#!/bin/sh # # kas - setup tool for bitbake based projects # # Copyright (c) Siemens AG, 2018-2019 # # Authors: # Jan Kiszka # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be # included in all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. set -e usage() { printf "%b" "Usage: $0 [OPTIONS] { build | shell } [KASOPTIONS] KASFILE\n" printf "%b" " $0 [OPTIONS] clean\n" printf "%b" "\nPositional arguments:\n" printf "%b" "build\t\t\tCheck out repositories and build target.\n" printf "%b" "shell\t\t\tRun a shell in the build environment.\n" printf "%b" "clean\t\t\tClean build artifacts, keep downloads.\n" printf "%b" "\nOptional arguments:\n" printf "%b" "--isar\t\t\tUse kas-isar container to build Isar image.\n" printf "%b" "--with-loop-dev Pass a loop device to the " \ "container. Only required if\n" printf "%b" "\t\t\tloop-mounting is used by recipes.\n" printf "%b" "--docker-args\t\tAdditional arguments to pass to docker " \ "for running the\n" printf "%b" "\t\t\tbuild.\n" printf "%b" "-v\t\t\tPrint operations.\n" printf "%b" "--ssh-dir\t\tDirectory containing SSH configurations.\n" printf "%b" "\t\t\tAvoid \$HOME/.ssh unless you fully trust the " \ "container.\n" printf "%b" "--aws-dir\t\tDirectory containing AWScli configuration.\n" printf "%b" "--no-proxy-from-env\tDo not inherit proxy settings from " \ "environment.\n" printf "%b" "\n" printf "%b" "You can force the use of podman over docker using " \ "KAS_DOCKER_ENGINE=podman.\n" exit 1 } trace() { [ -n "${VERBOSE}" ] && echo "+ $*" "$@" } if [ -z "${KAS_IMAGE_VERSION}" ]; then KAS_IMAGE_VERSION="2.2" fi DOCKER_IMAGE=kasproject/kas:${KAS_IMAGE_VERSION} if [ -n "${KAS_WORK_DIR}" ]; then KAS_WORK_DIR=$(readlink -f "${KAS_WORK_DIR}") else KAS_WORK_DIR="$(pwd)" fi if [ -z "${KAS_DOCKER_ENGINE}" ]; then # Try to auto-detect a docker engine if command -v docker >/dev/null; then KAS_DOCKER_ENGINE=docker elif command -v podman >/dev/null; then KAS_DOCKER_ENGINE=podman else echo "$0: no docker engine found, need docker or podman" >&2 exit 1 fi fi case "${KAS_DOCKER_ENGINE}" in docker) DOCKER_COMMAND="docker" ;; podman) DOCKER_COMMAND="podman" DOCKER_IMAGE="docker://${DOCKER_IMAGE}" ENGINE_ARGS="--userns=keep-id --security-opt label=disable" ;; *) echo "$0: unknown docker engine '${KAS_DOCKER_ENGINE}'" >&2 exit 1 ;; esac # parse kas-docker options while [ $# -gt 0 ]; do case "$1" in --isar) DOCKER_IMAGE="$(echo "${DOCKER_IMAGE}" | sed 's|kasproject/kas|kasproject/kas-isar|g')" ISAR_ARGS="--privileged" case "${KAS_DOCKER_ENGINE}" in docker) ISAR_ARGS="${ISAR_ARGS} --cap-add=SYS_ADMIN" ISAR_ARGS="${ISAR_ARGS} --cap-add=MKNOD" ;; podman) # sudo is needed for a privileged podman container DOCKER_COMMAND="sudo ${DOCKER_COMMAND}" ISAR_ARGS="${ISAR_ARGS} --pid=host" ;; esac shift 1 ;; --with-loop-dev) if ! LOOP_DEV=$(/sbin/losetup -f 2>/dev/null); then if [ "$(id -u)" -eq 0 ]; then echo "Error: loop device not available!" exit 1 fi sudo_command="/sbin/losetup -f" sudo_message="[sudo] enter password to setup loop" sudo_message="$sudo_message devices by calling" sudo_message="$sudo_message '$sudo_command': " if ! LOOP_DEV=$(sudo -p "$sudo_message" $sudo_command \ 2>/dev/null); then echo "Error: loop device setup unsuccessful!" echo "try calling '$sudo_command' with root" \ "permissions manually." exit 1 fi fi WITH_LOOP_DEV="--device ${LOOP_DEV}" shift 1 ;; --docker-args) [ $# -gt 0 ] || usage ENGINE_ARGS="${ENGINE_ARGS} $2" shift 2 ;; --ssh-dir) [ $# -gt 2 ] || usage SSH_DIR="$2" shift 2 ;; --aws-dir) [ $# -gt 2 ] || usage AWS_DIR="$2" shift 2 ;; --no-proxy-from-env) NO_PROXY_FROM_ENV=1 shift 1 ;; -v) VERBOSE=1 shift 1 ;; --*) usage ;; clean) [ $# -eq 1 ] || usage CLEAN_DIR=build/tmp if [ -n "${ISAR_ARGS}" ]; then trace ${DOCKER_COMMAND} run -v "${KAS_WORK_DIR}":/work:rw \ --workdir=/work --rm ${ISAR_ARGS} \ ${DOCKER_IMAGE} \ sudo rm -rf ${CLEAN_DIR} else trace rm -rf "${KAS_WORK_DIR}/${CLEAN_DIR}" fi exit 0 ;; build|shell) CMD=$1 shift 1 break ;; *) usage ;; esac done [ -n "${CMD}" ] || usage # parse kas sub-command (build or shell) options while [ $# -gt 0 ]; do case "$1" in -h|--help) trace ${DOCKER_COMMAND} run ${DOCKER_IMAGE} ${CMD} --help exit 0 ;; --skip|--target|--task|-c|--cmd|--command) KAS_OPTIONS="${KAS_OPTIONS} $1 $2" shift 2 ;; --) # Ignore 'Assigning array to string' warning. # This needs to be fixed properly. # shellcheck disable=SC2124 KAS_EXTRA_BITBAKE_ARGS="$@" shift $# ;; -*) KAS_OPTIONS="${KAS_OPTIONS} $1" shift 1 ;; *) KAS_FILES= for FILE in $(IFS=':'; echo $1); do if ! REAL_FILE="$(realpath -qe "$FILE")"; then echo "Error: configuration file '${FILE}' not found" exit 1 fi if [ -z "${KAS_FILES}" ]; then FIRST_KAS_FILE="${REAL_FILE}" KAS_FILES="${REAL_FILE}" else KAS_FILES="${KAS_FILES}:${REAL_FILE}" fi done shift 1 ;; esac done [ -n "${FIRST_KAS_FILE}" ] || usage KAS_FILE_DIR="$(dirname "${FIRST_KAS_FILE}")" REPO_DIR=$(git -C "${KAS_FILE_DIR}" rev-parse --show-toplevel 2>/dev/null) \ || REPO_DIR=$(hg --cwd "${KAS_FILE_DIR}" root 2>/dev/null) \ || REPO_DIR=${KAS_FILE_DIR} KAS_FILES=/repo/"$(echo "${KAS_FILES}" | sed 's|'"${REPO_DIR}"'/||g;s|:|:/repo/|g')" trace mkdir -p "${KAS_WORK_DIR}" if [ "$(id -u)" -eq 0 ] && [ "${KAS_ALLOW_ROOT}" != "yes" ] ; then echo "Error: Running as root - may break certain recipes." echo "Better give a regular user docker access. Set" \ "KAS_ALLOW_ROOT=yes to override." exit 1 fi set -- -v "${REPO_DIR}":/repo:ro \ -v "${KAS_WORK_DIR}":/work:rw --workdir=/work \ -e USER_ID="$(id -u)" -e GROUP_ID="$(id -g)" --rm if [ -n "${SSH_DIR}" ] ; then if [ ! -d "${SSH_DIR}" ]; then echo "Passed SSH_DIR '${SSH_DIR}' is not a directory" exit 1 fi set -- "$@" -v "$(readlink -f "${SSH_DIR}")":/etc/skel/.ssh:ro fi if [ -n "${AWS_DIR}" ] ; then if [ ! -d "${AWS_DIR}" ]; then echo "Passed AWS_DIR '${AWS_DIR}' is not a directory" exit 1 fi set -- "$@" -v "$(readlink -f "${AWS_DIR}")":/etc/skel/.aws:ro \ -e AWS_CONFIG_FILE="${AWS_CONFIG_FILE:-/etc/skel/.aws/config}" \ -e AWS_SHARED_CREDENTIALS_FILE="${AWS_SHARED_CREDENTIALS_FILE:-/etc/skel/.aws/credentials}" fi if [ -t 1 ]; then set -- "$@" -t -i fi if [ -n "${DL_DIR}" ]; then trace mkdir -p "${DL_DIR}" set -- "$@" \ -v "$(readlink -f "${DL_DIR}")":/downloads:rw \ -e DL_DIR=/downloads fi if [ -n "${SSTATE_DIR}" ]; then trace mkdir -p "${SSTATE_DIR}" set -- "$@" \ -v "$(readlink -f "${SSTATE_DIR}")":/sstate:rw \ -e SSTATE_DIR=/sstate fi if [ -n "${KAS_REPO_REF_DIR}" ]; then set -- "$@" \ -v "$(readlink -f "${KAS_REPO_REF_DIR}")":/repo-ref:ro \ -e KAS_REPO_REF_DIR="${KAS_REPO_REF_DIR}" fi for var in TERM KAS_DISTRO KAS_MACHINE KAS_TARGET KAS_TASK \ KAS_PREMIRRORS; do if [ -n "$(eval echo \$${var})" ]; then set -- "$@" -e "${var}=$(eval echo \"\$${var}\")" fi done # propagate only supported SHELL settings case "$SHELL" in /bin/sh|/bin/bash|/bin/dash) set -- "$@" -e "SHELL=$SHELL" ;; *) set -- "$@" -e "SHELL=/bin/bash" ;; esac if [ -z "${NO_PROXY_FROM_ENV+x}" ]; then for var in http_proxy https_proxy ftp_proxy no_proxy NO_PROXY; do if [ -n "$(eval echo \$${var})" ]; then set -- "$@" -e "${var}=$(eval echo \$${var})" fi done fi trace ${DOCKER_COMMAND} run "$@" ${ISAR_ARGS} ${WITH_LOOP_DEV} ${ENGINE_ARGS} \ ${DOCKER_IMAGE} ${CMD} ${KAS_OPTIONS} ${KAS_FILES} \ ${KAS_EXTRA_BITBAKE_ARGS}