forked from bootcrew/arch-bootc
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJustfile
More file actions
55 lines (49 loc) · 2.1 KB
/
Justfile
File metadata and controls
55 lines (49 loc) · 2.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
image_name := env("BUILD_IMAGE_NAME", "apollo")
image_tag := env("BUILD_IMAGE_TAG", "latest")
base_dir := env("BUILD_BASE_DIR", ".")
filesystem := env("BUILD_FILESYSTEM", "ext4")
build_args := env("BUILD_ARGUMENTS", "")
just := just_executable()
container_runtime := env("CONTAINER_RUNTIME", `command -v podman >/dev/null 2>&1 && echo podman || echo docker`)
[private]
default:
@{{ just }} --list
# Build the OS image from the containerfile
build-containerfile $image_name=image_name $build_args=build_args:
sudo {{container_runtime}} build --build-arg IMAGE_NAME="${image_name}" ${build_args} -t "${image_name}:latest" .
bootc *ARGS:
sudo {{container_runtime}} run \
--rm --privileged --pid=host \
-it \
-v /sys/fs/selinux:/sys/fs/selinux \
-v /etc/containers:/etc/containers:Z \
-v /var/lib/containers:/var/lib/containers:Z \
-v /dev:/dev \
-e RUST_LOG=debug \
-v "{{base_dir}}:/data" \
--security-opt label=type:unconfined_t \
"{{image_name}}:{{image_tag}}" bootc {{ARGS}}
# Generate a bootable .img file with Apollo installed
generate-bootable-image $base_dir=base_dir $filesystem=filesystem:
#!/usr/bin/env bash
if [ ! -e "${base_dir}/bootable.img" ] ; then
fallocate -l 20G "${base_dir}/bootable.img"
fi
just bootc install to-disk --composefs-backend --via-loopback /data/bootable.img --filesystem "${filesystem}" --wipe --bootloader systemd
# Fix "cannot apply additional memory protection after relocation" errors building the image on systems with SELinux.
fix-selinux-container-permissions:
#!/usr/bin/env bash
sudo restorecon -RFv /var/lib/containers/storage
# Run a shell in the container
run-shell *ARGS:
sudo podman run \
--rm --privileged --pid=host \
-it \
-v /sys/fs/selinux:/sys/fs/selinux \
-v /etc/containers:/etc/containers:Z \
-v /var/lib/containers:/var/lib/containers:Z \
-v /dev:/dev \
-e RUST_LOG=debug \
-v "{{base_dir}}:/data" \
--security-opt label=type:unconfined_t \
"{{image_name}}:{{image_tag}}" bash