Docker build system is broken (Equuleus v1.3.1)
Closed, WontfixPublicBUG
Actions

Assigned To

Authored By

	alainlamar
	Jul 23 2022, 1:59 PM

Description

Hi all,

trying to build Equuleus v1.3.1 (the git tag) fails due to several issues in the Docker build process as described here: https://docs.vyos.io/en/equuleus/contributing/build-vyos.html.

Also, the manuals on building Equuleus v1.3.1 are inconsistent in https://docs.vyos.io/en/equuleus/contributing/build-vyos.html and https://docs.vyos.io/en/latest/contributing/build-vyos.html in respect to if docker pull vyos/vyos-build:equuleusor docker pull vyos/vyos-build:current is required. The same goes for all other docker operations - equuleus or current?

What I did:

check out https://github.com/vyos/vyos-1x/tree/1.3.1
docker pull vyos/vyos-build:equuleus
docker run --rm -it --privileged -v $(pwd):/vyos -w /vyos vyos/vyos-build:equuleus bash
./configure --build-by "alainlamar" --architecture amd64 --build-type development --debian-mirror http://ftp.de.debian.org/debian --debian-security-mirror http://security.debian.org
sudo make iso

What was expected:

The build should produce an ISO in ./build

What was observed:

The build process failed a few times due to misconfigurations and issues within the Docker pod and the build config.

Workarounds (as I did not make notes of each specific bug):

within the container, edit /usr/share/live/build/functions/cache.sh (trust issues with certificates on 3rd party repos and live-build fail if no *.deb files were present in /var/cache/apt/archives)

Restore_cache ()
{
        DIRECTORY="${1}"

        if [ "${LB_CACHE}" = "true" ] && [ "${LB_CACHE_PACKAGES}" = "true" ]
        then
                if [ -e "${DIRECTORY}" ]
                then
                        # Restore old cache
                        if [ "$(stat --printf %d ${DIRECTORY}/)" = "$(stat --printf %d chroot/var/cache/apt/archives/)" ]
                        then
                                # with hardlinks
## BEGIN EDIT
                                if [ $(sudo find "${DIRECTORY}" -name "*.deb" | wc -l) -gt 0 ]; then
                                        find "${DIRECTORY}" -name "*.deb" | xargs cp -fl -t chroot/var/cache/apt/archives
                                fi
## END EDIT
                        else
                                # without hardlinks
## BEGIN EDIT
                                if [ $(sudo find "${DIRECTORY}" -name "*.deb" | wc -l) -gt 0 ]; then
                                        find "${DIRECTORY}" -name "*.deb" | xargs cp -t chroot/var/cache/apt/archives
                                fi
## END EDIT
                        fi
                fi
        fi
## BEGIN EDIT
        wget -qO- https://repos.influxdata.com/influxdb.key | apt-key add -
        wget -qO- https://repos.influxdata.com/influxdb2.key | apt-key add -
        wget -qO- https://repo.saltproject.io/py3/debian/10/amd64/3003/salt-archive-keyring.gpg | apt-key add -
        Chroot chroot "apt-get --allow-releaseinfo-change update"
        Chroot chroot "apt-get install -y ca-certificates"
## END EDIT
}

Edit data/defaults.json (see patch) to mitigate mutliple Kernels installed and no initrd generated as well as trust issues with certificates on 3rd party repos.

diff --git a/data/defaults.json b/data/defaults.json
index aec87ff..b273aee 100644
--- a/data/defaults.json
+++ b/data/defaults.json
@@ -5,13 +5,13 @@
   "debian_distribution": "buster",
   "vyos_mirror": "http://dev.packages.vyos.net/repositories/equuleus",
   "vyos_branch": "equuleus",
-  "kernel_version": "5.4.186",
+  "kernel_version": "5.4.205",
   "kernel_flavor": "amd64-vyos",
   "release_train": "equuleus",
   "additional_repositories": [
-    "deb [arch=amd64] https://repo.saltproject.io/py3/debian/10/amd64/3003 buster main",
+    "deb [trusted=yes arch=amd64] http://repo.saltproject.io/py3/debian/10/amd64/3003 buster main",
     "deb [arch=amd64] http://repo.powerdns.com/debian buster-rec-45 main",
-    "deb [arch=amd64] https://repos.influxdata.com/debian buster stable"
+    "deb [trusted=yes arch=amd64] http://repos.influxdata.com/debian buster stable"
   ],
   "custom_packages": []
 }

Edit data/live-build-config/hooks/live/17-gen_initramfs.chroot (see patch - issue with mutliple Kernel versions installed)

diff --git a/data/live-build-config/hooks/live/17-gen_initramfs.chroot b/data/live-build-config/hooks/live/17-gen_initramfs.chroot
index 87b53bd..d9d0070 100755
--- a/data/live-build-config/hooks/live/17-gen_initramfs.chroot
+++ b/data/live-build-config/hooks/live/17-gen_initramfs.chroot
@@ -9,4 +9,6 @@ if [ -e /boot/initrd.img-* ]; then
        rm -f /boot/initrd.img-*
 fi
 
-update-initramfs -c -k `ls /boot | grep vmlinuz- | sed 's/vmlinuz-//g'`
+KERNEL_VERSION=$(find /boot -name "vmlinuz-*" | sed "s/.*vmlinuz-\(.*\)/\1/g" | sort -r | head -n 1)
+#update-initramfs -c -k `ls /boot | grep vmlinuz- | sed 's/vmlinuz-//g'`
+update-initramfs -c -k $KERNEL_VERSION

Edit data/live-build-config/hooks/live/19-kernel_symlinks.chroot (see patch - issue with mutliple Kernel versions installed)

diff --git a/data/live-build-config/hooks/live/19-kernel_symlinks.chroot b/data/live-build-config/hooks/live/19-kernel_symlinks.chroot
index e63ca26..39f2b68 100755
--- a/data/live-build-config/hooks/live/19-kernel_symlinks.chroot
+++ b/data/live-build-config/hooks/live/19-kernel_symlinks.chroot
@@ -2,5 +2,8 @@
 
 echo I: Creating kernel symlinks.
 cd /boot
-ln -s initrd.img-* initrd.img
-ln -s vmlinuz-* vmlinuz
+
+KERNEL_VERSION=$(find /boot -name "vmlinuz-*" | sed "s/.*vmlinuz-\(.*\)/\1/g" | sort -r | head -n 1)
+
+ln -s initrd.img-$KERNEL_VERSION initrd.img
+ln -s vmlinuz-$KERNEL_VERSION vmlinuz