coreos-devel/board-packages: Drop the OEM sysext dependencies

It is no longer necessary to include these as they are explicitly built with --onlydeps in build_sysext_packages(). This new approach allows a package to be installed to both /usr and sysexts with conflicting USE flags. Portage would normally refuse to do this because it would "break" what is already installed to the board root, but --ignore-world forces the breakage. It is safe in this context because the board root is not used for execution, and affected packages will be automatically rebuilt as needed, e.g. the next time you run build_packages. Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
2026-03-05 13:32:27 +01:00 · 2026-01-27 16:37:30 +00:00 · 2026-01-27 16:37:30 +00:00 · cdcd0ff285
commit cdcd0ff285
parent fd650fd1e2
4 changed files with 21 additions and 36 deletions
--- a/12
+++ b/12
@ -312,13 +312,17 @@ build_sysext_packages() {
    qatom -F "%{CATEGORY}/%{PN}" ${package_atoms} >> "${eclean_excludes}"
    for package in $package_atoms; do
       # --buildpkgonly does not install dependencies, so we install them
-       # separately before building the binary package
+       # separately before building the binary package. --ignore-world is needed
+       # to allow packages to be installed to both /usr and sysexts with
+       # conflicting USE flags. This will "break" the board root, but it's not
+       # used for execution, and affected packages will be rebuilt as needed.
       sudo --preserve-env=MODULES_SIGN_KEY,MODULES_SIGN_CERT \
         env USE="$useflags" FEATURES="-ebuild-locks binpkg-multi-instance" "${EMERGE_CMD[@]}" \
         "${EMERGE_FLAGS[@]}" \
         --quiet \
         --onlydeps \
         --binpkg-respect-use=y \
+         --ignore-world=y \
         "${package}"

       sudo --preserve-env=MODULES_SIGN_KEY,MODULES_SIGN_CERT \
@ -327,6 +331,7 @@ build_sysext_packages() {
         --quiet \
         --buildpkgonly \
         --binpkg-respect-use=y \
+         --ignore-world=y \
         "${package}"
    done
    unset IFS
@ -378,6 +383,11 @@ if [[ "${FLAGS_usepkgonly}" -eq "${FLAGS_FALSE}" ]]; then
  fi
 fi

+# Additionally avoid cleaning packages that have the flatcar-oem USE flag, which
+# may be off in /usr but on in sysexts. This query doesn't check whether the
+# flag is currently enabled or not, but that's fine in practise.
+quse --root="${BOARD_ROOT}" -qeI flatcar-oem >> "${eclean_excludes}" || :
+
 eclean-"$BOARD" --deep --exclude-file="${eclean_excludes}" packages
 rm -f "${eclean_excludes}"
 # run eclean again, this time without the --deep option, to clean old versions
--- a/sdk_container/src/third_party/coreos-overlay/README.md
+++ b/sdk_container/src/third_party/coreos-overlay/README.md
@ -23,13 +23,12 @@ gets built into a developer image and is not OEM specific.
 gets built into the Container Linux SDK.

 `coreos-devel/board-packages` is everything that could be built into a
-development or production image, plus any OEM specific packages.
+development or production image.

 `coreos-base/oem-*` are the OEM specific packages. They mostly install things
-that belong in the OEM partition. Any RDEPENDS from these packages should
-be copied to the RDEPENDS in `board-packages` to ensure they are built.
+that belong in the OEM partition.

-`coreos-base/coreos-oem-*` are metapackages for OEM specific ACIs. 
+`coreos-base/coreos-oem-*` are metapackages for OEM specific ACIs.

 # Updating

--- a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1-r18.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1-r18.ebuild
--- a/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-devel/board-packages/board-packages-0.0.1.ebuild
@ -2,47 +2,23 @@
 # Distributed under the terms of the GNU General Public License v2
 # $Header: $

-EAPI=7
+EAPI=8

-DESCRIPTION="Meta ebuild for building all binary packages."
-HOMEPAGE="http://coreos.com/docs/sdk/"
-SRC_URI=""
+DESCRIPTION="Meta ebuild for building all binary packages"
+HOMEPAGE="https://www.flatcar.org/"

 LICENSE="GPL-2"
 SLOT="0"
 KEYWORDS="amd64 arm64"
-IUSE=""

-# Depend on everything OEMs need, but not the OEMs themselves.
-# This makes the built packages available for image_vm_util.sh but
-# avoids copying the oem specific files (e.g. grub configs) before
-# the oem partition is set up.
-DEPEND=""
 RDEPEND="
-	amd64? (
-		app-emulation/google-compute-engine
-		app-emulation/open-vm-tools
-		coreos-base/nova-agent-container
-		coreos-base/nova-agent-watcher
-	)
-	sys-boot/grub
-	sys-boot/shim
-	sys-boot/shim-signed
 	app-containers/containerd
 	app-containers/docker
 	app-containers/docker-buildx
 	app-containers/docker-cli
-	app-containers/incus
-	app-emulation/amazon-ssm-agent
-	app-emulation/hv-daemons
-	app-emulation/wa-linux-agent
 	coreos-base/coreos
 	coreos-base/coreos-dev
-	coreos-base/flatcar-eks
-	net-misc/chrony
-	sys-fs/zfs
-	app-containers/podman
-	net-misc/passt
-	dev-lang/python
-	dev-python/pip
-	"
+	sys-boot/grub
+	sys-boot/shim
+	sys-boot/shim-signed
+"