- %global tag                     1.10.0

- Version: %{tag}

- Release: 8%{?dist}

- Source0: %{git0}/archive/%{version}/osbuilder-%{version}.tar.gz

- Source1: %{git1}/archive/%{version}/agent-%{version}.tar.gz

- # Pass in pre-compiled nsdax to drop runtime GCC dependency

- # Submitted upstream: https://github.com/kata-containers/osbuilder/pull/418

- Patch01: osbuilder-0001-image_builder-Remove-nsdax-binary-after-its-usage.patch

- Patch02: osbuilder-0002-image-builder-Add-NSDAX_BIN-for-passing-in-compiled-.patch

- # Don't clobber our pre-populated /sbin/init

- # https://github.com/kata-containers/osbuilder/pull/420

- Patch03: osbuilder-0003-rootfs-Don-t-overwrite-init-if-it-already-exists.patch

- Patch04: osbuilder-0004-image_builder-Force-mount_dir-to-be-created-in-TMPDI.patch

- %autosetup -Sgit -n osbuilder-%{version}

- pushd agent-%{version}

- pushd agent-%{version}

- pushd agent-%{version}

- From 98ac62dec97ed2b27b1d6368a8ca7a16a8835525 Mon Sep 17 00:00:00 2001

- From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com>

- Date: Fri, 17 Jan 2020 11:36:38 +0100

- Subject: [PATCH] image_builder: Remove nsdax binary after its usage

- MIME-Version: 1.0

- Content-Type: text/plain; charset=UTF-8

- Content-Transfer-Encoding: 8bit

- 

- Leaving nsdax behind may create some isses for the distro packages

- of kata-osbuilder, as every package would have to take care of purging

- the file on each distro.

- 

- Knowing that, we better remove the file as part of the script, mainly

- because the file is already regenerated everytime in any case.

- 

- Fixes: #394

- 

- Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>

- ---

-  image-builder/image_builder.sh | 1 +

-  1 file changed, 1 insertion(+)

- 

- diff --git a/image-builder/image_builder.sh b/image-builder/image_builder.sh

- index 73f20f8..eaa8367 100755

- --- a/image-builder/image_builder.sh

- +++ b/image-builder/image_builder.sh

- @@ -425,6 +425,7 @@ set_dax_header() {

-  	# Issue: https://github.com/kata-containers/osbuilder/issues/240

-  	gcc -O2 "${script_dir}/nsdax.gpl.c" -o "${script_dir}/nsdax"

-  	"${script_dir}/nsdax" "${header_image}" "${dax_header_bytes}" "${dax_alignment_bytes}"

- +	rm -f "${script_dir}/nsdax"

-  	sync

-  

-  	touch "${dax_image}"

- From 4004bd8fbe4cef00be62d35697e9ef28edda4df7 Mon Sep 17 00:00:00 2001

- From: Cole Robinson <crobinso@redhat.com>

- Date: Thu, 5 Mar 2020 12:21:16 -0500

- Subject: [PATCH] image-builder: Add NSDAX_BIN for passing in compiled nsdax

-  tool

- 

- In Fedora we are running the osbuilder scripts on the client machine,

- to generate an initrd for the running host kernel. In this setup,

- there's currently a runtime dependency on gcc for compiling the nsdax

- tool, which is suboptimal.

- 

- Add NSDAX_BIN environment variable; if specified, image-builder.sh

- will use that path as the nsdax tool. This let's ship a compiled

- nsdax tool to users and drop the runtime gcc dependency

- 

- Fixes: #417

- 

- Signed-off-by: Cole Robinson <crobinso@redhat.com>

- ---

-  image-builder/image_builder.sh | 25 +++++++++++++++++++------

-  1 file changed, 19 insertions(+), 6 deletions(-)

- 

- diff --git a/image-builder/image_builder.sh b/image-builder/image_builder.sh

- index 06cc711..e18822d 100755

- --- a/image-builder/image_builder.sh

- +++ b/image-builder/image_builder.sh

- @@ -88,6 +88,7 @@ Options:

-  Extra environment variables:

-  	AGENT_BIN:  Use it to change the expected agent binary name

-  	AGENT_INIT: Use kata agent as init process

- +	NSDAX_BIN:  Use to specify path to pre-compiled 'nsdax' tool.

-  	FS_TYPE:    Filesystem type to use. Only xfs and ext4 are supported.

-  	USE_DOCKER: If set will build image in a Docker Container (requries docker)

-  		    DEFAULT: not set

- @@ -130,6 +131,8 @@ build_with_container() {

-  	local root_free_space="$5"

-  	local agent_bin="$6"

-  	local agent_init="$7"

- +	local container_engine="$8"

- +	local nsdax_bin="$9"

-  	local container_image_name="image-builder-osbuilder"

-  	local shared_files=""

-  

- @@ -158,6 +161,7 @@ build_with_container() {

-  		   --env FS_TYPE="${fs_type}" \

-  		   --env BLOCK_SIZE="${block_size}" \

-  		   --env ROOT_FREE_SPACE="${root_free_space}" \

- +		   --env NSDAX_BIN="${nsdax_bin}" \

-  		   --env DEBUG="${DEBUG}" \

-  		   -v /dev:/dev \

-  		   -v "${script_dir}":"/osbuilder" \

- @@ -411,6 +415,7 @@ set_dax_header() {

-  	local image="$1"

-  	local img_size="$2"

-  	local fs_type="$3"

- +	local nsdax_bin="$4"

-  

-  	# rootfs start + DAX header size

-  	local rootfs_offset=$((rootfs_start + dax_header_sz))

- @@ -425,9 +430,12 @@ set_dax_header() {

-  	info "Set DAX metadata"

-  	# Set metadata header

-  	# Issue: https://github.com/kata-containers/osbuilder/issues/240

- -	gcc -O2 "${script_dir}/nsdax.gpl.c" -o "${script_dir}/nsdax"

- -	"${script_dir}/nsdax" "${header_image}" "${dax_header_bytes}" "${dax_alignment_bytes}"

- -	rm -f "${script_dir}/nsdax"

- +	if [ -z "${nsdax_bin}" ] ; then

- +		nsdax_bin="${script_dir}/nsdax"

- +		gcc -O2 "${script_dir}/nsdax.gpl.c" -o "${nsdax_bin}"

- +		trap "rm ${nsdax_bin}" EXIT

- +	fi

- +	"${nsdax_bin}" "${header_image}" "${dax_header_bytes}" "${dax_alignment_bytes}"

-  	sync

-  

-  	touch "${dax_image}"

- @@ -452,6 +460,7 @@ main() {

-  	local image="${IMAGE:-kata-containers.img}"

-  	local block_size="${BLOCK_SIZE:-4096}"

-  	local root_free_space="${ROOT_FREE_SPACE:-}"

- +	local nsdax_bin="${NSDAX_BIN:-}"

-  

-  	while getopts "ho:r:f:" opt

-  	do

- @@ -471,6 +480,7 @@ main() {

-  		exit 0

-  	fi

-  

- +	local container_engine

-  	if [ -n "${USE_DOCKER}" ]; then

-  		container_engine="docker"

-  	elif [ -n "${USE_PODMAN}" ]; then

- @@ -478,8 +488,11 @@ main() {

-  	fi

-  

-  	if [ -n "$container_engine" ]; then

- -		build_with_container "${rootfs}" "${image}" "${fs_type}" "${block_size}" \

- -						  "${root_free_space}" "${agent_bin}" "${agent_init}" "${container_engine}"

- +		build_with_container "${rootfs}" \

- +			"${image}" "${fs_type}" "${block_size}" \

- +			"${root_free_space}" "${agent_bin}" \

- +			"${agent_init}" "${container_engine}" \

- +			"${nsdax_bin}"

-  		exit $?

-  	fi

-  

- @@ -496,7 +509,7 @@ main() {

-  						"${fs_type}" "${block_size}"

-  

-  	# insert at the beginning of the image the MBR + DAX header

- -	set_dax_header "${image}" "${img_size}" "${fs_type}"

- +	set_dax_header "${image}" "${img_size}" "${fs_type}" "${nsdax_bin}"

-  }

-  

-  main "$@"

- From 79d298779854b6028de75804f415cb6cc5a5fd5f Mon Sep 17 00:00:00 2001

- From: Cole Robinson <crobinso@redhat.com>

- Date: Wed, 4 Mar 2020 17:56:03 -0500

- Subject: [PATCH] rootfs: Don't overwrite /init if it already exists

- 

- The prepare_overlay() code path is called when rootfs.sh is invoked

- with no passed in distro string. This is used for the dracut case

- from the Makefile for example. In that particular case, the starting

- root directory is empty.

- 

- It's also valid to pass a prepopulated directory to rootfs.sh, which

- is essentially a request for the script to just make the necessary

- kata changes. Currently though prepare_overlay() makes some changes

- that could wipe out pre-arranged /sbin/init setup.

- 

- Check first to see if /sbin/init exists in the rootfs dir, and if so,

- skip the symlink changes

- 

- Fixes: #419

- 

- Signed-off-by: Cole Robinson <crobinso@redhat.com>

- ---

-  rootfs-builder/rootfs.sh | 14 ++++++++++----

-  1 file changed, 10 insertions(+), 4 deletions(-)

- 

- diff --git a/rootfs-builder/rootfs.sh b/rootfs-builder/rootfs.sh

- index 5a5655e..f8714ab 100755

- --- a/rootfs-builder/rootfs.sh

- +++ b/rootfs-builder/rootfs.sh

- @@ -455,10 +455,16 @@ prepare_overlay()

-  {

-  	pushd "${ROOTFS_DIR}" > /dev/null

-  	mkdir -p ./etc ./lib/systemd ./sbin ./var

- -	ln -sf  ./usr/lib/systemd/systemd ./init

- -	ln -sf  ../../init ./lib/systemd/systemd

- -	ln -sf  ../init ./sbin/init

- -	# Kata sytemd unit file

- +	if [ ! -e ./sbin/init ]; then

- +		# This symlink hacking is mostly to make later rootfs

- +		# validation work correctly for the dracut case.

- +		# We skip this if /init exists in the rootfs, meaning

- +		# we were passed a pre-populated rootfs directory

- +		ln -sf  ./usr/lib/systemd/systemd ./init

- +		ln -sf  ../../init ./lib/systemd/systemd

- +		ln -sf  ../init ./sbin/init

- +	fi

- +	# Kata systemd unit file

-  	mkdir -p ./etc/systemd/system/basic.target.wants/

-  	ln -sf /usr/lib/systemd/system/kata-containers.target ./etc/systemd/system/basic.target.wants/kata-containers.target

-  	popd  > /dev/null

- SHA512 (osbuilder-1.10.0.tar.gz) = 5b2ad701e0e4f10e9cf0c839e6265fae48b6727826c0f38e51615ff5041cf2af5b9b1f08e07cb6bec45d6bae0a773908b7c880f7803df8746ca9dbf0e812db25

- SHA512 (agent-1.10.0.tar.gz) = 3d98c30fee3a5fcf7ddedb7f4a3457a75c0b052a53158abfa25908447cbca9072f43518b8b30f4a8caceade88fb6cc526536a9e7977d19585675d72ed51ef261