From 1de55c73e6fee16327a8e5a957aa00a3d5091c5d Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Tue, 23 Aug 2022 18:44:09 +0200 Subject: [PATCH] ostree: define type for handling ostree remote config A new struct in ostree can be used to define configuration options for the ostree remote of an image. So far remotes were always set up with the remote URL used to pull the commit. Now we support setting a different remote with extra configuration options. This is used by the fedora-iot-raw-image to set up the remote configuration of the final image, separately from the source of the commit. Test manifests updated. --- internal/distro/fedora/images.go | 8 +++- internal/image/ostree_raw.go | 6 ++- internal/manifest/commit_deployment.go | 37 +++++++++++-------- internal/ostree/ostree.go | 8 ++++ ..._35-aarch64-fedora_iot_raw_image-boot.json | 6 ++- ...a_35-x86_64-fedora_iot_raw_image-boot.json | 6 ++- ..._36-aarch64-fedora_iot_raw_image-boot.json | 6 ++- ...a_36-x86_64-fedora_iot_raw_image-boot.json | 6 ++- ..._37-aarch64-fedora_iot_raw_image-boot.json | 6 ++- ...a_37-x86_64-fedora_iot_raw_image-boot.json | 6 ++- 10 files changed, 70 insertions(+), 25 deletions(-) diff --git a/internal/distro/fedora/images.go b/internal/distro/fedora/images.go index 6c28a266d..f11cd9011 100644 --- a/internal/distro/fedora/images.go +++ b/internal/distro/fedora/images.go @@ -8,6 +8,7 @@ import ( "github.com/osbuild/osbuild-composer/internal/image" "github.com/osbuild/osbuild-composer/internal/manifest" "github.com/osbuild/osbuild-composer/internal/osbuild" + "github.com/osbuild/osbuild-composer/internal/ostree" "github.com/osbuild/osbuild-composer/internal/rpmmd" "github.com/osbuild/osbuild-composer/internal/workload" ) @@ -290,7 +291,12 @@ func iotRawImage(workload workload.Workload, img.Platform = t.platform img.Workload = workload - img.Remote = "fedora-iot" + img.Remote = ostree.Remote{ + Name: "fedora-iot", + URL: "https://ostree.fedoraproject.org/iot", + ContentURL: "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + GPGKeyPaths: []string{"/etc/pki/rpm-gpg/"}, + } img.OSName = "fedora-iot" img.OSTreeURL = options.OSTree.URL diff --git a/internal/image/ostree_raw.go b/internal/image/ostree_raw.go index b98819bfd..1b906cc9f 100644 --- a/internal/image/ostree_raw.go +++ b/internal/image/ostree_raw.go @@ -6,6 +6,7 @@ import ( "github.com/osbuild/osbuild-composer/internal/artifact" "github.com/osbuild/osbuild-composer/internal/disk" "github.com/osbuild/osbuild-composer/internal/manifest" + "github.com/osbuild/osbuild-composer/internal/ostree" "github.com/osbuild/osbuild-composer/internal/platform" "github.com/osbuild/osbuild-composer/internal/rpmmd" "github.com/osbuild/osbuild-composer/internal/runner" @@ -23,7 +24,7 @@ type OSTreeRawImage struct { OSTreeRef string OSTreeCommit string - Remote string + Remote ostree.Remote OSName string KernelOptionsAppend []string @@ -46,8 +47,9 @@ func (img *OSTreeRawImage) InstantiateManifest(m *manifest.Manifest, buildPipeline := manifest.NewBuild(m, runner, repos) buildPipeline.Checkpoint() - osPipeline := manifest.NewOSTreeDeployment(m, buildPipeline, img.OSTreeRef, img.OSTreeCommit, img.OSTreeURL, img.OSName, img.Remote, img.Platform) + osPipeline := manifest.NewOSTreeDeployment(m, buildPipeline, img.OSTreeRef, img.OSTreeCommit, img.OSTreeURL, img.OSName, img.Platform) osPipeline.PartitionTable = img.PartitionTable + osPipeline.Remote = img.Remote osPipeline.KernelOptionsAppend = img.KernelOptionsAppend osPipeline.Keyboard = img.Keyboard osPipeline.Locale = img.Locale diff --git a/internal/manifest/commit_deployment.go b/internal/manifest/commit_deployment.go index 74a12ebc3..f3855ec44 100644 --- a/internal/manifest/commit_deployment.go +++ b/internal/manifest/commit_deployment.go @@ -6,6 +6,7 @@ import ( "github.com/osbuild/osbuild-composer/internal/common" "github.com/osbuild/osbuild-composer/internal/disk" "github.com/osbuild/osbuild-composer/internal/osbuild" + "github.com/osbuild/osbuild-composer/internal/ostree" "github.com/osbuild/osbuild-composer/internal/platform" ) @@ -14,6 +15,8 @@ import ( type OSTreeDeployment struct { Base + Remote ostree.Remote + OSVersion string osTreeCommit string @@ -21,7 +24,6 @@ type OSTreeDeployment struct { osTreeRef string osName string - remote string KernelOptionsAppend []string Keyboard string @@ -40,7 +42,6 @@ func NewOSTreeDeployment(m *Manifest, commit string, url string, osName string, - remote string, platform platform.Platform) *OSTreeDeployment { p := &OSTreeDeployment{ @@ -49,7 +50,6 @@ func NewOSTreeDeployment(m *Manifest, osTreeURL: url, osTreeRef: ref, osName: osName, - remote: remote, platform: platform, } buildPipeline.addDependent(p) @@ -80,7 +80,7 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline { pipeline.AddStage(osbuild.OSTreeInitFsStage()) pipeline.AddStage(osbuild.NewOSTreePullStage( - &osbuild.OSTreePullStageOptions{Repo: repoPath, Remote: p.remote}, + &osbuild.OSTreePullStageOptions{Repo: repoPath, Remote: p.Remote.Name}, osbuild.NewOstreePullStageInputs("org.osbuild.source", p.osTreeCommit, p.osTreeRef), )) pipeline.AddStage(osbuild.NewOSTreeOsInitStage( @@ -114,7 +114,7 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline { &osbuild.OSTreeDeployStageOptions{ OsName: p.osName, Ref: p.osTreeRef, - Remote: p.remote, + Remote: p.Remote.Name, Mounts: []string{"/boot", "/boot/efi"}, Rootfs: osbuild.Rootfs{ Label: "root", @@ -123,19 +123,24 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline { }, )) - if p.osTreeURL != "" { // TODO: this should never be empty; fail early instead - pipeline.AddStage(osbuild.NewOSTreeRemotesStage( - &osbuild.OSTreeRemotesStageOptions{ - Repo: "/ostree/repo", - Remotes: []osbuild.OSTreeRemote{ - { - Name: p.remote, - URL: p.osTreeURL, - }, + remoteURL := p.Remote.URL + if remoteURL == "" { + // if the remote URL for the image is not specified, use the source commit URL + remoteURL = p.osTreeURL + } + pipeline.AddStage(osbuild.NewOSTreeRemotesStage( + &osbuild.OSTreeRemotesStageOptions{ + Repo: "/ostree/repo", + Remotes: []osbuild.OSTreeRemote{ + { + Name: p.Remote.Name, + URL: remoteURL, + ContentURL: p.Remote.ContentURL, + GPGKeyPaths: p.Remote.GPGKeyPaths, }, }, - )) - } + }, + )) pipeline.AddStage(osbuild.NewOSTreeFillvarStage( &osbuild.OSTreeFillvarStageOptions{ diff --git a/internal/ostree/ostree.go b/internal/ostree/ostree.go index c307922ad..b5dfe05e3 100644 --- a/internal/ostree/ostree.go +++ b/internal/ostree/ostree.go @@ -24,6 +24,14 @@ type CommitSource struct { URL string } +// Remote defines the options that can be set for an OSTree Remote configuration. +type Remote struct { + Name string + URL string + ContentURL string + GPGKeyPaths []string +} + func VerifyRef(ref string) bool { return len(ref) > 0 && ostreeRefRE.MatchString(ref) } diff --git a/test/data/manifests/fedora_35-aarch64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_35-aarch64-fedora_iot_raw_image-boot.json index 39c490df5..ebd20ae5c 100644 --- a/test/data/manifests/fedora_35-aarch64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_35-aarch64-fedora_iot_raw_image-boot.json @@ -1843,7 +1843,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] } diff --git a/test/data/manifests/fedora_35-x86_64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_35-x86_64-fedora_iot_raw_image-boot.json index 53481fef2..7d1e21441 100644 --- a/test/data/manifests/fedora_35-x86_64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_35-x86_64-fedora_iot_raw_image-boot.json @@ -1867,7 +1867,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] } diff --git a/test/data/manifests/fedora_36-aarch64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_36-aarch64-fedora_iot_raw_image-boot.json index 0c238be29..db9d0b1f0 100644 --- a/test/data/manifests/fedora_36-aarch64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_36-aarch64-fedora_iot_raw_image-boot.json @@ -2091,7 +2091,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] } diff --git a/test/data/manifests/fedora_36-x86_64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_36-x86_64-fedora_iot_raw_image-boot.json index 32e2a6e81..27342433c 100644 --- a/test/data/manifests/fedora_36-x86_64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_36-x86_64-fedora_iot_raw_image-boot.json @@ -2115,7 +2115,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] } diff --git a/test/data/manifests/fedora_37-aarch64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_37-aarch64-fedora_iot_raw_image-boot.json index c9f8051d9..e80ce9866 100644 --- a/test/data/manifests/fedora_37-aarch64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_37-aarch64-fedora_iot_raw_image-boot.json @@ -2099,7 +2099,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] } diff --git a/test/data/manifests/fedora_37-x86_64-fedora_iot_raw_image-boot.json b/test/data/manifests/fedora_37-x86_64-fedora_iot_raw_image-boot.json index 91d5b8b6d..4a906aea8 100644 --- a/test/data/manifests/fedora_37-x86_64-fedora_iot_raw_image-boot.json +++ b/test/data/manifests/fedora_37-x86_64-fedora_iot_raw_image-boot.json @@ -2123,7 +2123,11 @@ "remotes": [ { "name": "fedora-iot", - "url": "http://fedora.example.com/repo" + "url": "https://ostree.fedoraproject.org/iot", + "contenturl": "mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist", + "gpgkeypaths": [ + "/etc/pki/rpm-gpg/" + ] } ] }