[antlir2][debian] step towards proper automated build of debian-trixie build appliance

vmagro · meta-codesync[bot] · commit d498321c1645 · 2026-03-04T14:56:10.000-08:00
Summary: Add a proper impl() build appliance for debian-trixie that builds itself from features (like centos appliances do), while keeping the existing manually-bootstrapped `trixie.tar.gz` archive to build the new one until this diff lands and we can bump MSDK safely. This required making several BUCK files OS-aware via select() on the package_manager constraint: - build_appliance/BUCK: select between apt and dnf package manager features, and skip dnf-specific cleanup (yum.repos.d, dnf.conf removal) for apt - antlir2_packager/BUCK: select between apt_install and rpms_install for packager tools, with appropriate package names for each ecosystem - New apt/build_appliance/BUCK: apt-equivalent of the dnf build_appliance features (apt, dpkg, python3, mount) - debian-trixie/BUCK: add impl() call with rpm2extents=False and bootstrap_build_appliance pointing to the existing tarball-based appliance Test Plan: ``` ❯ buck build fbcode//antlir/antlir2/facebook/images/build_appliance/debian-trixie:antlir2_build_appliance_debian_trixie'[out]' fbcode//antlir/antlir2/facebook/images/build_appliance/debian-trixie:antlir2_build_appliance_debian_trixie[out] buck-out/v2/art/fbcode/db9872a2533ba461/antlir/antlir2/facebook/images/build_appliance/debian-trixie/__antlir2_build_appliance_debian_trixie__/out ❯ tree -l buck-out/v2/art/fbcode/db9872a2533ba461/antlir/antlir2/facebook/images/build_appliance/debian-trixie/__antlir2_build_appliance_debian_trixie__/out | head buck-out/v2/art/fbcode/db9872a2533ba461/antlir/antlir2/facebook/images/build_appliance/debian-trixie/__antlir2_build_appliance_debian_trixie__/out └── dir -> ../../../../../../../../../488708e8759f923e/antlir/antlir2/facebook/images/build_appliance/debian-trixie/__build-appliance.impl.dir__/build-appliance.impl.dir ├── __antlir2__ │ ├── build_appliance │ ├── out │ ├── root │ └── working_directory ├── etc │ ├── adduser.conf │ ├── alternatives ``` And it can pass the apt feature tests ``` ❯ buck2 test fbcode//antlir/antlir2/features/apt/... Buck UI: https://www.internalfb.com/buck2/4ba36879-f97c-4d44-81a5-aa5e37d39723 Tests finished: Pass 6. Fail 0. Fatal 0. Skip 0. Omit 0. Infra Failure 0. Build failure 0 ``` https://www.internalfb.com/intern/testinfra/testrun/10977524245798669 Make sure centos build still works: ``` ❯ buck2 build --show-output fbcode//antlir/antlir2/facebook/images/build_appliance/centos9: BUILD SUCCEEDED fbcode//antlir/antlir2/facebook/images/build_appliance/centos9:build-appliance.impl.dir buck-out/v2/art/fbcode/381139113463cae0/antlir/antlir2/facebook/images/build_appliance/centos9/__build-appliance.impl.dir__/build-appliance.impl.dir fbcode//antlir/antlir2/facebook/images/build_appliance/centos9:build-appliance.impl.layer buck-out/v2/art/fbcode/381139113463cae0/antlir/antlir2/facebook/images/build_appliance/centos9/__build-appliance.impl.layer__/compile/subvol_symlink fbcode//antlir/antlir2/facebook/images/build_appliance/centos9:rpm2extents buck-out/v2/art-anon/anon_msdk/2035dc5044ef1a7dantlir/antlir2/facebook/images/build_appliance/centos9/msdk/5c3efc3b28aadb5a/__rpm2extents__/extracted/rpm2extents fbcode//antlir/antlir2/facebook/images/build_appliance/centos9:rpm2extents.impl buck-out/v2/art/fbcode/381139113463cae0/antlir/antlir2/facebook/images/build_appliance/centos9/__rpm2extents.impl__/compile/subvol_symlink fbcode//antlir/antlir2/facebook/images/build_appliance/centos9:rpm2extents.impl.xar buck-out/v2/art/fbcode/381139113463cae0/antlir/antlir2/facebook/images/build_appliance/centos9/__rpm2extents.impl.xar__/rpm2extents.impl.xar ``` Reviewed By: justintrudell Differential Revision: D93776524 fbshipit-source-id: da5ecf56d8cc58959b395f39e13b8f10bb20fbc8
diff --git a/antlir/antlir2/antlir2_isolate/isolate_unshare/isolate_unshare_preexec/src/pid1.rs b/antlir/antlir2/antlir2_isolate/isolate_unshare/isolate_unshare_preexec/src/pid1.rs
@@ -96,7 +96,17 @@ async fn pid1_async(args: Pid1Args) -> Result<()> {
         )));
     }
 
-    let mut pid2 = pid2.spawn().context("while spawning pid2")?;
+    let mut pid2 = match pid2.spawn() {
+        Ok(pid2) => pid2,
+        Err(e) if e.kind() == std::io::ErrorKind::NotFound => {
+            return Err(Error::msg(format!(
+                "NotFound while spawning pid2 - is {} in the layer {} ?",
+                String::from_utf8_lossy(args.program.as_bytes()),
+                args.isolation.layer.display(),
+            )));
+        }
+        Err(e) => return Err(Error::from(e).context("while spawning pid2")),
+    };
     // I call this pid2, but it might not actually be 2, so grab it now
     let pid2_id = Pid::from_raw(pid2.id().context("while getting pid2 pid")? as i32);
     let pid2_wait = pid2.wait();
diff --git a/antlir/antlir2/antlir2_packager/BUCK b/antlir/antlir2/antlir2_packager/BUCK
@@ -59,18 +59,27 @@ rust_binary(
 feature.new(
     name = "build-appliance-features",
     features = [
-        feature.rpms_install(rpms = [
+        feature.package_install(subjects = [
             "cpio",
             "dosfstools",
             "e2fsprogs",
             "mtools",
-            "rpm-build",
-            "rpm-sign",
             "skopeo",
             "squashfs-tools",
             "zstd",
         ]),
         select({
+            "//antlir/antlir2/os/package_manager:package_manager[apt]": feature.apt_install(packages = [
+                "dpkg-dev",
+                "erofs-utils",
+            ]),
+            "DEFAULT": feature.rpms_install(rpms = [
+                "rpm-build",
+                "rpm-sign",
+            ]),
+        }),
+        select({
+            "//antlir/antlir2/os/package_manager:package_manager[apt]": None,
             "//antlir/antlir2/os:centos8": None,
             "//antlir/antlir2/os:rhel8": None,
             "//antlir/antlir2/os:rhel8.8": None,
@@ -87,6 +96,7 @@ feature.new(
     name = "btrfs-progs",
     features = internal_external(
         fb = [
+            feature.ensure_dirs_exist(dirs = "/usr/local/bin"),
             feature.install(
                 src = "fbsource//third-party/btrfs-progs:btrfs",
                 dst = "/usr/local/bin/btrfs",
@@ -100,7 +110,7 @@ feature.new(
                 dst = "/usr/local/bin/mkfs.btrfs",
             ),
         ],
-        oss = [feature.rpms_install(rpms = ["btrfs-progs"])],
+        oss = [feature.package_install(subjects = ["btrfs-progs"])],
     ),
     visibility = [],
 )
diff --git a/antlir/antlir2/build_appliance/BUCK b/antlir/antlir2/build_appliance/BUCK
@@ -7,14 +7,20 @@ feature.new(
     features = [
         # Ensure that we don't end up with upstream dnf repos that might
         # interfere with the snapshot
-        feature.remove(
-            must_exist = False,
-            path = "/etc/yum.repos.d",
-        ),
-        feature.remove(
-            must_exist = False,
-            path = "/etc/dnf/dnf.conf",
-        ),
+        select({
+            "//antlir/antlir2/os/package_manager:package_manager[apt]": None,
+            "DEFAULT": feature.remove(
+                must_exist = False,
+                path = "/etc/yum.repos.d",
+            ),
+        }),
+        select({
+            "//antlir/antlir2/os/package_manager:package_manager[apt]": None,
+            "DEFAULT": feature.remove(
+                must_exist = False,
+                path = "/etc/dnf/dnf.conf",
+            ),
+        }),
         feature.ensure_dirs_exist(dirs = "/__antlir2__"),
         feature.ensure_subdirs_exist(
             into_dir = "/__antlir2__",
@@ -32,7 +38,10 @@ feature.new(
             into_dir = "/__antlir2__",
             subdirs_to_create = "out",
         ),
-        "//antlir/antlir2/package_managers/dnf/build_appliance:features",
+        select({
+            "//antlir/antlir2/os/package_manager:package_manager[apt]": "//antlir/antlir2/package_managers/apt/build_appliance:features",
+            "DEFAULT": "//antlir/antlir2/package_managers/dnf/build_appliance:features",
+        }),
     ],
     visibility = [
         "PUBLIC",
diff --git a/antlir/antlir2/bzl/feature/defs.bzl b/antlir/antlir2/bzl/feature/defs.bzl
@@ -15,6 +15,7 @@ load("//antlir/antlir2/features/group:group.bzl", "group_add")
 load("//antlir/antlir2/features/hardlink:hardlink.bzl", "hardlink")
 load("//antlir/antlir2/features/install:install.bzl", "install", "install_text")
 load("//antlir/antlir2/features/mount:mount.bzl", "host_mount", "layer_mount")
+load("//antlir/antlir2/features/package_install:package_install.bzl", "package_install", "package_remove")
 load("//antlir/antlir2/features/remove:remove.bzl", "remove")
 load("//antlir/antlir2/features/requires:requires.bzl", "requires")
 load("//antlir/antlir2/features/rpm:rpm.bzl", "dnf_module_enable", "rpms_install", "rpms_remove", "rpms_remove_if_exists", "rpms_upgrade")
@@ -40,6 +41,8 @@ feature = struct(
     install_text = install_text,
     layer_mount = layer_mount,
     hardlink = hardlink,
+    package_install = package_install,
+    package_remove = package_remove,
     host_mount = host_mount,
     remove = remove,
     requires = requires,
diff --git a/antlir/antlir2/features/package_install/package_install.bzl b/antlir/antlir2/features/package_install/package_install.bzl
@@ -0,0 +1,36 @@
+# Copyright (c) Meta Platforms, Inc. and affiliates.
+#
+# This source code is licensed under the MIT license found in the
+# LICENSE file in the root directory of this source tree.
+
+load("//antlir/antlir2/features/apt:apt.bzl", "apt_install", "apt_remove")
+load("//antlir/antlir2/features/rpm:rpm.bzl", "rpms_install", "rpms_remove")
+
+def package_install(*, subjects: list[str]):
+    """
+    Install packages by name, automatically selecting the correct package
+    manager (apt or dnf) based on the OS configuration.
+
+    Elements in `subjects` are package names like `"bash"` or `"systemd"`.
+    """
+    return select({
+        "//antlir/antlir2/os/package_manager:package_manager[apt]": apt_install(packages = subjects),
+        "//antlir/antlir2/os/package_manager:package_manager[dnf5]": rpms_install(subjects = subjects),
+        "//antlir/antlir2/os/package_manager:package_manager[dnf]": rpms_install(subjects = subjects),
+        "DEFAULT": select_fail("cannot install packages without a package manager"),
+    })
+
+def package_remove(*, subjects: list[str]):
+    """
+    Remove packages by name, automatically selecting the correct package
+    manager (apt or dnf) based on the OS configuration.
+
+    Elements in `subjects` are package names. If a package is not installed,
+    this feature will fail.
+    """
+    return select({
+        "//antlir/antlir2/os/package_manager:package_manager[apt]": apt_remove(packages = subjects),
+        "//antlir/antlir2/os/package_manager:package_manager[dnf5]": rpms_remove(rpms = subjects),
+        "//antlir/antlir2/os/package_manager:package_manager[dnf]": rpms_remove(rpms = subjects),
+        "DEFAULT": select_fail("cannot remove packages without a package manager"),
+    })
diff --git a/antlir/antlir2/package_managers/apt/build_appliance/BUCK b/antlir/antlir2/package_managers/apt/build_appliance/BUCK
@@ -0,0 +1,20 @@
+load("//antlir/antlir2/bzl/feature:defs.bzl", "feature")
+
+oncall("antlir")
+
+feature.new(
+    name = "features",
+    features = [
+        feature.apt_install(packages = [
+            "apt",
+            "base-files",
+            "dpkg",
+            "mount",
+            "python3",
+            "python3-apt",
+        ]),
+    ],
+    visibility = [
+        "//antlir/antlir2/build_appliance:features",
+    ],
+)
