.editorconfig

@@ -1,7 +0,0 @@
-root = true
-
-[*.sh]
-end_of_line = lf
-insert_final_newline = true
-indent_style = space
-indent_size = 4

.gitignore

@@ -1,2 +0,0 @@
-stage3-*.tar.*
-latest-*.txt

README.md

@@ -0,0 +1,55 @@
+# Aimee OS Build Container Images
+
+This repository contains the build scripts for the container images that
+provide the build environment for Aimee OS projects.  Most projects will use
+the _build/build-{target}_ image, which contains a cross-compiler toolchain for
+the _{target}_ system (e.g. _aarch64-unknown-linux-gnu_) with Rust support, as
+well as several other tools for compiling software and creating bootable OS
+images.
+
+
+## Container Images
+
+There are several images in the collection:
+
+```
+gentoo/stage3 †
+build/base
+└── build/cross-aarch64-unknown-linux-gnu
+    └── build/build-aarch64-unknown-linux-gnu ‡
+```
+
+† The _gentoo/stage3_ image contains an unmodified Gentoo stage3 system.  It is
+used to bootstrap the _build/base_ image.
+
+‡ Although the _build/build-{target}_ image is initially populated from the
+corresponding _build/cross-{target}_ image, the final image is "squashed" into
+a single layer to minimize download size.
+
+
+## Git Branches
+
+To enable building images in Jenkins without building all of the preceding
+images, each image has its own Jenkins job.  Since Jenkins does not support
+(auto discovering) multiple jobs in a single Git repository branch, the build
+scripts for the images are tracked in separate branches.  Each branch is named
+like _{image}/{sub-branch}_, where _{image}_ is the short name of the image
+(e.g. `base`, `cross`, etc) and _{sub-branch}_ is an arbitrary name (e.g.
+_main_).
+
+* _base/main_: This branch is responsible for building _gentoo/stage3_ and
+  _build/base_.
+* _cross/main_: This branch contains the build script for
+  _build/cross-{target}_.
+* _build/main_: This branch builds _build/build-{target}_.
+
+In addition to the per-image branches, there is also _lib/{sub-branch}_.
+Code shared by multiple image build scripts is tracked here.  Build scripts
+expect the shared code to be available in the `lib` directory, which is
+generally populated using a Git worktree, e.g.:
+
+```sh
+git worktree add lib lib/main
+```
+
+The _main_ branch itself is empty except for this README.

build.sh

@@ -1,35 +0,0 @@
-#!/bin/sh
-
-SELF=$(readlink -f "$0")
-SRCDIR=${SELF%/*}
-. "${SRCDIR}"/lib/common.sh
-
-target=aarch64-unknown-linux-gnu
-while [ $# -gt 0 ]; do
-    case "$1" in
-    -t|--target)
-        shift
-        target="$1"
-        ;;
-    -b|--base)
-        shift
-        base="$1"
-        ;;
-    *)
-        printf 'Unknown argument: %s\n' "$1" >&2
-        exit 2
-        ;;
-    esac
-    shift
-done
-
-if [ -z "${base-}" ]; then
-    base=aimee-os.org/build/cross-"${target}"
-fi
-
-set -e
-
-cid=$(buildah from "${base}")
-buildah_run_script "${cid}" "${SRCDIR}"/lib/sync.sh
-buildah_run_script "${cid}" "${SRCDIR}"/rust-cross.sh "${target}"
-buildah commit --rm "${cid}" aimee-os.org/build/rust-cross-"${target}"

ci/Jenkinsfile

@@ -1,67 +0,0 @@
-pipeline {
-    agent {
-        kubernetes {
-            yamlFile 'ci/podTemplate.yaml'
-            yamlMergeStrategy merge()
-            defaultContainer 'buildah'
-        }
-    }
-
-    stages {
-        stage('Prepare') {
-            steps {
-                container('jnlp') {
-                    // TODO checkout lib/ branch based on $BRANCH_NAME
-                    sh 'git fetch origin lib/main:lib/main'
-                    sh 'git worktree add lib lib/main'
-                }
-            }
-        }
-
-        stage('Build') {
-            steps {
-                sh 'sh -e build.sh --base git.pyrocufflink.net/aimeeos/build/cross-aarch64-unknown-linux-gnu'
-            }
-        }
-
-        stage('Push') {
-            steps {
-                withEnv([
-                    "REGISTRY_AUTH_FILE=${env.WORKSPACE_TMP}/auth.json"
-                ]) {
-                    withCredentials([usernamePassword(
-                        credentialsId: 'jenkins-packages',
-                        usernameVariable: 'BUILDAH_USERNAME',
-                        passwordVariable: 'BUILDAH_PASSWORD',
-                    )]) {
-                        sh """
-                            buildah login \
-                            --username \${BUILDAH_USERNAME} \
-                            --password \${BUILDAH_PASSWORD} \
-                            git.pyrocufflink.net
-                        """
-                    }
-                    sh 'buildah push aimee-os.org/build/rust-cross-aarch64-unknown-linux-gnu git.pyrocufflink.net/aimeeos/build/rust-cross-aarch64-unknown-linux-gnu'
-                }
-            }
-        }
-
-    }
-
-    post {
-        success {
-            build([
-                job: "${BRANCH_NAME.replace('rust-cross/', 'build%2F')}",
-                wait: false,
-            ])
-        }
-
-        failure {
-            sh 'unshare -Ur --map-auto chown root:root -R tmp log'
-            dir('tmp/portage') {
-                archiveArtifacts '*/*/temp/*.log'
-            }
-            archiveArtifacts 'log/**/*'
-        }
-    }
-}

ci/podTemplate.yaml

@@ -1,51 +0,0 @@
-spec:
-  containers:
-  - name: buildah
-    image: quay.io/containers/buildah:v1
-    command:
-    - sh
-    - -c
-    - |
-      trap 'kill $!; exit' TERM
-      sleep infinity &
-      wait
-    securityContext:
-      runAsUser: 1000
-      runAsGroup: 1000
-      readOnlyRootFilesystem: true
-    resources:
-      limits:
-        github.com/fuse: 1
-        cpu: 6
-        memory: 8G
-      requests:
-        cpu: 6
-        memory: 8G
-    volumeMounts:
-    - mountPath: /home/build
-      name: tmp
-      subPath: home
-    - mountPath: /home/build/.local/share/containers
-      name: data
-      subPath: containers
-    - mountPath: /tmp
-      name: tmp
-      subPath: tmp
-    - mountPath: /var/tmp
-      name: data
-      subPath: tmp
-  tolerations:
-  - key: du5t1n.me/jenkins
-  volumes:
-  - name: data
-    ephemeral:
-      volumeClaimTemplate:
-        spec:
-          accessModes:
-          - ReadWriteOnce
-          resources:
-            requests:
-              storage: 10Gi
-  - name: tmp
-    emptyDir:
-      medium: Memory

rust-cross.sh

@@ -1,37 +0,0 @@
-#!/bin/sh
-
-set -e
-
-target=$1
-
-ln -s /var/db/repos/gentoo/sys-devel/rust-std /var/db/repos/crossdev/cross-${target}/
-
-case ${target%%-*} in
-aarch64)
-    llvm_target=AArch64
-    ;;
-arm*)
-    llvm_target=ARM
-    ;;
-*)
-    printf 'Unknown LLVM target: %s' "${target%%-*}"
-    exit 1
-    ;;
-esac
-
-mkdir -p \
-    /etc/portage/env/dev-lang \
-    /etc/portage/package.accept_keywords \
-    /etc/portage/package.use \
-    && :
-printf 'cross-%s/rust-std **\n' "${target}" \
-    > /etc/portage/package.accept_keywords/rust-cross
-printf 'dev-lang/rust rust-src LLVM_TARGETS: %s\n' \
-    "${llvm_target}" \
-    > /etc/portage/package.use/rust-src
-printf 'RUST_CROSS_TARGETS=( %s:%s:%s )\n' \
-    "${llvm_target}" \
-    "${target}" \
-    "${target}" \
-    >> /etc/portage/env/dev-lang/rust
-emerge -vbknj cross-${target}/rust-std