From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 11 Oct 2023 09:27:30 +0000 (+0200)
Subject: Run scripts with ".chroot" extension inside the image
X-Git-Tag: v19~86
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4613b95106f246ec839758f1ffd2556498fa7530;p=thirdparty%2Fmkosi.git

Run scripts with ".chroot" extension inside the image

Our current approach to running scripts inside the image is only
really applicable to shell scripts. Let's make it easier to run
scripts written in arbitrary languages inside the image by running
scripts with the ".chroot" extension inside the image.
---

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 4474f8ed5..09936308c 100644
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -312,6 +312,10 @@ def finalize_mounts(config: MkosiConfig) -> list[PathString]:
     return flatten(["--bind", src, target] for src, target in sorted(set(sources), key=lambda s: s[1]))
 
 
+def script_maybe_chroot(script: Path, mountpoint: str) -> list[str]:
+    return ["mkosi-chroot", mountpoint] if script.suffix == ".chroot" else [os.fspath(script)]
+
+
 def run_prepare_scripts(state: MkosiState, build: bool) -> None:
     if not state.config.prepare_scripts:
         return
@@ -354,7 +358,7 @@ def run_prepare_scripts(state: MkosiState, build: bool) -> None:
 
             with complete_step(step_msg.format(script)):
                 bwrap(
-                    [script, arg],
+                    script_maybe_chroot(script, "/work/prepare") + [arg],
                     network=True,
                     readonly=True,
                     options=finalize_mounts(state.config),
@@ -411,9 +415,11 @@ def run_build_scripts(state: MkosiState) -> None:
                 ],
             )
 
+            cmdline = state.args.cmdline if state.args.verb == Verb.build else []
+
             with complete_step(f"Running build script {script}…"):
                 bwrap(
-                    [script, *(state.args.cmdline if state.args.verb == Verb.build else [])],
+                    script_maybe_chroot(script, "/work/build-script") + cmdline,
                     network=state.config.with_network,
                     readonly=True,
                     options=finalize_mounts(state.config),
@@ -455,7 +461,7 @@ def run_postinst_scripts(state: MkosiState) -> None:
 
         with complete_step(f"Running postinstall script {script}…"):
             bwrap(
-                [script, "final"],
+                script_maybe_chroot(script, "/work/postinst") + ["final"],
                 network=state.config.with_network,
                 readonly=True,
                 options=finalize_mounts(state.config),
@@ -497,7 +503,7 @@ def run_finalize_scripts(state: MkosiState) -> None:
 
         with complete_step(f"Running finalize script {script}…"):
             bwrap(
-                [script],
+                script_maybe_chroot(script, "/work/finalize"),
                 network=state.config.with_network,
                 readonly=True,
                 options=finalize_mounts(state.config),
diff --git a/mkosi/config.py b/mkosi/config.py
index a8cc83961..c008c5545 100644
--- a/mkosi/config.py
+++ b/mkosi/config.py
@@ -1357,7 +1357,7 @@ SETTINGS = (
         metavar="PATH",
         section="Content",
         parse=config_make_list_parser(delimiter=",", parse=make_path_parser(executable=True)),
-        paths=("mkosi.prepare",),
+        paths=("mkosi.prepare", "mkosi.prepare.chroot"),
         path_default=False,
         help="Prepare script to run inside the image before it is cached",
         compat_names=("PrepareScript",),
@@ -1368,7 +1368,7 @@ SETTINGS = (
         metavar="PATH",
         section="Content",
         parse=config_make_list_parser(delimiter=",", parse=make_path_parser(executable=True)),
-        paths=("mkosi.build",),
+        paths=("mkosi.build", "mkosi.build.chroot"),
         path_default=False,
         help="Build script to run inside image",
         compat_names=("BuildScript",),
@@ -1380,7 +1380,7 @@ SETTINGS = (
         name="PostInstallationScripts",
         section="Content",
         parse=config_make_list_parser(delimiter=",", parse=make_path_parser(executable=True)),
-        paths=("mkosi.postinst",),
+        paths=("mkosi.postinst", "mkosi.postinst.chroot"),
         path_default=False,
         help="Postinstall script to run inside image",
         compat_names=("PostInstallationScript",),
@@ -1391,7 +1391,7 @@ SETTINGS = (
         metavar="PATH",
         section="Content",
         parse=config_make_list_parser(delimiter=",", parse=make_path_parser(executable=True)),
-        paths=("mkosi.finalize",),
+        paths=("mkosi.finalize", "mkosi.finalize.chroot"),
         path_default=False,
         help="Postinstall script to run outside image",
         compat_names=("FinalizeScript",),
diff --git a/mkosi/resources/mkosi.md b/mkosi/resources/mkosi.md
index 936140738..6e5e7f19c 100644
--- a/mkosi/resources/mkosi.md
+++ b/mkosi/resources/mkosi.md
@@ -1455,6 +1455,11 @@ following scripts are supported:
 * If **`mkosi.finalize`** (`FinalizeScripts=`) exists, it is executed as
   the last step of preparing an image.
 
+If a script uses the `.chroot` extension, mkosi will chroot into the
+image using `mkosi-chroot` (see below) before executing the script. For
+example, if `mkosi.postinst.chroot` exists, mkosi will chroot into the
+image and execute it as the post-installation script.
+
 Scripts executed by mkosi receive the following environment variables:
 
 * `$CHROOT_SCRIPT` contains the path to the running script relative to