* sdk: Fix ephemeral key directory paths baked into container images
The SDK container build process was persisting temporary directory
paths for module signing keys into /home/sdk/.bashrc. This caused
all container instances to share the same ephemeral key location.
Fixed by:
- Runtime check in sdk_entry.sh to recreate stale temp directories
- Build-time cleanup in Dockerfiles to remove the variables
Each container instance now gets unique temporary directories.
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
* sdk_entry: use persistent module signing keys for unofficial builds
For official builds (COREOS_OFFICIAL=1), continue using ephemeral
temporary directories for module signing keys.
For unofficial/development builds, use a persistent directory at
/mnt/host/source/.module-signing-keys to preserve keys across
container restarts.
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
---------
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
This change builds all packages required to break circular dependencies
and includes these in the SDK image. This way, emerge-<arch> can be used
right away and build_packages only builds packages with production USE
flags.
The change significantly reduces the build time at the cost of a larger
SDK image and longer SDK container build time. Uncompressed:
Size before Size after
all arches 7.75GB 9.29GB
arm64 5.7GB 6.58GB
amd64 5.64GB 6.45GB
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
This change introduces a containerised SDK as a replacement for cork SDK
operations. It also simplifies versioning by removing the need for
manifest repos as well as usage of the "repo" tool by use of git
submodules for coreos-overlay and portage-stable.
The following feature scripts are added:
- run_sdk_container: Run a command in an SDK container, using the
current scripts repo + ebuild submodules.
current scripts repo + ebuild submodules.
- bootstrap_sdk_container / build_sdk_container_image: Bootstrap a new
SDK and create an SDK container from the resulting SDK tarball.
The following additions have been made to SDK scripts:
- setup_board: add --pkgdir parameter to use a custom binary packge
directory.
Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
