sonic-net · mssonicbld · Mar 12, 2025 · Mar 11, 2025
@@ -391,6 +391,12 @@ sudo LANG=C DEBIAN_FRONTEND=noninteractive chroot $FILESYSTEM_ROOT apt-get -y in
     zstd                    \
     nvme-cli
 
+sudo cp files/initramfs-tools/pzstd $FILESYSTEM_ROOT/etc/initramfs-tools/hooks/pzstd
+sudo chmod +x $FILESYSTEM_ROOT/etc/initramfs-tools/hooks/pzstd
+
+sudo cp files/initramfs-tools/file $FILESYSTEM_ROOT/etc/initramfs-tools/hooks/file
+sudo chmod +x $FILESYSTEM_ROOT/etc/initramfs-tools/hooks/file
+
 # Have systemd create the auditd log directory
 sudo mkdir -p ${FILESYSTEM_ROOT}/etc/systemd/system/auditd.service.d
 sudo tee ${FILESYSTEM_ROOT}/etc/systemd/system/auditd.service.d/log-directory.conf >/dev/null <<EOF
@@ -851,7 +857,11 @@ if [[ $MULTIARCH_QEMU_ENVIRON == y || $CROSS_BUILD_ENVIRON == y ]]; then
 fi
 
 ## Compress docker files
-pushd $FILESYSTEM_ROOT && sudo tar -I pigz -cf $OLDPWD/$FILESYSTEM_DOCKERFS -C ${DOCKERFS_PATH}var/lib/docker .; popd
+if [ "$BUILD_REDUCE_IMAGE_SIZE" = "y" ]; then
+    pushd $FILESYSTEM_ROOT && sudo tar -I pzstd -cf $OLDPWD/$FILESYSTEM_DOCKERFS -C ${DOCKERFS_PATH}var/lib/docker .; popd
+else
+    pushd $FILESYSTEM_ROOT && sudo tar -I pigz -cf $OLDPWD/$FILESYSTEM_DOCKERFS -C ${DOCKERFS_PATH}var/lib/docker .; popd
+fi
 
 ## Compress together with /boot, /var/lib/docker and $PLATFORM_DIR as an installer payload zip file
 pushd $FILESYSTEM_ROOT && sudo tar -I pigz -cf platform.tar.gz -C $PLATFORM_DIR . && sudo zip -n .gz $OLDPWD/$INSTALLER_PAYLOAD -r boot/ platform.tar.gz; popd

@@ -15,7 +15,11 @@ image_dir=image-$image_version
 
 INSTALLER_PAYLOAD=fs.zip
 DOCKERFS_DIR=docker
+{% if BUILD_REDUCE_IMAGE_SIZE == "y" -%}
+FILESYSTEM_DOCKERFS=dockerfs.tar.zstd
+{%- else -%}
 FILESYSTEM_DOCKERFS=dockerfs.tar.gz
+{%- endif %}
 BL_CONF=boot.conf
 
 DATA_PARTUUID=6ED62003-DD8D-44B8-9538-0A2B7C7E628F

@@ -0,0 +1,18 @@
+#!/bin/sh
+set -e
+PREREQ=""
+prereqs() {
+    echo "$PREREQ"
+}
+case "$1" in
+    prereqs)
+        prereqs
+        exit 0
+        ;;
+esac
+. /usr/share/initramfs-tools/hook-functions
+# Include file binary
+copy_exec /usr/bin/file /usr/bin
+# Include magic database
+copy_exec /usr/lib/file/magic.mgc /etc
+exit 0
@@ -0,0 +1,16 @@
+#!/bin/sh
+set -e
+PREREQ=""
+prereqs() {
+    echo "$PREREQ"
+}
+case "$1" in
+    prereqs)
+        prereqs
+        exit 0
+        ;;
+esac
+. /usr/share/initramfs-tools/hook-functions
+# Include pzstd binary
+copy_exec /usr/bin/pzstd /usr/bin
+exit 0
@@ -130,9 +130,15 @@ extract_dockerfs()
 {
     echo "Extracting {{ FILESYSTEM_DOCKERFS }}"
     if [ -f "${rootmnt}/host/$image_dir/{{ FILESYSTEM_DOCKERFS }}" ] && [ "$secureboot" = false ]; then
-        # Extract dockerfs.tar.gz into /var/lib/docker unless the system booted with secureboot
-        # In secureboot dockerfs.tar.gz cannot be trusted as it does not have a signature
-        tar xz --numeric-owner -f ${rootmnt}/host/$image_dir/{{ FILESYSTEM_DOCKERFS }} -C ${rootmnt}/var/lib/docker
+        # Check if the file is zstd compressed
+        file_type=$(file -b --mime-type "${rootmnt}/host/$image_dir/{{ FILESYSTEM_DOCKERFS }}")
+        if [ "$file_type" = "application/zstd" ]; then
+            echo "Detected zstd compression, extracting with pzstd..."
+            pzstd -d -q ${rootmnt}/host/$image_dir/{{ FILESYSTEM_DOCKERFS }} -c | tar x --numeric-owner -C ${rootmnt}/var/lib/docker
+        else
+            echo "Using default extraction method (gzip assumed)..."
+            tar xz --numeric-owner -f "${rootmnt}/host/$image_dir/{{ FILESYSTEM_DOCKERFS }}" -C "${rootmnt}/var/lib/docker"
+        fi
     elif [ "$bootloader" = "aboot" ] && unzip -l "$swi_path" | grep -q {{ FILESYSTEM_DOCKERFS }}; then
         # Aboot swi images also support extracting dockerfs.tar.gz directly from them
         unzip -qp "$swi_path" {{ FILESYSTEM_DOCKERFS }} | tar xz --numeric-owner -C ${rootmnt}/var/lib/docker