Merged
Conversation
- Exclude var_files patterns from sysext/confext .raw images (erofs and squashfs) - Apply extension var_files to var partition during runtime build - Apply runtime-level var_files mappings to var partition - Prime Docker image cache on var partition by starting a temporary dockerd - Auto-add --privileged to runtime build when extensions declare docker_images - Update compute_runtime_input_hash to include full parsed config for hash stability
Two issues caused the host Docker daemon to break after a runtime build with docker_images configured: 1. Cgroup contamination: the inner dockerd wrote into the host's /sys/fs/cgroup (via --privileged bind-mount). Fix: overmount /sys/fs/cgroup with a private cgroup2/tmpfs before starting the inner dockerd and umount it on exit. 2. docker0 deletion: with --network=host the inner dockerd shares the host network namespace and removes the docker0 bridge when it exits, breaking subsequent docker run calls on the host. Fix: save docker0's IP before starting the inner dockerd and restore the bridge in the cleanup trap if it was deleted. Also add --exec-opt native.cgroupdriver=cgroupfs to avoid systemd-cgroup interaction, use a trap for cleanup so it runs even on pull failure, and read remote extension configs directly from the Docker volume mountpoint (get_volume_mountpoint_sync) before falling back to spinning up a throwaway container, making the version-field merge more reliable.
When a container command fails due to a known Docker daemon health problem, print an actionable hint instead of the confusing low-level error. Currently handles two cases: - Missing docker0 bridge (bridge/veth Device does not exist): caused by an inner dockerd tearing down the host bridge on exit. Suggests `sudo systemctl restart docker`. - Daemon not running / socket missing: suggests `sudo systemctl start docker`. The hint is printed alongside the existing verbose error output so no information is lost.
- Add `sdk package <section>` command that stages compiled artifacts into a sysroot layout and builds architecture-specific RPMs via rpmbuild - Add `PackageConfig` and `SplitPackageConfig` structs to config; extend `CompileConfig` with optional `package` block (backward compatible) - Expose `$AVOCADO_BUILD_DIR` env var in `sdk compile`, `sdk clean`, and `ext build` install scripts for per-section out-of-tree build output - Fix `sdk clean` to pass `AVOCADO_BUILD_DIR` alongside `AVOCADO_SDK_PREFIX` - Use `--out` flag (consistent with other commands) for host output path; success message shows host-relative path, not container-internal path
…n compat flags Extension and runtime names can now be passed as positional arguments (e.g. `avocado ext image app`, `avocado runtime build dev`) matching the pattern already used by `avocado sdk compile <name>`. The -e and -r flags are kept hidden for backward compatibility. Note: `ext dnf` and `runtime dnf` are excluded due to clap limitations with trailing_var_arg.
…ds and fix commands - Add positional name arg to Commands::Provision, Deploy, Sign (hide -r/--runtime flag) - Update stamp fix_command() output to use positional syntax (avocado ext build app) - Update all tests to match new positional fix command format
…uild The kernel install script needs AVOCADO_BUILD_DIR to locate the bzImage produced by the SDK compile step. Set it to $AVOCADO_SDK_PREFIX/build/<section> matching the path used during compilation.
mobileoverlord
force-pushed
the
rel/0.27.0
branch
from
7cfa6cc to
3bff2c7
Compare
mobileoverlord
force-pushed
the
rel/0.27.0
branch
from
3bff2c7 to
ac56e0e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
var_filessupport for extensions: files matchingvar_filespatterns are excluded from the.rawsysext image (they live on the var partition)sdk package <section>command: stages cross-compiled artifacts and builds architecture-specific RPMs via rpmbuild, with optional Yocto-inspired sub-package splitting (-dev,-dbg,-src)$AVOCADO_BUILD_DIRenv var tosdk compile,sdk clean, andext buildinstall scripts for per-section out-of-tree build outputsdk cleanto passAVOCADO_BUILD_DIRalongsideAVOCADO_SDK_PREFIX--outflag tosdk packageto copy RPM(s) to host; success message shows host-relative path--outflag toext imageto copy resulting.rawimage to host after creationextandruntimesubcommand names positional args (e.g.avocado ext image app,avocado runtime build dev);-e/-rflags kept hidden for backward compatibilityprovision,deploy, andsigncommands; update stampfix_commandoutput to use positional syntaxAVOCADO_BUILD_DIRto kernel install script during runtime build (set to$AVOCADO_SDK_PREFIX/build/<section>matching the SDK compile path)AVOCADO_NO_UPDATE_CHECKTest plan
avocado sdk compile <section>— verify$AVOCADO_BUILD_DIRis available in compile scriptavocado sdk clean <section>— verify$AVOCADO_BUILD_DIRis set in clean scriptavocado sdk package <section> --out ./rpms— RPM appears atrpms/<name>.rpm, success message shows host pathavocado sdk package <section>(no--out) — success message shows filename only, not container-internal pathavocado ext image -e <ext> --out ./images—.rawimage copied to host output dirvar_files— verify var files excluded from sysext imageavocado ext image app— positional name arg works without-eflagavocado runtime build dev— positional name arg works without-rflagavocado provision dev,avocado deploy dev,avocado sign dev— positional name args work$AVOCADO_BUILD_DIRis set correctlyAVOCADO_NO_UPDATE_CHECK=1 avocado build— no update notice shown