Want variant-specific package lists for Live Build

[basil]

There currently exist two ways to install packages:

• Add a package to a Live Build package list in live-build/config/package-lists, where it will be processed by Live Build in an environment where /proc is mounted. Such package lists apply to all variants.
• Add a package to a role referenced by an Ansible playbook in live-build/variants/${VARIANT}/ansible, where it will be processed by Ansible in an environment where /proc is not mounted. Such Ansible playbooks apply to specific variants.

As discovered in #576, some packages (notably ca-certificates-java) require /proc to be mounted during installation, and those packages must be installed in some variants (notably internal-dcenter, to provide Java 11 support for Jenkins agents) and not others (notably internal-dev, internal-qa, and external-standard, which are designed to support products that use Java 8 and are incompatible with Java 11).

No infrastructure currently exists to support this use case. The solution is to enhance appliance-build's build to support variant-specific package lists (just as it already supports variant-specific Ansible playbooks) and plumb those through to Live Build alongside the existing package lists that apply to all variants.

A possible design would be to introduce variant-specific package lists in e.g. live-build/variants/${VARIANT}/package-lists, updating scripts/run-live-build.sh to merge them with the existing package lists that apply to all variants and plumb through the result to Live Build.

[pzakha]

Add a package to a Live Build package list in live-build/config/package-lists, where it will be processed by Live Build in an environment where /proc is mounted. Such package lists apply to all variants.

As an alternative, we could perhaps also just mount /proc when processing the ansible scripts.

For reference you can see what you are doing in set_bootfs_not_mounted() in upgrade/upgrade-scripts/rootfs-container.
The ansible scripts are launched from live-build/config/hooks/configuration/80-build-configuration.binary, so perhaps we could just do:

mount --rbind /proc binary/proc
mount --make-rslave binary/proc

ansible-playbook -vv -c chroot -i binary, ansible/playbook.yml

umount -R binary/proc

[basil]

As an alternative, we could perhaps also just mount /proc when processing the ansible scripts.

Filed #583. If this issue is fixed, then #583 can be closed. If #583 is fixed, then this issue can be closed.

[prakashsurya]

If we did this, and stopped installing packages via Ansible, that'd likely address DLPX-76872 bug too. IMO, it's a bit awkward how we install delphix-platform first, and then install other packages via Ansible, rather than installing all packages for a given variant via the package list(s).