diff --git a/.github/workflows/os.yml b/.github/workflows/os.yml deleted file mode 100644 index fb5e5b9..0000000 --- a/.github/workflows/os.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: os -on: - pull_request: - branches: - - main - merge_group: - branches: - - main -jobs: - build: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - arch: - - x86_64 - - aarch64 - env: - TARGET_ARCH: "${{ matrix.arch }}" - name: os build ${{ matrix.arch }} - steps: - - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 - with: - egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - submodules: recursive - - uses: dtolnay/rust-toolchain@d0e72ca3bfdc51937a4f81431ccbed269ef9f2a2 # stable - with: - targets: "${{ matrix.arch }}-unknown-linux-gnu,${{ matrix.arch }}-unknown-linux-musl" - - run: ./hack/ci/install-linux-deps.sh - - run: ./hack/os/build.sh - - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 - with: - name: krata-os-${{ matrix.arch }} - path: "target/os/krata-${{ matrix.arch }}.qcow2" - compression-level: 0 diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index d1940fe..dcb7795 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -41,8 +41,6 @@ jobs: - run: "./hack/ci/assemble-release-assets.sh debian ${{ github.event.release.tag_name }} ${{ matrix.arch }} target/dist/*.deb" - run: ./hack/dist/apk.sh - run: "./hack/ci/assemble-release-assets.sh alpine ${{ github.event.release.tag_name }} ${{ matrix.arch }} target/dist/*_${{ matrix.arch }}.apk" - - run: ./hack/os/build.sh - - run: "./hack/ci/assemble-release-assets.sh os ${{ github.event.release.tag_name }} ${{ matrix.arch }} target/os/krata-${{ matrix.arch }}.qcow2" - run: "./hack/ci/upload-release-assets.sh ${{ github.event.release.tag_name }}" env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/hack/ci/assemble-release-assets.sh b/hack/ci/assemble-release-assets.sh index ad6c859..299cb06 100755 --- a/hack/ci/assemble-release-assets.sh +++ b/hack/ci/assemble-release-assets.sh @@ -47,9 +47,6 @@ do elif [ "${FORM}" = "bundle-systemd" ] then asset "${SOURCE_FILE_PATH}" "target/assets/krata-systemd_${TAG_NAME}_${PLATFORM}.tgz" - elif [ "${FORM}" = "os" ] - then - asset "${SOURCE_FILE_PATH}" "target/assets/krata_${TAG_NAME}_${PLATFORM}.qcow2" else echo "ERROR: Unknown form '${FORM}'" exit 1 diff --git a/hack/code/shellcheck.sh b/hack/code/shellcheck.sh index 3a3c417..559448e 100755 --- a/hack/code/shellcheck.sh +++ b/hack/code/shellcheck.sh @@ -5,4 +5,3 @@ REAL_SCRIPT="$(realpath "${0}")" cd "$(dirname "${REAL_SCRIPT}")/../.." find hack -type f -name '*.sh' -print0 | xargs -0 shellcheck -x -find os/internal -type f -name '*.sh' -print0 | xargs -0 shellcheck -x diff --git a/hack/os/build.sh b/hack/os/build.sh deleted file mode 100755 index 02036c4..0000000 --- a/hack/os/build.sh +++ /dev/null @@ -1,119 +0,0 @@ -#!/bin/sh -set -e - -REAL_SCRIPT="$(realpath "${0}")" -cd "$(dirname "${REAL_SCRIPT}")/../.." - -./hack/dist/apk.sh -KRATA_VERSION="$(./hack/dist/version.sh)" -TARGET_ARCH="$(./hack/build/arch.sh)" -TARGET_ARCH_ALT="$(KRATA_ARCH_KERNEL_NAME=1 ./hack/build/arch.sh)" -CROSS_COMPILE="$(./hack/build/cross-compile.sh)" - -TARGET_DIR="${PWD}/target" -TARGET_OS_DIR="${TARGET_DIR}/os" -mkdir -p "${TARGET_OS_DIR}" -cp "${TARGET_DIR}/dist/krata_${KRATA_VERSION}_${TARGET_ARCH}.apk" "${TARGET_OS_DIR}/krata-${TARGET_ARCH}.apk" - -DOCKER_FLAGS="--platform linux/${TARGET_ARCH_ALT}" -if [ -t 0 ] -then - DOCKER_FLAGS="${DOCKER_FLAGS} -it" -fi - -if [ "${CROSS_COMPILE}" = "1" ] -then - docker run --privileged --rm tonistiigi/binfmt --install all -fi - -ROOTFS="${TARGET_OS_DIR}/rootfs-${TARGET_ARCH}.tar" - -# shellcheck disable=SC2086 -docker run --rm --privileged -v "${PWD}:/mnt" ${DOCKER_FLAGS} alpine:latest "/mnt/os/internal/stage1.sh" "${TARGET_ARCH}" -sudo chown "${USER}:${GROUP}" "${ROOTFS}" -sudo modprobe nbd - -next_nbd_device() { - find /dev -maxdepth 2 -name 'nbd[0-9]*' | while read -r DEVICE - do - if [ "$(sudo blockdev --getsize64 "${DEVICE}")" = "0" ] - then - echo "${DEVICE}" - break - fi - done -} - -NBD_DEVICE="$(next_nbd_device)" - -if [ -z "${NBD_DEVICE}" ] -then - echo "ERROR: unable to allocate nbd device" > /dev/stderr - exit 1 -fi - -OS_IMAGE="${TARGET_OS_DIR}/krata-${TARGET_ARCH}.qcow2" -EFI_PART="${NBD_DEVICE}p1" -ROOT_PART="${NBD_DEVICE}p2" -ROOT_DIR="${TARGET_OS_DIR}/root-${TARGET_ARCH}" -EFI_DIR="${ROOT_DIR}/boot/efi" - -cleanup() { - trap '' EXIT HUP INT TERM - sudo umount -R "${ROOT_DIR}" > /dev/null 2>&1 || true - sudo umount "${EFI_PART}" > /dev/null 2>&1 || true - sudo umount "${ROOT_PART}" > /dev/null 2>&1 || true - sudo qemu-nbd --disconnect "${NBD_DEVICE}" > /dev/null 2>&1 || true - sudo rm -rf "${ROOT_DIR}" -} - -rm -f "${OS_IMAGE}" -qemu-img create -f qcow2 "${OS_IMAGE}" "2G" - -trap cleanup EXIT HUP INT TERM -sudo qemu-nbd --connect="${NBD_DEVICE}" --cache=writeback -f qcow2 "${OS_IMAGE}" -printf '%s\n' \ - 'label: gpt' \ - 'name=efi,type=U,size=128M,bootable' \ - 'name=system,type=L' | sudo sfdisk "${NBD_DEVICE}" -sudo mkfs.fat -F32 -n EFI "${EFI_PART}" -sudo mkfs.ext4 -L root -E discard "${ROOT_PART}" - -mkdir -p "${ROOT_DIR}" - -sudo mount -t ext4 "${ROOT_PART}" "${ROOT_DIR}" -sudo mkdir -p "${EFI_DIR}" -sudo mount -t vfat "${EFI_PART}" "${EFI_DIR}" - -sudo tar xf "${ROOTFS}" -C "${ROOT_DIR}" -ROOT_UUID="$(sudo blkid "${ROOT_PART}" | sed -En 's/.*\bUUID="([^"]+)".*/\1/p')" -EFI_UUID="$(sudo blkid "${EFI_PART}" | sed -En 's/.*\bUUID="([^"]+)".*/\1/p')" -echo "${ROOT_UUID}" - -sudo mkdir -p "${ROOT_DIR}/proc" "${ROOT_DIR}/dev" "${ROOT_DIR}/sys" -sudo mount -t proc none "${ROOT_DIR}/proc" -sudo mount --bind /dev "${ROOT_DIR}/dev" -sudo mount --make-private "${ROOT_DIR}/dev" -sudo mount --bind /sys "${ROOT_DIR}/sys" -sudo mount --make-private "${ROOT_DIR}/sys" - -sudo cp "${PWD}/os/internal/stage2.sh" "${ROOT_DIR}/stage2.sh" -echo "${ROOT_UUID}" | sudo tee "${ROOT_DIR}/root-uuid" > /dev/null -sudo mv "${ROOT_DIR}/etc/resolv.conf" "${ROOT_DIR}/etc/resolv.conf.orig" -sudo cp "/etc/resolv.conf" "${ROOT_DIR}/etc/resolv.conf" -sudo chroot "${ROOT_DIR}" /bin/sh -c "/stage2.sh ${TARGET_ARCH} ${TARGET_ARCH_ALT}" -sudo mv "${ROOT_DIR}/etc/resolv.conf.orig" "${ROOT_DIR}/etc/resolv.conf" -sudo rm -f "${ROOT_DIR}/stage2.sh" -sudo rm -f "${ROOT_DIR}/root-uuid" - -{ - echo "# krata fstab" - echo "UUID=${ROOT_UUID} / ext4 relatime 0 1" - echo "UUID=${EFI_UUID} / vfat rw,relatime,fmask=0133,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2" -} | sudo tee "${ROOT_DIR}/etc/fstab" > /dev/null - -cleanup - -OS_SMALL_IMAGE="${TARGET_OS_DIR}/krata-${TARGET_ARCH}.small.qcow2" -qemu-img convert -O qcow2 "${OS_IMAGE}" "${OS_SMALL_IMAGE}" -mv -f "${OS_SMALL_IMAGE}" "${OS_IMAGE}" diff --git a/os/internal/stage1.sh b/os/internal/stage1.sh deleted file mode 100755 index 79e88c5..0000000 --- a/os/internal/stage1.sh +++ /dev/null @@ -1,78 +0,0 @@ -#!/bin/sh -set -e - -TARGET_ARCH="${1}" -apk add --update-cache alpine-base \ - linux-lts linux-firmware-none \ - mkinitfs dosfstools e2fsprogs \ - tzdata chrony - -apk add --allow-untrusted "/mnt/target/os/krata-${TARGET_ARCH}.apk" - -for SERVICE in kratad kratanet -do - rc-update add "${SERVICE}" default -done - -apk add xen xen-hypervisor - -rc-update add xenstored default - -for MODULE in xen-netblock xen-blkback tun tap -do - echo "${MODULE}" >> /etc/modules -done - -cat > /etc/network/interfaces <<-EOF - auto eth0 - iface eth0 inet dhcp -EOF - -for SERVICE in networking chronyd -do - rc-update add "${SERVICE}" default -done - -for SERVICE in devfs dmesg mdev hwdrivers cgroups -do - rc-update add "${SERVICE}" sysinit -done - -for SERVICE in modules hwclock swap hostname sysctl bootmisc syslog seedrng -do - rc-update add "${SERVICE}" boot -done - -for SERVICE in killprocs savecache mount-ro -do - rc-update add "${SERVICE}" shutdown -done - -echo 'root:krata' | chpasswd -echo 'krata' > /etc/hostname - -{ - echo '# krata resolver configuration' - echo 'nameserver 1.1.1.1' - echo 'nameserver 1.0.0.1' - echo 'nameserver 2606:4700:4700::1111' - echo 'nameserver 2606:4700:4700::1001' -} > /etc/resolv.conf - -{ - echo 'Welcome to krataOS!' - echo 'You may now login to the console to manage krata.' -} > /etc/issue - -echo > /etc/motd - -ln -s /usr/share/zoneinfo/UTC /etc/localtime - -rm -rf /var/cache/apk/* -rm -rf /.dockerenv - -cd / -rm -f "/mnt/target/os/rootfs-${TARGET_ARCH}.tar" -tar cf "/mnt/target/os/rootfs-${TARGET_ARCH}.tar" --numeric-owner \ - --exclude 'mnt/**' --exclude 'proc/**' \ - --exclude 'sys/**' --exclude 'dev/**' . diff --git a/os/internal/stage2.sh b/os/internal/stage2.sh deleted file mode 100755 index d834e4b..0000000 --- a/os/internal/stage2.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -set -e - -TARGET_ARCH="${1}" -TARGET_ARCH_ALT="${2}" -apk add --update-cache grub-efi -grub-install --target="${TARGET_ARCH_ALT}-efi" --efi-directory=/boot/efi --no-nvram --skip-fs-probe --bootloader-id=BOOT - -FROM_EFI_FILE="grubx64.efi" -TO_EFI_FILE="BOOTX64.efi" -if [ "${TARGET_ARCH}" = "aarch64" ] -then - FROM_EFI_FILE="grubaa64.efi" - TO_EFI_FILE="BOOTA64.efi" -fi - -mv "/boot/efi/EFI/BOOT/${FROM_EFI_FILE}" "/boot/efi/EFI/BOOT/${TO_EFI_FILE}" - -ROOT_UUID="$(cat /root-uuid)" - -{ - echo 'GRUB_CMDLINE_XEN_DEFAULT="dom0_mem=1024M,max:1024M"' - echo "GRUB_CMDLINE_LINUX_DEFAULT=\"quiet rootfstype=ext4 root=UUID=${ROOT_UUID} modules=ext4\"" - echo 'GRUB_DEFAULT="saved"' - echo 'GRUB_SAVEDEFAULT="true"' -} >> /etc/default/grub - -# fix bug in grub detection of xen support -cp /boot/config-*-lts /boot/config-lts -grub-mkconfig -o /boot/grub/grub.cfg -grub-set-default "$(grep ^menuentry /boot/grub/grub.cfg | grep Xen | cut -d \' -f 2 | head -1)" -rm -rf /var/cache/apk/*