815 Commits

Author SHA1 Message Date
Dimitri John Ledkov
dd79c5c75d
buildd: Re-enable merged /usr by default, as it is now required
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
2021-04-30 17:54:00 +01:00
Dimitri John Ledkov
dc2a472871
magic-proxy: replace http.client with urllib calls
Initialize passwords from sources.list.
Use urllib everywhere.
This way authentication is added to all the required requests.
And incoming headers, are passed to the outgoing requests.
And all the response headers, are passed to the original client.
And all the TCP & HTTP errors are passed back to the client.
Thus should avoiding hanging requests upon failure.
Also rewrite the URI when requesting things.
This allows to use private-ppa.buildd outside of launchpad.

Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
2021-04-30 17:50:28 +01:00
Dimitri John Ledkov
1cd8fe14b7
Change iptables calls, to query rules and quickly check that connectivity works after transparent proxy has been installed. LP: #1917920 2021-04-30 17:48:09 +01:00
Dimitri John Ledkov
20f76e7cf8
Merge branch 'preinstalled' of git+ssh://git.launchpad.net/~xnox/livecd-rootfs into ubuntu/master 2021-04-30 17:46:20 +01:00
Michael Hudson-Doyle
749bdeac44 Merge branch 'ubuntu/master' into new-ubuntu-oci 2021-04-30 11:46:16 +12:00
Dimitri John Ledkov
d5a8116428
Add support for generic preinstalled images. LP: #1923832 2021-04-26 11:04:37 +01:00
Thomas Bechtold
a81972a58b
add configure_oci function and use it in ubuntu-oci
With that, the Dockerfile modifications[0] currently done externally
are done now here. That means that the created rootfs tarball can be
directly used within a Dockerfile to create a container from scratch:

FROM scratch
ADD livecd.ubuntu-oci.rootfs.tar.gz /
CMD ["/bin/bash"]

[0]
https://github.com/tianon/docker-brew-ubuntu-core/blob/master/update.sh
2021-04-22 08:48:00 +02:00
Thomas Bechtold
ac4a95b931
Add new ubuntu-oci project
This is a copy of the ubuntu-base project.
Currently ubuntu-base is used as a base for the docker/OCI container
images. The rootfs tarball that is created with ubuntu-base is
published under [0]. That tarball is used in the FROM statement of the
Dockerfile as base and then a couple of modifications are done inside
of the Dockerfile[1].
The ubuntu-oci project will include the changes that are currently
done in the Dockerfile. With that:

1) a Dockerfile using that tarball will be just a 2 line thing:

   FROM scratch
   ADD ubuntu-hirsute-core-cloudimg-amd64-root.tar.gz /
   CMD ["/bin/bash"]

2) Ubuntu has the full control about the build process of the
docker/OCI container. No external sources (like [1]) need to be
modified anymore.
3) Ubuntu can publish containers without depending on the official
dockerhub containers[2]. Currently the containers for the AWS ECR
registry[3] use as a base[4] the official dockerhub containers. That's
no longer needed because a container just needs a Dockerfile described
in 1)

When the ubuntu-oci project has the modifications from [1] included,
we'll also update [1] to use the ubuntu-oci rootfs tarball as a base
and drop the modifications done at [1].

Note: Creating a new ubuntu-oci project instead of using ubuntu-base
will make sure that we don't break users who are currently using
ubuntu-base rootfs tarballs for doing their own thing.

[0] https://partner-images.canonical.com/core/
[1]
https://github.com/tianon/docker-brew-ubuntu-core/blob/master/update.sh
[2] https://hub.docker.com/_/ubuntu
[3] https://gallery.ecr.aws/ubuntu/ubuntu
[4]
https://launchpad.net/~ubuntu-docker-images/ubuntu-docker-images/+oci/ubuntu/+recipe/ubuntu-20.04
2021-04-22 07:39:15 +02:00
Łukasz 'sil2100' Zemczak
52f3b69331 Enable using ubuntu-server-raspi, clean up handling of raspi setup. 2021-04-20 11:15:44 +02:00
Łukasz 'sil2100' Zemczak
b9eb0aaee3 Drop imx6 support as it never really happened. 2021-04-20 10:54:50 +02:00
Łukasz 'sil2100' Zemczak
1d537bf78d Temporarily hack in ubuntu-raspi-settings for raspi images (we should be using seeds tho). 2021-04-19 21:49:43 +02:00
Iain Lane
42409e7068
auto/config: Install pi-bluetooth for raspi images
These are in restricted, and so cannot be depended on by the
metapackages which are in main.
2021-01-04 10:25:09 +00:00
Sebastien Bacher
ed8ee60c98 Desktop is using the hwe kernel, do the same on canary 2020-12-03 20:29:59 +01:00
Łukasz 'sil2100' Zemczak
c2733a55f7 Still hardcode UC20 amd64 image size, but to the same value as for UC16 and UC18. 2020-12-03 12:18:57 +01:00
Dimitri John Ledkov
2f84bc9a84
config: on hirsute build UC22 images 2020-12-02 11:05:18 +00:00
Dimitri John Ledkov
a808b28d47
riscv64: build preinstalled riscv64 image with uboot SPL and CIDATA. 2020-12-01 17:14:40 +00:00
Łukasz 'sil2100' Zemczak
dda73b5591 Do not hard-code the UC20 amd64 image size anymore. 2020-11-27 17:57:18 +01:00
Dimitri John Ledkov
8e986c20fd
Merge remote-tracking branch 'seb128/layered-languages-fix' into ubuntu/master 2020-11-19 17:34:02 +00:00
Sebastien Bacher
fa5c2092c7 During the layered build generate the right content for no languages
The structure changed as part of bug #1873374
2020-11-19 16:28:11 +01:00
Dimitri John Ledkov
e2fd168f50
amd64: always install grub-pc with shim-signed
shim-signed depends on grub-efi-amd64-signed, which in turn has
alternative depends on either `grub-efi-amd64 | grub-pc`. However to
support booting with either via shim&signed-grub and BIOS, the choice
must be made to install grub-pc, not grub-efi-amd64.

This makes images consistent with Ubuntu Deskop, Live Server, buildd
bootable images; all of which already do install grub-pc and
shim-signed.

LP: #1901906
2020-10-28 22:56:31 +00:00
Dimitri John Ledkov
1c7d688319
auto/config: scope ubuntu:desktop-preinstalled:raspi image options
When desktop-preinstalled image options were added in
38157b37487d244b27af33f7863e6b15253c8f94, for the raspi subarch, the
options listed there were not scoped for raspi subarch. This results
in those options getting also applied for the HYPERV
ubuntu:desktop-preinstalled image.

Thus scope the newly added options under raspi subarch case only.
2020-10-27 20:42:08 +00:00
Dimitri John Ledkov
5d9af7f3c5
auto/config: seed ubuntu-desktop when building hyperv image
Regression introduced in 38157b37487d244b27af33f7863e6b15253c8f94 when
desktop-preinstalled code branch was added, it dropped addint
ubuntu-desktop task. Instead it added ubuntu-desktop-raspi task, only
for the raspi subarch, which depends on ubuntu-desktop. But the hyperv
case, now ended up without ubuntu-desktop task.

It looks like introduction of "desktop-preinstalled" assumed, that it
is for raspi only, when in fact that code path now started to be used
for hyperv gallery image too.
2020-10-27 20:26:50 +00:00
Łukasz 'sil2100' Zemczak
5a7b332745 Build classic raspi server images by default from the 'classic' branch now. 2020-10-19 12:58:08 +02:00
Łukasz 'sil2100' Zemczak
eda716902e For desktop-preinstalled we don't need cloud-image. 2020-10-07 17:04:08 +02:00
Łukasz 'sil2100' Zemczak
fdd8b1cba0 Use the right task name - ubuntu-desktop-raspi. 2020-10-07 10:49:03 +02:00
Łukasz 'sil2100' Zemczak
38157b3748 First batch of changes for raspi desktop. 2020-10-01 11:23:28 +02:00
Steve Langasek
37f5f8881f Revert "Revert "Remove fstab from squashfs images""
This reverts commit d9de2701897608710ed97e206ee29f28af8cc82a.
2020-08-27 12:17:22 -07:00
Steve Langasek
d9de270189 Revert "Remove fstab from squashfs images"
This reverts commit f96e874ed12e7e080111d27aa14c4f97aa6bec87.
2020-08-12 11:35:06 -07:00
Robert C Jennings
e3dce0ab17
Handle seeded lxd snap with channel name for ubuntu-cpc:minimized
The seed now specifies the lxd snap in focal as
'lxd=4.0/stable/ubuntu-20.04' which doesn't match the expectations of
the code with looks for lxd as the only snap in the seed for minimized
images.  This patch updates the pattern to accept 'lxd' or 'lxd=*'.
2020-07-29 14:56:26 -05:00
Dimitri John Ledkov
109e6c6613
auto/build: use setup|teardown_mountpoint to reduce duplication 2020-07-24 20:59:57 +01:00
Robert C Jennings
84397b5098
Avoid rbind /sys for chroot snap pre-seeding (cgroups fail to unmount)
Builds in LP with the Xenial kernel were happy with the recursive mount of
/sys inside the chroot while performing snap-preseeding but autopkgtests
with the groovy kernel failed.  With the groovy kernel the build was
unable to unmount sys/kernel/slab/*/cgroup/* (Operation not permitted).

This patch mounts /sys and /sys/kernel/security in the chroot in the
same way we've added for binary hooks.  This provides the paths under
/sys needed for snap-preseed while avoiding issues unmounting other
paths.
2020-07-18 16:52:18 -05:00
Dimitri John Ledkov
31861fd40d
seccomp: mount more up-to-date seccomp features 2020-07-18 00:24:16 +01:00
Dimitri John Ledkov
a14a31b751
apparmor: mount more up-to-date apparmor features in the chroot. 2020-07-18 00:20:41 +01:00
Robert C Jennings
1ca11c9795
Apply snap-preseed optimizations after seeding snaps
The snap-preseed command can do a number of things during the build
that are currently performed at first boot (apparmor profiles, systemd
unit generation, etc).  This patch adds a call to reset the seeding and
apply these optimizations when adding a seeded snap.  As a prerequisite
to calling snap-preseed we need to make /dev/mem available as well as
mounts from the host to perform this work, so those are also added here.
2020-07-17 21:17:33 +01:00
David Krauser
4c504f6781 Fix broken minimal cloud image boot on amd64
I recently pulled initramfs logic out of the base build hook, and
dropped that into the `replace_kernel` function. Any cloud image that
does not leverage the generic virtual kernel was expected to call
`replace_kernel` to pull in a custom kernel. That function will
disable initramfs boot for images that use a custom kernel.

Minimal cloud images on amd64 use the linux-kvm kernel, but the build
hook does not utilize the `replace_kernel` function. Instead, the
kernel flavor is set in `auto/config`. I pulled that logic out of
`auto/config` and am now calling `replace_kernel` in the build hook.

I also moved a call to generate the package list so that it will pick
up the change to the linux-kvm kernel.
2020-07-16 17:25:46 -04:00
Balint Reczey
f96e874ed1 Remove fstab from squashfs images
The default fstab is not valid, since squashfs does not support labels.

LP: #1877078
2020-06-16 22:14:59 +02:00
Łukasz 'sil2100' Zemczak
40103430d8 Enable overrides of UC20 grade dangerous channels 2020-05-25 19:11:22 +02:00
Dimitri John Ledkov
b9177cfd59 Fixup indentation
Signed-off-by: Dimitri John Ledkov <xnox@ubuntu.com>
2020-05-07 15:09:57 +01:00
Dimitri John Ledkov
6e8b5b94c4 ubuntu-image: fix focal+ pi images for armhf to use pi-armhf model name.
LP: #1876358
2020-05-01 19:50:41 +01:00
Dimitri John Ledkov
668898d92c Bump only the UC20 pc image to 8GB, and keep Pi images as small as possible.
LP: #1875430
2020-05-01 19:43:30 +01:00
Dimitri John Ledkov
56ac1865f7 Switch Ubuntu desktop to only hwe-20.04 kernel flavour. 2020-04-16 01:30:31 +01:00
Łukasz 'sil2100' Zemczak
d2a2ac41a4 Use the raspi KERNEL_FLAVOUR for the raspi images. 2020-04-08 10:06:09 +02:00
Dimitri John Ledkov
cb574d4cb3 minimized: reinstall packages one by one, instead of all of them together, as otherwise apt fails to immediately configure libc6:amd64 & libgcc-s1. LP: #1867607 2020-03-16 10:42:30 +00:00
Dimitri John Ledkov
910310dbbb Only install oem-20.04 kernel flavour on amd64, as it doesn't exist on other arches. 2020-03-13 20:18:16 +00:00
Łukasz 'sil2100' Zemczak
40c51f78b8 Switch to using the generic pi gadget repo for classic, use the main branches. 2020-03-06 11:57:47 +01:00
Łukasz 'sil2100' Zemczak
95772fd9df Merge branch 'ubuntu/master' of git+ssh://git.launchpad.net/livecd-rootfs into u-i-disk-info 2020-03-06 11:38:42 +01:00
Łukasz 'sil2100' Zemczak
e9170e053b Rename the raspi3 SUBARCH to raspi 2020-02-21 12:46:43 +01:00
Dimitri John Ledkov
17dc48cf65 Set uc20 image size to 10G. 2020-02-10 12:43:39 +00:00
Dimitri John Ledkov
438606c5e8 Encode CHANNEL specification in the UC20 model names. 2020-02-07 22:18:04 +00:00
Dimitri John Ledkov
db0c7d68f2 Although the request flavour to install is oem-20.04, it really is called just oem on disk. Override the flavour name from oem-20.04 to oem when renaming built artefacts. This also means that ubuntu-cdimage needs to simply download 'oem' vmlinuz+initrd pairs, not 'oem-20.04'. 2020-01-30 11:13:51 +00:00