Currently only the unit-tests under the actions directory are ran. This
patch runs all of the available unit tests in the project.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
The variable hasn't been defined yet so ends up producing
a build failure:
actions/image_partition_action.go:371:2: undefined: ImagePath
actions/image_partition_action.go:372:26: undefined: ImagePath
actions/image_partition_action.go:384:34: undefined: ImagePath
Fix the syntax used to initialise this variable.
Fixes: a7afc01562 ("actions/image-partition: Consistently use artifactdir")
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
The "image-partition" action uses artifactdir in the
PostMachineCleanup() step but not during the PreMachine() and
PreNoMachine() steps. Also, other debos actions such as pack, unpack
are relative to the specified "artifactdir" when invoking debos.
Fix this inconsistency by bringing image-partition action to the
fold. Also update the documentation to clarify this.
Signed-off-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
This patch adds support for XFS, including the ability
to specify the UUID through the fsuuid property of the
image-partition action.
Signed-off-by: Nguyen Thi Huong <huong4.nguyenthi@toshiba.co.jp>
Signed-off-by: Daniel Sangorrin <daniel.sangorrin@toshiba.co.jp>
This patch adds functionality that allows you to specify
the UUID of your file system instead of getting a random one.
Some use cases include reproducible builds and software updates.
Currently, only btrfs, xfs, ext2, ext3, and ext4 are supported.
The uuid library is used for verifying the input value of
the FSUUID property (specified by the user on the
image-partition action). The verification is based on RFC 4122
and DCE 1.1: Authentication and Security Services. Check
https://github.com/google/uuid for more details.
Signed-off-by: Nguyen Thi Huong <huong4.nguyenthi@toshiba.co.jp>
Signed-off-by: Daniel Sangorrin <daniel.sangorrin@toshiba.co.jp>
The documentation suggests that offset should be optional; in practice
offset isn't optional and the action will return an error out if unset:
Action `` failed at stage Run, error: Couldn't parse offset strconv.ParseInt: parsing "": invalid syntax
So set the offset by default to 0 then only attempt to parse the parameter
from the YAML if it is explicitly set.
Fixes: b792b4722a ("Add a raw action")
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Debian's qemu-user-static package no longer registers binfmts on postinst
when running inside a virtualmachine; dockerhub builds are now built inside
a vm so the binfmts are not generated inside the docker container.
Fixes: 91af617bea ("docker: Install qemu-user-static 6.0 to fix segfault")
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
There are issues with qemu-user-static 5.2 crashing when attempting
to allocate guest memory when compiled as a proper statically-linked
binary.
From testing, qemu 6.0 fixes the bug but it's not yet clear which
patch fixes the bug. So until the correct patch is backported to
bullseye, let's install qemu from experimental to pickup the bugfix.
See: #245
See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988174
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Expose the environment variables $ARTIFACTDIR and $RECIPEDIR
to the postprocess commands to allow the postprocess commands
to be more flexible.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Since we have the support for the new user-mode-linux backend in the
docker container, Debos defaults to attempting to use that.
Unfortunately that isn't possible to run inside the Docker Hub where the
test suite runs, so let's explicitly disable the fakemachine library
when running the Docker Hub test suite.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
The fakemachine uml backend uses user-mode-linux and libslirp-helper
packages available from bullseye, let's include those inside the container.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
The equivs package is used to create dummy Debian packages which can
be useful in development to satisfy dependencies without installing the
real package. Note that this package is not the recommended way of
dealing with broken dependencies: a bug report should be filed instead.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Match the same compression options as unpack and allow to have an uncompressed
tar when removing the `compression` parameter.
Signed-off-by: Corentin Noël <corentin.noel@collabora.com>
The readme has got a bit out-of-sync with the help command; update the
readme for the new options and descriptions.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Fakemachine now allows the virtualisation backend to be chosen when
creating the machine, so allow the backend to be chosen by the user.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
This property is a boolean value indicating if `apt update` will be run
before install package. Default value is 'true'.
Signed-off-by: Trung Do <trung1.dothanh@toshiba.co.jp>
Signed-off-by: Daniel Sangorrin <daniel.sangorrin@toshiba.co.jp>
The command-line argument parsing library already prints any parsing
errors; there's no need to print the error again ourselves.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Added stages "Verify" and "PreMachine" allowing to use secret files
outside of recipe directory tree (both absolute and relative paths
are supported).
Verification stage ensures that configuration files from options
are existing on file system.
This is needed for cases if secret files are not the part of Debos
recipe directory and useful for CI.
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
Allow to use certificate and private key for client authentication.
Those action parameters falls thru `debootstrap` for `wget` allowing
to authenticate client on server side.
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
Testify is currently not built unless the manual tests are ran at which
point testify compiliation fails due to requiring a newer version of
golang than in buster. Unfortunately the main branch is no longer
compatible, so install from source to get the unit tests running again.
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
F2FS requires a few tweaks to be usable within debos:
* its command-line option for setting the fs label is different from
other mkfs utils
* parted doesn't recognize "f2fs" as a valid filesystem, therefore it
shouldn't appear on the command line
With these simple changes, it becomes possible to use F2FS partitions
with debos.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@gmail.com>
For the run action, debos does not complain even if both "script" and
"command" are empty which can occur due to a typo or accidentally
missing the tag.
As the documentation already mentions that one of "script" or
"command" is mandatory for the run action, let's detect the invalid
scenario and complain to the user instead of silently continuing.
Signed-off-by: Punit Agrawal <punit1.agrawal@toshiba.co.jp>
Debos currently sets the partition type to filesystem type and
does not allow the partition type to be set from the recipe.
In some situations setting the partition type is required, so add the
property `PartType` to the Partition and set the partition type to the value
of that property. If the `PartType` property is unset, the original partition
type is retained thus not breaking backwards compatibility.
For msdos, the partition type should be hexadecimal and 2-characters long.
For gpt, the partition GUID should be in GUID format and 36-characters long.
Some examples and further reading is included in the documentation.
Resolves: #98
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Debos currently sets the GPT partition label to the `Name` property of the
Partition and does not allow the GPT partition label to be set from the recipe.
In some situations setting the GPT partition label is required, so add the
property `PartLabel` to the Partition and set the GPT partition label to the value
of that property. By default, the `PartLabel` property is set to the `Name`
property of the Partition to not break backwards compatibility.
Resolves: #202
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
A common user complaint is the result of mounting a filesystem on top of another
can be confusing. So do not allow duplicate mountpoints.
Also better not allow multiple partitions with the same name.
Resolves: #176Resolves: #178
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
The image is locked while partitioning and mounting, which has a side effect of
not running udev rules so there are no entries for the freshly partitioned disk
under the children of `/dev/disk`.
Currently the workaround is to call partprobe in the recipe, which creates the
entries but we should do this as part of the image-partition action so that no
magic is needed in the recipe.
Fixes: f91e2b2c27 ("Fix partition races while partitioning")
Resolves: #154
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
All the filesystem-deploy action does is copy the contents from scratch into the
mounted image, then all actions after that refer to the image rather than the
scratch space. Be clearer.
Resolves: #175
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
When a command is ran using `action: run` some environment variables are exposed to the script.
`$ROOTDIR` is set to `context.Rootdir=/scratch/root` which is a temporary
directory meant to hold the rootfs until `action: filesystem-deploy` is ran, which
copies from `context.Rootdir` to `context.ImageMntDir`. After the filesystem is
deployed, `context.Rootdir` is set to `context.ImageMntDir`.
The mount points defined under action: image-partition are mounted under
`context.ImageMntDir`, so if the filesystem is never deployed, there is no
(simple) way for the script to know where the images are mounted to.
So, expose `context.ImageMntDir` to the script as `$IMAGEMNTDIR` so the recipe
can know where the image is mounted.
Resolves: #204
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Returning an error in this function causes the rest of the cleanup operation to
not be executed; so in this case downgrading an error to remove the mountpoint
from the read-only filesystem to a warning is wise.
Resolves: #206
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Currently the `mountpoints` are mounted in the fakemachine in the order defined
by the recipe. This is confusing for users so sort the mountpoints in a sane
order before they are mounted.
This patch sorts the mountpoints so that (if defined) the root partition would
always be mounted first, then in ascending order of how many slashes ('/')
are in the mountpoint so that the parents are mounted first.
The current verbatim syntax for mountpoints where the recursive parent filesystems
are mounted before the children could be as follows:
```
- action: image-partition
imagename: mountpoints-order.img
imagesize: 5MB
partitiontype: gpt
partitions:
- name: root
fs: ext4
start: 0M
end: 1M
- name: opt
fs: ext4
start: 2M
end: 3M
- name: opt_test
fs: ext4
start: 4M
end: 5M
mountpoints:
- mountpoint: /
partition: rootfs
- mountpoint: /opt
partition: opt
- mountpoint: /opt/test
partition: opt_test
```
After mounting the fakemachine shows:
```
$ mount
...
/dev/vda1 on /scratch/mnt type ext4 (rw,relatime)
/dev/vda2 on /scratch/mnt/opt type ext4 (rw,relatime)
/dev/vda3 on /scratch/mnt/opt/test type ext4 (rw,relatime)
$ df -h
...
/dev/vda1 940K 22K 851K 3% /scratch/mnt
/dev/vda2 955K 22K 866K 3% /scratch/mnt/opt
/dev/vda3 940K 21K 852K 3% /scratch/mnt/opt/test
```
which is the correct order.
If the user defines the recipe to mount these out of order, for example:
```
- mountpoint: /opt
partition: opt
- mountpoint: /opt/test
partition: opt_test
- mountpoint: /
partition: root
```
Without this patch, no error is shown but the system has mounted the partitions
out of order (which is confusing for the user):
```
$ mount
...
/dev/vda2 on /scratch/mnt/opt type ext4 (rw,relatime)
/dev/vda3 on /scratch/mnt/opt/test type ext4 (rw,relatime)
/dev/vda1 on /scratch/mnt type ext4 (rw,relatime)
$ df -h
...
/dev/vda1 940K 21K 852K 3% /scratch/mnt
```
With this patch, the recipe would show:
```
$ mount
...
/dev/vda1 on /scratch/mnt type ext4 (rw,relatime)
/dev/vda2 on /scratch/mnt/opt type ext4 (rw,relatime)
/dev/vda3 on /scratch/mnt/opt/test type ext4 (rw,relatime)
$ df -h
...
/dev/vda1 940K 22K 851K 3% /scratch/mnt
/dev/vda2 955K 22K 866K 3% /scratch/mnt/opt
/dev/vda3 940K 21K 852K 3% /scratch/mnt/opt/test
```
Resolves: #177
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Added option `--timezone=off` for `systemd-nspawn` to leave the
file untouched during the chrooted calls.
Fixes: #180
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
Add the u-boot-tools package to be able to use binaries such as
mkimage in debos' recipes.
Signed-off-by: Mylène Josserand <mylene.josserand@collabora.com>
If the resolv.conf in chrooted environment changed to symlink and point to
non-existing file, the os.Stat() fail the check of file existence.
Use os.Lstat() call instead and add additional checks during the resolv.conf
restore phase.
Fixes: #190
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
Protect by default the 'resolv.conf' file from changing while calling
commands and scripts in chrooted environment.
Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
