Will become a hard dependency when switching the (currently broken)
patch class of Isar to one derived from OE. Prepare for that.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
It turned out [1] that our current way of setting up binfmt_misc during
container start does not reliably work, namely does not overwrite
incompatible host settings. Running dpkg-reconfigure solves this.
To avoid confusing warnings of the kind
update-binfmts: warning: qemu-aarch64 already enabled in kernel.
we filter them out. That will continue to flood the console with
warnings in case the container is started without privileges.
[1] https://groups.google.com/forum/#!msg/isar-users/2G-Diz0BR1Y/Y0X6eHggCgAJ
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Doing that will allow building arm64 buster images with Isar. The new
qemu works just fine for all older suites like stretch.
Signed-off-by: Henning Schild <henning.schild@siemens.com>
Signed-off-by: Daniel Wagner <daniel.wagner@siemens.com>
Time to move forward, buster is almost in sight. We may break some older
Yocto versions this way, but they can always use older images.
Along this update, this migrates the locale setup towards the
recommendation on https://docs.docker.com/samples/library/debian/#locales.
Furthermore, DEBIAN_FRONTEND=noninteractive is moved to the top-level
Dockerfile - it's generic.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Needed due to upcoming switch from multistrap to debootstrap. The former
can eventually be removed in a later release.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
The stretch version supports multi-thread compression, allowing to
accelerate e.g. artifact compression tasks. The newer version of xz also
seem to resolve mysterious compression failures that created too short
output images.
As we install the stretch source in the base image now, we can remove
that port from the isar image and align both regarding the setup.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Additionally requires to run the container with --privileged - not nice but
unavoidable right now, see also
https://groups.google.com/forum/#!topic/isar-users/Un75m49InjY
Also note that running containers with different binfmt settings
concurrently will cause troubles. Same for the case that the host
requires deviating settings. Use carefully.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Isar requires a number of extra packages compared to a Yocto build. It
also needs a newer e2fsprogs version which can be taken from backports.
Last but not least, its keystone multistrap contains a nasty bug [1]
under in jessie so that we need to pull the updated version from
stretch.
The value of having this image still based on jessie is that it can be
used for both purposes: Yocto (2.1/2.2) and Isar builds. We push it
along the kas core image as kas-isar during the CI run.
Isar still requires some raised privileges. Therefore, the image has to
be started with the additional switches "--cap-add=SYS_ADMIN
--cap-add=MKNOD --device $(/sbin/losetup -f)".
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774698
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>