feat: Support legacy 'import' directive and use 'imports' for future

This changes the behavior of the 'import' target to behave as it did before the breaking change that moved imports into /stacker/imports/ So now, if the stacker file uses 'import', then imports will be placed in /stacker. If the stacker file uses 'imports' (plural) then they will be placed in /stacker/imports. What we actually get in both cases is all the binds being done into either /.stacker (legacy) or /stacker (new). In the legacy case, the imports are also bind-mounted into /stacker Legacy (for those that used 'import:') stacker: /.stacker/bin/stacker imports: /.stacker/imports -> /stacker runscript: /.stacker/imports/.stacker-run.sh artifacts: /.stacker/artifacts new (for those that use 'imports:') stacker: /stacker/bin/stacker imports: /stacker/imports runscript: /stacker/imports/.stacker-run.sh artifacts: /stacker/artifacts Signed-off-by: Scott Moser <smoser@brickies.net>
project-stacker · Nov 14, 2023 · 636d412 · 636d412
1 parent c75830e
commit 636d412
Show file tree

Hide file tree

Showing 10 changed files with 146 additions and 81 deletions.
diff --git a/build.yaml b/build.yaml
@@ -3,7 +3,7 @@ build-env:
   from:
     type: docker
     url: ${{STACKER_BUILD_BASE_IMAGE}}
-  import:
+  imports:
     - https://github.com/json-c/json-c/archive/refs/tags/json-c-0.16-20220414.tar.gz
     - https://gitlab.com/cryptsetup/cryptsetup/-/archive/v2.6.0/cryptsetup-v2.6.0.tar.gz
     - https://github.com/lvmteam/lvm2/archive/refs/tags/v2_03_18.tar.gz

diff --git a/cmd/stacker/bom.go b/cmd/stacker/bom.go
@@ -10,6 +10,7 @@ import (
 	"stackerbuild.io/stacker-bom/pkg/bom"
 	"stackerbuild.io/stacker-bom/pkg/distro"
 	"stackerbuild.io/stacker-bom/pkg/fs"
+	"stackerbuild.io/stacker/pkg/types"
 )
 
 var bomCmd = cli.Command{
@@ -39,7 +40,7 @@ func doBomDiscover(ctx *cli.Context) error {
 	author := "stacker-internal"
 	org := "stacker-internal"
 
-	if err := fs.Discover(author, org, "/stacker/artifacts/installed-packages.json"); err != nil {
+	if err := fs.Discover(author, org, types.InternalStackerDir+"/artifacts/installed-packages.json"); err != nil {
 		return nil
 	}
 
@@ -57,7 +58,8 @@ func doBomGenerate(ctx *cli.Context) error {
 	org := "stacker-internal"
 	lic := "unknown"
 
-	if err := distro.ParsePackage(input, author, org, lic, fmt.Sprintf("/stacker/artifacts/%s.json", filepath.Base(input))); err != nil {
+	if err := distro.ParsePackage(input, author, org, lic, fmt.Sprintf("%s/artifacts/%s.json",
+		types.InternalStackerDir, filepath.Base(input))); err != nil {
 		return nil
 	}
 
@@ -98,16 +100,17 @@ func doBomVerify(ctx *cli.Context) error {
 	org := ctx.Args().Get(3)
 
 	// first merge all individual sbom artifacts that may have been generated
-	if err := bom.MergeDocuments("/stacker/artifacts", name, author, org, dest); err != nil {
+	iDir := types.InternalStackerDir
+	if err := bom.MergeDocuments(iDir+"/artifacts", name, author, org, dest); err != nil {
 		return err
 	}
 
 	// check against inventory
 	if err := fs.GenerateInventory("/",
-		[]string{"/proc", "/sys", "/dev", "/etc/resolv.conf", "/stacker"},
-		"/stacker/artifacts/inventory.json"); err != nil {
+		[]string{"/proc", "/sys", "/dev", "/etc/resolv.conf", iDir},
+		iDir+"/artifacts/inventory.json"); err != nil {
 		return err
 	}
 
-	return fs.Verify(dest, "/stacker/artifacts/inventory.json", "")
+	return fs.Verify(dest, iDir+"/artifacts/inventory.json", "")
 }
diff --git a/cmd/stacker/chroot.go b/cmd/stacker/chroot.go
@@ -98,11 +98,11 @@ func doChroot(ctx *cli.Context) error {
 	}
 	defer c.Close()
 
-	err = stacker.SetupBuildContainerConfig(config, s, c, name)
+	err = stacker.SetupBuildContainerConfig(config, s, c, types.InternalStackerDir, name)
 	if err != nil {
 		return err
 	}
-	err = stacker.SetupLayerConfig(config, c, layer, name)
+	err = stacker.SetupLayerConfig(config, c, layer, types.InternalStackerDir, name)
 	if err != nil {
 		return err
 	}

diff --git a/doc/stacker_yaml.md b/doc/stacker_yaml.md
@@ -64,10 +64,10 @@ layer on a previously specified layer in the stacker file.
 of `import` to generate minimal images, e.g. for statically built binaries.
 
 
-### `import`
+### `imports`
 
-The `import` directive describes what files should be made available in
-`/stacker` during the `run` phase. There are three forms of importing supported
+The `imports` directive describes what files should be made available in
+`/stacker/imports` during the `run` phase. There are three forms of importing supported
 today:
 
     /path/to/file
@@ -89,10 +89,10 @@ Will grab /path/to/file from the previously built layer `$name`.
 
 #### `import hash`
 
-The `import` directive also supports specifying the hash(sha256sum) of import source,
-for all the three forms presented above, for example:
+Each entry in the `imports' directive also supports specifying the hash(sha256sum) of
+import source, for all the three forms presented above, for example:
 ```
-import:
+imports:
   - path: config.json
     hash: f55af805b012017bc....
   - path: http://example.com/foo.tar.gz
@@ -115,7 +115,7 @@ If `--require-hash` is not passed, this import mode can be combined with uncheck
 and only files which have the hash specified will be checked.
 
 ```
-import:
+imports:
   - path: "config.json
     hash: "BEEFcafeaaaaAAAA...."
   - /path/to/file
@@ -127,11 +127,17 @@ The `import` directive also supports specifying the destination path (specified
 by `dest`) in the resulting container image, where the source file (specified
 by `path`) will be copyied to, for example:
 ```
-import:
+imports:
   - path: config.json
     dest: /
 ```
 
+
+### (Deprecated) `import`
+The deprecated `import` directive works like `imports` except that
+the entries in the `import` array will be placed into `/stacker/` rather
+than `/stacker/imports`.
+
 ### `overlay_dirs`
 This directive works only with OverlayFS backend storage.
 

diff --git a/doc/tutorial.md b/doc/tutorial.md
@@ -98,7 +98,7 @@ output will look something like:
 
 There are two new stacker file directives here:
 
-    import:
+    imports:
         - config.json
         - install.sh
 
@@ -115,8 +115,8 @@ And then there is:
 
     run: |
         mkdir -p /etc/myapp
-        cp /stacker/config.json /etc/myapp/
-        /stacker/install.sh
+        cp /stacker/imports/config.json /etc/myapp/
+        /stacker/imports/install.sh
 
 Which is the set of commands to run in order to install and configure the
 image.
@@ -152,8 +152,8 @@ emitted in the final OCI image. For example:
         from:
             type: docker
             url: docker://centos:latest
-        import: stacker://build/umoci.static
-        run: cp /stacker/umoci.static /usr/bin/umoci
+        imports: stacker://build/umoci.static
+        run: cp /stacker/imports/umoci.static /usr/bin/umoci
 
 Will build a static version of umoci in an ubuntu container, but the final
 image will only contain an `umoci` tag with a statically linked version of
@@ -165,7 +165,7 @@ indicates that the container shouldn't be emitted in the final image, because
 we're going to import something from it and don't need the rest of it. The
 line:
 
-    import: stacker://build/umoci.static
+    imports: stacker://build/umoci.static
 
 is what actually does this import, and it says "from a previously built stacker
 image called 'build', import /umoci.static".
diff --git a/pkg/stacker/bom.go b/pkg/stacker/bom.go
@@ -5,6 +5,7 @@ import (
 	"io"
 	"os"
 	"path"
+	"path/filepath"
 
 	"stackerbuild.io/stacker/pkg/container"
 	"stackerbuild.io/stacker/pkg/log"
@@ -27,24 +28,25 @@ func BuildLayerArtifacts(sc types.StackerConfig, storage types.Storage, l types.
 	}
 	defer c.Close()
 
-	err = SetupBuildContainerConfig(sc, storage, c, tag)
+	inDir := types.InternalStackerDir
+	err = SetupBuildContainerConfig(sc, storage, c, inDir, tag)
 	if err != nil {
 		log.Errorf("build container %v", err)
 		return err
 	}
 
-	err = SetupLayerConfig(sc, c, l, tag)
+	err = SetupLayerConfig(sc, c, l, inDir, tag)
 	if err != nil {
 		return err
 	}
 
-	cmd := []string{insideStaticStacker}
+	cmd := []string{filepath.Join(inDir, types.BinStacker)}
 
 	if sc.Debug {
 		cmd = append(cmd, "--debug")
 	}
 
-	cmd = append(cmd, "bom", "build", "/stacker/artifacts",
+	cmd = append(cmd, "bom", "build", filepath.Join(inDir, "artifacts"),
 		l.Annotations[types.AuthorAnnotation],
 		l.Annotations[types.OrgAnnotation],
 		l.Annotations[types.LicenseAnnotation],
@@ -71,25 +73,26 @@ func VerifyLayerArtifacts(sc types.StackerConfig, storage types.Storage, l types
 	}
 	defer c.Close()
 
-	err = SetupBuildContainerConfig(sc, storage, c, tag)
+	inDir := types.InternalStackerDir
+	err = SetupBuildContainerConfig(sc, storage, c, inDir, tag)
 	if err != nil {
 		log.Errorf("build container %v", err)
 		return err
 	}
 
-	err = SetupLayerConfig(sc, c, l, tag)
+	err = SetupLayerConfig(sc, c, l, inDir, tag)
 	if err != nil {
 		return err
 	}
 
-	cmd := []string{insideStaticStacker}
+	cmd := []string{filepath.Join(inDir, types.BinStacker)}
 
 	if sc.Debug {
 		cmd = append(cmd, "--debug")
 	}
 
 	cmd = append(cmd, "bom", "verify",
-		fmt.Sprintf("/stacker/artifacts/%s.json", tag),
+		fmt.Sprintf(types.InternalStackerDir+"/artifacts/%s.json", tag),
 		tag, l.Annotations[types.AuthorAnnotation], l.Annotations[types.OrgAnnotation])
 
 	err = c.Execute(cmd, os.Stdin)