From 8803b2dec21eb8a36d6a019e530f183c5a830b47 Mon Sep 17 00:00:00 2001 From: Michael Hohn Date: Sat, 17 May 2025 13:47:22 -0700 Subject: [PATCH] setup-agent-chroot: add guards and clean up --- lima/setup-agent-chroot.sh | 99 +++++++++++++++++++++----------------- 1 file changed, 54 insertions(+), 45 deletions(-) diff --git a/lima/setup-agent-chroot.sh b/lima/setup-agent-chroot.sh index 7f689bc..8f0d0c4 100644 --- a/lima/setup-agent-chroot.sh +++ b/lima/setup-agent-chroot.sh @@ -1,7 +1,5 @@ #!/bin/bash -# === machine setup === -sudo apt update -sudo apt install -y debootstrap unzip golang git +set -e # === Config === CHROOT_ROOT=/srv/mrva/agent-root @@ -9,59 +7,70 @@ CHROOT_ROOT=/srv/mrva/agent-root # GO_SRC_DIR=/home/hohn/work-gh/mrva/mrvaagent # mac host GO_SRC_DIR=/Users/hohn/work-gh/mrva/mrvaagent -CODEQL_VERSION=latest -# === Bootstrap base system === -echo "[1/6] Bootstrapping Ubuntu into $CHROOT_ROOT" -sudo debootstrap --variant=minbase bookworm "$CHROOT_ROOT" http://deb.debian.org/debian +GO_VERSION=1.22.0 +CODEQL_TAG=v2.21.3 -# === Install base packages === -echo "[2/6] Installing base packages" -sudo mount -t proc none "$CHROOT_ROOT/proc" -sudo chroot "$CHROOT_ROOT" bash -c " - apt-get update && - apt-get install -y --no-install-recommends \ - ca-certificates \ - curl \ - unzip \ - default-jdk -" +# === Step 1: Bootstrap base system === +if [ ! -f "$CHROOT_ROOT/.bootstrapped" ]; then + echo "[1/6] Bootstrapping Debian into $CHROOT_ROOT" + sudo debootstrap --variant=minbase bookworm "$CHROOT_ROOT" http://deb.debian.org/debian + sudo touch "$CHROOT_ROOT/.bootstrapped" +fi -# === Install CodeQL CLI === -cd /Users/hohn/work-gh/mrva/mrva-docker/lima -echo "[3/6] Installing CodeQL CLI" -TAG=v2.21.3 -# # update codeql version via -# TAG=$(curl -s https://api.github.com/repos/github/codeql-cli-binaries/releases/latest | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') -echo " -> Using CodeQL version: $TAG" -mkdir -p "$CHROOT_ROOT/opt" -curl -L "https://github.com/github/codeql-cli-binaries/releases/download/$TAG/codeql-linux64.zip" -o /tmp/codeql.zip -sudo unzip -q /tmp/codeql.zip -d "$CHROOT_ROOT/opt" -# optional: -# rm /tmp/codeql.zip +# === Step 2: Install base packages === +if [ ! -f "$CHROOT_ROOT/.packages_installed" ]; then + echo "[2/6] Installing base packages" + sudo mount -t proc none "$CHROOT_ROOT/proc" + sudo chroot "$CHROOT_ROOT" bash -c " + apt-get update && + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + unzip \ + default-jdk + " + sudo umount "$CHROOT_ROOT/proc" + sudo touch "$CHROOT_ROOT/.packages_installed" +fi -# === Set CodeQL env vars === -echo "[4/6] Adding CodeQL environment to chroot" -sudo tee "$CHROOT_ROOT/etc/profile.d/codeql.sh" > /dev/null < Using CodeQL version: $CODEQL_TAG" + mkdir -p "$CHROOT_ROOT/opt" + curl -L "https://github.com/github/codeql-cli-binaries/releases/download/$CODEQL_TAG/codeql-linux64.zip" -o /tmp/codeql.zip + sudo unzip -q /tmp/codeql.zip -d "$CHROOT_ROOT/opt" + # optional: rm /tmp/codeql.zip +fi + +# === Step 4: Set CodeQL env vars === +if [ ! -f "$CHROOT_ROOT/etc/profile.d/codeql.sh" ]; then + echo "[4/6] Adding CodeQL environment to chroot" + sudo tee "$CHROOT_ROOT/etc/profile.d/codeql.sh" > /dev/null < Installing binary to chroot" sudo cp mrvaagent-binary "$CHROOT_ROOT/usr/local/bin/mrvaagent" -ls -la $CHROOT_ROOT/usr/local/bin/mrvaagent +ls -la "$CHROOT_ROOT/usr/local/bin/mrvaagent"