aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2025-12-18 14:54:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
13f6418c46c65764eba2fda4e8a33d62c5ac852b
kata-containers/tools/osbuilder/rootfs-builder/ubuntu/config.sh
Jakob Naucke 13f6418c46 osbuilder: Build Skopeo, umoci, attestation-agent 
When the environment variable $SKOPEO_UMOCI is set to "yes", Skopeo and
umoci are built inside the guest build container and installed to the
guest rootfs. The respective build- and runtime dependencies are added.
This respects the (existing) $LIBC variable (gnu/musl) and avoids issues
with glibc mismatches.
This is currently only supported for Ubuntu guests, as the system Golang
packages included in the versions of other distros that we use are too
old to build these packages, and re-enabling installing Golang from
golang.org is cumbersome, given especially that it is unclear how long
we will keep using Skopeo and umoci.

Additionally, when the environment variable $AA_KBC is set,
attestation-agent (with that KBC) is included.

This replaces some logic in ccv0.sh that is removed.

Fixes: #2907
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2021-11-09 18:04:21 +01:00

36 lines
1.1 KiB
Bash
Raw Blame History

# This is a configuration file add extra variables to
#
# Copyright (c) 2018 Yash Jain
#
# SPDX-License-Identifier: Apache-2.0
# be used by build_rootfs() from rootfs_lib.sh the variables will be
# loaded just before call the function. For more information see the
# rootfs-builder/README.md file.
OS_VERSION=${OS_VERSION:-20.04}
# This should be Ubuntu's code name, e.g. "focal" (Focal Fossa) for 20.04
OS_NAME=${OS_NAME:-"focal"}
# packages to be installed by default
PACKAGES="systemd iptables init kmod"
EXTRA_PKGS+=" chrony"
DEBOOTSTRAP=${PACKAGE_MANAGER:-"debootstrap"}
case $(uname -m) in
x86_64) ARCHITECTURE="amd64";;
ppc64le) ARCHITECTURE="ppc64el";;
aarch64) ARCHITECTURE="arm64";;
s390x) ARCHITECTURE="s390x";;
(*) die "$(uname -m) not supported "
esac
# Init process must be one of {systemd,kata-agent}
INIT_PROCESS=systemd
# List of zero or more architectures to exclude from build,
# as reported by `uname -m`
ARCH_EXCLUDE_LIST=()
[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp2" || true
[ -n "$SKOPEO_UMOCI" ] && PACKAGES+=" ca-certificates libgpgme11" || true
Reference in New Issue View Git Blame Copy Permalink