It turned out [1] that our current way of setting up binfmt_misc during
container start does not reliably work, namely does not overwrite
incompatible host settings. Running dpkg-reconfigure solves this.
To avoid confusing warnings of the kind
update-binfmts: warning: qemu-aarch64 already enabled in kernel.
we filter them out. That will continue to flood the console with
warnings in case the container is started without privileges.
[1] https://groups.google.com/forum/#!msg/isar-users/2G-Diz0BR1Y/Y0X6eHggCgAJ
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Doing that will allow building arm64 buster images with Isar. The new
qemu works just fine for all older suites like stretch.
Signed-off-by: Henning Schild <henning.schild@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Allow kas-docker to use proxy configuration of docker client instead of
inheriting proxy configuration from the current environment.
Signed-off-by: Hosgor, Tolga (CT RDA DS EU TR MTS) <tolga.hosgor@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
There is no good reason to only warn about an incorrect patch entry or
a missing patch file. This just causes CI systems to succeed with a
build - or fail at unexpected places.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Analogously to bitbake's PREMIRRORS, this allows to define alternative
sources for repo URLs specified in kas files.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
We need to double-quote the content of the variables in order to
preserve newlines.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Upstream oe-git-proxy has a bug [1] and currently does proxying
unconditionally, just being stopped in the absence of other proxy
settings. Patch in the fix until upstream picks it up.
[1] http://lists.openembedded.org/pipermail/openembedded-core/2019-January/278496.html
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Required to control oe-git-proxy exceptions.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Ensure that all file elements of the kas file parameter are properly
canonicalized and mapped onto the container volume. This is important
when kas-docker is called using relative paths while PWD is not the
repository root.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This is complex, not just because we are passing the arguments to the
trace function, but already because they need to be protected in their
structure when unrolling them at the top level. The trick seems to be
using the argument list via set and "$@" to preserve the individual
words. Due to the trace indirection, we additionally need the single
quotes around the variable values.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This commit enables passing the Docker container a directory containing
SSH configuration and optionally SSH identities and list of known SSH
hosts. Basically what you might expect to find in the ~/.ssh directory
of the container.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
Suggested-by: Henning Schild <henning.schild@siemens.com>
PEP8:
"""
To better support introspection, modules should explicitly declare the
names in their public API using the __all__ attribute.
"""
flake8 reports
./kas/kas.py:51:1: F401 '.build' imported but unused
./kas/kas.py:52:1: F401 '.shell' imported but unused
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
PEP8:
"""
To better support introspection, modules should explicitly declare the
names in their public API using the __all__ attribute.
"""
reported by flake8:
./kas/__init__.py:26:1: F401 '.__version__.__version__' imported but unused
./kas/__init__.py:27:1: F401 '.__version__.__file_version__' imported but unused
./kas/__init__.py:27:1: F401 '.__version__.__compatible_file_version__' imported but unused
./kas/__init__.py:28:1: F401 '.configschema.CONFIGSCHEMA' imported but unused
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
pylint has been a great tool to get the initial code base into shape
but since then we mostely false postives. All those warnings needed to
be annonated.
This allong wouldn't be reason enough to remove it. The main problem
is that the pylint version on gitlab is updated in the back and
suddenly we get new warnings which are bogus.
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
I understood the message:
Setting up loop device requires root privileges
as suggestion that I should start this script as root and hit
^C before `sudo` could prompt for my password.
This patch removes that line and adds a sudo prompt to elaborate on why
root permissions are needed and what is done with them. It also adds a
check if this was unsuccessful and suggests to the user to do it
themselves. This will also be shown if sudo is not installed.
Signed-off-by: Claudius Heine <ch@denx.de>
This ensures that both UID and GID of the builder user inside the
container is aligned with the caller of kas-docker - or that of "docker
run" when "-e GROUP_ID=..." is specified.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
They were ignored so far is the config file was specifying a target or a
task, respectively. But the proper priority is (in descending order):
1. command line options
2. environment (KAS_TARGET, KAS_TASK)
3. kas config
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The usage of 'echo -e' for printing the usage message is not POSIX
conform and is not being supported in the default shell of Debian
(dash).
As the 'Rationale' of the POSIX 'printf' documentation states, it was
created "due to irreconcilable differences in the various versions of
echo extant" and it should provide better compatibility throughout
different shells.
Signed-off-by: Silvano Cirujano Cuesta <silvano.cirujano-cuesta@siemens.com>
In 3.7, async became a reserved word. So we can no longer use it
directly for pre-3.5 compatibility.
At this chance, extract the common compat part into a helper function.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This allow to use the host-side SSH agent when cloning protected
repositories via kas. We already do this for the build environment.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
This shall help to standardize the way how to run kas inside a docker
container on a kas file that is locally available. The pattern is
- checkout repo with kas file(s)
- go to directory where the build output should go into
- call "kas-docker build /path/to/kas.yml"
As building Isar images both require a specific docker image (that
could be changed, though) as well as additional privileges (that needs
to be changed in Isar one day), the option "--isar" selects that mode.
And because the output of an Isar build generally contains root-owned
files, the clean command is added which use docker privileges to clean
the build folder, avoiding a "sudo".
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
build.py and shell.py have a long list of explicit macro commands,
which are code duplicates. Since this is wanted coding pattern,
disable the pylint warning about this.
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
Divide the SetupRepos command into three parts: init, step and finish
Build a macro-based loop with the step part of the function.
Rewrite this in build.py and shell.py
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
To keep the macro style of the program flow and explicitely state the
command sequence with Macro.add, we need a mechanism that repeats
several steps of the Macro depending on a given condition. This will be
used by the repo checkout logic.
Signed-off-by: Andreas Reichel <andreas.reichel.ext@siemens.com>
This extends the command line syntax for specifying configuration files.
You can now combine files by concatenating them, separated by colons:
kas build base.yml:board.yml:feature.yml
The motivation for this feature is to avoid having to write tons of
configuration files that perform this combinations statically via
includes.
In order to avoid complications and prevent that users shoot themselves
too easily into their feet, we deny the case of distributing the
configuration files over multiple repositories. Either all files
specified on the command line come from the same repo, or they are all
local (without versioning control).
Based on idea by Claudius Heine.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
This allows the caller to differentiate between "no repo found" and
"result points to repo". Default behavior remain unchanged (return
provided path itself if no repo is found).
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Rather than handing down a complete config, only pass what is really
needed: a repository fallback path. This can already be determined by
the caller.
Inside Repo.factory(), we can retrieve the global context now and can
stop relying on a reference stored in the config.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>