From 6a3710055b7abd81921240976bd6f085dfacce69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Tue, 25 Oct 2022 20:35:45 +0200 Subject: [PATCH] initramfs: Build dependencies as part of the Dockerfile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This will help to not have to build those on every CI run, and rather take advantage of the cached image. Fixes: #7084 Signed-off-by: Fabiano FidĂȘncio (cherry picked from commit c720869eefd7ff0555d7092db87f327a174f138d) --- .../static-build/initramfs/Dockerfile | 36 ++++++++++++++++- .../static-build/initramfs/build-initramfs.sh | 40 ------------------- .../packaging/static-build/initramfs/build.sh | 8 ++-- 3 files changed, 39 insertions(+), 45 deletions(-) diff --git a/tools/packaging/static-build/initramfs/Dockerfile b/tools/packaging/static-build/initramfs/Dockerfile index 3ebe0f347..9ba6968c2 100644 --- a/tools/packaging/static-build/initramfs/Dockerfile +++ b/tools/packaging/static-build/initramfs/Dockerfile @@ -4,6 +4,13 @@ from ubuntu:20.04 ARG DEBIAN_FRONTEND=noninteractive +ARG cryptsetup_repo=${cryptsetup_repo} +ARG cryptsetup_version=${cryptsetup_version} +ARG lvm2_repo=${lvm2_repo} +ARG lvm2_version=${lvm2_version} + +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + ENV TZ=UTC RUN apt-get update &&\ apt-get --no-install-recommends install -y software-properties-common &&\ @@ -35,4 +42,31 @@ RUN apt-get update &&\ libseccomp-dev \ libseccomp2 \ zlib1g-dev &&\ - apt-get clean && rm -rf /var/lib/apt/lists/ + apt-get clean && rm -rf /var/lib/apt/lists/ && \ + build_root=$(mktemp -d) && \ + pushd ${build_root} && \ + echo "Build ${lvm2_repo} version: ${lvm2_version}" && \ + git clone --depth 1 --branch "${lvm2_version}" "${lvm2_repo}" lvm2 && \ + pushd lvm2 && \ + ./configure --enable-static_link --disable-selinux && \ + make && make install && \ + cp ./libdm/libdevmapper.pc /usr/lib/pkgconfig/devmapper.pc && \ + popd && \ + echo "Build ${cryptsetup_repo} version: ${cryptsetup_version}" && \ + git clone --depth 1 --branch "${cryptsetup_version}" "${cryptsetup_repo}" cryptsetup && \ + pushd cryptsetup && \ + ./autogen.sh && \ + ./configure --enable-static --enable-static-cryptsetup --disable-udev --disable-external-tokens --disable-ssh-token && \ + make && make install && \ + strip /usr/sbin/veritysetup.static && \ + popd && \ + echo "Build gen_init_cpio tool" && \ + git clone --depth 1 --filter=blob:none --sparse https://github.com/torvalds/linux.git && \ + pushd linux && \ + git sparse-checkout add usr && cd usr && make gen_init_cpio && \ + install gen_init_cpio /usr/sbin/ && \ + popd && \ + popd && \ + rm -rf ${build_root} + +COPY init.sh /usr/sbin/init.sh diff --git a/tools/packaging/static-build/initramfs/build-initramfs.sh b/tools/packaging/static-build/initramfs/build-initramfs.sh index a011e9822..4fa370d12 100755 --- a/tools/packaging/static-build/initramfs/build-initramfs.sh +++ b/tools/packaging/static-build/initramfs/build-initramfs.sh @@ -12,44 +12,4 @@ script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "${script_dir}/../../scripts/lib.sh" install_dir="${1:-.}" -cryptsetup_repo="${cryptsetup_repo:-}" -cryptsetup_version="${cryptsetup_version:-}" -lvm2_repo="${lvm2_repo:-}" -lvm2_version="${lvm2_version:-}" - -[ -n "${cryptsetup_repo}" ] || die "Failed to get cryptsetup repo" -[ -n "${cryptsetup_version}" ] || die "Failed to get cryptsetup version" -[ -n "${lvm2_repo}" ] || die "Failed to get lvm2 repo" -[ -n "${lvm2_version}" ] || die "Failed to get lvm2 version" - -build_root=$(mktemp -d) -pushd ${build_root} - -info "Build ${lvm2_repo} version: ${lvm2_version}" -git clone --depth 1 --branch "${lvm2_version}" "${lvm2_repo}" lvm2 -pushd lvm2 -./configure --enable-static_link --disable-selinux -make && make install -cp ./libdm/libdevmapper.pc /usr/lib/pkgconfig/devmapper.pc -popd #lvm2 - -info "Build ${cryptsetup_repo} version: ${cryptsetup_version}" -git clone --depth 1 --branch "${cryptsetup_version}" "${cryptsetup_repo}" cryptsetup -pushd cryptsetup -./autogen.sh -./configure --enable-static --enable-static-cryptsetup --disable-udev --disable-external-tokens --disable-ssh-token -make && make install -strip /usr/sbin/veritysetup.static -popd #cryptsetup - -info "Build gen_init_cpio tool" -git clone --depth 1 --filter=blob:none --sparse https://github.com/torvalds/linux.git -pushd linux -git sparse-checkout add usr && cd usr && make gen_init_cpio -install gen_init_cpio /usr/sbin/ -popd #linux - -popd #${build_root} - -install "${script_dir}/init.sh" /usr/sbin/ gen_init_cpio "${script_dir}/initramfs.list" | gzip -9 -n > "${install_dir}"/initramfs.cpio.gz diff --git a/tools/packaging/static-build/initramfs/build.sh b/tools/packaging/static-build/initramfs/build.sh index fce2a5fce..34b8c1bd1 100755 --- a/tools/packaging/static-build/initramfs/build.sh +++ b/tools/packaging/static-build/initramfs/build.sh @@ -35,15 +35,15 @@ package_output_dir="${package_output_dir:-}" container_image="${BUILDER_REGISTRY}:initramfs-cryptsetup-${cryptsetup_version}-lvm2-${lvm2_version}-$(get_last_modification ${repo_root_dir} ${script_dir})" sudo docker pull ${container_image} || (sudo docker build \ + --build-arg cryptsetup_repo="${cryptsetup_repo}" \ + --build-arg cryptsetup_version="${cryptsetup_version}" \ + --build-arg lvm2_repo="${lvm2_repo}" \ + --build-arg lvm2_version="${lvm2_version}" \ -t "${container_image}" "${script_dir}" && \ # No-op unless PUSH_TO_REGISTRY is exported as "yes" push_to_registry "${container_image}") sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \ -w "${PWD}" \ - --env cryptsetup_repo="${cryptsetup_repo}" \ - --env cryptsetup_version="${cryptsetup_version}" \ - --env lvm2_repo="${lvm2_repo}" \ - --env lvm2_version="${lvm2_version}" \ "${container_image}" \ bash -c "${initramfs_builder} ${default_install_dir}"