From 7092629b7eae91cb5130b672f46ec5002209c9ea Mon Sep 17 00:00:00 2001 From: Andy Piper Date: Mon, 22 Nov 2021 20:31:29 -0500 Subject: debootstrap_plugin: add `include` and `install_keyring` keys The "include" key maps to debootstrap's `--include` parameter, allowing additional packages to be installed. The `install_keyring` key is a Boolean that determines if the gpg keyring specified by the `keyring` key is installed in the disk image for use when installing packages from non-official Debian repositories, e.g. local mirrors created using aptly, etc. --- vmdb/plugins/debootstrap.mdwn | 7 ++++ vmdb/plugins/debootstrap_plugin.py | 77 ++++++++++++++++++++++++-------------- 2 files changed, 55 insertions(+), 29 deletions(-) diff --git a/vmdb/plugins/debootstrap.mdwn b/vmdb/plugins/debootstrap.mdwn index 67f13fb..6784096 100644 --- a/vmdb/plugins/debootstrap.mdwn +++ b/vmdb/plugins/debootstrap.mdwn @@ -18,10 +18,17 @@ Step keys: (e.g. Raspbian) as by default debootstrap will use the keys provided by the "debian-archive-keyring" package. +* `install_keyring` — OPTIONAL; if set to `yes`, the gpg keyring + specified by the `keyring` key will be installed in the image for use when + installing packages from non-official Debian repositories. + * `arch` — OPTIONAL; the foreign architecture to use. * `variant` — OPTIONAL; the variant for debootstrap. +* `include` — OPTIONAL; a list of additional packages for + debootstrap to install. + Example (in the .vmdb file): - debootstrap: buster diff --git a/vmdb/plugins/debootstrap_plugin.py b/vmdb/plugins/debootstrap_plugin.py index 92d23d4..3bfeff9 100644 --- a/vmdb/plugins/debootstrap_plugin.py +++ b/vmdb/plugins/debootstrap_plugin.py @@ -15,9 +15,11 @@ # # =*= License: GPL-3+ =*= +import os +import shutil +import subprocess import vmdb -import subprocess class DebootstrapPlugin(vmdb.Plugin): @@ -33,8 +35,10 @@ class DebootstrapStepRunner(vmdb.StepRunnerInterface): "mirror": str, "arch": "", "keyring": "", + "install_keyring": False, "variant": "-", "components": ["main"], + "include": [], } def run(self, values, settings, state): @@ -43,6 +47,8 @@ class DebootstrapStepRunner(vmdb.StepRunnerInterface): target = state.tags.get_builder_mount_point(tag) mirror = values["mirror"] keyring = values["keyring"] or None + install_keyring = values["install_keyring"] + include = values["include"] arch = ( values["arch"] or subprocess.check_output(["dpkg", "--print-architecture"]).strip() @@ -52,36 +58,49 @@ class DebootstrapStepRunner(vmdb.StepRunnerInterface): if not (suite and tag and target and mirror): raise Exception("missing arg for debootstrap step") + + cmd = [ + "debootstrap", + "--arch", + arch, + "--variant", + variant, + "--components", + ",".join(components), + ] + + remove_pkgs = [] if keyring: - vmdb.runcmd( - [ - "debootstrap", - "--keyring", - keyring, - "--arch", - arch, - "--variant", - variant, - "--components", - ",".join(components), - suite, - target, - mirror, - ] - ) - else: - vmdb.runcmd( + cmd.extend(["--keyring", keyring]) + if install_keyring and "gnupg" not in include: + include.append("gnupg") + # If gnupg needed to be installed it should be removed again to + # minimize the installation footprint + remove_pkgs.append("gnupg") + + if include: + cmd.extend(["--include", ",".join(include)]) + + cmd.extend([suite, target, mirror]) + + vmdb.runcmd(cmd) + + if keyring and install_keyring: + keyring_basename = os.path.basename(keyring) + chroot_keyring = os.path.join(target, keyring_basename) + shutil.copyfile(keyring, os.path.join(target, keyring_basename)) + vmdb.runcmd_chroot(target, ["apt-key", "add", f"/{keyring_basename}"]) + os.remove(chroot_keyring) + + if remove_pkgs: + vmdb.runcmd_chroot( + target, [ - "debootstrap", - "--arch", - arch, - "--variant", - variant, - "--components", - ",".join(components), - suite, - target, - mirror, + "apt-get", + "remove", + "--purge", + "-y", ] + + remove_pkgs, ) -- cgit v1.2.1