Mariner Image Customizer boilerplate

[cwize1]

Merge Checklist

All boxes should be checked before merging the PR (just tick any boxes which don't apply to this PR)

• The toolchain has been rebuilt successfully (or no changes were made to it)
• The toolchain/worker package manifests are up-to-date
• Any updated packages successfully build (or no packages were changed)
• Packages depending on static components modified in this PR (Golang, *-static subpackages, etc.) have had their Release tag incremented.
• Package tests (%check section) have been verified with RUN_CHECK=y for existing SPEC files, or added to new SPEC files
• All package sources are available
• cgmanifest files are up-to-date and sorted (./cgmanifest.json, ./toolkit/scripts/toolchain/cgmanifest.json, .github/workflows/cgmanifest.json)
• LICENSE-MAP files are up-to-date (./SPECS/LICENSES-AND-NOTICES/data/licenses.json, ./SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md, ./SPECS/LICENSES-AND-NOTICES/LICENSE-EXCEPTIONS.PHOTON)
• All source files have up-to-date hashes in the *.signatures.json files
• sudo make go-tidy-all and sudo make go-test-coverage pass
• Documentation has been updated to match any changes to the build system
• Ready to merge

---

Summary

This creates the boilerplate for Mariner Image Customizer (imgcustomizer) tool. In addition, it implements AdditionalFiles since that is one of the simplest features to implement.

Change Log

• Added feature to chroot to allow partitions to be mounted before the default partitions.
• Create imgcustomizer tool boilerplate.
• Implement AdditionalFiles in imgcustomizer.
• Added tests for:
  • Unmarshalling of AdditionalFiles JSON/YAML.
  • imgcustomizer's top level functions.
  • AdditionalFiles logic.

Does this affect the toolchain?

NO

Test Methodology

• Tests added.

[mfrw]

I think, we should probably keep all the libraries in pkg directory.
The reason, I request this is because, I have proposed that we have a distinction between main packages and lib packages.

Reference:

• [RFC] tools: refactor all binary packages as library packages #2983

[cwize1]

I am not sure I am fond of that code layout. Having Go directories with the same name (e.g. specreader and pkg/specreader) can make writing Go code kind of annoying as it forces you to rename one of the packages in the imports.

I also want to avoid the case where the package name is something overly generic. Hence, why I have imagecustomizerapi and not imagecustomizer/api.

[cwize1]

I moved imagecustomizerlib into pkg but kept imagecustomizer and imagecustomizerapi here.

[dmcilvaney]

Only request is that we track any "internal" code via something like we do for the imager, scheduler, etc.

go_internal_files = $(shell find $(TOOLS_DIR)/internal/ -type f -name '*.go')
go_pkg_files = $(shell find $(TOOLS_DIR)/pkg/ -type f -name '*.go')
go_imagegen_files = $(shell find $(TOOLS_DIR)/imagegen/ -type f -name '*.go')
go_scheduler_files = $(shell find $(TOOLS_DIR)/scheduler -type f -name '*.go')
go_common_files = $(go_module_files) $(go_internal_files) $(go_imagegen_files) $(go_pkg_files) $(go_scheduler_files) $(STATUS_FLAGS_DIR)/got_go_deps.flag $(BUILD_DIR)/tools/internal.test_coverage

Its not particularly elegant but it makes sure we rebuild all the go tools if any of the shared libraries change.

[jiria]

Would like to open a discussion on a possibility of Trident calling into this function more directly. Trident will be also setting up chroot during image deployment and could take advantage of this function. We can of course create a more suitable wrapper.

[dmcilvaney]

Had another comment above, but maybe in the future we can hook into these functions as part of the normal image build flow as well.

[dmcilvaney]

Few of us had a idle thought about splitting the existing imager tool in two. What are your thoughts on taking the "customization" parts of the imager tool out, and using this tool as an extra step even for offline buidls? (Or at least the same libraries)
That would couple this tool more closely with the image config.json format, although which direction that coupling happens in isn't clear to me.

[dmcilvaney]

Had another comment above, but maybe in the future we can hook into these functions as part of the normal image build flow as well.

[romoh]

LGTM.

You may want to consider adding a --version option to the boilerplate.