Integrate FreeBSD image generation with system layer

tests/system/materialize-phase8-system-image.scm

@@ -0,0 +1,103 @@
+(use-modules (fruix system freebsd)
+             (ice-9 format)
+             (ice-9 pretty-print)
+             (ice-9 popen)
+             (srfi srfi-13)
+             (rnrs io ports))
+
+(define workdir
+  (or (getenv "WORKDIR")
+      (error "WORKDIR environment variable is required")))
+(define os-file
+  (or (getenv "OS_FILE")
+      (error "OS_FILE environment variable is required")))
+(define store-dir
+  (or (getenv "STORE_DIR")
+      "/frx/store"))
+(define guile-prefix
+  (or (getenv "GUILE_PREFIX")
+      "/tmp/guile-freebsd-validate-install"))
+(define guile-extra-prefix
+  (or (getenv "GUILE_EXTRA_PREFIX")
+      "/tmp/guile-gnutls-freebsd-validate-install"))
+(define shepherd-prefix
+  (or (getenv "SHEPHERD_PREFIX")
+      "/tmp/shepherd-freebsd-validate-install"))
+(define metadata-file
+  (string-append workdir "/phase8-system-image-metadata.txt"))
+
+(define (trim-trailing-newlines str)
+  (let loop ((len (string-length str)))
+    (if (and (> len 0)
+             (char=? (string-ref str (- len 1)) #\newline))
+        (loop (- len 1))
+        (substring str 0 len))))
+
+(define (command-output program . args)
+  (let* ((port (apply open-pipe* OPEN_READ program args))
+         (output (get-string-all port))
+         (status (close-pipe port)))
+    (unless (zero? status)
+      (error "command failed" program args status))
+    (trim-trailing-newlines output)))
+
+(define (assert-exists path)
+  (unless (file-exists? path)
+    (error "required path missing" path)))
+
+(primitive-load os-file)
+(validate-operating-system phase7-operating-system)
+
+(let* ((image-a (materialize-bhyve-image phase7-operating-system
+                                         #:store-dir store-dir
+                                         #:guile-prefix guile-prefix
+                                         #:guile-extra-prefix guile-extra-prefix
+                                         #:shepherd-prefix shepherd-prefix))
+       (image-b (materialize-bhyve-image phase7-operating-system
+                                         #:store-dir store-dir
+                                         #:guile-prefix guile-prefix
+                                         #:guile-extra-prefix guile-extra-prefix
+                                         #:shepherd-prefix shepherd-prefix))
+       (image-store-path (assoc-ref image-a 'image-store-path))
+       (image-store-path-rebuild (assoc-ref image-b 'image-store-path))
+       (disk-image (assoc-ref image-a 'disk-image))
+       (esp-image (assoc-ref image-a 'esp-image))
+       (root-image (assoc-ref image-a 'root-image))
+       (closure-path (assoc-ref image-a 'closure-path))
+       (image-spec (assoc-ref image-a 'image-spec))
+       (store-items (assoc-ref image-a 'store-items))
+       (raw-sha256 (command-output "sha256" "-q" disk-image))
+       (image-size-bytes (command-output "stat" "-f" "%z" disk-image)))
+  (for-each assert-exists
+            (list image-store-path disk-image esp-image root-image
+                  (string-append image-store-path "/image-spec.scm")
+                  (string-append image-store-path "/closure-path")
+                  (string-append image-store-path "/.references")
+                  (string-append image-store-path "/.fruix-package")))
+  (unless (string=? image-store-path image-store-path-rebuild)
+    (error "image store path was not reproducible" image-store-path image-store-path-rebuild))
+  (call-with-output-file metadata-file
+    (lambda (port)
+      (format port "store_dir=~a~%" store-dir)
+      (format port "image_store_path=~a~%" image-store-path)
+      (format port "image_store_path_rebuild=~a~%" image-store-path-rebuild)
+      (format port "disk_image=~a~%" disk-image)
+      (format port "esp_image=~a~%" esp-image)
+      (format port "root_image=~a~%" root-image)
+      (format port "closure_path=~a~%" closure-path)
+      (format port "store_item_count=~a~%" (length store-items))
+      (format port "raw_sha256=~a~%" raw-sha256)
+      (format port "image_size_bytes=~a~%" image-size-bytes)
+      (format port "image_spec=~a~%"
+              (string-map (lambda (ch) (if (char=? ch #\newline) #\space ch))
+                          (with-output-to-string
+                            (lambda ()
+                              (pretty-print image-spec)))))))
+  (when (getenv "METADATA_OUT")
+    (copy-file metadata-file (getenv "METADATA_OUT")))
+  (format #t "PASS phase8-system-image-materialization~%")
+  (format #t "Metadata file: ~a~%" metadata-file)
+  (when (getenv "METADATA_OUT")
+    (format #t "Copied metadata to: ~a~%" (getenv "METADATA_OUT")))
+  (display "--- metadata ---\n")
+  (display (call-with-input-file metadata-file get-string-all)))

tests/system/run-phase8-system-image.sh

@@ -0,0 +1,172 @@
+#!/bin/sh
+set -eu
+
+project_root=${PROJECT_ROOT:-$(pwd)}
+guix_source_dir=${GUIX_SOURCE_DIR:-"$HOME/repos/guix"}
+script_dir=$(CDPATH= cd -- "$(dirname "$0")" && pwd)
+runner_scm=$script_dir/materialize-phase8-system-image.scm
+os_file=$script_dir/phase7-minimal-operating-system.scm
+guile_bin=${GUILE_BIN:-/tmp/guile-freebsd-validate-install/bin/guile}
+guile_extra_prefix=${GUILE_EXTRA_PREFIX:-/tmp/guile-gnutls-freebsd-validate-install}
+shepherd_prefix=${SHEPHERD_PREFIX:-/tmp/shepherd-freebsd-validate-install}
+store_dir=${STORE_DIR:-/frx/store}
+metadata_target=${METADATA_OUT:-}
+
+if [ ! -x "$guile_bin" ]; then
+  echo "Guile binary is not executable: $guile_bin" >&2
+  exit 1
+fi
+
+ensure_built() {
+  if [ ! -d "$guile_extra_prefix/share/guile/site" ] || \
+     ! GUILE_LOAD_PATH="$guile_extra_prefix/share/guile/site/3.0${GUILE_LOAD_PATH:+:$GUILE_LOAD_PATH}" \
+       GUILE_LOAD_COMPILED_PATH="$guile_extra_prefix/lib/guile/3.0/site-ccache${GUILE_LOAD_COMPILED_PATH:+:$GUILE_LOAD_COMPILED_PATH}" \
+       GUILE_EXTENSIONS_PATH="$guile_extra_prefix/lib/guile/3.0/extensions${GUILE_EXTENSIONS_PATH:+:$GUILE_EXTENSIONS_PATH}" \
+       LD_LIBRARY_PATH="$guile_extra_prefix/lib:/tmp/guile-freebsd-validate-install/lib:/usr/local/lib${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" \
+       "$guile_bin" -c '(catch #t (lambda () (use-modules (fibers)) (display "ok") (newline)) (lambda _ (display "missing") (newline)))' | grep -qx ok; then
+    METADATA_OUT= ENV_OUT= "$project_root/tests/shepherd/build-local-guile-fibers.sh"
+  fi
+
+  if [ ! -x "$shepherd_prefix/bin/shepherd" ] || [ ! -x "$shepherd_prefix/bin/herd" ]; then
+    METADATA_OUT= ENV_OUT= GUILE_EXTRA_PREFIX="$guile_extra_prefix" "$project_root/tests/shepherd/build-local-shepherd.sh"
+  fi
+}
+
+ensure_built
+
+guile_prefix=$(CDPATH= cd -- "$(dirname "$guile_bin")/.." && pwd)
+guile_lib_dir=$guile_prefix/lib
+cleanup=0
+if [ -n "${WORKDIR:-}" ]; then
+  workdir=$WORKDIR
+  mkdir -p "$workdir"
+else
+  workdir=$(mktemp -d /tmp/fruix-phase8-system-image.XXXXXX)
+  cleanup=1
+fi
+if [ "${KEEP_WORKDIR:-0}" -eq 1 ]; then
+  cleanup=0
+fi
+
+build_metadata=$workdir/phase8-system-image-build-metadata.txt
+metadata_file=$workdir/phase8-system-image-validation-metadata.txt
+gpart_log=$workdir/gpart-show.txt
+mnt_esp=$workdir/mnt-esp
+mnt_root=$workdir/mnt-root
+md_unit=
+
+cleanup_workdir() {
+  if [ -n "$md_unit" ]; then
+    sudo umount "$mnt_esp" >/dev/null 2>&1 || true
+    sudo umount "$mnt_root" >/dev/null 2>&1 || true
+    sudo mdconfig -d -u "$md_unit" >/dev/null 2>&1 || true
+  fi
+  if [ "$cleanup" -eq 1 ]; then
+    rm -rf "$workdir" 2>/dev/null || sudo rm -rf "$workdir"
+  fi
+}
+trap cleanup_workdir EXIT INT TERM
+
+if [ -n "${GUILE_LOAD_PATH:-}" ]; then
+  gui_load_path="$project_root/modules:$guix_source_dir:$GUILE_LOAD_PATH"
+else
+  gui_load_path="$project_root/modules:$guix_source_dir"
+fi
+
+printf 'Using Guile: %s\n' "$guile_bin"
+printf 'Working directory: %s\n' "$workdir"
+printf 'Store directory: %s\n' "$store_dir"
+
+sudo env \
+  GUILE_AUTO_COMPILE=0 \
+  GUILE_LOAD_PATH="$gui_load_path" \
+  LD_LIBRARY_PATH="$guile_lib_dir${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" \
+  WORKDIR="$workdir" \
+  OS_FILE="$os_file" \
+  STORE_DIR="$store_dir" \
+  GUILE_PREFIX="$guile_prefix" \
+  GUILE_EXTRA_PREFIX="$guile_extra_prefix" \
+  SHEPHERD_PREFIX="$shepherd_prefix" \
+  METADATA_OUT="$build_metadata" \
+  "$guile_bin" -s "$runner_scm"
+
+image_store_path=$(sed -n 's/^image_store_path=//p' "$build_metadata")
+disk_image=$(sed -n 's/^disk_image=//p' "$build_metadata")
+closure_path=$(sed -n 's/^closure_path=//p' "$build_metadata")
+raw_sha256=$(sed -n 's/^raw_sha256=//p' "$build_metadata")
+image_size_bytes=$(sed -n 's/^image_size_bytes=//p' "$build_metadata")
+store_item_count=$(sed -n 's/^store_item_count=//p' "$build_metadata")
+closure_base=$(basename "$closure_path")
+
+case "$image_store_path" in
+  /frx/store/*-fruix-bhyve-image-fruix-freebsd) : ;;
+  *) echo "unexpected image store path: $image_store_path" >&2; exit 1 ;;
+esac
+case "$disk_image" in
+  /frx/store/*-fruix-bhyve-image-fruix-freebsd/disk.img) : ;;
+  *) echo "unexpected disk image path: $disk_image" >&2; exit 1 ;;
+esac
+
+md=$(sudo mdconfig -a -t vnode -f "$disk_image")
+md_unit=${md#md}
+sudo mkdir -p "$mnt_esp" "$mnt_root"
+sudo gpart show -lp "/dev/$md" >"$gpart_log"
+esp_fstype=$(sudo fstyp "/dev/${md}p1")
+root_fstype=$(sudo fstyp "/dev/${md}p2")
+[ "$esp_fstype" = msdosfs ] || { echo "unexpected ESP filesystem: $esp_fstype" >&2; exit 1; }
+[ "$root_fstype" = ufs ] || { echo "unexpected root filesystem: $root_fstype" >&2; exit 1; }
+sudo mount -t msdosfs "/dev/${md}p1" "$mnt_esp"
+sudo mount -t ufs -o ro "/dev/${md}p2" "$mnt_root"
+
+[ -f "$mnt_esp/EFI/BOOT/BOOTX64.EFI" ] || { echo "missing EFI boot file in integrated image" >&2; exit 1; }
+run_current_system_target=$(readlink "$mnt_root/run/current-system")
+boot_loader_target=$(readlink "$mnt_root/boot/loader")
+boot_loader_conf_target=$(readlink "$mnt_root/boot/loader.conf")
+rc_conf_target=$(readlink "$mnt_root/etc/rc.conf")
+rc_script_target=$(readlink "$mnt_root/usr/local/etc/rc.d/fruix-shepherd")
+[ "$run_current_system_target" = "/frx/store/$closure_base" ] || { echo "unexpected /run/current-system target: $run_current_system_target" >&2; exit 1; }
+[ "$boot_loader_target" = /run/current-system/boot/loader ] || { echo "unexpected /boot/loader target: $boot_loader_target" >&2; exit 1; }
+[ "$boot_loader_conf_target" = /run/current-system/boot/loader.conf ] || { echo "unexpected /boot/loader.conf target: $boot_loader_conf_target" >&2; exit 1; }
+[ "$rc_conf_target" = /run/current-system/etc/rc.conf ] || { echo "unexpected /etc/rc.conf target: $rc_conf_target" >&2; exit 1; }
+[ "$rc_script_target" = /run/current-system/usr/local/etc/rc.d/fruix-shepherd ] || { echo "unexpected fruix_shepherd rc target: $rc_script_target" >&2; exit 1; }
+loader_conf_image=$mnt_root/frx/store/$closure_base/boot/loader.conf
+rc_conf_image=$mnt_root/frx/store/$closure_base/etc/rc.conf
+grep -F 'console="comconsole"' "$loader_conf_image" >/dev/null || { echo "loader.conf is missing serial console config" >&2; exit 1; }
+grep -F 'hostname="fruix-freebsd"' "$rc_conf_image" >/dev/null || { echo "rc.conf is missing hostname" >&2; exit 1; }
+
+cat >"$metadata_file" <<EOF
+workdir=$workdir
+build_metadata=$build_metadata
+store_dir=$store_dir
+image_store_path=$image_store_path
+disk_image=$disk_image
+closure_path=$closure_path
+closure_base=$closure_base
+raw_sha256=$raw_sha256
+image_size_bytes=$image_size_bytes
+store_item_count=$store_item_count
+gpart_log=$gpart_log
+esp_fstype=$esp_fstype
+root_fstype=$root_fstype
+run_current_system_target=$run_current_system_target
+boot_loader_target=$boot_loader_target
+boot_loader_conf_target=$boot_loader_conf_target
+rc_conf_target=$rc_conf_target
+rc_script_target=$rc_script_target
+image_generation_mode=declarative-system-layer
+frontend_invocation=$runner_scm
+EOF
+
+if [ -n "$metadata_target" ]; then
+  mkdir -p "$(dirname "$metadata_target")"
+  cp "$metadata_file" "$metadata_target"
+fi
+
+printf 'PASS phase8-system-image\n'
+printf 'Work directory: %s\n' "$workdir"
+printf 'Metadata file: %s\n' "$metadata_file"
+if [ -n "$metadata_target" ]; then
+  printf 'Copied metadata to: %s\n' "$metadata_target"
+fi
+printf '%s\n' '--- metadata ---'
+cat "$metadata_file"