Update LAT container to support patches

This commit adds the necessary tooling and
env variables to the LAT container in order to
support patch creation.

The current patch process that has the
option to reuse initramfs and for that we
need access to the gpg keys used by LAT
to check in and sign the ostree commit,
as LAT already builds the image it makes
sense to also build the patches in the LAT
container.

Story: 2008862
Task: 46788

Signed-off-by: Luis Sampaio <luis.sampaio@windriver.com>
Change-Id: I1ae93bfe29e8003b64b65eb06d1d1ae65ef94067
This commit is contained in:
Luis Sampaio 2022-11-10 15:29:37 -08:00
parent b25dbb040a
commit 4243965ed5
6 changed files with 82 additions and 21 deletions

View File

@ -21,6 +21,7 @@ ARG LAT_BINARY_RESOURCE_PATH=http://mirror.starlingx.cengn.ca/mirror/lat-sdk/lat
# Install necessary packages
RUN apt-get -y update && apt-get --no-install-recommends -y install \
python3 \
python3-pip \
xz-utils \
file \
bzip2 \
@ -28,10 +29,15 @@ RUN apt-get -y update && apt-get --no-install-recommends -y install \
tini \
wget \
locales-all \
python3-yaml && \
python3-yaml \
rsync \
cpio \
vim \
&& \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
mkdir -p /opt/LAT/SDK
mkdir -p /opt/LAT/SDK && \
pip3 install pycryptodomex requests_toolbelt
# Insert pubkey of the package repository
COPY stx/toCOPY/builder/pubkey.rsa /opt/LAT/
@ -56,7 +62,6 @@ RUN sed -i 's/linux-image-amd64/linux-image-5.10.0-6-amd64-unsigned/g' /opt/LAT/
RUN sed -i 's/Wind River Linux Graphics development .* ostree/StarlingX ostree/g' /opt/LAT/SDK/sysroots/corei7-64-wrs-linux/boot/efi/EFI/BOOT/grub.cfg
# Add vimrc
RUN mkdir /etc/vim
COPY stx/toCOPY/common/vimrc.local /etc/vim/vimrc.local
RUN chmod 0644 /etc/vim/vimrc.local

View File

@ -17,6 +17,7 @@
import getpass
import logging
import os
import shutil
import subprocess
import sys
import time
@ -188,6 +189,20 @@ stx-pkgbuilder/configmap/')
with open(localrc, "w") as wf:
wf.write(message)
# Update LAT configmap for patching
lat_configmap_dir = os.path.join(self.abs_helmchartdir,
'dependency_chart/stx-lat-tool/configmap/')
patch_env_sample = os.path.join(lat_configmap_dir, 'patch.env.sample')
patch_env = os.path.join(lat_configmap_dir, 'stx-patch-env.sh')
with open(patch_env_sample, "r") as rf:
message = rf.read()
message = message.replace("@PROJECT@", projectname)
message = message.replace("@MYUNAME@", builder_myuname)
with open(patch_env, "w") as wf:
wf.write(message)
# Copy stx-localrc file of builder container to pkgbuilder
cmd = 'cp -f %s %s' % (localrc, pkgbuilder_configmap_dir)
os.system(cmd)

View File

@ -0,0 +1,17 @@
# Patch environment variables
LOCALDISK="/localdisk"
export PROJECT=@PROJECT@
export MYUNAME=@MYUNAME@
export MY_BUILD_PKG_DIR=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/
export MY_WORKSPACE=${LOCALDISK}/loadbuild/$MYUNAME/$PROJECT/
export MY_LOCAL_DISK=${LOCALDISK}/designer/$MYUNAME
export MY_REPO_ROOT_DIR=$MY_LOCAL_DISK/$PROJECT
export MY_REPO=$MY_REPO_ROOT_DIR/cgcs-root
export MY_BUILD_TOOLS_DIR=$MY_REPO/build-tools
export PATCH_TOOLS=${MY_REPO}/stx/update/sw-patch/cgcs-patch/cgcs_make_patch
export STX_BUILD_HOME="/"
export DEPLOY_DIR=${LOCALDISK}/deploy
export PATH=$PATH:$MY_BUILD_TOOLS_DIR:/opt/LAT/SDK/sysroots/x86_64-wrlinuxsdk-linux/usr/bin

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.volumes.patchConfig.configMapName }}
data:
{{ (.Files.Glob "configmap/stx*").AsConfig | indent 2 }}

View File

@ -35,10 +35,13 @@ spec:
imagePullPolicy: {{ .Values.image.pullPolicy }}
tty: true
volumeMounts:
- name: {{ .Values.volumes.name }}
mountPath: {{ .Values.volumeMounts.mountPath }}
- name: {{ .Values.volumes.entropyname }}
mountPath: {{ .Values.volumeMounts.entropymountPath }}
- name: {{ .Values.volumeMounts.workspace.name }}
mountPath: {{ .Values.volumeMounts.workspace.mountPath }}
- name: {{ .Values.volumeMounts.entropy.name }}
mountPath: {{ .Values.volumeMounts.entropy.mountPath }}
- name: {{ .Values.volumeMounts.patchConfig.name }}
mountPath: {{ .Values.volumeMounts.patchConfig.mountPath }}
subPath: {{ .Values.volumeMounts.patchConfig.subPath }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
@ -47,12 +50,15 @@ spec:
{{- toYaml .Values.dnsConfig | nindent 8 }}
volumes:
- name: {{ .Values.volumes.name }}
- name: {{ .Values.volumes.workspace.name }}
hostPath:
path: {{ .Values.global.hostDir }}{{ .Values.volumes.hostPath.path }}
- name: {{ .Values.volumes.entropyname }}
path: {{ .Values.global.hostDir }}{{ .Values.volumes.workspace.hostPath.path }}
- name: {{ .Values.volumes.entropy.name }}
hostPath:
path: {{ .Values.volumes.entropyhostPath.path }}
path: {{ .Values.volumes.entropy.hostPath.path }}
- name: {{ .Values.volumes.patchConfig.name }}
configMap:
name: {{ .Values.volumes.patchConfig.configMapName }}
{{- with .Values.nodeSelector }}

View File

@ -12,18 +12,29 @@ image:
tag: "v0.1.0"
volumeMounts:
workspace:
name: latd-shared-workspace
mountPath: /localdisk
entropyname: entropy-device
entropymountPath: /dev/random
entropy:
name: entropy-device
mountPath: /dev/random
patchConfig:
name: patch-env
mountPath: /etc/profile.d/stx-patch-env.sh
subPath: stx-patch-env.sh
volumes:
workspace:
name: latd-shared-workspace
hostPath:
path: /localdisk
entropyname: entropydevice
entropyhostPath:
entropy:
name: entropy-device
hostPath:
path: /dev/urandom
patchConfig:
name: patch-env
configMapName: lat-patch
imagePullSecrets: []
nameOverride: ""