdb}" -C "${root_fs_dir}" var/cache/edb var/db/pkg
# clean-ups of things we do not need
sudo rm ${root_fs_dir}/etc/csh.env
sudo rm -rf ${root_fs_dir}/etc/env.d

119
build_library/reports_util.sh Normal file
View File

@ -0,0 +1,119 @@
#!/bin/bash
#
# Copyright (c) 2023 The Flatcar Maintainers.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
if [[ -n "${FLATCAR_REPORTS_UTIL_SH_INCLUDED:-}" ]]; then
return 0
fi
FLATCAR_REPORTS_UTIL_SH_INCLUDED=1
# Generate a ls-like listing of a directory tree.
# The ugly printf is used to predictable time format and size in bytes.
#
# Usage:
# write_contents "${rootfs}" ${contents_file}"
write_contents() {
local rootfs="${1}"; shift
local output="${1}"; shift
info "Writing ${output##*/}"
# Ensure output is an absolute path before we change the working
# directory.
output=$(realpath "${output}")
pushd "${rootfs}" >/dev/null
# %M - file permissions
# %n - number of hard links to file
# %u - file's user name
# %g - file's group name
# %s - size in bytes
# %Tx - modification time (Y - year, m - month, d - day, H - hours, M - minutes)
# %P - file's path
# %l - symlink target (empty if not a symlink)
sudo TZ=UTC find -printf \
'%M %2n %-7u %-7g %7s %TY-%Tm-%Td %TH:%TM ./%P -> %l\n' \
| sed -e 's/ -> $//' >"${output}"
popd >/dev/null
}
# Generate a listing that can be used by other tools to analyze
# image/file size changes.
#
# Usage:
# write_contents_with_technical_details "${rootfs}" ${output_file}"
write_contents_with_technical_details() {
local rootfs="${1}"; shift
local output="${1}"; shift
info "Writing ${output##*/}"
# Ensure output is an absolute path before we change the working
# directory.
output=$(realpath "${output}")
pushd "${rootfs}" >/dev/null
# %M - file permissions
# %D - ID of a device where file resides
# %i - inode number
# %n - number of hard links to file
# %s - size in bytes
# %P - file's path
sudo find -printf \
'%M %D %i %n %s ./%P\n' >"${output}"
popd >/dev/null
}
# Generate a report like the following if more than one relative path
# in rootfs was passed:
#
# File Size Used Avail Use% Type
# /boot 127M 62M 65M 50% vfat
# /usr 983M 721M 212M 78% ext2
# / 6,0G 13M 5,6G 1% ext4
# SUM 7,0G 796M 5,9G 12% -
#
# or, in case of 0 or 1 relative path:
#
# File Size Used Avail Use% Type
# / 27M 27M 0 100% squashfs
#
# Usage:
# write_disk_space_usage_in_paths "${rootfs}" "${output_file}" ./boot ./usr ./
write_disk_space_usage_in_paths() {
local rootfs="${1}"; shift
local output="${1}"; shift
info "Writing ${output##*/}"
# Ensure output is an absolute path before we change the working
# directory.
output=$(realpath "${output}")
pushd "${rootfs}" >/dev/null
local extra_flags
extra_flags=()
if [[ ${#} -eq 0 ]]; then
set -- ./
fi
if [[ ${#} -gt 1 ]]; then
extra_flags+=('--total')
fi
# The sed's first command turns './<path>' into '/<path> ', second
# command replaces '- ' with 'SUM' for the total row. All this to
# keep the numbers neatly aligned in columns.
sudo df \
--human-readable \
"${extra_flags[@]}" \
--output='file,size,used,avail,pcent,fstype' \
"${@}" | \
sed \
-e 's#^\.\(/[^ ]*\)#\1 #' \
-e 's/^- /SUM/' >"${output}"
popd >/dev/null
}
# Generate a report like the following:
#
# File Size Used Avail Use% Type
# /boot 127M 62M 65M 50% vfat
# /usr 983M 721M 212M 78% ext2
# / 6,0G 13M 5,6G 1% ext4
# SUM 7,0G 796M 5,9G 12% -
write_disk_space_usage() {
write_disk_space_usage_in_paths "${1}" "${2}" ./boot ./usr ./
}

83
build_library/vm_image_util.sh
View File

@ -71,6 +71,7 @@ VM_IMG_TYPE=DEFAULT
# Set at runtime to the source and destination image paths
VM_SRC_IMG=
VM_SRC_PKGDB=
VM_TMP_IMG=
VM_TMP_DIR=
VM_TMP_ROOT=
@ -98,6 +99,12 @@ IMG_DEFAULT_OEM_USE=
# Forced USE flags for the OEM package
IMG_FORCE_OEM_USE=
# If set install the given package name to the OEM sysext image
IMG_DEFAULT_OEM_SYSEXT=
# Forced OEM package name overriding what may be in the format
IMG_FORCE_OEM_SYSEXT=
# Hook to do any final tweaks or grab data while fs is mounted.
IMG_DEFAULT_FS_HOOK=
@ -124,17 +131,23 @@ IMG_DEFAULT_CPUS=2
IMG_qemu_DISK_FORMAT=qcow2
IMG_qemu_DISK_LAYOUT=vm
IMG_qemu_CONF_FORMAT=qemu
IMG_qemu_OEM_PACKAGE=oem-qemu
IMG_qemu_OEM_USE=qemu
IMG_qemu_OEM_PACKAGE=common-oem-files
IMG_qemu_OEM_SYSEXT=oem-qemu
IMG_qemu_uefi_DISK_FORMAT=qcow2
IMG_qemu_uefi_DISK_LAYOUT=vm
IMG_qemu_uefi_CONF_FORMAT=qemu_uefi
IMG_qemu_uefi_OEM_PACKAGE=oem-qemu
IMG_qemu_uefi_OEM_USE=qemu
IMG_qemu_uefi_OEM_PACKAGE=common-oem-files
IMG_qemu_uefi_OEM_SYSEXT=oem-qemu
IMG_qemu_uefi_secure_DISK_FORMAT=qcow2
IMG_qemu_uefi_secure_DISK_LAYOUT=vm
IMG_qemu_uefi_secure_CONF_FORMAT=qemu_uefi_secure
IMG_qemu_uefi_secure_OEM_PACKAGE=oem-qemu
IMG_qemu_uefi_secure_OEM_USE=qemu
IMG_qemu_uefi_secure_OEM_PACKAGE=common-oem-files
IMG_qemu_uefi_secure_OEM_SYSEXT=oem-qemu
## xen
IMG_xen_CONF_FORMAT=xl
@ -272,7 +285,9 @@ IMG_exoscale_OEM_PACKAGE=oem-exoscale
## azure
IMG_azure_DISK_FORMAT=vhd_fixed
IMG_azure_DISK_LAYOUT=azure
IMG_azure_OEM_PACKAGE=oem-azure
IMG_azure_OEM_USE=azure
IMG_azure_OEM_PACKAGE=common-oem-files
IMG_azure_OEM_SYSEXT=oem-azure
## hyper-v
IMG_hyperv_DISK_FORMAT=vhd
@ -345,13 +360,18 @@ set_vm_oem_pkg() {
# Validate and set source vm image path
set_vm_paths() {
local src_dir="$1"
local dst_dir="$2"
local src_name="$3"
local src_dir="${1}"; shift
local dst_dir="${1}"; shift
local src_name="${1}"; shift
local pkgdb_name="${1}"; shift
VM_SRC_IMG="${src_dir}/${src_name}"
if [[ ! -f "${VM_SRC_IMG}" ]]; then
die "Source image does not exist: $VM_SRC_IMG"
die "Source image does not exist: ${VM_SRC_IMG}"
fi
VM_SRC_PKGDB="${src_dir}/${pkgdb_name}"
if [[ ! -f "${VM_SRC_PKGDB}" ]]; then
die "Source package database does not exist: ${VM_SRC_PKGDB}"
fi
local dst_name="$(_src_to_dst_name "${src_name}" "_image.$(_disk_ext)")"
@ -517,6 +537,53 @@ install_oem_aci() {
rm -rf "${aci_dir}"
}
# Write the OEM sysext file into the OEM partition.
install_oem_sysext() {
local oem_sysext=$(_get_vm_opt OEM_SYSEXT)
if [[ -z "${oem_sysext}" ]]; then
return 0
fi
local built_sysext_dir="${FLAGS_to}/${oem_sysext}-sysext"
local built_sysext_filename="${oem_sysext}.raw"
local built_sysext_path="${built_sysext_dir}/${built_sysext_filename}"
local build_oem_sysext_flags=(
--board="${BOARD}"
--build_dir="${built_sysext_dir}"
--prod_image_path="${VM_SRC_IMG}"
--prod_pkgdb_path="${VM_SRC_PKGDB}"
# TODO: Drop this when we implement updating OEM sysexts.
--version_id=initial
)
"${SCRIPT_ROOT}/build_oem_sysext" "${build_oem_sysext_flags[@]}" "${oem_sysext}"
local installed_sysext_oem_dir='/oem/sysext'
local installed_sysext_file_prefix="${oem_sysext}-${FLATCAR_VERSION}"
local installed_sysext_filename="${installed_sysext_file_prefix}.raw"
local installed_sysext_abspath="${installed_sysext_oem_dir}/${installed_sysext_filename}"
info "Installing ${oem_sysext} sysext"
sudo install -Dpm 0644 \
"${built_sysext_path}" \
"${VM_TMP_ROOT}${installed_sysext_abspath}" ||
die "Could not install ${oem_sysext} sysext"
# Move sysext image and reports to a destination directory to
# upload them, thus making them available as separate artifacts to
# download.
local upload_dir to_move
upload_dir="$(_dst_dir)"
for to_move in "${built_sysext_dir}/${oem_sysext}"*; do
mv "${to_move}" "${upload_dir}/${to_move##*/}"
done
# Remove sysext_dir if building sysext and installing it
# succeeded.
rm -rf "${built_sysext_dir}"
# Mark the installed sysext as active.
sudo touch "${VM_TMP_ROOT}${installed_sysext_oem_dir}/active-${oem_sysext}"
}
# Any other tweaks required?
run_fs_hook() {
local fs_hook=$(_get_vm_opt FS_HOOK)

77
build_oem_sysext Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
#
# Copyright (c) 2023 The Flatcar Maintainers.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
SCRIPT_ROOT=$(dirname $(readlink -f "$0"))
. "${SCRIPT_ROOT}/common.sh" || exit 1
# Script must run inside the chroot
assert_inside_chroot
assert_not_root_user
# Developer-visible flags.
DEFINE_string board "${DEFAULT_BOARD}" \
"The board to build an image for."
DEFINE_string build_dir "" \
"Directory in which to place image result directories (named by version)"
DEFINE_string prod_image_path "" \
"Path to the generic production image"
DEFINE_string prod_pkgdb_path "" \
"Path to the tarball with portage package database from generic image production image"
DEFINE_string version_id "${FLATCAR_VERSION_ID}" \
"Version ID stored inside the sysext extension"
FLAGS_HELP="USAGE: build_oem_sysext [flags] [oem name].
This script is used to build a Flatcar OEM sysext images.
The built image is in <build_dir>/oem-<oem>.raw.
Examples:
build_oem_sysext \
--board=amd64-usr \
--build_dir=<build_dir> \
--prod_image_path=<path_to_bin_file> \
--prod_pkgdb_path=<path_to_pkgdb_tarbal> \
--version_id=\"\${FLATCAR_VERSION_ID}\" \
oem-azure
...
"
show_help_if_requested "$@"
# Parse command line.
FLAGS "$@" || exit 1
if [[ -z "${FLAGS_ARGV}" ]]; then
echo 'No OEM given'
exit 0
fi
eval set -- "${FLAGS_ARGV}"
# Only now can we die on error. shflags functions leak non-zero error codes,
# so will die prematurely if 'switch_to_strict_mode' is specified before now.
switch_to_strict_mode
# N.B. Ordering matters for some of the libraries below, because
# some of the files contain initialization used by later files.
. "${BUILD_LIBRARY_DIR}/toolchain_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/board_options.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/oem_sysext_util.sh" || exit 1
BUILD_DIR=${FLAGS_build_dir:-"${BUILD_DIR}"}
if [[ -z "${FLAGS_prod_image_path}" ]]; then
error "--prod_image_path is required."
exit 1
fi
if [[ -z "${FLAGS_prod_pkgdb_path}" ]]; then
error "--prod_pkgdb_path is required."
exit 1
fi
for oem; do
oem_sysext_create "${oem}" "${BOARD}" "${FLAGS_version_id}" "${FLAGS_prod_image_path}" "${FLAGS_prod_pkgdb_path}" "${BUILD_DIR}"
done

1
changelog/changes/2023-06-06-sysext-for-azure-and-qemu-oem.md Normal file
View File

@ -0,0 +1 @@
- Azure and QEMU OEM images now use systemd-sysext images for layering additional platform-specific software on top of `/usr`. For Azure images this also means that the image has a normal Python installation available through the sysext image. The OEM software is still not updated but this will be added soon.

6
ci-automation/vms.sh
View File

@ -103,9 +103,11 @@ function _vm_build_impl() {
formats=$(echo "$formats" | tr ' ' '\n' | sed 's/equinix_metal/packet/g')
local images_in="images-in/"
local file
rm -rf "${images_in}"
copy_from_buildcache "images/${arch}/${vernum}/flatcar_production_image.bin.bz2" "${images_in}"
copy_from_buildcache "images/${arch}/${vernum}/version.txt" "${images_in}"
for file in flatcar_production_image.bin.bz2 flatcar_production_image_pkgdb.tar.xz version.txt; do
copy_from_buildcache "images/${arch}/${vernum}/${file}" "${images_in}"
done
lbunzip2 "${images_in}/flatcar_production_image.bin.bz2"
./run_sdk_container -x ./ci-cleanup.sh -n "${vms_container}" -C "${packages_image}" \
-v "${vernum}" \

1
common.sh
View File

@ -425,6 +425,7 @@ BUILD_DIR=
# Standard filenames
FLATCAR_DEVELOPER_CONTAINER_NAME="flatcar_developer_container.bin"
FLATCAR_PRODUCTION_IMAGE_NAME="flatcar_production_image.bin"
FLATCAR_PRODUCTION_IMAGE_PKGDB_NAME="flatcar_production_image_pkgdb.tar.xz"
# -----------------------------------------------------------------------------
# Functions

3
image_to_vm.sh
View File

@ -105,7 +105,7 @@ if [ -f "${FLAGS_from}/version.txt" ]; then
FLATCAR_VERSION_STRING="${FLATCAR_VERSION}"
fi
set_vm_paths "${FLAGS_from}" "${FLAGS_to}" "${FLATCAR_PRODUCTION_IMAGE_NAME}"
set_vm_paths "${FLAGS_from}" "${FLAGS_to}" "${FLATCAR_PRODUCTION_IMAGE_NAME}" "${FLATCAR_PRODUCTION_IMAGE_PKGDB_NAME}"
# Make sure things are cleaned up on failure
trap vm_cleanup EXIT
@ -118,6 +118,7 @@ setup_disk_image "${FLAGS_disk_layout}"
# Optionally install any OEM packages
install_oem_package
install_oem_aci
install_oem_sysext
run_fs_hook
# Changes done, glue it together

418
sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/0001-flatcar-changes.patch vendored Normal file
View File

@ -0,0 +1,418 @@
From 90b28746c0d8698a080eb7082e0e14054aee0a02 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Mon, 27 Feb 2023 15:59:21 +0100
Subject: [PATCH] flatcar changes
---
azurelinuxagent/common/osutil/coreos.py | 39 +-----
azurelinuxagent/common/osutil/coreoscommon.py | 57 ++++++++
azurelinuxagent/common/osutil/factory.py | 3 +
azurelinuxagent/common/osutil/flatcar.py | 41 ++++++
config/flatcar/waagent.conf | 122 ++++++++++++++++++
init/flatcar/10-waagent-sysext.conf | 2 +
init/flatcar/waagent.service | 30 +++++
setup.py | 20 ++-
8 files changed, 272 insertions(+), 42 deletions(-)
create mode 100644 azurelinuxagent/common/osutil/coreoscommon.py
create mode 100644 azurelinuxagent/common/osutil/flatcar.py
create mode 100644 config/flatcar/waagent.conf
create mode 100644 init/flatcar/10-waagent-sysext.conf
create mode 100644 init/flatcar/waagent.service
diff --git a/azurelinuxagent/common/osutil/coreos.py b/azurelinuxagent/common/osutil/coreos.py
index fc0a6604..314008f0 100644
--- a/azurelinuxagent/common/osutil/coreos.py
+++ b/azurelinuxagent/common/osutil/coreos.py
@@ -17,11 +17,10 @@
#
import os
-import azurelinuxagent.common.utils.shellutil as shellutil
-from azurelinuxagent.common.osutil.default import DefaultOSUtil
+from azurelinuxagent.common.osutil.coreoscommon import CoreosCommonUtil
-class CoreOSUtil(DefaultOSUtil):
+class CoreOSUtil(CoreosCommonUtil):
def __init__(self):
super(CoreOSUtil, self).__init__()
@@ -46,40 +45,6 @@ class CoreOSUtil(DefaultOSUtil):
def get_agent_bin_path():
return "/usr/share/oem/bin"
- def is_sys_user(self, username):
- # User 'core' is not a sysuser.
- if username == 'core':
- return False
- return super(CoreOSUtil, self).is_sys_user(username)
-
- def is_dhcp_enabled(self):
- return True
-
- def start_network(self):
- return shellutil.run("systemctl start systemd-networkd", chk_err=False)
-
- def restart_if(self, ifname=None, retries=None, wait=None):
- shellutil.run("systemctl restart systemd-networkd")
-
- def restart_ssh_service(self):
- # SSH is socket activated on CoreOS. No need to restart it.
- pass
-
- def stop_dhcp_service(self):
- return shellutil.run("systemctl stop systemd-networkd", chk_err=False)
-
- def start_dhcp_service(self):
- return shellutil.run("systemctl start systemd-networkd", chk_err=False)
-
- def start_agent_service(self):
- return shellutil.run("systemctl start {0}".format(self.service_name), chk_err=False)
-
- def stop_agent_service(self):
- return shellutil.run("systemctl stop {0}".format(self.service_name), chk_err=False)
-
- def get_dhcp_pid(self):
- return self._get_dhcp_pid(["systemctl", "show", "-p", "MainPID", "systemd-networkd"])
-
def conf_sshd(self, disable_password):
# In CoreOS, /etc/sshd_config is mount readonly. Skip the setting.
pass
diff --git a/azurelinuxagent/common/osutil/coreoscommon.py b/azurelinuxagent/common/osutil/coreoscommon.py
new file mode 100644
index 00000000..fde9a456
--- /dev/null
+++ b/azurelinuxagent/common/osutil/coreoscommon.py
@@ -0,0 +1,57 @@
+#
+# Copyright 2023 Microsoft Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Requires Python 2.6+ and Openssl 1.0+
+#
+
+import azurelinuxagent.common.utils.shellutil as shellutil
+from azurelinuxagent.common.osutil.default import DefaultOSUtil
+
+
+class CoreosCommonUtil(DefaultOSUtil):
+
+ def is_sys_user(self, username):
+ # User 'core' is not a sysuser.
+ if username == 'core':
+ return False
+ return super(CoreOSUtil, self).is_sys_user(username)
+
+ def is_dhcp_enabled(self):
+ return True
+
+ def start_network(self):
+ return shellutil.run("systemctl start systemd-networkd", chk_err=False)
+
+ def restart_if(self, ifname=None, retries=None, wait=None):
+ shellutil.run("systemctl restart systemd-networkd")
+
+ def restart_ssh_service(self):
+ # SSH is socket activated on CoreOS. No need to restart it.
+ pass
+
+ def stop_dhcp_service(self):
+ return shellutil.run("systemctl stop systemd-networkd", chk_err=False)
+
+ def start_dhcp_service(self):
+ return shellutil.run("systemctl start systemd-networkd", chk_err=False)
+
+ def start_agent_service(self):
+ return shellutil.run("systemctl start {0}".format(self.service_name), chk_err=False)
+
+ def stop_agent_service(self):
+ return shellutil.run("systemctl stop {0}".format(self.service_name), chk_err=False)
+
+ def get_dhcp_pid(self):
+ return self._get_dhcp_pid(["systemctl", "show", "-p", "MainPID", "systemd-networkd"])
diff --git a/azurelinuxagent/common/osutil/factory.py b/azurelinuxagent/common/osutil/factory.py
index b5ee0b09..9280c645 100644
--- a/azurelinuxagent/common/osutil/factory.py
+++ b/azurelinuxagent/common/osutil/factory.py
@@ -27,6 +27,7 @@ from .clearlinux import ClearLinuxUtil
from .coreos import CoreOSUtil
from .debian import DebianOSBaseUtil, DebianOSModernUtil
from .default import DefaultOSUtil
+from .flatcar import FlatcarUtil
from .freebsd import FreeBSDOSUtil
from .gaia import GaiaOSUtil
from .iosxe import IosxeOSUtil
@@ -82,6 +83,8 @@ def _get_osutil(distro_name, distro_code_name, distro_version, distro_full_name)
return DebianOSBaseUtil()
if distro_name in ("flatcar", "coreos") or distro_code_name in ("flatcar", "coreos"):
+ if Version(distro_version) >= Version("3550"):
+ return FlatcarUtil()
return CoreOSUtil()
if distro_name in ("suse", "sle_hpc", "sles", "opensuse"):
diff --git a/azurelinuxagent/common/osutil/flatcar.py b/azurelinuxagent/common/osutil/flatcar.py
new file mode 100644
index 00000000..3d1bf535
--- /dev/null
+++ b/azurelinuxagent/common/osutil/flatcar.py
@@ -0,0 +1,41 @@
+#
+# Copyright 2023 Microsoft Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Requires Python 2.6+ and Openssl 1.0+
+#
+
+import os
+import shutil
+
+import azurelinuxagent.common.conf as conf
+
+from azurelinuxagent.common.osutil.coreoscommon import CoreosCommonUtil
+
+
+class FlatcarUtil(CoreosCommonUtil):
+
+ @staticmethod
+ def get_systemd_unit_file_install_path():
+ return "/usr/lib/systemd/system"
+
+ def conf_sshd(self, disable_password):
+ # make sure that the config file stops being a symlink
+ conf_file_path = conf.get_sshd_conf_file_path()
+ conf_file_path2 = f"{conf_file_path}.wal.tmp"
+ shutil.copy(conf_file_path, conf_file_path2)
+ os.remove(conf_file_path)
+ os.rename(conf_file_path2, conf_file_path)
+ super(CoreosCommonUtil, self).conf_sshd(disable_password)
+ pass
diff --git a/config/flatcar/waagent.conf b/config/flatcar/waagent.conf
new file mode 100644
index 00000000..b453c634
--- /dev/null
+++ b/config/flatcar/waagent.conf
@@ -0,0 +1,122 @@
+#
+# Microsoft Azure Linux Agent Configuration
+#
+
+# Enable extension handling. Do not disable this unless you do not need password reset,
+# backup, monitoring, or any extension handling whatsoever.
+Extensions.Enabled=y
+
+# Which provisioning agent to use. Supported values are "auto" (default), "waagent",
+# "cloud-init", or "disabled".
+Provisioning.Agent=waagent
+
+# Password authentication for root account will be unavailable.
+Provisioning.DeleteRootPassword=n
+
+# Generate fresh host key pair.
+Provisioning.RegenerateSshHostKeyPair=n
+
+# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto".
+# The "auto" option is supported on OpenSSH 5.9 (2011) and later.
+Provisioning.SshHostKeyPairType=auto
+
+# Monitor host name changes and publish changes via DHCP requests.
+Provisioning.MonitorHostName=y
+
+# Decode CustomData from Base64.
+Provisioning.DecodeCustomData=y
+
+# Execute CustomData after provisioning.
+Provisioning.ExecuteCustomData=n
+
+# Algorithm used by crypt when generating password hash.
+#Provisioning.PasswordCryptId=6
+
+# Length of random salt used when generating password hash.
+#Provisioning.PasswordCryptSaltLength=10
+
+# Allow reset password of sys user
+Provisioning.AllowResetSysUser=n
+
+# Format if unformatted. If 'n', resource disk will not be mounted.
+ResourceDisk.Format=y
+
+# File system on the resource disk
+# Typically ext3 or ext4. FreeBSD images should use 'ufs2' here.
+ResourceDisk.Filesystem=ext4
+
+# Mount point for the resource disk
+ResourceDisk.MountPoint=/mnt/resource
+
+# Create and use swapfile on resource disk.
+ResourceDisk.EnableSwap=n
+
+# Size of the swapfile.
+ResourceDisk.SwapSizeMB=0
+
+# Comma-seperated list of mount options. See mount(8) for valid options.
+ResourceDisk.MountOptions=None
+
+# Respond to load balancer probes if requested by Windows Azure.
+LBProbeResponder=y
+
+# Enable verbose logging (y|n)
+Logs.Verbose=n
+
+# Enable Console logging, default is y
+# Logs.Console=y
+
+# Is FIPS enabled
+OS.EnableFIPS=n
+
+# Set the path to SSH keys and configuration files
+OS.SshDir=/etc/ssh
+
+# Root device timeout in seconds.
+OS.RootDeviceScsiTimeout=300
+
+# If "None", the system default version is used.
+OS.OpensslPath=None
+
+# If set, agent will use proxy server to access internet
+#HttpProxy.Host=None
+#HttpProxy.Port=None
+
+# Detect Scvmm environment, default is n
+# DetectScvmmEnv=n
+
+#
+# Lib.Dir=/var/lib/waagent
+
+#
+# DVD.MountPoint=/mnt/cdrom/secure
+
+#
+# Pid.File=/var/run/waagent.pid
+
+#
+# Extension.LogDir=/var/log/azure
+
+#
+# Home.Dir=/home
+
+# Enable RDMA management and set up, should only be used in HPC images
+# OS.EnableRDMA=y
+
+# Enable or disable goal state processing auto-update, default is enabled
+AutoUpdate.Enabled=n
+
+# Determine the update family, this should not be changed
+# AutoUpdate.GAFamily=Prod
+
+# Determine if the overprovisioning feature is enabled. If yes, hold extension
+# handling until inVMArtifactsProfile.OnHold is false.
+# Default is enabled
+# EnableOverProvisioning=y
+
+# Allow fallback to HTTP if HTTPS is unavailable
+# Note: Allowing HTTP (vs. HTTPS) may cause security risks
+# OS.AllowHTTP=n
+
+# Add firewall rules to protect access to Azure host node services
+OS.EnableFirewall=y
diff --git a/init/flatcar/10-waagent-sysext.conf b/init/flatcar/10-waagent-sysext.conf
new file mode 100644
index 00000000..f756dbc9
--- /dev/null
+++ b/init/flatcar/10-waagent-sysext.conf
@@ -0,0 +1,2 @@
+[Unit]
+Upholds=waagent.service
diff --git a/init/flatcar/waagent.service b/init/flatcar/waagent.service
new file mode 100644
index 00000000..d0d6f7c8
--- /dev/null
+++ b/init/flatcar/waagent.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Microsoft Azure Linux Agent
+Wants=network-online.target sshd.service sshd-keygen.service
+After=network-online.target sshd-keygen.service
+
+[Service]
+Type=simple
+
+# Symlink the config if it's missing in /etc. This is a workaround for
+# the fact that this software comes to Flatcar as a sysext and as such
+# can't use the /etc overlay solution by putting the config into
+# /usr/share/flatcar/etc.
+#
+ExecStartPre=/bin/bash -c 'if [[ ! -e /etc/waagent.conf ]]; then ln -sf ../usr/share/waagent/waagent.conf /etc/waagent.conf; fi'
+
+# This could be done also with:
+#
+# ExecStart=/usr/bin/python -u /usr/sbin/waagent -daemon
+#
+# But this would mean that logs from waagent in journal will be
+# denoted as coming from python instead.
+#
+Environment=PYTHONUNBUFFERED=x
+ExecStart=/usr/sbin/waagent -daemon
+
+Restart=always
+RestartSec=5s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/setup.py b/setup.py
index d38d74d6..57b0edb9 100755
--- a/setup.py
+++ b/setup.py
@@ -125,12 +125,22 @@ def get_data_files(name, version, fullname): # pylint: disable=R0912
src=["init/arch/waagent.service"])
elif name in ('coreos', 'flatcar'):
set_bin_files(data_files, dest=agent_bin_path)
- set_conf_files(data_files, dest="/usr/share/oem",
- src=["config/coreos/waagent.conf"])
set_logrotate_files(data_files)
- set_udev_files(data_files)
- set_files(data_files, dest="/usr/share/oem",
- src=["init/coreos/cloud-config.yml"])
+ if int(version.split('.')[0]) >= 3550:
+ # Not installing udev rules, Flatcar already has those
+ set_conf_files(data_files, dest="/usr/share/waagent",
+ src=["config/flatcar/waagent.conf"])
+ set_systemd_files(data_files, dest=systemd_dir_path,
+ src=["init/flatcar/waagent.service"])
+ multi_user_target_drop_in_dir=f"{systemd_dir_path}/multi-user.target.d"
+ set_systemd_files(data_files, dest=multi_user_target_drop_in_dir,
+ src=["init/flatcar/10-waagent-sysext.conf"])
+ else:
+ set_udev_files(data_files)
+ set_conf_files(data_files, dest="/usr/share/oem",
+ src=["config/coreos/waagent.conf"])
+ set_files(data_files, dest="/usr/share/oem",
+ src=["init/coreos/cloud-config.yml"])
elif "Clear Linux" in fullname:
set_bin_files(data_files, dest=agent_bin_path)
set_conf_files(data_files, dest="/usr/share/defaults/waagent",
--
2.25.1

127
sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/files/waagent.conf vendored
View File

@ -1,127 +0,0 @@
#
# Microsoft Azure Linux Agent Configuration
#
# Enable instance creation
Provisioning.Enabled=y
# Enable extension handling. Do not disable this unless you do not need password reset,
# backup, monitoring, or any extension handling whatsoever.
Extensions.Enabled=y
# Rely on cloud-init to provision
Provisioning.UseCloudInit=n
# Password authentication for root account will be unavailable.
Provisioning.DeleteRootPassword=n
# Generate fresh host key pair.
Provisioning.RegenerateSshHostKeyPair=n
# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto".
# The "auto" option is supported on OpenSSH 5.9 (2011) and later.
Provisioning.SshHostKeyPairType=auto
# Monitor host name changes and publish changes via DHCP requests.
Provisioning.MonitorHostName=y
# Decode CustomData from Base64.
Provisioning.DecodeCustomData=y
# Execute CustomData after provisioning.
Provisioning.ExecuteCustomData=n
# Algorithm used by crypt when generating password hash.
#Provisioning.PasswordCryptId=6
# Length of random salt used when generating password hash.
#Provisioning.PasswordCryptSaltLength=10
# Allow reset password of sys user
Provisioning.AllowResetSysUser=n
# Format if unformatted. If 'n', resource disk will not be mounted.
ResourceDisk.Format=y
# File system on the resource disk
# Typically ext3 or ext4. FreeBSD images should use 'ufs2' here.
ResourceDisk.Filesystem=ext4
# Mount point for the resource disk
ResourceDisk.MountPoint=/mnt/resource
# Create and use swapfile on resource disk.
ResourceDisk.EnableSwap=n
# Size of the swapfile.
ResourceDisk.SwapSizeMB=0
# Comma-seperated list of mount options. See man(8) for valid options.
ResourceDisk.MountOptions=None
# Enable verbose logging (y|n)
Logs.Verbose=n
# Is FIPS enabled
OS.EnableFIPS=n
# Root device timeout in seconds.
OS.RootDeviceScsiTimeout=300
# If "None", the system default version is used.
OS.OpensslPath=None
# Set the SSH ClientAliveInterval
# OS.SshClientAliveInterval=180
# Set the path to SSH keys and configuration files
OS.SshDir=/etc/ssh
# If set, agent will use proxy server to access internet
#HttpProxy.Host=None
#HttpProxy.Port=None
# Detect Scvmm environment, default is n
# DetectScvmmEnv=n
#
# Lib.Dir=/var/lib/waagent
#
# DVD.MountPoint=/mnt/cdrom/secure
#
# Pid.File=/var/run/waagent.pid
#
# Extension.LogDir=/var/log/azure
#
# Home.Dir=/home
# Enable RDMA management and set up, should only be used in HPC images
# OS.EnableRDMA=y
# Enable or disable goal state processing auto-update, default is enabled
# AutoUpdate.Enabled=y
# Determine the update family, this should not be changed
# AutoUpdate.GAFamily=Prod
# Determine if the overprovisioning feature is enabled. If yes, hold extension
# handling until inVMArtifactsProfile.OnHold is false.
# Default is enabled
# EnableOverProvisioning=y
# Allow fallback to HTTP if HTTPS is unavailable
# Note: Allowing HTTP (vs. HTTPS) may cause security risks
# OS.AllowHTTP=n
# Add firewall rules to protect access to Azure host node services
OS.EnableFirewall=y
# Enforce control groups limits on the agent and extensions
CGroups.EnforceLimits=n
# CGroups which are excluded from limits, comma separated
CGroups.Excluded=customscript,runcommand

36
sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.6.0.2-r2.ebuild vendored
View File

@ -1,36 +0,0 @@
# Copyright (c) 2014 CoreOS, Inc.. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DESCRIPTION="Windows Azure Linux Agent"
HOMEPAGE="https://github.com/Azure/WALinuxAgent"
KEYWORDS="amd64 arm64"
SRC_URI="${HOMEPAGE}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="Apache-2.0"
SLOT="0"
IUSE=""
# Depending on specific version of python-oem allows us to notice when
# we update the major version of python and then to make sure that we
# install the package in correctly versioned site-packages directory.
DEP_PYVER="3.10"
RDEPEND="
dev-lang/python-oem:${DEP_PYVER}
dev-python/distro-oem
"
S="${WORKDIR}/WALinuxAgent-${PV}"
src_install() {
into "/oem"
dobin "${S}/bin/waagent"
insinto "/oem/python/$(get_libdir)/python${DEP_PYVER}/site-packages"
doins -r "${S}/azurelinuxagent/"
insinto "/oem"
doins "${FILESDIR}/waagent.conf"
}

33
sdk_container/src/third_party/coreos-overlay/app-emulation/wa-linux-agent/wa-linux-agent-2.6.0.2-r3.ebuild vendored Normal file
View File

@ -0,0 +1,33 @@
# Copyright (c) 2014 CoreOS, Inc.. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=8
# Don't use DISTUTILS_USE_PEP517=setuptools because this installs
# everything inside /usr/lib/pythonX_Y/site-packages, even files that
# ought to be put into /etc or /sbin.
PYTHON_COMPAT=( python3_{9..11} )
inherit distutils-r1
DESCRIPTION="Windows Azure Linux Agent"
HOMEPAGE="https://github.com/Azure/WALinuxAgent"
SRC_URI="${HOMEPAGE}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
LICENSE="Apache-2.0"
KEYWORDS="amd64 arm64"
SLOT="0"
IUSE=""
RESTRICT=""
BDEPEND="
dev-python/distro
"
RDEPEND="${BDEPEND}
"
S="${WORKDIR}/WALinuxAgent-${PV}"
PATCHES=(
"${FILESDIR}/0001-flatcar-changes.patch"
)

88
sdk_container/src/third_party/coreos-overlay/coreos-base/common-oem-files/common-oem-files-0.ebuild vendored Normal file
View File

@ -0,0 +1,88 @@
# Copyright (c) 2023 The Flatcar Maintainers.
# Distributed under the terms of the GNU General Public License v2
EAPI=8
OEMIDS=(
qemu
azure
)
DESCRIPTION='Common OEM files'
HOMEPAGE='https://www.flatcar.org/'
LICENSE='Apache-2.0'
SLOT='0'
KEYWORDS='amd64 arm64'
IUSE="${OEMIDS[*]}"
REQUIRED_USE="^^ ( ${OEMIDS[*]} )"
# No source directory.
S="${WORKDIR}"
DEPEND=""
RDEPEND="${DEPEND}"
BDEPEND="
app-portage/gentoolkit
"
src_compile() {
local oemid package ebuild version name homepage lines
for oemid in "${OEMIDS[@]}"; do
if use "${oemid}"; then break; fi
done
package="coreos-base/oem-${oemid}"
ebuild=$(equery which "${package}")
version=${ebuild##*"oem-${oemid}-"}
version=${version%%'.ebuild'}
if [[ -z "${version}" ]]; then
die "Could not deduce a version from ebuild ${ebuild##*/} (${ebuild})"
fi
name=$(source <(grep -F 'OEM_NAME=' "${ebuild}"); echo "${OEM_NAME}")
if [[ -z "${name}" ]]; then
die "Missing OEM_NAME variable in ${ebuild##*/}"
fi
# We need to prefix the HOMEPAGE variable with SYSEXT_, because
# portage marks HOMEPAGE as readonly and this gets propagated to
# subshells, so sourcing a snippet with HOMEPAGE=foo won't
# overwrite the readonly variable.
homepage=$(source <(grep -F 'HOMEPAGE=' "${ebuild}" | sed -e 's/^/SYSEXT_/'); echo "${SYSEXT_HOMEPAGE}")
lines=(
"ID=${oemid}"
"VERSION_ID=${version}"
"NAME=\"${name}\""
)
if [[ -n "${homepage}" ]]; then
lines+=( "HOME_URL=\"${homepage}\"" )
fi
lines+=(
'BUG_REPORT_URL="https://issues.flatcar.org"'
)
{
printf '%s\n' "${lines[@]}"
if [[ -e "${FILESDIR}/${oemid}/oem-release.frag" ]]; then
cat "${FILESDIR}/${oemid}/oem-release.frag"
fi
} >"${T}/oem-release"
lines=(
'# Flatcar GRUB settings'
''
"set oem_id=\"${oemid}\""
)
{
printf '%s\n' "${lines[@]}"
if [[ -e "${FILESDIR}/${oemid}/grub.cfg.frag" ]]; then
cat "${FILESDIR}/${oemid}/grub.cfg.frag"
fi
} >"${T}/grub.cfg"
}
src_install() {
insinto "/oem"
doins "${T}/grub.cfg"
doins "${T}/oem-release"
}

4
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/grub.cfg → sdk_container/src/third_party/coreos-overlay/coreos-base/common-oem-files/files/azure/grub.cfg.frag vendored
View File

@ -1,7 +1,3 @@
# Flatcar GRUB settings
set oem_id="azure"
set linux_append="flatcar.autologin"
# Azure only has a serial console.

1
sdk_container/src/third_party/coreos-overlay/coreos-base/common-oem-files/files/qemu/grub.cfg.frag vendored Normal file
View File

@ -0,0 +1 @@
set linux_append="flatcar.autologin"

4
sdk_container/src/third_party/coreos-overlay/coreos-base/common-oem-files/metadata.xml vendored Normal file
View File

@ -0,0 +1,4 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
</pkgmetadata>

0
sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r180.ebuild → sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-0.0.1-r181.ebuild vendored
View File

2
sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild vendored
View File

@ -10,7 +10,7 @@ CROS_WORKON_REPO="https://github.com"
if [[ "${PV}" == 9999 ]]; then
KEYWORDS="~amd64 ~arm ~arm64 ~x86"
else
CROS_WORKON_COMMIT="93b80ace22806bae4ab521f16fa9f4d1d3172e77" # flatcar-master
CROS_WORKON_COMMIT="658eb0ea0fb8e89f8aa56ccf57867eb88b53fc27" # flatcar-master
KEYWORDS="amd64 arm arm64 x86"
fi

4
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/base/README vendored
View File

@ -1,4 +0,0 @@
These Ignition configs are part of the OEM configuration. Do not modify
them. If you want to write an Ignition config directly to disk, put it in
../config.ign and it will be applied at first boot instead of a config
in userdata.

37
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/base/base.ign vendored
View File

@ -1,37 +0,0 @@
{
"ignition": {
"version": "2.1.0"
},
"storage": {
"files": [
{
"filesystem": "root",
"path": "/etc/systemd/system/waagent.service",
"contents": {
"source": "oem:///units/waagent.service"
},
"mode": 292
},
{
"filesystem": "root",
"path": "/etc/systemd/system/nvidia.service",
"contents": {
"source": "oem:///units/nvidia.service"
},
"mode": 292
}
]
},
"systemd": {
"units": [
{
"name": "waagent.service",
"enabled": true
},
{
"name": "nvidia.service",
"enabled": true
}
]
}
}

16
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/manglefs.sh vendored Executable file
View File

@ -0,0 +1,16 @@
#!/bin/bash
set -euo pipefail
rootfs="${1}"
to_delete=(
/usr/include
/usr/lib/debug
/usr/share/gdb
/usr/lib64/pkgconfig
)
rm -rf "${to_delete[@]/#/${rootfs}}"
ln -sf /usr/bin/true "${rootfs}/usr/bin/eject"

5
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/oem-release vendored
View File

@ -1,5 +0,0 @@
ID=azure
VERSION_ID=@@OEM_VERSION_ID@@
NAME="Microsoft Azure"
HOME_URL="https://azure.microsoft.com/"
BUG_REPORT_URL="https://issues.flatcar.org"

15
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/files/units/waagent.service vendored
View File

@ -1,15 +0,0 @@
[Unit]
Description=Microsoft Azure Agent
Wants=network-online.target sshd-keygen.service
After=network-online.target sshd-keygen.service
[Service]
Type=simple
Restart=always
RestartSec=5s
Environment=PATH=/oem/python/bin:/oem/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
Environment=PYTHONUNBUFFERED=x
ExecStart=/oem/bin/waagent -daemon
[Install]
WantedBy=multi-user.target

36
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.6.0.2-r2.ebuild vendored
View File

@ -1,36 +0,0 @@
# Copyright (c) 2013 CoreOS, Inc.. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DESCRIPTION="OEM suite for Azure"
HOMEPAGE=""
SRC_URI=""
LICENSE="Apache-2.0"
SLOT="0"
KEYWORDS="amd64 arm64"
IUSE=""
# no source directory
S="${WORKDIR}"
RDEPEND="
~app-emulation/wa-linux-agent-${PV}
x11-drivers/nvidia-drivers
"
src_prepare() {
default
sed -e "s\\@@OEM_VERSION_ID@@\\${PVR}\\g" \
"${FILESDIR}/oem-release" > "${T}/oem-release" || die
}
src_install() {
insinto "/oem"
doins "${FILESDIR}/grub.cfg"
doins "${T}/oem-release"
doins -r "${FILESDIR}/base"
doins -r "${FILESDIR}/units"
dosym "/usr/bin/true" "/oem/bin/eject"
}

21
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-azure/oem-azure-2.6.0.2-r3.ebuild vendored Normal file
View File

@ -0,0 +1,21 @@
# Copyright (c) 2013 CoreOS, Inc.. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=8
DESCRIPTION="OEM suite for Azure"
HOMEPAGE="https://azure.microsoft.com/"
SRC_URI=""
LICENSE="Apache-2.0"
SLOT="0"
KEYWORDS="amd64 arm64"
IUSE=""
RDEPEND="
~app-emulation/wa-linux-agent-${PV}
x11-drivers/nvidia-drivers
"
# for coreos-base/common-oem-files
OEM_NAME="Microsoft Azure"

4
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-qemu/files/grub.cfg vendored
View File

@ -1,4 +0,0 @@
# Flatcar GRUB settings
set oem_id="qemu"
set linux_append="flatcar.autologin"

5
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-qemu/files/oem-release vendored
View File

@ -1,5 +0,0 @@
ID=qemu
VERSION_ID=@@OEM_VERSION_ID@@
NAME="QEMU"
HOME_URL="https://www.qemu.org/"
BUG_REPORT_URL="https://issues.flatcar.org"

28
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-qemu/oem-qemu-0.0.1-r1.ebuild vendored
View File

@ -1,28 +0,0 @@
# Copyright (c) 2020 Kinvolk GmbH. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=7
DESCRIPTION="OEM suite for QEMU"
HOMEPAGE=""
SRC_URI=""
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="amd64 arm64"
IUSE=""
# no source directory
S="${WORKDIR}"
src_prepare() {
default
sed -e "s\\@@OEM_VERSION_ID@@\\${PVR}\\g" \
"${FILESDIR}/oem-release" > "${T}/oem-release" || die
}
src_install() {
insinto "/oem"
doins "${FILESDIR}/grub.cfg"
doins "${T}/oem-release"
}

15
sdk_container/src/third_party/coreos-overlay/coreos-base/oem-qemu/oem-qemu-0.0.2.ebuild vendored Normal file
View File

@ -0,0 +1,15 @@
# Copyright (c) 2020 Kinvolk GmbH. All rights reserved.
# Distributed under the terms of the GNU General Public License v2
EAPI=8
DESCRIPTION="OEM suite for QEMU"
HOMEPAGE="https://www.qemu.org/"
SRC_URI=""
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="amd64 arm64"
IUSE=""
OEM_NAME="QEMU"

0
sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1-r10.ebuild → sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1-r11.ebuild vendored
View File

1
sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild vendored
View File

@ -34,6 +34,5 @@ RDEPEND="
coreos-base/coreos
coreos-base/coreos-dev
coreos-base/flatcar-eks
dev-lang/python-oem
x11-drivers/nvidia-drivers
"

3
sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/Manifest vendored
View File

@ -1,3 +0,0 @@
DIST Python-3.10.10.tar.xz 19627028 BLAKE2B 57fc6869fa05586158a170c1892d93a3036823bfafb9484b9d70bca6cdc3e76f75357622eace4bde9a4c0ca62a1bb79665e5751b41655f9f4d7e345547013ad8 SHA512 f0aee65970a68287b34c4eafcf35c6fa09c81ba234ac356db16fbbc6c36417e4ac67071e616d118f5e192d541d7f177dcab5585b9780e842f656c09e01c37ced
DIST Python-3.10.10.tar.xz.asc 833 BLAKE2B fd60e6268f7dd6676ea58bd7e80c513506ac9810c1a62ff060134207b0fd8e7b096d5f11f3cc536a1578144ff54c00bcb076d3c3f5889a69a898660dd280312b SHA512 591746d74c6123bf36c763b6e8e1de1554f02eeff30c855623ef0f12d3864d5573eb5efe96d6e142f24627c77b90738ada3456df4ad59bddcb008658f2ca8af9
DIST python-gentoo-patches-3.10.10_p2.tar.xz 13992 BLAKE2B e18e708888dd28c8f238d4897aff79483a679396a168d8b5ff4f5e8c7f09cec5f1b13aeb327d3dc3e2149c2117c25da050987f1f1c3322b56c87245ba2d0b54d SHA512 14bc218a2f3c64ef9f42682fd1364208bcaa74f787dee39bd9566e40764c260a65fd42961be47a6e6c6227091cb2fef83e1d689302448647560689e20e07efe0

45
sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/README.md vendored
View File

@ -1,45 +0,0 @@
Modifications made:
- Keep using internal expat and libffi, thus dropping dev-libs/libffi
and dev-libs/expat from the dependencies.
- Drop dev-python/gentoo-common dependency, it provides the
EXTERNALLY-MANAGED file, but we will provide our own.
- Since this package is installed only for OEM partition as a binary
package, and the installation there happens after the packages
database is removed, we unset the RDEPEND variable. The RDEPEND
variable needs to be empty as it's also used during the binary
package installation. The contents of RDEPEND are already inside the
DEPEND variable, so we are safe.
- We modify the configure flags:
- Add `--prefix=/oem/python` as `/oem` is where the OEM partition is
mounted.
- Add `--with-platlibdir="$(get_libdir)"`, this is to make sure that
consistent library directory gets picked. In our case for both
amd64 and arm64, it's lib64.
- Change `--enable-shared` to `--disable-shared`. This will skip
building dynamic libraries, as we don't need them.
- Add `--includedir=/discard/include` and change `--mandir` and
`--infodir` to also use `/discard` to install files there. Makes
it easy to remove the unnecessary files.
- We disable loadable sqlite extensions.
- As we want to use the internal versions of expat and libffi, we
change `--with-system-{expat,ffi}` to
`--without-system-{expat,ffi}`.
- Comment out the `--with-wheel-pkg-dir` as it's some ensurepip
stuff we are disabling anyway.
- Essentially drop `src_install` and write our own variant, where we
run `make altinstall`, remove unnecessary files (the original
`src_install` could be read to find out which files to remove),
creates a versionless python symlink, adds an EXTERNALLY-MANAGED
file, and removes the `/discard` directory.

43
sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/metadata.xml vendored
View File

@ -1,43 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>python@gentoo.org</email>
<name>Python</name>
</maintainer>
<use>
<flag name="bluetooth">
Build Bluetooth protocol support in socket module
</flag>
<flag name="ensurepip">
Install the ensurepip module that uses bundled wheels
to bootstrap pip and setuptools (if disabled, it will
be only possible to use venv `--without-pip`)
</flag>
<flag name="libedit">
Link readline extension against <pkg>dev-libs/libedit</pkg>
instead of <pkg>sys-libs/readline</pkg>
</flag>
<flag name="pgo">
Optimize the build using Profile Guided Optimization (PGO)
by running Python's test suite and collecting statistics
based on its performance. This will take longer to build.
</flag>
<flag name="lto">
Optimize the build using Link Time Optimization (LTO)
</flag>
<flag name="valgrind">
Disable pymalloc when running under
<pkg>dev-util/valgrind</pkg> is detected (may incur minor
performance penalty even when valgrind is not used)
</flag>
<flag name="wininst">
Install Windows executables required to create an executable
installer for MS Windows
</flag>
</use>
<upstream>
<remote-id type="cpe">cpe:/a:python:python</remote-id>
<remote-id type="github">python/cpython</remote-id>
</upstream>
</pkgmetadata>

461
sdk_container/src/third_party/coreos-overlay/dev-lang/python-oem/python-oem-3.10.10_p2-r1.ebuild vendored
View File

@ -1,461 +0,0 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
WANT_LIBTOOL="none"
inherit autotools check-reqs flag-o-matic multiprocessing pax-utils
inherit prefix python-utils-r1 toolchain-funcs verify-sig
MY_PV=${PV/_rc/rc}
MY_P="Python-${MY_PV%_p*}"
PYVER=$(ver_cut 1-2)
PATCHSET="python-gentoo-patches-${MY_PV}"
DESCRIPTION="An interpreted, interactive, object-oriented programming language"
HOMEPAGE="
https://www.python.org/
https://github.com/python/cpython/
"
SRC_URI="
https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz
https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz
verify-sig? (
https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz.asc
)
"
S="${WORKDIR}/${MY_P}"
LICENSE="PSF-2"
SLOT="${PYVER}"
KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
IUSE="
bluetooth build +ensurepip examples gdbm hardened libedit lto
+ncurses pgo +readline +sqlite +ssl test tk valgrind +xml
"
RESTRICT="!test? ( test )"
# Do not add a dependency on dev-lang/python to this ebuild.
# If you need to apply a patch which requires python for bootstrapping, please
# run the bootstrap code on your dev box and include the results in the
# patchset. See bug 447752.
# Flatcar: Drop a dependency on dev-libs/expat, we will use the internal one.
# Flatcar: Drop a dependency on dev-libs/libffi, we will use the internal one.
# Flatcar: Drop a dependency on dev-python/gentoo-common, we will install our own EXTERNALLY-MANAGED file
RDEPEND="
app-arch/bzip2:=
app-arch/xz-utils:=
dev-lang/python-exec[python_targets_python3_10(-)]
dev-python/gentoo-common
sys-apps/util-linux:=
>=sys-libs/zlib-1.1.3:=
virtual/libcrypt:=
virtual/libintl
ensurepip? ( dev-python/ensurepip-wheels )
gdbm? ( sys-libs/gdbm:=[berkdb] )
ncurses? ( >=sys-libs/ncurses-5.2:= )
readline? (
!libedit? ( >=sys-libs/readline-4.1:= )
libedit? ( dev-libs/libedit:= )
)
sqlite? ( >=dev-db/sqlite-3.3.8:3= )
ssl? ( >=dev-libs/openssl-1.1.1:= )
tk? (
>=dev-lang/tcl-8.0:=
>=dev-lang/tk-8.0:=
dev-tcltk/blt:=
dev-tcltk/tix
)
!!<sys-apps/sandbox-2.21
"
# bluetooth requires headers from bluez
DEPEND="
${RDEPEND}
bluetooth? ( net-wireless/bluez )
valgrind? ( dev-util/valgrind )
test? ( app-arch/xz-utils[extra-filters(+)] )
"
# autoconf-archive needed to eautoreconf
BDEPEND="
sys-devel/autoconf-archive
app-alternatives/awk
virtual/pkgconfig
verify-sig? ( sec-keys/openpgp-keys-python )
"
RDEPEND+="
!build? ( app-misc/mime-types )
"
# Flatcar: Unset RDEPEND, DEPEND already contains it. OEM packages are
# installed after production images are pruned of the previously
# installed package database.
unset RDEPEND
VERIFY_SIG_OPENPGP_KEY_PATH=${BROOT}/usr/share/openpgp-keys/python.org.asc
# large file tests involve a 2.5G file being copied (duplicated)
CHECKREQS_DISK_BUILD=5500M
QA_PKGCONFIG_VERSION=${PYVER}
# false positives -- functions specific to *BSD
QA_CONFIG_IMPL_DECL_SKIP=( chflags lchflags )
pkg_pretend() {
use test && check-reqs_pkg_pretend
}
pkg_setup() {
use test && check-reqs_pkg_setup
}
src_unpack() {
if use verify-sig; then
verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.asc}
fi
default
}
src_prepare() {
# Flatcar: We keep the internal expat copy.
# Flatcar: We keep the internal libffi copy.
# # Ensure that internal copies of expat and libffi are not used.
# rm -r Modules/expat || die
# rm -r Modules/_ctypes/libffi* || die
local PATCHES=(
"${WORKDIR}/${PATCHSET}"
)
default
# https://bugs.gentoo.org/850151
sed -i -e "s:@@GENTOO_LIBDIR@@:$(get_libdir):g" setup.py || die
# force the correct number of jobs
# https://bugs.gentoo.org/737660
local jobs=$(makeopts_jobs)
sed -i -e "s:-j0:-j${jobs}:" Makefile.pre.in || die
sed -i -e "/self\.parallel/s:True:${jobs}:" setup.py || die
eautoreconf
}
src_configure() {
# disable automagic bluetooth headers detection
if ! use bluetooth; then
local -x ac_cv_header_bluetooth_bluetooth_h=no
fi
local disable
use gdbm || disable+=" gdbm"
use ncurses || disable+=" _curses _curses_panel"
use readline || disable+=" readline"
use sqlite || disable+=" _sqlite3"
use ssl || export PYTHON_DISABLE_SSL="1"
use tk || disable+=" _tkinter"
use xml || disable+=" _elementtree pyexpat" # _elementtree uses pyexpat.
export PYTHON_DISABLE_MODULES="${disable}"
if ! use xml; then
ewarn "You have configured Python without XML support."
ewarn "This is NOT a recommended configuration as you"
ewarn "may face problems parsing any XML documents."
fi
if [[ -n "${PYTHON_DISABLE_MODULES}" ]]; then
einfo "Disabled modules: ${PYTHON_DISABLE_MODULES}"
fi
append-flags -fwrapv
filter-flags -malign-double
# https://bugs.gentoo.org/700012
if is-flagq -flto || is-flagq '-flto=*'; then
append-cflags $(test-flags-CC -ffat-lto-objects)
fi
# Export CXX so it ends up in /usr/lib/python3.X/config/Makefile.
# PKG_CONFIG needed for cross.
tc-export CXX PKG_CONFIG
local dbmliborder=
if use gdbm; then
dbmliborder+="${dbmliborder:+:}gdbm"
fi
if use pgo; then
local profile_task_flags=(
-m test
"-j$(makeopts_jobs)"
--pgo-extended
-x test_gdb
-u-network
# All of these seem to occasionally hang for PGO inconsistently
# They'll even hang here but be fine in src_test sometimes.
# bug #828535 (and related: bug #788022)
-x test_asyncio
-x test_httpservers
-x test_logging
-x test_multiprocessing_fork
-x test_socket
-x test_xmlrpc
)
if has_version "app-arch/rpm" ; then
# Avoid sandbox failure (attempts to write to /var/lib/rpm)
profile_task_flags+=(
-x test_distutils
)
fi
local -x PROFILE_TASK="${profile_task_flags[*]}"
fi
local myeconfargs=(
# glibc-2.30 removes it; since we can't cleanly force-rebuild
# Python on glibc upgrade, remove it proactively to give
# a chance for users rebuilding python before glibc
ac_cv_header_stropts_h=no
# Flatcar: Use oem-specific prefix.
--prefix=/oem/python
# Flatcar: Make sure we put libs into a correct subdirectory.
--with-platlibdir="$(get_libdir)"
# Flatcar: No need for shared libs.
# --enable-shared
--disable-shared
--without-static-libpython
--enable-ipv6
# Flatcar: Set includedir to discardable directory
--includedir='/discard/include'
# Flatcar: Set infodir and mandir to discardable directory
# --infodir='/${prefix}/share/info'
# --mandir='/${prefix}/share/man'
--infodir='/discard/info'
--mandir='/discard/man'
--with-computed-gotos
--with-dbmliborder="${dbmliborder}"
--with-libc=
# Flatcar: No need for loadable extensions.
# --enable-loadable-sqlite-extensions
--disable-loadable-sqlite-extensions
--without-ensurepip
# Flatcar: We use internal expat
# --with-system-expat
--without-system-expat
# Flatcar: We use internal ffi
# --with-system-ffi
--without-system-ffi
# Flatcar: It's for ensurepip, which we disable
# --with-wheel-pkg-dir="${EPREFIX}"/usr/lib/python/ensurepip
$(use_with lto)
$(use_enable pgo optimizations)
$(use_with readline readline "$(usex libedit editline readline)")
$(use_with valgrind)
)
# disable implicit optimization/debugging flags
local -x OPT=
if tc-is-cross-compiler ; then
# Hack to workaround get_libdir not being able to handle CBUILD, bug #794181
local cbuild_libdir=$(unset PKG_CONFIG_PATH ; $(tc-getBUILD_PKG_CONFIG) --keep-system-libs --libs-only-L libffi)
# pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get
# propagated to sysconfig for built extensions
local -x CFLAGS_NODIST=${CFLAGS_FOR_BUILD}
local -x LDFLAGS_NODIST=${LDFLAGS_FOR_BUILD}
local -x CFLAGS= LDFLAGS=
# We need to build our own Python on CBUILD first, and feed it in.
# bug #847910 and bug #864911.
local myeconfargs_cbuild=(
"${myeconfargs[@]}"
--libdir="${cbuild_libdir:2}"
# Avoid needing to load the right libpython.so.
--disable-shared
# As minimal as possible for the mini CBUILD Python
# we build just for cross.
--without-lto
--disable-optimizations
)
# Point the imminent CHOST build to the Python we just
# built for CBUILD.
export PATH="${WORKDIR}/${P}-${CBUILD}:${PATH}"
mkdir "${WORKDIR}"/${P}-${CBUILD} || die
pushd "${WORKDIR}"/${P}-${CBUILD} &> /dev/null || die
# We disable _ctypes and _crypt for CBUILD because Python's setup.py can't handle locating
# libdir correctly for cross.
PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" \
ECONF_SOURCE="${S}" econf_build "${myeconfargs_cbuild[@]}"
# Avoid as many dependencies as possible for the cross build.
cat >> Makefile <<-EOF || die
MODULE_NIS=disabled
MODULE__DBM=disabled
MODULE__GDBM=disabled
MODULE__DBM=disabled
MODULE__SQLITE3=disabled
MODULE__HASHLIB=disabled
MODULE__SSL=disabled
MODULE__CURSES=disabled
MODULE__CURSES_PANEL=disabled
MODULE_READLINE=disabled
MODULE__TKINTER=disabled
MODULE_PYEXPAT=disabled
MODULE_ZLIB=disabled
EOF
# Unfortunately, we do have to build this immediately, and
# not in src_compile, because CHOST configure for Python
# will check the existence of the Python it was pointed to
# immediately.
PYTHON_DISABLE_MODULES="${PYTHON_DISABLE_MODULES} _ctypes _crypt" emake
popd &> /dev/null || die
fi
# pass system CFLAGS & LDFLAGS as _NODIST, otherwise they'll get
# propagated to sysconfig for built extensions
local -x CFLAGS_NODIST=${CFLAGS}
local -x LDFLAGS_NODIST=${LDFLAGS}
local -x CFLAGS= LDFLAGS=
# Fix implicit declarations on cross and prefix builds. Bug #674070.
if use ncurses; then
append-cppflags -I"${ESYSROOT}"/usr/include/ncursesw
fi
hprefixify setup.py
econf "${myeconfargs[@]}"
if grep -q "#define POSIX_SEMAPHORES_NOT_ENABLED 1" pyconfig.h; then
eerror "configure has detected that the sem_open function is broken."
eerror "Please ensure that /dev/shm is mounted as a tmpfs with mode 1777."
die "Broken sem_open function (bug 496328)"
fi
# install epython.py as part of stdlib
echo "EPYTHON='python${PYVER}'" > Lib/epython.py || die
}
src_compile() {
# Ensure sed works as expected
# https://bugs.gentoo.org/594768
local -x LC_ALL=C
# Prevent using distutils bundled by setuptools.
# https://bugs.gentoo.org/823728
export SETUPTOOLS_USE_DISTUTILS=stdlib
# Save PYTHONDONTWRITEBYTECODE so that 'has_version' doesn't
# end up writing bytecode & violating sandbox.
# bug #831897
local -x _PYTHONDONTWRITEBYTECODE=${PYTHONDONTWRITEBYTECODE}
if use pgo ; then
# bug 660358
local -x COLUMNS=80
local -x PYTHONDONTWRITEBYTECODE=
addpredict "/usr/lib/python${PYVER}/site-packages"
fi
# also need to clear the flags explicitly here or they end up
# in _sysconfigdata*
emake CPPFLAGS= CFLAGS= LDFLAGS=
# Restore saved value from above.
local -x PYTHONDONTWRITEBYTECODE=${_PYTHONDONTWRITEBYTECODE}
# Work around bug 329499. See also bug 413751 and 457194.
if has_version dev-libs/libffi[pax-kernel]; then
pax-mark E python
else
pax-mark m python
fi
}
src_test() {
# Tests will not work when cross compiling.
if tc-is-cross-compiler; then
elog "Disabling tests due to crosscompiling."
return
fi
local test_opts=(
-u-network
-j "$(makeopts_jobs)"
# fails
-x test_gdb
)
if use sparc ; then
# bug #788022
test_opts+=(
-x test_multiprocessing_fork
-x test_multiprocessing_forkserver
)
fi
# workaround docutils breaking tests
cat > Lib/docutils.py <<-EOF || die
raise ImportError("Thou shalt not import!")
EOF
# bug 660358
local -x COLUMNS=80
local -x PYTHONDONTWRITEBYTECODE=
# workaround https://bugs.gentoo.org/775416
addwrite "/usr/lib/python${PYVER}/site-packages"
nonfatal emake test EXTRATESTOPTS="${test_opts[*]}" \
CPPFLAGS= CFLAGS= LDFLAGS= < /dev/tty
local ret=${?}
rm Lib/docutils.py || die
[[ ${ret} -eq 0 ]] || die "emake test failed"
}
# Flatcar: Rewrite src_install to just run make altinstall, remove
# some installed files (refer to the original src_install to see which
# files to drop), adding symlinks and the EXTERNALLY-MANAGED file, and
# removing the /discard directory.
src_install() {
local prefix=/oem/python
local eprefix="${ED}${prefix}"
local libdir="${prefix}/$(get_libdir)"
local elibdir="${eprefix}/$(get_libdir)"
local pythonplatlibdir="${libdir}/python${PYVER}"
local epythonplatlibdir="${elibdir}/python${PYVER}"
local bindir="${prefix}/bin"
local ebindir="${eprefix}/bin"
emake DESTDIR="${D}" altinstall
rm -r "${epythonplatlibdir}"/ensurepip || die
rm -r "${epythonplatlibdir}/"{sqlite3,test/test_sqlite*} || die
rm -r "${ebindir}/idle${PYVER}" || die
rm -r "${epythonplatlibdir}/"{idlelib,tkinter,test/test_tk*} || die
# create a simple versionless 'python' symlink
dosym "python${PYVER}" "${bindir}/python"
dosym "python${PYVER}" "${bindir}/python3"
insinto "${pythonplatlibdir}"
# https://peps.python.org/pep-0668/
newins - EXTERNALLY-MANAGED <<-EOF
[externally-managed]
Error=
Please contact Flatcar maintainers if some python package
is necessary for this OEM image.
EOF
rm -r "${ED}/discard" || die
}

1
sdk_container/src/third_party/coreos-overlay/dev-python/distro-oem/Manifest vendored
View File

@ -1 +0,0 @@
DIST distro-1.7.0.tar.gz 58164 BLAKE2B 22bbd2daf9cac589530eac9a58767db6b9e389b77719516f7386a9377b49ba4c9b696165701acc42366b760b9a632c70a2243a58c12a367fef2a0a770a4aea44 SHA512 14516ecab33ee8c57c35a8279eb515fd699031fabac7d8886092ea98696797d55503179870aeb513a85e1a66c7e69f2f60bb6ea9fc935be975cb5135e1917ecc

4
sdk_container/src/third_party/coreos-overlay/dev-python/distro-oem/README.md vendored
View File

@ -1,4 +0,0 @@
This package is a hacked-up way to install a distro module for oem
packages to use. It's meant to be used by dev-lang/python-oem, thus
not using any python-specific eclasses and whatnot, to avoid pulling
python dependency into the production image.

41
sdk_container/src/third_party/coreos-overlay/dev-python/distro-oem/distro-oem-1.7.0-r2.ebuild vendored
View File

@ -1,41 +0,0 @@
# Copyright 2021-2022 Microsoft Corporation
# Distributed under the terms of GNU General Public License v2
EAPI=8
MY_PN='distro'
MY_P="${MY_PN}-${PV}"
DESCRIPTION="Reliable machine-readable Linux distribution information for Python"
HOMEPAGE="
https://distro.readthedocs.io/en/latest/
https://pypi.org/project/distro/
https://github.com/python-distro/distro/"
SRC_URI="mirror://pypi/${MY_PN:0:1}/${MY_PN}/${MY_P}.tar.gz"
LICENSE="Apache-2.0"
KEYWORDS="amd64 arm64"
# Depending on specific version of python-oem allows us to notice when
# we update the major version of python and then to make sure that we
# install the package in correctly versioned site-packages directory.
DEP_PYVER="3.10"
SLOT="0"
RDEPEND="dev-lang/python-oem:${DEP_PYVER}"
S="${WORKDIR}/${MY_P}"
src_compile() {
# nothing to do
:
}
src_install() {
insinto "/oem/python/$(get_libdir)/python${DEP_PYVER}/site-packages"
local ssd="${S}/src/distro"
doins "${ssd}/distro.py"
doins "${ssd}/__init__.py"
doins "${ssd}/__main__.py"
doins "${ssd}/py.typed"
}

4
sdk_container/src/third_party/coreos-overlay/dev-python/distro-oem/metadata.xml vendored
View File

@ -1,4 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
</pkgmetadata>

1
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use.mask vendored
View File

@ -26,7 +26,6 @@ sys-libs/glibc -crypt
# We don't use pip.
dev-lang/python ensurepip
dev-lang/python-oem ensurepip
# Pulls dev-python/sphinx, which in turn pulls a lot of other python stuff.
sys-fs/btrfs-progs man

4
sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use vendored
View File

@ -7,10 +7,6 @@ app-editors/vim minimal -crypt
# minimal: Don't pull app-vim/gentoo-syntax
app-editors/vim-core minimal
dev-lang/python gdbm
# Disable everything for python-oem except of build and xml
dev-lang/python-oem -bluetooth build -ensurepip -examples -gdbm -hardened -libedit -lto -ncurses -pgo -readline -sqlite -ssl -test -tk -valgrind xml
dev-libs/dbus-glib tools
dev-libs/elfutils -utils
dev-libs/openssl pkcs11

0
sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r14.ebuild → sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-0.0.38-r15.ebuild vendored
View File

2
sdk_container/src/third_party/coreos-overlay/sys-kernel/bootengine/bootengine-9999.ebuild vendored
View File

@ -10,7 +10,7 @@ CROS_WORKON_REPO="https://github.com"
if [[ "${PV}" == 9999 ]]; then
KEYWORDS="~amd64 ~arm ~arm64 ~x86"
else
CROS_WORKON_COMMIT="130003986dfdab46a21c7f34054239e59583e0f6" # flatcar-master
CROS_WORKON_COMMIT="2c85973e01da92c60ad3c8cdcab702b4b508d10f" # flatcar-master
KEYWORDS="amd64 arm arm64 x86"
fi