particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

go.mod: bump images to v0.26.0

Browse source 
This is mainly needed in order to get the RHEL 9 SAP Azure images.
This commit is contained in:
Ondřej Budai 2023-12-21 19:47:16 +01:00 committed by Tom Gundersen
parent d5483ccfb0
commit 807f249146
232 changed files with 32705 additions and 3663 deletions
Download patch file Download diff file Expand all files Collapse all files

2
vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go generated vendored
View file

@ -122,6 +122,7 @@ var (
},
defaultImageConfig: &distro.ImageConfig{
EnabledServices: iotServices,
DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions},
},
rpmOstree: true,
image: iotCommitImage,
@ -143,6 +144,7 @@ var (
},
defaultImageConfig: &distro.ImageConfig{
EnabledServices: iotServices,
DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions},
},
rpmOstree: true,
bootISO: false,

5
vendor/github.com/osbuild/images/pkg/distro/fedora/images.go generated vendored
View file

@ -47,6 +47,8 @@ func osCustomizations(
osc.KernelOptionsAppend = kernelOptions
}
osc.FIPS = c.GetFIPS()
osc.ExtraBasePackages = osPackageSet.Include
osc.ExcludeBasePackages = osPackageSet.Exclude
osc.ExtraBaseRepos = osPackageSet.Repositories
@ -467,6 +469,7 @@ func iotInstallerImage(workload workload.Workload,
img := image.NewAnacondaOSTreeInstaller(commit)
customizations := bp.Customizations
img.FIPS = customizations.GetFIPS()
img.Platform = t.platform
img.ExtraBasePackages = packageSets[installerPkgsKey]
img.Users = users.UsersFromBP(customizations.GetUsers())
@ -508,6 +511,7 @@ func iotImage(workload workload.Workload,
distro := t.Arch().Distro()
customizations := bp.Customizations
img.FIPS = customizations.GetFIPS()
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
@ -581,6 +585,7 @@ func iotSimplifiedInstallerImage(workload workload.Workload,
rawImg := image.NewOSTreeDiskImageFromCommit(commit)
customizations := bp.Customizations
rawImg.FIPS = customizations.GetFIPS()
rawImg.Users = users.UsersFromBP(customizations.GetUsers())
rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())

6
vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go generated vendored
View file

@ -270,7 +270,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
if t.name == "iot-raw-image" || t.name == "iot-qcow2-image" {
allowed := []string{"User", "Group", "Directories", "Files", "Services"}
allowed := []string{"User", "Group", "Directories", "Files", "Services", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return nil, fmt.Errorf("unsupported blueprint customizations found for image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -281,7 +281,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
// TODO: Support kernel name selection for image-installer
if t.bootISO {
if t.name == "iot-simplified-installer" {
allowed := []string{"InstallationDevice", "FDO", "Ignition", "Kernel", "User", "Group"}
allowed := []string{"InstallationDevice", "FDO", "Ignition", "Kernel", "User", "Group", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return nil, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -319,7 +319,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
}
} else if t.name == "iot-installer" || t.name == "image-installer" {
allowed := []string{"User", "Group"}
allowed := []string{"User", "Group", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return nil, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}

3
vendor/github.com/osbuild/images/pkg/distro/rhel8/edge.go generated vendored
View file

@ -7,6 +7,7 @@ import (
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/distro"
"github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/rpmmd"
)
@ -21,6 +22,7 @@ func edgeCommitImgType(rd distribution) imageType {
},
defaultImageConfig: &distro.ImageConfig{
EnabledServices: edgeServices(rd),
DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions},
},
rpmOstree: true,
image: edgeCommitImage,
@ -47,6 +49,7 @@ func edgeOCIImgType(rd distribution) imageType {
},
defaultImageConfig: &distro.ImageConfig{
EnabledServices: edgeServices(rd),
DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions},
},
rpmOstree: true,
bootISO: false,

5
vendor/github.com/osbuild/images/pkg/distro/rhel8/images.go generated vendored
View file

@ -49,6 +49,8 @@ func osCustomizations(
}
}
osc.FIPS = c.GetFIPS()
osc.ExtraBasePackages = osPackageSet.Include
osc.ExcludeBasePackages = osPackageSet.Exclude
osc.ExtraBaseRepos = osPackageSet.Repositories
@ -436,6 +438,7 @@ func edgeInstallerImage(workload workload.Workload,
img.OSName = "rhel"
img.OSVersion = d.osVersion
img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)
img.FIPS = customizations.GetFIPS()
img.Filename = t.Filename()
@ -459,6 +462,7 @@ func edgeRawImage(workload workload.Workload,
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
img.FIPS = customizations.GetFIPS()
img.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
// TODO: move to image config
@ -505,6 +509,7 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
rawImg.Users = users.UsersFromBP(customizations.GetUsers())
rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())
rawImg.FIPS = customizations.GetFIPS()
rawImg.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
rawImg.Keyboard = "us"

6
vendor/github.com/osbuild/images/pkg/distro/rhel8/imagetype.go generated vendored
View file

@ -303,7 +303,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
if t.name == "edge-simplified-installer" {
allowed := []string{"InstallationDevice", "FDO", "User", "Group"}
allowed := []string{"InstallationDevice", "FDO", "User", "Group", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return warnings, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -330,7 +330,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
}
} else if t.name == "edge-installer" {
allowed := []string{"User", "Group"}
allowed := []string{"User", "Group", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return warnings, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -343,7 +343,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
return warnings, fmt.Errorf("%q images require specifying a URL from which to retrieve the OSTree commit", t.name)
}
allowed := []string{"User", "Group"}
allowed := []string{"User", "Group", "FIPS"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return warnings, fmt.Errorf("unsupported blueprint customizations found for image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}

5
vendor/github.com/osbuild/images/pkg/distro/rhel9/ami.go generated vendored
View file

@ -402,6 +402,11 @@ func rhelEc2SapPackageSet(t *imageType) rpmmd.PackageSet {
return rpmmd.PackageSet{
Include: []string{
"rh-amazon-rhui-client-sap-bundle-e4s",
"libcanberra-gtk2",
},
Exclude: []string{
// COMPOSER-1829
"firewalld",
},
}.Append(rhelEc2CommonPackageSet(t)).Append(SapPackageSet(t))
}

36
vendor/github.com/osbuild/images/pkg/distro/rhel9/azure.go generated vendored
View file

@ -70,6 +70,27 @@ var (
}
)
func azureSapRhuiImgType(rd distribution) imageType {
return imageType{
name: "azure-sap-rhui",
filename: "disk.vhd.xz",
mimeType: "application/xz",
compression: "xz",
packageSets: map[string]packageSetFunc{
osPkgsKey: azureSapPackageSet,
},
defaultImageConfig: defaultAzureRhuiImageConfig.InheritFrom(sapAzureImageConfig(rd)),
kernelOptions: defaultAzureKernelOptions,
bootable: true,
defaultSize: 64 * common.GibiByte,
image: diskImage,
buildPipelines: []string{"build"},
payloadPipelines: []string{"os", "image", "vpc", "xz"},
exports: []string{"xz"},
basePartitionTables: azureRhuiBasePartitionTables,
}
}
// PACKAGE SETS
// Common Azure image package set
@ -598,3 +619,18 @@ var defaultAzureRhuiImageConfig = &distro.ImageConfig{
},
},
}
// Azure SAP image package set
// Includes the common azure package set, the common SAP packages, and
// the azure rhui sap package.
func azureSapPackageSet(t *imageType) rpmmd.PackageSet {
return rpmmd.PackageSet{
Include: []string{
"rhui-azure-rhel9-sap-ha",
},
}.Append(azureCommonPackageSet(t)).Append(SapPackageSet(t))
}
func sapAzureImageConfig(rd distribution) *distro.ImageConfig {
return sapImageConfig(rd.osVersion).InheritFrom(defaultAzureRhuiImageConfig.InheritFrom(defaultAzureImageConfig))
}

2
vendor/github.com/osbuild/images/pkg/distro/rhel9/distro.go generated vendored
View file

@ -460,6 +460,8 @@ func newDistro(name string, minor int) *distribution {
x86_64.addImageTypes(azureX64Platform, azureRhuiImgType, azureByosImgType)
aarch64.addImageTypes(azureAarch64Platform, azureRhuiImgType, azureByosImgType)
x86_64.addImageTypes(azureX64Platform, azureSapRhuiImgType(rd))
// keep the RHEL EC2 x86_64 images before 9.3 BIOS-only for backward compatibility
if common.VersionLessThan(rd.osVersion, "9.3") {
ec2X86Platform = &platform.X86{

2
vendor/github.com/osbuild/images/pkg/distro/rhel9/images.go generated vendored
View file

@ -46,6 +46,8 @@ func osCustomizations(
osc.KernelOptionsAppend = kernelOptions
}
osc.FIPS = c.GetFIPS()
osc.ExtraBasePackages = osPackageSet.Include
osc.ExcludeBasePackages = osPackageSet.Exclude
osc.ExtraBaseRepos = osPackageSet.Repositories

21
vendor/github.com/osbuild/images/pkg/distro/rhel9/imagetype.go generated vendored
View file

@ -167,12 +167,7 @@ func (t *imageType) getPartitionTable(
partitioningMode := options.PartitioningMode
if t.rpmOstree {
// Edge supports only LVM, force it.
// Raw is not supported, return an error if it is requested
// TODO Need a central location for logic like this
if partitioningMode == disk.RawPartitioningMode {
return nil, fmt.Errorf("partitioning mode raw not supported for %s on %s", t.Name(), t.arch.Name())
}
partitioningMode = disk.LVMPartitioningMode
}
@ -308,7 +303,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
if t.name == "edge-simplified-installer" {
allowed := []string{"InstallationDevice", "FDO", "Ignition", "Kernel", "User", "Group", "FIPS"}
allowed := []string{"InstallationDevice", "FDO", "Ignition", "Kernel", "User", "Group", "FIPS", "Filesystem"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return warnings, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -358,8 +353,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
if options.OSTree == nil || options.OSTree.URL == "" {
return warnings, fmt.Errorf("%q images require specifying a URL from which to retrieve the OSTree commit", t.name)
}
allowed := []string{"Ignition", "Kernel", "User", "Group", "FIPS"}
allowed := []string{"Ignition", "Kernel", "User", "Group", "FIPS", "Filesystem"}
if err := customizations.CheckAllowed(allowed...); err != nil {
return warnings, fmt.Errorf("unsupported blueprint customizations found for image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
}
@ -386,9 +380,14 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
}
mountpoints := customizations.GetFilesystems()
if mountpoints != nil && t.rpmOstree {
return warnings, fmt.Errorf("Custom mountpoints are not supported for ostree types")
if mountpoints != nil && t.rpmOstree && (t.name == "edge-container" || t.name == "edge-commit") {
return warnings, fmt.Errorf("Custom mountpoints are not supported for edge-container and edge-commit")
} else if mountpoints != nil && t.rpmOstree && !(t.name == "edge-container" || t.name == "edge-commit") {
//customization allowed for edge-raw-image,edge-ami,edge-vsphere,edge-simplified-installer
err := blueprint.CheckMountpointsPolicy(mountpoints, pathpolicy.OstreeMountpointPolicies)
if err != nil {
return warnings, err
}
}
err := blueprint.CheckMountpointsPolicy(mountpoints, pathpolicy.MountpointPolicies)

3
vendor/github.com/osbuild/images/pkg/distro/rhel9/sap.go generated vendored
View file

@ -142,7 +142,6 @@ func SapPackageSet(t *imageType) rpmmd.PackageSet {
"krb5-workstation",
"libaio",
"libatomic",
"libcanberra-gtk2",
"libicu",
"libtool-ltdl",
"lm_sensors",
@ -156,8 +155,6 @@ func SapPackageSet(t *imageType) rpmmd.PackageSet {
"libnsl",
},
Exclude: []string{
// COMPOSER-1829
"firewalld",
"iwl1000-firmware",
"iwl100-firmware",
"iwl105-firmware",

13
vendor/github.com/osbuild/images/pkg/image/anaconda_tar_installer.go generated vendored
View file

@ -83,6 +83,12 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
anacondaPipeline.Variant = img.Variant
anacondaPipeline.Biosdevname = (img.Platform.GetArch() == arch.ARCH_X86_64)
anacondaPipeline.AdditionalAnacondaModules = img.AdditionalAnacondaModules
if img.OSCustomizations.FIPS {
anacondaPipeline.AdditionalAnacondaModules = append(
anacondaPipeline.AdditionalAnacondaModules,
"org.fedoraproject.Anaconda.Modules.Security",
)
}
anacondaPipeline.AdditionalDracutModules = img.AdditionalDracutModules
anacondaPipeline.AdditionalDrivers = img.AdditionalDrivers
@ -125,6 +131,9 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
if img.ISORootKickstart {
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", isoLabel, kspath))
}
if img.OSCustomizations.FIPS {
kernelOpts = append(kernelOpts, "fips=1")
}
kernelOpts = append(kernelOpts, img.AdditionalKernelOpts...)
bootTreePipeline.KernelOpts = kernelOpts
@ -151,6 +160,10 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
isoTreePipeline.OSPipeline = osPipeline
isoTreePipeline.KernelOpts = img.AdditionalKernelOpts
if img.OSCustomizations.FIPS {
isoTreePipeline.KernelOpts = append(isoTreePipeline.KernelOpts, "fips=1")
}
isoTreePipeline.ISOLinux = isoLinuxEnabled
isoPipeline := manifest.NewISO(buildPipeline, isoTreePipeline, isoLabel)

20
vendor/github.com/osbuild/images/pkg/manifest/os.go generated vendored
View file

@ -132,6 +132,8 @@ type OSCustomizations struct {
// Custom directories and files to create in the image
Directories []*fsnode.Directory
Files []*fsnode.File
FIPS bool
}
// OS represents the filesystem tree of the target image. This roughly
@ -417,7 +419,7 @@ func (p *OS) serialize() osbuild.Pipeline {
}
manifests := osbuild.NewFilesInputForManifestLists(p.containerSpecs)
skopeo := osbuild.NewSkopeoStage(storagePath, images, manifests)
skopeo := osbuild.NewSkopeoStageWithContainersStorage(storagePath, images, manifests)
pipeline.AddStage(skopeo)
}
@ -603,6 +605,16 @@ func (p *OS) serialize() osbuild.Pipeline {
if pt := p.PartitionTable; pt != nil {
kernelOptions := osbuild.GenImageKernelOptions(p.PartitionTable)
kernelOptions = append(kernelOptions, p.KernelOptionsAppend...)
if p.FIPS {
kernelOptions = append(kernelOptions, osbuild.GenFIPSKernelOptions(p.PartitionTable)...)
pipeline.AddStage(osbuild.NewDracutStage(&osbuild.DracutStageOptions{
Kernel: []string{p.kernelVer},
AddModules: []string{"fips"},
}))
p.Files = append(p.Files, osbuild.GenFIPSFiles()...)
}
if !p.KernelOptionsBootloader {
pipeline = prependKernelCmdlineStage(pipeline, strings.Join(kernelOptions, " "), pt)
}
@ -721,6 +733,12 @@ func (p *OS) serialize() osbuild.Pipeline {
pipeline.AddStage(osbuild.NewWSLConfStage(wslConf))
}
if p.FIPS {
for _, stage := range osbuild.GenFIPSStages() {
pipeline.AddStage(stage)
}
}
if p.OpenSCAPTailorConfig != nil {
if p.OpenSCAPConfig == nil {
// This is a programming error, since it doesn't make sense

4
vendor/github.com/osbuild/images/pkg/osbuild/containers_input.go generated vendored
View file

@ -46,6 +46,4 @@ func NewContainersInputForSources(containers []container.Spec) ContainersInput {
}
}
type ContainersInputs map[string]ContainersInput
func (c ContainersInputs) isStageInputs() {}
func (c ContainersInput) isStageInputs() {}

10
vendor/github.com/osbuild/images/pkg/osbuild/fips.go generated vendored
View file

@ -8,6 +8,15 @@ import (
"github.com/osbuild/images/pkg/disk"
)
var (
FIPSDracutConfStageOptions = &DracutConfStageOptions{
Filename: "40-fips.conf",
Config: DracutConfigFile{
AddModules: []string{"fips"},
},
}
)
func GenFIPSKernelOptions(pt *disk.PartitionTable) []string {
cmdline := make([]string, 0)
cmdline = append(cmdline, "fips=1")
@ -37,6 +46,7 @@ func GenFIPSStages() (stages []*Stage) {
&UpdateCryptoPoliciesStageOptions{
Policy: "FIPS",
}),
NewDracutConfStage(FIPSDracutConfStageOptions),
}
stages = append(stages, GenFileNodesStages(GenFIPSFiles())...)
return

39
vendor/github.com/osbuild/images/pkg/osbuild/skopeo_stage.go generated vendored
View file

@ -1,11 +1,24 @@
package osbuild
type SkopeoDestination struct {
type SkopeoDestination interface {
isSkopeoDestination()
}
type SkopeoDestinationContainersStorage struct {
Type string `json:"type"`
StoragePath string `json:"storage-path,omitempty"`
StorageDriver string `json:"sotrage-driver,omitempty"`
StorageDriver string `json:"storage-driver,omitempty"`
}
func (SkopeoDestinationContainersStorage) isSkopeoDestination() {}
type SkopeoDestinationOCI struct {
Type string `json:"type"`
Path string `json:"path,omitempty"`
}
func (SkopeoDestinationOCI) isSkopeoDestination() {}
type SkopeoStageOptions struct {
Destination SkopeoDestination `json:"destination"`
}
@ -19,7 +32,7 @@ type SkopeoStageInputs struct {
func (SkopeoStageInputs) isStageInputs() {}
func NewSkopeoStage(path string, images ContainersInput, manifests *FilesInput) *Stage {
func NewSkopeoStageWithContainersStorage(path string, images ContainersInput, manifests *FilesInput) *Stage {
inputs := SkopeoStageInputs{
Images: images,
@ -29,7 +42,7 @@ func NewSkopeoStage(path string, images ContainersInput, manifests *FilesInput)
return &Stage{
Type: "org.osbuild.skopeo",
Options: &SkopeoStageOptions{
Destination: SkopeoDestination{
Destination: SkopeoDestinationContainersStorage{
Type: "containers-storage",
StoragePath: path,
},
@ -37,3 +50,21 @@ func NewSkopeoStage(path string, images ContainersInput, manifests *FilesInput)
Inputs: inputs,
}
}
func NewSkopeoStageWithOCI(path string, images ContainersInput, manifests *FilesInput) *Stage {
inputs := SkopeoStageInputs{
Images: images,
ManifestLists: manifests,
}
return &Stage{
Type: "org.osbuild.skopeo",
Options: &SkopeoStageOptions{
Destination: &SkopeoDestinationOCI{
Type: "oci",
Path: path,
},
},
Inputs: inputs,
}
}

7
vendor/github.com/osbuild/images/pkg/rpmmd/repository.go generated vendored
View file

@ -58,13 +58,10 @@ func (r *RepoConfig) Hash() string {
return fmt.Sprintf("%T", b)
}
bpts := func(b *bool) string {
return fmt.Sprintf("%T", b)
}
bptsIgnoreNil := func(b *bool) string {
if b == nil {
return ""
}
return bts(*b)
return fmt.Sprintf("%T", b)
}
ats := func(s []string) string {
return strings.Join(s, "")
@ -78,7 +75,7 @@ func (r *RepoConfig) Hash() string {
bpts(r.IgnoreSSL)+
r.MetadataExpire+
bts(r.RHSM)+
bptsIgnoreNil(r.ModuleHotfixes))))
bpts(r.ModuleHotfixes))))
}
type DistrosRepoConfigs map[string]map[string][]RepoConfig