mrva/mrva-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

setup-agent-chroot: add guards and clean up

Browse Source
This commit is contained in:
Michael Hohn
2025-05-17 13:47:22 -07:00
parent ac2655b71e
commit 8803b2dec2
1 changed files with 54 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
lima/setup-agent-chroot.sh
View File

@@ -1,7 +1,5 @@
#!/bin/bash
# === machine setup ===
sudo apt update
sudo apt install -y debootstrap unzip golang git
set -e
# === Config ===
CHROOT_ROOT=/srv/mrva/agent-root
@@ -9,13 +7,19 @@ CHROOT_ROOT=/srv/mrva/agent-root
# GO_SRC_DIR=/home/hohn/work-gh/mrva/mrvaagent
# mac host
GO_SRC_DIR=/Users/hohn/work-gh/mrva/mrvaagent
CODEQL_VERSION=latest
# === Bootstrap base system ===
echo "[1/6] Bootstrapping Ubuntu into $CHROOT_ROOT"
GO_VERSION=1.22.0
CODEQL_TAG=v2.21.3
# === Step 1: Bootstrap base system ===
if [ ! -f "$CHROOT_ROOT/.bootstrapped" ]; then
echo "[1/6] Bootstrapping Debian into $CHROOT_ROOT"
sudo debootstrap --variant=minbase bookworm "$CHROOT_ROOT" http://deb.debian.org/debian
sudo touch "$CHROOT_ROOT/.bootstrapped"
fi
# === Install base packages ===
# === Step 2: Install base packages ===
if [ ! -f "$CHROOT_ROOT/.packages_installed" ]; then
echo "[2/6] Installing base packages"
sudo mount -t proc none "$CHROOT_ROOT/proc"
sudo chroot "$CHROOT_ROOT" bash -c "
@@ -26,42 +30,47 @@ sudo chroot "$CHROOT_ROOT" bash -c "
unzip \
default-jdk
"
sudo umount "$CHROOT_ROOT/proc"
sudo touch "$CHROOT_ROOT/.packages_installed"
fi
# === Install CodeQL CLI ===
cd /Users/hohn/work-gh/mrva/mrva-docker/lima
# === Step 3: Install CodeQL CLI ===
if [ ! -f "$CHROOT_ROOT/opt/codeql/codeql" ]; then
echo "[3/6] Installing CodeQL CLI"
TAG=v2.21.3
# # update codeql version via
# TAG=$(curl -s https://api.github.com/repos/github/codeql-cli-binaries/releases/latest | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
echo " -> Using CodeQL version: $TAG"
echo " -> Using CodeQL version: $CODEQL_TAG"
mkdir -p "$CHROOT_ROOT/opt"
curl -L "https://github.com/github/codeql-cli-binaries/releases/download/$TAG/codeql-linux64.zip" -o /tmp/codeql.zip
curl -L "https://github.com/github/codeql-cli-binaries/releases/download/$CODEQL_TAG/codeql-linux64.zip" -o /tmp/codeql.zip
sudo unzip -q /tmp/codeql.zip -d "$CHROOT_ROOT/opt"
# optional:
# rm /tmp/codeql.zip
# optional: rm /tmp/codeql.zip
fi
# === Set CodeQL env vars ===
# === Step 4: Set CodeQL env vars ===
if [ ! -f "$CHROOT_ROOT/etc/profile.d/codeql.sh" ]; then
echo "[4/6] Adding CodeQL environment to chroot"
sudo tee "$CHROOT_ROOT/etc/profile.d/codeql.sh" > /dev/null <<EOF
export CODEQL_CLI_PATH=/opt/codeql/codeql
export CODEQL_JAVA_HOME=/usr
EOF
fi
# === machine setup: go ===
# === Step 5: Install Go toolchain ===
if ! /usr/local/go/bin/go version | grep -q "$GO_VERSION"; then
echo "[5/6] Installing Go $GO_VERSION"
cd /usr/local
sudo curl -LO https://go.dev/dl/go1.22.0.linux-arm64.tar.gz
sudo curl -LO "https://go.dev/dl/go${GO_VERSION}.linux-arm64.tar.gz"
sudo rm -rf /usr/local/go
sudo tar -xzf go1.22.0.linux-arm64.tar.gz
sudo ln -s /usr/local/go/bin/go /usr/local/bin/go
sudo apt remove -y golang
sudo tar -xzf "go${GO_VERSION}.linux-arm64.tar.gz"
sudo ln -sf /usr/local/go/bin/go /usr/local/bin/go
sudo apt remove -y golang || true
fi
# === Build Go binary ===
# ensure correct version is first:
# === Step 6: Build Go binary ===
echo "[6/6] Building mrvaagent Go binary"
export PATH=/usr/local/go/bin:$PATH
echo "[5/6] Building mrvaagent Go binary"
cd "$GO_SRC_DIR"
export GO111MODULE=on CGO_ENABLED=0
export GO111MODULE=on
export CGO_ENABLED=0
go build -o mrvaagent-binary
echo " -> Installing binary to chroot"
sudo cp mrvaagent-binary "$CHROOT_ROOT/usr/local/bin/mrvaagent"
ls -la $CHROOT_ROOT/usr/local/bin/mrvaagent
ls -la "$CHROOT_ROOT/usr/local/bin/mrvaagent"