On Sat, Apr 3, 2021 at 3:51 PM Martin Jansa <[email protected]> wrote: > > * PNBLACKLISTs are IMHO a bit easier to read and easier to override from > distro > which e.g. provides own recipe for libseccomp
Thanks Martin, I'm trying to decide if I should just give up and make meta-security a hard/full layer dependency. More and more of the container components just don't work if we don't have seccomp enabled. But I agree that the blacklist technique is easier to read than the proliferating anonymous python. I'll merge it while I ponder the above question. On that topic, would adding meta-security as a layer dependency cause any issues in your setup/distros/builds ? Bruce > > Signed-off-by: Martin Jansa <[email protected]> > --- > recipes-containers/cri-o/cri-o_git.bb | 16 +--------------- > recipes-containers/podman/podman_git.bb | 10 +--------- > .../packagegroups/packagegroup-container.bb | 10 +--------- > 3 files changed, 3 insertions(+), 33 deletions(-) > > diff --git a/recipes-containers/cri-o/cri-o_git.bb > b/recipes-containers/cri-o/cri-o_git.bb > index 2d6187a..0ac5ddc 100644 > --- a/recipes-containers/cri-o/cri-o_git.bb > +++ b/recipes-containers/cri-o/cri-o_git.bb > @@ -43,21 +43,7 @@ RDEPENDS_${PN} = " \ > libdevmapper \ > " > > -python __anonymous() { > - msg = "" > - # ERROR: Nothing PROVIDES 'libseccomp' (but > /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb > DEPENDS on or otherwise requires it). > - # ERROR: Required build target 'meta-world-pkgdata' has no buildable > providers. > - # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', > 'cri-o', 'libseccomp'] > - if 'security' not in d.getVar('BBFILE_COLLECTIONS').split(): > - msg += "Make sure meta-security should be present as it provides > 'libseccomp'" > - raise bb.parse.SkipRecipe(msg) > - # ERROR: Nothing PROVIDES 'libselinux' (but > /buildarea/layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb > DEPENDS on or otherwise requires it). > - # ERROR: Required build target 'meta-world-pkgdata' has no buildable > providers. > - # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', > 'cri-o', 'libselinux'] > - elif 'selinux' not in d.getVar('BBFILE_COLLECTIONS').split(): > - msg += "Make sure meta-selinux should be present as it provides > 'libselinux'" > - raise bb.parse.SkipRecipe(msg) > -} > +PNBLACKLIST[cri-o] ?= "${@bb.utils.contains('BBFILE_COLLECTIONS', > 'security', bb.utils.contains('BBFILE_COLLECTIONS', 'selinux', '', 'Depends > on libselinux from meta-selinux which is not included', d), 'Depends on > libseccomp from meta-security which is not included', d)}" > > PACKAGES =+ "${PN}-config" > > diff --git a/recipes-containers/podman/podman_git.bb > b/recipes-containers/podman/podman_git.bb > index a552a7f..62ae024 100644 > --- a/recipes-containers/podman/podman_git.bb > +++ b/recipes-containers/podman/podman_git.bb > @@ -14,15 +14,7 @@ DEPENDS = " \ > ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ > " > > -python __anonymous() { > - msg = "" > - # ERROR: Nothing PROVIDES 'libseccomp' (but > meta-virtualization/recipes-containers/podman/ DEPENDS on or otherwise > requires it). > - # ERROR: Required build target 'meta-world-pkgdata' has no buildable > providers. > - # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', > 'podman', 'libseccomp'] > - if 'security' not in d.getVar('BBFILE_COLLECTIONS').split(): > - msg += "Make sure meta-security should be present as it provides > 'libseccomp'" > - raise bb.parse.SkipRecipe(msg) > -} > +PNBLACKLIST[podman] ?= "${@bb.utils.contains('BBFILE_COLLECTIONS', > 'security', '', 'Depends on libseccomp from meta-security which is not > included', d)}" > > SRCREV = "288fb688964cb7fc7086d0728daa1f5f6b726dd6" > SRC_URI = " \ > diff --git a/recipes-core/packagegroups/packagegroup-container.bb > b/recipes-core/packagegroups/packagegroup-container.bb > index b3b0d4c..b06a7c7 100644 > --- a/recipes-core/packagegroups/packagegroup-container.bb > +++ b/recipes-core/packagegroups/packagegroup-container.bb > @@ -44,12 +44,4 @@ RDEPENDS_packagegroup-containerd = " \ > virtual/containerd \ > " > > -python __anonymous() { > - msg = "" > - # ERROR: Nothing PROVIDES 'libseccomp' (but > meta-virtualization/recipes-containers/podman/ DEPENDS on or otherwise > requires it). > - # ERROR: Required build target 'meta-world-pkgdata' has no buildable > providers. > - # Missing or unbuildable dependency chain was: ['meta-world-pkgdata', > 'podman', 'libseccomp'] > - if 'security' not in d.getVar('BBFILE_COLLECTIONS').split(): > - msg += "Make sure meta-security should be present as it provides > 'libseccomp'" > - raise bb.parse.SkipRecipe(msg) > -} > +PNBLACKLIST[packagegroup-container] ?= > "${@bb.utils.contains('BBFILE_COLLECTIONS', 'security', '', 'Depends on > podman which depends on libseccomp from meta-security which is not included', > d)}" > -- > 2.30.2 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#6314): https://lists.yoctoproject.org/g/meta-virtualization/message/6314 Mute This Topic: https://lists.yoctoproject.org/mt/81831764/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
