[neon/ubuntu-core] /: Initial commit allowing to build rough images
Kevin Ottens
null at kde.org
Wed Mar 27 16:27:43 GMT 2024
Git commit eacb572e92e7820cb0257cc41427cd3c4d1dfdf7 by Kevin Ottens.
Committed on 27/03/2024 at 16:27.
Pushed by ervin into branch 'master'.
Initial commit allowing to build rough images
A +8 -0 .gitignore
A +35 -0 Makefile
A +53 -0 README.md
A +17 -0 create-snap-list.sh
A +17 -0 finalize-json.sh
A +221 -0 kde-neon-core-amd64.json
A +0 -0 local-snaps/.dummy
A +13 -0 run-image.sh
https://invent.kde.org/neon/ubuntu-core/-/commit/eacb572e92e7820cb0257cc41427cd3c4d1dfdf7
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..de252d6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,8 @@
+local-snaps/*
+*-signed-*.json
+*-dangerous-*.json
+*.snap-list
+*.model
+*.model.build
+*.img
+*.tar.gz
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..723cde4
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,35 @@
+all: dangerous signed
+
+dangerous: kde-neon-core-dangerous-amd64.tar.gz
+
+signed: kde-neon-core-signed-amd64.tar.gz
+
+kde-neon-core-signed-amd64.json: kde-neon-core-amd64.json
+ ./finalize-json.sh signed $< $@
+
+kde-neon-core-dangerous-amd64.json: kde-neon-core-amd64.json
+ ./finalize-json.sh dangerous $< $@
+
+kde-neon-core-signed-amd64.snap-list: kde-neon-core-amd64.json
+ ./create-snap-list.sh signed $< $@
+
+kde-neon-core-dangerous-amd64.snap-list: kde-neon-core-amd64.json
+ ./create-snap-list.sh dangerous $< $@
+
+%.model: %.json
+ snap sign -k kde-neon-core-image-key $< > $@
+
+%.img: %.model %.snap-list
+ $(eval SNAPS = $(shell cat $(basename $@).snap-list))
+ ubuntu-image snap --output-dir $<.build --image-size 30G \
+ $(foreach snap,$(SNAPS),--snap $(snap)) $<
+ mv $<.build/pc.img $@
+
+%.tar.gz: %.img
+ tar zcvf $@ $<
+
+clean:
+ rm -rf *.model.build
+ rm -f *.snap-list *.model *.img *.tar.gz *-signed-*.json *-dangerous-*.json
+
+.PHONY: all clean dangerous signed
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..28559c9
--- /dev/null
+++ b/README.md
@@ -0,0 +1,53 @@
+# KDE Neon Core Image Building
+
+This repository contains all that's needed to build and run images provided the system has the right dependencies.
+
+## Building images
+
+There are two grades of images: signed and dangerous. Using `make <grade>` to build one of the two images. `make` or `make all` will build both the dangerous and the signed images. They will also be automatically compressed in `tar.gz` format at the end of the process.
+
+### Signatures and keys
+
+Signatures will occur during this process. This requires having an Ubuntu One account as described here:
+
+https://ubuntu.com/core/docs/create-ubuntu-one
+
+This also requires having registered keys, as described in the first two steps of this page:
+
+https://ubuntu.com/core/docs/sign-model-assertion
+
+The `Makefile` will handle the rest for you but it assumes your key to be created with the name `kde-neon-core-image-key`.
+
+Also, no build can occur if you're not authenticated in your Ubuntu One account with `snapcraft`. To sanity check this, running `snapcraft whoami` will tell you under which account you are authenticated.
+
+### dangerous vs signed
+
+The main difference between the dangerous and the signed images is the amount of freedom you get as to their content. The signed image will contain only the snaps listed in `kde-neon-core-amd64.json`. The dangerous image allows you to inject extra snaps or override some of the snaps of the list with locally built one.
+
+As a developer, `make dangerous` is probably what you will want to use most of the time. To inject or override snaps, simply drop your own snaps in the `local-snaps` directory. Any snap in this directory will be injected in the dangerous image.
+
+## Running images
+
+Simply run the `run-image.sh` script passing the image as parameter. For instance:
+
+```
+./run-image.sh kde-neon-core-dangerous-amd64.img
+```
+
+## Dependencies
+
+For building images:
+
+* snap
+* snapcraft
+* ubuntu-image
+* make
+* jq
+* date
+* tar
+* gzip
+
+For running images:
+
+* qemu-system-x86_64
+
diff --git a/create-snap-list.sh b/create-snap-list.sh
new file mode 100755
index 0000000..37e968a
--- /dev/null
+++ b/create-snap-list.sh
@@ -0,0 +1,17 @@
+#! /bin/sh
+
+GRADE=$1
+INPUT=$2
+OUTPUT=$3
+
+JQ_SCRIPT="
+ .snaps[] |
+ select(.presence == \"optional\") |
+ .name"
+
+cat $INPUT | jq "$JQ_SCRIPT" > $OUTPUT
+
+if [ $GRADE = "dangerous" ]; then
+ ls ./local-snaps/*.snap >> $OUTPUT
+fi
+
diff --git a/finalize-json.sh b/finalize-json.sh
new file mode 100755
index 0000000..b3e8765
--- /dev/null
+++ b/finalize-json.sh
@@ -0,0 +1,17 @@
+#! /bin/sh
+
+GRADE=$1
+INPUT=$2
+OUTPUT=$3
+
+UBUNTU_ID=`snapcraft whoami | grep '^id:' | awk '{print $2;}'`
+TIMESTAMP=`date -Iseconds --utc`
+JQ_SCRIPT="
+ .[\"authority-id\"] = \"$UBUNTU_ID\" |
+ .[\"brand-id\"] = \"$UBUNTU_ID\" |
+ .[\"grade\"] = \"$GRADE\" |
+ .[\"display-name\"] = (.[\"display-name\"] + \", $GRADE\") |
+ .[\"timestamp\"] = \"$TIMESTAMP\""
+
+cat $INPUT | jq "$JQ_SCRIPT" > $OUTPUT
+
diff --git a/kde-neon-core-amd64.json b/kde-neon-core-amd64.json
new file mode 100644
index 0000000..69817c1
--- /dev/null
+++ b/kde-neon-core-amd64.json
@@ -0,0 +1,221 @@
+{
+ "type": "model",
+ "authority-id": null,
+ "brand-id": null,
+ "series": "16",
+ "model": "kde-neon-core-22-amd64",
+ "display-name":"KDE Neon Core 22 (amd64)",
+ "architecture": "amd64",
+ "revision": "0",
+ "timestamp": null,
+ "grade": null,
+ "storage-safety": "prefer-encrypted",
+ "base": "core22-desktop",
+ "snaps": [
+ {
+ "name": "pc-desktop",
+ "default-channel": "22/candidate",
+ "type": "gadget",
+ "id": "mZqHskGgGDECRCKP7h7ef3Rl2wTwyNfy"
+ },
+ {
+ "name": "pc-kernel",
+ "default-channel": "23.10/stable",
+ "type": "kernel",
+ "id": "pYVQrBcKmBa0mZ4CCN7ExT6jH8rY1hza"
+ },
+ {
+ "name": "snapd",
+ "default-channel": "latest/edge/ubuntu-core-desktop",
+ "type": "snapd",
+ "id": "PMrrV4ml8uWuEUDBT8dSGnKUYbevVhc4"
+ },
+ {
+ "name": "core22-desktop",
+ "default-channel": "latest/stable",
+ "type": "base",
+ "id": "qRMmQqNDz8kRUTqFIgqk2RzNNoC7jUZ6"
+ },
+ {
+ "name": "ubuntu-desktop-session",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "LVkazk0JLrL0ivuHRlv3wp3bK1nAgwtN"
+ },
+ {
+ "name": "core22",
+ "default-channel": "latest/stable",
+ "type": "base",
+ "id": "amcUKQILKXHHTlmSa7NMdnXSx02dNeeT"
+ },
+ {
+ "name": "network-manager",
+ "default-channel": "22/stable",
+ "type": "app",
+ "id": "RmBXKl6HO6YOC2DE4G2q1JzWImC04EUy"
+ },
+ {
+ "name": "bare",
+ "default-channel": "latest/stable",
+ "type": "base",
+ "id": "EISPgh06mRh1vordZY9OZ34QHdd7OrdR"
+ },
+ {
+ "name": "gtk-common-themes",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "jZLfBRzf1cYlYysIjD2bwSzNtngY0qit"
+ },
+ {
+ "name": "gnome-42-2204",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "lATO8HzwVvrAPrlZRAWpfyrJKlAJrZS3"
+ },
+ {
+ "name": "cups",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "m1eQacDdXCthEwWQrESei3Zao3d5gfJF"
+ },
+ {
+ "name": "ipp-usb",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "WJKWBUuCDufOFw2p24tvkbbw02plGkbd"
+ },
+ {
+ "name": "avahi",
+ "default-channel": "22/stable",
+ "type": "app",
+ "id": "dVK2PZeOLKA7vf1WPCap9F8luxTk9Oll"
+ },
+ {
+ "name": "bluez",
+ "default-channel": "22/stable",
+ "type": "app",
+ "id": "JmzJi9kQvHUWddZ32PDJpBRXUpGRxvNS"
+ },
+ {
+ "name": "lxd",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "J60k4JY0HppjwOjW8dZdYc8obXKxujRu"
+ },
+ {
+ "name": "snapd-desktop-integration",
+ "default-channel": "latest/edge/ubuntu-core-desktop",
+ "type": "app",
+ "id": "IrwRHakqtzhFRHJOOPxKVPU0Kk7Erhcu"
+ },
+ {
+ "name": "snap-store",
+ "default-channel": "latest/stable/ubuntu-23.10",
+ "type": "app",
+ "id": "gjf3IPXoRiipCu9K0kVu52f0H56fIksg"
+ },
+ {
+ "name": "ubuntu-core-desktop-init",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "xODwiAdjx9KGChvI1z9Xx2JWJE7oLFF6"
+ },
+ {
+ "name": "kf5-5-111-qt-5-15-11-core22",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "XpR9oTQLF33NG8XcTC6pqKqx19OMF32p"
+ },
+ {
+ "name": "kcalc",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "yUnRIACvPcaHjEasN7enV9PYXgrXVdML",
+ "presence": "optional"
+ },
+ {
+ "name": "loupe",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "Si21Q1kjaZpyJ8TfGbAnxJ4y6KMv7FuW",
+ "presence": "optional"
+ },
+ {
+ "name": "evince",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "EDFg87ESUg9sAIlm0Vm5Wmr0LjiEonSm",
+ "presence": "optional"
+ },
+ {
+ "name": "firefox",
+ "default-channel": "latest/stable/ubuntu-23.10",
+ "type": "app",
+ "id": "3wdHCAVyZEmYsCMFDE9qt92UV8rC8Wdk",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-calculator",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "J8OcDPQ0JM8dbvk29HRqpWVI9kBw0atG",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-characters",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "qJcS3UjpF9AMJKWAiKwA5EWbm0y6Uduw",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-clocks",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "8NtSF2nXW6krsxbXBYydy1j985k6ZsVK",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-font-viewer",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "BzJuWXmCIpyjUKotXPWU2psnl8gEh4hm",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-logs",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "kIMfmZTJspWa8vtfbgU3W9Nbv4V5Qgmh",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-text-editor",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "PZj2sEabMQrVUV1HKZmmmXSk3E6wKC9i",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-weather",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "LhzK7p8214jufMYx1kz43QkWhFnOKdbr",
+ "presence": "optional"
+ },
+ {
+ "name": "workshops",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "JMjaFobGn56fh1HepiaGuCxQgbWYnHc8",
+ "presence": "optional"
+ },
+ {
+ "name": "gnome-system-monitor",
+ "default-channel": "latest/stable",
+ "type": "app",
+ "id": "9BTClmjz31r0UltmbJ5nnGe0Xm1AzfMp",
+ "presence": "optional"
+ }
+ ]
+}
diff --git a/local-snaps/.dummy b/local-snaps/.dummy
new file mode 100644
index 0000000..e69de29
diff --git a/run-image.sh b/run-image.sh
new file mode 100755
index 0000000..c3c80f0
--- /dev/null
+++ b/run-image.sh
@@ -0,0 +1,13 @@
+#! /bin/sh
+
+IMAGE=$1
+
+qemu-system-x86_64 -smp 2 -m 2048 -machine accel=kvm \
+ -display gtk,gl=on \
+ -net nic,model=virtio -net user,hostfwd=tcp::8022-:22 \
+ -drive file=/usr/share/qemu/ovmf-x86_64.bin,if=pflash,format=raw,unit=0,readonly=on \
+ -drive file=$IMAGE,cache=none,format=raw,id=main,if=none \
+ -device virtio-blk-pci,drive=main,bootindex=1 \
+ -audiodev pa,id=snd0 \
+ -device ac97,audiodev=snd0
+
More information about the Neon-commits
mailing list