Skip to content

Commit

Permalink
Merge pull request #30 from DavHau/aarch64
Browse files Browse the repository at this point in the history
add support for aarch64
  • Loading branch information
DavHau authored Jan 27, 2022
2 parents fc568fb + ceb4c1c commit a53a3f3
Show file tree
Hide file tree
Showing 5 changed files with 113 additions and 28 deletions.
21 changes: 17 additions & 4 deletions .github/workflows/nix-portable.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

name: "Build"
name: "build and test"
on:
pull_request:
push:
Expand All @@ -10,6 +10,10 @@ jobs:

build:
runs-on: ubuntu-latest
strategy:
matrix:
system: [ x86_64-linux, aarch64-linux ]

steps:

- uses: actions/checkout@v2
Expand All @@ -28,7 +32,16 @@ jobs:
name: nix-portable
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

- run: nix build -L .
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
image: tonistiigi/binfmt@sha256:8de6f2decb92e9001d094534bf8a92880c175bd5dfb4a9d8579f26f09821cfa2
platforms: all

- name: Install binfmt support
run: sudo apt-get install -y

- run: 'nix build --option extra-platforms ${{ matrix.system }} -L .#defaultPackage.${{ matrix.system }}'

- name: Archive result
uses: actions/upload-artifact@v2
Expand All @@ -47,7 +60,7 @@ jobs:
matrix:
# qemu_os: [ arch, centos7, centos8, debian, nixos, ubuntu ]
# TODO: fix and re-activate tests
qemu_os: [ centos7, debian, ubuntu ]
qemu_os: [ centos7, debian, ubuntu, debian-aarch64 ]
steps:

- uses: actions/checkout@v2
Expand All @@ -66,7 +79,7 @@ jobs:
name: nix-portable
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

- run: nix run -L .#job-qemu-${{ matrix.qemu_os }}
- run: 'nix run -L .#job-qemu-${{ matrix.qemu_os }}'



Expand Down
17 changes: 13 additions & 4 deletions default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -16,26 +16,32 @@ with builtins;
pkgs ? import <nixpkgs> {},
xz ? pkgs.pkgsStatic.xz,
zstd ? pkgs.pkgsStatic.zstd,

buildSystem ? builtins.currentSystem,
...
}@inp:
with lib;
let

nixpkgsSrc = pkgs.path;

pkgsBuild = import pkgs.path { system = buildSystem; };

# TODO: git could be more minimal via:
# perlSupport=false; guiSupport=false; nlsSupport=false;
gitAttribute = "gitMinimal";
git = pkgs."${gitAttribute}";

maketar = targets:
pkgs.stdenv.mkDerivation {
pkgsBuild.stdenv.mkDerivation {
name = "maketar";
nativeBuildInputs = [ perl zstd ];
nativeBuildInputs = [ pkgsBuild.perl pkgsBuild.zstd ];
exportReferencesGraph = map (x: [("closure-" + baseNameOf x) x]) targets;
buildCommand = ''
storePaths=$(perl ${pkgs.pathsFromGraph} ./closure-*)
storePaths=$(perl ${pkgsBuild.pathsFromGraph} ./closure-*)
mkdir $out
echo $storePaths > $out/index
cp -r ${pkgs.closureInfo { rootPaths = targets; }} $out/closureInfo
cp -r ${pkgsBuild.closureInfo { rootPaths = targets; }} $out/closureInfo
tar -cf - \
--owner=0 --group=0 --mode=u+rw,uga+r \
Expand Down Expand Up @@ -76,6 +82,9 @@ let
runtimeScript = ''
#!/usr/bin/env bash
# there seem to be less issues with proot when disabling seccomp
export PROOT_NO_SECCOMP=\''${PROOT_NO_SECCOMP:-1}
set -e
if [ -n "\$NP_DEBUG" ] && [ "\$NP_DEBUG" -ge 2 ]; then
set -x
Expand Down
77 changes: 60 additions & 17 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

lib = inp.nixpkgs.lib;

supportedSystems = [ "x86_64-linux" ];
supportedSystems = [ "x86_64-linux" "aarch64-linux" "armv7l-linux" ];

forAllSystems = f: genAttrs supportedSystems
(system: f system (import inp.nixpkgs { inherit system; }));
Expand All @@ -28,6 +28,7 @@
# After adding a new system, don't forget to add the name also in ./.github/workflows
testImages = {
arch = {
system = "x86_64-linux";
url = "https://mirror.pkgbuild.com/images/v20211201.40458/Arch-Linux-x86_64-basic-20211201.40458.qcow2";
sha256 = "0xxhb92rn2kskq9pvfmbf9h6fy75x4czl58rfq5969kbbb49yn19";
extraVirtCustomizeCommands = [
Expand All @@ -36,35 +37,57 @@
];
};
centos7 = {
system = "x86_64-linux";
url = "https://cloud.centos.org/altarch/7/images/CentOS-7-x86_64-GenericCloud-2009.qcow2c";
sha256 = "09wqzlhb858qm548ak4jj4adchxn7rgf5fq778hrc52rjqym393v";
# user namespaces are disabled on centos 7
excludeRuntimes = [ "bwrap" ];
};
centos8 = {
system = "x86_64-linux";
url = "https://cloud.centos.org/altarch/8/x86_64/images/CentOS-8-GenericCloud-8.3.2011-20201204.2.x86_64.qcow2";
sha256 = "7ec97062618dc0a7ebf211864abf63629da1f325578868579ee70c495bed3ba0";
};
debian = {
system = "x86_64-linux";
url = "https://cdimage.debian.org/cdimage/openstack/archive/10.9.0/debian-10.9.0-openstack-amd64.qcow2";
sha256 = "0mf9k3pgzighibly1sy3cjq7c761r3akp8mlgd878lwf006vqrky";
# permissions for user namespaces not enabled by default
excludeRuntimes = [ "bwrap" ];
};
nixos = {
system = "x86_64-linux";
# use iso image for nixos because building a qcow2 would require KVM
img = (toString (nixosSystem {
system = "x86_64-linux";
modules = [(import ./testing/nixos-iso.nix)];
}).config.system.build.isoImage) + "/iso/nixos.iso";
};
ubuntu = {
system = "x86_64-linux";
url = "https://cloud-images.ubuntu.com/releases/focal/release-20220118/ubuntu-20.04-server-cloudimg-amd64.img";
sha256 = "05p2qbmp6sbykm1iszb2zvbwbnydqg6pdrplj9z56v3cr964s9p1";
extraVirtCustomizeCommands = [
"--copy-in ${./testing/ubuntu}/01-netplan.yaml:/etc/netplan/"
];
};

# aarch64 tests
nixos-aarch64 = {
system = "aarch64-linux";
# use iso image for nixos because building a qcow2 would require KVM
img = (toString (nixosSystem {
system = "aarch64-linux";
modules = [(import ./testing/nixos-iso.nix)];
}).config.system.build.isoImage) + "/iso/nixos.iso";
};
debian-aarch64 = {
system = "aarch64-linux";
url = "https://cdimage.debian.org/cdimage/openstack/archive/10.9.0/debian-10.9.0-openstack-arm64.qcow2";
sha256 = "0mz868j1k8jwhgg9a21dv7dr4rsy1bhklbqqw3qig06acy0vg8yi";
# permissions for user namespaces not enabled by default
excludeRuntimes = [ "bwrap" ];
};
};

commandsToTest = [
Expand Down Expand Up @@ -96,7 +119,7 @@
pkgs = pkgsDefaultChannel;

lib = inp.nixpkgs.lib;
compression = "zstd -18 -T0";
compression = "zstd -3 -T1";

nix = inp.nix.packages."${system}".nix;

Expand All @@ -106,6 +129,9 @@
perl = pkgs.pkgsBuildBuild.perl;
xz = pkgs.pkgsStatic.xz;
zstd = pkgs.pkgsStatic.zstd;

# tar crashed on emulated aarch64 system
buildSystem = "x86_64-linux";
};

in
Expand Down Expand Up @@ -139,6 +165,12 @@
img =
if testImages."${os}" ? img then testImages."${os}".img
else fetchurl { inherit (testImages."${os}") url sha256 ;};
system = testImages."${os}".system;
qemu-bin =
if pkgs.buildPlatform.system == system then
"qemu-kvm"
else
"qemu-system-${lib.head (lib.splitString "-" system)}";
in
nameValuePair
"job-qemu-${os}${optionalString debug "-debug"}"
Expand All @@ -162,28 +194,33 @@
nixPortable=${self.packages."${system}".nix-portable}/bin/nix-portable
ssh="${pkgs.openssh}/bin/ssh -p $port -i $privKey -o StrictHostKeyChecking=no test@localhost"
sshRoot="${pkgs.openssh}/bin/ssh -p $port -i $privKey -o StrictHostKeyChecking=no root@localhost"
scp="${pkgs.openssh}/bin/scp -P $port -i $privKey -o StrictHostKeyChecking=no"
setup_and_start_vm() {
cat $img > /tmp/${os}-img
if [ "${os}" != "nixos" ]; then
if [[ "${os}" != nixos* ]]; then
${pkgs.libguestfs-with-appliance}/bin/virt-customize -a /tmp/${os}-img \
--run-command 'useradd test && mkdir -p /home/test && chown test.test /home/test' \
--run-command 'ssh-keygen -A' \
--ssh-inject test:file:$pubKey \
--firstboot ${pkgs.writeScript "firstboot" "#!/usr/bin/env bash \nuseradd test && mkdir -p /home/test && chown test.test /home/test; ssh-keygen -A"} \
--ssh-inject root:file:$pubKey \
${concatStringsSep " " (testImages."${os}".extraVirtCustomizeCommands or [])} \
${optionalString debug "--root-password file:${pkgs.writeText "pw" "root"}"} \
--selinux-relabel
fi
${pkgs.qemu}/bin/qemu-kvm \
-hda /tmp/${os}-img \
-m 2500 \
cp ${pkgs.callPackage ./testing/qemu-efi.nix {}} ./QEMU_EFI.img
chmod +w ./QEMU_EFI.img
${pkgs.qemu}/bin/${qemu-bin} \
-drive file=/tmp/${os}-img \
-cpu max \
-smp 2 \
-m 4000 \
-netdev user,hostfwd=tcp::$port-:22,id=n1 \
-device virtio-net-pci,netdev=n1 \
${optionalString (! debug) "-nographic"} \
${optionalString (system == "aarch64-linux")
"-cpu cortex-a53 -machine virt -drive if=pflash,format=raw,file=./QEMU_EFI.img"} \
&
}
Expand All @@ -193,18 +230,24 @@
''}
setup_and_start_vm
while ! $ssh -o ConnectTimeout=2 true 2>/dev/null ; do
while ! $sshRoot -o ConnectTimeout=2 true 2>/dev/null ; do
echo "waiting for ssh"
sleep 1
done
# upload the nix-portable executable
${pkgs.openssh}/bin/scp -P $port -i $privKey -o StrictHostKeyChecking=no ${self.packages."${system}".nix-portable}/bin/nix-portable test@localhost:/home/test/nix-portable
echo -e "\n\ncreating tmpfs"
$sshRoot mkdir /np_tmp
$sshRoot mount -t tmpfs /bin/true /np_tmp
echo -e "\n\nsetting up machine via ssh"
$sshRoot mkdir -p /np_tmp
$sshRoot "test -e /np_tmp/.nix-portable || mount -t tmpfs -o size=3g /bin/true /np_tmp"
$sshRoot mkdir -p /home/test/.ssh
echo "uploading ssh key"
$scp ${./testing}/id_ed25519.pub root@localhost:/home/test/.ssh/authorized_keys
$sshRoot chown -R test /home/test
$sshRoot chmod 600 /home/test/.ssh/authorized_keys
echo "finished uploading ssh key"
echo "upload the nix-portable executable"
$scp ${self.packages."${system}".nix-portable}/bin/nix-portable test@localhost:/home/test/nix-portable
$ssh chmod +w /home/test/nix-portable
echo -e "\n\nstarting to test nix-portable"
Expand Down
6 changes: 3 additions & 3 deletions proot/github.nix
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,16 @@
with builtins;

let
version = "5.2.0";
version = "5.3.0";

systems = {
x86_64-linux = {
url = "https://github.com/proot-me/proot/releases/download/v${version}/proot-v${version}-x86_64-static";
sha256 = "1w729a5fz9wcxshn7vy4yg96qj59sxmd2by1gcl6nz57qjrl61pb";
sha256 = "1nmllvdhlbdlgffq6x351p0zfgv202qfy8vhf26z0v8y435j1syi";
};
aarch64-linux = {
url = "https://github.com/proot-me/proot/releases/download/v${version}/proot-v${version}-aarch64-static";
sha256 = "17ghp5n2jz38c4qk88yjc9cvdx9pcinmf2v7i7klnmzq5wzbkrzi";
sha256 = "0icaag29a6v214am4cbdyvncjs63f02lad2qrcfmnbwch6kv247s";
};
armv7l-linux = {
url = "https://github.com/proot-me/proot/releases/download/v${version}/proot-v${version}-arm-static";
Expand Down
20 changes: 20 additions & 0 deletions testing/qemu-efi.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# http://snapshots.linaro.org/components/kernel/leg-virt-tianocore-edk2-upstream/4443/QEMU-ARM/RELEASE_GCC5/QEMU_EFI.img.gz

{
fetchurl,
gzip,
runCommand,
}:

let
qemu-efi-gz = fetchurl {
url = "http://snapshots.linaro.org/components/kernel/leg-virt-tianocore-edk2-upstream/4443/QEMU-AARCH64/RELEASE_GCC5/QEMU_EFI.img.gz";
sha256 = "sha256-bOO6bsiwHaf39TWdkxOYWOw9p+/EzCkZLzi5YQPZTLY=";
};
in

runCommand "QEMU_EFI.img" {} ''
cp ${qemu-efi-gz} QEMU_EFI.img.gz
${gzip}/bin/gunzip QEMU_EFI.img.gz
mv QEMU_EFI.img $out
''

0 comments on commit a53a3f3

Please sign in to comment.