From f9244a8fcefd0ebb79b3ed171d511e6f3eac4a6c Mon Sep 17 00:00:00 2001 From: gecong1973 Date: Fri, 18 Nov 2016 10:48:05 +0800 Subject: [PATCH 1/6] Fix a typo TrivialFix Change-Id: Iebe82e616eed2d9b9a99a9714230d480adbd055b --- elements/element-manifest/README.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/elements/element-manifest/README.rst b/elements/element-manifest/README.rst index 3ed20128..69e62216 100644 --- a/elements/element-manifest/README.rst +++ b/elements/element-manifest/README.rst @@ -3,6 +3,6 @@ element-manifest ================ Writes a manifest file that is the full list of elements that were used to -build the image. The file path can be overriden by setting +build the image. The file path can be overridden by setting $DIB\_ELEMENT\_MANIFEST\_PATH, and defaults to /etc/dib-manifests/element-manifest. From d84df6034522c1bcbc56fc5faff29dc548d58402 Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Thu, 20 Oct 2016 18:53:30 +0100 Subject: [PATCH 2/6] elements: pip-and-virtualenv: Add python-xml dependency SUSE packages the 'xml' python module as a separate package so make sure it's pulled in before we attempt to install the pip module since the latter depends on it. Fixes the following problem when building with the opensuse-minimal and pip-and-virtualenv elements: Traceback (most recent call last): File "/tmp/get-pip.py", line 19177, in main() File "/tmp/get-pip.py", line 194, in main bootstrap(tmpdir=tmpdir) File "/tmp/get-pip.py", line 82, in bootstrap import pip File "/tmp/tmpOiESjX/pip.zip/pip/__init__.py", line 16, in File "/tmp/tmpOiESjX/pip.zip/pip/vcs/subversion.py", line 9, in File "/tmp/tmpOiESjX/pip.zip/pip/index.py", line 32, in File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/__init__.py", line 16, in File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/html5parser.py", line 6, in File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/inputstream.py", line 10, in File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/utils.py", line 10, in ImportError: No module named xml.etree.ElementTree Change-Id: I1bec12dfcde05fb07f41bcec994148c3eacbb287 --- elements/pip-and-virtualenv/package-installs.yaml | 4 ++++ elements/pip-and-virtualenv/pkg-map | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/elements/pip-and-virtualenv/package-installs.yaml b/elements/pip-and-virtualenv/package-installs.yaml index 85c7f0eb..6d38d160 100644 --- a/elements/pip-and-virtualenv/package-installs.yaml +++ b/elements/pip-and-virtualenv/package-installs.yaml @@ -1,3 +1,7 @@ +# This package is only valid for SUSE and we need to pull it in +# early enough because pip depends on it. +python-xml: + phase: pre-install.d python-pip: installtype: package python-virtualenv: diff --git a/elements/pip-and-virtualenv/pkg-map b/elements/pip-and-virtualenv/pkg-map index 668d9517..508fd004 100644 --- a/elements/pip-and-virtualenv/pkg-map +++ b/elements/pip-and-virtualenv/pkg-map @@ -3,6 +3,12 @@ "gentoo": { "python-pip": "dev-python/pip", "python-virtualenv": "dev-python/virtualenv" + }, + "suse" : { + "python-xml": "python-xml" } + }, + "default": { + "python-xml": "" } } From bc6be8542417dee4d20b12685106c0ce46ec2fb3 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Wed, 23 Nov 2016 14:09:44 +1100 Subject: [PATCH 3/6] Trace package install in package-installs-v2 When running the package install, trace the output so we can see what packages were installed. Change-Id: I5442f544ff0ef3ddffdbe6b898d178548d699a41 --- .../package-installs/bin/package-installs-v2 | 41 +++++++++++-------- 1 file changed, 24 insertions(+), 17 deletions(-) diff --git a/elements/package-installs/bin/package-installs-v2 b/elements/package-installs/bin/package-installs-v2 index b4a4d0d8..305e2a66 100755 --- a/elements/package-installs/bin/package-installs-v2 +++ b/elements/package-installs/bin/package-installs-v2 @@ -20,20 +20,28 @@ import subprocess import sys -def process_output(cmdline): - # Try to execute subprocess.check_output(), which is available - # in Python 2.7+, gracefully falling back to subprocess.Popen - # in older Python versions. - try: - return subprocess.check_output(cmdline).decode(encoding='utf-8') - except AttributeError: - proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE) - out = proc.communicate()[0] - if proc.returncode: - e = subprocess.CalledProcessError(proc.returncode, cmdline) - e.output = out - raise e - return out +# run a command, return output +# if follow is set, output will be echoed to stdout +def process_output(cmdline, follow=False): + proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE) + if follow: + print("Running command: %s" % cmdline) + out = "" + with proc.stdout: + for line in iter(proc.stdout.readline, b''): + out += line.decode('utf-8') + print("> %s" % line.strip()) + proc.wait() + print("> -- done") + else: + out = proc.communicate()[0].decode('utf-8') + + if proc.returncode: + e = subprocess.CalledProcessError(proc.returncode, cmdline) + e.output = out + raise e + + return out def main(): @@ -69,8 +77,7 @@ def main(): pkg_map_args = ['pkg-map', '--missing-ok', '--element', element, pkg] try: - map_output = process_output( - pkg_map_args) + map_output = process_output(pkg_map_args) pkgs.extend(map_output.strip().split('\n')) except subprocess.CalledProcessError as e: if e.returncode == 1: @@ -93,7 +100,7 @@ def main(): print(" ".join(install_args)) else: try: - process_output(install_args) + process_output(install_args, follow=True) except subprocess.CalledProcessError as e: print("install failed with error %s" % e.output) sys.exit(1) From 35e878b6d9b7d7ba9414a12058250f420d11c139 Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Tue, 29 Nov 2016 16:09:40 +0000 Subject: [PATCH 4/6] elements: zypper-minimal: Add ca-certificates-mozilla package It's important to have the CA certificates on the target for ssl crypto apps to work. Plus it's also important during bootstrapping with diskimage-builder as tools like 'pip' etc need the certificates in place in order to work properly. This fixes opensuse-minimal image generation with the 'simple-init' element which was causing the following error: Download error on https://pypi.python.org/simple/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590) Change-Id: Ie94cd3556f8ae523f60ce0155ba18ed752e6fbb6 --- elements/zypper-minimal/package-installs.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/elements/zypper-minimal/package-installs.yaml b/elements/zypper-minimal/package-installs.yaml index d2ccc160..b80baaef 100644 --- a/elements/zypper-minimal/package-installs.yaml +++ b/elements/zypper-minimal/package-installs.yaml @@ -4,6 +4,7 @@ linux-image-generic: # as dependencies but that may change so lets # be explicit. bash: +ca-certificates-mozilla: lsb-release: openssl: sed: From 22952b7ea0543bb4f446752976d1d8ba232b021a Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Mon, 21 Nov 2016 10:15:09 -0500 Subject: [PATCH 5/6] Improve checksum performance for images Do md5 and sha256 in parallel to speed things up for larger images. Change-Id: Ib782fe54e4286ba2749a7ab7247f5d41a887a370 Signed-off-by: Paul Belanger --- lib/common-functions | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/common-functions b/lib/common-functions index 25452586..7ef56d81 100644 --- a/lib/common-functions +++ b/lib/common-functions @@ -61,8 +61,9 @@ function finish_image () { mv $OUT_IMAGE_PATH $1 if [ "$DIB_CHECKSUM" == "1" ]; then - md5sum $1 > $1.md5 - sha256sum $1 > $1.sha256 + # NOTE(pabelanger): Read image into memory once and generate both checksum + # files. + md5sum $1 > $1.md5 & sha256sum $1 > $1.sha256 & wait fi echo "Image file $1 created..." } From 45df304d488a0309fb981a4964238b81a370c358 Mon Sep 17 00:00:00 2001 From: Gregory Haynes Date: Tue, 1 Nov 2016 10:38:20 -0700 Subject: [PATCH 6/6] Perform package install outside of debootstrap Debootstrap only supports one apt repository to install packages from. As a result, we do not consider the updates repo during debootstrap causing us install a second kernel when we do an apt-get dist-upgrade during build. Lets use debootstrap to get us a minimal chroot, then add our repos and install the correct packages from the start. We also have to reorder the dpkg root.d scripts which configure apt so they run before we perform our package installs. Change-Id: I6a592db6f0a01d3b19d8e0786e63f1315a1ef647 Closes-Bug: #1637516 --- elements/debian-minimal/package-installs.yaml | 4 ++ .../75-debian-minimal-baseinstall} | 22 +++++---- elements/debootstrap/root.d/08-debootstrap | 18 +------- ...translations => 50-block-apt-translations} | 0 .../{99-block-daemons => 50-block-daemons} | 0 ...9-shared_apt_cache => 50-shared-apt-cache} | 0 .../root.d/{99-trim-dpkg => 50-trim-dpkg} | 0 elements/ubuntu-minimal/element-deps | 1 + elements/ubuntu-minimal/package-installs.yaml | 1 + .../root.d/75-ubuntu-minimal-baseinstall | 46 +++++++++++++++++++ ...-outside-debootstrap-ac93e9ce991819f1.yaml | 5 ++ 11 files changed, 72 insertions(+), 25 deletions(-) rename elements/debian-minimal/{pre-install.d/02-debian-apt-update => root.d/75-debian-minimal-baseinstall} (75%) rename elements/dpkg/root.d/{60-block-apt-translations => 50-block-apt-translations} (100%) rename elements/dpkg/root.d/{99-block-daemons => 50-block-daemons} (100%) rename elements/dpkg/root.d/{99-shared_apt_cache => 50-shared-apt-cache} (100%) rename elements/dpkg/root.d/{99-trim-dpkg => 50-trim-dpkg} (100%) create mode 100644 elements/ubuntu-minimal/package-installs.yaml create mode 100755 elements/ubuntu-minimal/root.d/75-ubuntu-minimal-baseinstall create mode 100644 releasenotes/notes/package-outside-debootstrap-ac93e9ce991819f1.yaml diff --git a/elements/debian-minimal/package-installs.yaml b/elements/debian-minimal/package-installs.yaml index d86cad09..9e08e6a5 100644 --- a/elements/debian-minimal/package-installs.yaml +++ b/elements/debian-minimal/package-installs.yaml @@ -1,2 +1,6 @@ +linux-image-amd64: + arch: amd64 +linux-image-686: + arch: i386 systemd: systemd-sysv: diff --git a/elements/debian-minimal/pre-install.d/02-debian-apt-update b/elements/debian-minimal/root.d/75-debian-minimal-baseinstall similarity index 75% rename from elements/debian-minimal/pre-install.d/02-debian-apt-update rename to elements/debian-minimal/root.d/75-debian-minimal-baseinstall index bacb1129..f12774d1 100755 --- a/elements/debian-minimal/pre-install.d/02-debian-apt-update +++ b/elements/debian-minimal/root.d/75-debian-minimal-baseinstall @@ -15,10 +15,6 @@ # # See the License for the specific language governing permissions and # limitations under the License. -# -# The filename needs to be 02-...: because the install-package script -# is installed in the dpkg/pre-install/01-dpkg and that has to be executed -# first. if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then set -x @@ -34,20 +30,28 @@ set -o pipefail function apt_sources_write { local APT_SOURCES_CONF="$1" - mkdir -p /etc/apt/sources.list.d + sudo mkdir -p $TARGET_ROOT/etc/apt/sources.list.d echo "${APT_SOURCES_CONF}" \ | while read line; do local name=$(echo ${line} | cut -d ":" -f 1) local value=$(echo ${line} | cut -d ":" -f 2-) - echo "$value" >>/etc/apt/sources.list.d/${name}.list + echo "$value" | sudo tee $TARGET_ROOT/etc/apt/sources.list.d/${name}.list done } +sudo mount -t proc none $TARGET_ROOT/proc +sudo mount -t sysfs none $TARGET_ROOT/sys +trap "sudo umount $TARGET_ROOT/proc; sudo umount $TARGET_ROOT/sys" EXIT + +apt_get="sudo chroot $TARGET_ROOT /usr/bin/apt-get" + apt_sources_write "${DIB_APT_SOURCES_CONF}" # Need to update to retrieve the signed Release file -apt-get update +$apt_get update -apt-get clean -install-packages -u +$apt_get clean +$apt_get dist-upgrade -y + +$apt_get install -y busybox python sudo diff --git a/elements/debootstrap/root.d/08-debootstrap b/elements/debootstrap/root.d/08-debootstrap index 8af7a91e..36aa40ac 100755 --- a/elements/debootstrap/root.d/08-debootstrap +++ b/elements/debootstrap/root.d/08-debootstrap @@ -28,23 +28,9 @@ fi [ -n "$DIB_RELEASE" ] [ -n "$DIB_DISTRIBUTION_MIRROR" ] -if [ $DISTRO_NAME = 'ubuntu' ] ; then - KERNEL='generic' -else - case $ARCH in - amd64) KERNEL='amd64' ;; - i386) KERNEL='686' ;; - arm7) - [ -n "$DIB_ARM_KERNEL" ] - KERNEL="$DIB_ARM_KERNEL" - ;; - esac -fi -KERNEL_PACKAGE="linux-image-$KERNEL" - DIB_DEBIAN_COMPONENTS=${DIB_DEBIAN_COMPONENTS:-main} DIB_DEBOOTSTRAP_EXTRA_ARGS=${DIB_DEBOOTSTRAP_EXTRA_ARGS:-} -DEBOOTSTRAP_TARBALL=$DIB_IMAGE_CACHE/debootstrap-${DISTRO_NAME}-${DIB_RELEASE}-${ARCH}-${KERNEL}.tar.gz +DEBOOTSTRAP_TARBALL=$DIB_IMAGE_CACHE/debootstrap-${DISTRO_NAME}-${DIB_RELEASE}-${ARCH}.tar.gz http_proxy=${http_proxy:-} no_proxy=${no_proxy:-} @@ -63,7 +49,6 @@ else # Have to --include=busybox because initramfs needs it sudo sh -c "http_proxy=$http_proxy no_proxy=$no_proxy debootstrap --verbose \ --variant=minbase \ - --include=python,sudo,busybox,$KERNEL_PACKAGE \ --components=${DIB_DEBIAN_COMPONENTS} \ --arch=${ARCH} \ $KEYRING_OPT \ @@ -79,6 +64,7 @@ else sudo rm -fr ${TARGET_ROOT}/etc/apt/sources.list \ ${TARGET_ROOT}/etc/apt/sources.list.d + echo Caching debootstrap result in $DEBOOTSTRAP_TARBALL if [ "${DIB_DEBOOTSTRAP_CACHE:-0}" != "0" ]; then sudo tar --numeric-owner -C $TARGET_ROOT -zcf $DEBOOTSTRAP_TARBALL --exclude='./tmp/*' . diff --git a/elements/dpkg/root.d/60-block-apt-translations b/elements/dpkg/root.d/50-block-apt-translations similarity index 100% rename from elements/dpkg/root.d/60-block-apt-translations rename to elements/dpkg/root.d/50-block-apt-translations diff --git a/elements/dpkg/root.d/99-block-daemons b/elements/dpkg/root.d/50-block-daemons similarity index 100% rename from elements/dpkg/root.d/99-block-daemons rename to elements/dpkg/root.d/50-block-daemons diff --git a/elements/dpkg/root.d/99-shared_apt_cache b/elements/dpkg/root.d/50-shared-apt-cache similarity index 100% rename from elements/dpkg/root.d/99-shared_apt_cache rename to elements/dpkg/root.d/50-shared-apt-cache diff --git a/elements/dpkg/root.d/99-trim-dpkg b/elements/dpkg/root.d/50-trim-dpkg similarity index 100% rename from elements/dpkg/root.d/99-trim-dpkg rename to elements/dpkg/root.d/50-trim-dpkg diff --git a/elements/ubuntu-minimal/element-deps b/elements/ubuntu-minimal/element-deps index cba86060..e078fde1 100644 --- a/elements/ubuntu-minimal/element-deps +++ b/elements/ubuntu-minimal/element-deps @@ -1 +1,2 @@ debootstrap +package-installs diff --git a/elements/ubuntu-minimal/package-installs.yaml b/elements/ubuntu-minimal/package-installs.yaml new file mode 100644 index 00000000..83f64fcc --- /dev/null +++ b/elements/ubuntu-minimal/package-installs.yaml @@ -0,0 +1 @@ +linux-image-generic: diff --git a/elements/ubuntu-minimal/root.d/75-ubuntu-minimal-baseinstall b/elements/ubuntu-minimal/root.d/75-ubuntu-minimal-baseinstall new file mode 100755 index 00000000..6e6de8a0 --- /dev/null +++ b/elements/ubuntu-minimal/root.d/75-ubuntu-minimal-baseinstall @@ -0,0 +1,46 @@ +#!/bin/bash +# Copyright (c) 2014 Hewlett-Packard Development Company, L.P. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# +# See the License for the specific language governing permissions and +# limitations under the License. + +if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then + set -x +fi +set -eu +set -o pipefail + +DIB_DISTRIBUTION_MIRROR=${DIB_DISTRIBUTION_MIRROR:-http://archive.ubuntu.com/ubuntu} + +# We should manage this in a betterer way +sudo bash -c "cat << EOF >$TARGET_ROOT/etc/apt/sources.list +deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE main restricted universe +deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE-updates main restricted universe +deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE-backports main restricted universe +deb $DIB_DISTRIBUTION_MIRROR $DIB_RELEASE-security main restricted universe +EOF" + +sudo mount -t proc none $TARGET_ROOT/proc +sudo mount -t sysfs none $TARGET_ROOT/sys +trap "sudo umount $TARGET_ROOT/proc; sudo umount $TARGET_ROOT/sys" EXIT + +apt_get="sudo chroot $TARGET_ROOT /usr/bin/apt-get" # dib-lint: safe_sudo + +# Need to update to retrieve the signed Release file +$apt_get update + +$apt_get clean +$apt_get dist-upgrade -y + +$apt_get install -y busybox python sudo diff --git a/releasenotes/notes/package-outside-debootstrap-ac93e9ce991819f1.yaml b/releasenotes/notes/package-outside-debootstrap-ac93e9ce991819f1.yaml new file mode 100644 index 00000000..fc877b85 --- /dev/null +++ b/releasenotes/notes/package-outside-debootstrap-ac93e9ce991819f1.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - The `debian-minimal` and and `ubuntu-minimal` elements now install + directly from the updates repo, avoiding the need to + double-install packages during build.