davidlt/fedora-kiwi-descriptions
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow isolated build via kiwi's boxbuild

Browse Source 
The kiwi boxbuild plugin allows to build the image as normal user
inside of a KVM box. The boxes are provided by the plugin and
fetched once or on update. This is useful to decouple the build
from host operating system requirements. The calling user must
have permissions to run KVM instances. Also see:
https://osinside.github.io/kiwi/plugins/self_contained.html
for setting up the sshfs sharing backend
This commit is contained in:
Marcus Schäfer 2024-05-31 13:30:42 +02:00
parent 7ddf908a6f
commit 818914d495
No known key found for this signature in database
GPG Key ID: A16C1128698C8CAC
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
kiwi-build
View File

@ -8,16 +8,18 @@ set -eu -o pipefail
kiwibuildsh="$(basename "$0")"
usage() {
echo >&2 "usage: $kiwibuildsh [--kiwi-description-dir=DIR] --output-dir=DIR --image-type=TYPE --image-profile=PROFILE [--debug]"
echo >&2 " eg: $kiwibuildsh --kiwi-description-dir=/var/tmp/desc --output-dir=/var/tmp/work --image-type=oem --image-profile=cloud --debug"
echo >&2 " eg: $kiwibuildsh --output-dir=/var/tmp/work --image-type=oem --image-profile=cloud"
echo >&2 "usage: $kiwibuildsh [--kiwi-description-dir=DIR] [--isolated] --output-dir=DIR --image-type=TYPE --image-profile=PROFILE [--debug]"
echo >&2 " eg: $kiwibuildsh --kiwi-description-dir=/var/tmp/desc --output-dir=/var/tmp/work --image-type=oem --image-profile=Cloud-Base-Generic --debug"
echo >&2 " eg: $kiwibuildsh --output-dir=/var/tmp/work --image-type=oem --image-profile=Cloud-Base-Generic"
echo >&2 " eg: $kiwibuildsh --isolated --output-dir=/var/tmp/work --image-type=oem --image-profile=Cloud-Base-Generic"
exit 255
}
optTemp=$(getopt --options '+k:,o:,t:,p:,d,h' --longoptions 'kiwi-description-dir:,output-dir:,image-type:,image-profile:,debug,help' --name "$kiwibuildsh" -- "$@")
optTemp=$(getopt --options '+k:,i,o:,t:,p:,d,h' --longoptions 'isolated,kiwi-description-dir:,output-dir:,image-type:,image-profile:,debug,help' --name "$kiwibuildsh" -- "$@")
eval set -- "$optTemp"
unset optTemp
kiwi_isolated=
kiwi_description_dir="./"
output_dir=
image_type=
@ -26,6 +28,7 @@ debug=
while true; do
case "$1" in
-i|--isolated) kiwi_isolated=1; shift ;;
-k|--kiwi-description-dir) kiwi_description_dir="$2" ; shift 2 ;;
-o|--output-dir) output_dir="$2" ; shift 2 ;;
-t|--image-type) image_type="$2" ; shift 2 ;;
@ -41,7 +44,7 @@ if [ -z "$output_dir" ] || [ -z "$image_type" ] || [ -z "$image_profile" ]; then
usage
fi
if [ -e "/sys/fs/selinux/enforce" ]; then
if [ ! ${kiwi_isolated} ] && [ -e "/sys/fs/selinux/enforce" ]; then
# Disable SELinux enforcement during the image build if it's enforcing
selinux_enforcing="$(cat /sys/fs/selinux/enforce)"
if [ "$selinux_enforcing" = "1" ]; then
@ -50,11 +53,15 @@ if [ -e "/sys/fs/selinux/enforce" ]; then
fi
set +e
if [ ! ${kiwi_isolated} ]; then
kiwi-ng ${debug} --type="${image_type}" --profile="${image_profile}" --color-output system build --description "${kiwi_description_dir}" --target-dir "${output_dir}"
else
kiwi-ng ${debug} --type="${image_type}" --profile="${image_profile}" --color-output system boxbuild --box universal --sshfs-sharing -- --description "${kiwi_description_dir}" --target-dir "${output_dir}"
fi
kiwi_status=$?
set -e
if [ -e "/sys/fs/selinux/enforce" ]; then
if [ ! ${kiwi_isolated} ] && [ -e "/sys/fs/selinux/enforce" ]; then
# Re-enable SELinux enforcement now that image build is done
if [ "$selinux_enforcing" = "1" ]; then
setenforce 1