Revert "Support SONiC Reproduceable Build-debian/pip/web packages (#5718

)"

This reverts commit 55a7075.

.gitignore

@@ -61,10 +61,3 @@ platform/broadcom/sonic-platform-modules-dell/s6100/modules/dell_s6100_lpc.c
 platform/broadcom/sonic-platform-modules-dell/z9100/modules/dell_ich.c
 platform/broadcom/sonic-platform-modules-dell/z9100/modules/dell_mailbox.c
 platform/broadcom/sonic-platform-modules-dell/z9264f/sonic_platform/ipmihelper.py
-
-# buildinfo
-files/build/buildinfo
-files/build/tmp
-dockers/**/buildinfo
-platform/**/buildinfo
-sonic-slave*/**/buildinfo

Makefile

@@ -38,7 +38,3 @@ ifeq ($(NOSTRETCH), 0)
 	BLDENV=stretch make -f Makefile.work $@
 endif
 	BLDENV=buster make -f Makefile.work $@
-
-# Freeze the versions, see more detail options: scripts/versions_manager.py freeze -h
-freeze:
-	@scripts/versions_manager.py freeze $(FREEZE_VERSION_OPTIONS)

Makefile.work

@@ -89,24 +89,11 @@ else
 SLAVE_DIR = sonic-slave-jessie
 endif
 
-include rules/config
-
+SLAVE_BASE_TAG = $(shell CONFIGURED_ARCH=$(CONFIGURED_ARCH) j2 $(SLAVE_DIR)/Dockerfile.j2 > $(SLAVE_DIR)/Dockerfile && sha1sum $(SLAVE_DIR)/Dockerfile | awk '{print substr($$1,0,11);}')
+SLAVE_TAG = $(shell cat $(SLAVE_DIR)/Dockerfile.user $(SLAVE_DIR)/Dockerfile | sha1sum | awk '{print substr($$1,0,11);}')
 SLAVE_BASE_IMAGE = $(SLAVE_DIR)
 SLAVE_IMAGE = $(SLAVE_BASE_IMAGE)-$(USER)
 
-# Generate the version control build info
-$(shell SONIC_VERSION_CONTROL_COMPONENTS=$(SONIC_VERSION_CONTROL_COMPONENTS) \
-    TRUSTED_GPG_URLS=$(TRUSTED_GPG_URLS) PACKAGE_URL_PREFIX=$(PACKAGE_URL_PREFIX) \
-    scripts/generate_buildinfo_config.sh)
-
-# Generate the slave Dockerfile, and prepare build info for it
-$(shell CONFIGURED_ARCH=$(CONFIGURED_ARCH) j2 $(SLAVE_DIR)/Dockerfile.j2 > $(SLAVE_DIR)/Dockerfile)
-$(shell BUILD_SLAVE=y scripts/prepare_docker_buildinfo.sh $(SLAVE_BASE_IMAGE) $(SLAVE_DIR)/Dockerfile $(CONFIGURED_ARCH) "" $(BLDENV))
-
-# Add the versions in the tag, if the version change, need to rebuild the slave
-SLAVE_BASE_TAG = $(shell cat $(SLAVE_DIR)/Dockerfile $(SLAVE_DIR)/buildinfo/versions/versions-* | sha1sum | awk '{print substr($$1,0,11);}')
-SLAVE_TAG = $(shell cat $(SLAVE_DIR)/Dockerfile.user $(SLAVE_DIR)/Dockerfile $(SLAVE_DIR)/buildinfo/versions/versions-* | sha1sum | awk '{print substr($$1,0,11);}')
-
 OVERLAY_MODULE_CHECK := \
     lsmod | grep -q "^overlay " &>/dev/null || \
     zgrep -q 'CONFIG_OVERLAY_FS=y' /proc/config.gz &>/dev/null || \
@@ -131,6 +118,8 @@ DOCKER_RUN := docker run --rm=true --privileged --init \
     -i$(if $(TERM),t,) \
     $(SONIC_BUILDER_EXTRA_CMDLINE)
 
+include rules/config
+
 ifneq ($(DOCKER_BUILDER_USER_MOUNT),)
 	DOCKER_RUN += $(foreach mount,$(subst $(comma), ,$(DOCKER_BUILDER_USER_MOUNT)), $(addprefix -v , $(mount)))
 endif
@@ -229,7 +218,6 @@ SONIC_BUILD_INSTRUCTION :=  make \
                            EXTRA_DOCKER_TARGETS=$(EXTRA_DOCKER_TARGETS) \
                            BUILD_LOG_TIMESTAMP=$(BUILD_LOG_TIMESTAMP) \
                            SONIC_ENABLE_IMAGE_SIGNATURE=$(ENABLE_IMAGE_SIGNATURE) \
-                           SLAVE_DIR=$(SLAVE_DIR) \
                            $(SONIC_OVERRIDE_BUILD_VARS)
 
 .PHONY: sonic-slave-build sonic-slave-bash init reset
@@ -246,35 +234,27 @@ endif
 endif
 	@$(OVERLAY_MODULE_CHECK)
 
-	@pushd src/sonic-build-hooks; TRUSTED_GPG_URLS=$(TRUSTED_GPG_URLS) make all; popd
-	@cp src/sonic-build-hooks/buildinfo/sonic-build-hooks* $(SLAVE_BASE_IMAGE)/buildinfo
 	@docker inspect --type image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) &> /dev/null || \
 	    { echo Image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) not found. Building... ; \
-	    $(DOCKER_BASE_BUILD) ; \
-	    scripts/collect_docker_version_files.sh $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) target ; }
+	    $(DOCKER_BASE_BUILD) ; }
 	@docker inspect --type image $(SLAVE_IMAGE):$(SLAVE_TAG) &> /dev/null || \
 	    { echo Image $(SLAVE_IMAGE):$(SLAVE_TAG) not found. Building... ; \
 	    $(DOCKER_BUILD) ; }
 ifeq "$(KEEP_SLAVE_ON)" "yes"
     ifdef SOURCE_FOLDER
-		@$(DOCKER_RUN) -v $(SOURCE_FOLDER):/var/$(USER)/src $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_BUILD_INSTRUCTION) $@; scripts/collect_build_version_files.sh \$$?; /bin/bash"
+		@$(DOCKER_RUN) -v $(SOURCE_FOLDER):/var/$(USER)/src $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_BUILD_INSTRUCTION) $@; /bin/bash"
     else
-		@$(DOCKER_RUN) $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_BUILD_INSTRUCTION) $@; scripts/collect_build_version_files.sh \$$?; /bin/bash"
+		@$(DOCKER_RUN) $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_BUILD_INSTRUCTION) $@; /bin/bash"
     endif
 else
-	@$(DOCKER_RUN) $(SLAVE_IMAGE):$(SLAVE_TAG) bash -c "$(SONIC_BUILD_INSTRUCTION) $@; scripts/collect_build_version_files.sh \$$?"
+	@$(DOCKER_RUN) $(SLAVE_IMAGE):$(SLAVE_TAG) $(SONIC_BUILD_INSTRUCTION) $@
 endif
 
-sonic-build-hooks:
-	@pushd src/sonic-build-hooks; TRUSTED_GPG_URLS=$(TRUSTED_GPG_URLS) make all; popd
-	@cp src/sonic-build-hooks/buildinfo/sonic-build-hooks* $(SLAVE_BASE_IMAGE)/buildinfo
-
-sonic-slave-base-build : sonic-build-hooks
+sonic-slave-base-build :
 	@$(OVERLAY_MODULE_CHECK)
 	@docker inspect --type image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) &> /dev/null || \
 	    { echo Image $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) not found. Building... ; \
-	    $(DOCKER_BASE_BUILD) ; \
-	    scripts/collect_docker_version_files.sh $(SLAVE_BASE_IMAGE):$(SLAVE_BASE_TAG) target ; }
+	    $(DOCKER_BASE_BUILD) ; }
 
 sonic-slave-build : sonic-slave-base-build
 	@docker inspect --type image $(SLAVE_IMAGE):$(SLAVE_TAG) &> /dev/null || \

build_debian.sh

@@ -40,8 +40,6 @@ PLATFORM_DIR=platform
 ## Hostname for the linux image
 HOSTNAME=sonic
 DEFAULT_USERINFO="Default admin user,,,"
-BUILD_TOOL_PATH=src/sonic-build-hooks/buildinfo
-TRUSTED_GPG_DIR=$BUILD_TOOL_PATH/trusted.gpg.d
 
 ## Read ONIE image related config file
 . ./onie-image.conf
@@ -72,12 +70,16 @@ pushd $FILESYSTEM_ROOT
 sudo mount --bind . .
 popd
 
-## Build the host debian base system
-echo '[INFO] Build host debian base system...'
-TARGET_PATH=$TARGET_PATH scripts/build_debian_base_system.sh $CONFIGURED_ARCH $IMAGE_DISTRO $FILESYSTEM_ROOT
-
-# Prepare buildinfo
-sudo scripts/prepare_debian_image_buildinfo.sh $CONFIGURED_ARCH $IMAGE_DISTRO $FILESYSTEM_ROOT $http_proxy
+## Build a basic Debian system by debootstrap
+echo '[INFO] Debootstrap...'
+if [[ $CONFIGURED_ARCH == armhf || $CONFIGURED_ARCH == arm64 ]]; then
+    # qemu arm bin executable for cross-building
+    sudo mkdir -p $FILESYSTEM_ROOT/usr/bin
+    sudo cp /usr/bin/qemu*static $FILESYSTEM_ROOT/usr/bin || true
+    sudo http_proxy=$http_proxy debootstrap --variant=minbase --arch $CONFIGURED_ARCH $IMAGE_DISTRO $FILESYSTEM_ROOT http://deb.debian.org/debian
+else
+    sudo http_proxy=$http_proxy debootstrap --variant=minbase --arch $CONFIGURED_ARCH $IMAGE_DISTRO $FILESYSTEM_ROOT http://debian-archive.trafficmanager.net/debian
+fi
 
 ## Config hostname and hosts, otherwise 'sudo ...' will complain 'sudo: unable to resolve host ...'
 sudo LANG=C chroot $FILESYSTEM_ROOT /bin/bash -c "echo '$HOSTNAME' > /etc/hostname"
@@ -98,9 +100,6 @@ echo '[INFO] Mount all'
 ## Output all the mounted device for troubleshooting
 sudo LANG=C chroot $FILESYSTEM_ROOT mount
 
-## Install the trusted gpg public keys
-[ -d $TRUSTED_GPG_DIR ] && [ ! -z "$(ls $TRUSTED_GPG_DIR)" ] && sudo cp $TRUSTED_GPG_DIR/* ${FILESYSTEM_ROOT}/etc/apt/trusted.gpg.d/
-
 ## Pointing apt to public apt mirrors and getting latest packages, needed for latest security updates
 sudo cp files/apt/sources.list.$CONFIGURED_ARCH $FILESYSTEM_ROOT/etc/apt/sources.list
 sudo cp files/apt/apt.conf.d/{81norecommends,apt-{clean,gzip-indexes,no-languages},no-check-valid-until} $FILESYSTEM_ROOT/etc/apt/apt.conf.d/
@@ -585,8 +584,6 @@ sudo du -hsx $FILESYSTEM_ROOT
 sudo mkdir -p $FILESYSTEM_ROOT/var/lib/docker
 sudo mksquashfs $FILESYSTEM_ROOT $FILESYSTEM_SQUASHFS -e boot -e var/lib/docker -e $PLATFORM_DIR
 
-scripts/collect_host_image_version_files.sh $TARGET_PATH $FILESYSTEM_ROOT
-
 ## Compress docker files
 pushd $FILESYSTEM_ROOT && sudo tar czf $OLDPWD/$FILESYSTEM_DOCKERFS -C ${DOCKERFS_PATH}var/lib/docker .; popd
 

dockers/docker-base-buster/sources.list

@@ -6,8 +6,3 @@ deb-src [arch=amd64] http://debian-archive.trafficmanager.net/debian/ buster mai
 deb [arch=amd64] http://debian-archive.trafficmanager.net/debian-security/ buster/updates main contrib non-free
 deb-src [arch=amd64] http://debian-archive.trafficmanager.net/debian-security/ buster/updates main contrib non-free
 deb [arch=amd64] http://debian-archive.trafficmanager.net/debian/ buster-backports main contrib non-free
-
-# Debian mirror supports multiple versions for a package
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian buster main contrib non-free
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian buster-updates main contrib non-free
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian buster-backports main contrib non-free

dockers/docker-base-buster/sources.list.arm64

@@ -6,6 +6,3 @@ deb-src [arch=arm64] http://deb.debian.org/debian buster main contrib non-free
 deb [arch=arm64] http://security.debian.org buster/updates main contrib non-free
 deb-src [arch=arm64] http://security.debian.org buster/updates main contrib non-free
 deb [arch=arm64] http://deb.debian.org/debian/ buster-backports main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian buster main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian buster-updates main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian buster-backports main contrib non-free

dockers/docker-base-buster/sources.list.armhf

@@ -6,6 +6,3 @@ deb-src [arch=armhf] http://deb.debian.org/debian buster main contrib non-free
 deb [arch=armhf] http://security.debian.org buster/updates main contrib non-free
 deb-src [arch=armhf] http://security.debian.org buster/updates main contrib non-free
 deb [arch=armhf] http://deb.debian.org/debian/ buster-backports main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian buster main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian buster-updates main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian buster-backports main contrib non-free

dockers/docker-base-stretch/sources.list

@@ -6,6 +6,3 @@ deb-src [arch=amd64] http://debian-archive.trafficmanager.net/debian/ stretch ma
 deb [arch=amd64] http://debian-archive.trafficmanager.net/debian-security/ stretch/updates main contrib non-free
 deb-src [arch=amd64] http://debian-archive.trafficmanager.net/debian-security/ stretch/updates main contrib non-free
 deb [arch=amd64] http://debian-archive.trafficmanager.net/debian/ stretch-backports main contrib non-free
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian stretch main contrib non-free
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian stretch-updates main contrib non-free
-deb [arch=amd64] http://packages.trafficmanager.net/debian/debian stretch-backports main contrib non-free

dockers/docker-base-stretch/sources.list.arm64

@@ -6,6 +6,3 @@ deb-src [arch=arm64] http://deb.debian.org/debian stretch main contrib non-free
 deb [arch=arm64] http://security.debian.org stretch/updates main contrib non-free
 deb-src [arch=arm64] http://security.debian.org stretch/updates main contrib non-free
 deb [arch=arm64] http://deb.debian.org/debian/ stretch-backports main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian stretch main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian stretch-updates main contrib non-free
-deb [arch=arm64] http://packages.trafficmanager.net/debian/debian stretch-backports main contrib non-free

dockers/docker-base-stretch/sources.list.armhf

@@ -6,6 +6,3 @@ deb-src [arch=armhf] http://deb.debian.org/debian stretch main contrib non-free
 deb [arch=armhf] http://security.debian.org stretch/updates main contrib non-free
 deb-src [arch=armhf] http://security.debian.org stretch/updates main contrib non-free
 deb [arch=armhf] http://deb.debian.org/debian/ stretch-backports main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian stretch main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian stretch-updates main contrib non-free
-deb [arch=armhf] http://packages.trafficmanager.net/debian/debian stretch-backports main contrib non-free

rules/config

@@ -162,20 +162,3 @@ K8s_GCR_IO_PAUSE_VERSION = 3.2
 #     CA_CERT =
 # The relative path is build root folder.
 SONIC_ENABLE_IMAGE_SIGNATURE ?= n
-
-# PACKAGE_URL_PREFIX - the package url prefix
-PACKAGE_URL_PREFIX ?= https://packages.trafficmanager.net/public/packages
-
-# TRUSTED_GPG_URLS - the trusted gpgs, separated by comma
-TRUSTED_GPG_URLS = https://packages.trafficmanager.net/debian/public_key.gpg,https://packages.microsoft.com/keys/microsoft.asc
-
-# SONIC_VERSION_CONTROL_COMPONENTS - Valid values: none|all|components..., the components consist of one or multiple: deb,py2,py3,web,git,docker, seperated by comma
-#   none  : disable the version control
-#   all   : enable the version control for all components
-#   deb   : debian packages
-#   py2   : python2 packages
-#   py3   : python3 pakcages
-#   web   : web packages, downloaded by wget, curl
-#   git   : git repositories, donloaded by git clone
-#   docker: docker base images
-SONIC_VERSION_CONTROL_COMPONENTS ?= none