* [Buildroot] [PATCH v1 1/2] package/sloci-image: new host package
2020-10-25 8:15 [Buildroot] [PATCH v1 0/2] Add support to generate OCI images Sergio Prado
@ 2020-10-25 8:15 ` Sergio Prado
2020-10-25 8:15 ` [Buildroot] [PATCH v1 2/2] oci: add new filesystem type Sergio Prado
1 sibling, 0 replies; 3+ messages in thread
From: Sergio Prado @ 2020-10-25 8:15 UTC (permalink / raw)
To: buildroot
From: Sergio Prado <sergio.prado@e-labworks.com>
sloci-image is a simple CLI tool for packing rootfs into a single-layer
OCI image.
The patch fixes a escaping issue and a PR was sent upstream:
https://github.com/jirutka/sloci-image/pull/2
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
---
DEVELOPERS | 1 +
package/Config.in.host | 1 +
...ues-when-generating-the-OCI-image-co.patch | 55 +++++++++++++++++++
package/sloci-image/Config.in.host | 7 +++
package/sloci-image/sloci-image.hash | 5 ++
package/sloci-image/sloci-image.mk | 19 +++++++
6 files changed, 88 insertions(+)
create mode 100644 package/sloci-image/0001-Fix-escaping-issues-when-generating-the-OCI-image-co.patch
create mode 100644 package/sloci-image/Config.in.host
create mode 100644 package/sloci-image/sloci-image.hash
create mode 100644 package/sloci-image/sloci-image.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index b245c1cd7eee..a0bfde2391a6 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -2383,6 +2383,7 @@ F: package/curlpp/
F: package/daq/
F: package/libgdiplus/
F: package/pimd/
+F: package/sloci-image/
F: package/snort/
F: package/stella/
F: package/tio/
diff --git a/package/Config.in.host b/package/Config.in.host
index 546f1c226dec..26ed8480cc21 100644
--- a/package/Config.in.host
+++ b/package/Config.in.host
@@ -76,6 +76,7 @@ menu "Host utilities"
source "package/sam-ba/Config.in.host"
source "package/sdbusplus/Config.in.host"
source "package/sentry-cli/Config.in.host"
+ source "package/sloci-image/Config.in.host"
source "package/squashfs/Config.in.host"
source "package/sunxi-tools/Config.in.host"
source "package/swig/Config.in.host"
diff --git a/package/sloci-image/0001-Fix-escaping-issues-when-generating-the-OCI-image-co.patch b/package/sloci-image/0001-Fix-escaping-issues-when-generating-the-OCI-image-co.patch
new file mode 100644
index 000000000000..de95cda38717
--- /dev/null
+++ b/package/sloci-image/0001-Fix-escaping-issues-when-generating-the-OCI-image-co.patch
@@ -0,0 +1,55 @@
+From f2ebd0aaff7c519fd3d1c64bdfbedb49b6c60c11 Mon Sep 17 00:00:00 2001
+From: Sergio Prado <sergio.prado@e-labworks.com>
+Date: Sat, 24 Oct 2020 12:43:46 -0300
+Subject: [PATCH] Fix escaping issues when generating the OCI image config
+ files
+
+Some parameters are not escaping correctly the double quotes
+when generating the OCI image config files.
+
+This is easily reproducible:
+
+$ mkdir rootfs
+$ ./sloci-image --arch arm --user 0 rootfs oci-image:latest
+$ grep -R "User" oci-image/
+oci-image/blobs/sha256/e574ac66b91453b00beb37717ed0e604249fa695ec772e17a56ff208357ec72a: \"User\": "0",
+
+Fix that by escaping the double quotes with an echo command.
+
+Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
+---
+ sloci-image | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/sloci-image b/sloci-image
+index be8e79a824e0..2c7ab5047271 100755
+--- a/sloci-image
++++ b/sloci-image
+@@ -269,13 +269,13 @@ oci_image_config() {
+ "architecture": "$(oci_arch $CFG_ARCH)",
+ "os": "$CFG_OS",
+ "config": {
+- ${CFG_USER:+"\"User\": $(json_string "$CFG_USER"),"}
++ ${CFG_USER:+"$(echo \"User\"): $(json_string "$CFG_USER"),"}
+ "ExposedPorts": $(json_pseudoarray "$CFG_PORTS"),
+ "Env": $(json_string_array "$CFG_ENV"),
+ "Entrypoint": $(json_string_array "$CFG_ENTRYPOINT"),
+ "Cmd": $(json_string_array "$CFG_CMD"),
+ "Volumes": $(json_pseudoarray "$CFG_VOLUMES"),
+- ${CFG_WORKING_DIR:+"\"WorkingDir\": $(json_string "$CFG_WORKING_DIR"),"}
++ ${CFG_WORKING_DIR:+"$(echo \"WorkingDir\"): $(json_string "$CFG_WORKING_DIR"),"}
+ "Labels": $(json_string_map "$CFG_LABELS")
+ },
+ "rootfs": {
+@@ -309,7 +309,7 @@ oci_image_index() {
+ "digest": "$manifest_digest",
+ "platform": {
+ "architecture": "$(oci_arch $CFG_ARCH)",
+- ${CFG_ARCH_VARIANT:+"\"variant\": $(json_string "$CFG_ARCH_VARIANT"),"}
++ ${CFG_ARCH_VARIANT:+"$(echo \"variant\"): $(json_string "$CFG_ARCH_VARIANT"),"}
+ "os": "$CFG_OS"
+ },
+ "annotations": {
+--
+2.17.1
+
diff --git a/package/sloci-image/Config.in.host b/package/sloci-image/Config.in.host
new file mode 100644
index 000000000000..d809f1f3c786
--- /dev/null
+++ b/package/sloci-image/Config.in.host
@@ -0,0 +1,7 @@
+config BR2_PACKAGE_HOST_SLOCI_IMAGE
+ bool "host sloci-image"
+ help
+ A simple CLI tool for packing rootfs into a single-layer OCI
+ image.
+
+ https://github.com/jirutka/sloci-image
diff --git a/package/sloci-image/sloci-image.hash b/package/sloci-image/sloci-image.hash
new file mode 100644
index 000000000000..2476b2340823
--- /dev/null
+++ b/package/sloci-image/sloci-image.hash
@@ -0,0 +1,5 @@
+# Locally computed
+sha256 2c154e355aea65089921058c8ba96cc90e6c22753b4e7956221403b6183ac775 sloci-image-4015e49763e5a738026a5bbfcf32b38b5a4fa650.tar.gz
+
+# Hash for license files:
+sha256 8ea53673b084576813fc40cd63817c5a1619438942b5e6c30dac1d10707c27e4 LICENSE
diff --git a/package/sloci-image/sloci-image.mk b/package/sloci-image/sloci-image.mk
new file mode 100644
index 000000000000..ab716a074342
--- /dev/null
+++ b/package/sloci-image/sloci-image.mk
@@ -0,0 +1,19 @@
+################################################################################
+#
+# sloci-image
+#
+################################################################################
+
+SLOCI_IMAGE_VERSION = 4015e49763e5a738026a5bbfcf32b38b5a4fa650
+SLOCI_IMAGE_SITE = $(call github,jirutka,sloci-image,$(SLOCI_IMAGE_VERSION))
+
+SLOCI_IMAGE_LICENSE = MIT
+SLOCI_IMAGE_LICENSE_FILES = LICENSE
+
+HOST_SLOCI_IMAGE_DEPENDENCIES = host-gawk
+
+define HOST_SLOCI_IMAGE_INSTALL_CMDS
+ $(HOST_MAKE_ENV) $(MAKE) DESTDIR=$(HOST_DIR) PREFIX=/usr -C $(@D) install
+endef
+
+$(eval $(host-generic-package))
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread* [Buildroot] [PATCH v1 2/2] oci: add new filesystem type
2020-10-25 8:15 [Buildroot] [PATCH v1 0/2] Add support to generate OCI images Sergio Prado
2020-10-25 8:15 ` [Buildroot] [PATCH v1 1/2] package/sloci-image: new host package Sergio Prado
@ 2020-10-25 8:15 ` Sergio Prado
1 sibling, 0 replies; 3+ messages in thread
From: Sergio Prado @ 2020-10-25 8:15 UTC (permalink / raw)
To: buildroot
From: Sergio Prado <sergio.prado@e-labworks.com>
Add support to generate OCI (Open Container Initiative) images.
An OCI image consists of a manifest, an image index (optional), a set of
filesystem layers, and a configuration. The complete specification is
available in the link below:
https://github.com/opencontainers/image-spec/blob/master/spec.md
The image is generated with the host tool sloci-image, and config
options can be used to configure image parameters.
By default, the image is generated in a directory called rootfs-oci:
$ cd output/images
$ ls rootfs-oci/
blobs index.json oci-layout
Optionally, the image can be packed into a tar archive.
The image can be pushed to a registry using containers tools like
skopeo:
$ skopeo copy --dest-creds <user>:<pass> oci:rootfs-oci:<tag> \
docker://<user>/<image>
And then we can pull/run the container image with tools like docker:
$ docker run -it <user>/<image>:<tag>
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
---
fs/Config.in | 1 +
fs/oci/Config.in | 88 +++++++++++++++++++++++++++++++++++++++++++
fs/oci/oci.mk | 97 ++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 186 insertions(+)
create mode 100644 fs/oci/Config.in
create mode 100644 fs/oci/oci.mk
diff --git a/fs/Config.in b/fs/Config.in
index 37a2aa21f8ac..eee5e26bb2b3 100644
--- a/fs/Config.in
+++ b/fs/Config.in
@@ -11,6 +11,7 @@ source "fs/f2fs/Config.in"
source "fs/initramfs/Config.in"
source "fs/iso9660/Config.in"
source "fs/jffs2/Config.in"
+source "fs/oci/Config.in"
source "fs/romfs/Config.in"
source "fs/squashfs/Config.in"
source "fs/tar/Config.in"
diff --git a/fs/oci/Config.in b/fs/oci/Config.in
new file mode 100644
index 000000000000..b17e7009e9e5
--- /dev/null
+++ b/fs/oci/Config.in
@@ -0,0 +1,88 @@
+config BR2_TARGET_ROOTFS_OCI
+ bool "oci image"
+ help
+ Build an OCI (Open Container Initiative) image.
+
+ By default, the image is generated in a directory called
+ rootfs-oci:
+
+ $ cd output/images
+ $ ls rootfs-oci/
+ blobs index.json oci-layout
+
+ You can push the image to a registry. Example using skopeo:
+
+ $ skopeo copy --dest-creds <user>:<pass> \
+ oci:rootfs-oci:<tag> docker://<user>/<image>
+
+ And pull/run it with docker:
+
+ $ docker run -it <user>/<image>:<tag>
+
+if BR2_TARGET_ROOTFS_OCI
+
+config BR2_TARGET_ROOTFS_OCI_AUTHOR
+ string "author name and/or email address"
+ default "Buildroot"
+ help
+ Name and/or email address of the person which created the
+ image.
+
+config BR2_TARGET_ROOTFS_OCI_TAG
+ string "image tag"
+ default "latest"
+ help
+ Tag to be used in the container image. If empty, 'latest' will
+ be used by default.
+
+config BR2_TARGET_ROOTFS_OCI_ENTRYPOINT
+ string "entrypoint"
+ default "sh"
+ help
+ Command to execute when the container starts.
+
+config BR2_TARGET_ROOTFS_OCI_ENTRYPOINT_ARGS
+ string "entrypoint arguments"
+ help
+ Default arguments to the entrypoint of the container.
+
+config BR2_TARGET_ROOTFS_OCI_WORKDIR
+ string "working directory"
+ help
+ Working directory of the entrypoint process in the
+ container.
+
+config BR2_TARGET_ROOTFS_OCI_UID
+ string "username or UID"
+ default "0"
+ help
+ The username or UID of user the process run as.
+
+config BR2_TARGET_ROOTFS_OCI_ENV_VARS
+ string "environment variables"
+ help
+ Default environment variables for the container.
+
+config BR2_TARGET_ROOTFS_OCI_PORTS
+ string "ports"
+ help
+ Default set of ports to expose from a container running
+ this image in the following format:
+
+ <port>/tcp, <port>/udp, <port> (same as <port>/tcp).
+
+config BR2_TARGET_ROOTFS_OCI_LABELS
+ string "labels"
+ help
+ Metadata in the format KEY=VALUE for the container compliant
+ with OCI annotation rules. If KEY starts with a dot, it will
+ be prefixed with "org.opencontainers.image"
+ (e.g. .url -> org.opencontainers.image.url).
+
+config BR2_TARGET_ROOTFS_OCI_ARCHIVE
+ bool "pack oci image into a tar archive"
+ default n
+ help
+ Select whether the image should be packed into a TAR archive.
+
+endif
diff --git a/fs/oci/oci.mk b/fs/oci/oci.mk
new file mode 100644
index 000000000000..9656ad3c0312
--- /dev/null
+++ b/fs/oci/oci.mk
@@ -0,0 +1,97 @@
+################################################################################
+#
+# Build the oci image
+#
+################################################################################
+
+ROOTFS_OCI_IMAGE_NAME = rootfs-oci
+
+ROOTFS_OCI_DEPENDENCIES = host-sloci-image
+
+# architecture
+SLOCI_IMAGE_OPTS = --arch $(BR2_ARCH)
+
+# architecture variant (typically used only for arm)
+ifeq ($(BR2_ARM_CPU_HAS_ARM),y)
+ifeq ($(BR2_ARM_CPU_ARMV5),y)
+SLOCI_IMAGE_OPTS += --arch-variant v5
+else ifeq ($(BR2_ARM_CPU_ARMV6),y)
+SLOCI_IMAGE_OPTS += --arch-variant v6
+else ifeq ($(BR2_ARM_CPU_ARMV7A),y)
+SLOCI_IMAGE_OPTS += --arch-variant v7
+else ifeq ($(BR2_ARM_CPU_ARMV8A),y)
+SLOCI_IMAGE_OPTS += --arch-variant v8
+endif
+endif
+
+# entrypoint
+OCI_ENTRYPOINT = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENTRYPOINT))
+ifneq ($(OCI_ENTRYPOINT),)
+SLOCI_IMAGE_OPTS += --entrypoint $(OCI_ENTRYPOINT)
+endif
+
+# entrypoint arguments
+OCI_ENTRYPOINT_ARGS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENTRYPOINT_ARGS))
+ifneq ($(OCI_ENTRYPOINT_ARGS),)
+SLOCI_IMAGE_OPTS += --cmd "$(OCI_ENTRYPOINT_ARGS)"
+endif
+
+# author
+OCI_AUTHOR = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_AUTHOR))
+ifneq ($(OCI_AUTHOR),)
+SLOCI_IMAGE_OPTS += --author "$(OCI_AUTHOR)"
+endif
+
+# username or UID
+OCI_UID = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_UID))
+ifneq ($(OCI_UID),)
+SLOCI_IMAGE_OPTS += --user $(OCI_UID)
+endif
+
+# labels
+OCI_LABELS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_LABELS))
+ifneq ($(OCI_LABELS),)
+SLOCI_IMAGE_OPTS += \
+ $(foreach label,$(OCI_LABELS),--label $(label))
+endif
+
+# environment variables
+OCI_ENV_VARS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_ENV_VARS))
+ifneq ($(OCI_ENV_VARS),)
+SLOCI_IMAGE_OPTS += \
+ $(foreach var,$(OCI_ENV_VARS),--env $(var))
+endif
+
+# working directory
+OCI_WORKDIR = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_WORKDIR))
+ifneq ($(OCI_WORKDIR),)
+SLOCI_IMAGE_OPTS += --working-dir $(OCI_WORKDIR)
+endif
+
+# ports
+OCI_PORTS = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_PORTS))
+ifneq ($(OCI_PORTS),)
+SLOCI_IMAGE_OPTS += \
+ $(foreach port,$(OCI_PORTS),--port $(port))
+endif
+
+# tag
+OCI_TAG = $(call qstrip,$(BR2_TARGET_ROOTFS_OCI_TAG))
+ifeq ($(OCI_TAG),)
+OCI_TAG = latest
+endif
+
+# enable tar archive
+ifeq ($(BR2_TARGET_ROOTFS_OCI_ARCHIVE),y)
+SLOCI_IMAGE_OPTS += --tar
+endif
+
+define ROOTFS_OCI_CMD
+ (cd $(BINARIES_DIR); \
+ rm -rf $(ROOTFS_OCI_IMAGE_NAME)*
+ $(HOST_DIR)/bin/sloci-image $(SLOCI_IMAGE_OPTS) $(TARGET_DIR) \
+ $(ROOTFS_OCI_IMAGE_NAME):$(OCI_TAG)
+ )
+endef
+
+$(eval $(rootfs))
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread