-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathmkimage.sh
More file actions
executable file
·106 lines (87 loc) · 2.85 KB
/
mkimage.sh
File metadata and controls
executable file
·106 lines (87 loc) · 2.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/bin/bash
# shellcheck disable=SC2115
set -ex
shopt -s expand_aliases
alias gzip="gzip -n -9"
usage() {
echo "Usage: $0 [VARIANT] [DIST]"
echo
echo "[VARIANT]: The debian variant to use."
echo "[DIST]: The debian dist to use."
echo "[SOURCES]: The debian sources to use."
echo
exit 1
}
if [ $# -ne 3 ]; then
usage
fi
VARIANT=$1
DIST=$2
SOURCES=$3
WORKDIR="/workspace/$DIST"
ROOTFSDIR=$(cd "$(dirname "$0")/../debootstrap/$DIST/rootfs";pwd)
mkdir -p "$WORKDIR"
debootstrap --variant="$VARIANT" "$DIST" "$WORKDIR" "$SOURCES"/debian
if [ -d "$ROOTFSDIR" ];then
cp -rf "$ROOTFSDIR"/* "$WORKDIR"
fi
rootfs_chroot() {
PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' \
chroot "$WORKDIR" "$@"
}
# Add some tools we need.
rootfs_chroot apt-get install -y --no-install-recommends \
tini \
curl \
netbase \
pax-utils \
ca-certificates
# We have our own version of initctl, tell dpkg to not overwrite it.
rootfs_chroot dpkg-divert --local --rename --add /sbin/initctl
# Remove default mirrors
rm -rf "$WORKDIR"/etc/apt/sources.list
# Set the mirrors to distro-based ones
cat << EOF > "$WORKDIR"/etc/apt/sources.list.d/debian.sources
Types: deb
URIs: $SOURCES/debian
Suites: $DIST $DIST-updates
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
Types: deb
URIs: $SOURCES/debian-security
Suites: $DIST-security
Components: main
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
# Do a final upgrade.
rootfs_chroot apt-get update
rootfs_chroot apt-get -y -q upgrade
# Clean some apt artifacts
rootfs_chroot apt-get clean
# Delete dirs we don't need, leaving the entries.
rm -rf "$WORKDIR"/var/log
rm -rf "$WORKDIR"/var/cache/apt
rm -rf "$WORKDIR"/var/lib/apt/lists
rm -rf "$WORKDIR"/var/cache/ldconfig/aux-cache
rm -rf "$WORKDIR"/usr/share/locale
rm -rf "$WORKDIR"/usr/share/info
rm -rf "$WORKDIR"/usr/share/man
rm -rf "$WORKDIR"/etc/apt/apt.conf.d/01autoremove-kernels
# Remove /usr/share/doc, but leave copyright files to be sure that we
# comply with all licenses.
# `mindepth 2` as we only want to remove files within the per-package
# directories. Crucially some packages use a symlink to another package
# dir (e.g. libgcc1), and we don't want to remove those.
find "$WORKDIR"/usr/share/doc -mindepth 2 -not -name copyright -not -type d -delete
find "$WORKDIR"/usr/share/doc -mindepth 1 -type d -empty -delete
# Hardcode this somewhere
rm -f "$WORKDIR"/etc/machine-id
# This gets overridden by Container at runtime.
rm -f "$WORKDIR"/etc/hostname
# Create required directory
rootfs_chroot mkdir -p /opt/drycc
rootfs_chroot mkdir -p /var/log/apt
# pass -n to gzip to strip timestamps
# strip the '.' with --transform that tar includes at the root to build a real rootfs
tar --numeric-owner -czf /workspace/"$DIST".tar.gz -C "$WORKDIR" . --transform='s,^./,,' --mtime='1970-01-01'
md5sum /workspace/"$DIST".tar.gz