From c813e546d03af7a9b32950e48e74e5f607e98010 Mon Sep 17 00:00:00 2001
From: Itxaka <itxaka@kairos.io>
Date: Tue, 8 Aug 2023 14:56:39 +0200
Subject: [PATCH 1/2] Support rpi3 and rpi 4 boards

Due to rpi3 not supporting GPT disks, we need to separate the building
into rpi3 and 4 so rpi4 gets GPT disks and can auto-expand the last
partition properly (and add extra partitions and so on)

This also includes some cleanup for the luet cache dirs, includes the
kairos-agent which was missing from the image for pulling images, and
cleans up the lvm vgs if they were left

Signed-off-by: Itxaka <itxaka@kairos.io>
---
 tools-image/Dockerfile                       |  18 +++
 tools-image/arm/boards/{rpi64.sh => rpi3.sh} |   0
 tools-image/arm/boards/rpi4.sh               |  22 +++
 tools-image/build-arm-image.sh               | 135 +++++++++++--------
 4 files changed, 120 insertions(+), 55 deletions(-)
 rename tools-image/arm/boards/{rpi64.sh => rpi3.sh} (100%)
 create mode 100755 tools-image/arm/boards/rpi4.sh

diff --git a/tools-image/Dockerfile b/tools-image/Dockerfile
index feb5b0e..94289ff 100644
--- a/tools-image/Dockerfile
+++ b/tools-image/Dockerfile
@@ -61,15 +61,33 @@ RUN luet install --config /tmp/luet-arm64.yaml -y static/grub-efi --system-targe
 RUN luet install --config /tmp/luet-arm64.yaml -y static/grub-config --system-target /arm/raw/grubconfig
 RUN luet install --config /tmp/luet-arm64.yaml -y static/grub-artifacts --system-target /arm/raw/grubartifacts
 
+# kairos-agent so we can use the pull-image
+RUN luet install -y system/kairos-agent
+
 # remove luet tmp files. Side effect of setting the system-target is that it treats it as a root fs
 # so temporal files are stored in each dir
 RUN rm -Rf /grub2/var/tmp
+RUN rm -Rf /grub2/var/cache
 RUN rm -Rf /efi/var/tmp
+RUN rm -Rf /efi/var/cache
 RUN rm -Rf /rpi/var/tmp
+RUN rm -Rf /rpi/var/cache
 RUN rm -Rf /pinebookpro/u-boot/var/tmp
+RUN rm -Rf /pinebookpro/u-boot/var/cache
+RUN rm -Rf /firmware/odroid-c2/var/tmp
+RUN rm -Rf /firmware/odroid-c2/var/cache
 RUN rm -Rf /raw/grub/var/tmp
+RUN rm -Rf /raw/grub/var/cache
 RUN rm -Rf /raw/grubconfig/var/tmp
+RUN rm -Rf /raw/grubconfig/var/cache
 RUN rm -Rf /raw/grubartifacts/var/tmp
+RUN rm -Rf /raw/grubartifacts/var/cache
+RUN rm -Rf /arm/raw/grubefi/var/tmp
+RUN rm -Rf /arm/raw/grubefi/var/cache
+RUN rm -Rf /arm/raw/grubconfig/var/tmp
+RUN rm -Rf /arm/raw/grubconfig/var/cache
+RUN rm -Rf /arm/raw/grubartifacts/var/tmp
+RUN rm -Rf /arm/raw/grubartifacts/var/cache
 
 RUN mkdir /config
 
diff --git a/tools-image/arm/boards/rpi64.sh b/tools-image/arm/boards/rpi3.sh
similarity index 100%
rename from tools-image/arm/boards/rpi64.sh
rename to tools-image/arm/boards/rpi3.sh
diff --git a/tools-image/arm/boards/rpi4.sh b/tools-image/arm/boards/rpi4.sh
new file mode 100755
index 0000000..86fe0aa
--- /dev/null
+++ b/tools-image/arm/boards/rpi4.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+partprobe
+
+kpartx -va $DRIVE
+
+image=$1
+
+if [ -z "$image" ]; then
+    echo "No image specified"
+    exit 1
+fi
+
+set -ax
+TEMPDIR="$(mktemp -d)"
+echo $TEMPDIR
+mount "${device}p1" "${TEMPDIR}"
+
+# Copy all rpi files
+cp -rfv /rpi/* $TEMPDIR
+
+umount "${TEMPDIR}"
diff --git a/tools-image/build-arm-image.sh b/tools-image/build-arm-image.sh
index 4db399f..de90262 100755
--- a/tools-image/build-arm-image.sh
+++ b/tools-image/build-arm-image.sh
@@ -73,6 +73,8 @@ cleanup() {
   fi
 
   losetup -D "${LOOP}" || true;
+  dmsetup remove KairosVG-oem || true;
+  dmsetup remove KairosVG-recovery || true;
 }
 
 ensure_dir_structure() {
@@ -215,7 +217,12 @@ while [ "$#" -gt 0 ]; do
     shift 1
 done
 
-if [ "$model" == "rpi64" ]; then
+if [ "$model" == "rpi64" ];then
+  echo "rpi64 model not supported anymore, please select either rpi3 or rpi4"
+  exit 1
+fi
+
+if [ "$model" == "rpi3" ] || [ "$model" == "rpi4" ]; then
     container_image=${CONTAINER_IMAGE:-quay.io/costoolkit/examples:rpi-latest}
 else
     # Odroid C2 image contains kernel-default-extra, might have broader support
@@ -284,7 +291,7 @@ ensure_dir_structure $TARGET
 # Download the container image
 if [ -z "$directory" ]; then
   echo ">>> Downloading container image"
-  elemental pull-image $( (( local_build == 'true')) && printf %s '--local' ) $container_image $TARGET
+  kairos-agent pull-image $( (( local_build == 'true')) && printf %s '--local' ) $container_image $TARGET
 else
   echo ">>> Copying files from $directory"
   rsync -axq --exclude='host' --exclude='mnt' --exclude='proc' --exclude='sys' --exclude='dev' --exclude='tmp' ${directory}/ $TARGET
@@ -346,23 +353,31 @@ partprobe
 
 echo ">> Writing image and partition table"
 dd if=/dev/zero of="${output_image}" bs=1024000 count="${size}" || exit 1
-if [ "$model" == "rpi64" ]; then 
+
+# Image partitions
+# only rpi4 supports gpt
+if [ "$model" == "rpi3" ]; then
     sgdisk -n 1:8192:+96M -c 1:EFI -t 1:0c00 ${output_image}
+    sgdisk -n 2:0:+${state_size}M -c 2:state -t 2:8300 ${output_image}
+    sgdisk -n 3:0:+$(( recovery_size + oem_size ))M -c 3:lvm -t 3:8e00 ${output_image}
+    sgdisk -n 4:0:+64M -c 4:persistent -t 4:8300 ${output_image}
+    sgdisk -m 1:2:3:4 ${output_image}
+    sfdisk --part-type ${output_image} 1 c
+elif [ "$model" == "rpi4" ]; then
+    echo "label: gpt" | sfdisk "${output_image}"
+    sgdisk -n 1:8192:+96M -c 1:EFI -t 1:0c00 ${output_image}
+    sgdisk -n 2:0:+${state_size}M -c 2:state -t 2:8300 ${output_image}
+    sgdisk -n 3:0:+${recovery_size}M -c 3:recovery -t 3:8300 ${output_image}
+    sgdisk -n 4:0:+${oem_size}M -c 4:oem -t 4:8300 ${output_image}
+    sgdisk -n 5:0:+64M -c 5:persistent -t 5:8300 ${output_image}
+    sgdisk -g ${output_image}
+    sgdisk -m 1:2:3:4:5 ${output_image}
 else
     sgdisk -n 1:8192:+16M -c 1:EFI -t 1:0700 ${output_image}
-fi
-sgdisk -n 2:0:+${state_size}M -c 2:state -t 2:8300 ${output_image}
-if [ "$disable_lvm" == 'true' ]; then
-sgdisk -n 3:0:+${recovery_size}M -c 3:recovery -t 3:8300 ${output_image}
-else 
-sgdisk -n 3:0:+$(( recovery_size + oem_size ))M -c 3:lvm -t 3:8e00 ${output_image}
-fi
-sgdisk -n 4:0:+64M -c 4:persistent -t 4:8300 ${output_image}
-
-sgdisk -m 1:2:3:4 ${output_image}
-
-if [ "$model" == "rpi64" ]; then 
-    sfdisk --part-type ${output_image} 1 c
+    sgdisk -n 2:0:+${state_size}M -c 2:state -t 2:8300 ${output_image}
+    sgdisk -n 3:0:+$(( recovery_size + oem_size ))M -c 3:lvm -t 3:8e00 ${output_image}
+    sgdisk -n 4:0:+64M -c 4:persistent -t 4:8300 ${output_image}
+    sgdisk -m 1:2:3:4 ${output_image}
 fi
 
 # Prepare the image and copy over the files
@@ -385,64 +400,68 @@ export device="/dev/mapper/${device}"
 
 partprobe
 
-kpartx -va $DRIVE
+if [ "$model" == 'rpi4' ]; then
+  kpartx -vag $DRIVE
+else
+  kpartx -va $DRIVE
+fi
 
 echo ">> Populating partitions"
 efi=${device}p1
 state=${device}p2
 recovery=${device}p3
-persistent=${device}p4
-oem_lv=/dev/mapper/KairosVG-oem
-recovery_lv=/dev/mapper/KairosVG-recovery
+
+if [ "$model" == 'rpi4' ]; then
+  oem=${device}p4
+  persistent=${device}p5
+else
+  persistent=${device}p4
+  oem_lv=/dev/mapper/KairosVG-oem
+  recovery_lv=/dev/mapper/KairosVG-recovery
+fi
 
 # Create partitions (RECOVERY, STATE, COS_PERSISTENT)
 mkfs.vfat -F 32 ${efi}
 fatlabel ${efi} COS_GRUB
+mkfs.ext4 -F -L ${STATE_LABEL} $state
+mkfs.ext4 -F -L ${PERSISTENT_LABEL} $persistent
 
-if [ "$disable_lvm" == 'true' ]; then
-mkfs.ext4 -F -L ${RECOVERY_LABEL} $recovery
+if [ "$model" == 'rpi4' ]; then
+  mkfs.ext4 -F -L ${RECOVERY_LABEL} $recovery
+  mkfs.ext4 -F -L ${OEM_LABEL} $oem
 else
-pvcreate $recovery
-vgcreate KairosVG $recovery
-lvcreate -Z n -n oem -L ${oem_size} KairosVG
-lvcreate -Z n -n recovery -l 100%FREE KairosVG
-vgchange -ay
-vgmknodes
-mkfs.ext4 -F -L ${OEM_LABEL} $oem_lv
-mkfs.ext4 -F -L ${RECOVERY_LABEL} $recovery_lv
+  pvcreate $recovery
+  vgcreate KairosVG $recovery
+  lvcreate -Z n -n oem -L ${oem_size} KairosVG
+  lvcreate -Z n -n recovery -l 100%FREE KairosVG
+  vgchange -ay
+  vgmknodes
+  mkfs.ext4 -F -L ${OEM_LABEL} $oem_lv
+  mkfs.ext4 -F -L ${RECOVERY_LABEL} $recovery_lv
 fi
-mkfs.ext4 -F -L ${STATE_LABEL} $state
-mkfs.ext4 -F -L ${PERSISTENT_LABEL} $persistent
 
 mkdir $WORKDIR/state
 mkdir $WORKDIR/recovery
 mkdir $WORKDIR/efi
+mkdir $WORKDIR/oem
 
-if [ "$disable_lvm" == 'true' ]; then
-mount $recovery $WORKDIR/recovery
-else
-mount $recovery_lv $WORKDIR/recovery
-fi
 mount $state $WORKDIR/state
 mount $efi $WORKDIR/efi
 
-
-if [ "$disable_lvm" == "false" ]; then
-  mkdir $WORKDIR/oem
+if [ "$model" == 'rpi4' ]; then
+  mount $recovery $WORKDIR/recovery
+  mount $oem $WORKDIR/oem
+else
+  mount $recovery_lv $WORKDIR/recovery
   mount $oem_lv $WORKDIR/oem
+fi
 
-  cp -rfv /defaults.yaml $WORKDIR/oem/01_defaults.yaml
-
-  # Set a OEM config file if specified
-  if [ -n "$config" ]; then
-    echo ">> Copying $config OEM config file"
-    get_url $config $WORKDIR/oem/99_custom.yaml
-  fi
+cp -rfv /defaults.yaml $WORKDIR/oem/01_defaults.yaml
 
-  umount $WORKDIR/oem
-else
-  echo "LVM disabled: Not adding default config with default user/pass and custom config file"
-  echo "Enable LVM to copy those files into /oem"
+# Set a OEM config file if specified
+if [ -n "$config" ]; then
+  echo ">> Copying $config OEM config file"
+  get_url $config $WORKDIR/oem/99_custom.yaml
 fi
 
 grub2-editenv $WORKDIR/state/grub_oem_env set "default_menu_entry=$menu_entry"
@@ -450,7 +469,6 @@ grub2-editenv $WORKDIR/state/grub_oem_env set "default_menu_entry=$menu_entry"
 # We copy the file we saved earier to the STATE partition
 cp -rfv "${tmpgrubconfig}" $WORKDIR/state/grubmenu
 
-
 # Copy over content
 cp -arf $EFI/* $WORKDIR/efi
 cp -arf $RECOVERY/* $WORKDIR/recovery
@@ -459,10 +477,13 @@ cp -arf $STATEDIR/* $WORKDIR/state
 umount $WORKDIR/recovery
 umount $WORKDIR/state
 umount $WORKDIR/efi
+umount $WORKDIR/oem
 
-if [ "$disable_lvm" == 'false' ]; then
-vgchange -an
+
+if [ "$model" != 'rpi4' ]; then
+  vgchange -an
 fi
+
 sync
 
 # Flash uboot and vendor-specific bits
@@ -473,7 +494,11 @@ sync
 sleep 5
 sync
 
-kpartx -dv $DRIVE || true
+if [ "$model" == 'rpi4' ]; then
+  kpartx -dvg $DRIVE
+else
+  kpartx -dv $DRIVE || true
+fi
 
 umount $DRIVE || true
 

From 92193abe84d7a01b18f475736fb16d336c0e596e Mon Sep 17 00:00:00 2001
From: Itxaka <itxaka@kairos.io>
Date: Tue, 8 Aug 2023 15:06:32 +0200
Subject: [PATCH 2/2] Dont use local flag for pull-image

not supported and done automatically

Signed-off-by: Itxaka <itxaka@kairos.io>
---
 tools-image/build-arm-image.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools-image/build-arm-image.sh b/tools-image/build-arm-image.sh
index de90262..58af128 100755
--- a/tools-image/build-arm-image.sh
+++ b/tools-image/build-arm-image.sh
@@ -291,7 +291,7 @@ ensure_dir_structure $TARGET
 # Download the container image
 if [ -z "$directory" ]; then
   echo ">>> Downloading container image"
-  kairos-agent pull-image $( (( local_build == 'true')) && printf %s '--local' ) $container_image $TARGET
+  kairos-agent pull-image $container_image $TARGET
 else
   echo ">>> Copying files from $directory"
   rsync -axq --exclude='host' --exclude='mnt' --exclude='proc' --exclude='sys' --exclude='dev' --exclude='tmp' ${directory}/ $TARGET