diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..2a4ecef --- /dev/null +++ b/.editorconfig @@ -0,0 +1,11 @@ +root = true + +[*] +insert_final_newline = true +indent_style = space +indent_size = 4 +charset = utf-8 +trim_trailing_whitespace = true + +[*.j2] +indent_size = 2 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a85af79..5954ca1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -73,38 +73,6 @@ jobs: run: | earthly --ci --push -P +prebuild - build-scripts: - timeout-minutes: 60 - runs-on: ubuntu-latest - steps: - - uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 - with: - use-cache: false - - - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 - - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - fetch-depth: 0 - ref: ${{ inputs.ref }} - repository: ${{ inputs.repo }} - - - - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ github.token }} - - - - name: Run build - id: build - run: | - earthly --ci --push -P +build-scripts-all - build-images: permissions: packages: write diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index 6d1ee03..ea8a0a8 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -65,38 +65,6 @@ jobs: run: | earthly --ci --push -P +prebuild - build-scripts: - timeout-minutes: 60 - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - fetch-depth: 0 - fetch-tags: true - - - uses: dtolnay/rust-toolchain@38b70195107dddab2c7bbd522bcf763bac00963b # stable - - uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 - with: - use-cache: false - - name: Set up QEMU - uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 - - - name: Login to GitHub Container Registry - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ github.token }} - - - name: Run build - id: build - run: | - LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1`) - CARGO_PACKAGE_VERSION="v$(cargo metadata --format-version 1 | jq -r '.packages[] | select(.name == "blue-build") .version')" - LATEST=$(test "$CARGO_PACKAGE_VERSION" = "$LATEST_TAG" && echo true || echo false) - earthly --ci --push +build-scripts-all --TAGGED="true" --LATEST="$LATEST" - build-images: permissions: packages: write diff --git a/Cargo.lock b/Cargo.lock index 8939820..79f0e1d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -17,6 +17,12 @@ version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa" +[[package]] +name = "adler32" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234" + [[package]] name = "aead" version = "0.5.2" @@ -460,6 +466,7 @@ dependencies = [ "requestty", "reqwest", "rstest", + "rust-embed", "rusty-hook", "semver", "serde", @@ -896,7 +903,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c" dependencies = [ "lazy_static", - "windows-sys 0.48.0", + "windows-sys 0.59.0", ] [[package]] @@ -991,6 +998,15 @@ version = "0.8.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b" +[[package]] +name = "core2" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b49ba7ef1ad6107f8824dbe97de947cbaac53c44e7f9756a1fba0d37c1eec505" +dependencies = [ + "memchr", +] + [[package]] name = "cpufeatures" version = "0.2.17" @@ -1194,6 +1210,12 @@ dependencies = [ "syn 2.0.104", ] +[[package]] +name = "dary_heap" +version = "0.3.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04d2cd9c18b9f454ed67da600630b021a8a80bf33f8c95896ab33aaf1c26b728" + [[package]] name = "decoded-char" version = "0.1.1" @@ -2015,7 +2037,7 @@ dependencies = [ "libc", "percent-encoding", "pin-project-lite", - "socket2 0.5.10", + "socket2 0.6.0", "tokio", "tower-service", "tracing", @@ -2158,6 +2180,29 @@ dependencies = [ "icu_properties", ] +[[package]] +name = "include-flate" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df49c16750695486c1f34de05da5b7438096156466e7f76c38fcdf285cf0113e" +dependencies = [ + "include-flate-codegen", + "lazy_static", + "libflate", +] + +[[package]] +name = "include-flate-codegen" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8c5b246c6261be723b85c61ecf87804e8ea4a35cb68be0ff282ed84b95ffe7d7" +dependencies = [ + "libflate", + "proc-macro2", + "quote", + "syn 2.0.104", +] + [[package]] name = "indexmap" version = "1.9.3" @@ -2573,6 +2618,30 @@ version = "0.2.174" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1171693293099992e19cddea4e8b849964e9846f4acee11b3948bcc337be8776" +[[package]] +name = "libflate" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45d9dfdc14ea4ef0900c1cddbc8dcd553fbaacd8a4a282cf4018ae9dd04fb21e" +dependencies = [ + "adler32", + "core2", + "crc32fast", + "dary_heap", + "libflate_lz77", +] + +[[package]] +name = "libflate_lz77" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6e0d73b369f386f1c44abd9c570d5318f55ccde816ff4b562fa452e5182863d" +dependencies = [ + "core2", + "hashbrown 0.14.5", + "rle-decode-fast", +] + [[package]] name = "libgit2-sys" version = "0.18.2+1.9.1" @@ -3737,7 +3806,7 @@ dependencies = [ "once_cell", "socket2 0.5.10", "tracing", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -4046,6 +4115,12 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "rle-decode-fast" +version = "1.0.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3582f63211428f83597b51b2ddb88e2a91a9d52d12831f9d08f5e624e8977422" + [[package]] name = "rsa" version = "0.9.8" @@ -4095,6 +4170,41 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "rust-embed" +version = "8.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "025908b8682a26ba8d12f6f2d66b987584a4a87bc024abc5bbc12553a8cd178a" +dependencies = [ + "include-flate", + "rust-embed-impl", + "rust-embed-utils", + "walkdir", +] + +[[package]] +name = "rust-embed-impl" +version = "8.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6065f1a4392b71819ec1ea1df1120673418bf386f50de1d6f54204d836d4349c" +dependencies = [ + "proc-macro2", + "quote", + "rust-embed-utils", + "syn 2.0.104", + "walkdir", +] + +[[package]] +name = "rust-embed-utils" +version = "8.7.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6cc0c81648b20b70c491ff8cce00c1c3b223bb8ed2b5d41f0e54c6c4c0a3594" +dependencies = [ + "sha2", + "walkdir", +] + [[package]] name = "rustc-demangle" version = "0.1.26" @@ -4132,7 +4242,7 @@ dependencies = [ "errno", "libc", "linux-raw-sys 0.4.15", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -4866,7 +4976,7 @@ dependencies = [ "getrandom 0.3.3", "once_cell", "rustix 1.0.8", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -5677,7 +5787,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.48.0", + "windows-sys 0.59.0", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 784d8b9..6efabaa 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -107,6 +107,7 @@ tempfile.workspace = true tokio.workspace = true bon.workspace = true users.workspace = true +rust-embed = { version = "8.7.2", features = ["debug-embed", "compression", "deterministic-timestamps"] } [features] # Top level features diff --git a/Earthfile b/Earthfile index be9d513..0f64c77 100644 --- a/Earthfile +++ b/Earthfile @@ -12,7 +12,7 @@ all: WAIT BUILD --platform=linux/amd64 --platform=linux/arm64 +prebuild END - BUILD +build + BUILD +build-images-all BUILD ./integration-tests+all run-checks: @@ -22,9 +22,6 @@ run-checks: build-images-all: BUILD --platform=linux/amd64 --platform=linux/arm64 +build-images -build-scripts-all: - BUILD --platform=linux/amd64 --platform=linux/arm64 +build-scripts - build-images: BUILD +blue-build-cli BUILD +blue-build-cli-distrobox @@ -109,32 +106,22 @@ common: rustup update WORKDIR /app - COPY --keep-ts --dir src/ template/ recipe/ utils/ process/ /app - COPY --keep-ts Cargo.* /app - COPY --keep-ts *.md /app - COPY --keep-ts LICENSE /app - COPY --keep-ts build.rs /app - COPY --keep-ts --dir .git/ /app - RUN touch build.rs + COPY --keep-ts --dir \ + build.rs \ + LICENSE \ + *.md \ + Cargo.* \ + src/ \ + template/ \ + recipe/ \ + utils/ \ + process/ \ + scripts/ \ + .git/ \ + /app DO rust+INIT --keep_fingerprints=true -build-scripts: - ARG BASE_IMAGE="alpine" - FROM $BASE_IMAGE - - COPY --platform=native (+digest/base-image-digest --BASE_IMAGE=$BASE_IMAGE) /base-image-digest - LABEL org.opencontainers.image.base.name="$BASE_IMAGE" - LABEL org.opencontainers.image.base.digest="$(cat /base-image-digest)" - - COPY --dir scripts/ / - FOR script IN "$(ls /scripts | grep -e '.*\.sh$')" - RUN echo "Making ${script} executable" && \ - chmod +x "scripts/${script}" - END - - DO --pass-args +SAVE_IMAGE --IMAGE="$IMAGE/build-scripts" - blue-build-cli-prebuild: ARG BASE_IMAGE="registry.fedoraproject.org/fedora-toolbox" FROM "$BASE_IMAGE" diff --git a/integration-tests/empty-files-repo/.gitignore b/integration-tests/empty-files-repo/.gitignore index 8703795..f183d66 100644 --- a/integration-tests/empty-files-repo/.gitignore +++ b/integration-tests/empty-files-repo/.gitignore @@ -1,3 +1,4 @@ cosign.key cosign.private +/.bluebuild* /Containerfile diff --git a/integration-tests/legacy-test-repo/.gitignore b/integration-tests/legacy-test-repo/.gitignore index 4c749b6..a56f245 100644 --- a/integration-tests/legacy-test-repo/.gitignore +++ b/integration-tests/legacy-test-repo/.gitignore @@ -1,2 +1,3 @@ /Containerfile /Containerfile.* +/.bluebuild* diff --git a/integration-tests/test-repo/.gitignore b/integration-tests/test-repo/.gitignore index 90aaf15..15cd392 100644 --- a/integration-tests/test-repo/.gitignore +++ b/integration-tests/test-repo/.gitignore @@ -1,3 +1,4 @@ /Containerfile /Containerfile.* +/.bluebuild* /secrets diff --git a/src/commands/build.rs b/src/commands/build.rs index 7b69c78..46c4431 100644 --- a/src/commands/build.rs +++ b/src/commands/build.rs @@ -1,4 +1,7 @@ -use std::path::{Path, PathBuf}; +use std::{ + env, + path::{Path, PathBuf}, +}; use blue_build_process_management::{ drivers::{ @@ -23,12 +26,12 @@ use blue_build_utils::{ use bon::Builder; use clap::Args; use log::{debug, info, trace, warn}; -use miette::{IntoDiagnostic, Result, bail}; +use miette::{Context, IntoDiagnostic, Result, bail}; use oci_distribution::Reference; use rayon::prelude::*; use tempfile::TempDir; -use crate::commands::generate::GenerateCommand; +use crate::{BuildScripts, commands::generate::GenerateCommand}; use super::BlueBuildCommand; @@ -186,6 +189,16 @@ impl BlueBuildCommand for BuildCommand { recipes.into_iter().filter(|recipe| same.insert(recipe.clone())).collect() }); + let build_scripts_dir = BuildScripts::extract_mount_dir()?; + let build_scripts_dir = build_scripts_dir + .path() + .strip_prefix( + env::current_dir() + .into_diagnostic() + .wrap_err("Failed to get current_dir")?, + ) + .into_diagnostic() + .wrap_err("Failed to strip path prefix for build scripts dir")?; recipe_paths.par_iter().try_for_each(|recipe| { GenerateCommand::builder() @@ -196,6 +209,7 @@ impl BlueBuildCommand for BuildCommand { ) .skip_validation(self.skip_validation) .maybe_platform(self.platform) + .build_scripts_dir(build_scripts_dir) .recipe(recipe) .drivers(self.drivers) .build() diff --git a/src/commands/generate.rs b/src/commands/generate.rs index 0f5c60b..60bf416 100644 --- a/src/commands/generate.rs +++ b/src/commands/generate.rs @@ -1,5 +1,4 @@ use std::{ - env, ops::Not, path::{Path, PathBuf}, }; @@ -10,19 +9,16 @@ use blue_build_process_management::drivers::{ use blue_build_recipe::Recipe; use blue_build_template::{ContainerFileTemplate, Template}; use blue_build_utils::{ - constants::{ - BB_SKIP_VALIDATION, BUILD_SCRIPTS_IMAGE_REF, CONFIG_PATH, RECIPE_FILE, RECIPE_PATH, - }, + constants::{BB_SKIP_VALIDATION, CONFIG_PATH, RECIPE_FILE, RECIPE_PATH}, syntax_highlighting::{self, DefaultThemes}, }; use bon::Builder; -use cached::proc_macro::cached; -use clap::{Args, crate_version}; +use clap::Args; use log::{debug, info, trace, warn}; use miette::{IntoDiagnostic, Result}; use oci_distribution::Reference; -use crate::{commands::validate::ValidateCommand, shadow}; +use crate::commands::validate::ValidateCommand; use super::BlueBuildCommand; @@ -80,6 +76,10 @@ pub struct GenerateCommand { #[builder(default)] skip_validation: bool, + #[clap(skip)] + #[builder(into)] + build_scripts_dir: Option, + #[clap(flatten)] #[builder(default)] drivers: DriverArgs, @@ -149,12 +149,15 @@ impl GenerateCommand { .build(), )? .digest; - let build_scripts_image = &determine_scripts_tag(self.platform)?; let repo = &Driver::get_repo_url()?; let build_features = &[ #[cfg(feature = "bootc")] "bootc".into(), ]; + let build_scripts_dir = self + .build_scripts_dir + .as_deref() + .unwrap_or_else(|| Path::new(".bluebuild-scripts")); let template = ContainerFileTemplate::builder() .os_version( @@ -168,7 +171,7 @@ impl GenerateCommand { .recipe_path(recipe_path.as_path()) .registry(®istry) .repo(repo) - .build_scripts_image(build_scripts_image) + .build_scripts_dir(build_scripts_dir) .base_digest(base_digest) .maybe_nushell_version(recipe.nushell_version.as_ref()) .build_features(build_features) @@ -188,40 +191,3 @@ impl GenerateCommand { Ok(()) } } - -#[cached( - result = true, - key = "Option", - convert = r#"{ platform }"#, - sync_writes = "by_key" -)] -fn determine_scripts_tag(platform: Option) -> Result { - trace!("determine_scripts_tag({platform:?})"); - - let opts = GetMetadataOpts::builder().maybe_platform(platform); - format!("{BUILD_SCRIPTS_IMAGE_REF}:{}", shadow::COMMIT_HASH) - .parse() - .into_diagnostic() - .and_then(|image| { - Driver::get_metadata(opts.clone().image(&image).build()) - .inspect_err(|e| trace!("{e:?}")) - .map(|_| image) - }) - .or_else(|_| { - let image: Reference = format!("{BUILD_SCRIPTS_IMAGE_REF}:{}", shadow::BRANCH) - .parse() - .into_diagnostic()?; - Driver::get_metadata(opts.clone().image(&image).build()) - .inspect_err(|e| trace!("{e:?}")) - .map(|_| image) - }) - .or_else(|_| { - let image: Reference = format!("{BUILD_SCRIPTS_IMAGE_REF}:v{}", crate_version!()) - .parse() - .into_diagnostic()?; - Driver::get_metadata(opts.image(&image).build()) - .inspect_err(|e| trace!("{e:?}")) - .map(|_| image) - }) - .inspect(|image| debug!("Using build scripts image: {image}")) -} diff --git a/src/lib.rs b/src/lib.rs index f12e4e3..d7b5e89 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,6 +1,89 @@ //! The root library for blue-build. #![doc = include_str!("../README.md")] -shadow_rs::shadow!(shadow); +use std::{ + fs::{self, OpenOptions}, + io::{Read, Write}, + ops::Not, + os::unix::fs::PermissionsExt, +}; + +use blue_build_utils::constants::{BLUE_BUILD_SCRIPTS_DIR_IGNORE, GITIGNORE_PATH}; +use miette::{Context, IntoDiagnostic, Result, miette}; +use rust_embed::Embed; +use tempfile::TempDir; pub mod commands; + +shadow_rs::shadow!(shadow); + +#[derive(Embed)] +#[folder = "scripts/"] +pub(crate) struct BuildScripts; + +impl BuildScripts { + pub fn extract_mount_dir() -> Result { + Self::update_gitignore()?; + + let tempdir = TempDir::with_prefix_in(".bluebuild-scripts_", ".") + .into_diagnostic() + .wrap_err("Failed to create tempdir for build scripts.")?; + + for file_path in Self::iter() { + let file = Self::get(file_path.as_ref()) + .ok_or_else(|| miette!("Failed to get file {file_path}"))?; + let file_path = tempdir.path().join(&*file_path); + fs::write(&file_path, &file.data) + .into_diagnostic() + .wrap_err_with(|| { + format!("Failed to write build script file {}", file_path.display()) + })?; + + let mut perm = fs::metadata(&file_path) + .into_diagnostic() + .wrap_err_with(|| { + format!( + "Failed to get file permissions for file {}", + file_path.display() + ) + })? + .permissions(); + + perm.set_mode(0o755); + fs::set_permissions(&file_path, perm).into_diagnostic()?; + } + + Ok(tempdir) + } + + fn update_gitignore() -> Result<()> { + let file = &mut OpenOptions::new() + .read(true) + .append(true) + .create(true) + .open(GITIGNORE_PATH) + .into_diagnostic() + .wrap_err_with(|| format!("Failed to open {GITIGNORE_PATH} for editing"))?; + + let ignore_contents = { + let mut cont = String::new(); + file.read_to_string(&mut cont) + .into_diagnostic() + .wrap_err_with(|| format!("Failed to read {GITIGNORE_PATH}"))?; + cont + }; + + if ignore_contents + .contains(BLUE_BUILD_SCRIPTS_DIR_IGNORE) + .not() + { + writeln!(file, "{BLUE_BUILD_SCRIPTS_DIR_IGNORE}") + .into_diagnostic() + .wrap_err_with(|| { + format!("Failed to add {BLUE_BUILD_SCRIPTS_DIR_IGNORE} to {GITIGNORE_PATH}") + })?; + } + + Ok(()) + } +} diff --git a/template/src/lib.rs b/template/src/lib.rs index b9e3e19..7bc8a2e 100644 --- a/template/src/lib.rs +++ b/template/src/lib.rs @@ -9,7 +9,6 @@ use bon::Builder; use chrono::Utc; use colored::control::ShouldColorize; use log::{debug, error, trace, warn}; -use oci_distribution::Reference; use uuid::Uuid; pub use askama::Template; @@ -25,7 +24,7 @@ pub struct ContainerFileTemplate<'a> { build_id: Uuid, os_version: u64, registry: &'a str, - build_scripts_image: &'a Reference, + build_scripts_dir: &'a Path, repo: &'a str, base_digest: &'a str, nushell_version: Option<&'a MaybeVersion>, diff --git a/template/templates/Containerfile.j2 b/template/templates/Containerfile.j2 index 7b84571..3260a43 100644 --- a/template/templates/Containerfile.j2 +++ b/template/templates/Containerfile.j2 @@ -40,12 +40,12 @@ RUN --mount=type=bind,from={{ blue_build_utils::constants::NUSHELL_IMAGE }}:{{ g && cp -r /tmp/nu/* /usr/libexec/bluebuild/nu/ {%- endif %} -RUN --mount=type=bind,from={{ build_scripts_image }},src=/scripts/,dst=/scripts/ \ +RUN --mount=type=bind,src={{ build_scripts_dir.display() }},dst=/scripts/ \ /scripts/pre_build.sh {% call modules::main_modules_run(recipe.modules_ext, os_version) %} -RUN --mount=type=bind,from={{ build_scripts_image }},src=/scripts/,dst=/scripts/ \ +RUN --mount=type=bind,src={{ build_scripts_dir.display() }},dst=/scripts/ \ /scripts/post_build.sh # Labels are added last since they cause cache misses with buildah diff --git a/template/templates/modules/modules.j2 b/template/templates/modules/modules.j2 index 63fc7d1..54bfdd7 100644 --- a/template/templates/modules/modules.j2 +++ b/template/templates/modules/modules.j2 @@ -33,7 +33,7 @@ RUN \ {%- if module.module_type.typ() == "akmods" %} --mount=type=bind,from=stage-akmods-{{ module.generate_akmods_info(os_version).stage_name }},src=/rpms,dst=/tmp/rpms,rw \ {%- endif %} - --mount=type=bind,from={{ build_scripts_image }},src=/scripts/,dst=/tmp/scripts/ \ + --mount=type=bind,src={{ build_scripts_dir.display() }},dst=/tmp/scripts/ \ --mount=type=cache,dst=/var/cache/rpm-ostree,id=rpm-ostree-cache-{{ recipe.name }}-{{ recipe.image_version }},sharing=locked \ --mount=type=cache,dst=/var/cache/libdnf5,id=dnf-cache-{{ recipe.name }}-{{ recipe.image_version }},sharing=locked \ {%- for secret_var in module.secrets.envs() %} @@ -78,7 +78,7 @@ RUN \ {%- else %} --mount=type=bind,from={{ module.get_module_image() }},src=/modules,dst=/tmp/modules,rw \ {%- endif %} - --mount=type=bind,from={{ build_scripts_image }},src=/scripts/,dst=/tmp/scripts/ \ + --mount=type=bind,src={{ build_scripts_dir.display() }},dst=/tmp/scripts/ \ {%- for secret_var in module.secrets.envs() %} {{ secret_var }} \ {%- endfor %} diff --git a/template/templates/stages.j2 b/template/templates/stages.j2 index ad0dc04..79f741b 100644 --- a/template/templates/stages.j2 +++ b/template/templates/stages.j2 @@ -62,7 +62,7 @@ COPY --from={{ blue_build_utils::constants::NUSHELL_IMAGE }}:{{ get_nu_version() # Add compatibility for modules RUN --mount=type=bind,from=stage-bins,src=/bins/,dst=/tmp/bins/ \ - --mount=type=bind,from={{ build_scripts_image }},src=/scripts/,dst=/tmp/scripts/ \ + --mount=type=bind,src={{ build_scripts_dir.display() }},dst=/tmp/scripts/ \ /tmp/scripts/setup.sh {%- if self::config_dir_exists() %} diff --git a/utils/src/constants.rs b/utils/src/constants.rs index ec27948..852deb0 100644 --- a/utils/src/constants.rs +++ b/utils/src/constants.rs @@ -8,6 +8,7 @@ pub const CONTAINER_FILE: &str = "Containerfile"; pub const COSIGN_PUB_PATH: &str = "./cosign.pub"; pub const COSIGN_PRIV_PATH: &str = "./cosign.key"; pub const FILES_PATH: &str = "./files"; +pub const GITIGNORE_PATH: &str = "./.gitignore"; pub const LOCAL_BUILD: &str = "/etc/bluebuild"; pub const MODULES_PATH: &str = "./config/modules"; pub const RECIPE_FILE: &str = "recipe.yml"; @@ -81,6 +82,7 @@ pub const BLUE_BUILD: &str = "bluebuild"; pub const BUILD_SCRIPTS_IMAGE_REF: &str = "ghcr.io/blue-build/cli/build-scripts"; pub const BLUE_BUILD_IMAGE_REF: &str = "ghcr.io/blue-build/cli"; pub const BLUE_BUILD_MODULE_IMAGE_REF: &str = "ghcr.io/blue-build/modules"; +pub const BLUE_BUILD_SCRIPTS_DIR_IGNORE: &str = "/.bluebuild-scripts_*"; pub const COSIGN_IMAGE: &str = "ghcr.io/sigstore/cosign/cosign:v2.5.3"; pub const NUSHELL_IMAGE: &str = "ghcr.io/blue-build/nushell-image"; pub const OCI_ARCHIVE: &str = "oci-archive";