mirrors/raspiblitz
1
0
Fork 0
mirror of https://github.com/rootzoll/raspiblitz.git synced 2025-02-28 08:54:16 +01:00
Code Issues Projects Releases Packages Wiki Activity

Local release image build with Packer (#4335)

Browse source 
* packer build live image
This commit is contained in:
/rootzoll 2024-01-18 17:25:35 +01:00 committed by GitHub
parent 1d3d7a0e75
commit c2df07efd1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 282 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
FAQ.dev.md
View file

@ -1,6 +1,22 @@
## FAQ Development ## FAQ Development
### What is the process of creating a new SD card image release? ### Steps to create RaspberryPi images with Packer?
* Start [`Debian LIVE`](https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-12.4.0-amd64-cinnamon.iso) from USB stick
* On USB boot be sure to start the "LIVE_SYSTEM" image
* Connect a additional 128GB USB with NFTS formatted
* Using Filemanager open the 128GB-USBDrive and right-click "Open in Terminal"
* Make sure the packer script is in root of the 128GB-USBDrive
* If it is not there download:
* `curl -O -L https://raw.githubusercontent.com/raspiblitz/raspiblitz/dev/ci/packer.sh`
* Security read/check script and then start build with (replace parameters):
* `sudo bash ./packer.sh [BRANCH] [arm|x86] [min|fat] [?LASTCOMMITHASH]`
* `BRANCH` = the branch name on this repo of which the image should be build
* `[arm|x86]` = The architecture the image is targeting (RaspberryPi = `arm`)
* `[min|fat]` = lean or fatpack (fatpack prepackages lots of apps already with the image)
* `LASTCOMMITHASH` (optional) = security check & copy the latest commit hash of the branch you want to build
### What is the process of creating a new RaspberryPi SD card image release manually?
Checklist before making a SD card image release: Checklist before making a SD card image release:

8
Makefile
View file

@ -5,7 +5,7 @@ GITHUB_HEAD_REF = $(shell git rev-parse --abbrev-ref HEAD)
amd64-lean-desktop-uefi-image: amd64-lean-desktop-uefi-image:
# Run the build script # Run the build script
cd ci/amd64 && \ cd ci/amd64 && \
bash packer.build.amd64-debian.sh \ sudo bash packer.build.amd64-debian.sh \
--pack lean \ --pack lean \
--github_user $(GITHUB_ACTOR) \ --github_user $(GITHUB_ACTOR) \
--branch $(GITHUB_HEAD_REF) \ --branch $(GITHUB_HEAD_REF) \
@ -31,7 +31,7 @@ amd64-lean-desktop-uefi-image:
amd64-lean-server-legacyboot-image: amd64-lean-server-legacyboot-image:
# Run the build script # Run the build script
cd ci/amd64 && \ cd ci/amd64 && \
bash packer.build.amd64-debian.sh \ sudo bash packer.build.amd64-debian.sh \
--pack lean \ --pack lean \
--github_user $(GITHUB_ACTOR) \ --github_user $(GITHUB_ACTOR) \
--branch $(GITHUB_HEAD_REF) \ --branch $(GITHUB_HEAD_REF) \
@ -57,7 +57,7 @@ amd64-lean-server-legacyboot-image:
amd64-fatpack-desktop-uefi-image: amd64-fatpack-desktop-uefi-image:
# Run the build script # Run the build script
cd ci/amd64 && \ cd ci/amd64 && \
bash packer.build.amd64-debian.sh \ sudo bash packer.build.amd64-debian.sh \
--pack fatpack \ --pack fatpack \
--github_user $(GITHUB_ACTOR) \ --github_user $(GITHUB_ACTOR) \
--branch $(GITHUB_HEAD_REF) \ --branch $(GITHUB_HEAD_REF) \
@ -83,7 +83,7 @@ amd64-fatpack-desktop-uefi-image:
arm64-rpi-lean-image: arm64-rpi-lean-image:
# Run the build script # Run the build script
cd ci/arm64-rpi && \ cd ci/arm64-rpi && \
bash packer.build.arm64-rpi.local.sh \ sudo bash packer.build.arm64-rpi.local.sh \
--pack lean \ --pack lean \
--github_user $(GITHUB_ACTOR) \ --github_user $(GITHUB_ACTOR) \
--branch $(GITHUB_HEAD_REF) --branch $(GITHUB_HEAD_REF)

3
ci/arm64-rpi/packer.build.arm64-rpi.local.sh
View file

@ -59,7 +59,8 @@ go build || exit 1
# set vars # set vars
echo "# Setting the variables: $*" echo "# Setting the variables: $*"
source ../set_variables.sh # running from the ci/arm64-rpi/packer-builder-arm directory
source ../../set_variables.sh
set_variables "$@" set_variables "$@"
cp ../build.arm64-rpi.pkr.hcl ./ cp ../build.arm64-rpi.pkr.hcl ./

259
ci/packer.sh Normal file
View file

@ -0,0 +1,259 @@
#!/usr/bin/env bash
#########################################################################
# script to trigger packer image build on a debian LIVE system
# see FAQ.dev.md for instructions
##########################################################################
# YOUR REPO (REPLACE WITH YOUR OWN FORK IF NEEDED)
REPO="https://github.com/raspiblitz/raspiblitz"
# folders to store the build results
BUILDFOLDER="images"
echo "Build RaspiBlitz install images on a Debian LIVE system"
echo "From repo (change in script is needed):"
echo $REPO
echo "Results will be stored in:"
echo $BUILDFOLDER
# give info if not started with parameters
if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
echo "Start this script in the root of an writable 128GB NTFS formatted USB drive:"
echo "packer.sh [BRANCH] [arm|x86] [min|fat] [?lastcommithash]"
exit 1
fi
BRANCH=$1
ARCH=$2
TYPE=$3
COMMITHASH=$4
# check if branch is set
if [ "$BRANCH" == "[BRANCH]" ]; then
echo "error='branch not set'"
exit 1
fi
# check if output is set
if [ -z "$ARCH" ]; then
echo "error='ARCH not set'"
exit 1
fi
# check if output is set
if [ -z "TYPE" ]; then
echo "error='TYPE not set'"
exit 1
fi
# check if started with sudo
if [ "$EUID" -ne 0 ]; then
echo "error='run as root / may use sudo'"
exit 1
fi
# install git and make
apt update && apt install -y git make
# clean old repo
rm -rf raspiblitz 2>/dev/null
# download the repo
git clone $REPO
if [ $? -gt 0 ]; then
echo "# REPO: ${REPO}"
echo "error='git clone failed'"
exit 1
fi
cd raspiblitz
# checkout the desired branch
git checkout $BRANCH
# check commit hash if set
if [ ${#COMMITHASH} -gt 0 ]; then
echo "# CHECKING COMMITHASH"
actualCOMMITHASH=$(git log -1 --format=%H)
echo "# actual(${actualCOMMITHASH}) ?= wanted(${COMMITHASH})"
matches=$(echo "${actualCOMMITHASH}" | grep -c "${COMMITHASH}")
if [ ${matches} -eq 0 ]; then
echo "error='COMMITHASH of branch does not match'"
exit 1
fi
echo "# COMMITHASH CHECK OK"
else
echo "# NO COMMITHASH CHECK"
fi
# get code version
codeVersion=$(cat ./home.admin/_version.info | grep 'codeVersion="' | cut -d'"' -f2)
if [ ${#codeVersion} -eq 0 ]; then
echo "error='codeVersion not found'"
exit 1
fi
echo "# RaspiBlitz Version: ${codeVersion}"
# get date as string formatted like YEAR-MONTH-DAY
dateString=$(date +%Y-%m-%d)
echo "# Date: ${dateString}"
if [ "${ARCH}" == "arm" ] && [ "${TYPE}" == "min" ]; then
PACKERTARGET="arm64-rpi-lean-image"
PACKERBUILDPATH="./raspiblitz/ci/arm64-rpi/packer-builder-arm/raspiblitz-arm64-rpi-lean.img"
PACKERFINALFILE="raspiblitz-min-${codeVersion}-${dateString}.img"
elif [ "${ARCH}" == "arm" ] && [ "${TYPE}" == "fat" ]; then
PACKERTARGET="arm64-rpi-fatpack-image"
PACKERBUILDPATH="./raspiblitz/ci/arm64-rpi/packer-builder-arm/TODO" #TODO
PACKERFINALFILE="raspiblitz-fat-${codeVersion}-${dateString}.img"
elif [ "${ARCH}" == "x86" ] && [ "${TYPE}" == "min" ]; then
PACKERTARGET="amd64-lean-server-legacyboot-image"
PACKERBUILDPATH="./raspiblitz/ci/amd64/builds/raspiblitz-amd64-debian-lean-qemu/raspiblitz-amd64-debian-lean.qcow2"
PACKERFINALFILE="raspiblitz-amd64-min-${codeVersion}-${dateString}.qcow2"
else
echo "error='$ARCH-$TYPE not supported'"
exit 1
fi
echo "# PACKER TARGET: ${PACKERTARGET}"
echo "# PACKER BUILD PATH: ${PACKERBUILDPATH}"
echo "# PACKER FINAL FILE: ${PACKERFINALFILE}"
# check if file already exists
if [ -f "./${BUILDFOLDER}/${PACKERFINALFILE}.img.gz" ]; then
echo "error='image already exists'"
echo "# delete ./${BUILDFOLDER}/${PACKERFINALFILE}.img.gz (and all .sha256 & .sig) before trying again"
exit 1
fi
# prevent monitor to go to sleep during long non-interactive build
xset s off
gsettings set org.gnome.desktop.screensaver idle-activation-enabled false
echo "# BUILDING '${PACKERTARGET}' ###########################################"
make $PACKERTARGET
# check if build was successful
if [ $? -gt 0 ]; then
echo "# BUILDING FAILED ###########################################"
echo "# Check the output above for errors."
exit 1
fi
echo "# BUILDING SUCCESS ###########################################"
echo "# moving build to timestamped folder ./${BUILDFOLDER}"
cd ..
mkdir "${BUILDFOLDER}" 2>/dev/null
#check that Build folder exists
if [ ! -d "./${BUILDFOLDER}" ]; then
echo "# FAILED CREATING BUILD FOLDER: ./${BUILDFOLDER}"
exit 1
fi
# move .gz file to build folder
mv "${PACKERBUILDPATH}.gz" "./${BUILDFOLDER}/${PACKERFINALFILE}.gz"
if [ $? -gt 0 ]; then
echo "# FAILED MOVING .gz"
exit 1
fi
# move gz.sha256 file to build folder
mv "${PACKERBUILDPATH}.gz.sha256" "./${BUILDFOLDER}/${PACKERFINALFILE}.gz.sha256"
if [ $? -gt 0 ]; then
echo "# FAILED MOVING .gz.sha256"
exit 1
fi
# move sha256 file to build folder
mv "${PACKERBUILDPATH}.sha256" "./${BUILDFOLDER}/${PACKERFINALFILE}.sha256"
if [ $? -gt 0 ]; then
echo "# FAILED MOVING .sha256"
exit 1
fi
# special handling for qcow2
if [ "${ARCH}" == "x86" ]; then
echo "# decompressing qcow2"
gunzip "./${BUILDFOLDER}/${PACKERFINALFILE}.gz"
echo "# converting qcow2 to raw"
qemu-img convert -f qcow2 -O raw "./${BUILDFOLDER}/${PACKERFINALFILE}.qcow2" "./${BUILDFOLDER}/${PACKERFINALFILE}.img"
if [ $? -gt 0 ]; then
echo "# FAILED CONVERTING qcow2 to raw"
exit 1
fi
echo "# compressing raw"
gzip -9 "./${BUILDFOLDER}/${PACKERFINALFILE}.img"
if [ $? -gt 0 ]; then
echo "# FAILED COMPRESSING raw"
exit 1
fi
echo "# removing raw"
rm "./${BUILDFOLDER}/${PACKERFINALFILE}.img"
if [ $? -gt 0 ]; then
echo "# FAILED REMOVING raw"
exit 1
fi
fi
echo "# clean up"
rm -rf raspiblitz 2>/dev/null
echo "# SIGN & SECURE IMAGE ###########################################"
echo
# security check that internet is cut
echo "# MANUAL ACTION NEEDED:"
echo "# Cut the connection to the internet before signing the image."
echo
echo "# Press RETURN to continue..."
read -r -p "" key
if ping -c 1 "1.1.1.1" &> /dev/null; then
echo "# FAIL - Internet connection is up - EXITING SCRIPT"
exit 1
else
echo "# OK - Internet connection is cut"
fi
echo
# Note down the SHA256 checksum of the image
echo "# MANUAL ACTION NEEDED:"
echo "# Note down the SHA256 checksum of the image:"
echo
cat ./${BUILDFOLDER}/${PACKERFINALFILE}.gz.sha256
echo
echo "# Press RETURN to continue..."
read -r -p "" key
# import the signer keys
echo "# MANUAL ACTION NEEDED:"
echo "# Keep this terminal open and the 128GB stick connected."
echo "# Additionalley connect and unlock the USB device with the signer keys."
echo "# Open in Filemanager and use right-click 'Open in Termonal' and run:"
echo "# sudo gpg --import ./sub.key"
echo "# Close that second terminal and remove USB device with signer keys."
echo
echo "# Press RETURN to continue..."
read -r -p "" key
# signing instructions
echo "# MANUAL ACTION NEEDED:"
echo "# Please wait infront of the screen until the signing process is asks you for the password."
echo
cd "${BUILDFOLDER}"
gpg --output ${PACKERFINALFILE}.gz.sig --detach-sign ${PACKERFINALFILE}.gz
if [ $? -gt 0 ]; then
echo "# !!!!!!! SIGNING FAILED - redo manual before closing this terminbal !!!!!!!"
echo "gpg --output ${PACKERFINALFILE}.gz.sig --detach-sign ${PACKERFINALFILE}.gz"
else
echo "# OK Signing successful."
fi
# last notes
echo
echo "Close this terminal and eject your 128GB usb device."
echo "Have fun with your build image on it under:"
echo "${BUILDFOLDER}/${PACKERFINALFILE}.gz"