Skip to content

Introduce tkey-app-builder build #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

Introduce tkey-app-builder build #7

wants to merge 3 commits into from

Conversation

@mchack-work
Copy link
Member

@mchack-work mchack-work commented Oct 25, 2024
edited
Loading

Description

Containerfile for tkey-app-builder. Moves the qemu dockerfile to contrib as well, adds make targets, and updates docs accordingly.

Note that the make target doesn't successfully build the qemu OCI image. This is true also for trying to build the qemu image from the dockerfile in the main branch! See #8.

A temporary fix to build qemu with the new tkey-app-builder is included in this PR. I don't know if we can use that somehow.

Relates to tillitis/tillitis-key1#272

Type of change

Please tick any that are relevant to this PR and remove any that aren't.

  • Feature (non breaking change which adds functionality)
  • Documentation (a change to documentation)

Submission checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my changes
  • I have tested and verified my changes on target
  • My changes are well written and CI is passing
  • I have squashed my work to relevant commits and rebased on main for linear history
  • I have added a "Co-authored-by: x" if several people contributed, either pair programming or by squashing commits from different authors.
  • I have updated the documentation where relevant (readme, dev.tillitis.se etc.)
  • QEMU is updated to reflect changes

@mchack-work mchack-work mentioned this pull request Oct 25, 2024
Open
@mchack-work
Add tkey-app-builder
cebf323 
- Add a tkey-app-builder OCI image source:
  contrib/tkey-app-builder.dockerfile

- Move the qemu source under contrib.

- Update documentation to reflect this.
@mchack-work
Fix qemu OCI image build
7befd31 
Temporary fix to make qemu build with our new tkey-app-builder by
installing missing package for Python venv and some more supporting
packages to be able to build.

The 444ee3d26c3acf651ff1bbb12023034ccee6ed68 commit to build the
firmware doesn't seem to exist anymore in tillitis-key1 so we use the
TK1-23.03.2 tag instead.

Of course the digest will be different when we build with new version
of the tools. We have to figure this out somehow, that is build a
Bellatrix version of a more modern codebase.

We probably also want to make the Ubuntu runtime slimmer.
@dehanj
Copy link
Member

dehanj commented Oct 28, 2024
edited
Loading

A few comments:

  • Any specific reason for using clang-17? That means we are two majors below clang/llvm. Clang-19.1 is released, so maybe we should at least use clang-18?
  • Do we need bash? Might be useful to run scripts in general.
  • It is not possible to use this image (at least out of the box) in CI for tkey-device-signer, these to jobs would fail
      - name: check for SPDX tags
        run: ./tools/spdx-ensure

      - name: make
        run: ./build.sh

Requires git and bash.

deadprogram
deadprogram reviewed Dec 17, 2024
View reviewed changes
contrib/tkey-qemu.dockerfile
# have this as part of its name, the tag is then used for versioning the image
# (could be updates to the TKey QEMU machine).
ARG TKEYREPO_TAG=TK1-23.03.1
ARG TKEYREPO_TAG=TK1-23.03.2
Copy link

@deadprogram deadprogram Dec 17, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps this could be the current release version?

Suggested change
ARG TKEYREPO_TAG=TK1-23.03.2
ARG TKEYREPO_TAG=TK1-24.03

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dehanj dehanj Awaiting requested review from dehanj

@jthornblad jthornblad Awaiting requested review from jthornblad

1 more reviewer

@deadprogram deadprogram deadprogram left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mchack-work @dehanj @deadprogram