| Message ID | 20260130160254.1770742-6-barnabas.pocze@ideasonboard.com |
|---|---|
| State | New |
| Headers | show |
| Series |
|
| Related | show |
Hi Barnabás On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: > Add a document that describes how the debian based root file system can be > built and where it needs to be deployed. I wonder if this is the right place where to store this.. This very much depend on the architecture of the LAVA lab instance, the container image that has to be run by the board has to live in a registry within the same network as the DUT, it's all very specific to a LAB installation which makes me wonder if libcamera-ci is the right place where to store this.. True, the lava job description strictly depend on what we run on the device and this provides a blueprint for replicating it. I'm a bit in two minds here > > Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > --- > .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ > containers/debian-rootfs/build.sh | 9 +++ > .../overlay/opt/test-libcamera.sh | 18 ++++++ > doc/debian-rootfs.rst | 47 ++++++++++++++ > 4 files changed, 136 insertions(+) > create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh > create mode 100755 containers/debian-rootfs/build.sh > create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh > create mode 100644 doc/debian-rootfs.rst > > diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh > new file mode 100755 > index 0000000..af9db02 > --- /dev/null > +++ b/containers/debian-rootfs/build-debian-rootfs.sh > @@ -0,0 +1,62 @@ > +#!/bin/bash > +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild > + > +set -ex > + > +packages=( > + # misc. > + ca-certificates > + coreutils > + chrony > + curl > + iproute2 > + kmod > + moreutils > + openssh-server > + v4l-utils > + wget > + > + # runtime dependencies > + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job > + libevent-2.1-7 > + libevent-pthreads-2.1-7 > + libssl3t64 > + libudev1 > + libyaml-0-2 > + udev > +) > + > +deb_distribution="$1" > +deb_arch="$2" > +container_image_name="$3" > +overlay_dir="$4" > + > +newcontainer=$(buildah from scratch) > +scratchmnt=$(buildah mount "$newcontainer") > + > +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" > + > +buildah run --isolation=chroot "$newcontainer" apt update -y > +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv > +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" > +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' > +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' > +buildah run --isolation=chroot "$newcontainer" apt autoclean -y > +buildah run --isolation=chroot "$newcontainer" apt autopurge -y > + > +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ > +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ > + > +if [[ -d "$overlay_dir" ]]; then > + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" > +fi > + > +buildah unmount "$newcontainer" > + > +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" > +buildah config --os linux "$newcontainer" > +buildah config --arch "$deb_arch" "$newcontainer" > + > +buildah commit --format=docker "$newcontainer" "$container_image_name" > + > +podman image inspect "$container_image_name" > diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh > new file mode 100755 > index 0000000..71c9fa2 > --- /dev/null > +++ b/containers/debian-rootfs/build.sh > @@ -0,0 +1,9 @@ > +#!/bin/bash > + > +set -ex > + > +exec buildah unshare ./build-debian-rootfs.sh \ > + trixie \ > + arm64 \ > + localhost/libcamera-ci/debian-rootfs:arm64 \ > + ./overlay > diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > new file mode 100755 > index 0000000..a22a17d > --- /dev/null > +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > @@ -0,0 +1,18 @@ > +#!/bin/bash > + > +set -ex > + > +pkg_source="$1" > +camera_id="$2" > + > +trap 'rm -rf /tmp/libcamera.deb' EXIT > +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" > +dpkg -i /tmp/libcamera.deb > +rm -rf /tmp/libcamera.deb > + > +env \ > + LIBCAMERA_LOG_COLOR=no \ > + GTEST_COLOR=no \ > + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ > + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ > + lc-compliance -c "$camera_id" > diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst > new file mode 100644 > index 0000000..1cb45a1 > --- /dev/null > +++ b/doc/debian-rootfs.rst > @@ -0,0 +1,47 @@ > +.. SPDX-License-Identifier: CC-BY-SA-4.0 > + > +Creating the root file system for on device testing > +=================================================== > + > +At the moment, the root file system used with boot2container for testing > +needs to be built and deployed manually. > + > +Building > +-------- > + > +Some dependencies that might need to be installed: > + > + * `buildah`_ > + * debootstrap > + * rsync > + * qemu user emulation for aarch64 with binfmt setup > + > +.. _buildah: https://buildah.io/ > + > +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: > + > +.. code:: shell > + > + $ ./build.sh > + > +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` > +should be available. > + > +Deployment > +---------- > + > +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal > +registry running alongside the LAVA services. After starting SSH forwarding: > + > +.. code:: shell > + > + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} > + > +the image must be tagged for the registry and pushed: > + > +.. code:: shell > + > + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest > + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 > + > +Internal documentation describes how to gain access. > -- > 2.52.0
On Wed, Feb 04, 2026 at 10:43:40AM +0100, Jacopo Mondi wrote: > Hi Barnabás > > On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: > > Add a document that describes how the debian based root file system can be > > built and where it needs to be deployed. > > I wonder if this is the right place where to store this.. > > This very much depend on the architecture of the LAVA lab instance, > the container image that has to be run by the board has to live in a > registry within the same network as the DUT, it's all very specific to > a LAB installation which makes me wonder if libcamera-ci is the right > place where to store this.. > > True, the lava job description strictly depend on what we run on the > device and this provides a blueprint for replicating it. > > I'm a bit in two minds here It may not be the perfect place, but I think it's fine to start with. We can move the documentation later if needed. > > Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > > --- > > .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ > > containers/debian-rootfs/build.sh | 9 +++ > > .../overlay/opt/test-libcamera.sh | 18 ++++++ > > doc/debian-rootfs.rst | 47 ++++++++++++++ > > 4 files changed, 136 insertions(+) > > create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh > > create mode 100755 containers/debian-rootfs/build.sh > > create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh > > create mode 100644 doc/debian-rootfs.rst > > > > diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh > > new file mode 100755 > > index 0000000..af9db02 > > --- /dev/null > > +++ b/containers/debian-rootfs/build-debian-rootfs.sh > > @@ -0,0 +1,62 @@ > > +#!/bin/bash Please add an SPDX license tag. Same for the other files. > > +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild > > + > > +set -ex > > + > > +packages=( > > + # misc. > > + ca-certificates > > + coreutils > > + chrony > > + curl > > + iproute2 > > + kmod > > + moreutils > > + openssh-server > > + v4l-utils > > + wget > > + > > + # runtime dependencies > > + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job > > + libevent-2.1-7 > > + libevent-pthreads-2.1-7 > > + libssl3t64 > > + libudev1 > > + libyaml-0-2 > > + udev > > +) > > + > > +deb_distribution="$1" > > +deb_arch="$2" > > +container_image_name="$3" > > +overlay_dir="$4" > > + > > +newcontainer=$(buildah from scratch) > > +scratchmnt=$(buildah mount "$newcontainer") > > + > > +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" I was going to say that depending on debootstrap is a bit annoying, but I then noticed it's packaged by Gentoo, so I suppose it doesn't restrict the host system to being Debian-based. Did you get to try using a Containerfile, as per the review discussion in v1 ? I'm not saying we have to switch, but I'd like to know if you've investigated and decided to keep buildah for specific reasons. > > + > > +buildah run --isolation=chroot "$newcontainer" apt update -y > > +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv > > +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" > > +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' > > +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' > > +buildah run --isolation=chroot "$newcontainer" apt autoclean -y > > +buildah run --isolation=chroot "$newcontainer" apt autopurge -y > > + > > +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ > > +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ > > + > > +if [[ -d "$overlay_dir" ]]; then > > + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" > > +fi > > + > > +buildah unmount "$newcontainer" > > + > > +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" > > +buildah config --os linux "$newcontainer" > > +buildah config --arch "$deb_arch" "$newcontainer" > > + > > +buildah commit --format=docker "$newcontainer" "$container_image_name" > > + > > +podman image inspect "$container_image_name" > > diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh > > new file mode 100755 > > index 0000000..71c9fa2 > > --- /dev/null > > +++ b/containers/debian-rootfs/build.sh > > @@ -0,0 +1,9 @@ > > +#!/bin/bash > > + > > +set -ex > > + > > +exec buildah unshare ./build-debian-rootfs.sh \ > > + trixie \ > > + arm64 \ > > + localhost/libcamera-ci/debian-rootfs:arm64 \ > > + ./overlay > > diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > > new file mode 100755 > > index 0000000..a22a17d > > --- /dev/null > > +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > > @@ -0,0 +1,18 @@ > > +#!/bin/bash > > + > > +set -ex > > + > > +pkg_source="$1" > > +camera_id="$2" > > + > > +trap 'rm -rf /tmp/libcamera.deb' EXIT > > +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" > > +dpkg -i /tmp/libcamera.deb > > +rm -rf /tmp/libcamera.deb > > + > > +env \ > > + LIBCAMERA_LOG_COLOR=no \ > > + GTEST_COLOR=no \ > > + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ > > + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ > > + lc-compliance -c "$camera_id" > > diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst > > new file mode 100644 > > index 0000000..1cb45a1 > > --- /dev/null > > +++ b/doc/debian-rootfs.rst > > @@ -0,0 +1,47 @@ > > +.. SPDX-License-Identifier: CC-BY-SA-4.0 > > + > > +Creating the root file system for on device testing > > +=================================================== > > + > > +At the moment, the root file system used with boot2container for testing > > +needs to be built and deployed manually. > > + > > +Building > > +-------- > > + > > +Some dependencies that might need to be installed: "might" ? I'd write The following dependencies need to be installed: > > + > > + * `buildah`_ > > + * debootstrap > > + * rsync > > + * qemu user emulation for aarch64 with binfmt setup > > + > > +.. _buildah: https://buildah.io/ > > + > > +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: s/execute the/execute/ (or add "script" after build.sh) > > + > > +.. code:: shell > > + > > + $ ./build.sh > > + > > +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` > > +should be available. > > + > > +Deployment > > +---------- > > + > > +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal > > +registry running alongside the LAVA services. After starting SSH forwarding: > > + > > +.. code:: shell > > + > > + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} > > + > > +the image must be tagged for the registry and pushed: s/^the/The/ > > + > > +.. code:: shell > > + > > + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest > > + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 > > + > > +Internal documentation describes how to gain access. I'd drop this last line. Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
2026. 02. 05. 15:10 keltezéssel, Laurent Pinchart írta: > On Wed, Feb 04, 2026 at 10:43:40AM +0100, Jacopo Mondi wrote: >> Hi Barnabás >> >> On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: >>> Add a document that describes how the debian based root file system can be >>> built and where it needs to be deployed. >> >> I wonder if this is the right place where to store this.. >> >> This very much depend on the architecture of the LAVA lab instance, >> the container image that has to be run by the board has to live in a >> registry within the same network as the DUT, it's all very specific to >> a LAB installation which makes me wonder if libcamera-ci is the right >> place where to store this.. >> >> True, the lava job description strictly depend on what we run on the >> device and this provides a blueprint for replicating it. >> >> I'm a bit in two minds here > > It may not be the perfect place, but I think it's fine to start with. We > can move the documentation later if needed. > >>> Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> >>> --- >>> .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ >>> containers/debian-rootfs/build.sh | 9 +++ >>> .../overlay/opt/test-libcamera.sh | 18 ++++++ >>> doc/debian-rootfs.rst | 47 ++++++++++++++ >>> 4 files changed, 136 insertions(+) >>> create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh >>> create mode 100755 containers/debian-rootfs/build.sh >>> create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh >>> create mode 100644 doc/debian-rootfs.rst >>> >>> diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh >>> new file mode 100755 >>> index 0000000..af9db02 >>> --- /dev/null >>> +++ b/containers/debian-rootfs/build-debian-rootfs.sh >>> @@ -0,0 +1,62 @@ >>> +#!/bin/bash > > Please add an SPDX license tag. Same for the other files. > >>> +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild >>> + >>> +set -ex >>> + >>> +packages=( >>> + # misc. >>> + ca-certificates >>> + coreutils >>> + chrony >>> + curl >>> + iproute2 >>> + kmod >>> + moreutils >>> + openssh-server >>> + v4l-utils >>> + wget >>> + >>> + # runtime dependencies >>> + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job >>> + libevent-2.1-7 >>> + libevent-pthreads-2.1-7 >>> + libssl3t64 >>> + libudev1 >>> + libyaml-0-2 >>> + udev >>> +) >>> + >>> +deb_distribution="$1" >>> +deb_arch="$2" >>> +container_image_name="$3" >>> +overlay_dir="$4" >>> + >>> +newcontainer=$(buildah from scratch) >>> +scratchmnt=$(buildah mount "$newcontainer") >>> + >>> +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" > > I was going to say that depending on debootstrap is a bit annoying, but > I then noticed it's packaged by Gentoo, so I suppose it doesn't restrict > the host system to being Debian-based. Packaged by Arch as well, otherwise I'd have used something different. I think it is packaged by most: https://repology.org/project/debootstrap/versions > > Did you get to try using a Containerfile, as per the review discussion > in v1 ? I'm not saying we have to switch, but I'd like to know if you've > investigated and decided to keep buildah for specific reasons. I wanted to keep the option of using an "overlay" directory with rsync (although at the moment only a single file is really needed, so it's a bit of an overkill), and I don't know if it could be easily done in a Containerfile. I have not investigated it in depth, though. Apart from that, I think it shouldn't be too hard to change (not tested). > >>> + >>> +buildah run --isolation=chroot "$newcontainer" apt update -y >>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv >>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" >>> +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' >>> +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' >>> +buildah run --isolation=chroot "$newcontainer" apt autoclean -y >>> +buildah run --isolation=chroot "$newcontainer" apt autopurge -y >>> + >>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ >>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ >>> + >>> +if [[ -d "$overlay_dir" ]]; then >>> + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" >>> +fi >>> + >>> +buildah unmount "$newcontainer" >>> + >>> +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" >>> +buildah config --os linux "$newcontainer" >>> +buildah config --arch "$deb_arch" "$newcontainer" >>> + >>> +buildah commit --format=docker "$newcontainer" "$container_image_name" >>> + >>> +podman image inspect "$container_image_name" >>> diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh >>> new file mode 100755 >>> index 0000000..71c9fa2 >>> --- /dev/null >>> +++ b/containers/debian-rootfs/build.sh >>> @@ -0,0 +1,9 @@ >>> +#!/bin/bash >>> + >>> +set -ex >>> + >>> +exec buildah unshare ./build-debian-rootfs.sh \ >>> + trixie \ >>> + arm64 \ >>> + localhost/libcamera-ci/debian-rootfs:arm64 \ >>> + ./overlay >>> diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh >>> new file mode 100755 >>> index 0000000..a22a17d >>> --- /dev/null >>> +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh >>> @@ -0,0 +1,18 @@ >>> +#!/bin/bash >>> + >>> +set -ex >>> + >>> +pkg_source="$1" >>> +camera_id="$2" >>> + >>> +trap 'rm -rf /tmp/libcamera.deb' EXIT >>> +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" >>> +dpkg -i /tmp/libcamera.deb >>> +rm -rf /tmp/libcamera.deb >>> + >>> +env \ >>> + LIBCAMERA_LOG_COLOR=no \ >>> + GTEST_COLOR=no \ >>> + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ >>> + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ >>> + lc-compliance -c "$camera_id" >>> diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst >>> new file mode 100644 >>> index 0000000..1cb45a1 >>> --- /dev/null >>> +++ b/doc/debian-rootfs.rst >>> @@ -0,0 +1,47 @@ >>> +.. SPDX-License-Identifier: CC-BY-SA-4.0 >>> + >>> +Creating the root file system for on device testing >>> +=================================================== >>> + >>> +At the moment, the root file system used with boot2container for testing >>> +needs to be built and deployed manually. >>> + >>> +Building >>> +-------- >>> + >>> +Some dependencies that might need to be installed: > > "might" ? I'd write > > The following dependencies need to be installed: > >>> + >>> + * `buildah`_ >>> + * debootstrap >>> + * rsync >>> + * qemu user emulation for aarch64 with binfmt setup >>> + >>> +.. _buildah: https://buildah.io/ >>> + >>> +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: > > s/execute the/execute/ (or add "script" after build.sh) > >>> + >>> +.. code:: shell >>> + >>> + $ ./build.sh >>> + >>> +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` >>> +should be available. >>> + >>> +Deployment >>> +---------- >>> + >>> +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal >>> +registry running alongside the LAVA services. After starting SSH forwarding: >>> + >>> +.. code:: shell >>> + >>> + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} >>> + >>> +the image must be tagged for the registry and pushed: > > s/^the/The/ > >>> + >>> +.. code:: shell >>> + >>> + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest >>> + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 >>> + >>> +Internal documentation describes how to gain access. > > I'd drop this last line. Done, all of the above. > > Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> >
On Mon, Feb 09, 2026 at 11:36:10AM +0100, Barnabás Pőcze wrote: > 2026. 02. 05. 15:10 keltezéssel, Laurent Pinchart írta: > > On Wed, Feb 04, 2026 at 10:43:40AM +0100, Jacopo Mondi wrote: > >> On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: > >>> Add a document that describes how the debian based root file system can be > >>> built and where it needs to be deployed. > >> > >> I wonder if this is the right place where to store this.. > >> > >> This very much depend on the architecture of the LAVA lab instance, > >> the container image that has to be run by the board has to live in a > >> registry within the same network as the DUT, it's all very specific to > >> a LAB installation which makes me wonder if libcamera-ci is the right > >> place where to store this.. > >> > >> True, the lava job description strictly depend on what we run on the > >> device and this provides a blueprint for replicating it. > >> > >> I'm a bit in two minds here > > > > It may not be the perfect place, but I think it's fine to start with. We > > can move the documentation later if needed. > > > >>> Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > >>> --- > >>> .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ > >>> containers/debian-rootfs/build.sh | 9 +++ > >>> .../overlay/opt/test-libcamera.sh | 18 ++++++ > >>> doc/debian-rootfs.rst | 47 ++++++++++++++ > >>> 4 files changed, 136 insertions(+) > >>> create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh > >>> create mode 100755 containers/debian-rootfs/build.sh > >>> create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>> create mode 100644 doc/debian-rootfs.rst > >>> > >>> diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh > >>> new file mode 100755 > >>> index 0000000..af9db02 > >>> --- /dev/null > >>> +++ b/containers/debian-rootfs/build-debian-rootfs.sh > >>> @@ -0,0 +1,62 @@ > >>> +#!/bin/bash > > > > Please add an SPDX license tag. Same for the other files. > > > >>> +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild > >>> + > >>> +set -ex > >>> + > >>> +packages=( > >>> + # misc. > >>> + ca-certificates > >>> + coreutils > >>> + chrony > >>> + curl > >>> + iproute2 > >>> + kmod > >>> + moreutils > >>> + openssh-server > >>> + v4l-utils > >>> + wget > >>> + > >>> + # runtime dependencies > >>> + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job > >>> + libevent-2.1-7 > >>> + libevent-pthreads-2.1-7 > >>> + libssl3t64 > >>> + libudev1 > >>> + libyaml-0-2 > >>> + udev > >>> +) > >>> + > >>> +deb_distribution="$1" > >>> +deb_arch="$2" > >>> +container_image_name="$3" > >>> +overlay_dir="$4" > >>> + > >>> +newcontainer=$(buildah from scratch) > >>> +scratchmnt=$(buildah mount "$newcontainer") > >>> + > >>> +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" > > > > I was going to say that depending on debootstrap is a bit annoying, but > > I then noticed it's packaged by Gentoo, so I suppose it doesn't restrict > > the host system to being Debian-based. > > Packaged by Arch as well, otherwise I'd have used something different. > I think it is packaged by most: https://repology.org/project/debootstrap/versions > > > Did you get to try using a Containerfile, as per the review discussion > > in v1 ? I'm not saying we have to switch, but I'd like to know if you've > > investigated and decided to keep buildah for specific reasons. > > I wanted to keep the option of using an "overlay" directory with rsync > (although at the moment only a single file is really needed, so it's a > bit of an overkill), and I don't know if it could be easily done in a > Containerfile. Isn't it what the COPY instruction does ? > I have not investigated it in depth, though. Apart from that, > I think it shouldn't be too hard to change (not tested). > > >>> + > >>> +buildah run --isolation=chroot "$newcontainer" apt update -y > >>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv > >>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" > >>> +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' > >>> +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' > >>> +buildah run --isolation=chroot "$newcontainer" apt autoclean -y > >>> +buildah run --isolation=chroot "$newcontainer" apt autopurge -y > >>> + > >>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ > >>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ > >>> + > >>> +if [[ -d "$overlay_dir" ]]; then > >>> + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" > >>> +fi > >>> + > >>> +buildah unmount "$newcontainer" > >>> + > >>> +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" > >>> +buildah config --os linux "$newcontainer" > >>> +buildah config --arch "$deb_arch" "$newcontainer" > >>> + > >>> +buildah commit --format=docker "$newcontainer" "$container_image_name" > >>> + > >>> +podman image inspect "$container_image_name" > >>> diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh > >>> new file mode 100755 > >>> index 0000000..71c9fa2 > >>> --- /dev/null > >>> +++ b/containers/debian-rootfs/build.sh > >>> @@ -0,0 +1,9 @@ > >>> +#!/bin/bash > >>> + > >>> +set -ex > >>> + > >>> +exec buildah unshare ./build-debian-rootfs.sh \ > >>> + trixie \ > >>> + arm64 \ > >>> + localhost/libcamera-ci/debian-rootfs:arm64 \ > >>> + ./overlay > >>> diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>> new file mode 100755 > >>> index 0000000..a22a17d > >>> --- /dev/null > >>> +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>> @@ -0,0 +1,18 @@ > >>> +#!/bin/bash > >>> + > >>> +set -ex > >>> + > >>> +pkg_source="$1" > >>> +camera_id="$2" > >>> + > >>> +trap 'rm -rf /tmp/libcamera.deb' EXIT > >>> +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" > >>> +dpkg -i /tmp/libcamera.deb > >>> +rm -rf /tmp/libcamera.deb > >>> + > >>> +env \ > >>> + LIBCAMERA_LOG_COLOR=no \ > >>> + GTEST_COLOR=no \ > >>> + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ > >>> + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ > >>> + lc-compliance -c "$camera_id" > >>> diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst > >>> new file mode 100644 > >>> index 0000000..1cb45a1 > >>> --- /dev/null > >>> +++ b/doc/debian-rootfs.rst > >>> @@ -0,0 +1,47 @@ > >>> +.. SPDX-License-Identifier: CC-BY-SA-4.0 > >>> + > >>> +Creating the root file system for on device testing > >>> +=================================================== > >>> + > >>> +At the moment, the root file system used with boot2container for testing > >>> +needs to be built and deployed manually. > >>> + > >>> +Building > >>> +-------- > >>> + > >>> +Some dependencies that might need to be installed: > > > > "might" ? I'd write > > > > The following dependencies need to be installed: > > > >>> + > >>> + * `buildah`_ > >>> + * debootstrap > >>> + * rsync > >>> + * qemu user emulation for aarch64 with binfmt setup > >>> + > >>> +.. _buildah: https://buildah.io/ > >>> + > >>> +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: > > > > s/execute the/execute/ (or add "script" after build.sh) > > > >>> + > >>> +.. code:: shell > >>> + > >>> + $ ./build.sh > >>> + > >>> +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` > >>> +should be available. > >>> + > >>> +Deployment > >>> +---------- > >>> + > >>> +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal > >>> +registry running alongside the LAVA services. After starting SSH forwarding: > >>> + > >>> +.. code:: shell > >>> + > >>> + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} > >>> + > >>> +the image must be tagged for the registry and pushed: > > > > s/^the/The/ > > > >>> + > >>> +.. code:: shell > >>> + > >>> + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest > >>> + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 > >>> + > >>> +Internal documentation describes how to gain access. > > > > I'd drop this last line. > > Done, all of the above. > > > Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
2026. 02. 09. 12:01 keltezéssel, Laurent Pinchart írta: > On Mon, Feb 09, 2026 at 11:36:10AM +0100, Barnabás Pőcze wrote: >> 2026. 02. 05. 15:10 keltezéssel, Laurent Pinchart írta: >>> On Wed, Feb 04, 2026 at 10:43:40AM +0100, Jacopo Mondi wrote: >>>> On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: >>>>> Add a document that describes how the debian based root file system can be >>>>> built and where it needs to be deployed. >>>> >>>> I wonder if this is the right place where to store this.. >>>> >>>> This very much depend on the architecture of the LAVA lab instance, >>>> the container image that has to be run by the board has to live in a >>>> registry within the same network as the DUT, it's all very specific to >>>> a LAB installation which makes me wonder if libcamera-ci is the right >>>> place where to store this.. >>>> >>>> True, the lava job description strictly depend on what we run on the >>>> device and this provides a blueprint for replicating it. >>>> >>>> I'm a bit in two minds here >>> >>> It may not be the perfect place, but I think it's fine to start with. We >>> can move the documentation later if needed. >>> >>>>> Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> >>>>> --- >>>>> .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ >>>>> containers/debian-rootfs/build.sh | 9 +++ >>>>> .../overlay/opt/test-libcamera.sh | 18 ++++++ >>>>> doc/debian-rootfs.rst | 47 ++++++++++++++ >>>>> 4 files changed, 136 insertions(+) >>>>> create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh >>>>> create mode 100755 containers/debian-rootfs/build.sh >>>>> create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh >>>>> create mode 100644 doc/debian-rootfs.rst >>>>> >>>>> diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh >>>>> new file mode 100755 >>>>> index 0000000..af9db02 >>>>> --- /dev/null >>>>> +++ b/containers/debian-rootfs/build-debian-rootfs.sh >>>>> @@ -0,0 +1,62 @@ >>>>> +#!/bin/bash >>> >>> Please add an SPDX license tag. Same for the other files. >>> >>>>> +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild >>>>> + >>>>> +set -ex >>>>> + >>>>> +packages=( >>>>> + # misc. >>>>> + ca-certificates >>>>> + coreutils >>>>> + chrony >>>>> + curl >>>>> + iproute2 >>>>> + kmod >>>>> + moreutils >>>>> + openssh-server >>>>> + v4l-utils >>>>> + wget >>>>> + >>>>> + # runtime dependencies >>>>> + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job >>>>> + libevent-2.1-7 >>>>> + libevent-pthreads-2.1-7 >>>>> + libssl3t64 >>>>> + libudev1 >>>>> + libyaml-0-2 >>>>> + udev >>>>> +) >>>>> + >>>>> +deb_distribution="$1" >>>>> +deb_arch="$2" >>>>> +container_image_name="$3" >>>>> +overlay_dir="$4" >>>>> + >>>>> +newcontainer=$(buildah from scratch) >>>>> +scratchmnt=$(buildah mount "$newcontainer") >>>>> + >>>>> +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" >>> >>> I was going to say that depending on debootstrap is a bit annoying, but >>> I then noticed it's packaged by Gentoo, so I suppose it doesn't restrict >>> the host system to being Debian-based. >> >> Packaged by Arch as well, otherwise I'd have used something different. >> I think it is packaged by most: https://repology.org/project/debootstrap/versions >> >>> Did you get to try using a Containerfile, as per the review discussion >>> in v1 ? I'm not saying we have to switch, but I'd like to know if you've >>> investigated and decided to keep buildah for specific reasons. >> >> I wanted to keep the option of using an "overlay" directory with rsync >> (although at the moment only a single file is really needed, so it's a >> bit of an overkill), and I don't know if it could be easily done in a >> Containerfile. > > Isn't it what the COPY instruction does ? Huh, I was under the impression that it won't "merge" already existing directories... but it seems it does do that. So I suppose it could be used. Should I convert it then? > >> I have not investigated it in depth, though. Apart from that, >> I think it shouldn't be too hard to change (not tested). >> >>>>> + >>>>> +buildah run --isolation=chroot "$newcontainer" apt update -y >>>>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv >>>>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" >>>>> +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' >>>>> +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' >>>>> +buildah run --isolation=chroot "$newcontainer" apt autoclean -y >>>>> +buildah run --isolation=chroot "$newcontainer" apt autopurge -y >>>>> + >>>>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ >>>>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ >>>>> + >>>>> +if [[ -d "$overlay_dir" ]]; then >>>>> + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" >>>>> +fi >>>>> + >>>>> +buildah unmount "$newcontainer" >>>>> + >>>>> +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" >>>>> +buildah config --os linux "$newcontainer" >>>>> +buildah config --arch "$deb_arch" "$newcontainer" >>>>> + >>>>> +buildah commit --format=docker "$newcontainer" "$container_image_name" >>>>> + >>>>> +podman image inspect "$container_image_name" >>>>> diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh >>>>> new file mode 100755 >>>>> index 0000000..71c9fa2 >>>>> --- /dev/null >>>>> +++ b/containers/debian-rootfs/build.sh >>>>> @@ -0,0 +1,9 @@ >>>>> +#!/bin/bash >>>>> + >>>>> +set -ex >>>>> + >>>>> +exec buildah unshare ./build-debian-rootfs.sh \ >>>>> + trixie \ >>>>> + arm64 \ >>>>> + localhost/libcamera-ci/debian-rootfs:arm64 \ >>>>> + ./overlay >>>>> diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh >>>>> new file mode 100755 >>>>> index 0000000..a22a17d >>>>> --- /dev/null >>>>> +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh >>>>> @@ -0,0 +1,18 @@ >>>>> +#!/bin/bash >>>>> + >>>>> +set -ex >>>>> + >>>>> +pkg_source="$1" >>>>> +camera_id="$2" >>>>> + >>>>> +trap 'rm -rf /tmp/libcamera.deb' EXIT >>>>> +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" >>>>> +dpkg -i /tmp/libcamera.deb >>>>> +rm -rf /tmp/libcamera.deb >>>>> + >>>>> +env \ >>>>> + LIBCAMERA_LOG_COLOR=no \ >>>>> + GTEST_COLOR=no \ >>>>> + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ >>>>> + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ >>>>> + lc-compliance -c "$camera_id" >>>>> diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst >>>>> new file mode 100644 >>>>> index 0000000..1cb45a1 >>>>> --- /dev/null >>>>> +++ b/doc/debian-rootfs.rst >>>>> @@ -0,0 +1,47 @@ >>>>> +.. SPDX-License-Identifier: CC-BY-SA-4.0 >>>>> + >>>>> +Creating the root file system for on device testing >>>>> +=================================================== >>>>> + >>>>> +At the moment, the root file system used with boot2container for testing >>>>> +needs to be built and deployed manually. >>>>> + >>>>> +Building >>>>> +-------- >>>>> + >>>>> +Some dependencies that might need to be installed: >>> >>> "might" ? I'd write >>> >>> The following dependencies need to be installed: >>> >>>>> + >>>>> + * `buildah`_ >>>>> + * debootstrap >>>>> + * rsync >>>>> + * qemu user emulation for aarch64 with binfmt setup >>>>> + >>>>> +.. _buildah: https://buildah.io/ >>>>> + >>>>> +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: >>> >>> s/execute the/execute/ (or add "script" after build.sh) >>> >>>>> + >>>>> +.. code:: shell >>>>> + >>>>> + $ ./build.sh >>>>> + >>>>> +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` >>>>> +should be available. >>>>> + >>>>> +Deployment >>>>> +---------- >>>>> + >>>>> +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal >>>>> +registry running alongside the LAVA services. After starting SSH forwarding: >>>>> + >>>>> +.. code:: shell >>>>> + >>>>> + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} >>>>> + >>>>> +the image must be tagged for the registry and pushed: >>> >>> s/^the/The/ >>> >>>>> + >>>>> +.. code:: shell >>>>> + >>>>> + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest >>>>> + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 >>>>> + >>>>> +Internal documentation describes how to gain access. >>> >>> I'd drop this last line. >> >> Done, all of the above. >> >>> Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> >
On Mon, Feb 09, 2026 at 01:31:10PM +0100, Barnabás Pőcze wrote: > 2026. 02. 09. 12:01 keltezéssel, Laurent Pinchart írta: > > On Mon, Feb 09, 2026 at 11:36:10AM +0100, Barnabás Pőcze wrote: > >> 2026. 02. 05. 15:10 keltezéssel, Laurent Pinchart írta: > >>> On Wed, Feb 04, 2026 at 10:43:40AM +0100, Jacopo Mondi wrote: > >>>> On Fri, Jan 30, 2026 at 05:02:54PM +0100, Barnabás Pőcze wrote: > >>>>> Add a document that describes how the debian based root file system can be > >>>>> built and where it needs to be deployed. > >>>> > >>>> I wonder if this is the right place where to store this.. > >>>> > >>>> This very much depend on the architecture of the LAVA lab instance, > >>>> the container image that has to be run by the board has to live in a > >>>> registry within the same network as the DUT, it's all very specific to > >>>> a LAB installation which makes me wonder if libcamera-ci is the right > >>>> place where to store this.. > >>>> > >>>> True, the lava job description strictly depend on what we run on the > >>>> device and this provides a blueprint for replicating it. > >>>> > >>>> I'm a bit in two minds here > >>> > >>> It may not be the perfect place, but I think it's fine to start with. We > >>> can move the documentation later if needed. > >>> > >>>>> Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > >>>>> --- > >>>>> .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ > >>>>> containers/debian-rootfs/build.sh | 9 +++ > >>>>> .../overlay/opt/test-libcamera.sh | 18 ++++++ > >>>>> doc/debian-rootfs.rst | 47 ++++++++++++++ > >>>>> 4 files changed, 136 insertions(+) > >>>>> create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh > >>>>> create mode 100755 containers/debian-rootfs/build.sh > >>>>> create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>>>> create mode 100644 doc/debian-rootfs.rst > >>>>> > >>>>> diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh > >>>>> new file mode 100755 > >>>>> index 0000000..af9db02 > >>>>> --- /dev/null > >>>>> +++ b/containers/debian-rootfs/build-debian-rootfs.sh > >>>>> @@ -0,0 +1,62 @@ > >>>>> +#!/bin/bash > >>> > >>> Please add an SPDX license tag. Same for the other files. > >>> > >>>>> +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild > >>>>> + > >>>>> +set -ex > >>>>> + > >>>>> +packages=( > >>>>> + # misc. > >>>>> + ca-certificates > >>>>> + coreutils > >>>>> + chrony > >>>>> + curl > >>>>> + iproute2 > >>>>> + kmod > >>>>> + moreutils > >>>>> + openssh-server > >>>>> + v4l-utils > >>>>> + wget > >>>>> + > >>>>> + # runtime dependencies > >>>>> + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job > >>>>> + libevent-2.1-7 > >>>>> + libevent-pthreads-2.1-7 > >>>>> + libssl3t64 > >>>>> + libudev1 > >>>>> + libyaml-0-2 > >>>>> + udev > >>>>> +) > >>>>> + > >>>>> +deb_distribution="$1" > >>>>> +deb_arch="$2" > >>>>> +container_image_name="$3" > >>>>> +overlay_dir="$4" > >>>>> + > >>>>> +newcontainer=$(buildah from scratch) > >>>>> +scratchmnt=$(buildah mount "$newcontainer") > >>>>> + > >>>>> +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" > >>> > >>> I was going to say that depending on debootstrap is a bit annoying, but > >>> I then noticed it's packaged by Gentoo, so I suppose it doesn't restrict > >>> the host system to being Debian-based. > >> > >> Packaged by Arch as well, otherwise I'd have used something different. > >> I think it is packaged by most: https://repology.org/project/debootstrap/versions > >> > >>> Did you get to try using a Containerfile, as per the review discussion > >>> in v1 ? I'm not saying we have to switch, but I'd like to know if you've > >>> investigated and decided to keep buildah for specific reasons. > >> > >> I wanted to keep the option of using an "overlay" directory with rsync > >> (although at the moment only a single file is really needed, so it's a > >> bit of an overkill), and I don't know if it could be easily done in a > >> Containerfile. > > > > Isn't it what the COPY instruction does ? > > Huh, I was under the impression that it won't "merge" already existing > directories... but it seems it does do that. So I suppose it could be used. > Should I convert it then? Up to you. I think my preference for Containerfile comes largely from the fact I have never used buildah. I don't have enough experience to tell if one of the two approaches is better in this case, so you can decide. > >> I have not investigated it in depth, though. Apart from that, > >> I think it shouldn't be too hard to change (not tested). > >> > >>>>> + > >>>>> +buildah run --isolation=chroot "$newcontainer" apt update -y > >>>>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv > >>>>> +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" > >>>>> +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' > >>>>> +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' > >>>>> +buildah run --isolation=chroot "$newcontainer" apt autoclean -y > >>>>> +buildah run --isolation=chroot "$newcontainer" apt autopurge -y > >>>>> + > >>>>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ > >>>>> +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ > >>>>> + > >>>>> +if [[ -d "$overlay_dir" ]]; then > >>>>> + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" > >>>>> +fi > >>>>> + > >>>>> +buildah unmount "$newcontainer" > >>>>> + > >>>>> +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" > >>>>> +buildah config --os linux "$newcontainer" > >>>>> +buildah config --arch "$deb_arch" "$newcontainer" > >>>>> + > >>>>> +buildah commit --format=docker "$newcontainer" "$container_image_name" > >>>>> + > >>>>> +podman image inspect "$container_image_name" > >>>>> diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh > >>>>> new file mode 100755 > >>>>> index 0000000..71c9fa2 > >>>>> --- /dev/null > >>>>> +++ b/containers/debian-rootfs/build.sh > >>>>> @@ -0,0 +1,9 @@ > >>>>> +#!/bin/bash > >>>>> + > >>>>> +set -ex > >>>>> + > >>>>> +exec buildah unshare ./build-debian-rootfs.sh \ > >>>>> + trixie \ > >>>>> + arm64 \ > >>>>> + localhost/libcamera-ci/debian-rootfs:arm64 \ > >>>>> + ./overlay > >>>>> diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>>>> new file mode 100755 > >>>>> index 0000000..a22a17d > >>>>> --- /dev/null > >>>>> +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh > >>>>> @@ -0,0 +1,18 @@ > >>>>> +#!/bin/bash > >>>>> + > >>>>> +set -ex > >>>>> + > >>>>> +pkg_source="$1" > >>>>> +camera_id="$2" > >>>>> + > >>>>> +trap 'rm -rf /tmp/libcamera.deb' EXIT > >>>>> +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" > >>>>> +dpkg -i /tmp/libcamera.deb > >>>>> +rm -rf /tmp/libcamera.deb > >>>>> + > >>>>> +env \ > >>>>> + LIBCAMERA_LOG_COLOR=no \ > >>>>> + GTEST_COLOR=no \ > >>>>> + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ > >>>>> + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ > >>>>> + lc-compliance -c "$camera_id" > >>>>> diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst > >>>>> new file mode 100644 > >>>>> index 0000000..1cb45a1 > >>>>> --- /dev/null > >>>>> +++ b/doc/debian-rootfs.rst > >>>>> @@ -0,0 +1,47 @@ > >>>>> +.. SPDX-License-Identifier: CC-BY-SA-4.0 > >>>>> + > >>>>> +Creating the root file system for on device testing > >>>>> +=================================================== > >>>>> + > >>>>> +At the moment, the root file system used with boot2container for testing > >>>>> +needs to be built and deployed manually. > >>>>> + > >>>>> +Building > >>>>> +-------- > >>>>> + > >>>>> +Some dependencies that might need to be installed: > >>> > >>> "might" ? I'd write > >>> > >>> The following dependencies need to be installed: > >>> > >>>>> + > >>>>> + * `buildah`_ > >>>>> + * debootstrap > >>>>> + * rsync > >>>>> + * qemu user emulation for aarch64 with binfmt setup > >>>>> + > >>>>> +.. _buildah: https://buildah.io/ > >>>>> + > >>>>> +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: > >>> > >>> s/execute the/execute/ (or add "script" after build.sh) > >>> > >>>>> + > >>>>> +.. code:: shell > >>>>> + > >>>>> + $ ./build.sh > >>>>> + > >>>>> +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` > >>>>> +should be available. > >>>>> + > >>>>> +Deployment > >>>>> +---------- > >>>>> + > >>>>> +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal > >>>>> +registry running alongside the LAVA services. After starting SSH forwarding: > >>>>> + > >>>>> +.. code:: shell > >>>>> + > >>>>> + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} > >>>>> + > >>>>> +the image must be tagged for the registry and pushed: > >>> > >>> s/^the/The/ > >>> > >>>>> + > >>>>> +.. code:: shell > >>>>> + > >>>>> + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest > >>>>> + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 > >>>>> + > >>>>> +Internal documentation describes how to gain access. > >>> > >>> I'd drop this last line. > >> > >> Done, all of the above. > >> > >>> Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
diff --git a/containers/debian-rootfs/build-debian-rootfs.sh b/containers/debian-rootfs/build-debian-rootfs.sh new file mode 100755 index 0000000..af9db02 --- /dev/null +++ b/containers/debian-rootfs/build-debian-rootfs.sh @@ -0,0 +1,62 @@ +#!/bin/bash +# based on https://gitlab.freedesktop.org/freedesktop/ci-templates/-/blob/fb9d50ccb3cbbb4c6dc5f9ef53a0ad3cb0d8a177/bootstrap/cbuild + +set -ex + +packages=( + # misc. + ca-certificates + coreutils + chrony + curl + iproute2 + kmod + moreutils + openssh-server + v4l-utils + wget + + # runtime dependencies + # ensure that it is in sync with the `build-deb-for-lc-compliance-testing` job + libevent-2.1-7 + libevent-pthreads-2.1-7 + libssl3t64 + libudev1 + libyaml-0-2 + udev +) + +deb_distribution="$1" +deb_arch="$2" +container_image_name="$3" +overlay_dir="$4" + +newcontainer=$(buildah from scratch) +scratchmnt=$(buildah mount "$newcontainer") + +debootstrap --arch="$deb_arch" --variant=minbase "$deb_distribution" "$scratchmnt" + +buildah run --isolation=chroot "$newcontainer" apt update -y +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends systemd systemd-sysv +buildah run --isolation=chroot "$newcontainer" apt install -y --no-install-recommends "${packages[@]}" +buildah run --isolation=chroot "$newcontainer" bash -c 'printf "root\nroot\n" | passwd root' +buildah run --isolation=chroot "$newcontainer" bash -c 'echo "PermitRootLogin yes" > /etc/ssh/sshd_config.d/10-allow-root-password.conf' +buildah run --isolation=chroot "$newcontainer" apt autoclean -y +buildah run --isolation=chroot "$newcontainer" apt autopurge -y + +buildah run --isolation=chroot "$newcontainer" rm -rf /var/cache/ +buildah run --isolation=chroot "$newcontainer" rm -rf /var/lib/apt/ + +if [[ -d "$overlay_dir" ]]; then + rsync -av --chown=root:root "$overlay_dir/" "$scratchmnt/" +fi + +buildah unmount "$newcontainer" + +buildah config --entrypoint '["/sbin/init"]' "$newcontainer" +buildah config --os linux "$newcontainer" +buildah config --arch "$deb_arch" "$newcontainer" + +buildah commit --format=docker "$newcontainer" "$container_image_name" + +podman image inspect "$container_image_name" diff --git a/containers/debian-rootfs/build.sh b/containers/debian-rootfs/build.sh new file mode 100755 index 0000000..71c9fa2 --- /dev/null +++ b/containers/debian-rootfs/build.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -ex + +exec buildah unshare ./build-debian-rootfs.sh \ + trixie \ + arm64 \ + localhost/libcamera-ci/debian-rootfs:arm64 \ + ./overlay diff --git a/containers/debian-rootfs/overlay/opt/test-libcamera.sh b/containers/debian-rootfs/overlay/opt/test-libcamera.sh new file mode 100755 index 0000000..a22a17d --- /dev/null +++ b/containers/debian-rootfs/overlay/opt/test-libcamera.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +set -ex + +pkg_source="$1" +camera_id="$2" + +trap 'rm -rf /tmp/libcamera.deb' EXIT +curl --retry 3 -f -o /tmp/libcamera.deb -- "$pkg_source" +dpkg -i /tmp/libcamera.deb +rm -rf /tmp/libcamera.deb + +env \ + LIBCAMERA_LOG_COLOR=no \ + GTEST_COLOR=no \ + ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 \ + UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 \ + lc-compliance -c "$camera_id" diff --git a/doc/debian-rootfs.rst b/doc/debian-rootfs.rst new file mode 100644 index 0000000..1cb45a1 --- /dev/null +++ b/doc/debian-rootfs.rst @@ -0,0 +1,47 @@ +.. SPDX-License-Identifier: CC-BY-SA-4.0 + +Creating the root file system for on device testing +=================================================== + +At the moment, the root file system used with boot2container for testing +needs to be built and deployed manually. + +Building +-------- + +Some dependencies that might need to be installed: + + * `buildah`_ + * debootstrap + * rsync + * qemu user emulation for aarch64 with binfmt setup + +.. _buildah: https://buildah.io/ + +Simply ``cd`` into the ``containers/debian-rootfs`` directory, and execute the ``build.sh``: + +.. code:: shell + + $ ./build.sh + +If everything succeeds, a new image tagged as ``localhost/libcamera-ci/debian-rootfs:arm64`` +should be available. + +Deployment +---------- + +The ``localhost/libcamera-ci/debian-rootfs:arm64`` image must be pushed to the internal +registry running alongside the LAVA services. After starting SSH forwarding: + +.. code:: shell + + $ ssh -N -v -L 127.0.0.1:5000:${REGISTRY_LOCAL_ADDR}:5000 ssh://${REGISTRY_REMOTE_ADDR} + +the image must be tagged for the registry and pushed: + +.. code:: shell + + $ podman image tag localhost/libcamera-ci/debian-rootfs:arm64 localhost:5000/libcamera-ci/debian-rootfs-arm64:latest + $ podman image push --tls-verify=false localhost:5000/libcamera-ci/debian-rootfs-arm64 + +Internal documentation describes how to gain access.
Add a document that describes how the debian based root file system can be built and where it needs to be deployed. Signed-off-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> --- .../debian-rootfs/build-debian-rootfs.sh | 62 +++++++++++++++++++ containers/debian-rootfs/build.sh | 9 +++ .../overlay/opt/test-libcamera.sh | 18 ++++++ doc/debian-rootfs.rst | 47 ++++++++++++++ 4 files changed, 136 insertions(+) create mode 100755 containers/debian-rootfs/build-debian-rootfs.sh create mode 100755 containers/debian-rootfs/build.sh create mode 100755 containers/debian-rootfs/overlay/opt/test-libcamera.sh create mode 100644 doc/debian-rootfs.rst -- 2.52.0