#!/usr/bin/env python3 import argparse, sys, shutil, os, hashlib sys.path.append(os.path.dirname(__file__) + '/lib') import tamarin, system, rkt def create_args_parser(): '''Return a new configured ArgumentParser''' profile_names = tamarin.get_available_profile_names() parser = argparse.ArgumentParser(description="Generate packages for various GNU/Linux distributions") # Define available/required arguments and flags parser.add_argument("project_directory", help="The path to your project to package") parser.add_argument("-o", "--output", help="The path to the generated packages destination directory", default=".") parser.add_argument("-p", "--profile", help="The profile to use to package this project (default: debian)", choices=profile_names, default='debian') parser.add_argument("-a", "--architecture", help="The target architecture for the package (default: amd64)", default='amd64') parser.add_argument("-b", "--base", help="Use the specified image instead of the profile's one", default='') parser.add_argument("--rebuild", help="Ignore cache and rebuild container's image", action="store_true", default=False) parser.add_argument("--debug", help="Will add extra output and start the container in interactive mode", action="store_true", default=False) return parser def download_and_extract_rkt(dest_dir, verbose=True): '''Download and extract rkt to the given destination directory''' rkt_archive_path = tamarin.download_rkt() system.extract_tar(rkt_archive_path, workspace_tmp) rkt_archive_dir = tamarin.get_rkt_achive_dest_dir() shutil.rmtree(local_rkt_dir, ignore_errors=True) os.rename(rkt_archive_dir, dest_dir) def download_and_extract_acbuild(dest_dir, verbose=True): '''Download and extract acbuild to the given destination directory''' acbuild_archive_path = tamarin.download_acbuild() system.extract_tar(acbuild_archive_path, workspace_tmp) acbuild_archive_dir = tamarin.get_acbuild_achive_dest_dir() shutil.rmtree(local_acbuild_dir, ignore_errors=True) os.rename(acbuild_archive_dir, dest_dir) def get_cached_image_path(profile): '''Compute and return the path for an hypothetic cached image for the given profile''' containerbuild_hooks = profile['containerbuild']['hooks'] hasher = hashlib.sha1() hasher.update(base_image.encode()) hasher.update(containerbuild_hooks.encode()) image_hash = hasher.hexdigest() cache_dir = tamarin.get_workspace_subdir('cache') return os.path.join(os.sep, cache_dir, '{:s}.aci'.format(image_hash[:12])); def build_image(build_workspace, aci_file, base_image, profile): acbuild_flags = ["--work-path", build_workspace] # Find and export base image from rkt' store name_pattern = base_image.split('/')[-1] + '$' image = rkt.find_image_by_name(name_pattern, rkt_flags=rkt_flags) rkt.export_image(image['id'], aci_file, rkt_flags=rkt_flags); # Build image tamarin.run_acbuild(acbuild_flags+["begin", aci_file]) tamarin.run_acbuild(acbuild_flags+["set-name", "image_{:d}".format(pid)]) tamarin.run_acbuild(acbuild_flags+["mount", "add", "src", "/src", "--read-only"]) tamarin.run_acbuild(acbuild_flags+["mount", "add", "dist", "/dist"]) tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-hooks", "/tamarin/hooks", "--read-only"]) tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-lib", "/tamarin/lib", "--read-only"]) tamarin.run_acbuild(acbuild_flags+["mount", "add", "tamarin-profiles", "/tamarin/profiles", "--read-only"]) # Configure "containerbuild" hooks environment hooks_env = os.environ.copy() hooks_env["PATH"] = os.environ['PATH'] + ':' + tamarin.get_workspace_subdir('acbuild') hooks_env["TAMARIN_ACBUILD"] = " ".join([system.which('acbuild', local_acbuild_dir)]+acbuild_flags) hooks_env["TAMARIN_ACBUILD_ENGINE"] = "chroot" if not system.which('systemctl') else "systemd-nspawn" # Run hooks tamarin.run_profile_hooks(profile, 'containerbuild', cwd=build_workspace, env=hooks_env) tamarin.run_acbuild(acbuild_flags+["write", "--overwrite", aci_file]) tamarin.run_acbuild(acbuild_flags+["end"]) return aci_file def cleanup(build_workspace, rkt_flags): # Nettoyage des conteneurs rkt.run([ "gc", "--grace-period=0" ] + rkt_flags, as_root=True) # Nettoyage des images obsolètes du store rkt.run([ "image", "gc" ] + rkt_flags, as_root=True) # Suppression de l'espace de travail de build shutil.rmtree(build_workspace, ignore_errors=True) def validate_args(args): '''TODO''' if __name__ == "__main__": parser = create_args_parser() args = parser.parse_args() validate_args(args) # Verify project directory project_dir = os.path.abspath(args.project_directory) output_dir = os.path.abspath(args.output) # Load build profile profile = tamarin.load_profile(args.profile) workspace = tamarin.get_workspace_dir() workspace_tmp = tamarin.get_workspace_subdir('tmp') local_rkt_dir = tamarin.get_workspace_subdir('rkt') if not system.which('rkt', local_rkt_dir): download_and_extract_rkt(local_rkt_dir) local_acbuild_dir = tamarin.get_workspace_subdir('acbuild') if not system.which('acbuild', local_acbuild_dir): download_and_extract_acbuild(local_acbuild_dir) pid = os.getpid() build_workspace = tamarin.get_workspace_subdir('tmp/build_{:d}'.format(pid)) rkt_store = tamarin.get_workspace_subdir('store') rkt_flags = ["--dir={:s}".format(rkt_store)] base_image = args.base if args.base != '' else profile['profile']['default_image'] # If the base image is Docker-based, download it if base_image.startswith('docker://'): rkt.run([ "fetch", "--insecure-options=image", base_image ] + rkt_flags) aci_file = os.path.join(os.sep, build_workspace, 'image.aci') cached_image_file = get_cached_image_path(profile) if not args.rebuild and os.path.exists(cached_image_file): # Copy cached image shutil.copyfile(cached_image_file, aci_file) else: build_image(build_workspace, aci_file, base_image, profile) # Cache image shutil.copyfile(aci_file, cached_image_file) # rkt run arguments rkt_args = [ "run", "--insecure-options=image", aci_file, "--net=host", "--volume=src,kind=host,source={:s}".format(project_dir), "--volume=dist,kind=host,source={:s}".format(output_dir), "--volume=tamarin-hooks,kind=host,source={:s}".format(tamarin.get_hooks_dir()), "--volume=tamarin-lib,kind=host,source={:s}".format(tamarin.get_lib_dir()), "--volume=tamarin-profiles,kind=host,source={:s}".format(tamarin.get_profiles_dir()) ] # Use environment proxy if defined for proxy_var in ['HTTP_PROXY', 'HTTPS_PROXY', 'http_proxy', 'https_proxy']: if proxy_var in os.environ: rkt_args += ["--set-env={:s}={:s}".format(proxy_var, os.environ[proxy_var])] if args.debug: rkt_args += ["--interactive", "--exec", "/bin/bash"] else: rkt_args += ["--exec", "/usr/bin/python3", "--", "/tamarin/lib/build.py", args.profile, args.architecture] # Start container rkt.run(rkt_flags+rkt_args, as_root=True) # Cleanup cleanup(build_workspace, rkt_flags)