Update LAT container to support patches

This commit adds the necessary tooling and
env variables to the LAT container in order to
support patch creation.

The current patch process that has the
option to reuse initramfs and for that we
need access to the gpg keys used by LAT
to check in and sign the ostree commit,
as LAT already builds the image it makes
sense to also build the patches in the LAT
container.

Story: 2008862
Task: 46788

Signed-off-by: Luis Sampaio <luis.sampaio@windriver.com>
Change-Id: I1ae93bfe29e8003b64b65eb06d1d1ae65ef94067
This commit is contained in:
Luis Sampaio 2022-11-10 15:29:37 -08:00
parent b25dbb040a
commit 4243965ed5
6 changed files with 82 additions and 21 deletions

View File

@ -21,6 +21,7 @@ ARG LAT_BINARY_RESOURCE_PATH=http://mirror.starlingx.cengn.ca/mirror/lat-sdk/lat
# Install necessary packages # Install necessary packages
RUN apt-get -y update && apt-get --no-install-recommends -y install \ RUN apt-get -y update && apt-get --no-install-recommends -y install \
python3 \ python3 \
python3-pip \
xz-utils \ xz-utils \
file \ file \
bzip2 \ bzip2 \
@ -28,10 +29,15 @@ RUN apt-get -y update && apt-get --no-install-recommends -y install \
tini \ tini \
wget \ wget \
locales-all \ locales-all \
python3-yaml && \ python3-yaml \
rsync \
cpio \
vim \
&& \
apt-get clean && \ apt-get clean && \
rm -rf /var/lib/apt/lists/* && \ rm -rf /var/lib/apt/lists/* && \
mkdir -p /opt/LAT/SDK mkdir -p /opt/LAT/SDK && \
pip3 install pycryptodomex requests_toolbelt
# Insert pubkey of the package repository # Insert pubkey of the package repository
COPY stx/toCOPY/builder/pubkey.rsa /opt/LAT/ COPY stx/toCOPY/builder/pubkey.rsa /opt/LAT/
@ -56,7 +62,6 @@ RUN sed -i 's/linux-image-amd64/linux-image-5.10.0-6-amd64-unsigned/g' /opt/LAT/
RUN sed -i 's/Wind River Linux Graphics development .* ostree/StarlingX ostree/g' /opt/LAT/SDK/sysroots/corei7-64-wrs-linux/boot/efi/EFI/BOOT/grub.cfg RUN sed -i 's/Wind River Linux Graphics development .* ostree/StarlingX ostree/g' /opt/LAT/SDK/sysroots/corei7-64-wrs-linux/boot/efi/EFI/BOOT/grub.cfg
# Add vimrc # Add vimrc
RUN mkdir /etc/vim
COPY stx/toCOPY/common/vimrc.local /etc/vim/vimrc.local COPY stx/toCOPY/common/vimrc.local /etc/vim/vimrc.local
RUN chmod 0644 /etc/vim/vimrc.local RUN chmod 0644 /etc/vim/vimrc.local

View File

@ -17,6 +17,7 @@
import getpass import getpass
import logging import logging
import os import os
import shutil
import subprocess import subprocess
import sys import sys
import time import time
@ -188,6 +189,20 @@ stx-pkgbuilder/configmap/')
with open(localrc, "w") as wf: with open(localrc, "w") as wf:
wf.write(message) wf.write(message)
# Update LAT configmap for patching
lat_configmap_dir = os.path.join(self.abs_helmchartdir,
'dependency_chart/stx-lat-tool/configmap/')
patch_env_sample = os.path.join(lat_configmap_dir, 'patch.env.sample')
patch_env = os.path.join(lat_configmap_dir, 'stx-patch-env.sh')
with open(patch_env_sample, "r") as rf:
message = rf.read()
message = message.replace("@PROJECT@", projectname)
message = message.replace("@MYUNAME@", builder_myuname)
with open(patch_env, "w") as wf:
wf.write(message)
# Copy stx-localrc file of builder container to pkgbuilder # Copy stx-localrc file of builder container to pkgbuilder
cmd = 'cp -f %s %s' % (localrc, pkgbuilder_configmap_dir) cmd = 'cp -f %s %s' % (localrc, pkgbuilder_configmap_dir)
os.system(cmd) os.system(cmd)

View File

@ -0,0 +1,17 @@
# Patch environment variables
LOCALDISK="/localdisk"
export PROJECT=@PROJECT@
export MYUNAME=@MYUNAME@
export MY_BUILD_PKG_DIR=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/
export MY_WORKSPACE=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/
export MY_LOCAL_DISK=${LOCALDISK}/designer/$MYUNAME
export MY_REPO_ROOT_DIR=$MY_LOCAL_DISK/$PROJECT
export MY_REPO=$MY_REPO_ROOT_DIR/cgcs-root
export MY_BUILD_TOOLS_DIR=$MY_REPO/build-tools
export PATCH_TOOLS=${MY_REPO}/stx/update/sw-patch/cgcs-patch/cgcs_make_patch
export STX_BUILD_HOME="/"
export DEPLOY_DIR=${LOCALDISK}/deploy
export PATH=$PATH:$MY_BUILD_TOOLS_DIR:/opt/LAT/SDK/sysroots/x86_64-wrlinuxsdk-linux/usr/bin

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.volumes.patchConfig.configMapName }}
data:
{{ (.Files.Glob "configmap/stx*").AsConfig | indent 2 }}

View File

@ -35,10 +35,13 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
tty: true tty: true
volumeMounts: volumeMounts:
- name: {{ .Values.volumes.name }} - name: {{ .Values.volumeMounts.workspace.name }}
mountPath: {{ .Values.volumeMounts.mountPath }} mountPath: {{ .Values.volumeMounts.workspace.mountPath }}
- name: {{ .Values.volumes.entropyname }} - name: {{ .Values.volumeMounts.entropy.name }}
mountPath: {{ .Values.volumeMounts.entropymountPath }} mountPath: {{ .Values.volumeMounts.entropy.mountPath }}
- name: {{ .Values.volumeMounts.patchConfig.name }}
mountPath: {{ .Values.volumeMounts.patchConfig.mountPath }}
subPath: {{ .Values.volumeMounts.patchConfig.subPath }}
resources: resources:
{{- toYaml .Values.resources | nindent 12 }} {{- toYaml .Values.resources | nindent 12 }}
@ -47,12 +50,15 @@ spec:
{{- toYaml .Values.dnsConfig | nindent 8 }} {{- toYaml .Values.dnsConfig | nindent 8 }}
volumes: volumes:
- name: {{ .Values.volumes.name }} - name: {{ .Values.volumes.workspace.name }}
hostPath: hostPath:
path: {{ .Values.global.hostDir }}{{ .Values.volumes.hostPath.path }} path: {{ .Values.global.hostDir }}{{ .Values.volumes.workspace.hostPath.path }}
- name: {{ .Values.volumes.entropyname }} - name: {{ .Values.volumes.entropy.name }}
hostPath: hostPath:
path: {{ .Values.volumes.entropyhostPath.path }} path: {{ .Values.volumes.entropy.hostPath.path }}
- name: {{ .Values.volumes.patchConfig.name }}
configMap:
name: {{ .Values.volumes.patchConfig.configMapName }}
{{- with .Values.nodeSelector }} {{- with .Values.nodeSelector }}

View File

@ -12,18 +12,29 @@ image:
tag: "v0.1.0" tag: "v0.1.0"
volumeMounts: volumeMounts:
name: latd-shared-workspace workspace:
mountPath: /localdisk name: latd-shared-workspace
entropyname: entropy-device mountPath: /localdisk
entropymountPath: /dev/random entropy:
name: entropy-device
mountPath: /dev/random
patchConfig:
name: patch-env
mountPath: /etc/profile.d/stx-patch-env.sh
subPath: stx-patch-env.sh
volumes: volumes:
name: latd-shared-workspace workspace:
hostPath: name: latd-shared-workspace
path: /localdisk hostPath:
entropyname: entropydevice path: /localdisk
entropyhostPath: entropy:
path: /dev/urandom name: entropy-device
hostPath:
path: /dev/urandom
patchConfig:
name: patch-env
configMapName: lat-patch
imagePullSecrets: [] imagePullSecrets: []
nameOverride: "" nameOverride: ""