os/ros-image-build

#!/bin/bash
set -e

build()
{
    dockerfile | docker build -f - --build-arg IMAGE="${IMAGE}" . "${@}"
}

dockerfile()
{
    cat << "EOF"
ARG IMAGE=rancher/os2:dev

FROM ${IMAGE} AS os

FROM opensuse/leap:15.3 AS tools
RUN zypper ref
ENV LUET_NOLOCK=true
# Copy luet from the official images
RUN zypper in -y squashfs xorriso curl unzip git qemu-arm qemu-x86 qemu-tools tar pigz go1.16 qemu-uefi-aarch64
RUN cd /usr/sbin && \
    rm packer && \
    SUFFIX=amd64 && \
    if [ "$(uname -m)" = "aarch64" ]; then SUFFIX=arm64; fi && \
    curl https://releases.hashicorp.com/packer/1.7.4/packer_1.7.4_linux_${SUFFIX}.zip > tmp && \
    unzip tmp && \
    rm tmp
RUN cd /usr/src && \
    git clone https://github.com/rancher-sandbox/cOS-toolkit
RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.6/luet-0.20.6-linux-$(go env GOARCH) && \
    chmod +x /usr/bin/luet
RUN mkdir -p /iso/iso-overlay/boot/grub2 /etc/luet
RUN echo -e \
'logging:\n'\
'  color: false\n'\
'  enable_emoji: false\n'\
'general:\n'\
'   debug: false\n'\
'   spinner_charset: 9\n'\
'repositories:\n'\
'- name: "cos-toolkit-green-amd64"\n'\
'  type: "docker"\n'\
'  enable: true\n'\
'  arch: amd64\n'\
'  urls:\n'\
'  - "quay.io/costoolkit/releases-green"\n'\
'- name: "cos-toolkit-green"\n'\
'  type: "docker"\n'\
'  enable: true\n'\
'  arch: arm64\n'\
'  urls:\n'\
'  - "quay.io/costoolkit/releases-green-arm64"\n' > /etc/luet/luet.yaml && \
echo -e \
'packages:\n'\
'  uefi:\n'\
'  - live/grub2-efi-image\n'\
'  isoimage:\n'\
'  - live/grub2\n'\
'  - live/grub2-efi-image\n'\
'\n'\
'boot_file: "boot/x86_64/loader/eltorito.img"\n'\
'boot_catalog: "boot/x86_64/boot.catalog"\n'\
'isohybrid_mbr: "boot/x86_64/loader/boot_hybrid.img"\n'\
'\n'\
'initramfs:\n'\
'  kernel_file: "vmlinuz"\n'\
'  rootfs_file: "initrd"\n'\
'\n'\
'overlay:\n'\
'  rootfs: /iso/overlay\n'\
'  isoimage: /iso/iso-overlay\n'\
'\n'\
'image_prefix: "output"\n'\
'label: "COS_LIVE"\n'\
'\n'\
'squashfs_options:\n'\
'  compression: xz\n'\
'\n'\
'luet:\n'\
'  repositories:\n'\
'  - name: "cos-toolkit-green-amd64"\n'\
'    type: "docker"\n'\
'    enable: true\n'\
'    arch: amd64\n'\
'    urls:\n'\
'    - "quay.io/costoolkit/releases-green"\n'\
'  - name: "cos-toolkit-green-arm64"\n'\
'    type: "docker"\n'\
'    enable: true\n'\
'    arch: arm64\n'\
'    urls:\n'\
'    - "quay.io/costoolkit/releases-green-arm64"\n' > /iso/iso.yaml
RUN echo -e \
'search --file --set=root /boot/kernel.xz\n'\
'set default=0\n'\
'set timeout=10\n'\
'set timeout_style=menu\n'\
'set linux=linux\n'\
'set initrd=initrd\n'\
'if [ "${grub_cpu}" = "x86_64" -o "${grub_cpu}" = "i386" -o "${grub_cpu}" = "arm64" ];then\n'\
'    if [ "${grub_platform}" = "efi" ]; then\n'\
'        if [ "${grub_cpu}" != "arm64" ]; then\n'\
'            set linux=linuxefi\n'\
'            set initrd=initrdefi\n'\
'        fi\n'\
'    fi\n'\
'fi\n'\
'if [ "${grub_platform}" = "efi" ]; then\n'\
'    echo "Please press 't' to show the boot menu on this console"\n'\
'fi\n'\
'set font=($root)/boot/${grub_cpu}/loader/grub2/fonts/unicode.pf2\n'\
'if [ -f ${font} ];then\n'\
'    loadfont ${font}\n'\
'fi\n'\
'menuentry "RancherOS Install" --class os --unrestricted {\n'\
'    echo Loading kernel...\n'\
'    $linux ($root)/boot/kernel.xz cdroot root=live:CDLABEL=COS_LIVE rd.live.dir=/ rd.live.squashimg=rootfs.squashfs console=tty1 console=ttyS0 rd.cos.disable rancheros.install.automatic=true rancheros.install.config_url=/run/initramfs/live/config\n'\
'    echo Loading initrd...\n'\
'    $initrd ($root)/boot/rootfs.xz\n'\
'}\n'\
'\n'\
'if [ "${grub_platform}" = "efi" ]; then\n'\
'    hiddenentry "Text mode" --hotkey "t" {\n'\
'        set textmode=true\n'\
'        terminal_output console\n'\
'    }\n'\
'fi\n' > /iso/iso-overlay/boot/grub2/grub.cfg
RUN echo -e '#cloud-config\n'\
'rancheros:\n'\
'  install:\n'\
'    automatic: false\n' > /iso/iso-overlay/config
RUN luet install --no-spinner -y toolchain/luet-makeiso
ARG CONFIG
RUN if [ -n "$CONFIG" ]; then echo "$CONFIG" > /iso/iso-overlay/config; fi
WORKDIR /usr/src/cOS-toolkit/packer

FROM tools AS iso-build
COPY --from=os / /iso/overlay
RUN cd /iso && \
    luet-makeiso iso.yaml

FROM iso-build AS qcow-build
ARG ACCEL=tcg
RUN SUFFIX= && \
    FIRMWARE= && \
    if [ "$(uname -m)" = "aarch64" ]; then SUFFIX=-arm64; FIRMWARE=/usr/share/qemu/qemu-uefi-aarch64.bin; fi && \
    echo '#!/bin/bash' > /usr/bin/image && \
    echo 'set -e -x' >> /usr/bin/image && \
    echo PACKER_LOG=1 packer build \
    -var "root_password=ros" \
    -var "firmware=${FIRMWARE}" \
    -var "memory=1024" \
    -var "iso=/iso/output.iso" \
    -var "accelerator=${ACCEL}" \
    -only qemu.cos${SUFFIX} . >> /usr/bin/image && \
    chmod +x /usr/bin/image
RUN echo 'mkdir /output &&' >> /usr/bin/image && \
    echo 'mv *.box /output/output.box' >> /usr/bin/image && \
    echo 'pigz -dc *.tar.gz | tar xvf -' >> /usr/bin/image && \
    echo 'cat cOS | pigz -c > /output/output.qcow.gz'>> /usr/bin/image
CMD ["bash", "-x", "/usr/bin/image"]

FROM qcow-build AS qcow-build2
RUN bash -x /usr/bin/image

FROM scratch AS qcow
COPY --from=qcow-build2 /output/ /

FROM scratch AS iso
COPY --from=iso-build /iso/output.iso /

FROM tools AS ami
ARG AWS_ACCESS_KEY_ID
ARG AWS_SECRET_ACCESS_KEY
ARG AWS_DEFAULT_REGION
ARG IMAGE=rancher/os2:dev
ARG NAME=RancherOS-Image-dev
ARG VERSION=1
ARG GIT_COMMIT=HEAD
RUN packer build \
    -var "root_password=ros" \
    -var "cos_version=${VERSION}" \
    -var "git_sha=${GIT_COMMIT}" \
    -var 'aws_source_ami_filter_owners=["053594193760"]' \
    -var "aws_cos_deploy_args=cos-deploy --no-verify --docker-image ${IMAGE}" \
    -var "name=${NAME}" \
    -only amazon-ebs.cos .

FROM scratch AS default
COPY --from=iso / /
COPY --from=qcow / /
EOF
}


iso()
{
    if [ -n "$CONFIG" ]; then
        CONFIG_DATA="$(<$CONFIG)"
    fi
    build --target iso -o build/ --build-arg CONFIG="${CONFIG_DATA}"
}

qcow()
{
    ID=qcow-${RANDOM}
    if docker run -i --device /dev/kvm busybox /bin/true; then
        build --target qcow-build --build-arg ACCEL=kvm -t $ID
        docker run --net=host -i --device /dev/kvm --name $ID $ID
    else
        build --target qcow-build --build-arg ACCEL=tcg -t $ID
        docker run --net=host -i --name $ID $ID
    fi || {
        docker rm -fv $ID
        docker rmi $ID
        exit 1
    }
    mkdir -p build/
    docker export $ID | tar xvf - -C build/ output/ --strip-components=1
    docker rm -fv $ID
    docker rmi $ID
}

ami()
{
    if [ -z "${AWS_ACCESS_KEY_ID}" ] || [ -z "${AWS_SECRET_ACCESS_KEY}" ] || [ -z "${AWS_DEFAULT_REGION}" ]; then
        echo ERROR: The following environment variables must be set: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY AWS_DEFAULT_REGION
        exit 1
    fi

    build --target ami \
        --build-arg AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
        --build-arg AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
        --build-arg AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
        --build-arg NAME="${NAME}" \
        --build-arg GIT_COMMIT="${GIT_COMMIT}" \
        --build-arg VERSION="${VERSION}"
}

usage()
{
    echo "Usage:"
    echo "    $0 IMAGE OUTPUT [ISO_CLOUD_CONFIG]"
    echo
    echo "    IMAGE: a Docker image"
    echo "    OUTPUT: Comma seperated value of output image formats. Valid: aws,iso,qcow"
    echo "    ISO_CLOUD_CONFIG: An option file that will be used as the default cloud-init in an ISO"
}

IMAGE=$1
OUTPUT=$2
CONFIG=$3
VERSION=${IMAGE##*:}
NAME=${IMAGE%%:${VERSION}}
NAME=${NAME//[^a-zA-Z0-9-@.\/_]/-}

if [ "$1" == dockerfile ]; then
    dockerfile
    exit 0
fi

if [ -z "${OUTPUT}" ] || [ -z "${IMAGE}" ] || echo "$@" | grep -q -- -h; then
    usage
    exit 1
fi

{
    IFS=,
    for i in ${OUTPUT}; do
        case $i in
            ami)
                ami
                ;;
            qcow)
                qcow
                ;;
            iso)
                iso
                ;;
            *)
                echo Unknown format $i
                echo
                usage
                exit 1
        esac
    done
}