feat: use bootstrapped packages for building Talos #10307
Conversation
Update tools, pkgs and extras to use fully bootstrapped [Stageˣ]-derived toolchain for building Talos and its dependencies. This brings in changes related to root being usrmerged now, so some paths have changed. Extras have been cleaned up: use only the needed package. Addresses: siderolabs#10187 Signed-off-by: Dmitry Sharshakov <[email protected]>
| ${PREFIX}/usr/libexec/getconf \ | ||
| ${PREFIX}/var/db | ||
|
|
||
| # Remove contents of /usr/bin except for udevadm | ||
| find ${PREFIX}/usr/bin \( -type f -o -type l \) ! -name udevadm -delete | ||
| # find ${PREFIX}/usr/bin \( -type f -o -type l \) ! -name udevadm -delete |
There was a problem hiding this comment.
Actually, some stuff like c_rehash and openssl aren't necessary. We should examine and remove unnecessary binaries from packages (or copy /usr/lib only for some)
There was a problem hiding this comment.
(cleanup was disabled as we now install containerd there, as /bin is a symlink now)
There was a problem hiding this comment.
squashfs tree (main dirs only)
.
├── bin -> usr/bin
├── boot
│ └── EFI
├── dev
├── etc
│ ├── ca-certificates -> /etc/ssl
│ ├── cni
│ │ └── net.d
│ ├── containerd
│ ├── cri
│ │ └── conf.d
│ ├── iscsi
│ ├── kubernetes
│ │ └── manifests
│ ├── lvm
│ │ └── profile
│ ├── nvme
│ ├── pki -> /etc/ssl
│ ├── selinux
│ │ └── targeted
│ └── ssl
│ └── certs
├── lib -> usr/lib
├── lib64 -> usr/lib
├── mnt
├── opt
│ ├── cni
│ │ └── bin
│ └── containerd
│ ├── bin
│ └── lib
├── proc
├── root
├── run
│ └── lock
├── sbin -> usr/sbin
├── sys
├── system
├── tmp
├── usr
│ ├── bin
│ ├── etc
│ ├── include
│ ├── lib
│ │ ├── cryptsetup
│ │ ├── engines-3
│ │ ├── firmware
│ │ ├── modules
│ │ ├── ossl-modules
│ │ ├── systemd
│ │ ├── udev
│ │ └── xtables
│ ├── lib64 -> lib
│ ├── libexec
│ │ └── kubernetes
│ ├── local
│ │ ├── lib
│ │ └── share
│ ├── sbin
│ ├── share
│ │ ├── ca-certificates -> /etc/ssl
│ │ └── zoneinfo
│ ├── src
│ └── var
│ └── lib
└── var
├── lock -> ../run/lock
├── log
├── mail
├── run -> ../run
├── spool
└── tmp
|
|
||
| xargs -a modules-arm64.txt -I {} install -D lib/modules/${KERNEL_VERSION}/{} /build/lib/modules/${KERNEL_VERSION}/{} | ||
| xargs -a modules-arm64.txt -I {} install -D usr/lib/modules/${KERNEL_VERSION}/{} /build/usr/lib/modules/${KERNEL_VERSION}/{} |
There was a problem hiding this comment.
This change would need a quirk, as it would affect how we merge kernel modules when installing extensions
There was a problem hiding this comment.
quirk in what component? and yes, this is going to be a breaking change as extensions are now disallowed to have /lib on their rootfs
There was a problem hiding this comment.
quirk in Talos/imager/Image Factory, as Image Factory handles any version of Talos
Update tools, pkgs and extras to use fully bootstrapped [Stageˣ]-derived toolchain for building Talos and its dependencies.
This brings in changes related to root being usrmerged now, so some paths have changed. Extras have been cleaned up: use only the needed package.
Addresses: #10187
Signed-off-by: Dmitry Sharshakov [email protected]