Skip to content

Commit

Permalink
mosb publish: auto-fill bootkit and hostfs layers
Browse files Browse the repository at this point in the history
If bootkit layer is not specified, then add the one for the
specified trust org.

If hostfs layer is not specified, use the upstream demo one.

This makes less paperwork for the user.

Add a '--skip-boot' option to mosb manifest publish, for use when we
are testing fake mosctl install.

.github/workflows/build.yml: fetch the git tags, because mosb
must know which tag to use when filling in a rootfs entry.

Signed-off-by: Serge Hallyn <[email protected]>
  • Loading branch information
hallyn committed Dec 12, 2023
1 parent 5fca95c commit 340af0a
Show file tree
Hide file tree
Showing 10 changed files with 87 additions and 26 deletions.
4 changes: 3 additions & 1 deletion .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ jobs:
echo "PATH=$HOME/bin:$PATH" >> $GITHUB_ENV
- name: Check out git
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up golang
uses: actions/setup-go@v3
with:
Expand Down Expand Up @@ -77,7 +79,7 @@ jobs:
dir: 'layers'
build-args: |
ZOT_VERSION=2.0.0-rc5
ROOTFS_VERSION=v0.0.17.231018
ROOTFS_VERSION=v0.0.18.231121
TOPDIR=${{ env.TOPDIR }}
url: docker://zothub.io/machine/bootkit
layer-type: squashfs
Expand Down
2 changes: 2 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ else
#error "Unsupported architecture: $(archout)"
endif

CLEAN_VERSION ?= $(shell git describe --abbrev=0)
MAIN_VERSION ?= $(shell git describe --always --dirty || echo no-git)
ifeq ($(MAIN_VERSION),$(filter $(MAIN_VERSION), "", no-git))
$(error "Bad value for MAIN_VERSION: '$(MAIN_VERSION)'")
Expand All @@ -33,6 +34,7 @@ all: mosctl mosb trust $(ZOT) $(ORAS) $(REGCTL)

VERSION_LDFLAGS=-X github.com/project-machine/mos/pkg/mosconfig.Version=$(MAIN_VERSION) \
-X github.com/project-machine/mos/pkg/trust.Version=$(MAIN_VERSION) \
-X github.com/project-machine/mos/pkg/trust.RelVersion=$(CLEAN_VERSION) \
-X github.com/project-machine/mos/pkg/mosconfig.LayerVersion=0.0.4 \
-X github.com/project-machine/mos/pkg/trust.BootkitVersion=$(BOOTKIT_VERSION)

Expand Down
4 changes: 4 additions & 0 deletions cmd/mosb/manifest.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ var manifestCmd = cli.Command{
Usage: "Password to authenticate to OCI repository. Taken from stdin if user but no password is provided",
Value: "",
},
cli.BoolFlag{
Name: "skip-boot, skip-bootkit",
Usage: "Do not add in a bootkit layer",
},
},
},
},
Expand Down
38 changes: 38 additions & 0 deletions pkg/mosconfig/files.go
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,44 @@ type ImportFile struct {
UpdateType UpdateType `yaml:"update_type"`
}

func (i *ImportFile) HasTarget(name string) bool {
for _, t := range i.Targets {
if t.ServiceName == name {
return true
}
}
return false
}

func (i *ImportFile) CompleteTargets(keyProject string) (UserTargets, error) {
if !i.HasTarget("hostfs") {
s := fmt.Sprintf("docker://zothub.io/machine/bootkit/demo-target-rootfs:%s-squashfs", trust.RelVersion)
newT := UserTarget{
ServiceName: "hostfs",
ServiceType: "hostfs",
Source: s,
Version: trust.BootkitVersion,
Network: TargetNetwork{Type: HostNetwork},
}
i.Targets = append(i.Targets, newT)
}
if !i.HasTarget("bootkit") {
bootkitDir, err := bootkitDir(keyProject)
if err != nil {
return UserTargets{}, err
}
newT := UserTarget{
ServiceName: "bootkit",
Source: fmt.Sprintf("oci:%s/oci:bootkit-squashfs", bootkitDir),
Version: "1.0.0",
ServiceType: "fs-only",
Network: TargetNetwork{Type: HostNetwork},
}
i.Targets = append(i.Targets, newT)
}
return i.Targets, nil
}

type UserTarget struct {
ServiceName string `yaml:"service_name"` // name of target
Source string `yaml:"source"` // docker url from which to fetch
Expand Down
38 changes: 32 additions & 6 deletions pkg/mosconfig/install.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,10 +112,11 @@ func (is *InstallSource) SaveToZot(zotport int, name string) error {
}

type InstallOpts struct {
RFS string
CaPath string
ConfigDir string
StoreDir string
RFS string
CaPath string
ConfigDir string
StoreDir string
SkipBootkit bool
}

func InitializeMos(ctx *cli.Context, opts InstallOpts) error {
Expand Down Expand Up @@ -291,10 +292,15 @@ func PublishManifestFromArgs(ctx *cli.Context) error {
return fmt.Errorf("file is a required positional argument")
}
infile := args[0]
return PublishManifest(proj, repo, destpath, infile)
return PublishManifest(proj, repo, destpath, infile, ctx.Bool("skip-bootkit"))
}

func PublishManifest(project, repo, destpath, manifestpath string) error {
const (
SkipBootkit = true
UseBootkit = false
)

func PublishManifest(project, repo, destpath, manifestpath string, skipBootkit bool) error {
b, err := os.ReadFile(manifestpath)
if err != nil {
return errors.Wrapf(err, "Error reading %s", manifestpath)
Expand All @@ -310,6 +316,13 @@ func PublishManifest(project, repo, destpath, manifestpath string) error {
return errors.Errorf("Unknown import file version: %d (I know about %d)", imports.Version, CurrentInstallFileVersion)
}

if !skipBootkit {
imports.Targets, err = imports.CompleteTargets(project)
if err != nil {
return err
}
}

install := InstallFile{
Version: imports.Version,
Product: imports.Product,
Expand Down Expand Up @@ -565,6 +578,19 @@ func PostArtifact(refDigest digest.Digest, refSize int64, path, mediatype, dest
return nil
}

func bootkitDir(name string) (string, error) {
s := strings.SplitN(name, ":", 2)
if len(s) != 2 {
return "", fmt.Errorf("Invalid project name: use keyset:project")
}
keyset := s[0]
h, err := os.UserHomeDir()
if err != nil {
return "", err
}
return filepath.Join(h, ".local", "share", "machine", "trust", "keys", keyset, "bootkit"), nil
}

func projectDir(name string) (string, error) {
s := strings.SplitN(name, ":", 2)
if len(s) != 2 {
Expand Down
4 changes: 2 additions & 2 deletions pkg/mosconfig/mkboot.go
Original file line number Diff line number Diff line change
Expand Up @@ -497,7 +497,7 @@ func BuildProvisioner(keysetName, projectName, isofile string) error {
}

fullproject := keysetName + ":" + projectName
err = PublishManifest(fullproject, repo, name, manifestpath)
err = PublishManifest(fullproject, repo, name, manifestpath, SkipBootkit)
if err != nil {
return errors.Wrapf(err, "Failed writing manifest artifacts to local zot")
}
Expand Down Expand Up @@ -556,7 +556,7 @@ func BuildInstaller(keysetName, projectName, isofile string) error {
}

fullproject := keysetName + ":" + projectName
err = PublishManifest(fullproject, repo, name, manifestpath)
err = PublishManifest(fullproject, repo, name, manifestpath, SkipBootkit)
if err != nil {
return errors.Wrapf(err, "Failed writing manifest artifacts to local zot")
}
Expand Down
1 change: 1 addition & 0 deletions pkg/trust/const.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,4 +57,5 @@ var SBFPartitionTypeID = [16]byte{
const MiB, GiB = uint64(1024 * 1024), uint64(1024 * 1024 * 1024)

var Version string
var RelVersion string
var BootkitVersion string
2 changes: 1 addition & 1 deletion tests/helpers.bash
Original file line number Diff line number Diff line change
Expand Up @@ -260,7 +260,7 @@ function good_install {
write_install_yaml "$spectype"
./mosb manifest publish \
--repo ${ZOT_HOST}:${ZOT_PORT} --name puzzleos/install:1.0.0 \
--project snakeoil:default $TMPD/manifest.yaml
--project snakeoil:default --skip-bootkit $TMPD/manifest.yaml
rm $TMPD/manifest.yaml
mkdir -p $TMPD/factory/secure
cp "$CA_PEM" "$TMPD/factory/secure/manifestCA.pem"
Expand Down
16 changes: 2 additions & 14 deletions tests/launch.bats
Original file line number Diff line number Diff line change
Expand Up @@ -18,18 +18,12 @@ function teardown() {
# Publish a manifest pointing at an rfs on zothub.io
# TODO - we do need to include a bootkit layer to set up
# an ESP.
git describe --abbrev=0
cat > "${TMPD}/manifest.yaml" << EOF
version: 1
product: default
update_type: complete
targets:
- service_name: hostfs
source: "docker://zothub.io/machine/bootkit/demo-target-rootfs:0.0.4-squashfs"
version: 1.0.0
service_type: hostfs
nsgroup: "none"
network:
type: none
- service_name: zot
source: "docker://zothub.io/machine/bootkit/demo-zot:0.0.4-squashfs"
version: 1.0.0
Expand All @@ -41,15 +35,9 @@ targets:
ports:
- host: 80
container: 5000
- service_name: bootkit
source: "oci:$HOME/.local/share/machine/trust/keys/snakeoil/bootkit/oci:bootkit-squashfs"
version: 1.0.0
service_type: fs-only
nsgroup: "none"
network:
type: none
EOF

cat "${TMPD}/manifest.yaml"
mosb --debug manifest publish \
--project snakeoil:default \
--repo 127.0.0.1:${ZOT_PORT} --name machine/install:1.0.0 \
Expand Down
4 changes: 2 additions & 2 deletions tests/mount.bats
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ EOF
@test "mount ro livecd filesystem" {
write_install_yaml "livecd"

./mosb manifest publish --product snakeoil:default \
./mosb manifest publish --product snakeoil:default --skip-bootkit \
--repo ${ZOT_HOST}:${ZOT_PORT} --name machine/livecd:1.0.0 \
$TMPD/manifest.yaml

Expand Down Expand Up @@ -59,7 +59,7 @@ EOF
@test "mount rw livecd filesystem" {
write_install_yaml "livecd"

./mosb manifest publish --product snakeoil:default \
./mosb manifest publish --product snakeoil:default --skip-bootkit \
--repo ${ZOT_HOST}:${ZOT_PORT} --name machine/livecd:1.0.0 \
$TMPD/manifest.yaml

Expand Down

0 comments on commit 340af0a

Please sign in to comment.