forked from openstack-archive/fuel-main
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsandbox.mk
268 lines (245 loc) · 9.76 KB
/
sandbox.mk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
.PHONY: show-ubuntu-sandbox-repos show-centos-sandbox-repos
define yum_local_repo
[upstream-local-mirror]
name=Local upstream mirror
baseurl=file:///mirrors/centos/os/x86_64
gpgcheck=0
enabled=1
priority=10
endef
define yum_local_mos_repo
[mos-local-mirror]
name=Local mirror
baseurl=file:///mirrors/mos-centos
gpgcheck=0
enabled=1
priority=10
endef
define yum_upstream_repo
[upstream]
name=Upstream mirror
baseurl=$(SANDBOX_MIRROR_CENTOS_UPSTREAM)/os/$(CENTOS_ARCH)/
gpgcheck=0
priority=1
sslverify=False
[upstream-updates]
name=Upstream mirror
baseurl=$(SANDBOX_MIRROR_CENTOS_UPSTREAM)/updates/$(CENTOS_ARCH)/
gpgcheck=0
priority=1
sslverify=False
endef
define yum_epel_repo
[epel]
name=epel mirror
baseurl=$(SANDBOX_MIRROR_EPEL)/$(CENTOS_MAJOR)/$(CENTOS_ARCH)/
gpgcheck=0
priority=3
endef
ifdef EXTRA_RPM_BUILDDEP_REPO
define yum_extra_build_repo
[extra_build]
name=Extra Build
baseurl=$(EXTRA_RPM_BUILDDEP_REPO)
gpgcheck=0
priority=2
endef
endif
define sandbox_yum_conf
[main]
cachedir=/tmp/cache
keepcache=0
debuglevel=2
logfile=/tmp/yum.log
exclude=*.i686.rpm
exactarch=1
obsoletes=1
gpgcheck=0
plugins=1
pluginpath=/etc/yum-plugins
pluginconfpath=/etc/yum/pluginconf.d
reposdir=/etc/yum.repos.d
sslverify=False
endef
define external_sandbox_yum_conf
[main]
cachedir=$(SANDBOX)/cache
keepcache=0
debuglevel=2
logfile=$(SANDBOX)/yum.log
exclude=*.i686.rpm
exactarch=1
obsoletes=1
gpgcheck=0
plugins=1
pluginpath=$(SANDBOX)/etc/yum-plugins
pluginconfpath=$(SANDBOX)/etc/yum/pluginconf.d
reposdir=$(SANDBOX)/etc/yum.repos.d
sslverify=False
endef
SANDBOX_PACKAGES:=bash yum
define SANDBOX_UP
echo "Starting SANDBOX up"
mkdir -p $(SANDBOX)/etc/yum.repos.d
cat > $(SANDBOX)/etc/yum.conf <<EOF
$(sandbox_yum_conf)
EOF
# this conf is used outside chroot in order to install yum
cat > $(SANDBOX)/etc/external.yum.conf <<EOF
$(external_sandbox_yum_conf)
EOF
cp /etc/resolv.conf $(SANDBOX)/etc/resolv.conf
cp /etc/hosts $(SANDBOX)/etc/hosts
cat > $(SANDBOX)/etc/yum.repos.d/base.repo <<EOF
$(yum_upstream_repo)
$(yum_epel_repo)
EOF
mkdir -p $(SANDBOX)/etc/yum/pluginconf.d/
mkdir -p $(SANDBOX)/etc/yum-plugins/
mkdir -p $(SANDBOX)/mirrors
cp $(SOURCE_DIR)/mirror/centos/yum-priorities-plugin.py $(SANDBOX)/etc/yum-plugins/priorities.py
cat > $(SANDBOX)/etc/yum/pluginconf.d/priorities.conf << EOF
[main]
enabled=1
check_obsoletes=1
full_match=1
EOF
sudo rpm -i --root=$(SANDBOX) `find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name "centos-release*rpm" | head -1` || \
echo "centos-release already installed"
sudo rm -vf $(SANDBOX)/etc/yum.repos.d/Cent*
sudo /bin/sh -c 'export TMPDIR=$(SANDBOX)/tmp/yum TMP=$(SANDBOX)/tmp/yum; yum -c $(SANDBOX)/etc/external.yum.conf --installroot=$(SANDBOX) -y --nogpgcheck install yum'
echo 'Rebuilding RPM DB'
sudo rpm --root=$(SANDBOX) --rebuilddb
echo 'Installing packages for Sandbox'
mount | grep -q $(SANDBOX)/mirrors || sudo mount --bind $(LOCAL_MIRROR) $(SANDBOX)/mirrors
mount | grep -q $(SANDBOX)/proc || sudo mount --bind /proc $(SANDBOX)/proc
mount | grep -q $(SANDBOX)/dev || sudo mount --bind /dev $(SANDBOX)/dev
# after installing yum, let's add MOS repos from mounted /mirrors
cat > $(SANDBOX)/etc/yum.repos.d/base.repo <<EOF
$(yum_upstream_repo)
$(yum_epel_repo)
$(yum_local_repo)
$(yum_local_mos_repo)
$(yum_extra_build_repo)
EOF
echo $(SANDBOX_PACKAGES) | xargs -n1 | xargs -I_package sudo sh -c 'rm -vf $(SANDBOX)/etc/yum.repos.d/Cent*; chroot $(SANDBOX) yum -y --nogpgcheck install _package'
# clean all repos except the MOS + upsream + our epel
sudo rm -vf $(SANDBOX)/etc/yum.repos.d/epel*
sudo rm -vf $(SANDBOX)/etc/yum.repos.d/Cent*
endef
define SANDBOX_DOWN
sudo umount $(SANDBOX)/proc || true
sudo umount $(SANDBOX)/dev || true
sudo umount $(SANDBOX)/mirrors || true
endef
define apt_sources_list
#Upstream Ubuntu mirrors
deb $(MIRROR_UBUNTU_METHOD)://$(MIRROR_UBUNTU)$(MIRROR_UBUNTU_ROOT) $(MIRROR_UBUNTU_SUITE) $(MIRROR_UBUNTU_SECTION)
deb $(MIRROR_UBUNTU_METHOD)://$(MIRROR_UBUNTU)$(MIRROR_UBUNTU_ROOT) $(MIRROR_UBUNTU_SUITE)-updates $(MIRROR_UBUNTU_SECTION)
deb $(MIRROR_UBUNTU_METHOD)://$(MIRROR_UBUNTU)$(MIRROR_UBUNTU_ROOT) $(MIRROR_UBUNTU_SUITE)-security $(MIRROR_UBUNTU_SECTION)
# MOS repos
deb $(MIRROR_MOS_UBUNTU_METHOD)://$(MIRROR_MOS_UBUNTU)$(MIRROR_MOS_UBUNTU_ROOT) $(MIRROR_MOS_UBUNTU_SUITE) $(MIRROR_MOS_UBUNTU_SECTION)
deb $(MIRROR_MOS_UBUNTU_METHOD)://$(MIRROR_MOS_UBUNTU)$(MIRROR_MOS_UBUNTU_ROOT) $(MIRROR_MOS_UBUNTU_SUITE)-security $(MIRROR_MOS_UBUNTU_SECTION)
deb $(MIRROR_MOS_UBUNTU_METHOD)://$(MIRROR_MOS_UBUNTU)$(MIRROR_MOS_UBUNTU_ROOT) $(MIRROR_MOS_UBUNTU_SUITE)-proposed $(MIRROR_MOS_UBUNTU_SECTION)
deb $(MIRROR_MOS_UBUNTU_METHOD)://$(MIRROR_MOS_UBUNTU)$(MIRROR_MOS_UBUNTU_ROOT) $(MIRROR_MOS_UBUNTU_SUITE)-updates $(MIRROR_MOS_UBUNTU_SECTION)
deb $(MIRROR_MOS_UBUNTU_METHOD)://$(MIRROR_MOS_UBUNTU)$(MIRROR_MOS_UBUNTU_ROOT) $(MIRROR_MOS_UBUNTU_SUITE)-holdback $(MIRROR_MOS_UBUNTU_SECTION)
#Extra repositories
$(if $(EXTRA_DEB_REPOS),$(subst |,$(NEWLINE)deb ,deb $(EXTRA_DEB_REPOS)))
endef
define apt_preferences
# Apt repo @ obs-1 has Codename=trusty (which is OK)
# However the one @ mirror.fuel-infra has Codename=mos6.1
Package: *
Pin: release o=Mirantis, n=$(MIRROR_UBUNTU_SUITE)
Pin-Priority: 1101
Package: *
Pin: release o=Mirantis, n=$(PRODUCT_NAME)$(PRODUCT_VERSION)
Pin-Priority: 1101
# to install packages from unmerged fuel-infra requests
Package: *
Pin: release l=$(UBUNTU_RELEASE)-fuel-$(PRODUCT_VERSION)-stable*
Pin-Priority: 1101
Package: *
Pin: release o=Open Build Service $(UBUNTU_RELEASE)-fuel-$(PRODUCT_VERSION)-stable*
Pin-Priority: 1101
endef
define SANDBOX_UBUNTU_UP
set -e
echo "SANDBOX_UBUNTU_UP: start"
mkdir -p $(SANDBOX_UBUNTU)
mkdir -p $(SANDBOX_UBUNTU)/usr/sbin
cat > $(BUILD_DIR)/policy-rc.d << EOF
#!/bin/sh
# suppress services start in the staging chroots
exit 101
EOF
chmod 755 $(BUILD_DIR)/policy-rc.d
mkdir -p $(SANDBOX_UBUNTU)/etc/init.d
touch $(SANDBOX_UBUNTU)/etc/init.d/.legacy-bootordering
mkdir -p $(SANDBOX_UBUNTU)/usr/sbin
cp -a $(BUILD_DIR)/policy-rc.d $(SANDBOX_UBUNTU)/usr/sbin
echo "Running debootstrap"
sudo debootstrap --no-check-gpg --include=ca-certificates --arch=$(UBUNTU_ARCH) $(MIRROR_UBUNTU_SUITE) $(SANDBOX_UBUNTU) $(MIRROR_UBUNTU_METHOD)://$(MIRROR_UBUNTU)$(MIRROR_UBUNTU_ROOT)
if [ -e $(SANDBOX_UBUNTU)/etc/resolv.conf ]; then sudo cp -a $(SANDBOX_UBUNTU)/etc/resolv.conf $(SANDBOX_UBUNTU)/etc/resolv.conf.orig; fi
sudo cp /etc/resolv.conf $(SANDBOX_UBUNTU)/etc/resolv.conf
if [ -e $(SANDBOX_UBUNTU)/etc/hosts ]; then sudo cp -a $(SANDBOX_UBUNTU)/etc/hosts $(SANDBOX_UBUNTU)/etc/hosts.orig; fi
sudo cp /etc/hosts $(SANDBOX_UBUNTU)/etc/hosts
echo "Generating utf8 locale"
sudo chroot $(SANDBOX_UBUNTU) /usr/bin/env -i \
LC_ALL=C \
DEBIAN_FRONTEND=noninteractive \
DEBCONF_NONINTERACTIVE_SEEN=true \
/bin/sh -c 'locale-gen en_US.UTF-8; dpkg-reconfigure locales'
echo "Preparing directory for chroot local mirror"
sudo mkdir -p $(SANDBOX_UBUNTU)/etc/apt/preferences.d/
echo "Generating pinning file for Ubuntu SandBox"
cat > $(BUILD_DIR)/mirror/ubuntu/preferences << EOF
$(apt_preferences)
EOF
sudo cp $(BUILD_DIR)/mirror/ubuntu/preferences $(SANDBOX_UBUNTU)/etc/apt/preferences.d/
echo "Configuring apt sources.list"
cat > $(BUILD_DIR)/mirror/ubuntu/sources.list << EOF
$(apt_sources_list)
EOF
sudo cp $(BUILD_DIR)/mirror/ubuntu/sources.list $(SANDBOX_UBUNTU)/etc/apt/
sudo cp $(BUILD_DIR)/policy-rc.d $(SANDBOX_UBUNTU)/usr/sbin
echo "Allowing using unsigned repos"
echo "APT::Get::AllowUnauthenticated 1;" | sudo tee $(SANDBOX_UBUNTU)/etc/apt/apt.conf.d/02mirantis-unauthenticated
if [ "$(SANDBOX_COPY_CERTS)" = "1" ] ; then
echo "Copying local certificates and CA to chroot"
sudo bash -c "mkdir -p $(SANDBOX_UBUNTU)/usr/share/ca-certificates/ ; rsync -arzL /etc/ssl/certs/ $(SANDBOX_UBUNTU)/usr/share/ca-certificates/local/"
echo "Acquire::https { Verify-Peer \"true\"; Verify-Host \"true\"; }; " | sudo tee -a $(SANDBOX_UBUNTU)/etc/apt/apt.conf.d/05-local-ssl-certs
sudo chroot $(SANDBOX_UBUNTU) sh -xc "(cd /usr/share/ca-certificates; find local -type f) >> /etc/ca-certificates.conf"
sudo chroot $(SANDBOX_UBUNTU) update-ca-certificates
fi
echo "Updating apt package database"
sudo chroot $(SANDBOX_UBUNTU) bash -c "(mkdir -p /tmp/user/0)"
sudo chroot $(SANDBOX_UBUNTU) apt-get update
if ! mountpoint -q $(SANDBOX_UBUNTU)/proc; then sudo mount -t proc sandboxproc $(SANDBOX_UBUNTU)/proc; fi
echo "Installing additional packages: $(SANDBOX_DEB_PKGS)"
sudo chroot $(SANDBOX_UBUNTU) env LC_ALL=C DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get dist-upgrade --yes
test -n "$(SANDBOX_DEB_PKGS)" && sudo chroot $(SANDBOX_UBUNTU) env LC_ALL=C DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get install --yes $(SANDBOX_DEB_PKGS)
echo "SANDBOX_UBUNTU_UP: done"
endef
define SANDBOX_UBUNTU_DOWN
if mountpoint -q $(SANDBOX_UBUNTU)/proc; then sudo umount $(SANDBOX_UBUNTU)/proc; fi
sudo umount $(SANDBOX_UBUNTU)/tmp/apt || true
endef
show-ubuntu-sandbox-repos: export apt_source_content:=$(apt_sources_list)
show-ubuntu-sandbox-repos: export apt_pinning_content:=$(apt_preferences)
show-ubuntu-sandbox-repos:
/bin/echo -e "$${apt_source_content}"
/bin/echo -e "$${apt_pinning_content}"
show-centos-sandbox-repos: export sandbox_yum_conf_content:=$(sandbox_yum_conf)
show-centos-sandbox-repos: export yum_upstream_repo_content:=$(yum_upstream_repo)
show-centos-sandbox-repos: export yum_epel_repo_content:=$(yum_epel_repo)
show-centos-sandbox-repos: export yum_local_repo_content:=$(yum_local_repo)
show-centos-sandbox-repos: export yum_local_mos_repo_content:=$(yum_local_mos_repo)
show-centos-sandbox-repos: export yum_extra_build_repo_content:=$(yum_extra_build_repo)
show-centos-sandbox-repos:
/bin/echo -e "$${sandbox_yum_conf_content}\n"
/bin/echo -e "$${yum_upstream_repo_content}\n"
/bin/echo -e "$${yum_epel_repo_content}\n"
/bin/echo -e "$${yum_local_repo_content}\n"
/bin/echo -e "$${yum_local_mos_repo_content}\n"
/bin/echo -e "$${yum_extra_build_repo_content}\n"