This is complex, not just because we are passing the arguments to the
trace function, but already because they need to be protected in their
structure when unrolling them at the top level. The trick seems to be
using the argument list via set and "$@" to preserve the individual
words. Due to the trace indirection, we additionally need the single
quotes around the variable values.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This commit enables passing the Docker container a directory containing
SSH configuration and optionally SSH identities and list of known SSH
hosts. Basically what you might expect to find in the ~/.ssh directory
of the container.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Suggested-by: Henning Schild <henning.schild@siemens.com>
PEP8:
"""
To better support introspection, modules should explicitly declare the
names in their public API using the __all__ attribute.
"""
flake8 reports
./kas/kas.py:51:1: F401 '.build' imported but unused
./kas/kas.py:52:1: F401 '.shell' imported but unused
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
PEP8:
"""
To better support introspection, modules should explicitly declare the
names in their public API using the __all__ attribute.
"""
reported by flake8:
./kas/__init__.py:26:1: F401 '.__version__.__version__' imported but unused
./kas/__init__.py:27:1: F401 '.__version__.__file_version__' imported but unused
./kas/__init__.py:27:1: F401 '.__version__.__compatible_file_version__' imported but unused
./kas/__init__.py:28:1: F401 '.configschema.CONFIGSCHEMA' imported but unused
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
pylint has been a great tool to get the initial code base into shape
but since then we mostely false postives. All those warnings needed to
be annonated.
This allong wouldn't be reason enough to remove it. The main problem
is that the pylint version on gitlab is updated in the back and
suddenly we get new warnings which are bogus.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
I understood the message:
Setting up loop device requires root privileges
as suggestion that I should start this script as root and hit
^C before `sudo` could prompt for my password.
This patch removes that line and adds a sudo prompt to elaborate on why
root permissions are needed and what is done with them. It also adds a
check if this was unsuccessful and suggests to the user to do it
themselves. This will also be shown if sudo is not installed.
Signed-off-by: Claudius Heine <ch@denx.de>
This ensures that both UID and GID of the builder user inside the
container is aligned with the caller of kas-docker - or that of "docker
run" when "-e GROUP_ID=..." is specified.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
They were ignored so far is the config file was specifying a target or a
task, respectively. But the proper priority is (in descending order):
1. command line options
2. environment (KAS_TARGET, KAS_TASK)
3. kas config
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The usage of 'echo -e' for printing the usage message is not POSIX
conform and is not being supported in the default shell of Debian
(dash).
As the 'Rationale' of the POSIX 'printf' documentation states, it was
created "due to irreconcilable differences in the various versions of
echo extant" and it should provide better compatibility throughout
different shells.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
In 3.7, async became a reserved word. So we can no longer use it
directly for pre-3.5 compatibility.
At this chance, extract the common compat part into a helper function.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This allow to use the host-side SSH agent when cloning protected
repositories via kas. We already do this for the build environment.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
This shall help to standardize the way how to run kas inside a docker
container on a kas file that is locally available. The pattern is
- checkout repo with kas file(s)
- go to directory where the build output should go into
- call "kas-docker build /path/to/kas.yml"
As building Isar images both require a specific docker image (that
could be changed, though) as well as additional privileges (that needs
to be changed in Isar one day), the option "--isar" selects that mode.
And because the output of an Isar build generally contains root-owned
files, the clean command is added which use docker privileges to clean
the build folder, avoiding a "sudo".
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
build.py and shell.py have a long list of explicit macro commands,
which are code duplicates. Since this is wanted coding pattern,
disable the pylint warning about this.
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
Divide the SetupRepos command into three parts: init, step and finish
Build a macro-based loop with the step part of the function.
Rewrite this in build.py and shell.py
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
To keep the macro style of the program flow and explicitely state the
command sequence with Macro.add, we need a mechanism that repeats
several steps of the Macro depending on a given condition. This will be
used by the repo checkout logic.
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
This extends the command line syntax for specifying configuration files.
You can now combine files by concatenating them, separated by colons:
kas build base.yml:board.yml:feature.yml
The motivation for this feature is to avoid having to write tons of
configuration files that perform this combinations statically via
includes.
In order to avoid complications and prevent that users shoot themselves
too easily into their feet, we deny the case of distributing the
configuration files over multiple repositories. Either all files
specified on the command line come from the same repo, or they are all
local (without versioning control).
Based on idea by Claudius Heine.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This allows the caller to differentiate between "no repo found" and
"result points to repo". Default behavior remain unchanged (return
provided path itself if no repo is found).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Rather than handing down a complete config, only pass what is really
needed: a repository fallback path. This can already be determined by
the caller.
Inside Repo.factory(), we can retrieve the global context now and can
stop relying on a reference stored in the config.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
If env is not provided, use the global context environment. Then drop
all every passing of that parameter.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This helps to avoid circular dependencies. It also allows the Config
constructor to make use of the global context.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This will avoid the increasingly ugly pushing around of a context
instance as parameter to various methods/functions. Everyone can now
simply call get_context() after build or shell called
create_global_context().
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This fixes a regression of 5b85fba0: diff-index is porcelain and seems
to lack some explicit refresh prior to being called. Therefore, it can
incorrectly detect files as being modified although a "git diff" will
not - and will actually also update the status so that the next
diff-index would be fine again.
Fix those false positives while still detecting also cached changes by
using git status -s instead.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The ID_LIKE tag that get_distro_id_base also queries may contain
multiple, space-separated values. Opensuse Leap 15.0 is exploiting that,
e.g. ("suse opensuse").
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
If a kas-file inside a repo includes another kas-file form a repo
which is not checked-out, and this 2nd repo can only be checked-out
with an SSH-key, kas fails. This is, because the constructor of
the Config class used to fetch missing repos already before the
SSH-Agent was setup.
This patch refactors the way in which kas checks-out repositories. This
also required the Config class to be split into Context and Config,
where the new Context is the build-Context, i.e. containing the
environment of commands executed by kas and the new Config is the Config
of kas itself, i.e. containing the repo dictionary.
This way it is possible to initialize the context needed for SSH setup
independently of the kas configuration.
The commands ReposFetch and ReposCheckout are refactored into a
SetupRepos command. This command parses the include files and
successively checks-out needed repos and updates the config as long
as repos are missing. The logic is taken directly from the constructor
of the former Config class (with minor adaptations).
Further refactoring will be needed to clean up the conceptual
programming patterns (i.e. to keep the Macro-Style consistent),
and to re-add the macro pattern regarding the above ReposFetch.
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
Time to move forward, buster is almost in sight. We may break some older
Yocto versions this way, but they can always use older images.
Along this update, this migrates the locale setup towards the
recommendation on https://docs.docker.com/samples/library/debian/#locales.
Furthermore, DEBIAN_FRONTEND=noninteractive is moved to the top-level
Dockerfile - it's generic.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This avoids
docker run ... kasproject/kas sh -c "cd /somepath; kas build ..."
and rather allows for
docker run ... --workdir=/somepath kasproject/kas build ...
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This adds a bit heuristic to the docker entrypoint in order to move our
API towards "docker run [...] kasproject/kas build kas.yml" - without
breaking existing users. And now you can also do
docker run --rm kasproject/kas --version
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
pylint reports
kas/includehandler.py:148:4: R0915: Too many statements (58/50) (too-many-statements)
All attempts to silence via a local disable didn't work, so disable it
on a global level. There is little value in this warning anyway.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
