diff --git a/cmd/image-builder/main.go b/cmd/image-builder/main.go index 052b32a..a8289ee 100644 --- a/cmd/image-builder/main.go +++ b/cmd/image-builder/main.go @@ -165,6 +165,10 @@ func cmdManifestWrapper(pbar progress.ProgressBar, cmd *cobra.Command, args []st if err != nil { return nil, err } + ignoreWarnings, err := cmd.Flags().GetBool("ignore-warnings") + if err != nil { + return nil, err + } outputDir, err := cmd.Flags().GetString("output-dir") if err != nil { return nil, err @@ -235,6 +239,7 @@ func cmdManifestWrapper(pbar progress.ProgressBar, cmd *cobra.Command, args []st Ostree: ostreeImgOpts, RpmDownloader: rpmDownloader, WithSBOM: withSBOM, + IgnoreWarnings: ignoreWarnings, CustomSeed: customSeed, Subscription: subscription, @@ -466,6 +471,7 @@ operating systems like Fedora, CentOS and RHEL with easy customizations support. manifestCmd.Flags().String("ostree-url", "", `OSTREE url`) manifestCmd.Flags().Bool("use-librepo", true, `use librepo to download packages (disable if you use old versions of osbuild)`) manifestCmd.Flags().Bool("with-sbom", false, `export SPDX SBOM document`) + manifestCmd.Flags().Bool("ignore-warnings", false, `ignore warnings during manifest generation`) manifestCmd.Flags().String("registrations", "", `filename of a registrations file with e.g. subscription details`) rootCmd.AddCommand(manifestCmd) diff --git a/cmd/image-builder/main_test.go b/cmd/image-builder/main_test.go index 66ca06c..90cb4c7 100644 --- a/cmd/image-builder/main_test.go +++ b/cmd/image-builder/main_test.go @@ -1045,3 +1045,50 @@ func TestManifestIntegrationWithRegistrations(t *testing.T) { assert.Contains(t, fakeStdout.String(), `"type":"org.osbuild.systemd.unit.create","options":{"filename":"osbuild-subscription-register.service"`) assert.Contains(t, fakeStdout.String(), `server_url_123`) } + +func TestManifestIntegrationWarningsHandling(t *testing.T) { + restore := main.MockManifestgenDepsolver(fakeDepsolve) + defer restore() + + restore = main.MockNewRepoRegistry(testrepos.New) + defer restore() + + testBlueprint := ` +customizations.FIPS = true +` + fipsWarning := "The host building this image is not running in FIPS mode. The image will still be FIPS compliant. If you have custom steps that generate keys or perform cryptographic operations, those must be considered non-compliant.\n" + for _, tc := range []struct { + extraCmdline []string + expectedErr string + expectedStderr string + }{ + {nil, fipsWarning, ""}, + {[]string{"--ignore-warnings"}, "", fipsWarning}, + } { + t.Run(fmt.Sprintf("extra-cmdline: %v", tc.extraCmdline), func(t *testing.T) { + restore = main.MockOsArgs(append([]string{ + "manifest", + "qcow2", + "--arch=x86_64", + "--distro=centos-9", + fmt.Sprintf("--blueprint=%s", makeTestBlueprint(t, testBlueprint)), + }, tc.extraCmdline...)) + defer restore() + + var fakeStdout bytes.Buffer + restore = main.MockOsStdout(&fakeStdout) + defer restore() + + var err error + _, stderr := testutil.CaptureStdio(t, func() { + err = main.Run() + }) + if tc.expectedErr != "" { + assert.ErrorContains(t, err, tc.expectedErr) + } else { + assert.NoError(t, err) + } + assert.Contains(t, stderr, tc.expectedStderr) + }) + } +} diff --git a/cmd/image-builder/manifest.go b/cmd/image-builder/manifest.go index 0681aab..a9a3f69 100644 --- a/cmd/image-builder/manifest.go +++ b/cmd/image-builder/manifest.go @@ -27,6 +27,7 @@ type manifestOptions struct { Subscription *subscription.ImageOptions RpmDownloader osbuild.RpmDownloader WithSBOM bool + IgnoreWarnings bool CustomSeed *int64 ForceRepos []string @@ -82,6 +83,9 @@ func generateManifest(dataDir string, extraRepos []string, img *imagefilter.Resu } manifestGenOpts.OverrideRepos = forcedRepos } + if opts.IgnoreWarnings { + manifestGenOpts.WarningsOutput = os.Stderr + } mg, err := manifestgen.New(repos, manifestGenOpts) if err != nil {