File: HOWTO.add_another_format

package info (click to toggle)
obs-build 20180831-2
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 2,396 kB
  • sloc: perl: 10,030; sh: 3,142; ansic: 284; makefile: 151; python: 35
file content (99 lines) | stat: -rw-r--r-- 3,535 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

How to add another build format
===============================

To support yet another package format to be used with standalone build
script and Open Build Service you need to follow these steps:

Let's call the new format "XYZ" here.

General notes about the implementations. There are two areas:

SAFE implementations:
 Some code runs outside of protected environments like KVM. Therefore
this code must be implemented with security in mind. Special crafted
build descriptions or binary files must not be able to exploit this code.
What makes it even more interessting is that this code can also run
on all kind of old or obscure systems. So any external dependency should
be avoided as well. 
This means in short:
 - code must be as simple as possible.
 - code must not allow to execute random commands or to access random files.
 - avoid external dependencies. When you look for a simple XML parser
   check the kiwi support for this.
 - code must stay compatible for all versions

Build code running inside of environment.
 - using any tool is fine here. However, the tool must be installed
   somehow into the build system. In best case via some dependency.
 - Incompatible changes can be implemented inside of these packages
   pulled into the build environment.
 - external network access is not possible here.


1) Implement the parse() function into Build/XYZ.pm

   parse() extracts the build dependecies from the build specification.
   For RPM this would be the <package>.spec file for example.

   Must be a SAFE implementation.

2) Add a query() function to Build/XYZ.pm

   query() extracts information from built packages. In the rpm world
   these are the .rpm files.
   query returns a hash containing:
       name, epoch, version, release, arch, description,
       provides, requires, hdrmd5

   hdrmd5 is some unique identifier of the package built, it might be 
   just a md5 over the entire file.

   Must be a SAFE implementation.

3) Add a queryhdrmd5() function

   this functions is a specialized version of query(), it just returns
   the hdrmd5

   Must be a SAFE implementation.

4) Add a verscmp() function

   verscmp() compares two package version strings. For rpms, a version has
   the form [epoch:]version-release

   Must be a SAFE implementation.

5) Implement build-pkg-xyz functions

   Those functions are used to setup the build environment. I.e. they
   need to install/unpack the packages

   Must be a SAFE implementation for the pre-installation part. Afterwards
   it is fine to use any tool to install the packages (like rpm itself).

6) Implement build-recipe-xyz functions

   This functions are called to create the build result

7) For standalone build support (actually not needed for OBS integration, but
   it makes development easier) we need a "createxyzdeps" helper script.
   For xyz://<...> repos it needs to download the repository metadata
   and convert it to build's representation. See createyastdeps and createrepomddeps.


Special notes for non-OSS systems
=================================

Systems like MS-Windows, MacOSX or SunOS could be support as well. However, these
systems can not be installed by packages from scratch. So using preinstallimages
would be mandatory here. Support for that exists in general already inside of 
the code.

Special notes for image formats
===============================

Image formats can usually skip 2) 3) and 4) from the items above. At least as long
as they do not want to build new images based on former created ones.