1 files changed, 70 insertions, 33 deletions
diff --git a/scripts/image-build/build-vyos-image b/scripts/image-build/build-vyos-image
index a9294f38..1fc2c6c3 100755
--- a/scripts/image-build/build-vyos-image
+++ b/scripts/image-build/build-vyos-image
@@ -25,6 +25,7 @@ import copy
 import uuid
 import glob
 import json
+import base64
 import shutil
 import argparse
 import datetime
@@ -62,7 +63,7 @@ except Exception as e:
 # Checkout vyos-1x under build directory
 try:
     branch_name = build_defaults['vyos_branch']
-    url_vyos_1x = 'https://github.com/vyos/vyos-1x'
+    url_vyos_1x = os.getenv('VYOS1X_REPO_URL', default='https://github.com/vyos/vyos-1x')
     path_vyos_1x = os.path.join(defaults.BUILD_DIR, 'vyos-1x')
     try:
         repo_vyos_1x = git.Repo.clone_from(url_vyos_1x, path_vyos_1x, no_checkout=True)
@@ -191,9 +192,10 @@ if __name__ == "__main__":
        'pbuilder-debian-mirror': ('Debian repository mirror for pbuilder env bootstrap', None),
        'vyos-mirror': ('VyOS package mirror', None),
        'build-type': ('Build type, release or development', lambda x: x in ['release', 'development']),
-       'version': ('Version number (release builds only)', None),
+       'version': ('Version string', None),
        'build-comment': ('Optional build comment', None),
-       'build-hook-opts': ('Custom options for the post-build hook', None)
+       'build-hook-opts': ('Custom options for the post-build hook', None),
+       'bootloaders': ('Bootloaders to include in the image', None)
     }
 
     # Create the option parser
@@ -259,28 +261,24 @@ if __name__ == "__main__":
     pre_build_config = merge_defaults(args, defaults=pre_build_config, skip_none=True)
 
     # Some fixup for mirror settings.
-    # The idea is: if --debian-mirror is specified but --pbuilder-debian-mirror is not,
-    # use the --debian-mirror value for both lb and pbuilder bootstrap
-    if pre_build_config['debian_mirror'] is None or pre_build_config['debian_security_mirror'] is None:
-        print("E: debian_mirror and debian_security_mirror cannot be empty")
+    # The idea is: if --debian-mirror is specified
+    # but --pbuilder-debian-mirror or --debian-security-mirror are not,
+    # use the --debian-mirror value for those
+    if pre_build_config['debian_mirror'] is None:
+        print("E: debian_mirror must be specified")
         sys.exit(1)
 
     if pre_build_config['pbuilder_debian_mirror'] is None:
-        args['pbuilder_debian_mirror'] = pre_build_config['pbuilder_debian_mirror'] = pre_build_config['debian_mirror']
-
-    # Version can only be set for release builds,
-    # for dev builds it hardly makes any sense
-    if pre_build_config['build_type'] == 'development':
-        if args['version'] is not None:
-            print("E: Version can only be set for release builds")
-            print("Use --build-type=release option if you want to set version number")
-            sys.exit(1)
+        pre_build_config['pbuilder_debian_mirror'] = pre_build_config['debian_mirror']
+
+    if pre_build_config['debian_security_mirror'] is None:
+        pre_build_config['debian_security_mirror'] = pre_build_config['debian_mirror']
 
     # Validate characters in version name
-    if 'version' in args and args['version'] != None:
+    if args.get('version'):
         allowed = string.ascii_letters + string.digits + '.' + '-' + '+'
         if not set(args['version']) <= set(allowed):
-            print(f'Version contained illegal character(s), allowed: {allowed}')
+            print(f'Version string contains illegal character(s), allowed: {allowed}')
             sys.exit(1)
 
     ## Inject some useful hardcoded options
@@ -306,6 +304,11 @@ if __name__ == "__main__":
     build_config = merge_defaults(flavor_config, defaults=build_config)
     build_config = merge_defaults(args, defaults=build_config, skip_none=True)
 
+    # If Debian mirror is specified explicitly but Debian security mirror is not,
+    # assume that the user wants to use that mirror for security updates as well.
+    if (args['debian_mirror'] is not None) and (args['debian_security_mirror'] is None):
+        build_config['debian_security_mirror'] = args['debian_mirror']
+
     ## Rename and merge some fields for simplicity
     ## E.g. --custom-packages is for the user, but internally
     ## it's added to the same package list as everything else
@@ -326,6 +329,10 @@ if __name__ == "__main__":
         print("E: image format is not specified in the build flavor file")
         sys.exit(1)
 
+    ## Override bootloaders if specified
+    if args['bootloaders'] is not None:
+        build_config['bootloaders'] = args['bootloaders']
+
     ## Add default boot settings if needed
     if "boot_settings" not in build_config:
         build_config["boot_settings"] = defaults.boot_settings
@@ -412,8 +419,10 @@ if __name__ == "__main__":
             build_git = ""
             git_branch = ""
 
-        # Create the build version string
-        if build_config['build_type'] == 'development':
+        # Create the build version string, if it's not explicitly given
+        if build_config.get('version'):
+            version = build_config['version']
+        else:
             try:
                 if not git_branch:
                     raise ValueError("git branch could not be determined")
@@ -428,9 +437,6 @@ if __name__ == "__main__":
             except Exception as e:
                 print("W: Could not build a version string specific to git branch, falling back to default: {0}".format(str(e)))
                 version = "999.{0}".format(build_timestamp)
-        else:
-            # Release build, use the version from ./configure arguments
-            version = build_config['version']
 
         version_data = {
             'version': version,
@@ -503,8 +509,9 @@ DOCUMENTATION_URL="{build_config['documentation_url']}"
         ## Create live-build configuration files
 
         # Add the additional repositories to package lists
-        print("I: Setting up additional APT entries")
+        print("I: Setting up VyOS repository APT entries")
         vyos_repo_entry = "deb {vyos_mirror} {vyos_branch} main\n".format(**build_config)
+        vyos_repo_entry += "deb-src {vyos_mirror} {vyos_branch} main\n".format(**build_config)
 
         apt_file = defaults.VYOS_REPO_FILE
 
@@ -516,10 +523,36 @@ DOCUMENTATION_URL="{build_config['documentation_url']}"
             f.write(vyos_repo_entry)
 
         # Add custom APT entries
+        print("I: Setting up additional APT entries")
         if build_config.get('additional_repositories', False):
-            build_config['custom_apt_entry'] += build_config['additional_repositories']
+            for r in build_config['additional_repositories']:
+                repo_data = build_config['additional_repositories'][r]
+
+                url = repo_data.get('url', None)
+                arch = repo_data.get('architecture', None)
+                distro = repo_data.get('distribution', build_config['debian_distribution'])
+                components = repo_data.get('components', 'main')
+
+                if not url:
+                    print(f'E: repository {r} does not specify URL')
+                    sys.exit(1)
+
+                if arch:
+                    arch_string = f'[arch={arch}]'
+                else:
+                    arch_string = ''
+
+                entry = f'deb {arch_string} {url} {distro} {components}'
+                build_config['custom_apt_entry'].append(entry)
+
+                if not repo_data.get('no_source', False):
+                    src_entry = f'deb-src {url} {distro} {components}'
+                    build_config['custom_apt_entry'].append(src_entry)
+
+                if repo_data.get('key', None):
+                    build_config['custom_apt_keys'].append({'name': r, 'key': repo_data['key']})
 
-        if build_config.get('custom_apt_entry', False):
+        if build_config.get('custom_apt_entry', []):
             custom_apt_file = defaults.CUSTOM_REPO_FILE
             entries = "\n".join(build_config['custom_apt_entry'])
             if debug:
@@ -530,11 +563,13 @@ DOCUMENTATION_URL="{build_config['documentation_url']}"
                 f.write("\n")
 
         # Add custom APT keys
-        if has_nonempty_key(build_config, 'custom_apt_key'):
+        if has_nonempty_key(build_config, 'custom_apt_keys'):
             key_dir = defaults.ARCHIVES_DIR
-            for k in build_config['custom_apt_key']:
-                dst_name = '{0}.key.chroot'.format(os.path.basename(k))
-                shutil.copy(k, os.path.join(key_dir, dst_name))
+            for k in build_config['custom_apt_keys']:
+                dst_name = '{0}.key.chroot'.format(k['name'])
+                with open(os.path.join(key_dir, dst_name), 'bw') as f:
+                    key_data = base64.b64decode(k['key'])
+                    f.write(key_data)
 
         # Add custom packages
         if has_nonempty_key(build_config, 'packages'):
@@ -644,7 +679,7 @@ Pin-Priority: 600
     # If not, build additional flavors from the ISO.
     if build_config["image_format"] != ["iso"]:
         # For all non-iso formats, we always build a raw image first
-        raw_image = raw_image.create_raw_image(build_config, iso_file, "tmp/")
+        version_data, raw_image = raw_image.create_raw_image(build_config, iso_file, "tmp/")
         manifest['artifacts'].append(raw_image)
 
         # If there are other formats in the flavor, the assumptions is that
@@ -674,8 +709,10 @@ Pin-Priority: 600
                 hook_opts = build_config["build_hook_opts"]
             else:
                 hook_opts = ""
-            custom_image = rc_cmd(f"./build_hook {raw_image} {build_config['version']} \
-              {build_config['architecture']} {hook_opts}")
+            build_hook_command = f"./build_hook {raw_image} {version_data['version']} \
+              {build_config['architecture']} {hook_opts}"
+            print(f'I: executing build hook command: {build_hook_command}')
+            custom_image = rc_cmd(build_hook_command)
             manifest['artifacts'].append(custom_image)
 
     # Filter out unwanted files from the artifact list