Building in a Container

The kas-container script is a wrapper to run kas inside a build container. It gives fine grained control over the data that is mapped into the build and decouples the build environment from the host system. For details, see Environment Variables. The wrapper also takes care of mounting the necessary directories and setting up the environment variables inside the container.

Note

The kas-container script has limited support for Git worktrees. Regular Git operations on the checked-out repository are supported. However, executing any git worktree ... command inside the container is not allowed.

By default kas-container uses the official images provided by the kas project: ghcr.io/siemens/kas/kas[-isar]:<version>. To specify your own image set the KAS_CONTAINER_IMAGE environment variable. As container backends, Docker and Podman are supported. To force the use of podman over docker, set KAS_CONTAINER_ENGINE=podman. For details, see Environment Variables.

Synopsis

kas-container [OPTIONS] { build | shell } [KASOPTIONS] [KASFILE]

kas-container [OPTIONS] { checkout | dump | lock } [KASOPTIONS] [KASFILE]

kas-container [OPTIONS] for-all-repos [KASOPTIONS] [KASFILE] COMMAND

kas-container [OPTIONS] { clean | cleansstate | cleanall } [KASFILE]

kas-container [OPTIONS] menu [KCONFIG]

kas-container Commands

build:

Check out repositories and build target.

checkout:

Check out repositories but do not build.

dump:

Check out repositories and write flat version of config to stdout.

lock:

Create and update kas project lockfiles

shell:

Run a shell in the build environment.

for-all-repos:

Run specified command in each repository.

clean:

Clean build artifacts, keep sstate cache and downloads.

cleansstate:

Clean build artifacts and sstate cache, keep downloads.

cleanall:

Clean build artifacts, sstate cache and downloads.

menu:

Provide configuration menu and trigger configured build.

Options

--isar

Use kas-isar container to build Isar image.

--with-loop-dev

Pass a loop device to the container. Only required if loop-mounting is used by recipes.

--runtime-args

Additional arguments to pass to the container runtime for running the build.

-l, --log-level

Set log level (default=info).

--version

print program version.

--ssh-dir

Directory containing SSH configurations. Avoid $HOME/.ssh unless you fully trust the container.

--ssh-agent

Forward ssh-agent socket to the container.

--aws-dir

Directory containing AWScli configuration.

--git-credential-store

File path to the git credential store

--no-proxy-from-env

Do not inherit proxy settings from environment.

--repo-ro

Mount current repository read-only (default for build command)

--repo-rw

Mount current repository writeable (default for shell command)

-h, --help

Show this help message and exit.