mirror of
				https://github.com/flatcar/scripts.git
				synced 2025-10-24 22:01:05 +02:00 
			
		
		
		
	Co-authored-by: Kai Lüke <pothos@users.noreply.github.com> Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
		
			
				
	
	
		
			172 lines
		
	
	
		
			7.1 KiB
		
	
	
	
		
			Bash
		
	
	
	
	
	
			
		
		
	
	
			172 lines
		
	
	
		
			7.1 KiB
		
	
	
	
		
			Bash
		
	
	
	
	
	
| #!/bin/bash
 | |
| #
 | |
| # Copyright (c) 2021 The Flatcar Maintainers.
 | |
| # Use of this source code is governed by a BSD-style license that can be
 | |
| # found in the LICENSE file.
 | |
| 
 | |
| # >>> This file is supposed to be SOURCED from the repository ROOT. <<<
 | |
| #
 | |
| # vm_build() should be called w/ the positional INPUT parameters below.
 | |
| 
 | |
| # Vendor images build automation stub.
 | |
| #   This script will build one or more vendor images ("vm") using a pre-built packages container.
 | |
| #
 | |
| # PREREQUISITES:
 | |
| #
 | |
| #   1. SDK version and OS image version are recorded in sdk_container/.repo/manifests/version.txt
 | |
| #   2. Scripts repo version tag of OS image version to be built is available and checked out.
 | |
| #   3. Flatcar packages container is available via build cache server
 | |
| #       from "/containers/[VERSION]/flatcar-images-[ARCH]-[FLATCAR_VERSION].tar.gz"
 | |
| #       or present locally. Must contain packages.
 | |
| #   4. The generic Flatcar image must be present in build cache server.
 | |
| #
 | |
| # INPUT:
 | |
| #
 | |
| #   1. Architecture (ARCH) of the TARGET vm images ("arm64", "amd64").
 | |
| #   2. Image formats to be built. Can be multiple, separated by spaces.
 | |
| #      Run ./image_to_vm.sh -h in the SDK to get a list of supported images.
 | |
| #
 | |
| # OPTIONAL INPUT:
 | |
| #
 | |
| #   1. SIGNER. Environment variable. Name of the owner of the artifact signing key.
 | |
| #        Defaults to nothing if not set - in such case, artifacts will not be signed.
 | |
| #        If provided, SIGNING_KEY environment variable should also be provided, otherwise this environment variable will be ignored.
 | |
| #
 | |
| #   2. SIGNING_KEY. Environment variable. The artifact signing key.
 | |
| #        Defaults to nothing if not set - in such case, artifacts will not be signed.
 | |
| #        If provided, SIGNER environment variable should also be provided, otherwise this environment variable will be ignored.
 | |
| #
 | |
| #   3. A file ../scripts.patch to apply with "git am -3" for the scripts repo.
 | |
| #
 | |
| # OUTPUT:
 | |
| #
 | |
| #   1. Exported VM image(s), pushed to buildcache ( images/[ARCH]/[FLATCAR_VERSION]/ )
 | |
| #   2. "./ci-cleanup.sh" with commands to clean up temporary build resources,
 | |
| #        to be run after this step finishes / when this step is aborted.
 | |
| #   3. If signer key was passed, signatures of artifacts from point 1, pushed along to buildcache.
 | |
| #   4. DIGESTS of the artifacts from point 1, pushed to buildcache. If signer key was passed, armored ASCII files of the generated DIGESTS files too, pushed to buildcache.
 | |
| 
 | |
| function vm_build() {
 | |
|     # Run a subshell, so the traps, environment changes and global
 | |
|     # variables are not spilled into the caller.
 | |
|     (
 | |
|         set -euo pipefail
 | |
| 
 | |
|         _vm_build_impl "${@}"
 | |
|     )
 | |
| }
 | |
| # --
 | |
| 
 | |
| function _vm_build_impl() {
 | |
|     local arch="$1"
 | |
|     shift
 | |
|     # $@ now contains image formats to build
 | |
| 
 | |
|     source ci-automation/ci_automation_common.sh
 | |
|     source ci-automation/gpg_setup.sh
 | |
| 
 | |
|     source sdk_container/.repo/manifests/version.txt
 | |
|     local vernum="${FLATCAR_VERSION}"
 | |
|     local docker_vernum="$(vernum_to_docker_image_version "${vernum}")"
 | |
| 
 | |
|     local packages="flatcar-packages-${arch}"
 | |
|     local packages_image="${packages}:${docker_vernum}"
 | |
| 
 | |
|     docker_image_from_buildcache "${packages}" "${docker_vernum}"
 | |
| 
 | |
|     local vms="flatcar-vms-${arch}"
 | |
|     local vms_container="${vms}-${docker_vernum}"
 | |
| 
 | |
|     apply_local_patches
 | |
| 
 | |
|     # automatically add PXE to formats if we build for Equinix Metal (packet).
 | |
|     local has_packet=0
 | |
|     local has_pxe=0
 | |
|     for format; do
 | |
|         [[ "${format}" = 'packet' ]] || [[ "${format}" = 'equinix_metal' ]] && has_packet=1
 | |
|         [[ "${format}" = 'pxe' ]] && has_pxe=1
 | |
|     done
 | |
| 
 | |
|     [[ ${has_packet} -eq 1 ]] && [[ ${has_pxe} -eq 0 ]] && set -- 'pxe' "${@}"
 | |
| 
 | |
|     # Convert platform names (also used to find the test scripts) to image formats they entail
 | |
|     formats="$*"
 | |
|     if echo "$formats" | tr ' ' '\n' | grep -q '^vmware'; then
 | |
|       formats=$(echo "$formats" | tr ' ' '\n' | sed '/vmware.*/d')
 | |
|       formats+=" vmware vmware_insecure vmware_ova vmware_raw"
 | |
|     fi
 | |
|     if echo "$formats" | tr ' ' '\n' | grep -q -P '^(ami|aws)'; then
 | |
|       formats=$(echo "$formats" | tr ' ' '\n' | sed '/ami.*/d' | sed '/aws/d')
 | |
|       formats+=" ami ami_vmdk"
 | |
|     fi
 | |
|     # Keep compatibility with SDK scripts where "equinix_metal" remains unknown.
 | |
|     formats=$(echo "$formats" | tr ' ' '\n' | sed 's/equinix_metal/packet/g')
 | |
| 
 | |
|     source sdk_lib/sdk_container_common.sh
 | |
| 
 | |
|     if is_official "${vernum}"; then
 | |
|         export COREOS_OFFICIAL=1
 | |
|     else
 | |
|         export COREOS_OFFICIAL=0
 | |
|     fi
 | |
| 
 | |
|     local images_in="images-in/"
 | |
|     local file
 | |
|     rm -rf "${images_in}"
 | |
|     for file in flatcar_production_image.bin.bz2 flatcar_production_image_sysext.squashfs flatcar_production_image.vmlinuz version.txt; do
 | |
|         copy_from_buildcache "images/${arch}/${vernum}/${file}" "${images_in}"
 | |
|     done
 | |
|     lbunzip2 "${images_in}/flatcar_production_image.bin.bz2"
 | |
|     ./run_sdk_container -x ./ci-cleanup.sh -n "${vms_container}" -C "${packages_image}" \
 | |
|             -v "${vernum}" \
 | |
|             mkdir -p "${CONTAINER_IMAGE_ROOT}/${arch}-usr/latest"
 | |
|     ./run_sdk_container -n "${vms_container}" -C "${packages_image}" \
 | |
|             -v "${vernum}" \
 | |
|             mv "${images_in}" "${CONTAINER_IMAGE_ROOT}/${arch}-usr/latest-input"
 | |
| 
 | |
|     for format in ${formats}; do
 | |
|         if [ "${format}" = qemu ] || [ "${format}" = qemu_uefi_secure ]; then
 | |
|            continue
 | |
|         fi
 | |
|         echo " ###################  VENDOR '${format}' ################### "
 | |
|         COMPRESSION_FORMAT="bz2"
 | |
|         if [[ "${format}" =~ ^(openstack_mini|digitalocean)$ ]];then
 | |
|             COMPRESSION_FORMAT="gz,bz2"
 | |
|         elif [[ "${format}" =~ ^(openstack)$ ]];then
 | |
|             COMPRESSION_FORMAT="gz,bz2,none"
 | |
|         elif [[ "${format}" =~ ^(qemu|qemu_uefi)$ ]];then
 | |
|             COMPRESSION_FORMAT="bz2,none"
 | |
|         elif [[ "${format}" =~ ^(hyperv|hyperv_vhdx)$ ]];then
 | |
|             COMPRESSION_FORMAT="zip"
 | |
|         elif [[ "${format}" =~ ^(scaleway|kubevirt|proxmoxve)$ ]];then
 | |
|             COMPRESSION_FORMAT="none"
 | |
|         elif [[ "${format}" =~ ^(akamai)$ ]];then
 | |
|             COMPRESSION_FORMAT="gz"
 | |
|         fi
 | |
|         ./run_sdk_container -n "${vms_container}" -C "${packages_image}" \
 | |
|             -v "${vernum}" \
 | |
|             ./image_to_vm.sh --format "${format}" --board="${arch}-usr" \
 | |
|                 --from "${CONTAINER_IMAGE_ROOT}/${arch}-usr/latest-input" \
 | |
|                 --to "${CONTAINER_IMAGE_ROOT}/${arch}-usr/latest" \
 | |
|                 --image_compression_formats="${COMPRESSION_FORMAT}" \
 | |
|                 --only_store_compressed
 | |
|     done
 | |
| 
 | |
|     # copy resulting images + push to buildcache
 | |
|     local images_out="images/"
 | |
|     rm -rf "${images_out}"
 | |
|     ./run_sdk_container -n "${vms_container}" -C "${packages_image}" \
 | |
|         -v "${vernum}" \
 | |
|         mv "${CONTAINER_IMAGE_ROOT}/${arch}-usr/" "./${images_out}/"
 | |
| 
 | |
|     ( cd images/latest ; ln -s flatcar_production_openstack_image.img.bz2 flatcar_production_brightbox_image.img.bz2 )
 | |
|     # For the digest creation we need the vmlinuz at the same folder
 | |
|     # because the PXE vmlinuz is a symlink to it
 | |
|     mv images/latest-input/flatcar_production_image.vmlinuz images/latest/
 | |
|     create_digests "${SIGNER}" "images/latest/"*
 | |
|     sign_artifacts "${SIGNER}" "images/latest/"*
 | |
|     mv images/latest/flatcar_production_image.vmlinuz* images/latest-input/
 | |
|     copy_to_buildcache "images/${arch}/${vernum}/" "images/latest/"*
 | |
| }
 | |
| # --
 |