Add real runtime materialization pipeline and bundle artifacts

2026-03-06 19:26:29 -03:00 · 2026-03-06 19:26:29 -03:00 · c43c718c83
commit c43c718c83
parent cbf212bb7b
32 changed files with 1456 additions and 27 deletions
--- a/runtime_sources/linux-x86_64/scripts/build_debian_rootfs.sh
+++ b/runtime_sources/linux-x86_64/scripts/build_debian_rootfs.sh
@ -0,0 +1,97 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+builder_image=""
+debian_release=""
+debian_snapshot=""
+packages_file=""
+guest_agent=""
+guest_init=""
+agent_service=""
+workdir=""
+output=""
+
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --builder-image) builder_image="$2"; shift 2 ;;
+    --debian-release) debian_release="$2"; shift 2 ;;
+    --debian-snapshot) debian_snapshot="$2"; shift 2 ;;
+    --packages-file) packages_file="$2"; shift 2 ;;
+    --guest-agent) guest_agent="$2"; shift 2 ;;
+    --guest-init) guest_init="$2"; shift 2 ;;
+    --agent-service) agent_service="$2"; shift 2 ;;
+    --workdir) workdir="$2"; shift 2 ;;
+    --output) output="$2"; shift 2 ;;
+    *) echo "unknown arg: $1" >&2; exit 1 ;;
+  esac
+done
+
+: "${builder_image:?missing --builder-image}"
+: "${debian_release:?missing --debian-release}"
+: "${debian_snapshot:?missing --debian-snapshot}"
+: "${packages_file:?missing --packages-file}"
+: "${guest_agent:?missing --guest-agent}"
+: "${guest_init:?missing --guest-init}"
+: "${agent_service:?missing --agent-service}"
+: "${workdir:?missing --workdir}"
+: "${output:?missing --output}"
+
+rm -rf "$workdir"
+mkdir -p "$workdir/in" "$workdir/out" "$(dirname "$output")"
+workdir="$(cd "$workdir" && pwd)"
+output_dir="$(cd "$(dirname "$output")" && pwd)"
+output="$output_dir/$(basename "$output")"
+cp "$packages_file" "$workdir/in/packages.txt"
+cp "$guest_agent" "$workdir/in/pyro_guest_agent.py"
+cp "$guest_init" "$workdir/in/pyro-init"
+cp "$agent_service" "$workdir/in/pyro-guest-agent.service"
+
+container_script="$workdir/build-rootfs-container.sh"
+cat > "$container_script" <<'SCRIPT'
+#!/usr/bin/env bash
+set -euo pipefail
+export DEBIAN_FRONTEND=noninteractive
+apt-get update
+apt-get install -y --no-install-recommends ca-certificates debootstrap e2fsprogs systemd-container
+
+mirror="http://snapshot.debian.org/archive/debian/${DEBIAN_SNAPSHOT}/"
+packages_csv="$(paste -sd, /work/in/packages.txt)"
+rootfs_dir="/work/rootfs"
+rm -rf "$rootfs_dir"
+mkdir -p "$rootfs_dir"
+
+debootstrap \
+  --arch=amd64 \
+  --variant=minbase \
+  --include="$packages_csv" \
+  --no-check-gpg \
+  "$DEBIAN_RELEASE" \
+  "$rootfs_dir" \
+  "$mirror"
+
+cat > "$rootfs_dir/etc/apt/sources.list" <<APT
+ deb [check-valid-until=no] http://snapshot.debian.org/archive/debian/${DEBIAN_SNAPSHOT}/ ${DEBIAN_RELEASE} main
+ deb [check-valid-until=no] http://snapshot.debian.org/archive/debian-security/${DEBIAN_SNAPSHOT}/ ${DEBIAN_RELEASE}-security main
+APT
+
+mkdir -p "$rootfs_dir/opt/pyro/bin" "$rootfs_dir/etc/systemd/system/multi-user.target.wants"
+install -m 0755 /work/in/pyro_guest_agent.py "$rootfs_dir/opt/pyro/bin/pyro_guest_agent.py"
+install -m 0755 /work/in/pyro-init "$rootfs_dir/opt/pyro/bin/pyro-init"
+install -m 0644 /work/in/pyro-guest-agent.service "$rootfs_dir/etc/systemd/system/pyro-guest-agent.service"
+ln -sf /etc/systemd/system/pyro-guest-agent.service \
+  "$rootfs_dir/etc/systemd/system/multi-user.target.wants/pyro-guest-agent.service"
+ln -sf /opt/pyro/bin/pyro-init "$rootfs_dir/sbin/init"
+printf '127.0.0.1 localhost\n' > "$rootfs_dir/etc/hosts"
+truncate -s 2G /work/out/rootfs.ext4
+mkfs.ext4 -F -d "$rootfs_dir" /work/out/rootfs.ext4 >/dev/null
+SCRIPT
+chmod +x "$container_script"
+
+docker run --rm \
+  -e DEBIAN_RELEASE="$debian_release" \
+  -e DEBIAN_SNAPSHOT="$debian_snapshot" \
+  -v "$workdir:/work" \
+  "$builder_image" \
+  /work/build-rootfs-container.sh
+
+cp "$workdir/out/rootfs.ext4" "$output"