Based on the following patch:
Subject: [meta-virtualization][PATCH] image-oci-umoci: preserve file modes in rootfs
From: "Florian Wickert via lists.yoctoproject.org" <FlorianWickert=gmail.com@lists.yoctoproject.org>
cp does not preserve file modes by default.
This will break sudo (among others) which needs the suid flag to do its
work.
This patch adds the --preserve=mode flag to the cp call to fix this.
Signed-off-by: Florian Wickert <FlorianWickert@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The OCI_IMAGE_TAG variable can contain a ":" if the user wants to give
the image a name and a tag, as in:
OCI_IMAGE_TAG = "${IMAGE_BASENAME}:latest"
However, while this is valid for tag name, the ":" is illegal in OCI
image file names so replace it with "_" when naming the symlinks
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Quote the label argument passed to umoci to allow it to correctly handle
spaces. Note that this requires that OCI_IMAGE_LABELS have the argument
quoted with single quotes, as in:
OCI_IMAGE_LABELS = "org.opencontainers.image.description='${SUMMARY}'"
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Quote the environment variable argument passed to umoci to allow it to
correctly handle spaces. Note that this requires that OCI_IMAGE_ENV_VARS
have the argument quoted with single quotes, as in:
OCI_IMAGE_ENV_VARS = "FOO='bar bat'"
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
umoci can encode both entrypoint and cmd lists into the oci image.
This is done by using the --config.entrypoint and --config.cmd arguments
multiple times.
We can split our OCI_* variables on space and support multiple arguments
in either command and keep compatibility with existing users.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The original tar output of the oci image followed the sloci-image
convention of putting the oci contents into a subdirectory in the
tarball. This allows it to work directly with skopeo, etc, but it
isn't the format that tools like podman expect in an oci-image
tarball.
We move the original format to have "-dir" in the name, and let
the more simply named one be the oci-image format as expcted by
various 3rd party tools
1) image_name.tar: compatible with oci tar format, blobs and
rootfs are at the top level. Can load directly from something like podman
2) image_name-dir.tar: original format from meta-virt, is just a
tar'd up oci image directory (compatible with skopeo :dir format)
We also fix a bug in the sloci-image backend, where the sloci tar
was removing the raw oci image directory leaving a dangling symlink.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We have been symlinking the -oci image directory for a while, but
we can also create a shorted convenience symlink for the tar'd
version of that directory.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Symlink the date-time based image name, to just the imagename-oci.
This makes scripting use of the deployed container much simpler.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Add an optional parameter that allows to override the stop
signal that is used.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
As part of allowing different types of oci images to be created,
we split our IMG_cmd into .inc files that can then be specific to
the selected type.
For the umoci backend: We can take the same options as sloci
expects and use umoci to create images.
The resulting OCI image is similar, but by using umoci, we set
the stage to do multi-tag, or multi-layer images in the future.
But for now, we are functionally equivalent to the sloci backend.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
