From patchwork Sat Apr 10 12:23:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sergio Prado X-Patchwork-Id: 1464619 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=e-labworks-com.20150623.gappssmtp.com header.i=@e-labworks-com.20150623.gappssmtp.com header.a=rsa-sha256 header.s=20150623 header.b=CjXG67wu; dkim-atps=neutral Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4FHZ263HBxz9sVt for ; Sat, 10 Apr 2021 22:24:46 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 6D99140232; Sat, 10 Apr 2021 12:24:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XjjGD5KXcFSb; Sat, 10 Apr 2021 12:24:43 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp2.osuosl.org (Postfix) with ESMTP id 7A06240220; Sat, 10 Apr 2021 12:24:42 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id DE4BD1BF39C for ; Sat, 10 Apr 2021 12:24:25 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id CDBE440207 for ; Sat, 10 Apr 2021 12:24:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bELJ04a--Ozq for ; Sat, 10 Apr 2021 12:24:20 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-ed1-x531.google.com (mail-ed1-x531.google.com [IPv6:2a00:1450:4864:20::531]) by smtp2.osuosl.org (Postfix) with ESMTPS id DD86C40220 for ; Sat, 10 Apr 2021 12:24:19 +0000 (UTC) Received: by mail-ed1-x531.google.com with SMTP id e7so9543726edu.10 for ; Sat, 10 Apr 2021 05:24:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=e-labworks-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=rreGrEpzFh1Sdh90vR20oiJyxCfKN0dl4/z3RC3FCco=; b=CjXG67wu4n+So9ANuEWfaTIeKZuyZwHr+dy6LWTVSo/xYq77+KW8VOAX97gN7bS/UG Koav2ZxXbW3yNYc6AWqrfJSCg1tDj4Tydth9/SbrW9xMFAMF5XND3yKCVby+xoB+qS/2 3w3jeNFaVQSTO8y/1dykStKm9k6HbHhQMKt0e4PxwiECqt2OPyk9Y4jjyylsygIlQXDP AZWaUNs17o0+tXdinAiUgAx0t8qNGh3P8MX73XFKCfwF/0dZupW4D0vbeed12Bpx+Bfh FMAhZe0kpl91i8x78TZxW8ZuS9HQz4yeGZPUWUOpA3iY7wwHOCyAeAi5qwgb7UzEkGfw hYcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=rreGrEpzFh1Sdh90vR20oiJyxCfKN0dl4/z3RC3FCco=; b=JPzkFu/TVQ1JkJKn9MsCm7C/nif5iFYSEvEUV497Kd2K7t3ka7+MEiCBQZ8Ejukzop zaOZ+XF543CL3IIFkVkQmWFpWXFP8MYvE+Dgr7gGc0r9+uFPsUJcpSGZjiiLYKVpZJAZ 2wIk+i96nSh+YD2WWmrzPKrVvrOi6U0R7gZHXZwqExaQw7cojKvV+eJyBNdOZzRv5acV SnnGhLqPE5xWrvihLAKEaS2GUIZbeNIQ3/gKmf5/5vSr3DW7viY7rzPkPlQYCaQErYAr UxoeMmYEh9wD2f89zekZ8OLsLfgmERUSo46FK6lnkV3Ul9Zc3TqiMi8/LUDkWrBQw+O5 5H8A== X-Gm-Message-State: AOAM533XSKGP24qVkOlgNrHfWEdPl8JNuYk/j4fvR/wJ8caUDeYrnHxw tajptRvZnhZ9vT729VfeFEaD3lIReBfDMQ== X-Google-Smtp-Source: ABdhPJyJw0NfoQCiEcyRUUAWqtY8j6WpN0RkMAiICOBOTvbalMaaGUWBBFleS4Otg/oTT7qNNVpTpw== X-Received: by 2002:a05:6402:4d1:: with SMTP id n17mr21173961edw.118.1618057457733; Sat, 10 Apr 2021 05:24:17 -0700 (PDT) Received: from sprado-office.toradex.int ([189.62.45.160]) by smtp.gmail.com with ESMTPSA id c16sm2630002ejx.81.2021.04.10.05.24.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 10 Apr 2021 05:24:17 -0700 (PDT) From: Sergio Prado To: buildroot@buildroot.org Date: Sat, 10 Apr 2021 09:23:57 -0300 Message-Id: <20210410122357.12641-3-sergio.prado@e-labworks.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210410122357.12641-1-sergio.prado@e-labworks.com> References: <20210410122357.12641-1-sergio.prado@e-labworks.com> Subject: [Buildroot] [PATCH v2 2/2] oci: add new filesystem type X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Sergio Prado , Jens Rosenboom , Thomas Petazzoni MIME-Version: 1.0 Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Add support to generate OCI (Open Container Initiative) images. An OCI image consists of a manifest, an image index (optional), a set of filesystem layers, and a configuration. The complete specification is available in the link below: https://github.com/opencontainers/image-spec/blob/master/spec.md The image is generated with the host tool sloci-image, and config options can be used to configure image parameters. By default, the image is generated in a directory called rootfs-oci: $ cd output/images $ ls rootfs-oci/ blobs index.json oci-layout Optionally, the image can be packed into a tar archive. The image can be pushed to a registry using containers tools like skopeo: $ skopeo copy --dest-creds : oci:rootfs-oci: \ docker:///[:tag] And then we can pull/run the container image with tools like docker: $ docker run -it /[:tag] Signed-off-by: Sergio Prado --- fs/Config.in | 1 + fs/oci/Config.in | 88 ++++++++++++++++++++++++++++++++++++++++++ fs/oci/oci.mk | 99 ++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 188 insertions(+) create mode 100644 fs/oci/Config.in create mode 100644 fs/oci/oci.mk diff --git a/fs/Config.in b/fs/Config.in index 37a2aa21f8ac..eee5e26bb2b3 100644 --- a/fs/Config.in +++ b/fs/Config.in @@ -11,6 +11,7 @@ source "fs/f2fs/Config.in" source "fs/initramfs/Config.in" source "fs/iso9660/Config.in" source "fs/jffs2/Config.in" +source "fs/oci/Config.in" source "fs/romfs/Config.in" source "fs/squashfs/Config.in" source "fs/tar/Config.in" diff --git a/fs/oci/Config.in b/fs/oci/Config.in new file mode 100644 index 000000000000..dd7112ea8a1e --- /dev/null +++ b/fs/oci/Config.in @@ -0,0 +1,88 @@ +config BR2_TARGET_ROOTFS_OCI + bool "oci image" + help + Build an OCI (Open Container Initiative) image. + + By default, the image is generated in a directory called + rootfs-oci: + + $ cd output/images + $ ls rootfs-oci/ + blobs index.json oci-layout + + You can push the image to a registry. Example using skopeo: + + $ skopeo copy --dest-creds : \ + oci:rootfs-oci: docker:///[:tag] + + And pull/run it with docker: + + $ docker run -it /[:tag] + +if BR2_TARGET_ROOTFS_OCI + +config BR2_TARGET_ROOTFS_OCI_AUTHOR + string "author name and/or email address" + default "Buildroot" + help + Name and/or email address of the person which created the + image. + +config BR2_TARGET_ROOTFS_OCI_TAG + string "image tag" + default "latest" + help + Tag to be used in the container image. If empty, 'latest' will + be used by default. + +config BR2_TARGET_ROOTFS_OCI_ENTRYPOINT + string "entrypoint" + default "sh" + help + Command to execute when the container starts. + +config BR2_TARGET_ROOTFS_OCI_ENTRYPOINT_ARGS + string "entrypoint arguments" + help + Default arguments to the entrypoint of the container. + +config BR2_TARGET_ROOTFS_OCI_WORKDIR + string "working directory" + help + Working directory of the entrypoint process in the + container. + +config BR2_TARGET_ROOTFS_OCI_UID + string "username or UID" + default "0" + help + The username or UID of user the process run as. + +config BR2_TARGET_ROOTFS_OCI_ENV_VARS + string "environment variables" + help + Default environment variables for the container. + +config BR2_TARGET_ROOTFS_OCI_PORTS + string "ports" + help + Default set of ports to expose from a container running + this image in the following format: + + /tcp, /udp, (same as /tcp). + +config BR2_TARGET_ROOTFS_OCI_LABELS + string "labels" + help + Metadata in the format KEY=VALUE for the container compliant + with OCI annotation rules. If KEY starts with a dot, it will + be prefixed with "org.opencontainers.image" + (e.g. .url -> org.opencontainers.image.url). + +config BR2_TARGET_ROOTFS_OCI_ARCHIVE + bool "pack oci image into a tar archive" + default n + help + Select whether the image should be packed into a TAR archive. + +endif diff --git a/fs/oci/oci.mk b/fs/oci/oci.mk new file mode 100644 index 000000000000..09c3e88069ca --- /dev/null +++ b/fs/oci/oci.mk @@ -0,0 +1,99 @@ +################################################################################ +# +# Build the oci image +# +################################################################################ + +ROOTFS_OCI_IMAGE_NAME = rootfs-oci + +ROOTFS_OCI_DEPENDENCIES = host-sloci-image + +# architecture +OCI_SLOCI_IMAGE_OPTS = --arch $(BR2_ARCH) + +# architecture variant (typically used only for arm) +ifeq ($(BR2_ARM_CPU_HAS_ARM),y) +ifeq ($(BR2_ARM_CPU_ARMV5),y) +OCI_SLOCI_IMAGE_OPTS += --arch-variant v5 +else ifeq ($(BR2_ARM_CPU_ARMV6),y) +OCI_SLOCI_IMAGE_OPTS += --arch-variant v6 +else ifeq ($(BR2_ARM_CPU_ARMV7A),y) +OCI_SLOCI_IMAGE_OPTS += --arch-variant v7 +else ifeq ($(BR2_ARM_CPU_ARMV8A),y) +OCI_SLOCI_IMAGE_OPTS += --arch-variant v8 +endif +endif + +# entrypoint +OCI_ENTRYPOINT = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENTRYPOINT)) +ifneq ($(OCI_ENTRYPOINT),) +OCI_SLOCI_IMAGE_OPTS += --entrypoint $(OCI_ENTRYPOINT) +endif + +# entrypoint arguments +OCI_ENTRYPOINT_ARGS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENTRYPOINT_ARGS)) +ifneq ($(OCI_ENTRYPOINT_ARGS),) +OCI_SLOCI_IMAGE_OPTS += --cmd "$(OCI_ENTRYPOINT_ARGS)" +endif + +# author +OCI_AUTHOR = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_AUTHOR)) +ifneq ($(OCI_AUTHOR),) +OCI_SLOCI_IMAGE_OPTS += --author "$(OCI_AUTHOR)" +endif + +# username or UID +OCI_UID = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_UID)) +ifneq ($(OCI_UID),) +OCI_SLOCI_IMAGE_OPTS += --user $(OCI_UID) +endif + +# labels +OCI_LABELS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_LABELS)) +ifneq ($(OCI_LABELS),) +OCI_SLOCI_IMAGE_OPTS += \ + $(foreach label,$(OCI_LABELS),--label $(label)) +endif + +# environment variables +OCI_ENV_VARS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENV_VARS)) +ifneq ($(OCI_ENV_VARS),) +OCI_SLOCI_IMAGE_OPTS += \ + $(foreach var,$(OCI_ENV_VARS),--env $(var)) +endif + +# working directory +OCI_WORKDIR = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_WORKDIR)) +ifneq ($(OCI_WORKDIR),) +OCI_SLOCI_IMAGE_OPTS += --working-dir $(OCI_WORKDIR) +endif + +# ports +OCI_PORTS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_PORTS)) +ifneq ($(OCI_PORTS),) +OCI_SLOCI_IMAGE_OPTS += \ + $(foreach port,$(OCI_PORTS),--port $(port)) +endif + +# tag +OCI_TAG = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_TAG)) +ifeq ($(OCI_TAG),) +# we need a tag, so if it is empty, it is safe to override here +# check-package OverriddenVariable +OCI_TAG = latest +endif + +# enable tar archive +ifeq ($(BR2_TARGET_ROOTFS_OCI_ARCHIVE),y) +OCI_SLOCI_IMAGE_OPTS += --tar +endif + +define ROOTFS_OCI_CMD + (cd $(BINARIES_DIR); \ + rm -rf $(ROOTFS_OCI_IMAGE_NAME)* + $(HOST_DIR)/bin/sloci-image $(OCI_SLOCI_IMAGE_OPTS) $(TARGET_DIR) \ + $(ROOTFS_OCI_IMAGE_NAME):$(OCI_TAG) + ) +endef + +$(eval $(rootfs))