1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
|
# Copyright (c) 2015 SUSE Linux GmbH. All rights reserved.
#
# This file is part of kiwi.
#
# kiwi is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# kiwi is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with kiwi. If not, see <http://www.gnu.org/licenses/>
#
import os
import logging
from urllib.parse import urlparse
from typing import List, Dict
# project
import kiwi.defaults as defaults
from kiwi.utils.temporary import (
Temporary, TmpT
)
from kiwi.repository.template.apt import PackageManagerTemplateAptGet
from kiwi.repository.base import RepositoryBase
from kiwi.path import Path
from kiwi.command import Command
from kiwi.utils.toenv import ToEnv
log = logging.getLogger('kiwi')
class RepositoryApt(RepositoryBase):
"""
**Implements repository handling for apt-get package manager**
:param str shared_apt_get_dir:
shared directory between image root and build system root
:param str runtime_apt_get_config_file: apt-get runtime config file name
:param list apt_get_args: apt-get caller arguments
:param dict command_env: customized os.environ for apt-get
:param manager_base: shared location for apt-get repodata between
host and image
"""
def post_init(self, custom_args: List = []) -> None:
"""
Post initialization method
Store custom apt-get arguments and create runtime configuration
and environment
:param list custom_args: apt-get arguments
"""
self.runtime_apt_get_config_file = TmpT(name='')
self.custom_args = custom_args
self.exclude_docs = False
self.signing_keys: List = []
# extract custom arguments used for apt config only
if 'exclude_docs' in self.custom_args:
self.custom_args.remove('exclude_docs')
self.exclude_docs = True
if 'check_signatures' in self.custom_args:
self.custom_args.remove('check_signatures')
self.unauthenticated = 'false'
else:
self.unauthenticated = 'true'
self.distribution: str = ''
self.distribution_path: str = ''
self.repo_names: List = []
self.components: List = []
# apt-get support is based on creating a sources file which
# contains path names to the repo and its cache. In order to
# allow a persistent use of the files in and outside of a chroot
# call an active bind mount from RootBind::mount_shared_directory
# is expected and required
self.manager_base = self.shared_location + '/apt-get'
self.shared_apt_get_dir = {
'sources-dir': self.manager_base + '/sources.list.d',
'preferences-dir': self.manager_base + '/preferences.d'
}
self.keyring = '{}/trusted.gpg'.format(self.manager_base)
self.runtime_apt_get_config_file = Temporary(
path=self.root_dir, prefix='kiwi_apt.config'
).unmanaged_file()
self.apt_get_args = [
'-q', '-c', self.runtime_apt_get_config_file.name, '-y'
] + self.custom_args
self.command_env = self._create_apt_get_runtime_environment()
# config file for apt-get tool
self.apt_conf = PackageManagerTemplateAptGet()
self._write_runtime_config()
def setup_package_database_configuration(self) -> None:
"""
Setup package database configuration
No special database configuration required for apt
"""
pass
def use_default_location(self) -> None:
"""
Setup apt-get repository operations to store all data
in the default places
"""
self.manager_base = os.sep.join([self.root_dir, 'etc/apt'])
self.shared_apt_get_dir['sources-dir'] = \
os.sep.join([self.manager_base, 'sources.list.d'])
self.shared_apt_get_dir['preferences-dir'] = \
os.sep.join([self.manager_base, 'preferences.d'])
self._write_runtime_config(system_default=True)
def runtime_config(self) -> Dict:
"""
apt-get runtime configuration and environment
"""
return {
'apt_get_args': self.apt_get_args,
'command_env': self.command_env,
'distribution': self.distribution,
'distribution_path': self.distribution_path
}
def add_repo(
self, name: str, uri: str, repo_type: str = 'deb',
prio: int = None, dist: str = None, components: str = None,
user: str = None, secret: str = None, credentials_file: str = None,
repo_gpgcheck: bool = None, pkg_gpgcheck: bool = None,
sourcetype: str = None, customization_script: str = None,
architectures: str = None
) -> None:
"""
Add apt_get repository
:param str name: repository base file name
:param str uri: repository URI
:param str repo_type: unused
:param int prio: unused
:param str dist: distribution name for non flat deb repos
:param str components: distribution categories
:param str user: unused
:param str secret: unused
:param str credentials_file: unused
:param bool repo_gpgcheck: enable repository signature validation
:param bool pkg_gpgcheck: unused
:param str sourcetype: unused
:param str customization_script:
custom script called after the repo file was created
:param str architectures:
identifies which architectures are supported by this repository
"""
sources_file = '/'.join(
[self.shared_apt_get_dir['sources-dir'], name + '.sources']
)
pref_file = '/'.join(
[self.shared_apt_get_dir['preferences-dir'], name + '.pref']
)
self.repo_names.append(name + '.sources')
if os.path.exists(uri):
# apt-get requires local paths to take the file: type
uri = 'file:/' + uri
uri = uri.replace('file://', 'file:/')
if not components:
components = 'main'
self._add_components(components)
with open(sources_file, 'w') as repo:
repo_details = 'Types: deb' + os.linesep
repo_details += 'URIs: ' + uri + os.linesep
if architectures:
repo_details += 'Architectures: {}{}'.format(
architectures.replace(',', ' '), os.linesep
)
if not dist:
# create a debian flat repository setup. We consider the
# repository metadata to exist on the toplevel of the
# specified uri. This applies to the way the open build
# service creates debian repositories and should be
# done in the same way for other repositories when used
# with kiwi
repo_details += 'Suites: ./' + os.linesep
else:
# create a debian distributon repository setup for the
# specified distributon name and components
self.distribution = dist
self.distribution_path = uri
repo_details += 'Suites: ' + dist + os.linesep
repo_details += 'Components: ' + components + os.linesep
if repo_gpgcheck is False:
repo_details += 'trusted: yes' + os.linesep
repo_details += 'check-valid-until: no' + os.linesep
repo.write(repo_details)
if customization_script:
self.run_repo_customize(customization_script, sources_file)
if prio:
uri_parsed = urlparse(uri.replace('file://', 'file:/'))
with open(pref_file, 'w') as pref:
pref.write('Package: *{0}'.format(os.linesep))
if not uri_parsed.hostname:
pref.write(
'Pin: origin ""{0}'.format(os.linesep)
)
else:
pref.write(
'Pin: origin "{0}"{1}'.format(
uri_parsed.hostname, os.linesep
)
)
pref.write(
'Pin-Priority: {0}{1}'.format(prio, os.linesep)
)
if customization_script:
self.run_repo_customize(customization_script, pref_file)
def import_trusted_keys(self, signing_keys: List) -> None:
"""
Creates a new keyring including provided keys
:param list signing_keys: list of the key files to import
"""
keybox = '{}/trusted-keybox.gpg'.format(self.manager_base)
gpg_args = [
'gpg', '--no-options', '--no-default-keyring',
'--no-auto-check-trustdb', '--trust-model', 'always',
'--keyring', keybox
]
if os.path.exists(self.keyring):
os.unlink(self.keyring)
if os.path.exists(keybox):
os.unlink(keybox)
for key in signing_keys:
Command.run(gpg_args + ['--import', '--ignore-time-conflict', key])
if os.path.exists(keybox):
Command.run(
gpg_args + ['--export', '--yes', '--output', self.keyring]
)
os.unlink(keybox)
log.info('Custom keyring for APT created: {}'.format(self.keyring))
log.warning(
'The keyring is only available at build time. '
'It will not be part of the resulting image'
)
def delete_repo(self, name: str) -> None:
"""
Delete apt-get repository
:param str name: repository base file name
"""
Path.wipe(
self.shared_apt_get_dir['sources-dir'] + '/' + name + '.sources'
)
def delete_all_repos(self) -> None:
"""
Delete all apt-get repositories
"""
Path.wipe(self.shared_apt_get_dir['sources-dir'])
Path.create(self.shared_apt_get_dir['sources-dir'])
def delete_repo_cache(self, name: str) -> None:
"""
Delete apt-get repository cache
Apt stores the package cache in a collection of binary files
and deb archives. As of now I couldn't came across a solution
which allows for deleting only the cache data for a specific
repository. Thus the repo cache cleanup affects all cache
data
:param str name: unused
"""
for cache_file in ['archives', 'pkgcache.bin', 'srcpkgcache.bin']:
Path.wipe(os.sep.join([self.manager_base, cache_file]))
def cleanup_unused_repos(self) -> None:
"""
Delete unused apt_get repositories
Repository configurations which are not used for this build
must be removed otherwise they are taken into account for
the package installations
"""
repos_dir = self.shared_apt_get_dir['sources-dir']
repo_files = list(os.walk(repos_dir))[0][2]
for repo_file in repo_files:
if repo_file not in self.repo_names:
Path.wipe(repos_dir + '/' + repo_file)
def _add_components(self, components: str) -> None:
for component in components.split():
if component not in self.components:
self.components.append(component)
def _create_apt_get_runtime_environment(self) -> Dict:
for apt_get_dir in list(self.shared_apt_get_dir.values()):
Path.create(apt_get_dir)
ToEnv(self.root_dir, defaults.PACKAGE_MANAGER_ENV_VARS)
return dict(
os.environ, LANG='C', DEBIAN_FRONTEND='noninteractive'
)
def _write_runtime_config(self, system_default: bool = False) -> None:
parameters = {
'apt_shared_base': self.manager_base,
'unauthenticated': self.unauthenticated
}
if not system_default:
template = self.apt_conf.get_host_template(self.exclude_docs)
apt_conf_data = template.substitute(parameters)
else:
template = self.apt_conf.get_image_template(self.exclude_docs)
apt_conf_data = template.substitute(parameters)
with open(self.runtime_apt_get_config_file.name, 'w') as config:
config.write(apt_conf_data)
def cleanup(self) -> None:
"""
Delete intermediate apt config file
"""
if os.path.isfile(self.runtime_apt_get_config_file.name):
os.unlink(self.runtime_apt_get_config_file.name)
|