diff --git a/src/bci_build/package/__init__.py b/src/bci_build/package/__init__.py index 62a4f8257..edecb66a9 100755 --- a/src/bci_build/package/__init__.py +++ b/src/bci_build/package/__init__.py @@ -1422,6 +1422,7 @@ def generate_disk_size_constraints(size_gb: int) -> str: from .appcontainers import MARIADB_CLIENT_CONTAINERS # noqa: E402 from .appcontainers import MARIADB_CONTAINERS # noqa: E402 from .appcontainers import NGINX_CONTAINERS # noqa: E402 +from .appcontainers import OSC_CONTAINER # noqa: E402 from .appcontainers import PCP_CONTAINERS # noqa: E402 from .appcontainers import POSTGRES_CONTAINERS # noqa: E402 from .appcontainers import PROMETHEUS_CONTAINERS # noqa: E402 @@ -1488,6 +1489,7 @@ def generate_disk_size_constraints(size_gb: int) -> str: GITEA_RUNNER_CONTAINER, *TOMCAT_CONTAINERS, *GCC_CONTAINERS, + OSC_CONTAINER, ) } diff --git a/src/bci_build/package/appcontainers.py b/src/bci_build/package/appcontainers.py index c21bd25c3..d052e6e87 100644 --- a/src/bci_build/package/appcontainers.py +++ b/src/bci_build/package/appcontainers.py @@ -18,6 +18,7 @@ from bci_build.package import SupportLevel from bci_build.package import _build_tag_prefix from bci_build.package import generate_disk_size_constraints +from bci_build.package.basecontainers import _get_os_container_package_names _PCP_FILES = {} for filename in ( @@ -808,3 +809,74 @@ def _get_nginx_kwargs(os_version: OsVersion): ) for tomcat_major, os_version in product(_TOMCAT_VERSIONS, ALL_BASE_OS_VERSIONS) ] + +_BASE_PODMAN_OSC_CMD = ( + "podman run --rm -it " + + "-v $HOME/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z " + + "-v $HOME/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z" +) + +OSC_CONTAINER = ApplicationStackContainer( + name="osc", + pretty_name="Packaging", + package_name="packaging-image", + os_version=OsVersion.TUMBLEWEED, + is_latest=True, + version_in_uid=False, + version="%%osc_version%%", + replacements_via_service=[ + Replacement(regex_in_build_description="%%osc_version%%", package_name="osc") + ], + extra_files={ + "entrypoint.sh": (Path(__file__).parent / "osc" / "entrypoint.sh").read_bytes() + }, + extra_labels={ + "run": f"{_BASE_PODMAN_OSC_CMD} IMAGE", + "runcwd": f"{_BASE_PODMAN_OSC_CMD} -v .:/root/osc-workdir:z IMAGE", + }, + package_list=[ + "osc", + "obs-service-appimage", + "obs-service-cargo", + "obs-service-cdi_containers_meta", + "obs-service-compose_kiwi_description", + "obs-service-docker_label_helper", + "obs-service-download_assets", + "obs-service-download_files", + "obs-service-download_url", + "obs-service-extract_file", + "obs-service-format_spec_file", + "obs-service-go_modules", + "obs-service-kiwi_label_helper", + "obs-service-kiwi_metainfo_helper", + "obs-service-kubevirt_containers_meta", + "obs-service-node_modules", + "obs-service-obs_scm", + "cpio", + "obs-service-product_converter", + "obs-service-recompress", + "obs-service-refresh_patches", + "obs-service-replace_using_env", + "obs-service-replace_using_package_version", + "obs-service-set_version", + "obs-service-snapcraft", + "obs-service-source_validator", + "obs-service-tar", + "obs-service-tar_scm", + "obs-service-verify_file", + *_get_os_container_package_names(OsVersion.TUMBLEWEED), + "git", + "openssh-common", + "openssh-clients", + ], + cmd=["/bin/bash"], + custom_end="""WORKDIR /root/osc-workdir +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod +x /usr/local/bin/entrypoint.sh +""", + entrypoint=["/usr/local/bin/entrypoint.sh"], + volumes=[ + # default location of the build root & package cache + "/var/tmp" + ], +) diff --git a/src/bci_build/package/osc/README.md.j2 b/src/bci_build/package/osc/README.md.j2 new file mode 100644 index 000000000..60dafae02 --- /dev/null +++ b/src/bci_build/package/osc/README.md.j2 @@ -0,0 +1,61 @@ +# Packaging Container + +This is the openSUSE packaging container image, it includes all the necessary +software to create and modify packages on the [Open Build +Service](https://build.opensuse.org/) using +[osc](https://github.com/openSUSE/osc/). + + +## How to use this container image + +This container image is intended for interactive usage with your `.oscrc` and +the osc cookiejar mounted into the container: + +```ShellSession +# podman run --rm -it \ + -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \ + -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:rw,z \ + {{ image.reference }} +``` + +The above command launches an interactive shell where your local osc config will +be used. You can then proceed to checkout packages, perform modifications and +send submissions to OBS. + +To work on an already checked out package, mount the current working directory +as well: + +```ShellSession +# podman run --rm -it \ + -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \ + -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \ + -v .:/root/osc-workdir:z \ + {{ image.reference }} +``` + +### Connecting to build.suse.de + +build.suse.de uses a ssh based authentication and thus requires additional +resources to be available in the container: + +```ShellSession +# podman run --rm -it \ + -v ~/.config/osc/oscrc:/root/.config/osc/oscrc:ro,z \ + -v ~/.local/state/osc/cookiejar:/root/.local/state/osc/cookiejar:z \ + -v /etc/ssl/ca-bundle.pem:/etc/ssl/ca-bundle.pem:ro,z \ + -v $SSH_AUTH_SOCK:/run/user/0/ssh-agent.socket:z \ + -e SSH_AUTH_SOCK=/var/run/user/0/ssh-agent.socket:z \ + -v "$PWD":/root/osc-workdir:z \ + {{ image.reference }} +``` + + +## Limitations + +- It is currently not possible to build packages in a container. + + +## Volumes + +The container image is preconfigured to put `/var/tmp` into a volume. This +directory is used by `osc` to store the buildroot and the package cache. diff --git a/src/bci_build/package/osc/entrypoint.sh b/src/bci_build/package/osc/entrypoint.sh new file mode 100644 index 000000000..1fc61607b --- /dev/null +++ b/src/bci_build/package/osc/entrypoint.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +if [[ ! -e /root/.config/osc/oscrc ]]; then + cat << EOF +This container is expected to be launched with your oscrc mounted to +/root/.config/osc/oscrc + +Please consult the README or the label 'run' for the full invocation. +EOF +fi + + +exec "$@"