WiP: wrap pkg tool into base image

raphaelcoeffic · Dec 18, 2024 · 6c8c014 · 6c8c014
1 parent 65c8a4a
commit 6c8c014
Show file tree

Hide file tree

Showing 4 changed files with 124 additions and 4 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -29,15 +29,23 @@ jobs:
     - name: Checkout
       uses: actions/checkout@v4
 
+    - name: Build pkg tool
+      uses: houseabsolute/actions-rust-cross@v0
+      with:
+        target: ${{ matrix.platform.target }}
+        args: "--locked --release --bin pkg"
+        strip: true
+
     - name: Build base image
       env:
         ARCH: ${{ matrix.platform.arch }}
+        TARGET: ${{ matrix.platform.target }}
       run: |
         if [ "$ARCH" != "$(uname -m)" ]; then
           sudo apt-get update
           sudo apt-get install qemu-user-static
         fi
-        cargo run --bin build-img -- -a $ARCH
+        cargo run --bin build-img -- -a $ARCH -b target/$TARGET/release/pkg
         cargo clean
 
     - name: Upload artifacts - base image
@@ -46,8 +54,9 @@ jobs:
         name: base-${{ matrix.platform.target }}
         path: |
           base.tar.xz
+          base.sha256
 
-    - name: Build binary
+    - name: Build dive
       uses: houseabsolute/actions-rust-cross@v0
       with:
         target: ${{ matrix.platform.target }}

diff --git a/Makefile b/Makefile
@@ -0,0 +1,78 @@
+#
+# Helper Makefile to build base image
+#
+# - local build / debug:
+#    make base-image
+#
+# - release packaging:
+#    make base-image package=yes compress=yes build_profile=release
+#
+# - cross build:
+#    make base-image build_arch={aarch64 | x86_64}
+#
+# When building without packaging, dive can then be run with:
+#    dive -i nix/ [container name]
+#
+
+native_arch = $(shell uname -m)
+
+# aarch64 | x86_64
+build_arch ?= $(native_arch)
+
+# debug | release
+build_profile ?= debug
+
+# yes | no
+package ?= no
+
+# yes | no
+compress ?= no
+
+cargo_target ?= $(build_arch)-unknown-linux-musl
+
+ifeq ($(build_profile),debug)
+	cargo_profile = dev
+else ifeq ($(build_profile),release)
+    cargo_profile = release
+else
+	$(error unknown cargo build profile "$(build_profile)")
+endif
+
+pkg_bin = target/$(cargo_target)/$(build_profile)/pkg
+
+build_img = cargo run --bin build-img --
+build_img_args = -a $(build_arch) -b $(pkg_bin)
+
+ifeq ($(package),no)
+	build_img_args += -p nix --unpackaged
+else ifeq ($(compress),no)
+	build_img_args += --uncompressed
+endif
+
+cargo_build = cargo build --profile $(cargo_profile) --target $(cargo_target)
+
+.PHONY: clean dist-clean base-image pkg-bin $(pkg_bin)
+
+base_files = base.sha256 base.tar base.tar.xz
+
+clean:
+	@echo "Removing base files"
+	@rm -f $(base_files)
+	@echo "Removing nix directory"
+	@chmod -R +w nix/* 2>/dev/null ; rm -rf ./nix
+
+dist-clean: clean
+	@echo "Removing rust builds"
+	@rm -rf target
+
+base-image: pkg-bin
+	@echo "Building base image"
+	$(build_img) $(build_img_args)
+
+pkg-bin: $(pkg_bin)
+
+$(pkg_bin):
+	@echo "Building pkg tool"
+	$(cargo_build) --bin pkg
+	@echo "Stripping debug info"
+	strip $@
diff --git a/src/bin/build-img.rs b/src/bin/build-img.rs
@@ -16,14 +16,22 @@ struct Args {
     #[arg(short, long, env)]
     persistent_base_dir: Option<PathBuf>,
 
-    /// Persistent base directory
+    /// Alternative flake directory
     #[arg(short, long, env)]
     flake_dir: Option<PathBuf>,
 
+    /// Add binary into base image
+    #[arg(short = 'b', long = "add-binary")]
+    binaries: Vec<PathBuf>,
+
     /// Architecture
     #[arg(short, long, env)]
     arch: Option<String>,
 
+    /// No packaging
+    #[arg(long, env)]
+    unpackaged: bool,
+
     /// Compress base image
     #[arg(short, long, env)]
     uncompressed: bool,
@@ -102,7 +110,11 @@ fn main() -> Result<()> {
 
     let base_dir = BaseDir::new(args.persistent_base_dir)?;
     let mut base_builder = BaseImageBuilder::new(base_dir.path());
-    base_builder.package(args.output, !args.uncompressed);
+    base_builder.binaries(args.binaries);
+
+    if !args.unpackaged {
+        base_builder.package(args.output, !args.uncompressed);
+    }
 
     if let Some(flake_dir) = args.flake_dir {
         base_builder.flake_dir(flake_dir);

diff --git a/src/image_builder.rs b/src/image_builder.rs
@@ -42,6 +42,7 @@ static STATIC_FILES: &[(&str, &str)] =
 pub struct BaseImageBuilder {
     nix_dir: PathBuf,
     flake_dir: Option<PathBuf>,
+    binaries: Vec<PathBuf>,
     shell_exec: bool,
     package_output: Option<PathBuf>,
     compress: bool,
@@ -59,6 +60,7 @@ impl BaseImageBuilder {
         BaseImageBuilder {
             nix_dir: nix_dir.as_ref().to_owned(),
             flake_dir: None,
+            binaries: Vec::new(),
             shell_exec: false,
             package_output: None,
             compress: false,
@@ -73,6 +75,11 @@ impl BaseImageBuilder {
         self
     }
 
+    pub fn binaries(&mut self, binaries: Vec<PathBuf>) -> &mut Self {
+        self.binaries = binaries;
+        self
+    }
+
     pub fn shell_exec(&mut self, shell_exec: bool) -> &mut Self {
         self.shell_exec = shell_exec;
         self
@@ -123,6 +130,20 @@ impl BaseImageBuilder {
             return Self::POST_PROCESS_FAILED;
         }
 
+        if let Err(err) = self.binaries.iter().try_for_each(|p| {
+            // TODO: hasher.update(content);
+            fs::copy(
+                p,
+                Path::new(crate::BASE_DIR)
+                    .join("bin")
+                    .join(p.file_name().unwrap()),
+            )
+            .map(|_| ())
+        }) {
+            log::error!("failed to copy static files: {err}");
+            return Self::POST_PROCESS_FAILED;
+        }
+
         let hash = hasher.finalize();
         if let Err(err) = fs::write(BASE_SHA256, format!("{:x}\n", hash)) {
             log::error!("failed to write hash file: {err}");