From 98190139cfbb869564992546c0f43ccd873d3c2d Mon Sep 17 00:00:00 2001
From: Matthew Thode <mthode@mthode.org>
Date: Thu, 21 Dec 2023 12:55:42 -0600
Subject: [PATCH] gentoo: don't uninstall packages that aren't installed

I380b9638cd28f5771530089c558ef5ab638c0173 introduced a bug where it
would ask for cloud-init to be uninstalled even if the package was
already not installed.  We handle that here by filtering the uninstall
list down to only packages that are already installed.

One drawback to this filtering is that if it's not presented with a list
of category/packagename formated packages it can result in false
positives (failing to remove).  This type of behavior was always an
issue for install as well, for instance acct-user/puppet and
app-admin/puppet both have the puppet package name but different
categories.

also fixes root.d to download the images again

also also uses the merged-usr profile for systemd
https://www.gentoo.org/support/news-items/2022-12-01-systemd-usrmerge.html

Change-Id: Ib67aa91c64be2fcc7d9df324918edfc080237528
Signed-off-by: Matthew Thode <mthode@mthode.org>
---
 .zuul.d/jobs.yaml                             |  2 +-
 .../elements/gentoo/bin/install-packages      | 16 ++++++++++++--
 .../elements/gentoo/root.d/10-gentoo-image    | 22 +++++++++----------
 3 files changed, 26 insertions(+), 14 deletions(-)

diff --git a/.zuul.d/jobs.yaml b/.zuul.d/jobs.yaml
index 3e4581beb..1d9226d48 100644
--- a/.zuul.d/jobs.yaml
+++ b/.zuul.d/jobs.yaml
@@ -232,7 +232,7 @@
         base_element: gentoo
         release: ''
         env-vars:
-          GENTOO_PROFILE: 'default/linux/amd64/17.1/systemd'
+          GENTOO_PROFILE: 'default/linux/amd64/17.1/systemd/merged-usr'
 
 - job:
     name: dib-nodepool-functional-openstack-debian-stretch-src
diff --git a/diskimage_builder/elements/gentoo/bin/install-packages b/diskimage_builder/elements/gentoo/bin/install-packages
index f2cb599ed..ea19ffe1e 100755
--- a/diskimage_builder/elements/gentoo/bin/install-packages
+++ b/diskimage_builder/elements/gentoo/bin/install-packages
@@ -126,8 +126,20 @@ else
         if [[ ! -f ${PORTDIR}/profiles ]]; then
             emerge-webrsync -q
         fi
-        install_gentoo_packages -C "${PKGS}"
+        # remove packages from uninstall list that are not already installed
+        # this can result in false positives if not presented with full category/package names
+        CLEANED_PKGS=()
+        for PKG in ${PKGS}; do
+            # the '^' and '$' in the search query are important so we don't get matched to
+            # packages that include our package name as part of their package name
+            if [ ! emerge --search "^${PKG}$" | grep -q 'Not Installed' ]; then
+                CLEANED_PKGS+=("${PKG}")
+            fi
+        done
+        if [ ${#CLEANED_PKGS[@]} -ne 0 ]; then
+            install_gentoo_packages -C "${CLEANED_PKGS[@]}"
+        fi
     else
-        echo 'something when really wrong, install action is not install or remove'
+        echo 'something went really wrong, install action is not install or remove'
     fi
 fi
diff --git a/diskimage_builder/elements/gentoo/root.d/10-gentoo-image b/diskimage_builder/elements/gentoo/root.d/10-gentoo-image
index bad16bede..456e44c69 100755
--- a/diskimage_builder/elements/gentoo/root.d/10-gentoo-image
+++ b/diskimage_builder/elements/gentoo/root.d/10-gentoo-image
@@ -45,24 +45,24 @@ elif [[ "${GENTOO_PROFILE}" == "default/linux/amd64/17.1/no-multilib/hardened" ]
 elif [[ "${GENTOO_PROFILE}" == "default/linux/amd64/17.0/musl/hardened" ]]; then
     FILENAME_BASE='amd64_gentoo-stage3-hardened-musl'
     SIGNED_SOURCE_SUFFIX='-musl-hardened'
-elif [[ "${GENTOO_PROFILE}" == "default/linux/amd64/17.1/systemd" ]]; then
-    FILENAME_BASE='amd64_gentoo-stage3-systemd'
-    SIGNED_SOURCE_SUFFIX='-systemd'
-elif [[ "${GENTOO_PROFILE}" == "default/linux/arm64/17.1" ]]; then
+elif [[ "${GENTOO_PROFILE}" == "default/linux/amd64/17.1/systemd/merged-usr" ]]; then
+    FILENAME_BASE='amd64_gentoo-stage3-systemd-mergedusr'
+    SIGNED_SOURCE_SUFFIX='-systemd-mergedusr'
+elif [[ "${GENTOO_PROFILE}" == "default/linux/arm64/17.0" ]]; then
     FILENAME_BASE='arm64_gentoo-stage3'
     SIGNED_SOURCE_SUFFIX=''
-elif [[ "${GENTOO_PROFILE}" == "default/linux/arm64/17.1/systemd" ]]; then
-    FILENAME_BASE='arm64_gentoo-stage3-systemd'
-    SIGNED_SOURCE_SUFFIX='-systemd'
+elif [[ "${GENTOO_PROFILE}" == "default/linux/arm64/17.0/systemd/merged-usr" ]]; then
+    FILENAME_BASE='arm64_gentoo-stage3-systemd-mergedusr'
+    SIGNED_SOURCE_SUFFIX='-systemd-mergedusr'
 else
     echo 'invalid profile, please select from the following profiles'
     echo 'default/linux/amd64/17.1'
     echo 'default/linux/amd64/17.1/no-multilib'
     echo 'default/linux/amd64/17.1/hardened'
     echo 'default/linux/amd64/17.1/no-multilib/hardened'
-    echo 'default/linux/amd64/17.1/systemd'
-    echo 'default/linux/arm64/17.1'
-    echo 'default/linux/arm64/17.1/systemd'
+    echo 'default/linux/amd64/17.1/systemd/merged-usr'
+    echo 'default/linux/arm64/17.0'
+    echo 'default/linux/arm64/17.0/systemd/merged-usr'
     exit 1
 fi
 
@@ -72,7 +72,7 @@ elif [[ "${GENTOO_PROFILE}" == *'arm64'* ]]; then
     ARCH_PATH='arm64'
 fi
 DIB_CLOUD_SOURCE=${DIB_CLOUD_SOURCE:-"http://distfiles.gentoo.org/releases/${ARCH_PATH}/autobuilds/latest-stage3-${ARCH_PATH}${SIGNED_SOURCE_SUFFIX}.txt"}
-BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-"http://distfiles.gentoo.org/releases/${ARCH_PATH}/autobuilds/$(curl "${DIB_CLOUD_SOURCE}" -s -f | tail -n 1 | cut -d\  -f 1)"}
+BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-"http://distfiles.gentoo.org/releases/${ARCH_PATH}/autobuilds/$(curl "${DIB_CLOUD_SOURCE}" -s -f | grep -B1 'BEGIN PGP SIGNATURE' | head -n 1 | cut -d\  -f 1)"}
 BASE_IMAGE_FILE_SUFFIX=${BASE_IMAGE_FILE_SUFFIX:-"$(basename "${BASE_IMAGE_FILE}" | cut -d. -f 2,3)"}
 SIGNATURE_FILE="${SIGNATURE_FILE:-${BASE_IMAGE_FILE}.asc}"
 CACHED_FILE="${DIB_IMAGE_CACHE}/${FILENAME_BASE}.${BASE_IMAGE_FILE_SUFFIX}"