feat: Support legacy 'import' directive and use 'imports' for future (#…

…543) * feat: Support legacy 'import' directive and use 'imports' for future This changes the behavior of the 'import' target to behave as it did before the breaking change that moved imports into /stacker/imports/ So now, if the stacker file uses 'import', then imports will be placed in /stacker. If the stacker file uses 'imports' (plural) then they will be placed in /stacker/imports. What we actually get in both cases is a consistent set of binds being done into a different "base". Either /.stacker (legacy) or /stacker (new). stacker -> <base>/bin/stacker imports -> <base>/imports runscript -> <base>/imports/.stacker-run.sh artifacts -> <base>/artifacts In the legacy case, the imports are also bind-mounted into /stacker Signed-off-by: Scott Moser <[email protected]> * test: replace import with imports, add one explicit legacy import test This just changes all the existing tests to test 'imports' rather than 'import'. Then it adds one test for 'import' explicitly and within the same stacker file. Test test/cache.bats test "can read previous version's cache" is skipped as the old version can't build a stacker file in the test because it uses 'imports'. Signed-off-by: Scott Moser <[email protected]> --------- Signed-off-by: Scott Moser <[email protected]>
project-stacker · Nov 25, 2023 · 2f284d8 · 2f284d8
1 parent 2499397
commit 2f284d8
Show file tree

Hide file tree

Showing 28 changed files with 244 additions and 150 deletions.
diff --git a/build.yaml b/build.yaml
@@ -3,7 +3,7 @@ build-env:
   from:
     type: docker
     url: ${{STACKER_BUILD_BASE_IMAGE}}
-  import:
+  imports:
     - https://github.com/json-c/json-c/archive/refs/tags/json-c-0.16-20220414.tar.gz
     - https://gitlab.com/cryptsetup/cryptsetup/-/archive/v2.6.0/cryptsetup-v2.6.0.tar.gz
     - https://github.com/lvmteam/lvm2/archive/refs/tags/v2_03_18.tar.gz

diff --git a/cmd/stacker/bom.go b/cmd/stacker/bom.go
@@ -10,6 +10,7 @@ import (
 	"stackerbuild.io/stacker-bom/pkg/bom"
 	"stackerbuild.io/stacker-bom/pkg/distro"
 	"stackerbuild.io/stacker-bom/pkg/fs"
+	"stackerbuild.io/stacker/pkg/types"
 )
 
 var bomCmd = cli.Command{
@@ -39,7 +40,7 @@ func doBomDiscover(ctx *cli.Context) error {
 	author := "stacker-internal"
 	org := "stacker-internal"
 
-	if err := fs.Discover(author, org, "/stacker/artifacts/installed-packages.json"); err != nil {
+	if err := fs.Discover(author, org, types.InternalStackerDir+"/artifacts/installed-packages.json"); err != nil {
 		return nil
 	}
 
@@ -57,7 +58,8 @@ func doBomGenerate(ctx *cli.Context) error {
 	org := "stacker-internal"
 	lic := "unknown"
 
-	if err := distro.ParsePackage(input, author, org, lic, fmt.Sprintf("/stacker/artifacts/%s.json", filepath.Base(input))); err != nil {
+	if err := distro.ParsePackage(input, author, org, lic, fmt.Sprintf("%s/artifacts/%s.json",
+		types.InternalStackerDir, filepath.Base(input))); err != nil {
 		return nil
 	}
 
@@ -98,16 +100,17 @@ func doBomVerify(ctx *cli.Context) error {
 	org := ctx.Args().Get(3)
 
 	// first merge all individual sbom artifacts that may have been generated
-	if err := bom.MergeDocuments("/stacker/artifacts", name, author, org, dest); err != nil {
+	iDir := types.InternalStackerDir
+	if err := bom.MergeDocuments(iDir+"/artifacts", name, author, org, dest); err != nil {
 		return err
 	}
 
 	// check against inventory
 	if err := fs.GenerateInventory("/",
-		[]string{"/proc", "/sys", "/dev", "/etc/resolv.conf", "/stacker"},
-		"/stacker/artifacts/inventory.json"); err != nil {
+		[]string{"/proc", "/sys", "/dev", "/etc/resolv.conf", iDir},
+		iDir+"/artifacts/inventory.json"); err != nil {
 		return err
 	}
 
-	return fs.Verify(dest, "/stacker/artifacts/inventory.json", "")
+	return fs.Verify(dest, iDir+"/artifacts/inventory.json", "")
 }
diff --git a/cmd/stacker/chroot.go b/cmd/stacker/chroot.go
@@ -98,11 +98,11 @@ func doChroot(ctx *cli.Context) error {
 	}
 	defer c.Close()
 
-	err = stacker.SetupBuildContainerConfig(config, s, c, name)
+	err = stacker.SetupBuildContainerConfig(config, s, c, types.InternalStackerDir, name)
 	if err != nil {
 		return err
 	}
-	err = stacker.SetupLayerConfig(config, c, layer, name)
+	err = stacker.SetupLayerConfig(config, c, layer, types.InternalStackerDir, name)
 	if err != nil {
 		return err
 	}

diff --git a/doc/stacker_yaml.md b/doc/stacker_yaml.md
@@ -64,10 +64,10 @@ layer on a previously specified layer in the stacker file.
 of `import` to generate minimal images, e.g. for statically built binaries.
 
 
-### `import`
+### `imports`
 
-The `import` directive describes what files should be made available in
-`/stacker` during the `run` phase. There are three forms of importing supported
+The `imports` directive describes what files should be made available in
+`/stacker/imports` during the `run` phase. There are three forms of importing supported
 today:
 
     /path/to/file
@@ -89,10 +89,10 @@ Will grab /path/to/file from the previously built layer `$name`.
 
 #### `import hash`
 
-The `import` directive also supports specifying the hash(sha256sum) of import source,
-for all the three forms presented above, for example:
+Each entry in the `imports' directive also supports specifying the hash(sha256sum) of
+import source, for all the three forms presented above, for example:
 ```
-import:
+imports:
   - path: config.json
     hash: f55af805b012017bc....
   - path: http://example.com/foo.tar.gz
@@ -115,7 +115,7 @@ If `--require-hash` is not passed, this import mode can be combined with uncheck
 and only files which have the hash specified will be checked.
 
 ```
-import:
+imports:
   - path: "config.json
     hash: "BEEFcafeaaaaAAAA...."
   - /path/to/file
@@ -127,11 +127,17 @@ The `import` directive also supports specifying the destination path (specified
 by `dest`) in the resulting container image, where the source file (specified
 by `path`) will be copyied to, for example:
 ```
-import:
+imports:
   - path: config.json
     dest: /
 ```
 
+
+### (Deprecated) `import`
+The deprecated `import` directive works like `imports` except that
+the entries in the `import` array will be placed into `/stacker/` rather
+than `/stacker/imports`.
+
 ### `overlay_dirs`
 This directive works only with OverlayFS backend storage.
 

diff --git a/doc/tutorial.md b/doc/tutorial.md
@@ -98,7 +98,7 @@ output will look something like:
 
 There are two new stacker file directives here:
 
-    import:
+    imports:
         - config.json
         - install.sh
 
@@ -115,8 +115,8 @@ And then there is:
 
     run: |
         mkdir -p /etc/myapp
-        cp /stacker/config.json /etc/myapp/
-        /stacker/install.sh
+        cp /stacker/imports/config.json /etc/myapp/
+        /stacker/imports/install.sh
 
 Which is the set of commands to run in order to install and configure the
 image.
@@ -152,8 +152,8 @@ emitted in the final OCI image. For example:
         from:
             type: docker
             url: docker://centos:latest
-        import: stacker://build/umoci.static
-        run: cp /stacker/umoci.static /usr/bin/umoci
+        imports: stacker://build/umoci.static
+        run: cp /stacker/imports/umoci.static /usr/bin/umoci
 
 Will build a static version of umoci in an ubuntu container, but the final
 image will only contain an `umoci` tag with a statically linked version of
@@ -165,7 +165,7 @@ indicates that the container shouldn't be emitted in the final image, because
 we're going to import something from it and don't need the rest of it. The
 line:
 
-    import: stacker://build/umoci.static
+    imports: stacker://build/umoci.static
 
 is what actually does this import, and it says "from a previously built stacker
 image called 'build', import /umoci.static".
diff --git a/pkg/stacker/bom.go b/pkg/stacker/bom.go
@@ -5,6 +5,7 @@ import (
 	"io"
 	"os"
 	"path"
+	"path/filepath"
 
 	"stackerbuild.io/stacker/pkg/container"
 	"stackerbuild.io/stacker/pkg/log"
@@ -27,24 +28,25 @@ func BuildLayerArtifacts(sc types.StackerConfig, storage types.Storage, l types.
 	}
 	defer c.Close()
 
-	err = SetupBuildContainerConfig(sc, storage, c, tag)
+	inDir := types.InternalStackerDir
+	err = SetupBuildContainerConfig(sc, storage, c, inDir, tag)
 	if err != nil {
 		log.Errorf("build container %v", err)
 		return err
 	}
 
-	err = SetupLayerConfig(sc, c, l, tag)
+	err = SetupLayerConfig(sc, c, l, inDir, tag)
 	if err != nil {
 		return err
 	}
 
-	cmd := []string{insideStaticStacker}
+	cmd := []string{filepath.Join(inDir, types.BinStacker)}
 
 	if sc.Debug {
 		cmd = append(cmd, "--debug")
 	}
 
-	cmd = append(cmd, "bom", "build", "/stacker/artifacts",
+	cmd = append(cmd, "bom", "build", filepath.Join(inDir, "artifacts"),
 		l.Annotations[types.AuthorAnnotation],
 		l.Annotations[types.OrgAnnotation],
 		l.Annotations[types.LicenseAnnotation],
@@ -71,25 +73,26 @@ func VerifyLayerArtifacts(sc types.StackerConfig, storage types.Storage, l types
 	}
 	defer c.Close()
 
-	err = SetupBuildContainerConfig(sc, storage, c, tag)
+	inDir := types.InternalStackerDir
+	err = SetupBuildContainerConfig(sc, storage, c, inDir, tag)
 	if err != nil {
 		log.Errorf("build container %v", err)
 		return err
 	}
 
-	err = SetupLayerConfig(sc, c, l, tag)
+	err = SetupLayerConfig(sc, c, l, inDir, tag)
 	if err != nil {
 		return err
 	}
 
-	cmd := []string{insideStaticStacker}
+	cmd := []string{filepath.Join(inDir, types.BinStacker)}
 
 	if sc.Debug {
 		cmd = append(cmd, "--debug")
 	}
 
 	cmd = append(cmd, "bom", "verify",
-		fmt.Sprintf("/stacker/artifacts/%s.json", tag),
+		fmt.Sprintf(types.InternalStackerDir+"/artifacts/%s.json", tag),
 		tag, l.Annotations[types.AuthorAnnotation], l.Annotations[types.OrgAnnotation])
 
 	err = c.Execute(cmd, os.Stdin)