From f4db4b791c7abfd049835cf9487c56152e825976 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Mon, 6 May 2024 14:12:05 -0400 Subject: [PATCH] README.md qemu.md + CircleCI: point to images for building and using nix developed created docker image - push v0.1.3 and have latest point to the same image, add repro notes inside of README.md - modify qemu.md to also refer to using docker images TODO: remove NIX_REPRO_NOTES prior of merging Signed-off-by: Thierry Laurion --- .circleci/config.yml | 8 ++++---- README.md | 41 +++++++++++++++++++++++++++++++++++++++++ targets/qemu.md | 13 ++++++++++++- 3 files changed, 57 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 62751f4c..ba0d02ed 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -45,7 +45,7 @@ commands: jobs: prep_env: docker: - - image: tlaurion/heads-dev-env:v0.1.1 + - image: tlaurion/heads-dev-env:v0.1.3 resource_class: large working_directory: ~/heads steps: @@ -111,7 +111,7 @@ jobs: build_and_persist: docker: - - image: tlaurion/heads-dev-env:v0.1.1 + - image: tlaurion/heads-dev-env:v0.1.3 resource_class: large working_directory: ~/heads parameters: @@ -139,7 +139,7 @@ jobs: build: docker: - - image: tlaurion/heads-dev-env:v0.1.1 + - image: tlaurion/heads-dev-env:v0.1.3 resource_class: large working_directory: ~/heads parameters: @@ -160,7 +160,7 @@ jobs: save_cache: docker: - - image: tlaurion/heads-dev-env:v0.1.1 + - image: tlaurion/heads-dev-env:v0.1.3 resource_class: large working_directory: ~/heads steps: diff --git a/README.md b/README.md index a0819f48..d1505693 100644 --- a/README.md +++ b/README.md @@ -28,8 +28,49 @@ Please refer to [Heads-wiki](https://osresearch.net) for your Heads' documentati Building heads === + +Build docker from nix develop layer locally +==== + +``` +sh <(curl -L https://nixos.org/nix/install) --no-daemon + . /home/user/.nix-profile/etc/profile.d/nix.sh +nix build .#dockerImage && docker load < result +``` + +Jump into docker image +===== +`docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) linuxboot/heads:dev-env` + +Build a board from docker image +===== `make BOARD=board_name` where board_name is the name of the board directory under `./boards` directory. + +Use prepared docker image from docker hub +==== +``` +docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=qemu-coreboot-whiptail-tpm2 +docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=qemu-coreboot-whiptail-tpm2 run +``` + +Maintenance notes on docker image +=== +Redo the steps above in case the flake.nix or nix.lock changes. Then publish on docker hub: + +``` +docker tag tlaurion/heads-dev-env:vx.y.z tlaurion/heads-dev-env:latest +docker push tlaurion/heads-dev-env:latest +``` + +Notes: +- Local builds can use ":latest" +- To reproduce CirlceCI results, make sure to use the same versioned tag declared under .circleci/config.yml's "image:" + + + +General notes on reproducible builds +=== In order to build reproducible firmware images, Heads builds a specific version of gcc and uses it to compile the Linux kernel and various tools that go into the initrd. Unfortunately this means the first step is a diff --git a/targets/qemu.md b/targets/qemu.md index 0dfdd63e..1587fa88 100644 --- a/targets/qemu.md +++ b/targets/qemu.md @@ -1,4 +1,4 @@ -qemu-coreboot-(fb)whiptail-tpm[1,2](-hotp) boards +qemu-coreboot-(fb)whiptail-tpmX(-hotp) boards === The `qemu-coreboot-fbwhiptail-tpm1-hotp` configuration (and their variants) permits testing of most features of Heads. @@ -87,3 +87,14 @@ swtpm on Debian bookworm === 1. Install dependencies * `sudo apt install swtpm swtpm-tools` + +swtpm on nix docker image +=== +Nothing to do. Everything needed is in the docker image. + +Just make sure to pass DISPLAY environement variable on your docker command line. eg: +* Remotely downloaded docker image (doing make command only inside of docker example): + * `docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=qemu-coreboot-whiptail-tpm2` + * `docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) tlaurion/heads-dev-env:latest -- make BOARD=qemu-coreboot-whiptail-tpm2 run` +* Locally created docker image from nix develop environment (jumping into docker image variation of the above, where developer does what he wants within): + * `docker run -e DISPLAY=$DISPLAY --network host --rm -ti -v $(pwd):$(pwd) -w $(pwd) linuxboot/heads:dev-env`