Building inside a TCG accelerated qemu VM is slow and painful, but it is
the only option when running in a non-privileged container.
arch-boxes has been built inside a KVM accelerated VMs ("VM runner") for
over 11 months[2] and recently the MR[1] was merged into the
infrastructure repo. With it now being a official part of arch's
infrastructure we should switch to it and get much faster builds.
Doing some quick testing, the whole pipeline is now roughly ~29-84
minutes faster (taking between 7-9 minutes, instead of 36-93 minutes).
[1] https://gitlab.archlinux.org/archlinux/infrastructure/-/merge_requests/385
[2] 3bda5b26a6Fix#161
.gitlab-ci.yml:
Set all build steps to be interruptable, so they will be interrupted if a newer commit is pushed on the same branch,
which also triggers CI.
.gitlab-ci.yml:
Install the latest archlinux-keyring before installing anything else.
This is to make sure to not run into outdated keys upon updating, which
is a problem because we can currently not even ensure a keyring that is
valid longer than one month...
https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/4
.gitlab-ci.yml:
Include a gitlab CI yaml file from the ci-scripts repository, that replaces the build-host.sh script and abstracts the
.build target.
Move all variables to top-level as they are useful in all build targets.
Remove unnecessary before_script definitions because they are abstracted away by ci-scripts.
.gitlab/ci/build_archiso.sh:
Rename .gitlab/ci/build-inside-vm.sh to .gitlab/ci/build_archiso.sh.
.gitlab-ci.yml:
Rename BUILD_SCRIPT to build_archiso.sh.
.gitlab-ci.yml:
Use environment variables to override the build settings offered by the build-host.sh script.
Lower the RAM usage of the builds to 3072.
Lower the COW space used by archiso to 2GiB.
Remove dependency on libisoburn in the `before_script` section of the build target (libarchive and util-linux have
replaced this requirement).
Use size units in accordance with upstream documentation.
Use the new name of the build's metrics file.
Fixes#134
.gitlab-ci.yml:
Expand the parallel matrix with build modes per profile.
Do not run netboot with the baseline profile, as codesigning is not supported yet (#132).
Remove tagging secure, as archiso builds will only ever be used for testing the project.
Build ISOs using fast-single-thread (they take very long otherwise and hit the job time limit) and use any available
runner for anything else.
`du --block-size=MiB` (and `du -m`) returns mebibytes not megabytes.
Additionally, shorten the du command. `du --block-size=MiB` is the same as `du -m`.
.gitlab-ci.yml:
Add a build stage to the gitlab CI, that facilitates the scripts below .gitlab/ci/, building the baseline and releng
profiles in parallel.
Distinguish the use-case in which builds are done for master, schedules and tags in a secure environment and any other
where builds just have to be fast (for ensuring nothing is broken).
Use MiB as block size for the du call when generating data for the metrics file.
Makefile:
Move shellcheck to a "lint" target and change "check" so that it runs "lint".
This provides a more finer grained control and allows to extend "check" with things beyond just linting.
.gitlab-ci.yml:
Run `make lint` in the lint job.
LICENSE:
Add GPL-3.0 license.
{{archiso,configs}/*,.editorconfig,.gitlab-ci.yml}:
Add SPDX license identifier.
Makefile:
Add SPDX license identifier.
Install the `run_archiso.sh` script as global executable `run_archiso`.
Use -D and -t flags to install to install files more generically (without a previous call to install the directory).
README.rst:
Add README outlining the project's scope, how to build images from the profiles and how to test.
AUTHORS.rst:
Add list of all direct contributors to the repository.
CONTRIBUTING.rst:
Add basic contribution guidelines, explaining the linter and the license in use.
Closes#7Closes#3
Makefile:
Move shellcheck commands from .gitlab-ci.yml.
.gitlab-ci.yml:
Run `make check`.
Prevent partial upgrades, i.e. use '-Syu'.
Prevent reinstalling already installed packages by using pacman's '--needed' option.
Don't force-download the package database.
archiso/initcpio/install/*:
Setting bash shebang for all scripts and making them comform with shellcheck.
archiso/initcpio/{hooks,script}/*:
Setting ash shebang for all scripts and making them comform with shellcheck (for dash, as shellcheck has no ash specific
ruleset). Essentially the ash based scripts should be POSIX compliant as much as possible to have an easier time
writing, debugging and maintaining them.
Ensuring that variables are not treated as options and introducing variable quoting.
.gitlab-ci.yml:
Integrating shellcheck for initcpio scripts.
Closes#32
scripts/run_archiso.sh:
A script to run a built archiso image using qemu.
It can run the image on an emulated BIOS (using seabios) or UEFI (using edk2-ovmf) system.
.gitlab-ci.yml:
Adding scripts/run_archiso.sh to shellcheck call.
Closes#28
archiso/mkarchiso:
Quoting all variables.
Changing pkg_list to be an array instead of a string for easier
handling. Using read to properly populate pkg_list from OPTARG with
stripped whitespaces.
Not exporting iso_label anymore as there seems to be no reason to do so.
Introducing line breaks.
.editorconfig:
Setting max_line_length to 120.
Adding a section for YAML files (e.g. .gitlab-ci.yml).
configs/releng/build.sh
Quting nearly all variables.
Introducing line breaks.
configs/baseline/build.sh:
Quoting all variables.
Introducing line breaks.
.gitlab-ci.yml:
Adding gitlab CI for shelleck linting of the config build scripts, mkarchiso and startup scripts in releng.
Closes#19