Wolfi's packages are built using melange, and development assumes a working knowledge of building packages with melange.
The most straightforward way to begin building packages is with docker.
The Wolfi team keeps up to date SDK images with the core tools used by Wolfi (melange, apko, wolfictl, etc...). The full list is available here.
The example below uses the general sdk image.
# create a local development melange signing key
docker run -v $(pwd):/src --entrypoint=melange ghcr.io/wolfi-dev/sdk keygen /src/local-melange.rsa
# build a package
docker run --privileged -v "$PWD":/work --entrypoint=melange --workdir=/work ghcr.io/wolfi-dev/sdk build --keyring-append local-melange.rsa.pub --keyring-append https://packages.wolfi.dev/os/wolfi-signing.rsa.pub --signing-key local-melange.rsa --repository-append https://packages.wolfi.dev/os --repository-append /work/packages --empty-workspace --arch x86_64 $packageNote that
--privilegedis needed bymelangeto spawn containers that isolate the build process. See the build-process for more reference.
For those in the VSCode ecosystem, a devcontainer is provided that leverages the same sdk image its the base.
The provided devcontainer supports:
- developing in a local container
- developing in a remote container (via docker's supported remote protocols)
- developing in a remote codespace
The devcontainer approach is handy for those wanting to jump directly into packaging, without worrying about configuring or tainting their existing environment. Additionally, since some packages take a while to build, it can be helpful for setting up beefy remote development machines quickly.
Some packages take a hot second to build, and can be greatly improved by using beefier machines. To aid with that use case, the devcontainer setup supports using remote docker runtimes.
The development setup is known to work on GCP's ContainerOS, which comes preinstalled with docker, which we'll use in unison with ssh to access the remote runtime.
# Create a COS compute instance
gcloud compute instances create wolfi-os-dev \
--image-project cos-cloud --image-family cos-101-lts \
--zone us-central1-b \
--machine-type c3-highcpu-176
# Get the instance id
INSTANCE_ID=gcloud compute instances list --format "json(id)" --filter "name=packager-relaxing-bat" | jq -er '.[].id'
# Fetch the ssh equivalent of gcloud's IAP ssh helper command
gcloud compute ssh --zone "us-central1-b" "packager-relaxing-bat" --tunnel-through-iap --dry-run
# Use vscodes helper command to translate this into your ssh configuration
# Ensure you only copy the "ssh ..." portion, not the full path to `ssh`
# >Remote-SSH: Add New SSH Host
# Create and use a new docker context associated with
docker context create remote-wolfi-os-dev --docker "host=ssh://compute.${INSTANCE_ID}"From there, initialize the dev container as you would for a local setup. The connection will respect the current docker context, and spawn the container on the remote machine.
Collection of random FAQs that may or may not be helpful when dealing with everyday os development and maintenance.
Q: How do I bump the epoch of all packages that depend on a certain package?
A: Any of the following should work:
# Bump the epoch of all packages that depend on the latest version of go
grep -l " - go$" *.yaml | xargs wolfictl bump