From 4a41ffce1b7c2dbb6563d56534fa99035b842534 Mon Sep 17 00:00:00 2001 From: Jason DeTiberus <915544+detiber@users.noreply.github.com> Date: Wed, 18 Dec 2024 16:59:45 -0500 Subject: [PATCH] [wip] rechunk the chonky boi --- Justfile | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 122 insertions(+), 1 deletion(-) diff --git a/Justfile b/Justfile index 7686529..bfb4f0b 100644 --- a/Justfile +++ b/Justfile @@ -2,6 +2,7 @@ export repo_organization := env("GITHUB_REPOSITORY_OWNER", "centos-workstation") export image_name := env("IMAGE_NAME", "main") export centos_version := env("CENTOS_VERSION", "stream10") export default_tag := env("DEFAULT_TAG", "latest") +export rechunker_image := "ghcr.io/hhd-dev/rechunk:v1.0.1" [private] default: @@ -133,7 +134,6 @@ _build-bib $target_image $tag $type $config: sudo qemu-img resize "output/qcow2/disk.qcow2" 80G fi - build-vm $target_image=("localhost/" + image_name) $tag=default_tag: && (_build-bib target_image tag "qcow2" "image-builder.config.toml") build-iso $target_image=("localhost/" + image_name) $tag=default_tag: && (_build-bib target_image tag "iso" "image-builder-iso.config.toml") @@ -204,3 +204,124 @@ run-iso $target_image=("localhost/" + image_name) $tag=default_tag: podman run "${run_args[@]}" & xdg-open http://localhost:${port} fg "%podman" + +export rechunk_dir := "_build_rechunk" + +rechunk $target_image=("localhost/" + image_name) $centos_version="stream10" $tag="latest": + #!/usr/bin/bash + set -eoux pipefail + + if [[ $target_image == localhost/* ]]; then + # Check if image is already built + ID=$(podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + just build "${centos_version}" "${tag}" + fi + + # Load into Rootful Podman + ID=$(just sudoif podman images --filter reference=localhost/"${image_name}":"${tag}" --format "'{{ '{{.ID}}' }}'") + if [[ -z "$ID" ]]; then + COPYTMP=$(mktemp -p "${PWD}" -d -t _build_podman_scp.XXXXXXXXXX) + just sudoif TMPDIR=${COPYTMP} podman image scp ${UID}@localhost::localhost/"${image_name}":"${tag}" root@localhost::localhost/"${image_name}":"${tag}" + rm -rf "${COPYTMP}" + fi + else + # Make sure the image is present and/or up to date + just sudoif podman pull "${target_image}:${tag}" + fi + + # Prep Container + CREF=$(just sudoif podman create "${target_image}":"${tag}" bash) + OLD_IMAGE=$(just sudoif podman inspect $CREF | jq -r '.[].Image') + OUT_NAME="${image_name}_build" + MOUNT=$(just sudoif podman mount "${CREF}") + + # Label Version + if [[ "{{ tag }}" =~ stable ]]; then + VERSION="${centos_version}.$(date +%Y%m%d)" + else + VERSION="${tag}-${centos_version}.$(date +%Y%m%d)" + fi + + # TODO: port over cleanup code to facilitate running in GitHub actions + + # Run Rechunker's Prune + just sudoif podman run --rm \ + --pull=newer \ + --security-opt label=disable \ + --volume "$MOUNT":/var/tree \ + --env TREE=/var/tree \ + --user 0:0 \ + "${rechunker_image}" \ + /sources/rechunk/1_prune.sh + + # Run Rechunker's Create + just sudoif podman run --rm \ + --pull=newer \ + --security-opt label=disable \ + --volume "$MOUNT":/var/tree \ + --env TREE=/var/tree \ + --user 0:0 \ + "${rechunker_image}" \ + /sources/rechunk/1_prune.sh + + # Cleanup Temp Container Reference + just sudoif podman unmount "$CREF" + just sudoif podman rm "$CREF" + just sudoif podman rmi "$OLD_IMAGE" + + mkdir -p "${rechunk_dir}" + + SHA="dedbeef" + if [[ -z "$(git status -s)" ]]; then + SHA=$(git rev-parse HEAD) + fi + + PREV_REF="ghcr.io/${repo_organization}/${image_name}:${tag}" + just sudoif podman run --rm \ + --pull=newer \ + --security-opt label=disable \ + --volume "${PWD}/${rechunk_dir}:/workspace" \ + --volume "${PWD}:/var/git" \ + --volume cache_ostree:/var/ostree \ + --env REPO=/var/ostree/repo \ + --env PREV_REF="${PREV_REF}" \ + --env OUT_NAME="${OUT_NAME}" \ + --env LABELS="org.opencontainers.image.title=${image_name}$'\n'" \ + --env "DESCRIPTION='CentOS based images'" \ + --env "VERSION=${VERSION}" \ + --env VERSION_FN=/workspace/version.txt \ + --env OUT_REF="oci:$OUT_NAME" \ + --env GIT_DIR="/var/git" \ + --env REVISION="$SHA" \ + --user 0:0 \ + "${rechunker_image}" \ + /sources/rechunk/3_chunk.sh + + # Fix Permissions of OCI + if [[ "${UID}" -gt "0" ]]; then + just sudoif chown "${UID}:${GROUPS}" -R "${rechunk_dir}" + elif [[ -n "${SUDO_UID:-}" ]]; then + chown "${SUDO_UID}":"${SUDO_GID}" -R "${rechunk_dir}" + fi + + # Remove cache_ostree + just sudoif podman volume rm cache_ostree + + # Show OCI Labels + just sudoif skopeo inspect oci:"${rechunk_dir}"/"${OUT_NAME}" | jq -r '.Labels' + + rm -rf "${rechunk_dir}" + +load-rechunk $tag="latest": + #!/usr/bin/bash + set -eou pipefail + + # Load Image + OUT_NAME="${image_name}_build" + IMAGE=$(podman pull "oci:${rechunk_dir}/${OUT_NAME}") + podman tag ${IMAGE} "localhost/${image_name}:${tag}" + + # Cleanup + just sudoif "rm -rf ${OUT_NAME}*" + just sudoif "rm -f previous.manifest.json"