diff --git a/go.mod b/go.mod index d6cd1b275..1d8952111 100644 --- a/go.mod +++ b/go.mod @@ -46,7 +46,7 @@ require ( github.com/openshift-online/ocm-sdk-go v0.1.438 github.com/oracle/oci-go-sdk/v54 v54.0.0 github.com/osbuild/blueprint v1.6.0 - github.com/osbuild/images v0.144.0 + github.com/osbuild/images v0.148.0 github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20240814102216-0239db53236d github.com/osbuild/pulp-client v0.1.0 github.com/prometheus/client_golang v1.20.5 diff --git a/go.sum b/go.sum index 72495775d..9310d2a7c 100644 --- a/go.sum +++ b/go.sum @@ -578,8 +578,8 @@ github.com/oracle/oci-go-sdk/v54 v54.0.0 h1:CDLjeSejv2aDpElAJrhKpi6zvT/zhZCZuXch github.com/oracle/oci-go-sdk/v54 v54.0.0/go.mod h1:+t+yvcFGVp+3ZnztnyxqXfQDsMlq8U25faBLa+mqCMc= github.com/osbuild/blueprint v1.6.0 h1:HUV1w/dMxpgqOgVtHhfTZE3zRmWQkuW/qTfx9smKImI= github.com/osbuild/blueprint v1.6.0/go.mod h1:0d3dlY8aSJ6jM6NHwBmJFF1VIySsp/GsDpcJQ0yrOqM= -github.com/osbuild/images v0.144.0 h1:p8l71YH+x7yE1XJF7Qy74/xdicJ6VTF93I0mKZVmsfc= -github.com/osbuild/images v0.144.0/go.mod h1:jY21PhkxIozII4M0xCqZL7poLtFwDJlEGj88pb3lalQ= +github.com/osbuild/images v0.148.0 h1:jRLpl/z50FF7Vylio7oD7GddKftiqf2RZZV1h5U8XhI= +github.com/osbuild/images v0.148.0/go.mod h1:jY21PhkxIozII4M0xCqZL7poLtFwDJlEGj88pb3lalQ= github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20240814102216-0239db53236d h1:r9BFPDv0uuA9k1947Jybcxs36c/pTywWS1gjeizvtcQ= github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20240814102216-0239db53236d/go.mod h1:zR1iu/hOuf+OQNJlk70tju9IqzzM4ycq0ectkFBm94U= github.com/osbuild/pulp-client v0.1.0 h1:L0C4ezBJGTamN3BKdv+rKLuq/WxXJbsFwz/Hj7aEmJ8= diff --git a/vendor/github.com/osbuild/images/internal/environment/environment.go b/vendor/github.com/osbuild/images/internal/environment/environment.go index cb0af7a6a..0f13c18b7 100644 --- a/vendor/github.com/osbuild/images/internal/environment/environment.go +++ b/vendor/github.com/osbuild/images/internal/environment/environment.go @@ -23,3 +23,25 @@ func (p BaseEnvironment) GetRepos() []rpmmd.RepoConfig { func (p BaseEnvironment) GetServices() []string { return []string{} } + +// EnvironmentConf is an environment that is fully defined via YAML +// and implements the "Environment" interface +type EnvironmentConf struct { + Packages []string + Repos []rpmmd.RepoConfig + Services []string +} + +var _ = Environment(&EnvironmentConf{}) + +func (p *EnvironmentConf) GetPackages() []string { + return p.Packages +} + +func (p *EnvironmentConf) GetRepos() []rpmmd.RepoConfig { + return p.Repos +} + +func (p *EnvironmentConf) GetServices() []string { + return p.Services +} diff --git a/vendor/github.com/osbuild/images/pkg/arch/arch.go b/vendor/github.com/osbuild/images/pkg/arch/arch.go index b6882a412..90162d66d 100644 --- a/vendor/github.com/osbuild/images/pkg/arch/arch.go +++ b/vendor/github.com/osbuild/images/pkg/arch/arch.go @@ -1,7 +1,11 @@ package arch import ( + "encoding/json" + "fmt" "runtime" + + "github.com/osbuild/images/internal/common" ) type Arch uint64 @@ -34,27 +38,40 @@ func (a Arch) String() string { } } -func FromString(a string) Arch { +func (a *Arch) UnmarshalJSON(data []byte) (err error) { + var s string + if err := json.Unmarshal(data, &s); err != nil { + return err + } + *a, err = FromString(s) + return err +} + +func (a *Arch) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(a, unmarshal) +} + +func FromString(a string) (Arch, error) { switch a { case "amd64", "x86_64": - return ARCH_X86_64 + return ARCH_X86_64, nil case "arm64", "aarch64": - return ARCH_AARCH64 + return ARCH_AARCH64, nil case "s390x": - return ARCH_S390X + return ARCH_S390X, nil case "ppc64le": - return ARCH_PPC64LE + return ARCH_PPC64LE, nil case "riscv64": - return ARCH_RISCV64 + return ARCH_RISCV64, nil default: - panic("unsupported architecture") + return ARCH_UNSET, fmt.Errorf("unsupported architecture %q", a) } } var runtimeGOARCH = runtime.GOARCH func Current() Arch { - return FromString(runtimeGOARCH) + return common.Must(FromString(runtimeGOARCH)) } func IsX86_64() bool { diff --git a/vendor/github.com/osbuild/images/pkg/blueprint/blueprint.go b/vendor/github.com/osbuild/images/pkg/blueprint/blueprint.go index daaf8d99f..fd07fd891 100644 --- a/vendor/github.com/osbuild/images/pkg/blueprint/blueprint.go +++ b/vendor/github.com/osbuild/images/pkg/blueprint/blueprint.go @@ -15,7 +15,7 @@ type Blueprint struct { Groups []Group `json:"groups" toml:"groups"` Containers []Container `json:"containers,omitempty" toml:"containers,omitempty"` - Customizations *Customizations `json:"customizations,omitempty" toml:"customizations"` + Customizations *Customizations `json:"customizations,omitempty" toml:"customizations,omitempty"` Distro string `json:"distro" toml:"distro"` // EXPERIMENTAL diff --git a/vendor/github.com/osbuild/images/pkg/blueprint/disk_customizations.go b/vendor/github.com/osbuild/images/pkg/blueprint/disk_customizations.go index f5a06dc68..fe150483e 100644 --- a/vendor/github.com/osbuild/images/pkg/blueprint/disk_customizations.go +++ b/vendor/github.com/osbuild/images/pkg/blueprint/disk_customizations.go @@ -9,6 +9,7 @@ import ( "regexp" "slices" "strings" + "unicode/utf16" "github.com/google/uuid" "github.com/osbuild/images/pkg/datasizes" @@ -72,6 +73,14 @@ type PartitionCustomization struct { // or the payload type. PartType string `json:"part_type,omitempty" toml:"part_type,omitempty"` + // The partition label for GPT partitions, not supported for dos partitions. + // Note: This is not the same as the label, which can be set in "Label" + PartLabel string `json:"part_label,omitempty" toml:"part_label,omitempty"` + + // The partition GUID for GPT partitions, not supported for dos partitions. + // Note: This is the unique uuid, not the type guid, that is PartType + PartUUID string `json:"part_uuid,omitempty" toml:"part_uuid,omitempty"` + BtrfsVolumeCustomization VGCustomization @@ -162,9 +171,11 @@ type BtrfsSubvolumeCustomization struct { func (v *PartitionCustomization) UnmarshalJSON(data []byte) error { errPrefix := "JSON unmarshal:" var typeSniffer struct { - Type string `json:"type"` - MinSize any `json:"minsize"` - PartType string `json:"part_type"` + Type string `json:"type"` + MinSize any `json:"minsize"` + PartType string `json:"part_type"` + PartLabel string `json:"part_label"` + PartUUID string `json:"part_uuid"` } if err := json.Unmarshal(data, &typeSniffer); err != nil { return fmt.Errorf("%s %w", errPrefix, err) @@ -194,6 +205,8 @@ func (v *PartitionCustomization) UnmarshalJSON(data []byte) error { v.Type = partType v.PartType = typeSniffer.PartType + v.PartLabel = typeSniffer.PartLabel + v.PartUUID = typeSniffer.PartUUID if typeSniffer.MinSize == nil { return fmt.Errorf("minsize is required") @@ -213,11 +226,13 @@ func (v *PartitionCustomization) UnmarshalJSON(data []byte) error { // the type is "plain", none of the fields for btrfs or lvm are used. func decodePlain(v *PartitionCustomization, data []byte) error { var plain struct { - // Type, minsize, and part_type are handled by the caller. These are added here to + // Type, minsize, and part_* are handled by the caller. These are added here to // satisfy "DisallowUnknownFields" when decoding. - Type string `json:"type"` - MinSize any `json:"minsize"` - PartType string `json:"part_type"` + Type string `json:"type"` + MinSize any `json:"minsize"` + PartType string `json:"part_type"` + PartLabel string `json:"part_label"` + PartUUID string `json:"part_uuid"` FilesystemTypedCustomization } @@ -237,11 +252,13 @@ func decodePlain(v *PartitionCustomization, data []byte) error { // the type is btrfs, none of the fields for plain or lvm are used. func decodeBtrfs(v *PartitionCustomization, data []byte) error { var btrfs struct { - // Type, minsize, and part_type are handled by the caller. These are added here to + // Type, minsize, and part_* are handled by the caller. These are added here to // satisfy "DisallowUnknownFields" when decoding. - Type string `json:"type"` - MinSize any `json:"minsize"` - PartType string `json:"part_type"` + Type string `json:"type"` + MinSize any `json:"minsize"` + PartType string `json:"part_type"` + PartLabel string `json:"part_label"` + PartUUID string `json:"part_uuid"` BtrfsVolumeCustomization } @@ -261,11 +278,13 @@ func decodeBtrfs(v *PartitionCustomization, data []byte) error { // is lvm, none of the fields for plain or btrfs are used. func decodeLVM(v *PartitionCustomization, data []byte) error { var vg struct { - // Type, minsize, and part_type are handled by the caller. These are added here to + // Type, minsize, and part_* are handled by the caller. These are added here to // satisfy "DisallowUnknownFields" when decoding. - Type string `json:"type"` - MinSize any `json:"minsize"` - PartType string `json:"part_type"` + Type string `json:"type"` + MinSize any `json:"minsize"` + PartType string `json:"part_type"` + PartLabel string `json:"part_label"` + PartUUID string `json:"part_uuid"` VGCustomization } @@ -383,6 +402,12 @@ func (p *DiskCustomization) Validate() error { if err := part.ValidatePartitionTypeID(p.Type); err != nil { errs = append(errs, err) } + if err := part.ValidatePartitionID(p.Type); err != nil { + errs = append(errs, err) + } + if err := part.ValidatePartitionLabel(p.Type); err != nil { + errs = append(errs, err) + } switch part.Type { case "plain", "": errs = append(errs, part.validatePlain(mountpoints)) @@ -525,6 +550,48 @@ func (p *PartitionCustomization) ValidatePartitionTypeID(ptType string) error { return nil } +// ValidatePartitionID returns an error if the partition ID is not +// valid given the partition table type. If the partition table type is an +// empty string, the function returns an error only if the partition type ID is +// invalid for both gpt and dos partition tables. +func (p *PartitionCustomization) ValidatePartitionID(ptType string) error { + // Empty PartUUID is fine, it will be selected automatically if needed + if p.PartUUID == "" { + return nil + } + + if ptType == "dos" { + return fmt.Errorf("part_type is not supported for dos partition tables") + } + + _, uuidErr := uuid.Parse(p.PartUUID) + if uuidErr != nil { + return fmt.Errorf("invalid partition part_uuid %q (must be a valid UUID): %w", p.PartUUID, uuidErr) + } + + return nil +} + +// ValidatePartitionID returns an error if the partition ID is not +// valid given the partition table type. +func (p *PartitionCustomization) ValidatePartitionLabel(ptType string) error { + // Empty PartLabel is fine + if p.PartLabel == "" { + return nil + } + + if ptType == "dos" { + return fmt.Errorf("part_label is not supported for dos partition tables") + } + + // GPT Labels are up to 36 utf-16 chars + if len(utf16.Encode([]rune(p.PartLabel))) > 36 { + return fmt.Errorf("part_label is not a valid GPT label, it is too long") + } + + return nil +} + func (p *PartitionCustomization) validatePlain(mountpoints map[string]bool) error { if p.FSType == "swap" { // make sure the mountpoint is empty and return diff --git a/vendor/github.com/osbuild/images/pkg/container/client.go b/vendor/github.com/osbuild/images/pkg/container/client.go index 4aea31dda..c3e500eca 100644 --- a/vendor/github.com/osbuild/images/pkg/container/client.go +++ b/vendor/github.com/osbuild/images/pkg/container/client.go @@ -370,8 +370,8 @@ func (cl *Client) resolveContainerImageArch(ctx context.Context, ref types.Image if err != nil { return nil, err } - a := arch.FromString(info.Architecture) - return &a, nil + a, err := arch.FromString(info.Architecture) + return &a, err } func (cl *Client) getLocalImageIDFromDigest(instance digest.Digest) (string, error) { diff --git a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/dir.go b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/dir.go index 7f881878b..4027f4d06 100644 --- a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/dir.go +++ b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/dir.go @@ -1,6 +1,12 @@ package fsnode -import "os" +import ( + "bytes" + "encoding/json" + "os" + + "github.com/osbuild/images/internal/common" +) type Directory struct { baseFsNode @@ -14,6 +20,27 @@ func (d *Directory) EnsureParentDirs() bool { return d.ensureParentDirs } +func (d *Directory) UnmarshalJSON(data []byte) error { + var v struct { + baseFsNodeJSON + EnsureParentDirs bool `json:"ensure_parent_dirs"` + } + dec := json.NewDecoder(bytes.NewBuffer(data)) + dec.DisallowUnknownFields() + if err := dec.Decode(&v); err != nil { + return err + } + d.baseFsNode.baseFsNodeJSON = v.baseFsNodeJSON + d.ensureParentDirs = v.EnsureParentDirs + + return d.validate() + +} + +func (d *Directory) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(d, unmarshal) +} + // NewDirectory creates a new directory with the given path, mode, user and group. // user and group can be either a string (user name/group name), an int64 (UID/GID) or nil. func NewDirectory(path string, mode *os.FileMode, user interface{}, group interface{}, ensureParentDirs bool) (*Directory, error) { diff --git a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/file.go b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/file.go index 8bc4f0307..426214b0f 100644 --- a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/file.go +++ b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/file.go @@ -1,7 +1,11 @@ package fsnode import ( + "bytes" + "encoding/json" "os" + + "github.com/osbuild/images/internal/common" ) type File struct { @@ -16,6 +20,27 @@ func (f *File) Data() []byte { return f.data } +func (f *File) UnmarshalJSON(data []byte) error { + var v struct { + baseFsNodeJSON + Data string `json:"data,omitempty"` + } + dec := json.NewDecoder(bytes.NewBuffer(data)) + dec.DisallowUnknownFields() + if err := dec.Decode(&v); err != nil { + return err + } + f.baseFsNode.baseFsNodeJSON = v.baseFsNodeJSON + f.data = []byte(v.Data) + + return f.validate() + +} + +func (f *File) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(f, unmarshal) +} + // NewFile creates a new file with the given path, data, mode, user and group. // user and group can be either a string (user name/group name), an int64 (UID/GID) or nil. func NewFile(path string, mode *os.FileMode, user interface{}, group interface{}, data []byte) (*File, error) { diff --git a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/fsnode.go b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/fsnode.go index 174f680f8..d34d78694 100644 --- a/vendor/github.com/osbuild/images/pkg/customizations/fsnode/fsnode.go +++ b/vendor/github.com/osbuild/images/pkg/customizations/fsnode/fsnode.go @@ -1,34 +1,42 @@ package fsnode import ( + "bytes" + "encoding/json" "fmt" "os" - "path" + "path/filepath" "regexp" + + "github.com/osbuild/images/internal/common" ) const usernameRegex = `^[A-Za-z0-9_.][A-Za-z0-9_.-]{0,31}$` const groupnameRegex = `^[A-Za-z0-9_][A-Za-z0-9_-]{0,31}$` +type baseFsNodeJSON struct { + Path string + Mode *os.FileMode + User interface{} + Group interface{} +} + type baseFsNode struct { - path string - mode *os.FileMode - user interface{} - group interface{} + baseFsNodeJSON } func (f *baseFsNode) Path() string { if f == nil { return "" } - return f.path + return f.baseFsNodeJSON.Path } func (f *baseFsNode) Mode() *os.FileMode { if f == nil { return nil } - return f.mode + return f.baseFsNodeJSON.Mode } // User can return either a string (user name) or an int64 (UID) @@ -36,7 +44,7 @@ func (f *baseFsNode) User() interface{} { if f == nil { return nil } - return f.user + return f.baseFsNodeJSON.User } // Group can return either a string (group name) or an int64 (GID) @@ -44,15 +52,17 @@ func (f *baseFsNode) Group() interface{} { if f == nil { return nil } - return f.group + return f.baseFsNodeJSON.Group } func newBaseFsNode(path string, mode *os.FileMode, user interface{}, group interface{}) (*baseFsNode, error) { node := &baseFsNode{ - path: path, - mode: mode, - user: user, - group: group, + baseFsNodeJSON: baseFsNodeJSON{ + Path: path, + Mode: mode, + User: user, + Group: group, + }, } err := node.validate() @@ -63,32 +73,43 @@ func newBaseFsNode(path string, mode *os.FileMode, user interface{}, group inter } func (f *baseFsNode) validate() error { + return f.baseFsNodeJSON.validate() +} + +func (f *baseFsNodeJSON) validate() error { // Check that the path is valid - if f.path == "" { + if f.Path == "" { return fmt.Errorf("path must not be empty") } - if f.path[0] != '/' { + if f.Path[0] != '/' { return fmt.Errorf("path must be absolute") } - if f.path[len(f.path)-1] == '/' { + if f.Path[len(f.Path)-1] == '/' { return fmt.Errorf("path must not end with a slash") } - if f.path != path.Clean(f.path) { + if f.Path != filepath.Clean(f.Path) { return fmt.Errorf("path must be canonical") } // Check that the mode is valid - if f.mode != nil && *f.mode&os.ModeType != 0 { + if f.Mode != nil && *f.Mode&os.ModeType != 0 { return fmt.Errorf("mode must not contain file type bits") } // Check that the user and group are valid - switch user := f.user.(type) { + switch user := f.User.(type) { case string: nameRegex := regexp.MustCompile(usernameRegex) if !nameRegex.MatchString(user) { return fmt.Errorf("user name %q doesn't conform to validating regex (%s)", user, nameRegex.String()) } + case float64: + if user != float64(int64(user)) { + return fmt.Errorf("user ID must be int") + } + if user < 0 { + return fmt.Errorf("user ID must be non-negative") + } case int64: if user < 0 { return fmt.Errorf("user ID must be non-negative") @@ -99,12 +120,19 @@ func (f *baseFsNode) validate() error { return fmt.Errorf("user must be either a string or an int64, got %T", user) } - switch group := f.group.(type) { + switch group := f.Group.(type) { case string: nameRegex := regexp.MustCompile(groupnameRegex) if !nameRegex.MatchString(group) { return fmt.Errorf("group name %q doesn't conform to validating regex (%s)", group, nameRegex.String()) } + case float64: + if group != float64(int64(group)) { + return fmt.Errorf("group ID must be int") + } + if group < 0 { + return fmt.Errorf("group ID must be non-negative") + } case int64: if group < 0 { return fmt.Errorf("group ID must be non-negative") @@ -117,3 +145,22 @@ func (f *baseFsNode) validate() error { return nil } + +func (f *baseFsNode) UnmarshalJSON(data []byte) error { + var fv baseFsNodeJSON + dec := json.NewDecoder(bytes.NewBuffer(data)) + if err := dec.Decode(&fv); err != nil { + return err + } + if err := fv.validate(); err != nil { + return err + } + f.baseFsNodeJSON = fv + + return nil + +} + +func (f *baseFsNode) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(f, unmarshal) +} diff --git a/vendor/github.com/osbuild/images/pkg/customizations/subscription/subscription.go b/vendor/github.com/osbuild/images/pkg/customizations/subscription/subscription.go index bc79e96f8..6b3ed73f3 100644 --- a/vendor/github.com/osbuild/images/pkg/customizations/subscription/subscription.go +++ b/vendor/github.com/osbuild/images/pkg/customizations/subscription/subscription.go @@ -50,12 +50,12 @@ type DNFPluginConfig struct { } type SubManDNFPluginsConfig struct { - ProductID DNFPluginConfig - SubscriptionManager DNFPluginConfig + ProductID DNFPluginConfig `yaml:"product_id,omitempty"` + SubscriptionManager DNFPluginConfig `yaml:"subscription_manager,omitempty"` } type RHSMConfig struct { - DnfPlugins SubManDNFPluginsConfig + DnfPlugins SubManDNFPluginsConfig `yaml:"dnf_plugin,omitempty"` YumPlugins SubManDNFPluginsConfig SubMan SubManConfig } diff --git a/vendor/github.com/osbuild/images/pkg/disk/filesystem.go b/vendor/github.com/osbuild/images/pkg/disk/filesystem.go index b94a8e461..e22a75e63 100644 --- a/vendor/github.com/osbuild/images/pkg/disk/filesystem.go +++ b/vendor/github.com/osbuild/images/pkg/disk/filesystem.go @@ -1,12 +1,57 @@ package disk import ( + "encoding/json" + "fmt" "math/rand" "reflect" "github.com/google/uuid" ) +type MkfsOption int + +const ( // MkfsOption type enum + MkfsVerity MkfsOption = iota // Enable fs-verity option if needed (typically for EXT4) +) + +func getMkfsOptionMapping() []string { + return []string{"verity"} +} + +// String converts MkfsOption into a human readable string +func (option MkfsOption) String() string { + return getMkfsOptionMapping()[int(option)] +} + +func unmarshalHelper(data []byte, mapping []string) (int, error) { + var stringInput string + err := json.Unmarshal(data, &stringInput) + if err != nil { + return 0, err + } + for n, str := range mapping { + if str == stringInput { + return n, nil + } + } + return 0, fmt.Errorf("invalid mkfsoption: %s", stringInput) +} + +// UnmarshalJSON converts a JSON string into an MkfsOption +func (option *MkfsOption) UnmarshalJSON(data []byte) error { + val, err := unmarshalHelper(data, getMkfsOptionMapping()) + if err != nil { + return err + } + *option = MkfsOption(val) + return nil +} + +func (option MkfsOption) MarshalJSON() ([]byte, error) { + return json.Marshal(getMkfsOptionMapping()[option]) +} + // Filesystem related functions type Filesystem struct { Type string `json:"type" yaml:"type"` @@ -22,6 +67,8 @@ type Filesystem struct { FSTabFreq uint64 `json:"fstab_freq,omitempty" yaml:"fstab_freq,omitempty"` // The sixth field of fstab(5); fs_passno FSTabPassNo uint64 `json:"fstab_passno,omitempty" yaml:"fstab_passno,omitempty"` + // Custom mkfs options + MkfsOptions []MkfsOption `json:"mkfs_options,omitempty" yaml:"mkfs_options,omitempty"` } func init() { @@ -46,6 +93,7 @@ func (fs *Filesystem) Clone() Entity { FSTabOptions: fs.FSTabOptions, FSTabFreq: fs.FSTabFreq, FSTabPassNo: fs.FSTabPassNo, + MkfsOptions: fs.MkfsOptions, } } diff --git a/vendor/github.com/osbuild/images/pkg/disk/partition.go b/vendor/github.com/osbuild/images/pkg/disk/partition.go index 8d40b054e..2c1b83ecc 100644 --- a/vendor/github.com/osbuild/images/pkg/disk/partition.go +++ b/vendor/github.com/osbuild/images/pkg/disk/partition.go @@ -21,6 +21,9 @@ type Partition struct { // is just a string. UUID string `json:"uuid,omitempty" yaml:"uuid,omitempty"` + // Partition name (not filesystem label), only supported for GPT + Label string `json:"label,omitempty" yaml:"label,omitempty"` + // If nil, the partition is raw; It doesn't contain a payload. Payload PayloadEntity `json:"payload,omitempty" yaml:"payload,omitempty"` } @@ -36,6 +39,7 @@ func (p *Partition) Clone() Entity { Type: p.Type, Bootable: p.Bootable, UUID: p.UUID, + Label: p.Label, } if p.Payload != nil { diff --git a/vendor/github.com/osbuild/images/pkg/disk/partition_table.go b/vendor/github.com/osbuild/images/pkg/disk/partition_table.go index 69a88a93e..7de9402af 100644 --- a/vendor/github.com/osbuild/images/pkg/disk/partition_table.go +++ b/vendor/github.com/osbuild/images/pkg/disk/partition_table.go @@ -51,6 +51,11 @@ const ( DefaultPartitioningMode PartitioningMode = "" ) +// DefaultBootPartitionSize is the default size of the /boot partition if it +// needs to be auto-created. This happens if the custom partitioning don't +// specify one, but the image requires one to boot (/ is on btrfs, or an LV). +const DefaultBootPartitionSize = 1 * datasizes.GiB + // NewPartitionTable takes an existing base partition table and some parameters // and returns a new version of the base table modified to satisfy the // parameters. @@ -725,7 +730,7 @@ func (pt *PartitionTable) ensureLVM() error { // we need a /boot partition to boot LVM, ensure one exists bootPath := entityPath(pt, "/boot") if bootPath == nil { - _, err := pt.CreateMountpoint("/boot", 512*datasizes.MiB) + _, err := pt.CreateMountpoint("/boot", DefaultBootPartitionSize) if err != nil { return err @@ -784,7 +789,7 @@ func (pt *PartitionTable) ensureBtrfs(architecture arch.Arch) error { // we need a /boot partition to boot btrfs, ensure one exists bootPath := entityPath(pt, "/boot") if bootPath == nil { - _, err := pt.CreateMountpoint("/boot", 512*datasizes.MiB) + _, err := pt.CreateMountpoint("/boot", DefaultBootPartitionSize) if err != nil { return fmt.Errorf("failed to create /boot partition when ensuring btrfs: %w", err) } @@ -1066,7 +1071,7 @@ func addBootPartition(pt *PartitionTable, bootFsType FSType) error { } bootPart := Partition{ Type: partType, - Size: 512 * datasizes.MiB, + Size: DefaultBootPartitionSize, Payload: &Filesystem{ Type: bootFsType.String(), Label: bootLabel, @@ -1078,6 +1083,20 @@ func addBootPartition(pt *PartitionTable, bootFsType FSType) error { return nil } +func hasESP(disk *blueprint.DiskCustomization) bool { + if disk == nil { + return false + } + + for _, part := range disk.Partitions { + if part.Type == "plain" && part.Mountpoint == "/boot/efi" { + return true + } + } + + return false +} + // addPartitionsForBootMode creates partitions to satisfy the boot mode requirements: // - BIOS/legacy: adds a 1 MiB BIOS boot partition. // - UEFI: adds a 200 MiB EFI system partition. @@ -1086,7 +1105,7 @@ func addBootPartition(pt *PartitionTable, bootFsType FSType) error { // The function will append the new partitions to the end of the existing // partition table therefore it is best to call this function early to put them // near the front (as is conventional). -func addPartitionsForBootMode(pt *PartitionTable, bootMode platform.BootMode) error { +func addPartitionsForBootMode(pt *PartitionTable, disk *blueprint.DiskCustomization, bootMode platform.BootMode) error { switch bootMode { case platform.BOOT_LEGACY: // add BIOS boot partition @@ -1097,12 +1116,14 @@ func addPartitionsForBootMode(pt *PartitionTable, bootMode platform.BootMode) er pt.Partitions = append(pt.Partitions, part) return nil case platform.BOOT_UEFI: - // add ESP - part, err := mkESP(200*datasizes.MiB, pt.Type) - if err != nil { - return err + // add ESP if needed + if !hasESP(disk) { + part, err := mkESP(200*datasizes.MiB, pt.Type) + if err != nil { + return err + } + pt.Partitions = append(pt.Partitions, part) } - pt.Partitions = append(pt.Partitions, part) return nil case platform.BOOT_HYBRID: // add both @@ -1110,11 +1131,14 @@ func addPartitionsForBootMode(pt *PartitionTable, bootMode platform.BootMode) er if err != nil { return err } - esp, err := mkESP(200*datasizes.MiB, pt.Type) - if err != nil { - return err + pt.Partitions = append(pt.Partitions, bios) + if !hasESP(disk) { + esp, err := mkESP(200*datasizes.MiB, pt.Type) + if err != nil { + return err + } + pt.Partitions = append(pt.Partitions, esp) } - pt.Partitions = append(pt.Partitions, bios, esp) return nil case platform.BOOT_NONE: return nil @@ -1149,7 +1173,7 @@ func mkESP(size uint64, ptType PartitionTableType) (Partition, error) { Type: "vfat", UUID: EFIFilesystemUUID, Mountpoint: "/boot/efi", - Label: "EFI-SYSTEM", + Label: "ESP", FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", FSTabFreq: 0, FSTabPassNo: 2, @@ -1268,8 +1292,7 @@ func NewCustomPartitionTable(customizations *blueprint.DiskCustomization, option // add any partition(s) that are needed for booting (like /boot/efi) // if needed // - // TODO: switch to ensure ESP in case customizations already include it - if err := addPartitionsForBootMode(pt, options.BootMode); err != nil { + if err := addPartitionsForBootMode(pt, customizations, options.BootMode); err != nil { return nil, fmt.Errorf("%s %w", errPrefix, err) } // add the /boot partition (if it is needed) @@ -1279,10 +1302,16 @@ func NewCustomPartitionTable(customizations *blueprint.DiskCustomization, option // add user customized partitions for _, part := range customizations.Partitions { if part.PartType != "" { - // check the partition type now that we also know the partition table type + // check the partition details now that we also know the partition table type if err := part.ValidatePartitionTypeID(pt.Type.String()); err != nil { return nil, fmt.Errorf("%s error validating partition type ID for %q: %w", errPrefix, part.Mountpoint, err) } + if err := part.ValidatePartitionID(pt.Type.String()); err != nil { + return nil, fmt.Errorf("%s error validating partition ID for %q: %w", errPrefix, part.Mountpoint, err) + } + if err := part.ValidatePartitionLabel(pt.Type.String()); err != nil { + return nil, fmt.Errorf("%s error validating partition label for %q: %w", errPrefix, part.Mountpoint, err) + } } switch part.Type { @@ -1377,6 +1406,8 @@ func addPlainPartition(pt *PartitionTable, partition blueprint.PartitionCustomiz newpart := Partition{ Type: partType, + UUID: partition.PartUUID, + Label: partition.PartLabel, Size: partition.MinSize, Payload: payload, } @@ -1449,6 +1480,8 @@ func addLVMPartition(pt *PartitionTable, partition blueprint.PartitionCustomizat newpart := Partition{ Type: partType, + UUID: partition.PartUUID, + Label: partition.PartLabel, Size: partition.MinSize, Bootable: false, Payload: newvg, @@ -1482,6 +1515,8 @@ func addBtrfsPartition(pt *PartitionTable, partition blueprint.PartitionCustomiz } newpart := Partition{ Type: partType, + UUID: partition.PartUUID, + Label: partition.PartLabel, Bootable: false, Payload: newvol, Size: partition.MinSize, diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/fedora/distro.yaml b/vendor/github.com/osbuild/images/pkg/distro/defs/fedora/distro.yaml index 118d8ec20..33b72edc9 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/fedora/distro.yaml +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/fedora/distro.yaml @@ -12,6 +12,205 @@ - "geolite2-country" - "plymouth" + kernel_options: + default_kernel_optons: + - "ro" + cloud_kernel_options: &cloud_kernel_options + - "ro" + - "no_timer_check" + - "console=ttyS0,115200n8" + - "biosdevname=0" + - "net.ifnames=0" + ostree_deployment_kernel_options: &ostree_deployment_kernel_options + - "modprobe.blacklist=vc4" + - "rw" + - "coreos.no_persist_ip" + + environments: + kvm: &kvm_env + packages: + - "cloud-init" + - "qemu-guest-agent" + services: + - "cloud-init.service" + - "cloud-config.service" + - "cloud-final.service" + - "cloud-init-local.service" + ec2_env: &ec2_env + packages: + - "cloud-init" + services: + - "cloud-init.service" + - "cloud-config.service" + - "cloud-final.service" + - "cloud-init-local.service" + azure_env: &azure_env + packages: + - "cloud-init" + - "WALinuxAgent" + services: + - "cloud-init.service" + - "cloud-config.service" + - "cloud-final.service" + - "cloud-init-local.service" + - "waagent" + + platforms: + x86_64_uefi_platform: &x86_64_uefi_platform + arch: "x86_64" + uefi_vendor: "fedora" + qcow2_compat: "1.1" + packages: &x86_64_uefi_platform_packages + uefi: + - "dracut-config-generic" + - "efibootmgr" + - "grub2-efi-x64" + - "shim-x64" + x86_64_bios_platform: &x86_64_bios_platform + <<: *x86_64_uefi_platform + bios_platform: "i386-pc" + packages: &x86_64_bios_platform_packages + <<: *x86_64_uefi_platform_packages + bios: + - "dracut-config-generic" + - "grub2-pc" + build_packages: + bios: + - "grub2-pc" + # XXX: the name is not 100% accurate, this platform is also used for iot-container, iot-commit + x86_64_installer_platform: &x86_64_installer_platform + <<: *x86_64_bios_platform + image_format: "raw" + packages: + <<: *x86_64_bios_platform_packages + firmware: + - "biosdevname" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "microcode_ctl" + aarch64_platform: &aarch64_platform + arch: "aarch64" + uefi_vendor: "fedora" + image_format: "qcow2" + qcow2_compat: "1.1" + packages: &aarch64_uefi_platform_packages + uefi: + - "dracut-config-generic" + - "efibootmgr" + - "grub2-efi-aa64" + - "grub2-tools" + - "shim-aa64" + aarch64_installer_platform: &aarch64_installer_platform + arch: "aarch64" + uefi_vendor: "fedora" + packages: + <<: *aarch64_uefi_platform_packages + firmware: + - "arm-image-installer" + - "bcm283x-firmware" + - "brcmfmac-firmware" + - "iwlwifi-mvm-firmware" + - "realtek-firmware" + - "uboot-images-armv8" + ppc64le_bios_platform: &ppc64le_bios_platform + arch: "ppc64le" + bios_platform: "powerpc-ieee1275" + image_format: "qcow2" + qcow2_compat: "1.1" + packages: + bios: + - "dracut-config-generic" + - "powerpc-utils" + - "grub2-ppc64le" + - "grub2-ppc64le-modules" + build_packages: + bios: + - "grub2-ppc64le" + - "grub2-ppc64le-modules" + s390x_zipl_platform: &s390x_zipl_platform + arch: "s390x" + zipl_support: true + image_format: "qcow2" + qcow2_compat: "1.1" + packages: + zipl: + - "dracut-config-generic" + - "s390utils-base" + - "s390utils-core" + build_packages: + zipl: + - "s390utils-base" + riscv64_uefi_platform: &riscv64_uefi_platform + arch: "riscv64" + uefi_vendor: "uefi" + image_format: "raw" + packages: + # XXX: this is needed to get a generic bootkernel, + # this should probably be part of any bootable img + # packagelist + uefi: + - "dracut-config-generic" + - "grub2-efi-riscv64" + - "grub2-efi-riscv64-modules" + - "shim-unsigned-riscv64" + + installer_config: &default_installer_config + additional_dracut_modules: + - "net-lib" + condition: + version_less_than: + "42": + additional_dracut_modules: + - "ifcfg" + + image_config: + iot_enabled_services: &image_config_iot_enabled_services + enabled_services: + - "NetworkManager.service" + - "firewalld.service" + - "sshd.service" + - "greenboot-grub2-set-counter" + - "greenboot-grub2-set-success" + - "greenboot-healthcheck" + - "greenboot-rpm-ostree-grub2-check-fallback" + - "greenboot-status" + - "greenboot-task-runner" + - "redboot-auto-reboot" + - "redboot-task-runner" + kernel_options: *ostree_deployment_kernel_options + condition: + version_less_than: + "42": + enabled_services: + - "NetworkManager.service" + - "firewalld.service" + - "sshd.service" + - "greenboot-grub2-set-counter" + - "greenboot-grub2-set-success" + - "greenboot-healthcheck" + - "greenboot-rpm-ostree-grub2-check-fallback" + - "greenboot-status" + - "greenboot-task-runner" + - "redboot-auto-reboot" + - "redboot-task-runner" + # only in < 42 + - "zezere_ignition.timer" + - "zezere_ignition_banner.service" + - "parsec" + - "dbus-parsec" + iot: &image_config_iot + <<: *image_config_iot_enabled_services + keyboard: + keymap: "us" + locale: "C.UTF-8" + ostree_conf_sysroot_readonly: true + lock_root_user: true + + disk_sizes: + default_required_partition_sizes: &default_required_dir_sizes + "/": 1_073_741_824 # 1 * datasizes.GiB + "/usr": 2_147_483_648 # 2 * datasizes.GiB + partitioning: ids: - &prep_partition_dosid "41" @@ -51,12 +250,12 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 - &default_partition_table_part_boot - size: 524_288_000 # 500 * MiB + size: 1_073_741_824 # 1 * datasizes.GibiByte, type: *filesystem_data_guid uuid: *data_partition_uuid payload_type: "filesystem" @@ -89,7 +288,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "umask=0077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -142,7 +341,7 @@ payload: <<: *iot_base_partition_table_part_root_payload fstab_options: "defaults,ro" - + default_partition_tables: &default_partition_tables x86_64: uuid: "D209C89E-EA5E-4FBD-B161-B461CCE297E0" @@ -167,7 +366,7 @@ bootable: true type: *prep_partition_dosid - &default_partition_table_part_boot_ppc64le - size: 524_288_000 # 500 * MiB + size: 1_073_741_824 # 1 * datasizes.GibiByte, payload_type: "filesystem" payload: type: "ext4" @@ -203,7 +402,6 @@ - *default_partition_table_part_efi - &minimal_raw_partition_table_part_boot <<: *default_partition_table_part_boot - size: 1_073_741_824 # 1 * datasizes.GibiByte, type: *xboot_ldr_partition_guid - &minimal_raw_partition_table_part_root <<: *default_partition_table_part_root @@ -302,173 +500,364 @@ image_config: timezone: "UTC" image_types: - server_qcow2: &server_qcow2 + "server-qcow2": &server_qcow2 + name_aliases: ["qcow2"] + filename: "disk.qcow2" + mime_type: "application/x-qemu-disk" + environment: *kvm_env + bootable: true + default_size: 5_368_709_120 # 5 * datasizes.GibiByte + image_func: "disk" + build_pipelines: ["build"] + payload_pipelines: ["os", "image", "qcow2"] + exports: ["qcow2"] + required_partition_sizes: *default_required_dir_sizes + image_config: &image_config_qcow2 + default_target: "multi-user.target" + kernel_options: *cloud_kernel_options partition_table: <<: *default_partition_tables package_sets: - - *cloud_base_pkgset - - include: - - "qemu-guest-agent" + os: + - *cloud_base_pkgset + - include: + - "qemu-guest-agent" + platforms: + - <<: *x86_64_bios_platform + image_format: "qcow2" + - <<: *aarch64_platform + image_format: "qcow2" + - <<: *ppc64le_bios_platform + image_format: "qcow2" + - <<: *s390x_zipl_platform + image_format: "qcow2" - server_ami: *server_qcow2 - server_oci: *server_qcow2 - server_openstack: *server_qcow2 + "server-ami": + <<: *server_qcow2 + name_aliases: ["ami"] + filename: "image.raw" + mime_type: "application/octet-stream" + payload_pipelines: ["os", "image"] + exports: ["image"] + environment: *ec2_env + platforms: + - <<: *x86_64_bios_platform + image_format: "raw" + - <<: *aarch64_platform + image_format: "raw" - server_vhd: + "server-oci": + <<: *server_qcow2 + name_aliases: ["oci"] + platforms: + - <<: *x86_64_bios_platform + image_format: "qcow2" + - <<: *aarch64_platform + image_format: "qcow2" + + "server-openstack": + <<: *server_qcow2 + name_aliases: ["openstack"] + platforms: + - <<: *x86_64_bios_platform + qcow2_compat: "" + image_format: "qcow2" + - <<: *aarch64_platform + qcow2_compat: "" + image_format: "qcow2" + + "server-vhd": + <<: *server_qcow2 + name_aliases: ["vhd"] + filename: "disk.vhd" + mime_type: "application/x-vhd" + payload_pipelines: ["os", "image", "vpc"] + exports: ["vpc"] + environment: *azure_env + platforms: + - <<: *x86_64_bios_platform + image_format: "vhd" + image_config: + <<: *image_config_qcow2 + sshd_config: + # follows https://github.com/osbuild/osbuild/blob/main/stages/org.osbuild.sshd.config.meta.json + config: + ClientAliveInterval: 120 partition_table: <<: *default_partition_tables package_sets: - - *cloud_base_pkgset - - include: - - "WALinuxAgent" + os: + - *cloud_base_pkgset + - include: + - "WALinuxAgent" - server_vmdk: &server_vmdk + "server-vmdk": &server_vmdk + name_aliases: ["vmdk"] + filename: "disk.vmdk" + mime_type: "application/x-vmdk" + bootable: true + default_size: 2_147_483_648 # 2 * datasizes.GibiByte + image_func: "disk" + build_pipelines: ["build"] + payload_pipelines: ["os", "image", "vmdk"] + exports: ["vmdk"] + required_partition_sizes: *default_required_dir_sizes + platforms: + - <<: *x86_64_bios_platform + image_format: "vmdk" + image_config: + locale: "en_US.UTF-8" + enabled_services: + - "cloud-init.service" + - "cloud-config.service" + - "cloud-final.service" + - "cloud-init-local.service" + kernel_options: *cloud_kernel_options partition_table: <<: *default_partition_tables package_sets: - - include: - - "@Fedora Cloud Server" - - "chrony" - - "systemd-udev" - - "langpacks-en" - - "open-vm-tools" - exclude: - - "dracut-config-rescue" - - "etables" - - "firewalld" - - "geolite2-city" - - "geolite2-country" - - "gobject-introspection" - - "plymouth" - - "zram-generator-defaults" - - "grubby-deprecated" - - "extlinux-bootloader" + os: + - include: + - "@Fedora Cloud Server" + - "chrony" + - "systemd-udev" + - "langpacks-en" + - "open-vm-tools" + exclude: + - "dracut-config-rescue" + - "etables" + - "firewalld" + - "geolite2-city" + - "geolite2-country" + - "gobject-introspection" + - "plymouth" + - "zram-generator-defaults" + - "grubby-deprecated" + - "extlinux-bootloader" - server_ova: *server_vmdk + "server-ova": + <<: *server_vmdk + name_aliases: ["ova"] + filename: "image.ova" + mime_type: "application/ovf" + payload_pipelines: ["os", "image", "vmdk", "ovf", "archive"] + exports: ["archive"] + platforms: + - <<: *x86_64_bios_platform + image_format: "ova" # NOTE: keep in sync with official fedora-iot definitions: # https://pagure.io/fedora-iot/ostree/blob/main/f/fedora-iot-base.yaml - iot_commit: &iot_commit + "iot-commit": &iot_commit + name_aliases: ["fedora-iot-commit"] + filename: "commit.tar" + mime_type: "application/x-tar" + rpm_ostree: true + image_func: "iot_commit" + build_pipelines: ["build"] + payload_pipelines: ["os", "ostree-commit", "commit-archive"] + exports: ["commit-archive"] + required_partition_sizes: *default_required_dir_sizes + image_config: + <<: *image_config_iot_enabled_services + dracut_conf: + - filename: "40-fips.conf" + config: + add_dracutmodules: + - "fips" + machine_id_uninitialized: false + platforms: + - *x86_64_installer_platform + - *aarch64_installer_platform package_sets: - - include: - - "NetworkManager" - - "NetworkManager-wifi" - - "NetworkManager-wwan" - - "aardvark-dns" - - "atheros-firmware" - - "attr" - - "authselect" - - "bash" - - "bash-completion" - - "brcmfmac-firmware" - - "chrony" - - "clevis" - - "clevis-dracut" - - "clevis-luks" - - "clevis-pin-tpm2" - - "container-selinux" - - "containernetworking-plugins" - - "coreutils" - - "cracklib-dicts" - - "criu" - - "cryptsetup" - - "curl" - - "dosfstools" - - "dracut-config-generic" - - "dracut-network" - - "e2fsprogs" - - "efibootmgr" - - "fdo-client" - - "fdo-owner-cli" - - "fedora-iot-config" - - "fedora-release-iot" - - "firewalld" - - "fwupd" - - "fwupd-efi" - - "fwupd-plugin-modem-manager" - - "fwupd-plugin-uefi-capsule-data" - - "glibc" - - "glibc-minimal-langpack" - - "gnupg2" - - "greenboot" - - "greenboot-default-health-checks" - - "gzip" - - "hostname" - - "ignition" - - "ignition-edge" - - "ima-evm-utils" - - "iproute" - - "iputils" - - "iwd" - - "iwlwifi-mvm-firmware" - - "keyutils" - - "less" - - "libsss_sudo" - - "linux-firmware" - - "lvm2" - - "netavark" - - "nss-altfiles" - - "openssh-clients" - - "openssh-server" - - "openssl" - - "pinentry" - - "podman" - - "policycoreutils" - - "polkit" - - "procps-ng" - - "realtek-firmware" - - "rootfiles" - - "rpm" - - "screen" - - "selinux-policy-targeted" - - "setools-console" - - "setup" - - "shadow-utils" - - "skopeo" - - "slirp4netns" - - "ssh-key-dir" - - "sssd-client" - - "sudo" - - "systemd" - - "systemd-resolved" - - "tar" - - "tmux" - - "tpm2-pkcs11" - - "traceroute" - - "usbguard" - - "util-linux" - - "vim-minimal" - - "wireless-regdb" - - "wpa_supplicant" - - "xfsprogs" - - "xz" - - "zram-generator" - condition: - version_less_than: - "41": - include: - - "dnsmasq" - "42": - include: - - "dbus-parsec" - - "kernel-tools" - - "parsec" - - "policycoreutils-python-utils" - - "zezere-ignition" - "43": - include: - - "basesystem" - version_greater_or_equal: - "41": - include: - - "bootupd" - "43": - include: - - "filesystem" + os: + - include: + - "NetworkManager" + - "NetworkManager-wifi" + - "NetworkManager-wwan" + - "aardvark-dns" + - "atheros-firmware" + - "attr" + - "authselect" + - "bash" + - "bash-completion" + - "brcmfmac-firmware" + - "chrony" + - "clevis" + - "clevis-dracut" + - "clevis-luks" + - "clevis-pin-tpm2" + - "container-selinux" + - "containernetworking-plugins" + - "coreutils" + - "cracklib-dicts" + - "criu" + - "cryptsetup" + - "curl" + - "dosfstools" + - "dracut-config-generic" + - "dracut-network" + - "e2fsprogs" + - "efibootmgr" + - "fdo-client" + - "fdo-owner-cli" + - "fedora-iot-config" + - "fedora-release-iot" + - "firewalld" + - "fwupd" + - "fwupd-efi" + - "fwupd-plugin-modem-manager" + - "fwupd-plugin-uefi-capsule-data" + - "glibc" + - "glibc-minimal-langpack" + - "gnupg2" + - "greenboot" + - "greenboot-default-health-checks" + - "gzip" + - "hostname" + - "ignition" + - "ignition-edge" + - "ima-evm-utils" + - "iproute" + - "iputils" + - "iwd" + - "iwlwifi-mvm-firmware" + - "keyutils" + - "less" + - "libsss_sudo" + - "linux-firmware" + - "lvm2" + - "netavark" + - "nss-altfiles" + - "openssh-clients" + - "openssh-server" + - "openssl" + - "pinentry" + - "podman" + - "policycoreutils" + - "polkit" + - "procps-ng" + - "realtek-firmware" + - "rootfiles" + - "rpm" + - "screen" + - "selinux-policy-targeted" + - "setools-console" + - "setup" + - "shadow-utils" + - "skopeo" + - "slirp4netns" + - "ssh-key-dir" + - "sssd-client" + - "sudo" + - "systemd" + - "systemd-resolved" + - "tar" + - "tmux" + - "tpm2-pkcs11" + - "traceroute" + - "usbguard" + - "util-linux" + - "vim-minimal" + - "wireless-regdb" + - "wpa_supplicant" + - "xfsprogs" + - "xz" + - "zram-generator" + condition: + version_less_than: + "41": + include: + - "dnsmasq" + "42": + include: + - "dbus-parsec" + - "kernel-tools" + - "parsec" + - "policycoreutils-python-utils" + - "zezere-ignition" + "43": + include: + - "basesystem" + version_greater_or_equal: + "41": + include: + - "bootupd" + "43": + include: + - "filesystem" - iot_container: *iot_commit + "iot-container": + <<: *iot_commit + name_aliases: ["fedora-iot-container"] + filename: "container.tar" + mime_type: "application/x-tar" + rpm_ostree: true + image_func: "iot_container" + build_pipelines: ["build"] + payload_pipelines: ["os", "ostree-commit", "container-tree", "container"] + exports: ["container"] + required_partition_sizes: *default_required_dir_sizes + platforms: + - *x86_64_installer_platform + - *aarch64_installer_platform - iot_raw_xz: + "iot-raw-xz": + name_aliases: ["iot-raw-image", "fedora-iot-raw-image"] + filename: "image.raw.xz" + compression: "xz" + mime_type: "application/xz" + default_size: 4_294_967_296 # 4 * datasizes.GibiByte + rpm_ostree: true + bootable: true + image_func: "iot" + build_pipelines: ["build"] + payload_pipelines: ["ostree-deployment", "image", "xz"] + exports: ["xz"] + # Passing an empty map into the required partition sizes disables the + # default partition sizes normally set so our `basePartitionTables` can + # override them (and make them smaller, in this case). + required_partition_sizes: + "/": 0 + image_config: + <<: *image_config_iot + ignition_platform: "metal" + platforms: + - <<: *x86_64_uefi_platform + image_format: "raw" + - <<: *aarch64_platform + image_format: "raw" + boot_files: + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-2-b.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-3-b-plus.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-3-b.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-cm3.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-zero-2-w.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2710-rpi-zero-2.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2711-rpi-4-b.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2711-rpi-400.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2711-rpi-cm4.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bcm2711-rpi-cm4s.dtb", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/bootcode.bin", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/config.txt", "/boot/efi/config.txt"] + - ["/usr/lib/ostree-boot/efi/fixup.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup4.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup4cd.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup4db.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup4x.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup_cd.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup_db.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/fixup_x.dat", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/overlays", "/boot/efi/"] + - ["/usr/share/uboot/rpi_arm64/u-boot.bin", "/boot/efi/rpi-u-boot.bin"] + - ["/usr/lib/ostree-boot/efi/start.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start4.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start4cd.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start4db.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start4x.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start_cd.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start_db.elf", "/boot/efi/"] + - ["/usr/lib/ostree-boot/efi/start_x.elf", "/boot/efi/"] partition_table: <<: *iot_base_partition_tables partition_tables_override: @@ -487,486 +876,829 @@ image_types: - *iot_base_partition_table_part_efi_aarch64 - *iot_base_partition_table_part_boot_aarch64 - *iot_base_partition_table_part_root_fstab_ro_aarch64 - iot_qcow2: + + "iot-qcow2": + name_aliases: ["iot-qcow2-image"] + filename: "image.qcow2" + mime_type: "application/x-qemu-disk" + default_size: 10_737_418_240 # 10 * datasizes.GibiByte + rpm_ostree: true + bootable: true + image_func: "iot" + build_pipelines: ["build"] + payload_pipelines: ["ostree-deployment", "image", "qcow2"] + exports: ["qcow2"] + required_partition_sizes: *default_required_dir_sizes + image_config: + <<: *image_config_iot + ignition_platform: "qemu" partition_table: <<: *iot_base_partition_tables + platforms: + - <<: *x86_64_uefi_platform + image_format: "qcow2" + # XXX: the original images lib defined no qcow2Compat + qcow2_compat: "" + - <<: *aarch64_platform + image_format: "qcow2" + qcow2_compat: "1.1" - iot_bootable_container: + "iot-bootable-container": + filename: "iot-bootable-container.tar" + mime_type: "application/x-tar" + rpm_ostree: true + image_func: "bootable_container" + build_pipelines: ["build"] + payload_pipelines: ["os", "ostree-commit", "ostree-encapsulate"] + exports: ["ostree-encapsulate"] + required_partition_sizes: *default_required_dir_sizes + image_config: + machine_id_uninitialized: false + platforms: + - <<: *x86_64_bios_platform + packages: + <<: *x86_64_bios_platform_packages + firmware: + - "biosdevname" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "microcode_ctl" + - <<: *aarch64_platform + packages: + <<: *aarch64_uefi_platform_packages + firmware: + - "arm-image-installer" + - "bcm283x-firmware" + - "brcmfmac-firmware" + - "iwlwifi-mvm-firmware" + - "realtek-firmware" + - "uboot-images-armv8" + - <<: *ppc64le_bios_platform + image_format: "qcow2" + qcow2_compat: "1.1" + - <<: *s390x_zipl_platform + image_format: "qcow2" + qcow2_compat: "1.1" package_sets: - - include: - - "acl" - - "attr" # used by admins interactively - - "bootc" - - "bootupd" - - "chrony" # NTP support - - "container-selinux" - - "container-selinux" - - "crun" - - "cryptsetup" - - "dnf" - - "dosfstools" - - "e2fsprogs" - - "fwupd" # if you're using linux-firmware you probably also want fwupd - - "gdisk" - - "iproute" # route manipulation and QoS - - "iproute-tc" - - "iptables" # firewall manipulation - - "nftables" - - "iptables-services" # additional firewall support - - "kbd" # i18n - - "keyutils" # Manipulating the kernel keyring; used by bootc - - "libsss_sudo" # allow communication between sudo and SSSD for caching sudo rules by SSSD - - "linux-firmware" # linux-firmware now a recommends so let's explicitly include it - - "logrotate" # There are things that write outside of the journal still (such as the classic wtmp etc.). auditd also writes outside the journal but it has its own log rotation. Anything package layered will also tend to expect files dropped in /etc/logrotate.d to work. Really this is a legacy thing but if we don't have it then people's disks will slowly fill up with logs. - - "lsof" - - "lvm2" # Storage configuration/management - - "nano" # default editor - - "ncurses" # provides terminal tools like clear reset tput and tset - - "NetworkManager-cloud-setup" # support for cloud quirks and dynamic config in real rootfs: https:#github.com/coreos/fedora-coreos-tracker/issues/320 - - "NetworkManager" # standard tools for configuring network/hostname - - "hostname" - - "NetworkManager-team" # teaming https:#github.com/coreos/fedora-coreos-config/pull/289 and http:#bugzilla.redhat.com/1758162 - - "teamd" - - "NetworkManager-tui" # interactive Networking configuration during coreos-install - - "nfs-utils-coreos" # minimal NFS client - - "iptables-nft" - - "nss-altfiles" - - "openssh-clients" - - "openssh-server" - - "openssl" - - "ostree" - - "shadow-utils" # User configuration - - "podman" - - "rpm-ostree" - - "selinux-policy-targeted" - - "sg3_utils" - - "skopeo" - - "socat" # interactive network tools for admins - - "net-tools" - - "bind-utils" - - "sssd-client" # SSSD backends - - "sssd-ad" - - "sssd-ipa" - - "sssd-krb5" - - "sssd-ldap" - - "stalld" # Boost starving threads https:#github.com/coreos/fedora-coreos-tracker/issues/753 - - "subscription-manager" # To ensure we can enable client certs to access RHEL content - - "sudo" - - "systemd" - - "systemd-resolved" # resolved was broken out to its own package in rawhide/f35 - - "tpm2-tools" # needed for tpm2 bound luks - - "WALinuxAgent-udev" # udev rules for Azure (rhbz#1748432) - - "xfsprogs" - - "zram-generator" # zram-generator (but not zram-generator-defaults) for F33 change - exclude: - - "cowsay" # just in case - - "grubby" - - "initscripts" # make sure initscripts doesn't get pulled back in https:#github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254 - - "NetworkManager-initscripts-ifcfg-rh" # do not use legacy ifcfg config format in NetworkManager See https:#github.com/coreos/fedora-coreos-config/pull/1991 - - "nodejs" - - "plymouth" # for (datacenter/cloud oriented) servers we want to see the details by default. https:#lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/ - - "systemd-networkd" # we use NetworkManager - condition: - architecture: - aarch64: - include: - - "irqbalance" - - "ostree-grub2" - exclude: - - "perl" - - "perl-interpreter" - ppc64le: - include: - - "irqbalance" - - "librtas" - - "powerpc-utils-core" - - "ppc64-diag-rtas" - x86_64: - include: - - "irqbalance" - exclude: - - "perl" - - "perl-interpreter" + os: + - include: + - "acl" + - "attr" # used by admins interactively + - "bootc" + - "bootupd" + - "chrony" # NTP support + - "container-selinux" + - "container-selinux" + - "crun" + - "cryptsetup" + - "dnf" + - "dosfstools" + - "e2fsprogs" + - "fwupd" # if you're using linux-firmware you probably also want fwupd + - "gdisk" + - "iproute" # route manipulation and QoS + - "iproute-tc" + - "iptables" # firewall manipulation + - "nftables" + - "iptables-services" # additional firewall support + - "kbd" # i18n + - "keyutils" # Manipulating the kernel keyring; used by bootc + - "libsss_sudo" # allow communication between sudo and SSSD for caching sudo rules by SSSD + - "linux-firmware" # linux-firmware now a recommends so let's explicitly include it + # There are things that write outside of the journal still + # (such as the classic wtmp etc.). auditd also writes + # outside the journal but it has its own log rotation. + # Anything package layered will also tend to expect files + # dropped in /etc/logrotate.d to work. Really this is a + # legacy thing but if we don't have it then people's disks + # will slowly fill up with logs. + - "logrotate" + - "lsof" + - "lvm2" # Storage configuration/management + - "nano" # default editor + - "ncurses" # provides terminal tools like clear reset tput and tset + - "NetworkManager-cloud-setup" # support for cloud quirks and dynamic config in real rootfs: https:#github.com/coreos/fedora-coreos-tracker/issues/320 + - "NetworkManager" # standard tools for configuring network/hostname + - "hostname" + - "NetworkManager-team" # teaming https:#github.com/coreos/fedora-coreos-config/pull/289 and http:#bugzilla.redhat.com/1758162 + - "teamd" + - "NetworkManager-tui" # interactive Networking configuration during coreos-install + - "nfs-utils-coreos" # minimal NFS client + - "iptables-nft" + - "nss-altfiles" + - "openssh-clients" + - "openssh-server" + - "openssl" + - "ostree" + - "shadow-utils" # User configuration + - "podman" + - "rpm-ostree" + - "selinux-policy-targeted" + - "sg3_utils" + - "skopeo" + - "socat" # interactive network tools for admins + - "net-tools" + - "bind-utils" + - "sssd-client" # SSSD backends + - "sssd-ad" + - "sssd-ipa" + - "sssd-krb5" + - "sssd-ldap" + - "stalld" # Boost starving threads https:#github.com/coreos/fedora-coreos-tracker/issues/753 + - "subscription-manager" # To ensure we can enable client certs to access RHEL content + - "sudo" + - "systemd" + - "systemd-resolved" # resolved was broken out to its own package in rawhide/f35 + - "tpm2-tools" # needed for tpm2 bound luks + - "WALinuxAgent-udev" # udev rules for Azure (rhbz#1748432) + - "xfsprogs" + - "zram-generator" # zram-generator (but not zram-generator-defaults) for F33 change + exclude: + - "cowsay" # just in case + - "grubby" + - "initscripts" # make sure initscripts doesn't get pulled back in https:#github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254 + - "NetworkManager-initscripts-ifcfg-rh" # do not use legacy ifcfg config format in NetworkManager See https:#github.com/coreos/fedora-coreos-config/pull/1991 + - "nodejs" + - "plymouth" # for (datacenter/cloud oriented) servers we want to see the details by default. https:#lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/ + - "systemd-networkd" # we use NetworkManager + condition: + architecture: + aarch64: + include: + - "irqbalance" + - "ostree-grub2" + exclude: + - "perl" + - "perl-interpreter" + ppc64le: + include: + - "irqbalance" + - "librtas" + - "powerpc-utils-core" + - "ppc64-diag-rtas" + x86_64: + include: + - "irqbalance" + exclude: + - "perl" + - "perl-interpreter" - installer: - package_sets: - - &installer_pkgset - include: - - "anaconda-dracut" - - "atheros-firmware" - - "brcmfmac-firmware" - - "curl" - - "dracut-config-generic" - - "dracut-network" - - "hostname" - - "iwlwifi-dvm-firmware" - - "iwlwifi-mvm-firmware" - - "kernel" - - "linux-firmware" - - "less" - - "nfs-utils" - - "openssh-clients" - - "ostree" - - "plymouth" - - "realtek-firmware" - - "rng-tools" - - "rpcbind" - - "selinux-policy-targeted" - - "systemd" - - "tar" - - "xfsprogs" - - "xz" - - anaconda: &anaconda - package_sets: - - &anaconda_pkgset - include: - - "aajohan-comfortaa-fonts" - - "abattis-cantarell-fonts" - - "alsa-firmware" - - "alsa-tools-firmware" - - "anaconda" - - "anaconda-dracut" - - "anaconda-install-img-deps" - - "anaconda-widgets" - - "atheros-firmware" - - "audit" - - "bind-utils" - - "bitmap-fangsongti-fonts" - - "brcmfmac-firmware" - - "bzip2" - - "cryptsetup" - - "curl" - - "dbus-x11" - - "dejavu-sans-fonts" - - "dejavu-sans-mono-fonts" - - "device-mapper-persistent-data" - - "dmidecode" - - "dnf" - - "dracut-config-generic" - - "dracut-network" - - "efibootmgr" - - "ethtool" - - "fcoe-utils" - - "ftp" - - "gdb-gdbserver" - - "gdisk" - - "glibc-all-langpacks" - - "gnome-kiosk" - - "google-noto-sans-cjk-ttc-fonts" - - "grub2-tools" - - "grub2-tools-extra" - - "grub2-tools-minimal" - - "grubby" - - "gsettings-desktop-schemas" - - "hdparm" - - "hexedit" - - "hostname" - - "initscripts" - - "ipmitool" - - "iwlwifi-dvm-firmware" - - "iwlwifi-mvm-firmware" - - "jomolhari-fonts" - - "kacst-farsi-fonts" - - "kacst-qurn-fonts" - - "kbd" - - "kbd-misc" - - "kdump-anaconda-addon" - - "kernel" - - "khmeros-base-fonts" - - "less" - - "libblockdev-lvm-dbus" - - "libibverbs" - - "libreport-plugin-bugzilla" - - "libreport-plugin-reportuploader" - - "librsvg2" - - "linux-firmware" - - "lldpad" - - "lohit-assamese-fonts" - - "lohit-bengali-fonts" - - "lohit-devanagari-fonts" - - "lohit-gujarati-fonts" - - "lohit-gurmukhi-fonts" - - "lohit-kannada-fonts" - - "lohit-odia-fonts" - - "lohit-tamil-fonts" - - "lohit-telugu-fonts" - - "lsof" - - "madan-fonts" - - "mtr" - - "mt-st" - - "net-tools" - - "nfs-utils" - - "nmap-ncat" - - "nm-connection-editor" - - "nss-tools" - - "openssh-clients" - - "openssh-server" - - "ostree" - - "pciutils" - - "perl-interpreter" - - "pigz" - - "plymouth" - - "prefixdevname" - - "python3-pyatspi" - - "rdma-core" - - "realtek-firmware" - - "rit-meera-new-fonts" - - "rng-tools" - - "rpcbind" - - "rpm-ostree" - - "rsync" - - "rsyslog" - - "selinux-policy-targeted" - - "sg3_utils" - - "sil-abyssinica-fonts" - - "sil-padauk-fonts" - - "sil-scheherazade-new-fonts" - - "smartmontools" - - "spice-vdagent" - - "strace" - - "systemd" - - "tar" - - "thai-scalable-waree-fonts" - - "tigervnc-server-minimal" - - "tigervnc-server-module" - - "udisks2" - - "udisks2-iscsi" - - "usbutils" - - "vim-minimal" - - "volume_key" - - "wget" - - "xfsdump" - - "xfsprogs" - - "xorg-x11-drivers" - - "xorg-x11-fonts-misc" - - "xorg-x11-server-Xorg" - - "xorg-x11-xauth" - - "metacity" - - "xrdb" - - "xz" - condition: - architecture: - x86_64: - include: - - "biosdevname" - - "dmidecode" - - "grub2-tools-efi" - - "memtest86+" - aarch64: - include: - - "dmidecode" - - iot_installer: - package_sets: - - *anaconda_pkgset - - include: - - "fedora-release-iot" - - workstation_live_installer: - package_sets: - - include: - - "@workstation-product-environment" - - "@anaconda-tools" - - "anaconda-install-env-deps" - - "anaconda-live" - - "anaconda-dracut" - - "dracut-live" - - "glibc-all-langpacks" - - "kernel" - - "kernel-modules" - - "kernel-modules-extra" - - "livesys-scripts" - - "rng-tools" - - "rdma-core" - - "gnome-kiosk" - exclude: - - "@dial-up" - - "@input-methods" - - "@standard" - - "device-mapper-multipath" - - "fcoe-utils" - - "gfs2-utils" - - "reiserfs-utils" - - "sdubby" - condition: - version_greater_or_equal: - VERSION_RAWHIDE: - include: - - "anaconda-webui" - - minimal_installer: *anaconda - - container: &container - package_sets: - - include: - - "bash" - - "coreutils" - - "yum" - - "dnf" - - "fedora-release-container" - - "glibc-minimal-langpack" - - "rootfiles" - - "rpm" - - "sudo" - - "tar" - - "util-linux-core" - - "vim-minimal" - exclude: - - "crypto-policies-scripts" - - "dbus-broker" - - "deltarpm" - - "dosfstools" - - "e2fsprogs" - - "elfutils-debuginfod-client" - - "fuse-libs" - - "gawk-all-langpacks" - - "glibc-gconv-extra" - - "glibc-langpack-en" - - "gnupg2-smime" - - "grubby" - - "kernel-core" - - "kernel-debug-core" - - "kernel" - - "langpacks-en_GB" - - "langpacks-en" - - "libss" - - "libxcrypt-compat" - - "nano" - - "openssl-pkcs11" - - "pinentry" - - "python3-unbound" - - "shared-mime-info" - - "sssd-client" - - "sudo-python-plugin" - - "systemd" - - "trousers" - - "whois-nls" - - "xkeyboard-config" - - wsl: - package_sets: - - include: - - "bash" - - "coreutils" - - "cloud-init" - - "yum" - - "dnf" - - "fedora-release-container" - - "glibc-minimal-langpack" - - "rootfiles" - - "rpm" - - "sudo" - - "tar" - - "util-linux-core" - - "vim-minimal" - exclude: - - "crypto-policies-scripts" - - "deltarpm" - - "dosfstools" - - "elfutils-debuginfod-client" - - "gawk-all-langpacks" - - "glibc-gconv-extra" - - "glibc-langpack-en" - - "gnupg2-smime" - - "grubby" - - "kernel-core" - - "kernel-debug-core" - - "kernel" - - "langpacks-en_GB" - - "langpacks-en" - - "libxcrypt-compat" - - "nano" - - "openssl-pkcs11" - - "pinentry" - - "python3-unbound" - - "shared-mime-info" - - "sssd-client" - - "sudo-python-plugin" - - "trousers" - - "whois-nls" - - "xkeyboard-config" - condition: - version_greater_or_equal: - "41": - exclude: - - "fuse-libs" - - minimal_raw: &minimal_raw + "minimal-raw-xz": &minimal_raw_xz + name_aliases: ["minimal-raw"] + filename: "disk.raw.xz" + compression: "xz" + mime_type: "application/xz" + bootable: true + default_size: 2_147_483_648 # 2 * datasizes.GibiByte + image_func: "disk" + build_pipelines: ["build"] + payload_pipelines: ["os", "image", "xz"] + exports: ["xz"] + required_partition_sizes: *default_required_dir_sizes + platforms: + - <<: *x86_64_uefi_platform + image_format: "raw" + - arch: "aarch64" + uefi_vendor: "fedora" + image_format: "raw" + packages: + <<: *aarch64_uefi_platform_packages + firmware: + - "arm-image-installer" + - "bcm283x-firmware" + - "uboot-images-armv8" + boot_files: + - ["/usr/share/uboot/rpi_arm64/u-boot.bin", "/boot/efi/rpi-u-boot.bin"] + - *riscv64_uefi_platform + image_config: + # NOTE: temporary workaround for a bug in initial-setup that + # requires a kickstart file in the root directory. + files: + - path: "/root/anaconda-ks.cfg" + user: "root" + group: "root" + data: | + # Run initial-setup on first boot + # Created by osbuild + firstboot --reconfig + grub2_config: + timeout: 5 + install_weak_deps: false + mount_units: true + enabled_services: + - "NetworkManager.service" + - "initial-setup.service" + - "sshd.service" + kernel_options: + - "rw" + condition: + version_less_than: + "43": + install_weak_deps: true + mount_units: false + enabled_services: + - "NetworkManager.service" + - "initial-setup.service" + - "sshd.service" + - "firewalld.service" + kernel_options: + - "ro" partition_table: <<: *minimal_raw_partition_tables package_sets: - - include: - - "@core" - - "initial-setup" - - "libxkbcommon" - - "NetworkManager-wifi" - - "brcmfmac-firmware" - - "realtek-firmware" - - "iwlwifi-mvm-firmware" - exclude: - - "dracut-config-rescue" - condition: - architecture: - riscv64: - include: - # missing from @core in riscv64 - - "dnf5" - - "policycoreutils" - - "selinux-policy-targeted" - version_greater_or_equal: - "43": - exclude: - - "firewalld" - minimal_raw_zst: *minimal_raw - minimal_raw_xz: *minimal_raw + os: + - &minimal_raw_pkgset + include: + - "@core" + - "initial-setup" + - "libxkbcommon" + - "NetworkManager-wifi" + - "brcmfmac-firmware" + - "realtek-firmware" + - "iwlwifi-mvm-firmware" + exclude: + - "dracut-config-rescue" + condition: + architecture: + riscv64: + include: + # missing from @core in riscv64 + - "dnf5" + - "policycoreutils" + - "selinux-policy-targeted" + version_greater_or_equal: + "43": + exclude: + - "firewalld" + "minimal-raw-zst": + <<: *minimal_raw_xz + name_aliases: [] + filename: "disk.raw.zst" + compression: zstd + payload_pipelines: ["os", "image", "zstd"] + exports: ["zstd"] - iot_simplified_installer: + installer: + package_sets: + os: + - *minimal_raw_pkgset + installer: + - &installer_pkgset + include: + - "anaconda-dracut" + - "atheros-firmware" + - "brcmfmac-firmware" + - "curl" + - "dracut-config-generic" + - "dracut-network" + - "hostname" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "kernel" + - "linux-firmware" + - "less" + - "nfs-utils" + - "openssh-clients" + - "ostree" + - "plymouth" + - "realtek-firmware" + - "rng-tools" + - "rpcbind" + - "selinux-policy-targeted" + - "systemd" + - "tar" + - "xfsprogs" + - "xz" + + anaconda: &anaconda + installer_config: *default_installer_config + image_config: + locale: "en_US.UTF-8" + # ideally we would centralize the iso_rootfs_type here - but + # some installers (like coreos_installer) do things differently + # than the anaconda iso so we do not want to disturb whatever + # special things they expect in their images. + package_sets: + os: + - *minimal_raw_pkgset + installer: + - &anaconda_pkgset + include: + - "aajohan-comfortaa-fonts" + - "abattis-cantarell-fonts" + - "alsa-firmware" + - "alsa-tools-firmware" + - "anaconda" + - "anaconda-dracut" + - "anaconda-install-img-deps" + - "anaconda-widgets" + - "atheros-firmware" + - "audit" + - "bind-utils" + - "bitmap-fangsongti-fonts" + - "brcmfmac-firmware" + - "bzip2" + - "cryptsetup" + - "curl" + - "dbus-x11" + - "dejavu-sans-fonts" + - "dejavu-sans-mono-fonts" + - "device-mapper-persistent-data" + - "dmidecode" + - "dnf" + - "dracut-config-generic" + - "dracut-network" + - "efibootmgr" + - "ethtool" + - "fcoe-utils" + - "ftp" + - "gdb-gdbserver" + - "gdisk" + - "glibc-all-langpacks" + - "gnome-kiosk" + - "google-noto-sans-cjk-ttc-fonts" + - "grub2-tools" + - "grub2-tools-extra" + - "grub2-tools-minimal" + - "grubby" + - "gsettings-desktop-schemas" + - "hdparm" + - "hexedit" + - "hostname" + - "initscripts" + - "ipmitool" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "jomolhari-fonts" + - "kacst-farsi-fonts" + - "kacst-qurn-fonts" + - "kbd" + - "kbd-misc" + - "kdump-anaconda-addon" + - "kernel" + - "khmeros-base-fonts" + - "less" + - "libblockdev-lvm-dbus" + - "libibverbs" + - "libreport-plugin-bugzilla" + - "libreport-plugin-reportuploader" + - "librsvg2" + - "linux-firmware" + - "lldpad" + - "lohit-assamese-fonts" + - "lohit-bengali-fonts" + - "lohit-devanagari-fonts" + - "lohit-gujarati-fonts" + - "lohit-gurmukhi-fonts" + - "lohit-kannada-fonts" + - "lohit-odia-fonts" + - "lohit-tamil-fonts" + - "lohit-telugu-fonts" + - "lsof" + - "madan-fonts" + - "mtr" + - "mt-st" + - "net-tools" + - "nfs-utils" + - "nmap-ncat" + - "nm-connection-editor" + - "nss-tools" + - "openssh-clients" + - "openssh-server" + - "ostree" + - "pciutils" + - "perl-interpreter" + - "pigz" + - "plymouth" + - "prefixdevname" + - "python3-pyatspi" + - "rdma-core" + - "realtek-firmware" + - "rit-meera-new-fonts" + - "rng-tools" + - "rpcbind" + - "rpm-ostree" + - "rsync" + - "rsyslog" + - "selinux-policy-targeted" + - "sg3_utils" + - "sil-abyssinica-fonts" + - "sil-padauk-fonts" + - "sil-scheherazade-new-fonts" + - "smartmontools" + - "spice-vdagent" + - "strace" + - "systemd" + - "tar" + - "thai-scalable-waree-fonts" + - "tigervnc-server-minimal" + - "tigervnc-server-module" + - "udisks2" + - "udisks2-iscsi" + - "usbutils" + - "vim-minimal" + - "volume_key" + - "wget" + - "xfsdump" + - "xfsprogs" + - "xorg-x11-drivers" + - "xorg-x11-fonts-misc" + - "xorg-x11-server-Xorg" + - "xorg-x11-xauth" + - "metacity" + - "xrdb" + - "xz" + condition: + architecture: + x86_64: + include: + - "biosdevname" + - "dmidecode" + - "grub2-tools-efi" + - "memtest86+" + aarch64: + include: + - "dmidecode" + + "iot-installer": + name_aliases: ["fedora-iot-installer"] + filename: "installer.iso" + mime_type: "application/x-iso9660-image" + rpm_ostree: true + boot_iso: true + image_func: "iot_installer" + iso_label: "IoT" + build_pipelines: ["build"] + payload_pipelines: + - "anaconda-tree" + - "efiboot-tree" + - "bootiso-tree" + - "bootiso" + exports: ["bootiso"] + required_partition_sizes: *default_required_dir_sizes + installer_config: *default_installer_config + image_config: + <<: *image_config_iot_enabled_services + locale: "en_US.UTF-8" + iso_rootfs_type: "squashfs" + condition: + version_less_than: + 41: + iso_rootfs_type: "squashfs-ext4" + package_sets: + installer: + - *anaconda_pkgset + - include: + - "fedora-release-iot" + platforms: + - *x86_64_installer_platform + - *aarch64_installer_platform + + "workstation-live-installer": + name_aliases: ["live-installer"] + filename: "live-installer.iso" + mime_type: "application/x-iso9660-image" + bootable: true + boot_iso: true + image_func: "live_installer" + iso_label: "Workstation" + build_pipelines: ["build"] + payload_pipelines: + - "anaconda-tree" + - "efiboot-tree" + - "bootiso-tree" + - "bootiso" + exports: ["bootiso"] + required_partition_sizes: *default_required_dir_sizes + installer_config: *default_installer_config + image_config: + locale: "en_US.UTF-8" + iso_rootfs_type: "squashfs" + condition: + version_less_than: + 41: + iso_rootfs_type: "squashfs-ext4" + + package_sets: + installer: + - include: + - "@workstation-product-environment" + - "@anaconda-tools" + - "anaconda-install-env-deps" + - "anaconda-live" + - "anaconda-dracut" + - "dracut-live" + - "glibc-all-langpacks" + - "kernel" + - "kernel-modules" + - "kernel-modules-extra" + - "livesys-scripts" + - "rng-tools" + - "rdma-core" + - "gnome-kiosk" + exclude: + - "@dial-up" + - "@input-methods" + - "@standard" + - "device-mapper-multipath" + - "fcoe-utils" + - "gfs2-utils" + - "reiserfs-utils" + - "sdubby" + condition: + version_greater_or_equal: + VERSION_RAWHIDE: + include: + - "anaconda-webui" + platforms: + - *x86_64_installer_platform + - *aarch64_installer_platform + + "minimal-installer": + <<: *anaconda + name_aliases: ["image-installer", "fedora-image-installer"] + filename: "installer.iso" + mime_type: "application/x-iso9660-image" + bootable: true + boot_iso: true + image_func: "image_installer" + # We don't know the variant of the OS pipeline being installed + iso_label: "Unknown" + build_pipelines: ["build"] + payload_pipelines: + - "anaconda-tree" + - "efiboot-tree" + - "os" + - "bootiso-tree" + - "bootiso" + exports: ["bootiso"] + required_partition_sizes: *default_required_dir_sizes + image_config: + locale: "en_US.UTF-8" + iso_rootfs_type: "squashfs" + condition: + version_less_than: + 41: + iso_rootfs_type: "squashfs-ext4" + platforms: + - *x86_64_installer_platform + - *aarch64_installer_platform + + container: &container + filename: "container.tar" + mime_type: "application/x-tar" + image_func: "container" + bootable: false + build_pipelines: ["build"] + payload_pipelines: ["os", "container"] + exports: ["container"] + required_partition_sizes: *default_required_dir_sizes + platforms: + - arch: "x86_64" + - arch: "aarch64" + - arch: "ppc64le" + - arch: "s390x" + - arch: "riscv64" + image_config: &image_config_container + no_selinux: true + exclude_docs: true + locale: "C.UTF-8" + timezone: "Etc/UTC" + package_sets: + os: + - include: + - "bash" + - "coreutils" + - "yum" + - "dnf" + - "fedora-release-container" + - "glibc-minimal-langpack" + - "rootfiles" + - "rpm" + - "sudo" + - "tar" + - "util-linux-core" + - "vim-minimal" + exclude: + - "crypto-policies-scripts" + - "dbus-broker" + - "deltarpm" + - "dosfstools" + - "e2fsprogs" + - "elfutils-debuginfod-client" + - "fuse-libs" + - "gawk-all-langpacks" + - "glibc-gconv-extra" + - "glibc-langpack-en" + - "gnupg2-smime" + - "grubby" + - "kernel-core" + - "kernel-debug-core" + - "kernel" + - "langpacks-en_GB" + - "langpacks-en" + - "libss" + - "libxcrypt-compat" + - "nano" + - "openssl-pkcs11" + - "pinentry" + - "python3-unbound" + - "shared-mime-info" + - "sssd-client" + - "sudo-python-plugin" + - "systemd" + - "trousers" + - "whois-nls" + - "xkeyboard-config" + + wsl: + # this is the eventual name, and `wsl` the alias but we've been + # having issues with CI renaming it + name_aliases: ["server-wsl"] + # note that other distributions in images differ and use a .tar suffix, however .wsl is the + # correct suffix, see: + # https://learn.microsoft.com/en-us/windows/wsl/build-custom-distro#what-are-wsl-root-filesystem-tar-files + filename: "image.wsl" + mime_type: "application/x-tar" + image_func: "tar" + build_pipelines: ["build"] + payload_pipelines: ["os", "archive"] + exports: ["archive"] + required_partition_sizes: *default_required_dir_sizes + platforms: + - arch: "x86_64" + image_config: + <<: *image_config_container + condition: + version_less_than: + "42": + wsl_config: + boot_systemd: true + cloud_init: + - filename: "99_wsl.cfg" + config: + datasource_list: + - "WSL" + - "None" + network: + config: "disabled" + package_sets: + os: + - include: + - "bash" + - "coreutils" + - "yum" + - "dnf" + - "fedora-release-container" + - "glibc-minimal-langpack" + - "rootfiles" + - "rpm" + - "sudo" + - "tar" + - "util-linux-core" + - "vim-minimal" + exclude: + - "crypto-policies-scripts" + - "deltarpm" + - "dosfstools" + - "elfutils-debuginfod-client" + - "gawk-all-langpacks" + - "glibc-gconv-extra" + - "glibc-langpack-en" + - "gnupg2-smime" + - "grubby" + - "kernel-core" + - "kernel-debug-core" + - "kernel" + - "langpacks-en_GB" + - "langpacks-en" + - "libxcrypt-compat" + - "nano" + - "openssl-pkcs11" + - "pinentry" + - "python3-unbound" + - "shared-mime-info" + - "sssd-client" + - "sudo-python-plugin" + - "trousers" + - "whois-nls" + - "xkeyboard-config" + condition: + version_greater_or_equal: + "41": + exclude: + - "fuse-libs" + "42": + include: + - "wsl-setup" + version_less_than: + "42": + include: + - "cloud-init" + + "iot-simplified-installer": + filename: "simplified-installer.iso" + mime_type: "application/x-iso9660-image" + rpm_ostree: true + bootable: true + boot_iso: true + default_size: 10_737_418_240 # 10 * datasizes.GibiByte + image_func: "iot_simplified_installer" + iso_label: "IoT" + build_pipelines: ["build"] + payload_pipelines: + - "ostree-deployment" + - "image" + - "xz" + - "coi-tree" + - "efiboot-tree" + - "bootiso-tree" + - "bootiso" + exports: ["bootiso"] + required_partition_sizes: *default_required_dir_sizes + installer_config: *default_installer_config + image_config: + <<: *image_config_iot + ignition_platform: "metal" partition_table: <<: *iot_simplified_installer_partition_tables package_sets: - - *installer_pkgset - - include: - - "attr" - - "basesystem" - - "binutils" - - "bsdtar" - - "clevis-dracut" - - "clevis-luks" - - "cloud-utils-growpart" - - "coreos-installer" - - "coreos-installer-dracut" - - "coreutils" - - "device-mapper-multipath" - - "dosfstools" - - "dracut-live" - - "e2fsprogs" - - "fcoe-utils" - - "fdo-init" - - "fedora-logos" - - "gdisk" - - "gzip" - - "ima-evm-utils" - - "iproute" - - "iptables" - - "iputils" - - "iscsi-initiator-utils" - - "keyutils" - - "lldpad" - - "lvm2" - - "mdadm" - - "nss-softokn" - - "policycoreutils" - - "policycoreutils-python-utils" - - "procps-ng" - - "rootfiles" - - "setools-console" - - "sudo" - - "traceroute" - - "util-linux" - - "shadow-utils" # includes passwd - condition: - version_less_than: - "41": - include: - - "dnsmasq" # deprecated for F41+ + installer: + - *installer_pkgset + - include: + - "attr" + - "basesystem" + - "binutils" + - "bsdtar" + - "clevis-dracut" + - "clevis-luks" + - "cloud-utils-growpart" + - "coreos-installer" + - "coreos-installer-dracut" + - "coreutils" + - "device-mapper-multipath" + - "dosfstools" + - "dracut-live" + - "e2fsprogs" + - "fcoe-utils" + - "fdo-init" + - "fedora-logos" + - "gdisk" + - "gzip" + - "ima-evm-utils" + - "iproute" + - "iptables" + - "iputils" + - "iscsi-initiator-utils" + - "keyutils" + - "lldpad" + - "lvm2" + - "mdadm" + - "nss-softokn" + - "policycoreutils" + - "policycoreutils-python-utils" + - "procps-ng" + - "rootfiles" + - "setools-console" + - "sudo" + - "traceroute" + - "util-linux" + - "shadow-utils" # includes passwd + condition: + version_less_than: + "41": + include: + - "dnsmasq" # deprecated for F41+ + platforms: + - <<: *x86_64_uefi_platform + packages: + <<: *x86_64_uefi_platform_packages + firmware: + - "grub2-efi-x64" + - "grub2-efi-x64-cdboot" + - "grub2-tools" + - "grub2-tools-minimal" + - "efibootmgr" + - "shim-x64" + - "brcmfmac-firmware" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "realtek-firmware" + - "microcode_ctl" + - <<: *aarch64_installer_platform + packages: + <<: *aarch64_uefi_platform_packages + firmware: + - "arm-image-installer" + - "bcm283x-firmware" + - "grub2-efi-aa64" + - "grub2-efi-aa64-cdboot" + - "grub2-tools" + - "grub2-tools-minimal" + - "efibootmgr" + - "shim-aa64" + - "brcmfmac-firmware" + - "iwlwifi-dvm-firmware" + - "iwlwifi-mvm-firmware" + - "realtek-firmware" + - "uboot-images-armv8" diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/loader.go b/vendor/github.com/osbuild/images/pkg/distro/defs/loader.go index 02089166e..6f5eea9ff 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/loader.go +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/loader.go @@ -17,10 +17,12 @@ import ( "gopkg.in/yaml.v3" "github.com/osbuild/images/internal/common" + "github.com/osbuild/images/internal/environment" "github.com/osbuild/images/pkg/disk" "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/experimentalflags" "github.com/osbuild/images/pkg/olog" + "github.com/osbuild/images/pkg/platform" "github.com/osbuild/images/pkg/rpmmd" ) @@ -36,26 +38,95 @@ var data embed.FS var DataFS fs.FS = data type toplevelYAML struct { - ImageConfig imageConfig `yaml:"image_config,omitempty"` + ImageConfig distroImageConfig `yaml:"image_config,omitempty"` ImageTypes map[string]imageType `yaml:"image_types"` Common map[string]any `yaml:".common,omitempty"` } -type imageConfig struct { - Default *distro.ImageConfig `yaml:"default"` - Condition *imageConfigConditions `yaml:"condition,omitempty"` +type distroImageConfig struct { + Default *distro.ImageConfig `yaml:"default"` + Condition *distroImageConfigConditions `yaml:"condition,omitempty"` } -type imageConfigConditions struct { +type distroImageConfigConditions struct { DistroName map[string]*distro.ImageConfig `yaml:"distro_name,omitempty"` } +// XXX: this should eventually implement the "distro.ImageType" +// interface, then we don't need to convert into a fedora/rhel +// imagetype anymore (those will go away in subsequent refactors) +type ImageTypeYAML = imageType + type imageType struct { - PackageSets []packageSet `yaml:"package_sets"` + // This maps "pkgsKey" to their package sets. The + // map key here is a string that can either be: + // - "os": packages for the os + // - "installer": packages for the installer + // - "container": extra package into an iot container + // + // - "blueprint": unused AFAICT + // - "build": unused AFAICT + // Note that this does not directly maps to pipeline names + // but we should look into making it so. + PackageSets map[string][]packageSet `yaml:"package_sets"` // archStr->partitionTable PartitionTables map[string]*disk.PartitionTable `yaml:"partition_table"` // override specific aspects of the partition table PartitionTablesOverrides *partitionTablesOverrides `yaml:"partition_tables_override"` + + ImageConfig imageConfig `yaml:"image_config,omitempty"` + InstallerConfig installerConfig `yaml:"installer_config,omitempty"` + + Filename string `yaml:"filename"` + MimeType string `yaml:"mime_type"` + Compression string `yaml:"compression"` + Environment environment.EnvironmentConf `yaml:"environment"` + Bootable bool `yaml:"bootable"` + + BootISO bool `yaml:"boot_iso"` + ISOLabel string `yaml:"iso_label"` + RPMOSTree bool `yaml:"rpm_ostree"` + + DefaultSize uint64 `yaml:"default_size"` + // the image func name: disk,container,live-installer,... + Image string `yaml:"image_func"` + BuildPipelines []string `yaml:"build_pipelines"` + PayloadPipelines []string `yaml:"payload_pipelines"` + Exports []string `yaml:"exports"` + RequiredPartitionSizes map[string]uint64 `yaml:"required_partition_sizes"` + + Platforms []platform.PlatformConf `yaml:"platforms"` + + NameAliases []string `yaml:"name_aliases"` + + // name is set by the loader + name string +} + +func (it *imageType) Name() string { + return it.name +} + +type imageConfig struct { + *distro.ImageConfig `yaml:",inline"` + Condition *conditionsImgConf `yaml:"condition,omitempty"` +} + +type conditionsImgConf struct { + Architecture map[string]*distro.ImageConfig `yaml:"architecture,omitempty"` + DistroName map[string]*distro.ImageConfig `yaml:"distro_name,omitempty"` + VersionLessThan map[string]*distro.ImageConfig `yaml:"version_less_than,omitempty"` +} + +type installerConfig struct { + *distro.InstallerConfig `yaml:",inline"` + Condition *conditionsInstallerConf `yaml:"condition,omitempty"` +} + +type conditionsInstallerConf struct { + Architecture map[string]*distro.InstallerConfig `yaml:"architecture,omitempty"` + DistroName map[string]*distro.InstallerConfig `yaml:"distro_name,omitempty"` + VersionLessThan map[string]*distro.InstallerConfig `yaml:"version_less_than,omitempty"` } type packageSet struct { @@ -136,16 +207,10 @@ func DistroImageConfig(distroNameVer string) (*distro.ImageConfig, error) { return imgConfig, nil } -// PackageSet loads the PackageSet from the yaml source file discovered via the -// imagetype. By default the imagetype name is used to load the packageset -// but with "overrideTypeName" this can be overriden (useful for e.g. -// installer image types). -func PackageSet(it distro.ImageType, overrideTypeName string, replacements map[string]string) (rpmmd.PackageSet, error) { +// PackageSets loads the PackageSets from the yaml source file +// discovered via the imagetype. +func PackageSets(it distro.ImageType, replacements map[string]string) (map[string]rpmmd.PackageSet, error) { typeName := it.Name() - if overrideTypeName != "" { - typeName = overrideTypeName - } - typeName = strings.ReplaceAll(typeName, "-", "_") arch := it.Arch() archName := arch.Name() @@ -155,77 +220,6 @@ func PackageSet(it distro.ImageType, overrideTypeName string, replacements map[s // each imagetype can have multiple package sets, so that we can // use yaml aliases/anchors to de-duplicate them - toplevel, err := load(distroNameVer) - if err != nil { - return rpmmd.PackageSet{}, err - } - - imgType, ok := toplevel.ImageTypes[typeName] - if !ok { - return rpmmd.PackageSet{}, fmt.Errorf("%w: %q", ErrImageTypeNotFound, typeName) - } - - var rpmmdPkgSet rpmmd.PackageSet - for _, pkgSet := range imgType.PackageSets { - rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ - Include: pkgSet.Include, - Exclude: pkgSet.Exclude, - }) - - if pkgSet.Condition != nil { - // process conditions - if archSet, ok := pkgSet.Condition.Architecture[archName]; ok { - rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ - Include: archSet.Include, - Exclude: archSet.Exclude, - }) - } - if distroNameSet, ok := pkgSet.Condition.DistroName[distroName]; ok { - rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ - Include: distroNameSet.Include, - Exclude: distroNameSet.Exclude, - }) - } - // note that we don't need to order here, as - // packageSets are strictly additive the order - // is irrelevant - for ltVer, ltSet := range pkgSet.Condition.VersionLessThan { - if r, ok := replacements[ltVer]; ok { - ltVer = r - } - if common.VersionLessThan(distroVersion, ltVer) { - rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ - Include: ltSet.Include, - Exclude: ltSet.Exclude, - }) - } - } - - for gteqVer, gteqSet := range pkgSet.Condition.VersionGreaterOrEqual { - if r, ok := replacements[gteqVer]; ok { - gteqVer = r - } - if common.VersionGreaterThanOrEqual(distroVersion, gteqVer) { - rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ - Include: gteqSet.Include, - Exclude: gteqSet.Exclude, - }) - } - } - } - } - // mostly for tests - sort.Strings(rpmmdPkgSet.Include) - sort.Strings(rpmmdPkgSet.Exclude) - - return rpmmdPkgSet, nil -} - -// PartitionTable returns the partionTable for the given distro/imgType. -func PartitionTable(it distro.ImageType, replacements map[string]string) (*disk.PartitionTable, error) { - distroNameVer := it.Arch().Distro().Name() - typeName := strings.ReplaceAll(it.Name(), "-", "_") - toplevel, err := load(distroNameVer) if err != nil { return nil, err @@ -235,8 +229,82 @@ func PartitionTable(it distro.ImageType, replacements map[string]string) (*disk. if !ok { return nil, fmt.Errorf("%w: %q", ErrImageTypeNotFound, typeName) } + + res := make(map[string]rpmmd.PackageSet) + for key, pkgSets := range imgType.PackageSets { + var rpmmdPkgSet rpmmd.PackageSet + for _, pkgSet := range pkgSets { + rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ + Include: pkgSet.Include, + Exclude: pkgSet.Exclude, + }) + + if pkgSet.Condition != nil { + // process conditions + if archSet, ok := pkgSet.Condition.Architecture[archName]; ok { + rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ + Include: archSet.Include, + Exclude: archSet.Exclude, + }) + } + if distroNameSet, ok := pkgSet.Condition.DistroName[distroName]; ok { + rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ + Include: distroNameSet.Include, + Exclude: distroNameSet.Exclude, + }) + } + // note that we don't need to order here, as + // packageSets are strictly additive the order + // is irrelevant + for ltVer, ltSet := range pkgSet.Condition.VersionLessThan { + if r, ok := replacements[ltVer]; ok { + ltVer = r + } + if common.VersionLessThan(distroVersion, ltVer) { + rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ + Include: ltSet.Include, + Exclude: ltSet.Exclude, + }) + } + } + + for gteqVer, gteqSet := range pkgSet.Condition.VersionGreaterOrEqual { + if r, ok := replacements[gteqVer]; ok { + gteqVer = r + } + if common.VersionGreaterThanOrEqual(distroVersion, gteqVer) { + rpmmdPkgSet = rpmmdPkgSet.Append(rpmmd.PackageSet{ + Include: gteqSet.Include, + Exclude: gteqSet.Exclude, + }) + } + } + } + } + // mostly for tests + sort.Strings(rpmmdPkgSet.Include) + sort.Strings(rpmmdPkgSet.Exclude) + res[key] = rpmmdPkgSet + } + + return res, nil +} + +// PartitionTable returns the partionTable for the given distro/imgType. +func PartitionTable(it distro.ImageType, replacements map[string]string) (*disk.PartitionTable, error) { + distroNameVer := it.Arch().Distro().Name() + + toplevel, err := load(distroNameVer) + if err != nil { + return nil, err + } + + imgType, ok := toplevel.ImageTypes[it.Name()] + if !ok { + return nil, fmt.Errorf("%w: %q", ErrImageTypeNotFound, it.Name()) + } if imgType.PartitionTables == nil { - return nil, fmt.Errorf("%w: %q", ErrNoPartitionTableForImgType, typeName) + return nil, fmt.Errorf("%w: %q", ErrNoPartitionTableForImgType, it.Name()) } arch := it.Arch() archName := arch.Name() @@ -278,7 +346,7 @@ func PartitionTable(it distro.ImageType, replacements map[string]string) (*disk. pt, ok := imgType.PartitionTables[archName] if !ok { - return nil, fmt.Errorf("%w (%q): %q", ErrNoPartitionTableForArch, typeName, archName) + return nil, fmt.Errorf("%w (%q): %q", ErrNoPartitionTableForArch, it.Name(), archName) } return pt, nil @@ -350,3 +418,107 @@ func load(distroNameVer string) (*toplevelYAML, error) { return &toplevel, nil } + +// ImageConfig returns the image type specific ImageConfig +func ImageConfig(distroNameVer, archName, typeName string, replacements map[string]string) (*distro.ImageConfig, error) { + toplevel, err := load(distroNameVer) + if err != nil { + return nil, err + } + imgType, ok := toplevel.ImageTypes[typeName] + if !ok { + return nil, fmt.Errorf("%w: %q", ErrImageTypeNotFound, typeName) + } + imgConfig := imgType.ImageConfig.ImageConfig + cond := imgType.ImageConfig.Condition + if cond != nil { + distroName, distroVersion := splitDistroNameVer(distroNameVer) + + if distroNameCnf, ok := cond.DistroName[distroName]; ok { + imgConfig = distroNameCnf.InheritFrom(imgConfig) + } + if archCnf, ok := cond.Architecture[archName]; ok { + imgConfig = archCnf.InheritFrom(imgConfig) + } + for ltVer, ltConf := range cond.VersionLessThan { + if r, ok := replacements[ltVer]; ok { + ltVer = r + } + if common.VersionLessThan(distroVersion, ltVer) { + imgConfig = ltConf.InheritFrom(imgConfig) + } + } + } + + return imgConfig, nil +} + +// nNonEmpty returns the number of non-empty maps in the given +// input +func nNonEmpty[K comparable, V any](maps ...map[K]V) int { + var nonEmpty int + for _, m := range maps { + if len(m) > 0 { + nonEmpty++ + } + } + return nonEmpty +} + +// InstallerConfig returns the InstallerConfig for the given imgType +// Note that on conditions the InstallerConfig is fully replaced, do +// any merging in YAML +func InstallerConfig(distroNameVer, archName, typeName string, replacements map[string]string) (*distro.InstallerConfig, error) { + toplevel, err := load(distroNameVer) + if err != nil { + return nil, err + } + imgType, ok := toplevel.ImageTypes[typeName] + if !ok { + return nil, fmt.Errorf("%w: %q", ErrImageTypeNotFound, typeName) + } + installerConfig := imgType.InstallerConfig.InstallerConfig + cond := imgType.InstallerConfig.Condition + if cond != nil { + if nNonEmpty(cond.DistroName, cond.Architecture, cond.VersionLessThan) > 1 { + return nil, fmt.Errorf("only a single conditional allowed in installer config for %v", typeName) + } + + distroName, distroVersion := splitDistroNameVer(distroNameVer) + + if distroNameCnf, ok := cond.DistroName[distroName]; ok { + installerConfig = distroNameCnf + } + if archCnf, ok := cond.Architecture[archName]; ok { + installerConfig = archCnf + } + for ltVer, ltConf := range cond.VersionLessThan { + if r, ok := replacements[ltVer]; ok { + ltVer = r + } + if common.VersionLessThan(distroVersion, ltVer) { + installerConfig = ltConf + } + } + } + + return installerConfig, nil +} + +func ImageTypes(distroNameVer string) (map[string]ImageTypeYAML, error) { + toplevel, err := load(distroNameVer) + if err != nil { + return nil, err + } + + // We have a bunch of names like "server-ami" that are writen + // in the YAML as "server_ami" so we need to normalize + imgTypes := make(map[string]ImageTypeYAML, len(toplevel.ImageTypes)) + for name := range toplevel.ImageTypes { + v := toplevel.ImageTypes[name] + v.name = name + imgTypes[name] = v + } + + return imgTypes, nil +} diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-10/distro.yaml b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-10/distro.yaml index 8e4601af3..46f77178e 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-10/distro.yaml +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-10/distro.yaml @@ -27,6 +27,67 @@ - "grub2-ppc64le" - "grub2-ppc64le-modules" + sap_image_config: &sap_image_config + selinux_config: + state: "permissive" + tuned: + profiles: ["sap-hana"] + # RHBZ#1959979 + tmpfilesd: + - filename: "sap.conf" + config: + - type: "x" + path: "/tmp/.sap*" + - type: "x" + path: "/tmp/.hdb*lock" + - type: "x" + path: "/tmp/.trex*lock" + # RHBZ#1959963 + pam_limits_conf: + - filename: "99-sap.conf" + config: + - domain: "@sapsys" + type: "hard" + item: "nofile" + value: 1048576 + - domain: "@sapsys" + type: "soft" + item: "nofile" + value: 1048576 + - domain: "@dba" + type: "hard" + item: "nofile" + value: 1048576 + - domain: "@dba" + type: "soft" + item: "nofile" + value: 1048576 + - domain: "@sapsys" + type: "hard" + item: "nproc" + value: "unlimited" + - domain: "@sapsys" + type: "soft" + item: "nproc" + value: "unlimited" + - domain: "@dba" + type: "hard" + item: "nproc" + value: "unlimited" + - domain: "@dba" + type: "soft" + item: "nproc" + value: "unlimited" + # RHBZ#1959962 + sysctld: + - filename: "sap.conf" + config: + - key: "kernel.pid_max" + value: "4194304" + - key: "vm.max_map_count" + value: "2147483647" + dnf_set_release_ver_var: true + sap_pkgset: &sap_pkgset include: # RHBZ#2076763 @@ -162,6 +223,7 @@ - &efi_system_partition_guid "C12A7328-F81F-11D2-BA4B-00A0C93EC93B" - &filesystem_data_guid "0FC63DAF-8483-4772-8E79-3D69D8477DE4" - &xboot_ldr_partition_guid "BC13C2FF-59E6-4262-A352-B275FD6F7172" + - &lvm_partition_guid "E6D6D379-F507-44C2-A23C-238F2A3DF928" # static UUIDs for partitions and filesystems # NOTE(akoutsou): These are unnecessary and have stuck around since the # beginning where (I believe) the goal was to have predictable, @@ -193,7 +255,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -255,577 +317,1101 @@ image_types: # XXX: not a real pkgset but the "os" pipeline pkgset for image-installer # find a nicer way to represent this bare_metal: - package_sets: - - *distro_build_pkgset - - include: - - "@core" - - "chrony" - - "cockpit-system" - - "cockpit-ws" - - "dnf-utils" - - "dosfstools" - - "firewalld" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "lvm2" - - "net-tools" - - "nfs-utils" - - "oddjob" - - "oddjob-mkhomedir" - - "policycoreutils" - - "psmisc" - - "python3-jsonschema" - - "qemu-guest-agent" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "tar" - - "tcpdump" - - "tuned" - exclude: - - "dracut-config-rescue" - condition: - distro_name: - rhel: - include: - - "subscription-manager-cockpit" + package_sets: &bare_metal_pkgset + os: + - *distro_build_pkgset + - include: + - "@core" + - "chrony" + - "cockpit-system" + - "cockpit-ws" + - "dnf-utils" + - "dosfstools" + - "firewalld" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "lvm2" + - "net-tools" + - "nfs-utils" + - "oddjob" + - "oddjob-mkhomedir" + - "policycoreutils" + - "psmisc" + - "python3-jsonschema" + - "qemu-guest-agent" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "tar" + - "tcpdump" + - "tuned" + exclude: + - "dracut-config-rescue" + condition: + distro_name: + rhel: + include: + - "subscription-manager-cockpit" qcow2: &qcow2 + image_config: + default_target: "multi-user.target" + kernel_options: ["console=tty0", "console=ttyS0,115200n8", "no_timer_check"] + condition: + distro_name: + rhel: + rhsm_config: + "no-subscription": + dnf_plugin: + product_id: + enabled: false + subscription_manager: + enabled: false partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "chrony" - - "cloud-init" - - "cloud-utils-growpart" - - "cockpit-system" - - "cockpit-ws" - - "dnf-utils" - - "dosfstools" - - "nfs-utils" - - "oddjob" - - "oddjob-mkhomedir" - - "psmisc" - - "python3-jsonschema" - - "qemu-guest-agent" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "tar" - - "tuned" - - "tcpdump" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-tools-firmware" - - "biosdevname" - - "dnf-plugin-spacewalk" - - "dracut-config-rescue" - - "fedora-release" - - "fedora-repos" - - "firewalld" - - "iprutils" - - "ivtv-firmware" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "langpacks-*" - - "langpacks-en" - - "libertas-sd8787-firmware" - - "plymouth" - - "rng-tools" - - "udisks2" - condition: - distro_name: - rhel: - include: - - "insights-client" - - "subscription-manager-cockpit" + os: + - include: + - "@core" + - "chrony" + - "cloud-init" + - "cloud-utils-growpart" + - "cockpit-system" + - "cockpit-ws" + - "dnf-utils" + - "dosfstools" + - "nfs-utils" + - "oddjob" + - "oddjob-mkhomedir" + - "psmisc" + - "python3-jsonschema" + - "qemu-guest-agent" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "tar" + - "tuned" + - "tcpdump" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-tools-firmware" + - "biosdevname" + - "dnf-plugin-spacewalk" + - "dracut-config-rescue" + - "fedora-release" + - "fedora-repos" + - "firewalld" + - "iprutils" + - "ivtv-firmware" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "langpacks-*" + - "langpacks-en" + - "libertas-sd8787-firmware" + - "plymouth" + - "rng-tools" + - "udisks2" + condition: + distro_name: + rhel: + include: + - "insights-client" + - "subscription-manager-cockpit" oci: *qcow2 vhd: &vhd + # based on https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/deploying_rhel_9_on_microsoft_azure/assembly_deploying-a-rhel-image-as-a-virtual-machine-on-microsoft-azure_cloud-content-azure#making-configuration-changes_configure-the-image-azure + image_config: &image_config_vhd + # from CreateAzureDatalossWarningScriptAndUnit + files: + - path: &dataloss_script "/usr/local/sbin/temp-disk-dataloss-warning" + mode: 0755 + data: | + #!/bin/sh + # /usr/local/sbin/temp-disk-dataloss-warning + # Write dataloss warning file on mounted Azure resource disk + + AZURE_RESOURCE_DISK_PART1="/dev/disk/cloud/azure_resource-part1" + + MOUNTPATH=$(grep "$AZURE_RESOURCE_DISK_PART1" /etc/fstab | tr '\t' ' ' | cut -d' ' -f2) + if [ -z "$MOUNTPATH" ]; then + echo "There is no mountpoint of $AZURE_RESOURCE_DISK_PART1 in /etc/fstab" + exit 0 + fi + + if [ "$MOUNTPATH" = "none" ]; then + echo "Mountpoint of $AZURE_RESOURCE_DISK_PART1 is not a path" + exit 1 + fi + + if ! mountpoint -q "$MOUNTPATH"; then + echo "$AZURE_RESOURCE_DISK_PART1 is not mounted at $MOUNTPATH" + exit 1 + fi + + echo "Creating a dataloss warning file at ${MOUNTPATH}/DATALOSS_WARNING_README.txt" + + cat <<'EOF' > "${MOUNTPATH}/DATALOSS_WARNING_README.txt" + WARNING: THIS IS A TEMPORARY DISK. + + Any data stored on this drive is SUBJECT TO LOSS and THERE IS NO WAY TO RECOVER IT. + + Please do not use this disk for storing any personal or application data. + + EOF + systemd_unit: + - filename: &dataloss_systemd_unit_filename "temp-disk-dataloss-warning.service" + "unit-type": "system" + "unit-path": "etc" + config: + "Unit": + Description: "Azure temporary resource disk dataloss warning file creation" + After: ["multi-user.target", "cloud-final.service"] + "Service": + Type: "oneshot" + ExecStart: [*dataloss_script] + StandardOutput: "journal+console" + "Install": + WantedBy: ["default.target"] + keyboard: + keymap: "us" + "x11-keymap": + layouts: ["us"] + update_default_kernel: true + default_kernel: "kernel-core" + sysconfig: + networking: true + no_zero_conf: true + enabled_services: + - "firewalld" + - "nm-cloud-setup.service" + - "nm-cloud-setup.timer" + - "sshd" + - "waagent" + - *dataloss_systemd_unit_filename + sshd_config: + config: + ClientAliveInterval: 180 + modprobe: + - filename: "blacklist-amdgpu.conf" + commands: + - command: blacklist + modulename: "amdgpu" + - filename: "blacklist-intel-cstate.conf" + commands: + - command: blacklist + modulename: "intel_cstate" + - filename: "blacklist-floppy.conf" + commands: + - command: blacklist + modulename: "floppy" + - filename: "blacklist-nouveau.conf" + commands: + - command: blacklist + modulename: "nouveau" + - command: blacklist + modulename: "lbm-nouveau" + - filename: "blacklist-skylake-edac.conf" + commands: + - command: blacklist + modulename: "skx_edac" + - filename: "blacklist-intel_uncore.conf" + commands: + - command: blacklist + modulename: "intel_uncore" + - filename: "blacklist-acpi_cpufreq.conf" + commands: + - command: blacklist + modulename: "acpi_cpufreq" + cloud_init: + - filename: "10-azure-kvp.cfg" + config: + reporting: + logging: + type: "log" + telemetry: + type: "hyperv" + - filename: "91-azure_datasource.cfg" + config: + datasource: + azure: + apply_network_config: false + datasource_list: + - "Azure" + pwquality: + config: + minlen: 6 + minclass: 3 + dcredit: 0 + ucredit: 0 + lcredit: 0 + ocredit: 0 + waagent_config: + config: + "ResourceDisk.Format": false + "ResourceDisk.EnableSwap": false + "Provisioning.UseCloudInit": true + "Provisioning.Enabled": false + grub2_config: + disable_recovery: true + disable_submenu: true + distributor: "$(sed 's, release .*$,,g' /etc/system-release)" + terminal: ["serial", "console"] + serial: "serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1" + timeout: 10 + timeout_style: "countdown" + udev_rules: + filename: "/etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules" + rules: + - comment: + - "Accelerated Networking on Azure exposes a new SRIOV interface to the VM." + - "This interface is transparently bonded to the synthetic interface," + - "so NetworkManager should just ignore any SRIOV interfaces." + - rule: + - K: "SUBSYSTEM" + O: "==" + V: "net" + - K: "DRIVERS" + O: "==" + V: "hv_pci" + - K: "ACTION" + O: "==" + V: "add" + - K: "ENV" + A: "NM_UNMANAGED" + O: "=" + V: "1" + systemd_dropin: + - unit: "nm-cloud-setup.service" + dropin: "10-rh-enable-for-azure.conf" + config: + service: + environment: + - key: "NM_CLOUD_SETUP_AZURE" + value: "yes" + default_target: "multi-user.target" + time_synchronization: + refclocks: + - driver: + name: "PHC" + path: "/dev/ptp_hyperv" + poll: 3 + dpoll: -2 + offset: 0.0 + network_manager: + path: "/etc/NetworkManager/conf.d/99-azure-unmanaged-devices.conf" + settings: + keyfile: + "unmanaged-devices": + - "driver:mlx4_core" + - "driver:mlx5_core" + condition: + distro_name: + rhel: + gpgkey_files: + - "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" + architecture: + x86_64: + kernel_options: + # common + - "ro" + - "loglevel=3" + - "nvme_core.io_timeout=240" + # x86 + - "console=tty1" + - "console=ttyS0" + - "earlyprintk=ttyS0" + - "rootdelay=300" + aarch64: + kernel_options: + # common + - "ro" + - "loglevel=3" + - "nvme_core.io_timeout=240" + # aarch64 + - "console=ttyAMA0" partition_table: <<: *default_partition_tables package_sets: - - &vhd_pkgset - include: - - "@Server" - - "bzip2" - - "cloud-init" - - "cloud-utils-growpart" - - "dracut-config-generic" - - "efibootmgr" - - "hyperv-daemons" - - "kernel-core" - - "kernel-modules" - - "kernel" - - "langpacks-en" - - "lvm2" - - "NetworkManager" - - "NetworkManager-cloud-setup" - - "nvme-cli" - - "patch" - - "rng-tools" - - "selinux-policy-targeted" - - "system-reinstall-bootc" - - "uuid" - - "WALinuxAgent" - - "yum-utils" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-sof-firmware" - - "alsa-tools-firmware" - - "biosdevname" - - "bolt" - - "buildah" - - "cockpit-podman" - - "containernetworking-plugins" - - "dnf-plugin-spacewalk" - - "dracut-config-rescue" - - "glibc-all-langpacks" - - "iprutils" - - "ivtv-firmware" - - "iwl100-firmware" - - "iwl1000-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "microcode_ctl" - - "NetworkManager-config-server" - - "plymouth" - - "podman" - - "python3-dnf-plugin-spacewalk" - - "python3-hwdata" - - "python3-rhnlib" - - "rhn-check" - - "rhn-client-tools" - - "rhn-setup" - - "rhnlib" - - "rhnsd" - - "usb_modeswitch" - condition: - distro_name: - rhel: - include: - - "insights-client" + os: + - &vhd_pkgset + include: + - "@Server" + - "bzip2" + - "cloud-init" + - "cloud-utils-growpart" + - "dracut-config-generic" + - "efibootmgr" + - "hyperv-daemons" + - "kernel-core" + - "kernel-modules" + - "kernel" + - "langpacks-en" + - "lvm2" + - "NetworkManager" + - "NetworkManager-cloud-setup" + - "nvme-cli" + - "patch" + - "rng-tools" + - "selinux-policy-targeted" + - "system-reinstall-bootc" + - "uuid" + - "WALinuxAgent" + - "yum-utils" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-sof-firmware" + - "alsa-tools-firmware" + - "biosdevname" + - "bolt" + - "buildah" + - "cockpit-podman" + - "containernetworking-plugins" + - "dnf-plugin-spacewalk" + - "dracut-config-rescue" + - "glibc-all-langpacks" + - "iprutils" + - "ivtv-firmware" + - "iwl100-firmware" + - "iwl1000-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + - "microcode_ctl" + - "NetworkManager-config-server" + - "plymouth" + - "podman" + - "python3-dnf-plugin-spacewalk" + - "python3-hwdata" + - "python3-rhnlib" + - "rhn-check" + - "rhn-client-tools" + - "rhn-setup" + - "rhnlib" + - "rhnsd" + - "usb_modeswitch" + condition: + distro_name: + rhel: + include: + - "insights-client" - azure_rhui: *vhd + "azure-rhui": &azure_rhui + <<: *vhd + partition_table: + x86_64: + uuid: "D209C89E-EA5E-4FBD-B161-B461CCE297E0" + type: "gpt" + size: 68_719_476_736 # 64 * datasizes.GibiByte + partitions: + - &azure_rhui_part_boot_efi + size: 524_288_000 # 500 * datasizes.MebiByte + type: *efi_system_partition_guid + UUID: *efi_system_partition_uuid + payload_type: "filesystem" + payload: + type: "vfat" + uuid: *efi_filesystem_uuid + mountpoint: "/boot/efi" + fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" + fstab_freq: 0 + fstab_passno: 2 + # NB: we currently don't support /boot on LVM + - &azure_rhui_part_boot + size: 1_073_741_824 # 1 * datasizes.GibiByte + type: *filesystem_data_guid + uuid: *data_partition_uuid + payload_type: "filesystem" + payload: + type: "xfs" + mountpoint: "/boot" + fstab_options: "defaults" + fstab_freq: 0 + fstab_passno: 0 + - size: 2_097_152 # 2 * datasizes.MebiByte + bootable: true + type: *bios_boot_partition_guid + uuid: *bios_boot_partition_uuid + - &azure_rhui_part_lvm + type: *lvm_partition_guid + uuid: *root_partition_uuid + payload_type: "lvm" + payload: + name: "rootvg" + description: "built with lvm2 and osbuild" + logical_volumes: + - size: 1_073_741_824 # 1 * datasizes.GibiByte + name: "homelv" + payload_type: "filesystem" + payload: + type: "xfs" + label: "home" + mountpoint: "/home" + fstab_options: "defaults" + - size: 2_147_483_648 # 2 * datasizes.GibiByte + name: "rootlv" + payload_type: "filesystem" + payload: + type: "xfs" + label: "root" + mountpoint: "/" + fstab_options: "defaults" + - size: 2_147_483_648 # 2 * datasizes.GibiByte + name: "tmplv" + payload_type: "filesystem" + payload: + type: "xfs" + label: "tmp" + mountpoint: "/tmp" + fstab_options: "defaults" + - size: 10_737_418_240 # 10 * datasizes.GibiByte + name: "usrlv" + payload_type: "filesystem" + payload: + type: "xfs" + label: "usr" + mountpoint: "/usr" + fstab_options: "defaults" + - size: 10_737_418_240 # 10 * datasizes.GibiByte + name: "varlv" + payload_type: "filesystem" + payload: + type: "xfs" + label: "var" + mountpoint: "/var" + fstab_options: "defaults" + aarch64: + uuid: "D209C89E-EA5E-4FBD-B161-B461CCE297E0" + type: "gpt" + size: 68_719_476_736 # 64 * datasizes.GibiByte + partitions: + - *azure_rhui_part_boot_efi + # NB: we currently don't support /boot on LVM + - *azure_rhui_part_boot + - *azure_rhui_part_lvm - azure_sap_rhui: + "azure-sap-rhui": + <<: *azure_rhui + image_config: + <<: [*image_config_vhd, *sap_image_config] package_sets: - - *vhd_pkgset - - *sap_pkgset + os: + - *vhd_pkgset + - *sap_pkgset tar: package_sets: - - include: - - "policycoreutils" - - "selinux-policy-targeted" - exclude: - - "rng-tools" + os: + - include: + - "policycoreutils" + - "selinux-policy-targeted" + exclude: + - "rng-tools" vmdk: &vmdk + image_config: + kernel_options: + - "ro" partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "chrony" - - "cloud-init" - - "firewalld" - - "langpacks-en" - - "open-vm-tools" - - "tuned" - exclude: - - "dracut-config-rescue" - - "rng-tools" + os: + - include: + - "@core" + - "chrony" + - "cloud-init" + - "firewalld" + - "langpacks-en" + - "open-vm-tools" + - "tuned" + exclude: + - "dracut-config-rescue" + - "rng-tools" ova: *vmdk ami: &ami + image_config: &ami_image_config + time_synchronization: + servers: + - hostname: "169.254.169.123" + prefer: true + iburst: true + minpoll: 4 + maxpoll: 4 + # empty string will remove any occurrences of the option + # from the configuration + leapsectz: "" + keyboard: + keymap: "us" + "x11-keymap": + layouts: ["us"] + enabled_services: + - "sshd" + - "NetworkManager" + - "nm-cloud-setup.service" + - "nm-cloud-setup.timer" + - "cloud-init" + - "cloud-init-local" + - "cloud-config" + - "cloud-final" + - "reboot.target" + - "tuned" + default_target: "multi-user.target" + update_default_kernel: true + default_kernel: "kernel" + sysconfig: + networking: true + no_zero_conf: true + systemd_logind: + - filename: "00-getty-fixes.conf" + config: + login: + nautovts: 0 + cloud_init: + - filename: "00-rhel-default-user.cfg" + config: + system_info: + default_user: + name: "ec2-user" + modprobe: + - filename: "blacklist-nouveau.conf" + commands: + - command: blacklist + modulename: "nouveau" + - filename: "blacklist-amdgpu.conf" + commands: + - command: blacklist + modulename: "amdgpu" + # https://issues.redhat.com/browse/RHEL-71926 + - filename: "blacklist-i2c_piix4.conf" + commands: + - command: blacklist + modulename: "i2c_piix4" + systemd_dropin: + # RHBZ#1822863 + - unit: "nm-cloud-setup.service" + dropin: "10-rh-enable-for-ec2.conf" + config: + service: + environment: + - key: "NM_CLOUD_SETUP_EC2" + value: "yes" + sshd_config: + config: + PasswordAuthentication: false + condition: + architecture: + x86_64: &ami_image_config_cond_x86_64 + dracut_conf: + - filename: "ec2.conf" + config: + add_drivers: + - "nvme" + - "xen-blkfront" + # TODO: move these to the EC2 environment + kernel_options: + # common + - "console=tty0" + - "console=ttyS0,115200n8" + - "nvme_core.io_timeout=4294967295" + aarch64: + # TODO: move these to the EC2 environment + kernel_options: + # XXX: duplicated with above x86_64 kernel defaults + - "console=tty0" + - "console=ttyS0,115200n8" + - "nvme_core.io_timeout=4294967295" + # aarch64 specific + - "iommu.strict=0" partition_table: <<: *default_partition_tables package_sets: - - &ami_pkgset - include: - - "@core" - - "chrony" - - "cloud-init" - - "cloud-utils-growpart" - - "dhcpcd" - - "yum-utils" - - "dracut-config-generic" - - "grub2" - - "langpacks-en" - - "NetworkManager-cloud-setup" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "system-reinstall-bootc" - - "tuned" - - "tar" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-tools-firmware" - - "biosdevname" - - "firewalld" - - "iprutils" - - "ivtv-firmware" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "plymouth" - # RHBZ#2064087 - - "dracut-config-rescue" - # RHBZ#2075815 - - "qemu-guest-agent" - condition: - distro_name: - rhel: - include: - - "insights-client" + os: + - &ami_pkgset + include: + - "@core" + - "chrony" + - "cloud-init" + - "cloud-utils-growpart" + - "dhcpcd" + - "yum-utils" + - "dracut-config-generic" + - "grub2" + - "langpacks-en" + - "NetworkManager-cloud-setup" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "system-reinstall-bootc" + - "tuned" + - "tar" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-tools-firmware" + - "biosdevname" + - "firewalld" + - "iprutils" + - "ivtv-firmware" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + - "plymouth" + # RHBZ#2064087 + - "dracut-config-rescue" + # RHBZ#2075815 + - "qemu-guest-agent" + condition: + distro_name: + rhel: + include: + - "insights-client" ec2: *ami - ec2_ha: + "ec2-ha": <<: *ami package_sets: - - *ami_pkgset - - include: - - "fence-agents-all" - - "pacemaker" - - "pcs" + os: + - *ami_pkgset + - include: + - "fence-agents-all" + - "pacemaker" + - "pcs" - ec2_sap: + "ec2-sap": <<: *ami package_sets: - - *ami_pkgset - - *sap_pkgset + os: + - *ami_pkgset + - *sap_pkgset + image_config: + <<: [*ami_image_config, *sap_image_config] + condition: + architecture: + x86_64: + # XXX: this shows that merging at the yaml level is tricky + <<: *ami_image_config_cond_x86_64 + kernel_options: + # XXX: duplicated with ami.image_config.kernel_options :( + - "console=tty0" + - "console=ttyS0,115200n8" + - "nvme_core.io_timeout=4294967295" + # amiSapKernelOptions() + - "processor.max_cstate=1" + - "intel_idle.max_cstate=1" wsl: + image_config: + cloud_init: + - filename: "99_wsl.cfg" + config: + datasource_list: + - "WSL" + - "None" + network: + config: "disabled" + no_selinux: true + wsl_config: + boot_systemd: true package_sets: - - include: - - "alternatives" - - "audit-libs" - - "basesystem" - - "bash" - - "ca-certificates" - - "cloud-init" - - "coreutils-single" - - "crypto-policies-scripts" - - "curl-minimal" - - "dejavu-sans-fonts" - - "dnf" - - "filesystem" - - "findutils" - - "gdb-gdbserver" - # Differs from official UBI, as we don't include CRB repos - # - "gdbm" - - "glibc-minimal-langpack" - - "gmp" - - "gnupg2" - - "gobject-introspection" - - "hostname" - - "langpacks-en" - - "libcurl-minimal" - - "openssh-server" - - "openssl" - - "pam" - - "passwd" - - "procps-ng" - - "python3" - - "python3-inotify" - - "redhat-release" - - "rootfiles" - - "rpm" - - "sed" - - "setup" - - "shadow-utils" - - "subscription-manager" - - "sudo" - - "systemd" - - "tar" - - "tpm2-tss" - - "tzdata" - - "util-linux" - - "vim-minimal" - - "yum" - exclude: - - "gawk-all-langpacks" - - "glibc-gconv-extra" - - "glibc-langpack-en" - - "openssl-pkcs11" - - "python-unversioned-command" - - "redhat-release-eula" - - "rpm-plugin-systemd-inhibit" + os: + - include: + - "alternatives" + - "audit-libs" + - "basesystem" + - "bash" + - "ca-certificates" + - "cloud-init" + - "coreutils-single" + - "crypto-policies-scripts" + - "curl-minimal" + - "dejavu-sans-fonts" + - "dnf" + - "filesystem" + - "findutils" + - "gdb-gdbserver" + # Differs from official UBI, as we don't include CRB repos + # - "gdbm" + - "glibc-minimal-langpack" + - "gmp" + - "gnupg2" + - "gobject-introspection" + - "hostname" + - "langpacks-en" + - "libcurl-minimal" + - "openssh-server" + - "openssl" + - "pam" + - "passwd" + - "procps-ng" + - "python3" + - "python3-inotify" + - "redhat-release" + - "rootfiles" + - "rpm" + - "sed" + - "setup" + - "shadow-utils" + - "subscription-manager" + - "sudo" + - "systemd" + - "tar" + - "tpm2-tss" + - "tzdata" + - "util-linux" + - "vim-minimal" + - "yum" + exclude: + - "gawk-all-langpacks" + - "glibc-gconv-extra" + - "glibc-langpack-en" + - "openssl-pkcs11" + - "python-unversioned-command" + - "redhat-release-eula" + - "rpm-plugin-systemd-inhibit" - image_installer: + "image-installer": package_sets: - - *installer_pkgset - - *anaconda_boot_pkgset - - include: - - "@hardware-support" - - "alsa-firmware" - - "alsa-tools-firmware" - - "anaconda" - - "anaconda-dracut" - - "anaconda-install-img-deps" - - "anaconda-widgets" - - "audit" - - "bind-utils" - - "bzip2" - - "cryptsetup" - - "curl" - - "dbus-x11" - - "default-fonts-core-sans" - - "default-fonts-other-sans" - - "dejavu-sans-fonts" - - "dejavu-sans-mono-fonts" - - "device-mapper-persistent-data" - - "dmidecode" - - "dnf" - - "dracut-config-generic" - - "dracut-network" - - "efibootmgr" - - "ethtool" - - "fcoe-utils" - - "ftp" - - "gdb-gdbserver" - - "glibc-all-langpacks" - - "gnome-kiosk" - - "google-noto-sans-cjk-ttc-fonts" - - "grub2-tools" - - "grub2-tools-extra" - - "grub2-tools-minimal" - - "grubby" - - "gsettings-desktop-schemas" - - "hdparm" - - "hexedit" - - "hostname" - - "initscripts" - - "ipmitool" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "jomolhari-fonts" - - "kbd" - - "kbd-misc" - - "kdump-anaconda-addon" - - "kernel" - - "less" - - "libblockdev-lvm-dbus" - - "libibverbs" - - "librsvg2" - - "linux-firmware" - - "lldpad" - - "lsof" - - "madan-fonts" - - "mtr" - - "mt-st" - - "net-tools" - - "nfs-utils" - - "nmap-ncat" - - "nm-connection-editor" - - "nss-tools" - - "openssh-clients" - - "openssh-server" - # the package is not yet available on c10s / el10 - # "oscap-anaconda-addon" - - "ostree" - - "pciutils" - - "perl-interpreter" - - "pigz" - - "plymouth" - - "prefixdevname" - - "python3-pyatspi" - - "rdma-core" - - "redhat-release-eula" - - "rng-tools" - - "rpcbind" - - "rpm-ostree" - - "rsync" - - "rsyslog" - - "selinux-policy-targeted" - - "sg3_utils" - - "sil-padauk-fonts" - - "smartmontools" - - "spice-vdagent" - - "strace" - - "systemd" - - "tar" - - "udisks2" - - "udisks2-iscsi" - - "usbutils" - - "vim-minimal" - - "volume_key" - - "wget" - - "xfsdump" - - "xfsprogs" - - "xz" - condition: - architecture: - x86_64: - include: - - "biosdevname" - - "dmidecode" - - "grub2-tools-efi" - - "memtest86+" - aarch64: - include: - - "dmidecode" + <<: *bare_metal_pkgset + installer: + - *installer_pkgset + - *anaconda_boot_pkgset + - include: + - "@hardware-support" + - "alsa-firmware" + - "alsa-tools-firmware" + - "anaconda" + - "anaconda-dracut" + - "anaconda-install-img-deps" + - "anaconda-widgets" + - "audit" + - "bind-utils" + - "bzip2" + - "cryptsetup" + - "curl" + - "dbus-x11" + - "default-fonts-core-sans" + - "default-fonts-other-sans" + - "dejavu-sans-fonts" + - "dejavu-sans-mono-fonts" + - "device-mapper-persistent-data" + - "dmidecode" + - "dnf" + - "dracut-config-generic" + - "dracut-network" + - "efibootmgr" + - "ethtool" + - "fcoe-utils" + - "ftp" + - "gdb-gdbserver" + - "glibc-all-langpacks" + - "gnome-kiosk" + - "google-noto-sans-cjk-ttc-fonts" + - "grub2-tools" + - "grub2-tools-extra" + - "grub2-tools-minimal" + - "grubby" + - "gsettings-desktop-schemas" + - "hdparm" + - "hexedit" + - "hostname" + - "initscripts" + - "ipmitool" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "jomolhari-fonts" + - "kbd" + - "kbd-misc" + - "kdump-anaconda-addon" + - "kernel" + - "less" + - "libblockdev-lvm-dbus" + - "libibverbs" + - "librsvg2" + - "linux-firmware" + - "lldpad" + - "lsof" + - "madan-fonts" + - "mtr" + - "mt-st" + - "net-tools" + - "nfs-utils" + - "nmap-ncat" + - "nm-connection-editor" + - "nss-tools" + - "openssh-clients" + - "openssh-server" + # the package is not yet available on c10s / el10 + # "oscap-anaconda-addon" + - "ostree" + - "pciutils" + - "perl-interpreter" + - "pigz" + - "plymouth" + - "prefixdevname" + - "python3-pyatspi" + - "rdma-core" + - "redhat-release-eula" + - "rng-tools" + - "rpcbind" + - "rpm-ostree" + - "rsync" + - "rsyslog" + - "selinux-policy-targeted" + - "sg3_utils" + - "sil-padauk-fonts" + - "smartmontools" + - "spice-vdagent" + - "strace" + - "systemd" + - "tar" + - "udisks2" + - "udisks2-iscsi" + - "usbutils" + - "vim-minimal" + - "volume_key" + - "wget" + - "xfsdump" + - "xfsprogs" + - "xz" + condition: + architecture: + x86_64: + include: + - "biosdevname" + - "dmidecode" + - "grub2-tools-efi" + - "memtest86+" + aarch64: + include: + - "dmidecode" gce: + image_config: + kernel_options: ["biosdevname=0", "scsi_mod.use_blk_mq=Y", "console=ttyS0,38400n8d"] + time_synchronization: + servers: + - hostname: "metadata.google.internal" + firewall: + default_zone: "trusted" + enabled_services: + - "sshd" + - "rngd" + - "dnf-automatic.timer" + # TODO: remove cloud-init services once we switch back to GCP guest tools + - "cloud-init" + - "cloud-init-local" + - "cloud-config" + - "cloud-final" + disabled_services: + - "sshd-keygen@" + - "reboot.target" + default_target: "multi-user.target" + keyboard: + keymap: "us" + dnf_config: + - config: + main: + ipresolve: "4" + dnf_automatic_config: + config: + commands: + apply_updates: true + upgrade_type: "security" + yum_repos: + - filename: "google-cloud.repo" + repos: + - id: "google-compute-engine" + name: "Google Compute Engine" + # TODO: use el10 repo once it's available + baseurl: + - "https://packages.cloud.google.com/yum/repos/google-compute-engine-el9-x86_64-stable" + enabled: true + # TODO: enable GPG check once Google stops using SHA-1 in their keys + # https://issuetracker.google.com/issues/360905189 + gpgcheck: false + repo_gpgcheck: false + gpgkey: + - "https://packages.cloud.google.com/yum/doc/yum-key.gpg" + - "https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg" + sshd_config: + config: + PasswordAuthentication: false + ClientAliveInterval: 420 + PermitRootLogin: false + update_default_kernel: true + default_kernel: "kernel-core" + # XXX: ensure the "old" behavior is preserved (that is + # likely a bug) where for GCE the sysconfig network + # options are not set because the merge of imageConfig + # is shallow and the previous setup was changing the + # kernel without also changing the network options. + sysconfig: {} + modprobe: + - filename: "blacklist-floppy.conf" + commands: + - command: blacklist + modulename: "floppy" + gcp_guest_agent_config: + config_scope: "distro" + config: + "InstanceSetup": + set_boto_config: false partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "langpacks-en" # not in Google's KS - - "acpid" - - "dnf-automatic" - - "net-tools" - - "python3" - - "rng-tools" - - "tar" - - "vim" - # GCE guest tools - # TODO: uncomment once the package is available - # the el9 version depends on libboost_regex.so.1.75.0()(64bit), which is not available on el10 - # - "google-compute-engine" - - "google-osconfig-agent" - # Requires gdisk which was removed late in the RHEL 10 development cycle - # - "gce-disk-expand" - # cloud-init is a replacement for- "google-compute-engine" remove once the package is available - - "cloud-init" - # 'cloud-utils-growpart' is needed by cloud-init to be able to resize the root partition. Remove once - # we move to GCP guest tools - - cloud-utils-growpart - # Not explicitly included in GCP kickstart, but present on the image - # for time synchronization - - "chrony" - - "timedatex" - # EFI - - "grub2-tools" - - "grub2-tools-minimal" - # Performance tuning - - "tuned" - exclude: - - "alsa-utils" - - "b43-fwcutter" - - "dmraid" - - "dracut-config-rescue" - - "eject" - - "gpm" - - "irqbalance" - - "microcode_ctl" - - "smartmontools" - - "aic94xx-firmware" - - "atmel-firmware" - - "b43-openfwwf" - - "bfa-firmware" - - "ipw2100-firmware" - - "ipw2200-firmware" - - "ivtv-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl1000-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "kernel-firmware" - - "libertas-usb8388-firmware" - - "ql2100-firmware" - - "ql2200-firmware" - - "ql23xx-firmware" - - "ql2400-firmware" - - "ql2500-firmware" - - "rt61pci-firmware" - - "rt73usb-firmware" - - "xorg-x11-drv-ati-firmware" - - "zd1211-firmware" - # RHBZ#2075815 - - "qemu-guest-agent" - condition: - distro_name: - rhel: - include: - - "insights-client" + os: + - include: + - "@core" + - "langpacks-en" # not in Google's KS + - "acpid" + - "dnf-automatic" + - "net-tools" + - "python3" + - "rng-tools" + - "tar" + - "vim" + # GCE guest tools + # TODO: uncomment once the package is available + # the el9 version depends on libboost_regex.so.1.75.0()(64bit), which is not available on el10 + # - "google-compute-engine" + - "google-osconfig-agent" + # Requires gdisk which was removed late in the RHEL 10 development cycle + # - "gce-disk-expand" + # cloud-init is a replacement for- "google-compute-engine" remove once the package is available + - "cloud-init" + # 'cloud-utils-growpart' is needed by cloud-init to be able to resize the root partition. Remove once + # we move to GCP guest tools + - cloud-utils-growpart + # Not explicitly included in GCP kickstart, but present on the image + # for time synchronization + - "chrony" + - "timedatex" + # EFI + - "grub2-tools" + - "grub2-tools-minimal" + # Performance tuning + - "tuned" + exclude: + - "alsa-utils" + - "b43-fwcutter" + - "dmraid" + - "dracut-config-rescue" + - "eject" + - "gpm" + - "irqbalance" + - "microcode_ctl" + - "smartmontools" + - "aic94xx-firmware" + - "atmel-firmware" + - "b43-openfwwf" + - "bfa-firmware" + - "ipw2100-firmware" + - "ipw2200-firmware" + - "ivtv-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl1000-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "kernel-firmware" + - "libertas-usb8388-firmware" + - "ql2100-firmware" + - "ql2200-firmware" + - "ql23xx-firmware" + - "ql2400-firmware" + - "ql2500-firmware" + - "rt61pci-firmware" + - "rt73usb-firmware" + - "xorg-x11-drv-ati-firmware" + - "zd1211-firmware" + # RHBZ#2075815 + - "qemu-guest-agent" + condition: + distro_name: + rhel: + include: + - "insights-client" diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-7/distro.yaml b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-7/distro.yaml index ef8acf241..1c1cd780b 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-7/distro.yaml +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-7/distro.yaml @@ -2,42 +2,42 @@ .common: azure_rhui_common_pkgset: &azure_rhui_common_pkgset include: - - "@base" - - "@core" - - "authconfig" - - "bpftool" - - "bzip2" - - "chrony" - - "cloud-init" - - "cloud-utils-growpart" - - "dracut-config-generic" - - "dracut-norescue" - - "efibootmgr" - - "firewalld" - - "gdisk" - - "grub2-efi-x64" - - "grub2-pc" - - "grub2" - - "hyperv-daemons" - - "kernel" - - "lvm2" - - "redhat-release-eula" - - "redhat-support-tool" - - "rh-dotnetcore11" - - "rhn-setup" - - "rhui-azure-rhel7" - - "rsync" - - "shim-x64" - - "tar" - - "tcpdump" - - "WALinuxAgent" - - "yum-rhn-plugin" - - "yum-utils" + - "@base" + - "@core" + - "authconfig" + - "bpftool" + - "bzip2" + - "chrony" + - "cloud-init" + - "cloud-utils-growpart" + - "dracut-config-generic" + - "dracut-norescue" + - "efibootmgr" + - "firewalld" + - "gdisk" + - "grub2-efi-x64" + - "grub2-pc" + - "grub2" + - "hyperv-daemons" + - "kernel" + - "lvm2" + - "redhat-release-eula" + - "redhat-support-tool" + - "rh-dotnetcore11" + - "rhn-setup" + - "rhui-azure-rhel7" + - "rsync" + - "shim-x64" + - "tar" + - "tcpdump" + - "WALinuxAgent" + - "yum-rhn-plugin" + - "yum-utils" exclude: - - "dracut-config-rescue" - - "mariadb-libs" - - "NetworkManager-config-server" - - "postfix" + - "dracut-config-rescue" + - "mariadb-libs" + - "NetworkManager-config-server" + - "postfix" condition: distro_name: "rhel": @@ -85,7 +85,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -118,7 +118,7 @@ image_config: default: timezone: "America/New_York" - locale: "en_US.UTF-8" + locale: "en_US.UTF-8" gpgkey_files: - "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" sysconfig: @@ -133,119 +133,122 @@ image_config: install_weak_deps: true image_types: - azure_rhui: + "azure-rhui": partition_table: <<: *default_partition_tables package_sets: - - *azure_rhui_common_pkgset + os: + - *azure_rhui_common_pkgset ec2: partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "authconfig" - - "kernel" - - "yum-utils" - - "cloud-init" - - "dracut-config-generic" - - "dracut-norescue" - - "grub2" - - "tar" - - "rsync" - - "rh-amazon-rhui-client" - - "redhat-cloud-client-configuration" - - "chrony" - - "cloud-utils-growpart" - - "gdisk" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-tools-firmware" - - "ivtv-firmware" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "biosdevname" - - "plymouth" - # NM is excluded by the original KS, but it is in the image built from it. - # - "NetworkManager" - - "iprutils" - # linux-firmware is uninstalled by the original KS, but it is a direct dependency of kernel, - # so we can't exclude it. - # - "linux-firmware" - - "firewalld" - + os: + - include: + - "@core" + - "authconfig" + - "kernel" + - "yum-utils" + - "cloud-init" + - "dracut-config-generic" + - "dracut-norescue" + - "grub2" + - "tar" + - "rsync" + - "rh-amazon-rhui-client" + - "redhat-cloud-client-configuration" + - "chrony" + - "cloud-utils-growpart" + - "gdisk" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-tools-firmware" + - "ivtv-firmware" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + - "biosdevname" + - "plymouth" + # NM is excluded by the original KS, but it is in the image built from it. + # - "NetworkManager" + - "iprutils" + # linux-firmware is uninstalled by the original KS, but it is a direct dependency of kernel, + # so we can't exclude it. + # - "linux-firmware" + - "firewalld" + qcow2: partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "kernel" - - "nfs-utils" - - "yum-utils" - - "cloud-init" - # - "ovirt-guest-agent-common" - - "rhn-setup" - - "yum-rhn-plugin" - - "cloud-utils-growpart" - - "dracut-config-generic" - - "tar" - - "tcpdump" - - "rsync" - exclude: - - "biosdevname" - - "dracut-config-rescue" - - "iprutils" - - "NetworkManager-team" - - "NetworkManager-tui" - - "NetworkManager" - - "plymouth" - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-tools-firmware" - - "ivtv-firmware" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - condition: - distro_name: - "rhel": - include: - - "insights-client" + os: + - include: + - "@core" + - "kernel" + - "nfs-utils" + - "yum-utils" + - "cloud-init" + # - "ovirt-guest-agent-common" + - "rhn-setup" + - "yum-rhn-plugin" + - "cloud-utils-growpart" + - "dracut-config-generic" + - "tar" + - "tcpdump" + - "rsync" + exclude: + - "biosdevname" + - "dracut-config-rescue" + - "iprutils" + - "NetworkManager-team" + - "NetworkManager-tui" + - "NetworkManager" + - "plymouth" + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-tools-firmware" + - "ivtv-firmware" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + condition: + distro_name: + "rhel": + include: + - "insights-client" diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-8/distro.yaml b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-8/distro.yaml index 68cbabd48..9daac3ef3 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-8/distro.yaml +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-8/distro.yaml @@ -263,113 +263,113 @@ anaconda_pkgset: &anaconda_pkgset include: - - "aajohan-comfortaa-fonts" - - "abattis-cantarell-fonts" - - "alsa-firmware" - - "alsa-tools-firmware" - - "anaconda" - - "anaconda-install-env-deps" - - "anaconda-widgets" - - "audit" - - "bind-utils" - - "bitmap-fangsongti-fonts" - - "bzip2" - - "cryptsetup" - - "dbus-x11" - - "dejavu-sans-fonts" - - "dejavu-sans-mono-fonts" - - "device-mapper-persistent-data" - - "dnf" - - "dump" - - "ethtool" - - "fcoe-utils" - - "ftp" - - "gdb-gdbserver" - - "gdisk" - - "gfs2-utils" - - "glibc-all-langpacks" - - "google-noto-sans-cjk-ttc-fonts" - - "gsettings-desktop-schemas" - - "hdparm" - - "hexedit" - - "initscripts" - - "ipmitool" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "jomolhari-fonts" - - "kacst-farsi-fonts" - - "kacst-qurn-fonts" - - "kbd" - - "kbd-misc" - - "kdump-anaconda-addon" - - "khmeros-base-fonts" - - "libblockdev-lvm-dbus" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "libertas-usb8388-olpc-firmware" - - "libibverbs" - - "libreport-plugin-bugzilla" - - "libreport-plugin-reportuploader" - - "librsvg2" - - "linux-firmware" - - "lklug-fonts" - - "lldpad" - - "lohit-assamese-fonts" - - "lohit-bengali-fonts" - - "lohit-devanagari-fonts" - - "lohit-gujarati-fonts" - - "lohit-gurmukhi-fonts" - - "lohit-kannada-fonts" - - "lohit-odia-fonts" - - "lohit-tamil-fonts" - - "lohit-telugu-fonts" - - "lsof" - - "madan-fonts" - - "metacity" - - "mtr" - - "mt-st" - - "net-tools" - - "nmap-ncat" - - "nm-connection-editor" - - "nss-tools" - - "openssh-server" - - "oscap-anaconda-addon" - - "pciutils" - - "perl-interpreter" - - "pigz" - - "python3-pyatspi" - - "rdma-core" - - "redhat-release-eula" - - "rpm-ostree" - - "rsync" - - "rsyslog" - - "sg3_utils" - - "sil-abyssinica-fonts" - - "sil-padauk-fonts" - - "sil-scheherazade-fonts" - - "smartmontools" - - "smc-meera-fonts" - - "spice-vdagent" - - "strace" - - "system-storage-manager" - - "thai-scalable-waree-fonts" - - "tigervnc-server-minimal" - - "tigervnc-server-module" - - "udisks2" - - "udisks2-iscsi" - - "usbutils" - - "vim-minimal" - - "volume_key" - - "wget" - - "xfsdump" - - "xorg-x11-drivers" - - "xorg-x11-fonts-misc" - - "xorg-x11-server-utils" - - "xorg-x11-server-Xorg" - - "xorg-x11-xauth" + - "aajohan-comfortaa-fonts" + - "abattis-cantarell-fonts" + - "alsa-firmware" + - "alsa-tools-firmware" + - "anaconda" + - "anaconda-install-env-deps" + - "anaconda-widgets" + - "audit" + - "bind-utils" + - "bitmap-fangsongti-fonts" + - "bzip2" + - "cryptsetup" + - "dbus-x11" + - "dejavu-sans-fonts" + - "dejavu-sans-mono-fonts" + - "device-mapper-persistent-data" + - "dnf" + - "dump" + - "ethtool" + - "fcoe-utils" + - "ftp" + - "gdb-gdbserver" + - "gdisk" + - "gfs2-utils" + - "glibc-all-langpacks" + - "google-noto-sans-cjk-ttc-fonts" + - "gsettings-desktop-schemas" + - "hdparm" + - "hexedit" + - "initscripts" + - "ipmitool" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "jomolhari-fonts" + - "kacst-farsi-fonts" + - "kacst-qurn-fonts" + - "kbd" + - "kbd-misc" + - "kdump-anaconda-addon" + - "khmeros-base-fonts" + - "libblockdev-lvm-dbus" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + - "libertas-usb8388-olpc-firmware" + - "libibverbs" + - "libreport-plugin-bugzilla" + - "libreport-plugin-reportuploader" + - "librsvg2" + - "linux-firmware" + - "lklug-fonts" + - "lldpad" + - "lohit-assamese-fonts" + - "lohit-bengali-fonts" + - "lohit-devanagari-fonts" + - "lohit-gujarati-fonts" + - "lohit-gurmukhi-fonts" + - "lohit-kannada-fonts" + - "lohit-odia-fonts" + - "lohit-tamil-fonts" + - "lohit-telugu-fonts" + - "lsof" + - "madan-fonts" + - "metacity" + - "mtr" + - "mt-st" + - "net-tools" + - "nmap-ncat" + - "nm-connection-editor" + - "nss-tools" + - "openssh-server" + - "oscap-anaconda-addon" + - "pciutils" + - "perl-interpreter" + - "pigz" + - "python3-pyatspi" + - "rdma-core" + - "redhat-release-eula" + - "rpm-ostree" + - "rsync" + - "rsyslog" + - "sg3_utils" + - "sil-abyssinica-fonts" + - "sil-padauk-fonts" + - "sil-scheherazade-fonts" + - "smartmontools" + - "smc-meera-fonts" + - "spice-vdagent" + - "strace" + - "system-storage-manager" + - "thai-scalable-waree-fonts" + - "tigervnc-server-minimal" + - "tigervnc-server-module" + - "udisks2" + - "udisks2-iscsi" + - "usbutils" + - "vim-minimal" + - "volume_key" + - "wget" + - "xfsdump" + - "xorg-x11-drivers" + - "xorg-x11-fonts-misc" + - "xorg-x11-server-utils" + - "xorg-x11-server-Xorg" + - "xorg-x11-xauth" condition: architecture: x86_64: @@ -391,12 +391,12 @@ gce_common_pkgset: &gce_common_pkgset include: - "@core" - - "langpacks-en" # not in Google's KS + - "langpacks-en" # not in Google's KS - "acpid" - "dhcp-client" - "dnf-automatic" - "net-tools" - #- "openssh-server" included in core + # - "openssh-server" included in core - "python3" - "rng-tools" - "tar" @@ -568,7 +568,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -649,7 +649,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -715,7 +715,7 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 @@ -771,7 +771,7 @@ image_config: default_oscap_datastream: "/usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml" install_weak_deps: true kernel_options_bootloader: true - locale: "en_US.UTF-8" + locale: "en_US.UTF-8" sysconfig: networking: true no_zero_conf: true @@ -786,57 +786,58 @@ image_types: # XXX: not a real pkgset but the "os" pipeline pkgset for image-installer # find a nicer way to represent this bare_metal: - package_sets: - - include: - - "@core" - - "authselect-compat" - - "chrony" - - "cockpit-system" - - "cockpit-ws" - - "dhcp-client" - - "dnf" - - "dnf-utils" - - "dosfstools" - - "dracut-norescue" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "lvm2" - - "net-tools" - - "NetworkManager" - - "nfs-utils" - - "oddjob" - - "oddjob-mkhomedir" - - "policycoreutils" - - "psmisc" - - "python3-jsonschema" - - "qemu-guest-agent" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "selinux-policy-targeted" - - "tar" - - "tcpdump" - - "yum" - condition: - distro_name: - rhel: - include: - - "insights-client" - - "subscription-manager-cockpit" + package_sets: &bare_metal_pkgset + os: + - include: + - "@core" + - "authselect-compat" + - "chrony" + - "cockpit-system" + - "cockpit-ws" + - "dhcp-client" + - "dnf" + - "dnf-utils" + - "dosfstools" + - "dracut-norescue" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "lvm2" + - "net-tools" + - "NetworkManager" + - "nfs-utils" + - "oddjob" + - "oddjob-mkhomedir" + - "policycoreutils" + - "psmisc" + - "python3-jsonschema" + - "qemu-guest-agent" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "selinux-policy-targeted" + - "tar" + - "tcpdump" + - "yum" + condition: + distro_name: + rhel: + include: + - "insights-client" + - "subscription-manager-cockpit" ec2: &ec2 partition_table: @@ -844,256 +845,268 @@ image_types: partition_tables_override: <<: *ec2_partition_tables_override package_sets: - - *ec2_common_pkgset - - include: - - "rh-amazon-rhui-client" - exclude: - - "alsa-lib" - condition: - version_greater_or_equal: - "8.7": - include: - - "redhat-cloud-client-configuration" + os: + - *ec2_common_pkgset + - include: + - "rh-amazon-rhui-client" + exclude: + - "alsa-lib" + condition: + version_greater_or_equal: + "8.7": + include: + - "redhat-cloud-client-configuration" - ec2_ha: + "ec2-ha": <<: *ec2 package_sets: - - *ec2_common_pkgset - - include: - - "fence-agents-all" - - "pacemaker" - - "pcs" - - "rh-amazon-rhui-client-ha" - exclude: - - "alsa-lib" - condition: - version_greater_or_equal: - "8.7": - include: - - "redhat-cloud-client-configuration" + os: + - *ec2_common_pkgset + - include: + - "fence-agents-all" + - "pacemaker" + - "pcs" + - "rh-amazon-rhui-client-ha" + exclude: + - "alsa-lib" + condition: + version_greater_or_equal: + "8.7": + include: + - "redhat-cloud-client-configuration" ami: <<: *ec2 package_sets: - - *ec2_common_pkgset + os: + - *ec2_common_pkgset - ec2_sap: + "ec2-sap": <<: *ec2 package_sets: - - *ec2_common_pkgset - - *sap_pkgset - - condition: - version_less_than: - "8.10": - include: - - "rh-amazon-rhui-client-sap-bundle-e4s" - version_greater_or_equal: - "8.10": - include: - - "rh-amazon-rhui-client-sap-bundle" - "8.7": - include: - - "redhat-cloud-client-configuration" + os: + - *ec2_common_pkgset + - *sap_pkgset + - condition: + version_less_than: + "8.10": + include: + - "rh-amazon-rhui-client-sap-bundle-e4s" + version_greater_or_equal: + "8.10": + include: + - "rh-amazon-rhui-client-sap-bundle" + "8.7": + include: + - "redhat-cloud-client-configuration" - azure_rhui: + "azure-rhui": package_sets: - - *azure_common_pkgset - - include: - - "firewalld" - - "rhui-azure-rhel8" - exclude: - - "alsa-lib" + os: + - *azure_common_pkgset + - include: + - "firewalld" + - "rhui-azure-rhel8" + exclude: + - "alsa-lib" - azure_sap_rhui: + "azure-sap-rhui": package_sets: - - *azure_common_pkgset - - *sap_pkgset - - include: - - "firewalld" - condition: - version_greater_or_equal: - "8.10": - include: - - "rhui-azure-rhel8-base-sap-ha" - version_less_than: - "8.10": - include: - - "rhui-azure-rhel8-sap-ha" + os: + - *azure_common_pkgset + - *sap_pkgset + - include: + - "firewalld" + condition: + version_greater_or_equal: + "8.10": + include: + - "rhui-azure-rhel8-base-sap-ha" + version_less_than: + "8.10": + include: + - "rhui-azure-rhel8-sap-ha" - azure_eap7_rhui: + "azure-eap7-rhui": package_sets: - - *azure_common_pkgset - - include: - - "rhui-azure-rhel8" - exclude: - - "firewalld" + os: + - *azure_common_pkgset + - include: + - "rhui-azure-rhel8" + exclude: + - "firewalld" vhd: partition_table: <<: *default_partition_tables package_sets: - - *azure_common_pkgset - - &azure_pkgset - include: - - "firewalld" - exclude: - - "alsa-lib" + os: + - *azure_common_pkgset + - &azure_pkgset + include: + - "firewalld" + exclude: + - "alsa-lib" - image_installer: + "image-installer": package_sets: - - *installer_pkgset - - *anaconda_pkgset - - *anaconda_boot_pkgset + <<: *bare_metal_pkgset + installer: + - *installer_pkgset + - *anaconda_pkgset + - *anaconda_boot_pkgset tar: package_sets: - - include: - - "policycoreutils" - - "selinux-policy-targeted" - exclude: - - "rng-tools" + os: + - include: + - "policycoreutils" + - "selinux-policy-targeted" + exclude: + - "rng-tools" - - edge_commit: + "edge-commit": package_sets: - - &edge_commit_pkgset - include: - - "attr" - - "audit" - - "basesystem" - - "bash" - - "bash-completion" - - "chrony" - - "clevis" - - "clevis-dracut" - - "clevis-luks" - - "container-selinux" - - "coreutils" - - "criu" - - "cryptsetup" - - "curl" - - "dnsmasq" - - "dosfstools" - - "dracut-config-generic" - - "dracut-network" - - "e2fsprogs" - - "firewalld" - - "fuse-overlayfs" - - "fwupd" - - "glibc" - - "glibc-minimal-langpack" - - "gnupg2" - - "greenboot" - - "gzip" - - "hostname" - - "ima-evm-utils" - - "iproute" - - "iptables" - - "iputils" - - "keyutils" - - "less" - - "lvm2" - - "NetworkManager" - - "NetworkManager-wifi" - - "NetworkManager-wwan" - - "nss-altfiles" - - "openssh-clients" - - "openssh-server" - - "passwd" - - "pinentry" - - "platform-python" - - "podman" - - "policycoreutils" - - "policycoreutils-python-utils" - - "polkit" - - "procps-ng" - - "redhat-release" - - "rootfiles" - - "rpm" - - "rpm-ostree" - - "rsync" - - "selinux-policy-targeted" - - "setools-console" - - "setup" - - "shadow-utils" - - "shadow-utils" - - "skopeo" - - "slirp4netns" - - "sudo" - - "systemd" - - "tar" - - "tmux" - - "traceroute" - - "usbguard" - - "util-linux" - - "vim-minimal" - - "wpa_supplicant" - - "xz" - exclude: - - "rng-tools" - condition: - architecture: - x86_64: &edge_commit_x86_64_pkgset - include: - - "efibootmgr" - - "grub2" - - "grub2-efi-x64" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "microcode_ctl" - - "shim-x64" - aarch64: &edge_commit_aarch64_pkgset - include: - - "grub2-efi-aa64" - - "efibootmgr" - - "shim-aa64" - - "iwl7260-firmware" - version_less_than: - "8.6": - include: - - "greenboot-grub2" - - "greenboot-reboot" - - "greenboot-rpm-ostree-grub2" - - "greenboot-status" - version_greater_or_equal: - "8.6": &edge_commit_new_rhel - include: - - "fdo-client" - - "fdo-owner-cli" - - "greenboot-default-health-checks" - - "sos" - distro_name: - centos: - *edge_commit_new_rhel + os: + - &edge_commit_pkgset + include: + - "attr" + - "audit" + - "basesystem" + - "bash" + - "bash-completion" + - "chrony" + - "clevis" + - "clevis-dracut" + - "clevis-luks" + - "container-selinux" + - "coreutils" + - "criu" + - "cryptsetup" + - "curl" + - "dnsmasq" + - "dosfstools" + - "dracut-config-generic" + - "dracut-network" + - "e2fsprogs" + - "firewalld" + - "fuse-overlayfs" + - "fwupd" + - "glibc" + - "glibc-minimal-langpack" + - "gnupg2" + - "greenboot" + - "gzip" + - "hostname" + - "ima-evm-utils" + - "iproute" + - "iptables" + - "iputils" + - "keyutils" + - "less" + - "lvm2" + - "NetworkManager" + - "NetworkManager-wifi" + - "NetworkManager-wwan" + - "nss-altfiles" + - "openssh-clients" + - "openssh-server" + - "passwd" + - "pinentry" + - "platform-python" + - "podman" + - "policycoreutils" + - "policycoreutils-python-utils" + - "polkit" + - "procps-ng" + - "redhat-release" + - "rootfiles" + - "rpm" + - "rpm-ostree" + - "rsync" + - "selinux-policy-targeted" + - "setools-console" + - "setup" + - "shadow-utils" + - "shadow-utils" + - "skopeo" + - "slirp4netns" + - "sudo" + - "systemd" + - "tar" + - "tmux" + - "traceroute" + - "usbguard" + - "util-linux" + - "vim-minimal" + - "wpa_supplicant" + - "xz" + exclude: + - "rng-tools" + condition: + architecture: + x86_64: &edge_commit_x86_64_pkgset + include: + - "efibootmgr" + - "grub2" + - "grub2-efi-x64" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "microcode_ctl" + - "shim-x64" + aarch64: &edge_commit_aarch64_pkgset + include: + - "grub2-efi-aa64" + - "efibootmgr" + - "shim-aa64" + - "iwl7260-firmware" + version_less_than: + "8.6": + include: + - "greenboot-grub2" + - "greenboot-reboot" + - "greenboot-rpm-ostree-grub2" + - "greenboot-status" + version_greater_or_equal: + "8.6": &edge_commit_new_rhel + include: + - "fdo-client" + - "fdo-owner-cli" + - "greenboot-default-health-checks" + - "sos" + distro_name: + centos: + *edge_commit_new_rhel - edge_installer: + "edge-installer": package_sets: - # TODO: non-arch-specific package set handling for installers - # This image type requires build packages for installers and - # ostree/edge. For now we only have x86-64 installer build - # package sets defined. When we add installer build package sets - # for other architectures, this will need to be moved to the - # architecture and the merging will happen in the PackageSets() - # method like the other sets. - - *installer_pkgset - - *anaconda_pkgset - - *anaconda_boot_pkgset + installer: + # TODO: non-arch-specific package set handling for installers + # This image type requires build packages for installers and + # ostree/edge. For now we only have x86-64 installer build + # package sets defined. When we add installer build package sets + # for other architectures, this will need to be moved to the + # architecture and the merging will happen in the PackageSets() + # method like the other sets. + - *installer_pkgset + - *anaconda_pkgset + - *anaconda_boot_pkgset - edge_raw_image: + "edge-raw-image": partition_table: <<: *edge_base_partition_tables - edge_simplified_installer: + "edge-simplified-installer": partition_table: <<: *edge_base_partition_tables package_sets: @@ -1104,76 +1117,80 @@ image_types: # for other architectures, this will need to be moved to the # architecture and the merging will happen in the PackageSets() # method like the other sets. - - *installer_pkgset - - include: - - "attr" - - "basesystem" - - "binutils" - - "bsdtar" - - "clevis-dracut" - - "clevis-luks" - - "cloud-utils-growpart" - - "coreos-installer" - - "coreos-installer-dracut" - - "coreutils" - - "device-mapper-multipath" - - "dnsmasq" - - "dosfstools" - - "dracut-live" - - "e2fsprogs" - - "fcoe-utils" - - "fdo-init" - - "gzip" - - "ima-evm-utils" - - "iproute" - - "iptables" - - "iputils" - - "iscsi-initiator-utils" - - "keyutils" - - "lldpad" - - "lvm2" - - "passwd" - - "policycoreutils" - - "policycoreutils-python-utils" - - "procps-ng" - - "redhat-logos" - - "rootfiles" - - "setools-console" - - "sudo" - - "traceroute" - - "util-linux" - condition: - architecture: - x86_64: - *edge_commit_x86_64_pkgset - aarch64: - *edge_commit_aarch64_pkgset + installer: + - *installer_pkgset + - include: + - "attr" + - "basesystem" + - "binutils" + - "bsdtar" + - "clevis-dracut" + - "clevis-luks" + - "cloud-utils-growpart" + - "coreos-installer" + - "coreos-installer-dracut" + - "coreutils" + - "device-mapper-multipath" + - "dnsmasq" + - "dosfstools" + - "dracut-live" + - "e2fsprogs" + - "fcoe-utils" + - "fdo-init" + - "gzip" + - "ima-evm-utils" + - "iproute" + - "iptables" + - "iputils" + - "iscsi-initiator-utils" + - "keyutils" + - "lldpad" + - "lvm2" + - "passwd" + - "policycoreutils" + - "policycoreutils-python-utils" + - "procps-ng" + - "redhat-logos" + - "rootfiles" + - "setools-console" + - "sudo" + - "traceroute" + - "util-linux" + condition: + architecture: + x86_64: + *edge_commit_x86_64_pkgset + aarch64: + *edge_commit_aarch64_pkgset - edge_container: + "edge-container": package_sets: - - *edge_commit_pkgset + os: + - *edge_commit_pkgset # XXX: not a real pkgset but the "containerPkgsKey" - edge_container_pipeline_pkgset: + "edge-container-pipeline-pkgset": package_sets: - - include: - - "nginx" + os: + - include: + - "nginx" vmdk: &vmdk partition_table: <<: *default_partition_tables package_sets: &vmdk_pkgsets - - include: - - "@core" - - "chrony" - - "cloud-init" - - "firewalld" - - "langpacks-en" - - "open-vm-tools" - - "selinux-policy-targeted" - exclude: - - "dracut-config-rescue" - - "rng-tools" + os: + - include: + - "@core" + - "chrony" + - "cloud-init" + - "firewalld" + - "langpacks-en" + - "open-vm-tools" + - "selinux-policy-targeted" + exclude: + - "dracut-config-rescue" + - "rng-tools" ova: *vmdk @@ -1181,20 +1198,23 @@ image_types: partition_table: <<: *default_partition_tables package_sets: - - *gce_common_pkgset + os: + - *gce_common_pkgset - gce_rhui: + "gce-rhui": <<: *gce package_sets: - - *gce_common_pkgset - - include: - - "google-rhui-client-rhel8" + os: + - *gce_common_pkgset + - include: + - "google-rhui-client-rhel8" qcow2: &qcow2 partition_table: <<: *default_partition_tables package_sets: &qcow2_pkgset - - *qcow2_common_pkgset + os: + - *qcow2_common_pkgset oci: *qcow2 @@ -1202,133 +1222,136 @@ image_types: partition_table: <<: *default_partition_tables package_sets: - - include: - - "@Core" - - "langpacks-en" - # From the lorax kickstart - - "selinux-policy-targeted" - - "cloud-init" - - "qemu-guest-agent" - - "spice-vdagent" - exclude: - - "dracut-config-rescue" - - "rng-tools" + os: + - include: + - "@Core" + - "langpacks-en" + # From the lorax kickstart + - "selinux-policy-targeted" + - "cloud-init" + - "qemu-guest-agent" + - "spice-vdagent" + exclude: + - "dracut-config-rescue" + - "rng-tools" wsl: package_sets: - - include: - - "alternatives" - - "audit-libs" - - "basesystem" - - "bash" - - "brotli" - - "ca-certificates" - - "coreutils-single" - - "crypto-policies-scripts" - - "curl" - - "libcurl" - - "dnf" - - "filesystem" - - "findutils" - - "gdb-gdbserver" - # Differs from official UBI, as we don't include CRB repos - # - "gdbm" - - "glibc-minimal-langpack" - - "gmp" - - "gnupg2" - - "gobject-introspection" - - "hostname" - - "langpacks-en" - - "openssh-server" - - "pam" - - "passwd" - - "procps-ng" - - "python3" - - "python3-inotify" - - "python3-systemd" - - "redhat-release" - - "rootfiles" - - "rpm" - - "sed" - - "setup" - - "shadow-utils" - - "subscription-manager" - - "sudo" - - "systemd" - - "tar" - - "tpm2-tss" - - "tzdata" - - "util-linux" - - "vim-minimal" - - "yum" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-tools-firmware" - - "biosdevname" - - "cpio" - - "diffutils" - - "dnf-plugin-spacewalk" - - "dracut" - - "elfutils-debuginfod-client" - - "fedora-release" - - "fedora-repos" - - "fontpackages-filesystem" - - "gawk-all-langpacks" - - "gettext" - - "glibc-gconv-extra" - - "glibc-langpack-en" - - "gnupg2-smime" - - "grub2-common" - - "hardlink" - - "iprutils" - - "ivtv-firmware" - - "kbd" - - "kmod" - - "kpartx" - - "libcroco" - - "libcrypt-compat" - - "libevent" - - "libkcapi" - - "libkcapi-hmaccalc" - - "libsecret" - - "libselinux-utils" - - "libxkbcommon" - - "libertas-sd8787-firmware" - - "memstrack" - - "nss" - - "openssl" - - "openssl-pkcs11" - - "os-prober" - - "pigz" - - "pinentry" - - "plymouth" - - "policycoreutils" - - "python3-unbound" - - "redhat-release-eula" - - "rng-tools" - - "rpm-plugin-selinux" - - "rpm-plugin-systemd-inhibit" - - "selinux-policy" - - "selinux" - - "selinux-policy-targeted" - - "shared-mime-info" - - "systemd-udev" - - "trousers" - - "udisks2" - - "unbound-libs" - - "xkeyboard-config" - - "xz" + os: + - include: + - "alternatives" + - "audit-libs" + - "basesystem" + - "bash" + - "brotli" + - "ca-certificates" + - "coreutils-single" + - "crypto-policies-scripts" + - "curl" + - "libcurl" + - "dnf" + - "filesystem" + - "findutils" + - "gdb-gdbserver" + # Differs from official UBI, as we don't include CRB repos + # - "gdbm" + - "glibc-minimal-langpack" + - "gmp" + - "gnupg2" + - "gobject-introspection" + - "hostname" + - "langpacks-en" + - "openssh-server" + - "pam" + - "passwd" + - "procps-ng" + - "python3" + - "python3-inotify" + - "python3-systemd" + - "redhat-release" + - "rootfiles" + - "rpm" + - "sed" + - "setup" + - "shadow-utils" + - "subscription-manager" + - "sudo" + - "systemd" + - "tar" + - "tpm2-tss" + - "tzdata" + - "util-linux" + - "vim-minimal" + - "yum" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-tools-firmware" + - "biosdevname" + - "cpio" + - "diffutils" + - "dnf-plugin-spacewalk" + - "dracut" + - "elfutils-debuginfod-client" + - "fedora-release" + - "fedora-repos" + - "fontpackages-filesystem" + - "gawk-all-langpacks" + - "gettext" + - "glibc-gconv-extra" + - "glibc-langpack-en" + - "gnupg2-smime" + - "grub2-common" + - "hardlink" + - "iprutils" + - "ivtv-firmware" + - "kbd" + - "kmod" + - "kpartx" + - "libcroco" + - "libcrypt-compat" + - "libevent" + - "libkcapi" + - "libkcapi-hmaccalc" + - "libsecret" + - "libselinux-utils" + - "libxkbcommon" + - "libertas-sd8787-firmware" + - "memstrack" + - "nss" + - "openssl" + - "openssl-pkcs11" + - "os-prober" + - "pigz" + - "pinentry" + - "plymouth" + - "policycoreutils" + - "python3-unbound" + - "redhat-release-eula" + - "rng-tools" + - "rpm-plugin-selinux" + - "rpm-plugin-systemd-inhibit" + - "selinux-policy" + - "selinux" + - "selinux-policy-targeted" + - "shared-mime-info" + - "systemd-udev" + - "trousers" + - "udisks2" + - "unbound-libs" + - "xkeyboard-config" + - "xz" - minimal_raw: + "minimal-raw": partition_table: <<: *default_partition_tables package_sets: - - include: - - "@core" - - "initial-setup" - - "libxkbcommon" - - "NetworkManager-wifi" - - "iwl7260-firmware" - - "iwl3160-firmware" + os: + - include: + - "@core" + - "initial-setup" + - "libxkbcommon" + - "NetworkManager-wifi" + - "iwl7260-firmware" + - "iwl3160-firmware" diff --git a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-9/distro.yaml b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-9/distro.yaml index 43773d51b..032b1b110 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-9/distro.yaml +++ b/vendor/github.com/osbuild/images/pkg/distro/defs/rhel-9/distro.yaml @@ -404,12 +404,12 @@ type: vfat uuid: *efi_filesystem_uuid mountpoint: "/boot/efi" - label: "EFI-SYSTEM" + label: "ESP" fstab_options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" fstab_freq: 0 fstab_passno: 2 - &default_partition_table_part_boot - size: 1_073_741_824 # 1 GiB + size: 1_073_741_824 # 1 GiB type: *xboot_ldr_partition_guid uuid: *data_partition_uuid payload_type: "filesystem" @@ -420,12 +420,6 @@ fstab_options: "defaults" fstab_freq: 0 fstab_passno: 0 - - &default_partition_table_part_boot512 - <<: *default_partition_table_part_boot - size: 524_288_000 # 500 MiB - - &default_partition_table_part_boot600 - <<: *default_partition_table_part_boot - size: 629_145_600 # 600 MiB - &default_partition_table_part_root size: 2_147_483_648 # 2 * datasizes.GibiByte, type: *filesystem_data_guid @@ -493,85 +487,16 @@ <<: *default_partition_table_part_root_ppc64le bootable: true - default_partition_tables_override: &default_partition_tables_override - condition: - version_less_than: &default_partition_tables_override_lt - "9.3": &default_partition_tables_override_lt_9_3 - x86_64: - <<: *default_partition_table_x86_64 - partitions: - - *default_partition_table_part_bios - - *default_partition_table_part_efi - - *default_partition_table_part_boot512 - - *default_partition_table_part_root - aarch64: - <<: *default_partition_table_aarch64 - partitions: - - *default_partition_table_part_efi - - *default_partition_table_part_boot512 - - *default_partition_table_part_root - ppc64le: - <<: *default_partition_table_ppc64le - partitions: - - *default_partition_table_part_bios_ppc64le - - *default_partition_table_part_boot512_ppc64le - - *default_partition_table_part_root_ppc64le - s390x: - <<: *default_partition_table_s390x - partitions: - - *default_partition_table_part_boot512_ppc64le - - *default_partition_table_part_root_s390x - "9.4": - x86_64: - <<: *default_partition_table_x86_64 - partitions: - - *default_partition_table_part_bios - - *default_partition_table_part_efi - - *default_partition_table_part_boot600 - - *default_partition_table_part_root - aarch64: - <<: *default_partition_table_aarch64 - partitions: - - *default_partition_table_part_efi - - *default_partition_table_part_boot600 - - *default_partition_table_part_root - ppc64le: - <<: *default_partition_table_ppc64le - partitions: - - *default_partition_table_part_bios_ppc64le - - *default_partition_table_part_boot600_ppc64le - - *default_partition_table_part_root_ppc64le - s390x: - <<: *default_partition_table_s390x - partitions: - - *default_partition_table_part_boot600_ppc64le - - *default_partition_table_part_root_s390x - distro_name: - # we need this override to ensure that centos always gets - # the latest partition-tables, othersie "centos-9" is - # less then "9 <= 9.3" - "centos": - x86_64: - <<: *default_partition_table_x86_64 - aarch64: - <<: *default_partition_table_aarch64 - ppc64le: - <<: *default_partition_table_ppc64le - s390x: - <<: *default_partition_table_s390x - ec2_partition_tables_override: &ec2_partition_tables_override condition: version_less_than: - <<: *default_partition_tables_override_lt "9.3": - <<: *default_partition_tables_override_lt_9_3 x86_64: <<: *default_partition_table_x86_64 partitions: - *default_partition_table_part_bios # note no boot efi - - *default_partition_table_part_boot512 + - *default_partition_table_part_boot - *default_partition_table_part_root distro_name: # we need this override to ensure that centos always gets @@ -607,248 +532,248 @@ image_types: # XXX: not a real pkgset but the "os" pipeline pkgset for image-installer # find a nicer way to represent this bare_metal: - package_sets: - - *distro_build_pkgset - - include: - - "@core" - - "authselect-compat" - - "chrony" - - "cockpit-system" - - "cockpit-ws" - - "dhcp-client" - - "dnf-utils" - - "dosfstools" - - "firewalld" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "lvm2" - - "net-tools" - - "nfs-utils" - - "oddjob" - - "oddjob-mkhomedir" - - "policycoreutils" - - "psmisc" - - "python3-jsonschema" - - "qemu-guest-agent" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "tar" - - "tcpdump" - - "tuned" - exclude: - - "dracut-config-rescue" - condition: - distro_name: - rhel: - include: - - "subscription-manager-cockpit" + package_sets: &bare_metal_pkgset + os: + - *distro_build_pkgset + - include: + - "@core" + - "authselect-compat" + - "chrony" + - "cockpit-system" + - "cockpit-ws" + - "dhcp-client" + - "dnf-utils" + - "dosfstools" + - "firewalld" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "lvm2" + - "net-tools" + - "nfs-utils" + - "oddjob" + - "oddjob-mkhomedir" + - "policycoreutils" + - "psmisc" + - "python3-jsonschema" + - "qemu-guest-agent" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "tar" + - "tcpdump" + - "tuned" + exclude: + - "dracut-config-rescue" + condition: + distro_name: + rhel: + include: + - "subscription-manager-cockpit" qcow2: &qcow2 partition_table: <<: *default_partition_tables - partition_tables_override: - <<: *default_partition_tables_override package_sets: - - include: - - "@core" - - "authselect-compat" - - "chrony" - - "cloud-init" - - "cloud-utils-growpart" - - "cockpit-system" - - "cockpit-ws" - - "dnf-utils" - - "dosfstools" - - "nfs-utils" - - "oddjob" - - "oddjob-mkhomedir" - - "psmisc" - - "python3-jsonschema" - - "qemu-guest-agent" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "tar" - - "tuned" - - "tcpdump" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-tools-firmware" - - "biosdevname" - - "dnf-plugin-spacewalk" - - "dracut-config-rescue" - - "fedora-release" - - "fedora-repos" - - "firewalld" - - "iprutils" - - "ivtv-firmware" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "langpacks-*" - - "langpacks-en" - - "libertas-sd8787-firmware" - - "nss" - - "plymouth" - - "rng-tools" - - "udisks2" - condition: - distro_name: - rhel: - include: - - "insights-client" - - "subscription-manager-cockpit" + os: + - include: + - "@core" + - "authselect-compat" + - "chrony" + - "cloud-init" + - "cloud-utils-growpart" + - "cockpit-system" + - "cockpit-ws" + - "dnf-utils" + - "dosfstools" + - "nfs-utils" + - "oddjob" + - "oddjob-mkhomedir" + - "psmisc" + - "python3-jsonschema" + - "qemu-guest-agent" + - "redhat-release" + - "redhat-release-eula" + - "rsync" + - "tar" + - "tuned" + - "tcpdump" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-tools-firmware" + - "biosdevname" + - "dnf-plugin-spacewalk" + - "dracut-config-rescue" + - "fedora-release" + - "fedora-repos" + - "firewalld" + - "iprutils" + - "ivtv-firmware" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "langpacks-*" + - "langpacks-en" + - "libertas-sd8787-firmware" + - "nss" + - "plymouth" + - "rng-tools" + - "udisks2" + condition: + distro_name: + rhel: + include: + - "insights-client" + - "subscription-manager-cockpit" oci: *qcow2 vhd: &vhd partition_table: <<: *default_partition_tables - partition_tables_override: - <<: *default_partition_tables_override package_sets: - - &vhd_pkgset - include: - - "@Server" - - "bzip2" - - "cloud-init" - - "cloud-utils-growpart" - - "dracut-config-generic" - - "efibootmgr" - - "gdisk" - - "hyperv-daemons" - - "kernel-core" - - "kernel-modules" - - "kernel" - - "langpacks-en" - - "lvm2" - - "NetworkManager" - - "NetworkManager-cloud-setup" - - "nvme-cli" - - "patch" - - "rng-tools" - - "selinux-policy-targeted" - - "uuid" - - "WALinuxAgent" - - "yum-utils" - exclude: - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-lib" - - "alsa-sof-firmware" - - "alsa-tools-firmware" - - "biosdevname" - - "bolt" - - "buildah" - - "cockpit-podman" - - "containernetworking-plugins" - - "dnf-plugin-spacewalk" - - "dracut-config-rescue" - - "glibc-all-langpacks" - - "iprutils" - - "ivtv-firmware" - - "iwl100-firmware" - - "iwl1000-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "NetworkManager-config-server" - - "plymouth" - - "podman" - - "python3-dnf-plugin-spacewalk" - - "python3-hwdata" - - "python3-rhnlib" - - "rhn-check" - - "rhn-client-tools" - - "rhn-setup" - - "rhnlib" - - "rhnsd" - - "usb_modeswitch" - condition: - distro_name: - rhel: - include: - - "insights-client" - version_greater_or_equal: - "9.6": - include: - - "system-reinstall-bootc" - exclude: - - "microcode_ctl" + os: + - &vhd_pkgset + include: + - "@Server" + - "bzip2" + - "cloud-init" + - "cloud-utils-growpart" + - "dracut-config-generic" + - "efibootmgr" + - "gdisk" + - "hyperv-daemons" + - "kernel-core" + - "kernel-modules" + - "kernel" + - "langpacks-en" + - "lvm2" + - "NetworkManager" + - "NetworkManager-cloud-setup" + - "nvme-cli" + - "patch" + - "rng-tools" + - "selinux-policy-targeted" + - "uuid" + - "WALinuxAgent" + - "yum-utils" + exclude: + - "aic94xx-firmware" + - "alsa-firmware" + - "alsa-lib" + - "alsa-sof-firmware" + - "alsa-tools-firmware" + - "biosdevname" + - "bolt" + - "buildah" + - "cockpit-podman" + - "containernetworking-plugins" + - "dnf-plugin-spacewalk" + - "dracut-config-rescue" + - "glibc-all-langpacks" + - "iprutils" + - "ivtv-firmware" + - "iwl100-firmware" + - "iwl1000-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6000g2b-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "libertas-sd8686-firmware" + - "libertas-sd8787-firmware" + - "libertas-usb8388-firmware" + - "NetworkManager-config-server" + - "plymouth" + - "podman" + - "python3-dnf-plugin-spacewalk" + - "python3-hwdata" + - "python3-rhnlib" + - "rhn-check" + - "rhn-client-tools" + - "rhn-setup" + - "rhnlib" + - "rhnsd" + - "usb_modeswitch" + condition: + distro_name: + rhel: + include: + - "insights-client" + version_greater_or_equal: + "9.6": + include: + - "system-reinstall-bootc" + exclude: + - "microcode_ctl" - azure_rhui: *vhd + "azure-rhui": *vhd - azure_sap_rhui: + "azure-sap-rhui": package_sets: - - *vhd_pkgset - - *sap_pkgset + os: + - *vhd_pkgset + - *sap_pkgset tar: package_sets: - - include: - - "policycoreutils" - - "selinux-policy-targeted" - exclude: - - "rng-tools" + os: + - include: + - "policycoreutils" + - "selinux-policy-targeted" + exclude: + - "rng-tools" vmdk: &vmdk partition_table: <<: *default_partition_tables - partition_tables_override: - <<: *default_partition_tables_override package_sets: - - include: - - "@core" - - "chrony" - - "cloud-init" - - "firewalld" - - "langpacks-en" - - "open-vm-tools" - - "tuned" - exclude: - - "dracut-config-rescue" - - "rng-tools" + os: + - include: + - "@core" + - "chrony" + - "cloud-init" + - "firewalld" + - "langpacks-en" + - "open-vm-tools" + - "tuned" + exclude: + - "dracut-config-rescue" + - "rng-tools" ova: *vmdk @@ -858,392 +783,402 @@ image_types: partition_tables_override: <<: *ec2_partition_tables_override package_sets: - - *ec2_base_pkgset - - exclude: - - "alsa-lib" + os: + - *ec2_base_pkgset + - exclude: + - "alsa-lib" ami: *ec2 - ec2_ha: + "ec2-ha": <<: *ec2 package_sets: - - *ec2_base_pkgset - - include: - - "fence-agents-all" - - "pacemaker" - - "pcs" - exclude: - - "alsa-lib" + os: + - *ec2_base_pkgset + - include: + - "fence-agents-all" + - "pacemaker" + - "pcs" + exclude: + - "alsa-lib" - ec2_sap: + "ec2-sap": <<: *ec2 package_sets: - - *ec2_base_pkgset - - *sap_pkgset - - include: - - "libcanberra-gtk2" - exclude: - # COMPOSER-1829 - - "firewalld" + os: + - *ec2_base_pkgset + - *sap_pkgset + - include: + - "libcanberra-gtk2" + exclude: + # COMPOSER-1829 + - "firewalld" wsl: &wsl package_sets: - - include: - - "alternatives" - - "audit-libs" - - "basesystem" - - "bash" - - "ca-certificates" - - "cloud-init" - - "coreutils-single" - - "crypto-policies-scripts" - - "curl-minimal" - - "dejavu-sans-fonts" - - "dnf" - - "filesystem" - - "findutils" - - "gdb-gdbserver" - # Differs from official UBI, as we don't include CRB repos - # - "gdbm" - - "glibc-minimal-langpack" - - "gmp" - - "gnupg2" - - "gobject-introspection" - - "hostname" - - "langpacks-en" - - "libcurl-minimal" - - "openssh-server" - - "openssl" - - "pam" - - "passwd" - - "procps-ng" - - "python3" - - "python3-inotify" - - "redhat-release" - - "rootfiles" - - "rpm" - - "sed" - - "setup" - - "shadow-utils" - - "subscription-manager" - - "sudo" - - "systemd" - - "tar" - - "tpm2-tss" - - "tzdata" - - "util-linux" - - "vim-minimal" - - "yum" - exclude: - - "gawk-all-langpacks" - - "glibc-gconv-extra" - - "glibc-langpack-en" - - "openssl-pkcs11" - - "python-unversioned-command" - - "redhat-release-eula" - - "rpm-plugin-systemd-inhibit" + os: + - include: + - "alternatives" + - "audit-libs" + - "basesystem" + - "bash" + - "ca-certificates" + - "cloud-init" + - "coreutils-single" + - "crypto-policies-scripts" + - "curl-minimal" + - "dejavu-sans-fonts" + - "dnf" + - "filesystem" + - "findutils" + - "gdb-gdbserver" + # Differs from official UBI, as we don't include CRB repos + # - "gdbm" + - "glibc-minimal-langpack" + - "gmp" + - "gnupg2" + - "gobject-introspection" + - "hostname" + - "langpacks-en" + - "libcurl-minimal" + - "openssh-server" + - "openssl" + - "pam" + - "passwd" + - "procps-ng" + - "python3" + - "python3-inotify" + - "redhat-release" + - "rootfiles" + - "rpm" + - "sed" + - "setup" + - "shadow-utils" + - "subscription-manager" + - "sudo" + - "systemd" + - "tar" + - "tpm2-tss" + - "tzdata" + - "util-linux" + - "vim-minimal" + - "yum" + exclude: + - "gawk-all-langpacks" + - "glibc-gconv-extra" + - "glibc-langpack-en" + - "openssl-pkcs11" + - "python-unversioned-command" + - "redhat-release-eula" + - "rpm-plugin-systemd-inhibit" - image_installer: + "image-installer": package_sets: - - *installer_pkgset - - *anaconda_pkgset + <<: *bare_metal_pkgset + installer: + - *installer_pkgset + - *anaconda_pkgset gce: partition_table: <<: *default_partition_tables - partition_tables_override: - <<: *default_partition_tables_override package_sets: - - include: - - "@core" - # not in Google's KS - - "langpacks-en" - - "acpid" - - "dhcp-client" - - "dnf-automatic" - - "net-tools" - # - "openssh-server" included in core - - "python3" - - "rng-tools" - - "tar" - - "vim" - # GCE guest tools - - "google-compute-engine" - - "google-osconfig-agent" - - "gce-disk-expand" - # Not explicitly included in GCP kickstart, but present on the image - # for time synchronization - - "chrony" - - "timedatex" - # EFI - - "grub2-tools" - - "grub2-tools-minimal" - # Performance tuning - - "tuned" - exclude: - - "alsa-utils" - - "b43-fwcutter" - - "dmraid" - - "dracut-config-rescue" - - "eject" - - "gpm" - - "irqbalance" - - "microcode_ctl" - - "smartmontools" - - "aic94xx-firmware" - - "atmel-firmware" - - "b43-openfwwf" - - "bfa-firmware" - - "ipw2100-firmware" - - "ipw2200-firmware" - - "ivtv-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl1000-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "kernel-firmware" - - "libertas-usb8388-firmware" - - "ql2100-firmware" - - "ql2200-firmware" - - "ql23xx-firmware" - - "ql2400-firmware" - - "ql2500-firmware" - - "rt61pci-firmware" - - "rt73usb-firmware" - - "xorg-x11-drv-ati-firmware" - - "zd1211-firmware" - # RHBZ#2075815 - - "qemu-guest-agent" - condition: - distro_name: - rhel: - include: - - "insights-client" + os: + - include: + - "@core" + # not in Google's KS + - "langpacks-en" + - "acpid" + - "dhcp-client" + - "dnf-automatic" + - "net-tools" + # - "openssh-server" included in core + - "python3" + - "rng-tools" + - "tar" + - "vim" + # GCE guest tools + - "google-compute-engine" + - "google-osconfig-agent" + - "gce-disk-expand" + # Not explicitly included in GCP kickstart, but present on the image + # for time synchronization + - "chrony" + - "timedatex" + # EFI + - "grub2-tools" + - "grub2-tools-minimal" + # Performance tuning + - "tuned" + exclude: + - "alsa-utils" + - "b43-fwcutter" + - "dmraid" + - "dracut-config-rescue" + - "eject" + - "gpm" + - "irqbalance" + - "microcode_ctl" + - "smartmontools" + - "aic94xx-firmware" + - "atmel-firmware" + - "b43-openfwwf" + - "bfa-firmware" + - "ipw2100-firmware" + - "ipw2200-firmware" + - "ivtv-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl1000-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl3945-firmware" + - "iwl4965-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6000-firmware" + - "iwl6000g2a-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + - "kernel-firmware" + - "libertas-usb8388-firmware" + - "ql2100-firmware" + - "ql2200-firmware" + - "ql23xx-firmware" + - "ql2400-firmware" + - "ql2500-firmware" + - "rt61pci-firmware" + - "rt73usb-firmware" + - "xorg-x11-drv-ati-firmware" + - "zd1211-firmware" + # RHBZ#2075815 + - "qemu-guest-agent" + condition: + distro_name: + rhel: + include: + - "insights-client" - minimal_raw: + "minimal-raw": package_sets: - - include: - - "@core" - - "initial-setup" - - "libxkbcommon" - - "NetworkManager-wifi" - - "iwl7260-firmware" - - "iwl3160-firmware" + os: + - include: + - "@core" + - "initial-setup" + - "libxkbcommon" + - "NetworkManager-wifi" + - "iwl7260-firmware" + - "iwl3160-firmware" openstack: partition_table: <<: *default_partition_tables - partition_tables_override: - <<: *default_partition_tables_override package_sets: - - include: - - "@core" - - "langpacks-en" - - "tuned" - # From the lorax kickstart - - "cloud-init" - - "qemu-guest-agent" - - "spice-vdagent" - exclude: - - "dracut-config-rescue" - - "rng-tools" + os: + - include: + - "@core" + - "langpacks-en" + - "tuned" + # From the lorax kickstart + - "cloud-init" + - "qemu-guest-agent" + - "spice-vdagent" + exclude: + - "dracut-config-rescue" + - "rng-tools" - edge_commit: + "edge-commit": package_sets: - - &edge_commit_pkgset - include: - - "redhat-release" - - "glibc" - - "glibc-minimal-langpack" - - "nss-altfiles" - - "dracut-config-generic" - - "dracut-network" - - "basesystem" - - "bash" - - "platform-python" - - "shadow-utils" - - "chrony" - - "setup" - - "shadow-utils" - - "sudo" - - "systemd" - - "coreutils" - - "util-linux" - - "curl" - - "vim-minimal" - - "rpm" - - "rpm-ostree" - - "polkit" - - "lvm2" - - "cryptsetup" - - "pinentry" - - "e2fsprogs" - - "dosfstools" - - "keyutils" - - "gnupg2" - - "attr" - - "xz" - - "gzip" - - "firewalld" - - "iptables" - - "NetworkManager" - - "NetworkManager-wifi" - - "NetworkManager-wwan" - - "wpa_supplicant" - - "traceroute" - - "hostname" - - "iproute" - - "iputils" - - "openssh-clients" - - "procps-ng" - - "rootfiles" - - "openssh-server" - - "passwd" - - "policycoreutils" - - "policycoreutils-python-utils" - - "selinux-policy-targeted" - - "setools-console" - - "less" - - "tar" - - "rsync" - - "usbguard" - - "bash-completion" - - "tmux" - - "ima-evm-utils" - - "audit" - - "podman" - # required for cni networks but not a hard dependency of podman >= 4.2.0 (rhbz#2123210) - - "containernetworking-plugins" - - "container-selinux" - - "skopeo" - - "criu" - - "slirp4netns" - - "fuse-overlayfs" - - "clevis" - - "clevis-dracut" - - "clevis-luks" - - "greenboot" - - "greenboot-default-health-checks" - - "fdo-client" - - "fdo-owner-cli" - - "sos" - exclude: - - "rng-tools" - - "bootupd" - condition: - architecture: - x86_64: &edge_commit_x86_64_pkgset - include: - - "grub2" - - "grub2-efi-x64" - - "efibootmgr" - - "shim-x64" - - "microcode_ctl" - - "iwl1000-firmware" - - "iwl100-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - aarch64: &edge_commit_aarch64_pkgset - include: - - "grub2-efi-aa64" - - "efibootmgr" - - "shim-aa64" - - "iwl7260-firmware" - distro_name: - centos: - include: - # XXX: duplicated to >= rhel-9.2 - - "ignition" - - "ignition-edge" - - "ssh-key-dir" - version_greater_or_equal: - "9.2": - include: - - "ignition" - - "ignition-edge" - - "ssh-key-dir" - version_less_than: - "9.6": - include: - # dnsmasq removed in 9.6+ but kept in older versions - - "dnsmasq" + os: + - &edge_commit_pkgset + include: + - "redhat-release" + - "glibc" + - "glibc-minimal-langpack" + - "nss-altfiles" + - "dracut-config-generic" + - "dracut-network" + - "basesystem" + - "bash" + - "platform-python" + - "shadow-utils" + - "chrony" + - "setup" + - "shadow-utils" + - "sudo" + - "systemd" + - "coreutils" + - "util-linux" + - "curl" + - "vim-minimal" + - "rpm" + - "rpm-ostree" + - "polkit" + - "lvm2" + - "cryptsetup" + - "pinentry" + - "e2fsprogs" + - "dosfstools" + - "keyutils" + - "gnupg2" + - "attr" + - "xz" + - "gzip" + - "firewalld" + - "iptables" + - "NetworkManager" + - "NetworkManager-wifi" + - "NetworkManager-wwan" + - "wpa_supplicant" + - "traceroute" + - "hostname" + - "iproute" + - "iputils" + - "openssh-clients" + - "procps-ng" + - "rootfiles" + - "openssh-server" + - "passwd" + - "policycoreutils" + - "policycoreutils-python-utils" + - "selinux-policy-targeted" + - "setools-console" + - "less" + - "tar" + - "rsync" + - "usbguard" + - "bash-completion" + - "tmux" + - "ima-evm-utils" + - "audit" + - "podman" + # required for cni networks but not a hard dependency of podman >= 4.2.0 (rhbz#2123210) + - "containernetworking-plugins" + - "container-selinux" + - "skopeo" + - "criu" + - "slirp4netns" + - "fuse-overlayfs" + - "clevis" + - "clevis-dracut" + - "clevis-luks" + - "greenboot" + - "greenboot-default-health-checks" + - "fdo-client" + - "fdo-owner-cli" + - "sos" + exclude: + - "rng-tools" + - "bootupd" + condition: + architecture: + x86_64: &edge_commit_x86_64_pkgset + include: + - "grub2" + - "grub2-efi-x64" + - "efibootmgr" + - "shim-x64" + - "microcode_ctl" + - "iwl1000-firmware" + - "iwl100-firmware" + - "iwl105-firmware" + - "iwl135-firmware" + - "iwl2000-firmware" + - "iwl2030-firmware" + - "iwl3160-firmware" + - "iwl5000-firmware" + - "iwl5150-firmware" + - "iwl6050-firmware" + - "iwl7260-firmware" + aarch64: &edge_commit_aarch64_pkgset + include: + - "grub2-efi-aa64" + - "efibootmgr" + - "shim-aa64" + - "iwl7260-firmware" + distro_name: + centos: + include: + # XXX: duplicated to >= rhel-9.2 + - "ignition" + - "ignition-edge" + - "ssh-key-dir" + version_greater_or_equal: + "9.2": + include: + - "ignition" + - "ignition-edge" + - "ssh-key-dir" + version_less_than: + "9.6": + include: + # dnsmasq removed in 9.6+ but kept in older versions + - "dnsmasq" - edge_container: + "edge-container": package_sets: - - *edge_commit_pkgset + os: + - *edge_commit_pkgset # XXX: not a real pkgset but the "containerPkgsKey" - edge_container_pipeline_pkgset: + "edge-container-pipeline-pkgset": package_sets: - - include: - - "nginx" + os: + - include: + - "nginx" - edge_installer: + "edge-installer": package_sets: - - *installer_pkgset - - *anaconda_pkgset + installer: + - *installer_pkgset + - *anaconda_pkgset - edge_simplified_installer: + "edge-simplified-installer": package_sets: - - *installer_pkgset - - include: - - "attr" - - "basesystem" - - "binutils" - - "bsdtar" - - "clevis-dracut" - - "clevis-luks" - - "cloud-utils-growpart" - - "coreos-installer" - - "coreos-installer-dracut" - - "coreutils" - - "device-mapper-multipath" - - "dnsmasq" - - "dosfstools" - - "dracut-live" - - "e2fsprogs" - - "fcoe-utils" - - "fdo-init" - - "gzip" - - "ima-evm-utils" - - "iproute" - - "iptables" - - "iputils" - - "iscsi-initiator-utils" - - "keyutils" - - "lldpad" - - "lvm2" - - "passwd" - - "policycoreutils" - - "policycoreutils-python-utils" - - "procps-ng" - - "redhat-logos" - - "rootfiles" - - "setools-console" - - "sudo" - - "traceroute" - - "util-linux" - condition: - architecture: - x86_64: - *edge_commit_x86_64_pkgset - aarch64: - *edge_commit_aarch64_pkgset + installer: + - *installer_pkgset + - include: + - "attr" + - "basesystem" + - "binutils" + - "bsdtar" + - "clevis-dracut" + - "clevis-luks" + - "cloud-utils-growpart" + - "coreos-installer" + - "coreos-installer-dracut" + - "coreutils" + - "device-mapper-multipath" + - "dnsmasq" + - "dosfstools" + - "dracut-live" + - "e2fsprogs" + - "fcoe-utils" + - "fdo-init" + - "gzip" + - "ima-evm-utils" + - "iproute" + - "iptables" + - "iputils" + - "iscsi-initiator-utils" + - "keyutils" + - "lldpad" + - "lvm2" + - "passwd" + - "policycoreutils" + - "policycoreutils-python-utils" + - "procps-ng" + - "redhat-logos" + - "rootfiles" + - "setools-console" + - "sudo" + - "traceroute" + - "util-linux" + condition: + architecture: + x86_64: + *edge_commit_x86_64_pkgset + aarch64: + *edge_commit_aarch64_pkgset diff --git a/vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go b/vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go index 88b71c861..10ddaa279 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go +++ b/vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go @@ -7,16 +7,11 @@ import ( "strconv" "github.com/osbuild/images/internal/common" - "github.com/osbuild/images/internal/environment" "github.com/osbuild/images/pkg/arch" - "github.com/osbuild/images/pkg/customizations/fsnode" "github.com/osbuild/images/pkg/customizations/oscap" - "github.com/osbuild/images/pkg/datasizes" "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/defs" - "github.com/osbuild/images/pkg/osbuild" "github.com/osbuild/images/pkg/platform" - "github.com/osbuild/images/pkg/rpmmd" "github.com/osbuild/images/pkg/runner" ) @@ -42,456 +37,8 @@ var ( oscap.PciDss, oscap.Standard, } - - // Default directory size minimums for all image types. - requiredDirectorySizes = map[string]uint64{ - "/": 1 * datasizes.GiB, - "/usr": 2 * datasizes.GiB, - } ) -// kernel command line arguments -// NOTE: we define them as functions to make sure they globals are never -// modified - -// Default kernel command line -func defaultKernelOptions() []string { return []string{"ro"} } - -// Added kernel command line options for ami, qcow2, openstack, vhd and vmdk types -func cloudKernelOptions() []string { - return []string{"ro", "no_timer_check", "console=ttyS0,115200n8", "biosdevname=0", "net.ifnames=0"} -} - -// Added kernel command line options for iot-raw-image and iot-qcow2-image types -func ostreeDeploymentKernelOptions() []string { - return []string{"modprobe.blacklist=vc4", "rw", "coreos.no_persist_ip"} -} - -// Image Definitions -func mkImageInstallerImgType(d distribution) imageType { - return imageType{ - name: "minimal-installer", - nameAliases: []string{"image-installer", "fedora-image-installer"}, - filename: "installer.iso", - mimeType: "application/x-iso9660-image", - packageSets: map[string]packageSetFunc{ - osPkgsKey: func(t *imageType) (rpmmd.PackageSet, error) { - // use the minimal raw image type for the OS package set - return defs.PackageSet(t, "minimal-raw-xz", VersionReplacements()) - }, - installerPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - Locale: common.ToPtr("en_US.UTF-8"), - }, - bootable: true, - bootISO: true, - rpmOstree: false, - image: imageInstallerImage, - // We don't know the variant of the OS pipeline being installed - isoLabel: getISOLabelFunc("Unknown"), - buildPipelines: []string{"build"}, - payloadPipelines: []string{"anaconda-tree", "efiboot-tree", "os", "bootiso-tree", "bootiso"}, - exports: []string{"bootiso"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkLiveInstallerImgType(d distribution) imageType { - return imageType{ - name: "workstation-live-installer", - nameAliases: []string{"live-installer"}, - filename: "live-installer.iso", - mimeType: "application/x-iso9660-image", - packageSets: map[string]packageSetFunc{ - installerPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - Locale: common.ToPtr("en_US.UTF-8"), - }, - bootable: true, - bootISO: true, - rpmOstree: false, - image: liveInstallerImage, - isoLabel: getISOLabelFunc("Workstation"), - buildPipelines: []string{"build"}, - payloadPipelines: []string{"anaconda-tree", "efiboot-tree", "bootiso-tree", "bootiso"}, - exports: []string{"bootiso"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotCommitImgType(d distribution) imageType { - return imageType{ - name: "iot-commit", - nameAliases: []string{"fedora-iot-commit"}, - filename: "commit.tar", - mimeType: "application/x-tar", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - EnabledServices: iotServicesForVersion(&d), - DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions}, - MachineIdUninitialized: common.ToPtr(false), - }, - rpmOstree: true, - image: iotCommitImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "ostree-commit", "commit-archive"}, - exports: []string{"commit-archive"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotBootableContainer(d distribution) imageType { - return imageType{ - name: "iot-bootable-container", - filename: "iot-bootable-container.tar", - mimeType: "application/x-tar", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - MachineIdUninitialized: common.ToPtr(false), - }, - rpmOstree: true, - image: bootableContainerImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "ostree-commit", "ostree-encapsulate"}, - exports: []string{"ostree-encapsulate"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotOCIImgType(d distribution) imageType { - return imageType{ - name: "iot-container", - nameAliases: []string{"fedora-iot-container"}, - filename: "container.tar", - mimeType: "application/x-tar", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - containerPkgsKey: func(t *imageType) (rpmmd.PackageSet, error) { - return rpmmd.PackageSet{}, nil - }, - }, - defaultImageConfig: &distro.ImageConfig{ - EnabledServices: iotServicesForVersion(&d), - DracutConf: []*osbuild.DracutConfStageOptions{osbuild.FIPSDracutConfStageOptions}, - MachineIdUninitialized: common.ToPtr(false), - }, - rpmOstree: true, - bootISO: false, - image: iotContainerImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "ostree-commit", "container-tree", "container"}, - exports: []string{"container"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotInstallerImgType(d distribution) imageType { - return imageType{ - name: "iot-installer", - nameAliases: []string{"fedora-iot-installer"}, - filename: "installer.iso", - mimeType: "application/x-iso9660-image", - packageSets: map[string]packageSetFunc{ - installerPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - EnabledServices: iotServicesForVersion(&d), - Locale: common.ToPtr("en_US.UTF-8"), - }, - rpmOstree: true, - bootISO: true, - image: iotInstallerImage, - isoLabel: getISOLabelFunc("IoT"), - buildPipelines: []string{"build"}, - payloadPipelines: []string{"anaconda-tree", "efiboot-tree", "bootiso-tree", "bootiso"}, - exports: []string{"bootiso"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotSimplifiedInstallerImgType(d distribution) imageType { - return imageType{ - name: "iot-simplified-installer", - filename: "simplified-installer.iso", - mimeType: "application/x-iso9660-image", - packageSets: map[string]packageSetFunc{ - installerPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - EnabledServices: iotServicesForVersion(&d), - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - }, - Locale: common.ToPtr("C.UTF-8"), - OSTreeConfSysrootReadOnly: common.ToPtr(true), - LockRootUser: common.ToPtr(true), - IgnitionPlatform: common.ToPtr("metal"), - KernelOptions: ostreeDeploymentKernelOptions(), - }, - defaultSize: 10 * datasizes.GibiByte, - rpmOstree: true, - bootable: true, - bootISO: true, - image: iotSimplifiedInstallerImage, - isoLabel: getISOLabelFunc("IoT"), - buildPipelines: []string{"build"}, - payloadPipelines: []string{"ostree-deployment", "image", "xz", "coi-tree", "efiboot-tree", "bootiso-tree", "bootiso"}, - exports: []string{"bootiso"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkIotRawImgType(d distribution) imageType { - return imageType{ - name: "iot-raw-xz", - nameAliases: []string{"iot-raw-image", "fedora-iot-raw-image"}, - filename: "image.raw.xz", - compression: "xz", - mimeType: "application/xz", - packageSets: map[string]packageSetFunc{}, - defaultImageConfig: &distro.ImageConfig{ - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - }, - Locale: common.ToPtr("C.UTF-8"), - OSTreeConfSysrootReadOnly: common.ToPtr(true), - LockRootUser: common.ToPtr(true), - IgnitionPlatform: common.ToPtr("metal"), - KernelOptions: ostreeDeploymentKernelOptions(), - }, - defaultSize: 4 * datasizes.GibiByte, - rpmOstree: true, - bootable: true, - image: iotImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"ostree-deployment", "image", "xz"}, - exports: []string{"xz"}, - - // Passing an empty map into the required partition sizes disables the - // default partition sizes normally set so our `basePartitionTables` can - // override them (and make them smaller, in this case). - requiredPartitionSizes: map[string]uint64{}, - } -} - -func mkIotQcow2ImgType(d distribution) imageType { - return imageType{ - name: "iot-qcow2", - nameAliases: []string{"iot-qcow2-image"}, // kept for backwards compatibility - filename: "image.qcow2", - mimeType: "application/x-qemu-disk", - packageSets: map[string]packageSetFunc{}, - defaultImageConfig: &distro.ImageConfig{ - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - }, - Locale: common.ToPtr("C.UTF-8"), - OSTreeConfSysrootReadOnly: common.ToPtr(true), - LockRootUser: common.ToPtr(true), - IgnitionPlatform: common.ToPtr("qemu"), - KernelOptions: ostreeDeploymentKernelOptions(), - }, - defaultSize: 10 * datasizes.GibiByte, - rpmOstree: true, - bootable: true, - image: iotImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"ostree-deployment", "image", "qcow2"}, - exports: []string{"qcow2"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkQcow2ImgType(d distribution) imageType { - return imageType{ - name: "server-qcow2", - nameAliases: []string{"qcow2"}, // kept for backwards compatibility - filename: "disk.qcow2", - mimeType: "application/x-qemu-disk", - environment: &environment.KVM{}, - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - DefaultTarget: common.ToPtr("multi-user.target"), - KernelOptions: cloudKernelOptions(), - }, - bootable: true, - defaultSize: 5 * datasizes.GibiByte, - image: diskImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "qcow2"}, - exports: []string{"qcow2"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -var ( - vmdkDefaultImageConfig = &distro.ImageConfig{ - Locale: common.ToPtr("en_US.UTF-8"), - EnabledServices: []string{ - "cloud-init.service", - "cloud-config.service", - "cloud-final.service", - "cloud-init-local.service", - }, - KernelOptions: cloudKernelOptions(), - } -) - -func mkVmdkImgType(d distribution) imageType { - return imageType{ - name: "server-vmdk", - nameAliases: []string{"vmdk"}, // kept for backwards compatibility - filename: "disk.vmdk", - mimeType: "application/x-vmdk", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: vmdkDefaultImageConfig, - bootable: true, - defaultSize: 2 * datasizes.GibiByte, - image: diskImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "vmdk"}, - exports: []string{"vmdk"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkOvaImgType(d distribution) imageType { - return imageType{ - name: "server-ova", - nameAliases: []string{"ova"}, // kept for backwards compatibility - filename: "image.ova", - mimeType: "application/ovf", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: vmdkDefaultImageConfig, - bootable: true, - defaultSize: 2 * datasizes.GibiByte, - image: diskImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "vmdk", "ovf", "archive"}, - exports: []string{"archive"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkContainerImgType(d distribution) imageType { - return imageType{ - name: "container", - filename: "container.tar", - mimeType: "application/x-tar", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - NoSElinux: common.ToPtr(true), - ExcludeDocs: common.ToPtr(true), - Locale: common.ToPtr("C.UTF-8"), - Timezone: common.ToPtr("Etc/UTC"), - }, - image: containerImage, - bootable: false, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "container"}, - exports: []string{"container"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkWslImgType(d distribution) imageType { - return imageType{ - name: "wsl", - nameAliases: []string{"server-wsl"}, // this is the eventual name, and `wsl` the alias but we've been having issues with CI renaming it - filename: "wsl.tar", - mimeType: "application/x-tar", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - CloudInit: []*osbuild.CloudInitStageOptions{ - { - Filename: "99_wsl.cfg", - Config: osbuild.CloudInitConfigFile{ - DatasourceList: []string{ - "WSL", - "None", - }, - Network: &osbuild.CloudInitConfigNetwork{ - Config: "disabled", - }, - }, - }, - }, - NoSElinux: common.ToPtr(true), - ExcludeDocs: common.ToPtr(true), - Locale: common.ToPtr("C.UTF-8"), - Timezone: common.ToPtr("Etc/UTC"), - WSLConfig: &distro.WSLConfig{ - BootSystemd: true, - }, - }, - image: containerImage, - bootable: false, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "container"}, - exports: []string{"container"}, - requiredPartitionSizes: requiredDirectorySizes, - } -} - -func mkMinimalRawImgType(d distribution) imageType { - it := imageType{ - name: "minimal-raw-xz", - nameAliases: []string{"minimal-raw"}, // kept for backwards compatibility - filename: "disk.raw.xz", - compression: "xz", - mimeType: "application/xz", - packageSets: map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, - }, - defaultImageConfig: &distro.ImageConfig{ - EnabledServices: minimalServicesForVersion(&d), - // NOTE: temporary workaround for a bug in initial-setup that - // requires a kickstart file in the root directory. - Files: []*fsnode.File{initialSetupKickstart()}, - Grub2Config: &osbuild.GRUB2Config{ - // Overwrite the default Grub2 timeout value. - Timeout: 5, - }, - InstallWeakDeps: common.ToPtr(common.VersionLessThan(d.osVersion, VERSION_MINIMAL_WEAKDEPS)), - KernelOptions: defaultKernelOptions(), - }, - rpmOstree: false, - bootable: true, - defaultSize: 2 * datasizes.GibiByte, - image: diskImage, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "xz"}, - exports: []string{"xz"}, - requiredPartitionSizes: requiredDirectorySizes, - } - if common.VersionGreaterThanOrEqual(d.osVersion, "43") { - // from Fedora 43 onward, we stop writing /etc/fstab and start using - // mount units only - it.defaultImageConfig.MountUnits = common.ToPtr(true) - - // when using systemd mount units we also want them to be mounted rw - // while the default options are not - it.defaultImageConfig.KernelOptions = []string{"rw"} - } - return it -} - type distribution struct { name string product string @@ -504,18 +51,6 @@ type distribution struct { defaultImageConfig *distro.ImageConfig } -func defaultDistroInstallerConfig(d *distribution) *distro.InstallerConfig { - config := distro.InstallerConfig{} - // In Fedora 42 the ifcfg module was replaced by net-lib. - if common.VersionLessThan(d.osVersion, "42") { - config.AdditionalDracutModules = append(config.AdditionalDracutModules, "ifcfg") - } else { - config.AdditionalDracutModules = append(config.AdditionalDracutModules, "net-lib") - } - - return &config -} - func getISOLabelFunc(variant string) isoLabelFunc { const ISO_LABEL = "%s-%s-%s-%s" @@ -667,7 +202,7 @@ func (a *architecture) Distro() distro.Distro { func newDistro(version int) distro.Distro { rd := getDistro(version) - // Architecture definitions + // XXX: generate architecture automatically from the imgType yaml x86_64 := architecture{ name: arch.ARCH_X86_64.String(), distro: &rd, @@ -693,448 +228,36 @@ func newDistro(version int) distro.Distro { distro: &rd, } - qcow2ImgType := mkQcow2ImgType(rd) - - ociImgType := qcow2ImgType - ociImgType.name = "server-oci" - ociImgType.nameAliases = []string{"oci"} // kept for backwards compatibility - - amiImgType := qcow2ImgType - amiImgType.name = "server-ami" - amiImgType.nameAliases = []string{"ami"} // kept for backwards compatibility - amiImgType.filename = "image.raw" - amiImgType.mimeType = "application/octet-stream" - amiImgType.payloadPipelines = []string{"os", "image"} - amiImgType.exports = []string{"image"} - amiImgType.environment = &environment.EC2{} - - openstackImgType := qcow2ImgType - openstackImgType.name = "server-openstack" - openstackImgType.nameAliases = []string{"openstack"} // kept for backwards compatibility - - vhdImgType := qcow2ImgType - vhdImgType.name = "server-vhd" - vhdImgType.nameAliases = []string{"vhd"} // kept for backwards compatibility - vhdImgType.filename = "disk.vhd" - vhdImgType.mimeType = "application/x-vhd" - vhdImgType.payloadPipelines = []string{"os", "image", "vpc"} - vhdImgType.exports = []string{"vpc"} - vhdImgType.environment = &environment.Azure{} - vhdImgType.packageSets = map[string]packageSetFunc{ - osPkgsKey: packageSetLoader, + // XXX: move all image types should to YAML + its, err := defs.ImageTypes(rd.name) + if err != nil { + panic(err) } - vhdConfig := distro.ImageConfig{ - SshdConfig: &osbuild.SshdConfigStageOptions{ - Config: osbuild.SshdConfigConfig{ - ClientAliveInterval: common.ToPtr(120), - }, - }, + for _, imgTypeYAML := range its { + // use as marker for images that are not converted to + // YAML yet + if imgTypeYAML.Filename == "" { + continue + } + it := newImageTypeFrom(rd, imgTypeYAML) + for _, pl := range imgTypeYAML.Platforms { + switch pl.Arch { + case arch.ARCH_X86_64: + x86_64.addImageTypes(&pl, it) + case arch.ARCH_AARCH64: + aarch64.addImageTypes(&pl, it) + case arch.ARCH_PPC64LE: + ppc64le.addImageTypes(&pl, it) + case arch.ARCH_S390X: + s390x.addImageTypes(&pl, it) + case arch.ARCH_RISCV64: + riscv64.addImageTypes(&pl, it) + default: + err := fmt.Errorf("unsupported arch: %v", pl.Arch) + panic(err) + } + } } - vhdImgType.defaultImageConfig = vhdConfig.InheritFrom(qcow2ImgType.defaultImageConfig) - - minimalrawZstdImgType := mkMinimalRawImgType(rd) - minimalrawZstdImgType.name = "minimal-raw-zst" - minimalrawZstdImgType.nameAliases = []string{} - minimalrawZstdImgType.filename = "disk.raw.zst" - minimalrawZstdImgType.mimeType = "application/zstd" - minimalrawZstdImgType.compression = "zstd" - minimalrawZstdImgType.payloadPipelines = []string{"os", "image", "zstd"} - minimalrawZstdImgType.exports = []string{"zstd"} - - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - qcow2ImgType, - ociImgType, - ) - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - }, - }, - openstackImgType, - ) - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_VHD, - }, - }, - vhdImgType, - ) - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_VMDK, - }, - }, - mkVmdkImgType(rd), - ) - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_OVA, - }, - }, - mkOvaImgType(rd), - ) - x86_64.addImageTypes( - &platform.X86{ - BIOS: true, - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - }, - amiImgType, - ) - x86_64.addImageTypes( - &platform.X86{}, - mkContainerImgType(rd), - mkWslImgType(rd), - ) - - // add distro installer configuration to all installer types - distroInstallerConfig := defaultDistroInstallerConfig(&rd) - - liveInstallerImgType := mkLiveInstallerImgType(rd) - liveInstallerImgType.defaultInstallerConfig = distroInstallerConfig - - imageInstallerImgType := mkImageInstallerImgType(rd) - imageInstallerImgType.defaultInstallerConfig = distroInstallerConfig - - iotInstallerImgType := mkIotInstallerImgType(rd) - iotInstallerImgType.defaultInstallerConfig = distroInstallerConfig - - x86_64.addImageTypes( - &platform.X86{ - BasePlatform: platform.BasePlatform{ - FirmwarePackages: []string{ - "biosdevname", - "iwlwifi-dvm-firmware", - "iwlwifi-mvm-firmware", - "microcode_ctl", - }, - }, - BIOS: true, - UEFIVendor: "fedora", - }, - mkIotOCIImgType(rd), - mkIotCommitImgType(rd), - iotInstallerImgType, - imageInstallerImgType, - liveInstallerImgType, - ) - x86_64.addImageTypes( - &platform.X86{ - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - BIOS: false, - UEFIVendor: "fedora", - }, - mkIotRawImgType(rd), - ) - x86_64.addImageTypes( - &platform.X86{ - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - }, - BIOS: false, - UEFIVendor: "fedora", - }, - mkIotQcow2ImgType(rd), - ) - aarch64.addImageTypes( - &platform.Aarch64{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - }, - amiImgType, - ) - aarch64.addImageTypes( - &platform.Aarch64{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - mkIotQcow2ImgType(rd), - ociImgType, - qcow2ImgType, - ) - aarch64.addImageTypes( - &platform.Aarch64{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - }, - }, - openstackImgType, - ) - aarch64.addImageTypes( - &platform.Aarch64{}, - mkContainerImgType(rd), - ) - aarch64.addImageTypes( - &platform.Aarch64{ - BasePlatform: platform.BasePlatform{ - FirmwarePackages: []string{ - "arm-image-installer", - "bcm283x-firmware", - "brcmfmac-firmware", - "iwlwifi-mvm-firmware", - "realtek-firmware", - "uboot-images-armv8", - }, - }, - UEFIVendor: "fedora", - }, - imageInstallerImgType, - mkIotCommitImgType(rd), - iotInstallerImgType, - mkIotOCIImgType(rd), - liveInstallerImgType, - ) - aarch64.addImageTypes( - &platform.Aarch64_Fedora{ - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - UEFIVendor: "fedora", - BootFiles: [][2]string{ - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-2-b.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-3-b-plus.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-3-b.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-cm3.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-zero-2-w.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2710-rpi-zero-2.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2711-rpi-4-b.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2711-rpi-400.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2711-rpi-cm4.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bcm2711-rpi-cm4s.dtb", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/bootcode.bin", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/config.txt", "/boot/efi/config.txt"}, - {"/usr/lib/ostree-boot/efi/fixup.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup4.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup4cd.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup4db.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup4x.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup_cd.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup_db.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/fixup_x.dat", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/overlays", "/boot/efi/"}, - {"/usr/share/uboot/rpi_arm64/u-boot.bin", "/boot/efi/rpi-u-boot.bin"}, - {"/usr/lib/ostree-boot/efi/start.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start4.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start4cd.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start4db.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start4x.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start_cd.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start_db.elf", "/boot/efi/"}, - {"/usr/lib/ostree-boot/efi/start_x.elf", "/boot/efi/"}, - }, - }, - mkIotRawImgType(rd), - ) - x86_64.addImageTypes( - &platform.X86{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - }, - mkMinimalRawImgType(rd), - minimalrawZstdImgType, - ) - aarch64.addImageTypes( - &platform.Aarch64_Fedora{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - FirmwarePackages: []string{ - "arm-image-installer", - "bcm283x-firmware", - "uboot-images-armv8", - }, - }, - BootFiles: [][2]string{ - {"/usr/share/uboot/rpi_arm64/u-boot.bin", "/boot/efi/rpi-u-boot.bin"}, - }, - }, - mkMinimalRawImgType(rd), - minimalrawZstdImgType, - ) - - iotSimplifiedInstallerImgType := mkIotSimplifiedInstallerImgType(rd) - iotSimplifiedInstallerImgType.defaultInstallerConfig = distroInstallerConfig - - x86_64.addImageTypes( - &platform.X86{ - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - FirmwarePackages: []string{ - "grub2-efi-x64", - "grub2-efi-x64-cdboot", - "grub2-tools", - "grub2-tools-minimal", - "efibootmgr", - "shim-x64", - "brcmfmac-firmware", - "iwlwifi-dvm-firmware", - "iwlwifi-mvm-firmware", - "realtek-firmware", - "microcode_ctl", - }, - }, - BIOS: false, - UEFIVendor: "fedora", - }, - iotSimplifiedInstallerImgType, - ) - - aarch64.addImageTypes( - &platform.Aarch64{ - BasePlatform: platform.BasePlatform{ - FirmwarePackages: []string{ - "arm-image-installer", - "bcm283x-firmware", - "grub2-efi-aa64", - "grub2-efi-aa64-cdboot", - "grub2-tools", - "grub2-tools-minimal", - "efibootmgr", - "shim-aa64", - "brcmfmac-firmware", - "iwlwifi-dvm-firmware", - "iwlwifi-mvm-firmware", - "realtek-firmware", - "uboot-images-armv8", - }, - }, - UEFIVendor: "fedora", - }, - iotSimplifiedInstallerImgType, - ) - - x86_64.addImageTypes( - &platform.X86{ - BasePlatform: platform.BasePlatform{ - FirmwarePackages: []string{ - "biosdevname", - "iwlwifi-dvm-firmware", - "iwlwifi-mvm-firmware", - "microcode_ctl", - }, - }, - BIOS: true, - UEFIVendor: "fedora", - }, - mkIotBootableContainer(rd), - ) - aarch64.addImageTypes( - &platform.Aarch64{ - BasePlatform: platform.BasePlatform{ - FirmwarePackages: []string{ - "arm-image-installer", - "bcm283x-firmware", - "brcmfmac-firmware", - "iwlwifi-mvm-firmware", - "realtek-firmware", - "uboot-images-armv8", - }, - }, - UEFIVendor: "fedora", - }, - mkIotBootableContainer(rd), - ) - - ppc64le.addImageTypes( - &platform.PPC64LE{ - BIOS: true, - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - mkIotBootableContainer(rd), - ) - - s390x.addImageTypes( - &platform.S390X{ - Zipl: true, - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - mkIotBootableContainer(rd), - ) - - ppc64le.addImageTypes( - &platform.PPC64LE{ - BIOS: true, - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - qcow2ImgType, - ) - ppc64le.addImageTypes( - &platform.PPC64LE{}, - mkContainerImgType(rd), - ) - - s390x.addImageTypes( - &platform.S390X{ - Zipl: true, - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_QCOW2, - QCOW2Compat: "1.1", - }, - }, - qcow2ImgType, - ) - s390x.addImageTypes( - &platform.S390X{}, - mkContainerImgType(rd), - ) - - // XXX: there is no "qcow2" for riscv64 yet because there is - // no "@Fedora Cloud Server" group - riscv64.addImageTypes( - &platform.RISCV64{}, - mkContainerImgType(rd), - ) - riscv64.addImageTypes( - &platform.RISCV64{ - UEFIVendor: "fedora", - BasePlatform: platform.BasePlatform{ - ImageFormat: platform.FORMAT_RAW, - }, - }, - mkMinimalRawImgType(rd), - minimalrawZstdImgType, - ) rd.addArches(x86_64, aarch64, ppc64le, s390x, riscv64) return &rd @@ -1165,44 +288,3 @@ func DistroFactory(idStr string) distro.Distro { return newDistro(id.MajorVersion) } - -func iotServicesForVersion(d *distribution) []string { - services := []string{ - "NetworkManager.service", - "firewalld.service", - "sshd.service", - "greenboot-grub2-set-counter", - "greenboot-grub2-set-success", - "greenboot-healthcheck", - "greenboot-rpm-ostree-grub2-check-fallback", - "greenboot-status", - "greenboot-task-runner", - "redboot-auto-reboot", - "redboot-task-runner", - } - - if common.VersionLessThan(d.osVersion, "42") { - services = append(services, []string{ - "zezere_ignition.timer", - "zezere_ignition_banner.service", - "parsec", - "dbus-parsec", - }...) - } - - return services -} - -func minimalServicesForVersion(d *distribution) []string { - services := []string{ - "NetworkManager.service", - "initial-setup.service", - "sshd.service", - } - - if common.VersionLessThan(d.osVersion, "43") { - services = append(services, []string{"firewalld.service"}...) - } - - return services -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/fedora/images.go b/vendor/github.com/osbuild/images/pkg/distro/fedora/images.go index 480a8283e..537a3051d 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/fedora/images.go +++ b/vendor/github.com/osbuild/images/pkg/distro/fedora/images.go @@ -368,6 +368,31 @@ func diskImage(workload workload.Workload, return img, nil } +func tarImage(workload workload.Workload, + t *imageType, + bp *blueprint.Blueprint, + options distro.ImageOptions, + packageSets map[string]rpmmd.PackageSet, + containers []container.SourceSpec, + rng *rand.Rand) (image.ImageKind, error) { + img := image.NewArchive() + + img.Platform = t.platform + + var err error + img.OSCustomizations, err = osCustomizations(t, packageSets[osPkgsKey], containers, bp.Customizations) + if err != nil { + return nil, err + } + + img.Environment = t.environment + img.Workload = workload + + img.Filename = t.Filename() + + return img, nil +} + func containerImage(workload workload.Workload, t *imageType, bp *blueprint.Blueprint, @@ -423,10 +448,6 @@ func liveInstallerImage(workload workload.Workload, img.Filename = t.Filename() - if common.VersionGreaterThanOrEqual(img.OSVersion, VERSION_ROOTFS_SQUASHFS) { - img.RootfsType = manifest.SquashfsRootfs - } - // Enable grub2 BIOS iso on x86_64 only if img.Platform.GetArch() == arch.ARCH_X86_64 { img.ISOBoot = manifest.Grub2ISOBoot @@ -446,6 +467,11 @@ func liveInstallerImage(workload workload.Workload, img.AdditionalDrivers = append(img.AdditionalDrivers, installerConfig.AdditionalDrivers...) } + imgConfig := t.getDefaultImageConfig() + if imgConfig != nil && imgConfig.IsoRootfsType != nil { + img.RootfsType = *imgConfig.IsoRootfsType + } + return img, nil } @@ -493,6 +519,7 @@ func imageInstallerImage(workload workload.Workload, img.AdditionalAnacondaModules = append(img.AdditionalAnacondaModules, instCust.Modules.Enable...) img.DisabledAnacondaModules = append(img.DisabledAnacondaModules, instCust.Modules.Disable...) } + img.AdditionalAnacondaModules = append(img.AdditionalAnacondaModules, anaconda.ModuleUsers) img.Platform = t.platform img.Workload = workload @@ -532,8 +559,9 @@ func imageInstallerImage(workload workload.Workload, img.Filename = t.Filename() img.RootfsCompression = "xz" // This also triggers using the bcj filter - if common.VersionGreaterThanOrEqual(img.OSVersion, VERSION_ROOTFS_SQUASHFS) { - img.RootfsType = manifest.SquashfsRootfs + imgConfig := t.getDefaultImageConfig() + if imgConfig != nil && imgConfig.IsoRootfsType != nil { + img.RootfsType = *imgConfig.IsoRootfsType } // Enable grub2 BIOS iso on x86_64 only @@ -751,8 +779,9 @@ func iotInstallerImage(workload workload.Workload, img.Filename = t.Filename() img.RootfsCompression = "xz" // This also triggers using the bcj filter - if common.VersionGreaterThanOrEqual(img.OSVersion, VERSION_ROOTFS_SQUASHFS) { - img.RootfsType = manifest.SquashfsRootfs + imgConfig := t.getDefaultImageConfig() + if imgConfig != nil && imgConfig.IsoRootfsType != nil { + img.RootfsType = *imgConfig.IsoRootfsType } // Enable grub2 BIOS iso on x86_64 only @@ -946,13 +975,3 @@ func makeOSTreePayloadCommit(options *ostree.ImageOptions, defaultRef string) (o RHSM: options.RHSM, }, nil } - -// initialSetupKickstart returns the File configuration for a kickstart file -// that's required to enable initial-setup to run on first boot. -func initialSetupKickstart() *fsnode.File { - file, err := fsnode.NewFile("/root/anaconda-ks.cfg", nil, "root", "root", []byte("# Run initial-setup on first boot\n# Created by osbuild\nfirstboot --reconfig\n")) - if err != nil { - panic(err) - } - return file -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go b/vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go index 71d211b5f..4a59c2f7e 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go +++ b/vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go @@ -28,7 +28,7 @@ import ( type imageFunc func(workload workload.Workload, t *imageType, bp *blueprint.Blueprint, options distro.ImageOptions, packageSets map[string]rpmmd.PackageSet, containers []container.SourceSpec, rng *rand.Rand) (image.ImageKind, error) -type packageSetFunc func(t *imageType) (rpmmd.PackageSet, error) +type packageSetFunc func(t *imageType) (map[string]rpmmd.PackageSet, error) type isoLabelFunc func(t *imageType) string @@ -42,7 +42,7 @@ type imageType struct { filename string compression string mimeType string - packageSets map[string]packageSetFunc + packageSets packageSetFunc defaultImageConfig *distro.ImageConfig defaultInstallerConfig *distro.InstallerConfig defaultSize uint64 @@ -237,12 +237,12 @@ func (t *imageType) Manifest(bp *blueprint.Blueprint, staticPackageSets := make(map[string]rpmmd.PackageSet) // don't add any static packages if Minimal was selected - if !bp.Minimal { - for name, getter := range t.packageSets { - pkgSet, err := getter(t) - if err != nil { - return nil, nil, err - } + if !bp.Minimal && t.packageSets != nil { + pkgSets, err := t.packageSets(t) + if err != nil { + return nil, nil, err + } + for name, pkgSet := range pkgSets { staticPackageSets[name] = pkgSet } } diff --git a/vendor/github.com/osbuild/images/pkg/distro/fedora/package_sets.go b/vendor/github.com/osbuild/images/pkg/distro/fedora/package_sets.go index a6ddcf97d..0fe3e6e6b 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/fedora/package_sets.go +++ b/vendor/github.com/osbuild/images/pkg/distro/fedora/package_sets.go @@ -1,10 +1,80 @@ package fedora import ( + "fmt" + + "github.com/osbuild/images/internal/common" + "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/rpmmd" ) -func packageSetLoader(t *imageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "", VersionReplacements()) +func packageSetLoader(t *imageType) (map[string]rpmmd.PackageSet, error) { + return defs.PackageSets(t, VersionReplacements()) +} + +func imageConfig(d distribution, imageType string) *distro.ImageConfig { + // arch is currently not used in fedora + arch := "" + return common.Must(defs.ImageConfig(d.name, arch, imageType, VersionReplacements())) +} + +func installerConfig(d distribution, imageType string) *distro.InstallerConfig { + // arch is currently not used in fedora + arch := "" + return common.Must(defs.InstallerConfig(d.name, arch, imageType, VersionReplacements())) +} + +func newImageTypeFrom(d distribution, imgYAML defs.ImageTypeYAML) imageType { + it := imageType{ + name: imgYAML.Name(), + nameAliases: imgYAML.NameAliases, + filename: imgYAML.Filename, + compression: imgYAML.Compression, + mimeType: imgYAML.MimeType, + bootable: imgYAML.Bootable, + bootISO: imgYAML.BootISO, + rpmOstree: imgYAML.RPMOSTree, + isoLabel: getISOLabelFunc(imgYAML.ISOLabel), + defaultSize: imgYAML.DefaultSize, + buildPipelines: imgYAML.BuildPipelines, + payloadPipelines: imgYAML.PayloadPipelines, + exports: imgYAML.Exports, + requiredPartitionSizes: imgYAML.RequiredPartitionSizes, + environment: &imgYAML.Environment, + } + // XXX: make this a helper on imgYAML() + it.defaultImageConfig = imageConfig(d, imgYAML.Name()) + it.defaultInstallerConfig = installerConfig(d, imgYAML.Name()) + it.packageSets = packageSetLoader + + switch imgYAML.Image { + case "disk": + it.image = diskImage + case "container": + it.image = containerImage + case "image_installer": + it.image = imageInstallerImage + case "live_installer": + it.image = liveInstallerImage + case "bootable_container": + it.image = bootableContainerImage + case "iot": + it.image = iotImage + case "iot_commit": + it.image = iotCommitImage + case "iot_container": + it.image = iotContainerImage + case "iot_installer": + it.image = iotInstallerImage + case "iot_simplified_installer": + it.image = iotSimplifiedInstallerImage + case "tar": + it.image = tarImage + default: + err := fmt.Errorf("unknown image func: %v for %v", imgYAML.Image, imgYAML.Name()) + panic(err) + } + + return it } diff --git a/vendor/github.com/osbuild/images/pkg/distro/fedora/version.go b/vendor/github.com/osbuild/images/pkg/distro/fedora/version.go index cb4b46a0e..b87426260 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/fedora/version.go +++ b/vendor/github.com/osbuild/images/pkg/distro/fedora/version.go @@ -3,21 +3,13 @@ package fedora const VERSION_BRANCHED = "43" const VERSION_RAWHIDE = "43" -// Fedora version 41 and later use a plain squashfs rootfs on the iso instead of -// compressing an ext4 filesystem. -const VERSION_ROOTFS_SQUASHFS = "41" - // Fedora 43 and later we reset the machine-id file to align ourselves with the // other Fedora variants. const VERSION_FIRSTBOOT = "43" -// Version at which we stop installing weak dependencies for Fedora Minimal -const VERSION_MINIMAL_WEAKDEPS = "43" - func VersionReplacements() map[string]string { return map[string]string{ - "VERSION_BRANCHED": VERSION_BRANCHED, - "VERSION_RAWHIDE": VERSION_RAWHIDE, - "VERSION_ROOTFS_SQUASHFS": VERSION_ROOTFS_SQUASHFS, + "VERSION_BRANCHED": VERSION_BRANCHED, + "VERSION_RAWHIDE": VERSION_RAWHIDE, } } diff --git a/vendor/github.com/osbuild/images/pkg/distro/image_config.go b/vendor/github.com/osbuild/images/pkg/distro/image_config.go index 2d25e3eb7..70fe19ac2 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/image_config.go +++ b/vendor/github.com/osbuild/images/pkg/distro/image_config.go @@ -8,20 +8,21 @@ import ( "github.com/osbuild/images/pkg/customizations/fsnode" "github.com/osbuild/images/pkg/customizations/shell" "github.com/osbuild/images/pkg/customizations/subscription" + "github.com/osbuild/images/pkg/manifest" "github.com/osbuild/images/pkg/osbuild" ) // ImageConfig represents a (default) configuration applied to the image payload. type ImageConfig struct { - Hostname *string `yaml:"hostname,omitempty"` - Timezone *string `yaml:"timezone,omitempty"` - TimeSynchronization *osbuild.ChronyStageOptions - Locale *string `yaml:"locale,omitempty"` + Hostname *string `yaml:"hostname,omitempty"` + Timezone *string `yaml:"timezone,omitempty"` + TimeSynchronization *osbuild.ChronyStageOptions `yaml:"time_synchronization,omitempty"` + Locale *string `yaml:"locale,omitempty"` Keyboard *osbuild.KeymapStageOptions - EnabledServices []string - DisabledServices []string + EnabledServices []string `yaml:"enabled_services,omitempty"` + DisabledServices []string `yaml:"disabled_services,omitempty"` MaskedServices []string - DefaultTarget *string + DefaultTarget *string `yaml:"default_target,omitempty"` Sysconfig *Sysconfig `yaml:"sysconfig,omitempty"` DefaultKernel *string `yaml:"default_kernel,omitempty"` @@ -32,49 +33,49 @@ type ImageConfig struct { GPGKeyFiles []string `yaml:"gpgkey_files,omitempty"` // Disable SELinux labelling - NoSElinux *bool + NoSElinux *bool `yaml:"no_selinux,omitempty"` // Do not use. Forces auto-relabelling on first boot. // See https://github.com/osbuild/osbuild/commit/52cb27631b587c1df177cd17625c5b473e1e85d2 SELinuxForceRelabel *bool // Disable documentation - ExcludeDocs *bool + ExcludeDocs *bool `yaml:"exclude_docs,omitempty"` ShellInit []shell.InitFile // for RHSM configuration, we need to potentially distinguish the case // when the user want the image to be subscribed on first boot and when not - RHSMConfig map[subscription.RHSMStatus]*subscription.RHSMConfig - SystemdLogind []*osbuild.SystemdLogindStageOptions - CloudInit []*osbuild.CloudInitStageOptions + RHSMConfig map[subscription.RHSMStatus]*subscription.RHSMConfig `yaml:"rhsm_config,omitempty"` + SystemdLogind []*osbuild.SystemdLogindStageOptions `yaml:"systemd_logind,omitempty"` + CloudInit []*osbuild.CloudInitStageOptions `yaml:"cloud_init"` Modprobe []*osbuild.ModprobeStageOptions - DracutConf []*osbuild.DracutConfStageOptions - SystemdDropin []*osbuild.SystemdUnitStageOptions - SystemdUnit []*osbuild.SystemdUnitCreateStageOptions + DracutConf []*osbuild.DracutConfStageOptions `yaml:"dracut_conf"` + SystemdDropin []*osbuild.SystemdUnitStageOptions `yaml:"systemd_dropin,omitempty"` + SystemdUnit []*osbuild.SystemdUnitCreateStageOptions `yaml:"systemd_unit,omitempty"` Authselect *osbuild.AuthselectStageOptions - SELinuxConfig *osbuild.SELinuxConfigStageOptions + SELinuxConfig *osbuild.SELinuxConfigStageOptions `yaml:"selinux_config,omitempty"` Tuned *osbuild.TunedStageOptions Tmpfilesd []*osbuild.TmpfilesdStageOptions - PamLimitsConf []*osbuild.PamLimitsConfStageOptions + PamLimitsConf []*osbuild.PamLimitsConfStageOptions `yaml:"pam_limits_conf,omitempty"` Sysctld []*osbuild.SysctldStageOptions // Do not use DNFConfig directly, call "DNFConfigOptions()" - DNFConfig []*osbuild.DNFConfigStageOptions - DNFSetReleaseVerVar *bool - SshdConfig *osbuild.SshdConfigStageOptions + DNFConfig []*osbuild.DNFConfigStageOptions `yaml:"dnf_config,omitempty"` + DNFSetReleaseVerVar *bool `yaml:"dnf_set_release_ver_var,omitempty"` + SshdConfig *osbuild.SshdConfigStageOptions `yaml:"sshd_config"` Authconfig *osbuild.AuthconfigStageOptions PwQuality *osbuild.PwqualityConfStageOptions - WAAgentConfig *osbuild.WAAgentConfStageOptions - Grub2Config *osbuild.GRUB2Config - DNFAutomaticConfig *osbuild.DNFAutomaticConfigStageOptions + WAAgentConfig *osbuild.WAAgentConfStageOptions `yaml:"waagent_config,omitempty"` + Grub2Config *osbuild.GRUB2Config `yaml:"grub2_config,omitempty"` + DNFAutomaticConfig *osbuild.DNFAutomaticConfigStageOptions `yaml:"dnf_automatic_config"` YumConfig *osbuild.YumConfigStageOptions - YUMRepos []*osbuild.YumReposStageOptions + YUMRepos []*osbuild.YumReposStageOptions `yaml:"yum_repos,omitempty"` Firewall *osbuild.FirewallStageOptions - UdevRules *osbuild.UdevRulesStageOptions - GCPGuestAgentConfig *osbuild.GcpGuestAgentConfigOptions - NetworkManager *osbuild.NMConfStageOptions + UdevRules *osbuild.UdevRulesStageOptions `yaml:"udev_rules,omitempty"` + GCPGuestAgentConfig *osbuild.GcpGuestAgentConfigOptions `yaml:"gcp_guest_agent_config,omitempty"` + NetworkManager *osbuild.NMConfStageOptions `yaml:"network_manager,omitempty"` - WSLConfig *WSLConfig + WSLConfig *WSLConfig `yaml:"wsl_config,omitempty"` Files []*fsnode.File Directories []*fsnode.Directory @@ -98,13 +99,13 @@ type ImageConfig struct { // OSTree specific configuration // Read only sysroot and boot - OSTreeConfSysrootReadOnly *bool + OSTreeConfSysrootReadOnly *bool `yaml:"ostree_conf_sysroot_readonly,omitempty"` // Lock the root account in the deployment unless the user defined root // user options in the build configuration. - LockRootUser *bool + LockRootUser *bool `yaml:"lock_root_user,omitempty"` - IgnitionPlatform *string + IgnitionPlatform *string `yaml:"ignition_platform,omitempty"` // InstallWeakDeps enables installation of weak dependencies for packages // that are statically defined for the pipeline. @@ -117,11 +118,15 @@ type ImageConfig struct { // MountUnits creates systemd .mount units to describe the filesystem // instead of writing to /etc/fstab - MountUnits *bool + MountUnits *bool `yaml:"mount_units,omitempty"` + + // IsoRootfsType defines what rootfs (squashfs, erofs,ext4) + // is used + IsoRootfsType *manifest.RootfsType `yaml:"iso_rootfs_type,omitempty"` } type WSLConfig struct { - BootSystemd bool + BootSystemd bool `yaml:"boot_systemd,omitempty"` } // InheritFrom inherits unset values from the provided parent configuration and diff --git a/vendor/github.com/osbuild/images/pkg/distro/installer_config.go b/vendor/github.com/osbuild/images/pkg/distro/installer_config.go index 7d98b1af9..af373a35a 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/installer_config.go +++ b/vendor/github.com/osbuild/images/pkg/distro/installer_config.go @@ -4,6 +4,6 @@ package distro // part of an Installer image type. type InstallerConfig struct { // Additional dracut modules and drivers to enable - AdditionalDracutModules []string - AdditionalDrivers []string + AdditionalDracutModules []string `yaml:"additional_dracut_modules"` + AdditionalDrivers []string `yaml:"additional_drivers"` } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/imagetype.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/imagetype.go index 699cb0a49..15a6a1bda 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/imagetype.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/imagetype.go @@ -49,7 +49,7 @@ var requiredDirectorySizes = map[string]uint64{ type ImageFunc func(workload workload.Workload, t *ImageType, customizations *blueprint.Customizations, options distro.ImageOptions, packageSets map[string]rpmmd.PackageSet, containers []container.SourceSpec, rng *rand.Rand) (image.ImageKind, error) -type PackageSetFunc func(t *ImageType) (rpmmd.PackageSet, error) +type PackageSetFunc func(t *ImageType) (map[string]rpmmd.PackageSet, error) type BasePartitionTableFunc func(t *ImageType) (disk.PartitionTable, bool) @@ -62,7 +62,7 @@ type ImageType struct { name string filename string mimeType string - packageSets map[string]PackageSetFunc + packageSets PackageSetFunc buildPipelines []string payloadPipelines []string exports []string @@ -306,12 +306,14 @@ func (t *ImageType) Manifest(bp *blueprint.Blueprint, // of the same name from the distro and arch staticPackageSets := make(map[string]rpmmd.PackageSet) - for name, getter := range t.packageSets { - pkgSets, err := getter(t) + if t.packageSets != nil { + pkgSets, err := t.packageSets(t) if err != nil { return nil, nil, err } - staticPackageSets[name] = pkgSets + for name, pkgSet := range pkgSets { + staticPackageSets[name] = pkgSet + } } // amend with repository information and collect payload repos @@ -428,7 +430,7 @@ func (t *ImageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp func NewImageType( name, filename, mimeType string, - pkgSets map[string]PackageSetFunc, + pkgSets PackageSetFunc, imgFunc ImageFunc, buildPipelines, payloadPipelines, exports []string, ) *ImageType { diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ami.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ami.go index 4ed8c2086..f4f067ca0 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ami.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ami.go @@ -1,35 +1,16 @@ package rhel10 import ( - "github.com/osbuild/images/internal/common" "github.com/osbuild/images/pkg/datasizes" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/osbuild" ) -// TODO: move these to the EC2 environment - -func amiKernelOptions() []string { - return []string{"console=tty0", "console=ttyS0,115200n8", "nvme_core.io_timeout=4294967295"} -} - -func amiAarch64KernelOptions() []string { - return append(amiKernelOptions(), "iommu.strict=0") -} - -func amiSapKernelOptions() []string { - return append(amiKernelOptions(), []string{"processor.max_cstate=1", "intel_idle.max_cstate=1"}...) -} - -func mkAMIImgTypeX86_64() *rhel.ImageType { +func mkAMIImgTypeX86_64(d *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -38,21 +19,18 @@ func mkAMIImgTypeX86_64() *rhel.ImageType { it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = defaultEc2ImageConfigX86_64() - it.DefaultImageConfig.KernelOptions = amiKernelOptions() + it.DefaultImageConfig = imageConfig(d, "x86_64", "ami") it.BasePartitionTables = defaultBasePartitionTables return it } -func mkAMIImgTypeAarch64() *rhel.ImageType { +func mkAMIImgTypeAarch64(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -61,22 +39,19 @@ func mkAMIImgTypeAarch64() *rhel.ImageType { it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = defaultEc2ImageConfig() - it.DefaultImageConfig.KernelOptions = amiAarch64KernelOptions() + it.DefaultImageConfig = imageConfig(rd, "aarch64", "ami") it.BasePartitionTables = defaultBasePartitionTables return it } // RHEL internal-only x86_64 EC2 image type -func mkEc2ImgTypeX86_64() *rhel.ImageType { +func mkEc2ImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -86,22 +61,19 @@ func mkEc2ImgTypeX86_64() *rhel.ImageType { it.Compression = "xz" it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = defaultEc2ImageConfigX86_64() - it.DefaultImageConfig.KernelOptions = amiKernelOptions() + it.DefaultImageConfig = imageConfig(rd, "x86_64", "ec2") it.BasePartitionTables = defaultBasePartitionTables return it } // RHEL internal-only aarch64 EC2 image type -func mkEC2ImgTypeAarch64() *rhel.ImageType { +func mkEC2ImgTypeAarch64(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -111,22 +83,19 @@ func mkEC2ImgTypeAarch64() *rhel.ImageType { it.Compression = "xz" it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = defaultEc2ImageConfig() - it.DefaultImageConfig.KernelOptions = amiAarch64KernelOptions() + it.DefaultImageConfig = imageConfig(rd, "aarch64", "ec2") it.BasePartitionTables = defaultBasePartitionTables return it } // RHEL internal-only x86_64 EC2 HA image type -func mkEc2HaImgTypeX86_64() *rhel.ImageType { +func mkEc2HaImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ec2-ha", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -136,21 +105,18 @@ func mkEc2HaImgTypeX86_64() *rhel.ImageType { it.Compression = "xz" it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = defaultEc2ImageConfigX86_64() - it.DefaultImageConfig.KernelOptions = amiKernelOptions() + it.DefaultImageConfig = imageConfig(rd, "x86_64", "ec2-ha") it.BasePartitionTables = defaultBasePartitionTables return it } -func mkEC2SapImgTypeX86_64(osVersion string) *rhel.ImageType { +func mkEC2SapImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ec2-sap", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -160,134 +126,8 @@ func mkEC2SapImgTypeX86_64(osVersion string) *rhel.ImageType { it.Compression = "xz" it.Bootable = true it.DefaultSize = 10 * datasizes.GibiByte - it.DefaultImageConfig = sapImageConfig(osVersion).InheritFrom(defaultEc2ImageConfigX86_64()) - it.DefaultImageConfig.KernelOptions = amiSapKernelOptions() + it.DefaultImageConfig = imageConfig(rd, "x86_64", "ec2-sap") it.BasePartitionTables = defaultBasePartitionTables return it } - -// IMAGE CONFIG - -// default EC2 images config (common for all architectures) -func defaultEc2ImageConfig() *distro.ImageConfig { - return &distro.ImageConfig{ - TimeSynchronization: &osbuild.ChronyStageOptions{ - Servers: []osbuild.ChronyConfigServer{ - { - Hostname: "169.254.169.123", - Prefer: common.ToPtr(true), - Iburst: common.ToPtr(true), - Minpoll: common.ToPtr(4), - Maxpoll: common.ToPtr(4), - }, - }, - // empty string will remove any occurrences of the option from the configuration - LeapsecTz: common.ToPtr(""), - }, - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - X11Keymap: &osbuild.X11KeymapOptions{ - Layouts: []string{"us"}, - }, - }, - EnabledServices: []string{ - "sshd", - "NetworkManager", - "nm-cloud-setup.service", - "nm-cloud-setup.timer", - "cloud-init", - "cloud-init-local", - "cloud-config", - "cloud-final", - "reboot.target", - "tuned", - }, - DefaultTarget: common.ToPtr("multi-user.target"), - UpdateDefaultKernel: common.ToPtr(true), - DefaultKernel: common.ToPtr("kernel"), - Sysconfig: &distro.Sysconfig{ - Networking: true, - NoZeroConf: true, - }, - SystemdLogind: []*osbuild.SystemdLogindStageOptions{ - { - Filename: "00-getty-fixes.conf", - Config: osbuild.SystemdLogindConfigDropin{ - Login: osbuild.SystemdLogindConfigLoginSection{ - NAutoVTs: common.ToPtr(0), - }, - }, - }, - }, - CloudInit: []*osbuild.CloudInitStageOptions{ - { - Filename: "00-rhel-default-user.cfg", - Config: osbuild.CloudInitConfigFile{ - SystemInfo: &osbuild.CloudInitConfigSystemInfo{ - DefaultUser: &osbuild.CloudInitConfigDefaultUser{ - Name: "ec2-user", - }, - }, - }, - }, - }, - Modprobe: []*osbuild.ModprobeStageOptions{ - { - Filename: "blacklist-nouveau.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("nouveau"), - }, - }, - { - Filename: "blacklist-amdgpu.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("amdgpu"), - }, - }, - // https://issues.redhat.com/browse/RHEL-71926 - { - Filename: "blacklist-i2c_piix4.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("i2c_piix4"), - }, - }, - }, - SystemdDropin: []*osbuild.SystemdUnitStageOptions{ - // RHBZ#1822863 - { - Unit: "nm-cloud-setup.service", - Dropin: "10-rh-enable-for-ec2.conf", - Config: osbuild.SystemdServiceUnitDropin{ - Service: &osbuild.SystemdUnitServiceSection{ - Environment: []osbuild.EnvironmentVariable{{Key: "NM_CLOUD_SETUP_EC2", Value: "yes"}}, - }, - }, - }, - }, - SshdConfig: &osbuild.SshdConfigStageOptions{ - Config: osbuild.SshdConfigConfig{ - PasswordAuthentication: common.ToPtr(false), - }, - }, - } -} - -func appendEC2DracutX86_64(ic *distro.ImageConfig) *distro.ImageConfig { - ic.DracutConf = append(ic.DracutConf, - &osbuild.DracutConfStageOptions{ - Filename: "ec2.conf", - Config: osbuild.DracutConfigFile{ - AddDrivers: []string{ - "nvme", - "xen-blkfront", - }, - }, - }) - return ic -} - -func defaultEc2ImageConfigX86_64() *distro.ImageConfig { - ic := defaultEc2ImageConfig() - return appendEC2DracutX86_64(ic) -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/azure.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/azure.go index 94262035e..e78961d55 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/azure.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/azure.go @@ -1,14 +1,9 @@ package rhel10 import ( - "github.com/osbuild/images/internal/common" "github.com/osbuild/images/pkg/arch" - "github.com/osbuild/images/pkg/customizations/fsnode" "github.com/osbuild/images/pkg/datasizes" - "github.com/osbuild/images/pkg/disk" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/osbuild" ) // Azure image type @@ -17,9 +12,7 @@ func mkAzureImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType { "vhd", "disk.vhd", "application/x-vhd", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc"}, @@ -28,8 +21,7 @@ func mkAzureImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType { it.Bootable = true it.DefaultSize = 4 * datasizes.GibiByte - it.DefaultImageConfig = defaultAzureImageConfig(rd) - it.DefaultImageConfig.KernelOptions = defaultAzureKernelOptions(a) + it.DefaultImageConfig = imageConfig(rd, a.String(), "vhd") it.BasePartitionTables = defaultBasePartitionTables return it @@ -41,9 +33,7 @@ func mkAzureInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType "azure-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, @@ -53,9 +43,8 @@ func mkAzureInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType it.Compression = "xz" it.Bootable = true it.DefaultSize = 64 * datasizes.GibiByte - it.DefaultImageConfig = defaultAzureImageConfig(rd) - it.DefaultImageConfig.KernelOptions = defaultAzureKernelOptions(a) - it.BasePartitionTables = azureInternalBasePartitionTables + it.DefaultImageConfig = imageConfig(rd, a.String(), "azure-rhui") + it.BasePartitionTables = defaultBasePartitionTables return it } @@ -65,9 +54,7 @@ func mkAzureSapInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageTy "azure-sap-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, @@ -77,444 +64,8 @@ func mkAzureSapInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageTy it.Compression = "xz" it.Bootable = true it.DefaultSize = 64 * datasizes.GibiByte - it.DefaultImageConfig = sapAzureImageConfig(rd) - it.DefaultImageConfig.KernelOptions = defaultAzureKernelOptions(a) - it.BasePartitionTables = azureInternalBasePartitionTables + it.DefaultImageConfig = imageConfig(rd, a.String(), "azure-sap-rhui") + it.BasePartitionTables = defaultBasePartitionTables return it } - -// PARTITION TABLES -func azureInternalBasePartitionTables(t *rhel.ImageType) (disk.PartitionTable, bool) { - switch t.Arch().Name() { - case arch.ARCH_X86_64.String(): - return disk.PartitionTable{ - UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", - Type: disk.PT_GPT, - Size: 64 * datasizes.GibiByte, - Partitions: []disk.Partition{ - { - Size: 500 * datasizes.MebiByte, - Type: disk.EFISystemPartitionGUID, - UUID: disk.EFISystemPartitionUUID, - Payload: &disk.Filesystem{ - Type: "vfat", - UUID: disk.EFIFilesystemUUID, - Mountpoint: "/boot/efi", - FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", - FSTabFreq: 0, - FSTabPassNo: 2, - }, - }, - // NB: we currently don't support /boot on LVM - { - Size: 1 * datasizes.GibiByte, - Type: disk.FilesystemDataGUID, - UUID: disk.DataPartitionUUID, - Payload: &disk.Filesystem{ - Type: "xfs", - Mountpoint: "/boot", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 2 * datasizes.MebiByte, - Bootable: true, - Type: disk.BIOSBootPartitionGUID, - UUID: disk.BIOSBootPartitionUUID, - }, - { - Type: disk.LVMPartitionGUID, - UUID: disk.RootPartitionUUID, - Payload: &disk.LVMVolumeGroup{ - Name: "rootvg", - Description: "built with lvm2 and osbuild", - LogicalVolumes: []disk.LVMLogicalVolume{ - { - Size: 1 * datasizes.GibiByte, - Name: "homelv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "home", - Mountpoint: "/home", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 2 * datasizes.GibiByte, - Name: "rootlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "root", - Mountpoint: "/", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 2 * datasizes.GibiByte, - Name: "tmplv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "tmp", - Mountpoint: "/tmp", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 10 * datasizes.GibiByte, - Name: "usrlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "usr", - Mountpoint: "/usr", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 10 * datasizes.GibiByte, - Name: "varlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "var", - Mountpoint: "/var", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - }, - }, - }, - }, - }, true - case arch.ARCH_AARCH64.String(): - return disk.PartitionTable{ - UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0", - Type: disk.PT_GPT, - Size: 64 * datasizes.GibiByte, - Partitions: []disk.Partition{ - { - Size: 500 * datasizes.MebiByte, - Type: disk.EFISystemPartitionGUID, - UUID: disk.EFISystemPartitionUUID, - Payload: &disk.Filesystem{ - Type: "vfat", - UUID: disk.EFIFilesystemUUID, - Mountpoint: "/boot/efi", - FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", - FSTabFreq: 0, - FSTabPassNo: 2, - }, - }, - // NB: we currently don't support /boot on LVM - { - Size: 1 * datasizes.GibiByte, - Type: disk.FilesystemDataGUID, - UUID: disk.DataPartitionUUID, - Payload: &disk.Filesystem{ - Type: "xfs", - Mountpoint: "/boot", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Type: disk.LVMPartitionGUID, - UUID: disk.RootPartitionUUID, - Payload: &disk.LVMVolumeGroup{ - Name: "rootvg", - Description: "built with lvm2 and osbuild", - LogicalVolumes: []disk.LVMLogicalVolume{ - { - Size: 1 * datasizes.GibiByte, - Name: "homelv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "home", - Mountpoint: "/home", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 2 * datasizes.GibiByte, - Name: "rootlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "root", - Mountpoint: "/", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 2 * datasizes.GibiByte, - Name: "tmplv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "tmp", - Mountpoint: "/tmp", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 10 * datasizes.GibiByte, - Name: "usrlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "usr", - Mountpoint: "/usr", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - { - Size: 10 * datasizes.GibiByte, - Name: "varlv", - Payload: &disk.Filesystem{ - Type: "xfs", - Label: "var", - Mountpoint: "/var", - FSTabOptions: "defaults", - FSTabFreq: 0, - FSTabPassNo: 0, - }, - }, - }, - }, - }, - }, - }, true - default: - return disk.PartitionTable{}, false - } -} - -// IMAGE CONFIG - -func defaultAzureKernelOptions(a arch.Arch) []string { - kargs := []string{"ro", "loglevel=3", "nvme_core.io_timeout=240"} - switch a { - case arch.ARCH_AARCH64: - kargs = append(kargs, "console=ttyAMA0") - case arch.ARCH_X86_64: - kargs = append(kargs, "console=tty1", "console=ttyS0", "earlyprintk=ttyS0", "rootdelay=300") - } - return kargs -} - -// based on https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/deploying_rhel_9_on_microsoft_azure/assembly_deploying-a-rhel-image-as-a-virtual-machine-on-microsoft-azure_cloud-content-azure#making-configuration-changes_configure-the-image-azure -func defaultAzureImageConfig(rd *rhel.Distribution) *distro.ImageConfig { - datalossWarningScript, datalossSystemdUnit, err := rhel.CreateAzureDatalossWarningScriptAndUnit() - if err != nil { - panic(err) - } - ic := &distro.ImageConfig{ - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - X11Keymap: &osbuild.X11KeymapOptions{ - Layouts: []string{"us"}, - }, - }, - UpdateDefaultKernel: common.ToPtr(true), - DefaultKernel: common.ToPtr("kernel-core"), - Sysconfig: &distro.Sysconfig{ - Networking: true, - NoZeroConf: true, - }, - EnabledServices: []string{ - "firewalld", - "nm-cloud-setup.service", - "nm-cloud-setup.timer", - "sshd", - "waagent", - datalossSystemdUnit.Filename, - }, - SshdConfig: &osbuild.SshdConfigStageOptions{ - Config: osbuild.SshdConfigConfig{ - ClientAliveInterval: common.ToPtr(180), - }, - }, - Modprobe: []*osbuild.ModprobeStageOptions{ - { - Filename: "blacklist-amdgpu.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("amdgpu"), - }, - }, - { - Filename: "blacklist-intel-cstate.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("intel_cstate"), - }, - }, - { - Filename: "blacklist-floppy.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("floppy"), - }, - }, - { - Filename: "blacklist-nouveau.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("nouveau"), - osbuild.NewModprobeConfigCmdBlacklist("lbm-nouveau"), - }, - }, - { - Filename: "blacklist-skylake-edac.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("skx_edac"), - }, - }, - { - Filename: "blacklist-intel_uncore.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("intel_uncore"), - }, - }, - { - Filename: "blacklist-acpi_cpufreq.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("acpi_cpufreq"), - }, - }, - }, - CloudInit: []*osbuild.CloudInitStageOptions{ - { - Filename: "10-azure-kvp.cfg", - Config: osbuild.CloudInitConfigFile{ - Reporting: &osbuild.CloudInitConfigReporting{ - Logging: &osbuild.CloudInitConfigReportingHandlers{ - Type: "log", - }, - Telemetry: &osbuild.CloudInitConfigReportingHandlers{ - Type: "hyperv", - }, - }, - }, - }, - { - Filename: "91-azure_datasource.cfg", - Config: osbuild.CloudInitConfigFile{ - Datasource: &osbuild.CloudInitConfigDatasource{ - Azure: &osbuild.CloudInitConfigDatasourceAzure{ - ApplyNetworkConfig: false, - }, - }, - DatasourceList: []string{ - "Azure", - }, - }, - }, - }, - PwQuality: &osbuild.PwqualityConfStageOptions{ - Config: osbuild.PwqualityConfConfig{ - Minlen: common.ToPtr(6), - Minclass: common.ToPtr(3), - Dcredit: common.ToPtr(0), - Ucredit: common.ToPtr(0), - Lcredit: common.ToPtr(0), - Ocredit: common.ToPtr(0), - }, - }, - WAAgentConfig: &osbuild.WAAgentConfStageOptions{ - Config: osbuild.WAAgentConfig{ - RDFormat: common.ToPtr(false), - RDEnableSwap: common.ToPtr(false), - ProvisioningUseCloudInit: common.ToPtr(true), - ProvisioningEnabled: common.ToPtr(false), - }, - }, - Grub2Config: &osbuild.GRUB2Config{ - DisableRecovery: common.ToPtr(true), - DisableSubmenu: common.ToPtr(true), - Distributor: "$(sed 's, release .*$,,g' /etc/system-release)", - Terminal: []string{"serial", "console"}, - Serial: "serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1", - Timeout: 10, - TimeoutStyle: osbuild.GRUB2ConfigTimeoutStyleCountdown, - }, - UdevRules: &osbuild.UdevRulesStageOptions{ - Filename: "/etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules", - Rules: osbuild.UdevRules{ - osbuild.UdevRuleComment{ - Comment: []string{ - "Accelerated Networking on Azure exposes a new SRIOV interface to the VM.", - "This interface is transparently bonded to the synthetic interface,", - "so NetworkManager should just ignore any SRIOV interfaces.", - }, - }, - osbuild.NewUdevRule( - []osbuild.UdevKV{ - {K: "SUBSYSTEM", O: "==", V: "net"}, - {K: "DRIVERS", O: "==", V: "hv_pci"}, - {K: "ACTION", O: "==", V: "add"}, - {K: "ENV", A: "NM_UNMANAGED", O: "=", V: "1"}, - }, - ), - }, - }, - SystemdDropin: []*osbuild.SystemdUnitStageOptions{ - { - Unit: "nm-cloud-setup.service", - Dropin: "10-rh-enable-for-azure.conf", - Config: osbuild.SystemdServiceUnitDropin{ - Service: &osbuild.SystemdUnitServiceSection{ - Environment: []osbuild.EnvironmentVariable{{Key: "NM_CLOUD_SETUP_AZURE", Value: "yes"}}, - }, - }, - }, - }, - DefaultTarget: common.ToPtr("multi-user.target"), - TimeSynchronization: &osbuild.ChronyStageOptions{ - Refclocks: []osbuild.ChronyConfigRefclock{ - { - Driver: osbuild.NewChronyDriverPHC("/dev/ptp_hyperv"), - Poll: common.ToPtr(3), - Dpoll: common.ToPtr(-2), - Offset: common.ToPtr(0.0), - }, - }, - }, - Files: []*fsnode.File{datalossWarningScript}, - SystemdUnit: []*osbuild.SystemdUnitCreateStageOptions{datalossSystemdUnit}, - NetworkManager: &osbuild.NMConfStageOptions{ - Path: "/etc/NetworkManager/conf.d/99-azure-unmanaged-devices.conf", - Settings: osbuild.NMConfStageSettings{ - Keyfile: &osbuild.NMConfSettingsKeyfile{ - UnmanagedDevices: []string{ - "driver:mlx4_core", - "driver:mlx5_core", - }, - }, - }, - }, - } - - if rd.IsRHEL() { - ic.GPGKeyFiles = append(ic.GPGKeyFiles, "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release") - } - - return ic -} - -func sapAzureImageConfig(rd *rhel.Distribution) *distro.ImageConfig { - return sapImageConfig(rd.OsVersion()).InheritFrom(defaultAzureImageConfig(rd)) -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/bare_metal.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/bare_metal.go index 1a30b2f6d..104add77b 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/bare_metal.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/bare_metal.go @@ -2,9 +2,7 @@ package rhel10 import ( "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/rpmmd" ) func mkTarImgType() *rhel.ImageType { @@ -12,9 +10,7 @@ func mkTarImgType() *rhel.ImageType { "tar", "root.tar.xz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, @@ -27,12 +23,7 @@ func mkImageInstallerImgType() *rhel.ImageType { "image-installer", "installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: func(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "bare-metal", nil) - }, - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.ImageInstallerImage, []string{"build"}, []string{"anaconda-tree", "efiboot-tree", "os", "bootiso-tree", "bootiso"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/distro.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/distro.go index 3f797426f..6548639cb 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/distro.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/distro.go @@ -83,7 +83,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { QCOW2Compat: "1.1", }, }, - mkQcow2ImgType(rd), + mkQcow2ImgType(rd, arch.ARCH_X86_64), mkOCIImgType(rd), ) @@ -95,7 +95,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { ImageFormat: platform.FORMAT_VMDK, }, }, - mkVMDKImgType(), + mkVMDKImgType(rd), ) x86_64.AddImageTypes( @@ -106,19 +106,19 @@ func newDistro(name string, major, minor int) *rhel.Distribution { ImageFormat: platform.FORMAT_OVA, }, }, - mkOVAImgType(), + mkOVAImgType(rd), ) x86_64.AddImageTypes( &platform.X86{}, mkTarImgType(), - mkWSLImgType(), + mkWSLImgType(rd), ) aarch64.AddImageTypes( &platform.Aarch64{}, mkTarImgType(), - mkWSLImgType(), + mkWSLImgType(rd), ) aarch64.AddImageTypes( @@ -129,7 +129,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { QCOW2Compat: "1.1", }, }, - mkQcow2ImgType(rd), + mkQcow2ImgType(rd, arch.ARCH_AARCH64), ) ppc64le.AddImageTypes( @@ -140,7 +140,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { QCOW2Compat: "1.1", }, }, - mkQcow2ImgType(rd), + mkQcow2ImgType(rd, arch.ARCH_PPC64LE), ) ppc64le.AddImageTypes( &platform.PPC64LE{}, @@ -155,7 +155,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { QCOW2Compat: "1.1", }, }, - mkQcow2ImgType(rd), + mkQcow2ImgType(rd, arch.ARCH_S390X), ) s390x.AddImageTypes( &platform.S390X{}, @@ -171,7 +171,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { } x86_64.AddImageTypes( ec2X86Platform, - mkAMIImgTypeX86_64(), + mkAMIImgTypeX86_64(rd), ) ec2Aarch64Platform := &platform.Aarch64{ @@ -182,7 +182,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { } aarch64.AddImageTypes( ec2Aarch64Platform, - mkAMIImgTypeAarch64(), + mkAMIImgTypeAarch64(rd), ) azureX64Platform := &platform.X86{ @@ -211,7 +211,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution { } x86_64.AddImageTypes( gceX86Platform, - mkGCEImageType(), + mkGCEImageType(rd, arch.ARCH_X86_64), ) x86_64.AddImageTypes( @@ -251,8 +251,8 @@ func newDistro(name string, major, minor int) *rhel.Distribution { x86_64.AddImageTypes(azureX64Platform, mkAzureSapInternalImgType(rd, azureX64Platform.GetArch())) - x86_64.AddImageTypes(ec2X86Platform, mkEc2ImgTypeX86_64(), mkEc2HaImgTypeX86_64(), mkEC2SapImgTypeX86_64(rd.OsVersion())) - aarch64.AddImageTypes(ec2Aarch64Platform, mkEC2ImgTypeAarch64()) + x86_64.AddImageTypes(ec2X86Platform, mkEc2ImgTypeX86_64(rd), mkEc2HaImgTypeX86_64(rd), mkEC2SapImgTypeX86_64(rd)) + aarch64.AddImageTypes(ec2Aarch64Platform, mkEC2ImgTypeAarch64(rd)) } rd.AddArches(x86_64, aarch64, ppc64le, s390x) diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/gce.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/gce.go index 9e9e4cf7d..36db95258 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/gce.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/gce.go @@ -1,33 +1,24 @@ package rhel10 import ( - "github.com/osbuild/images/internal/common" + "github.com/osbuild/images/pkg/arch" "github.com/osbuild/images/pkg/datasizes" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/osbuild" ) -func gceKernelOptions() []string { - return []string{"biosdevname=0", "scsi_mod.use_blk_mq=Y", "console=ttyS0,38400n8d"} -} - -func mkGCEImageType() *rhel.ImageType { +func mkGCEImageType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType { it := rhel.NewImageType( "gce", "image.tar.gz", "application/gzip", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "archive"}, []string{"archive"}, ) - it.DefaultImageConfig = baseGCEImageConfig() - it.DefaultImageConfig.KernelOptions = gceKernelOptions() + it.DefaultImageConfig = imageConfig(rd, a.String(), "gce") it.DefaultSize = 20 * datasizes.GibiByte it.Bootable = true // TODO: the base partition table still contains the BIOS boot partition, but the image is UEFI-only @@ -35,104 +26,3 @@ func mkGCEImageType() *rhel.ImageType { return it } - -func baseGCEImageConfig() *distro.ImageConfig { - ic := &distro.ImageConfig{ - TimeSynchronization: &osbuild.ChronyStageOptions{ - Servers: []osbuild.ChronyConfigServer{{Hostname: "metadata.google.internal"}}, - }, - Firewall: &osbuild.FirewallStageOptions{ - DefaultZone: "trusted", - }, - EnabledServices: []string{ - "sshd", - "rngd", - "dnf-automatic.timer", - // TODO: remove cloud-init services once we switch back to GCP guest tools - "cloud-init", - "cloud-init-local", - "cloud-config", - "cloud-final", - }, - DisabledServices: []string{ - "sshd-keygen@", - "reboot.target", - }, - DefaultTarget: common.ToPtr("multi-user.target"), - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - }, - DNFConfig: []*osbuild.DNFConfigStageOptions{ - { - Config: &osbuild.DNFConfig{ - Main: &osbuild.DNFConfigMain{ - IPResolve: "4", - }, - }, - }, - }, - DNFAutomaticConfig: &osbuild.DNFAutomaticConfigStageOptions{ - Config: &osbuild.DNFAutomaticConfig{ - Commands: &osbuild.DNFAutomaticConfigCommands{ - ApplyUpdates: common.ToPtr(true), - UpgradeType: osbuild.DNFAutomaticUpgradeTypeSecurity, - }, - }, - }, - YUMRepos: []*osbuild.YumReposStageOptions{ - { - Filename: "google-cloud.repo", - Repos: []osbuild.YumRepository{ - { - Id: "google-compute-engine", - Name: "Google Compute Engine", - // TODO: use el10 repo once it's available - BaseURLs: []string{"https://packages.cloud.google.com/yum/repos/google-compute-engine-el9-x86_64-stable"}, - Enabled: common.ToPtr(true), - // TODO: enable GPG check once Google stops using SHA-1 in their keys - // https://issuetracker.google.com/issues/360905189 - GPGCheck: common.ToPtr(false), - RepoGPGCheck: common.ToPtr(false), - GPGKey: []string{ - "https://packages.cloud.google.com/yum/doc/yum-key.gpg", - "https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg", - }, - }, - }, - }, - }, - SshdConfig: &osbuild.SshdConfigStageOptions{ - Config: osbuild.SshdConfigConfig{ - PasswordAuthentication: common.ToPtr(false), - ClientAliveInterval: common.ToPtr(420), - PermitRootLogin: osbuild.PermitRootLoginValueNo, - }, - }, - UpdateDefaultKernel: common.ToPtr(true), - DefaultKernel: common.ToPtr("kernel-core"), - // XXX: ensure the "old" behavior is preserved (that is - // likely a bug) where for GCE the sysconfig network - // options are not set because the merge of imageConfig - // is shallow and the previous setup was changing the - // kernel without also changing the network options. - Sysconfig: &distro.Sysconfig{}, - Modprobe: []*osbuild.ModprobeStageOptions{ - { - Filename: "blacklist-floppy.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("floppy"), - }, - }, - }, - GCPGuestAgentConfig: &osbuild.GcpGuestAgentConfigOptions{ - ConfigScope: osbuild.GcpGuestAgentConfigScopeDistro, - Config: &osbuild.GcpGuestAgentConfig{ - InstanceSetup: &osbuild.GcpGuestAgentConfigInstanceSetup{ - SetBotoConfig: common.ToPtr(false), - }, - }, - }, - } - - return ic -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/package_sets.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/package_sets.go index 7a14a51c4..7d5c55df3 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/package_sets.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/package_sets.go @@ -3,11 +3,17 @@ package rhel10 // This file defines package sets that are used by more than one image type. import ( + "github.com/osbuild/images/internal/common" + "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" "github.com/osbuild/images/pkg/rpmmd" ) -func packageSetLoader(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "", nil) +func packageSetLoader(t *rhel.ImageType) (map[string]rpmmd.PackageSet, error) { + return defs.PackageSets(t, nil) +} + +func imageConfig(d *rhel.Distribution, archName, imageType string) *distro.ImageConfig { + return common.Must(defs.ImageConfig(d.Name(), archName, imageType, nil)) } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/qcow2.go index ff42c7e30..11f667466 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/qcow2.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/qcow2.go @@ -1,29 +1,24 @@ package rhel10 import ( - "github.com/osbuild/images/internal/common" - "github.com/osbuild/images/pkg/customizations/subscription" + "github.com/osbuild/images/pkg/arch" "github.com/osbuild/images/pkg/datasizes" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" ) -func mkQcow2ImgType(d *rhel.Distribution) *rhel.ImageType { +func mkQcow2ImgType(d *rhel.Distribution, a arch.Arch) *rhel.ImageType { it := rhel.NewImageType( "qcow2", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, []string{"qcow2"}, ) - it.DefaultImageConfig = qcowImageConfig(d) - it.DefaultImageConfig.KernelOptions = []string{"console=tty0", "console=ttyS0,115200n8", "no_timer_check"} + it.DefaultImageConfig = imageConfig(d, a.String(), "qcow2") it.DefaultSize = 10 * datasizes.GibiByte it.Bootable = true it.BasePartitionTables = defaultBasePartitionTables @@ -36,41 +31,17 @@ func mkOCIImgType(d *rhel.Distribution) *rhel.ImageType { "oci", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, []string{"qcow2"}, ) - it.DefaultImageConfig = qcowImageConfig(d) - it.DefaultImageConfig.KernelOptions = []string{"console=tty0", "console=ttyS0,115200n8", "no_timer_check"} + it.DefaultImageConfig = imageConfig(d, "", "oci") it.DefaultSize = 10 * datasizes.GibiByte it.Bootable = true it.BasePartitionTables = defaultBasePartitionTables return it } - -func qcowImageConfig(d *rhel.Distribution) *distro.ImageConfig { - ic := &distro.ImageConfig{ - DefaultTarget: common.ToPtr("multi-user.target"), - } - if d.IsRHEL() { - ic.RHSMConfig = map[subscription.RHSMStatus]*subscription.RHSMConfig{ - subscription.RHSMConfigNoSubscription: { - DnfPlugins: subscription.SubManDNFPluginsConfig{ - ProductID: subscription.DNFPluginConfig{ - Enabled: common.ToPtr(false), - }, - SubscriptionManager: subscription.DNFPluginConfig{ - Enabled: common.ToPtr(false), - }, - }, - }, - } - } - return ic -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/sap.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/sap.go deleted file mode 100644 index 98db021b2..000000000 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/sap.go +++ /dev/null @@ -1,109 +0,0 @@ -package rhel10 - -import ( - "github.com/osbuild/images/internal/common" - "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/osbuild" -) - -// sapImageConfig returns the SAP specific ImageConfig data -func sapImageConfig(osVersion string) *distro.ImageConfig { - return &distro.ImageConfig{ - SELinuxConfig: &osbuild.SELinuxConfigStageOptions{ - State: osbuild.SELinuxStatePermissive, - }, - // RHBZ#1960617 - Tuned: osbuild.NewTunedStageOptions("sap-hana"), - // RHBZ#1959979 - Tmpfilesd: []*osbuild.TmpfilesdStageOptions{ - osbuild.NewTmpfilesdStageOptions("sap.conf", - []osbuild.TmpfilesdConfigLine{ - { - Type: "x", - Path: "/tmp/.sap*", - }, - { - Type: "x", - Path: "/tmp/.hdb*lock", - }, - { - Type: "x", - Path: "/tmp/.trex*lock", - }, - }, - ), - }, - // RHBZ#1959963 - PamLimitsConf: []*osbuild.PamLimitsConfStageOptions{ - osbuild.NewPamLimitsConfStageOptions("99-sap.conf", - []osbuild.PamLimitsConfigLine{ - { - Domain: "@sapsys", - Type: osbuild.PamLimitsTypeHard, - Item: osbuild.PamLimitsItemNofile, - Value: osbuild.PamLimitsValueInt(1048576), - }, - { - Domain: "@sapsys", - Type: osbuild.PamLimitsTypeSoft, - Item: osbuild.PamLimitsItemNofile, - Value: osbuild.PamLimitsValueInt(1048576), - }, - { - Domain: "@dba", - Type: osbuild.PamLimitsTypeHard, - Item: osbuild.PamLimitsItemNofile, - Value: osbuild.PamLimitsValueInt(1048576), - }, - { - Domain: "@dba", - Type: osbuild.PamLimitsTypeSoft, - Item: osbuild.PamLimitsItemNofile, - Value: osbuild.PamLimitsValueInt(1048576), - }, - { - Domain: "@sapsys", - Type: osbuild.PamLimitsTypeHard, - Item: osbuild.PamLimitsItemNproc, - Value: osbuild.PamLimitsValueUnlimited, - }, - { - Domain: "@sapsys", - Type: osbuild.PamLimitsTypeSoft, - Item: osbuild.PamLimitsItemNproc, - Value: osbuild.PamLimitsValueUnlimited, - }, - { - Domain: "@dba", - Type: osbuild.PamLimitsTypeHard, - Item: osbuild.PamLimitsItemNproc, - Value: osbuild.PamLimitsValueUnlimited, - }, - { - Domain: "@dba", - Type: osbuild.PamLimitsTypeSoft, - Item: osbuild.PamLimitsItemNproc, - Value: osbuild.PamLimitsValueUnlimited, - }, - }, - ), - }, - // RHBZ#1959962 - Sysctld: []*osbuild.SysctldStageOptions{ - osbuild.NewSysctldStageOptions("sap.conf", - []osbuild.SysctldConfigLine{ - { - Key: "kernel.pid_max", - Value: "4194304", - }, - { - Key: "vm.max_map_count", - Value: "2147483647", - }, - }, - ), - }, - // E4S/EUS - DNFSetReleaseVerVar: common.ToPtr(true), - } -} diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ubi.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ubi.go index 3d99a449e..505489bef 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ubi.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ubi.go @@ -1,46 +1,21 @@ package rhel10 import ( - "github.com/osbuild/images/internal/common" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/osbuild" ) -func mkWSLImgType() *rhel.ImageType { +func mkWSLImgType(rd *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "wsl", "disk.tar.gz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, []string{"archive"}, ) - it.DefaultImageConfig = &distro.ImageConfig{ - CloudInit: []*osbuild.CloudInitStageOptions{ - { - Filename: "99_wsl.cfg", - Config: osbuild.CloudInitConfigFile{ - DatasourceList: []string{ - "WSL", - "None", - }, - Network: &osbuild.CloudInitConfigNetwork{ - Config: "disabled", - }, - }, - }, - }, - NoSElinux: common.ToPtr(true), - WSLConfig: &distro.WSLConfig{ - BootSystemd: true, - }, - } - + it.DefaultImageConfig = imageConfig(rd, "", "wsl") return it } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/vmdk.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/vmdk.go index 8ca7add65..4277b96c8 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/vmdk.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/vmdk.go @@ -2,31 +2,21 @@ package rhel10 import ( "github.com/osbuild/images/pkg/datasizes" - "github.com/osbuild/images/pkg/distro" "github.com/osbuild/images/pkg/distro/rhel" ) -func vmdkKernelOptions() []string { - return []string{"ro"} -} - -func mkVMDKImgType() *rhel.ImageType { +func mkVMDKImgType(d *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "vmdk", "disk.vmdk", "application/x-vmdk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk"}, []string{"vmdk"}, ) - - it.DefaultImageConfig = &distro.ImageConfig{ - KernelOptions: vmdkKernelOptions(), - } + it.DefaultImageConfig = imageConfig(d, "x86_64", "vmdk") it.Bootable = true it.DefaultSize = 4 * datasizes.GibiByte it.BasePartitionTables = defaultBasePartitionTables @@ -34,23 +24,18 @@ func mkVMDKImgType() *rhel.ImageType { return it } -func mkOVAImgType() *rhel.ImageType { +func mkOVAImgType(d *rhel.Distribution) *rhel.ImageType { it := rhel.NewImageType( "ova", "image.ova", "application/ovf", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk", "ovf", "archive"}, []string{"archive"}, ) - - it.DefaultImageConfig = &distro.ImageConfig{ - KernelOptions: vmdkKernelOptions(), - } + it.DefaultImageConfig = imageConfig(d, "x86_64", "ova") it.Bootable = true it.DefaultSize = 4 * datasizes.GibiByte it.BasePartitionTables = defaultBasePartitionTables diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/ami.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/ami.go index 022ee7937..4d3e83d5f 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/ami.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/ami.go @@ -18,9 +18,7 @@ func mkEc2ImgTypeX86_64() *rhel.ImageType { "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/azure.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/azure.go index 05c0670d8..610629ef0 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/azure.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/azure.go @@ -16,9 +16,7 @@ func mkAzureRhuiImgType() *rhel.ImageType { "azure-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/package_sets.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/package_sets.go index d62c87675..aaf617d60 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/package_sets.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/package_sets.go @@ -6,6 +6,6 @@ import ( "github.com/osbuild/images/pkg/rpmmd" ) -func packageSetLoader(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "", nil) +func packageSetLoader(t *rhel.ImageType) (map[string]rpmmd.PackageSet, error) { + return defs.PackageSets(t, nil) } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/qcow2.go index 4b559363f..f9e19e08b 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/qcow2.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel7/qcow2.go @@ -14,9 +14,7 @@ func mkQcow2ImgType() *rhel.ImageType { "qcow2", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ami.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ami.go index 4ccf07089..1d65581e0 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ami.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ami.go @@ -26,9 +26,7 @@ func mkAmiImgTypeX86_64() *rhel.ImageType { "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -49,9 +47,7 @@ func mkEc2ImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -73,9 +69,7 @@ func mkEc2HaImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { "ec2-ha", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -97,9 +91,7 @@ func mkAmiImgTypeAarch64() *rhel.ImageType { "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -120,9 +112,7 @@ func mkEc2ImgTypeAarch64(rd *rhel.Distribution) *rhel.ImageType { "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -144,9 +134,7 @@ func mkEc2SapImgTypeX86_64(rd *rhel.Distribution) *rhel.ImageType { "ec2-sap", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/azure.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/azure.go index d3160e4f6..f2f89df27 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/azure.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/azure.go @@ -22,9 +22,7 @@ func mkAzureRhuiImgType() *rhel.ImageType { "azure-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, @@ -46,9 +44,7 @@ func mkAzureSapRhuiImgType(rd *rhel.Distribution) *rhel.ImageType { "azure-sap-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, @@ -70,9 +66,7 @@ func mkAzureByosImgType() *rhel.ImageType { "vhd", "disk.vhd", "application/x-vhd", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc"}, @@ -94,9 +88,7 @@ func mkAzureImgType() *rhel.ImageType { "vhd", "disk.vhd", "application/x-vhd", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc"}, @@ -117,9 +109,7 @@ func mkAzureEap7RhuiImgType() *rhel.ImageType { "azure-eap7-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/bare_metal.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/bare_metal.go index 85c05cfbb..4db14758d 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/bare_metal.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/bare_metal.go @@ -2,9 +2,7 @@ package rhel8 import ( "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/rpmmd" ) func mkImageInstaller() *rhel.ImageType { @@ -12,12 +10,7 @@ func mkImageInstaller() *rhel.ImageType { "image-installer", "installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: func(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "bare-metal", nil) - }, - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.ImageInstallerImage, []string{"build"}, []string{"anaconda-tree", "rootfs-image", "efiboot-tree", "os", "bootiso-tree", "bootiso"}, @@ -42,9 +35,7 @@ func mkTarImgType() *rhel.ImageType { "tar", "root.tar.xz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/edge.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/edge.go index 965cce9c6..f92157091 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/edge.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/edge.go @@ -6,10 +6,8 @@ import ( "github.com/osbuild/images/pkg/datasizes" "github.com/osbuild/images/pkg/disk" "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" "github.com/osbuild/images/pkg/osbuild" - "github.com/osbuild/images/pkg/rpmmd" ) func mkEdgeCommitImgType(rd *rhel.Distribution) *rhel.ImageType { @@ -17,9 +15,7 @@ func mkEdgeCommitImgType(rd *rhel.Distribution) *rhel.ImageType { "edge-commit", "commit.tar", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.EdgeCommitImage, []string{"build"}, []string{"os", "ostree-commit", "commit-archive"}, @@ -41,12 +37,7 @@ func mkEdgeOCIImgType(rd *rhel.Distribution) *rhel.ImageType { "edge-container", "container.tar", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - rhel.ContainerPkgsKey: func(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "edge_container_pipeline_pkgset", nil) - }, - }, + packageSetLoader, rhel.EdgeContainerImage, []string{"build"}, []string{"os", "ostree-commit", "container-tree", "container"}, @@ -102,9 +93,7 @@ func mkEdgeInstallerImgType(rd *rhel.Distribution) *rhel.ImageType { "edge-installer", "installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.EdgeInstallerImage, []string{"build"}, []string{"anaconda-tree", "rootfs-image", "efiboot-tree", "bootiso-tree", "bootiso"}, @@ -132,9 +121,7 @@ func mkEdgeSimplifiedInstallerImgType(rd *rhel.Distribution) *rhel.ImageType { "edge-simplified-installer", "simplified-installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.EdgeSimplifiedInstallerImage, []string{"build"}, []string{"ostree-deployment", "image", "xz", "coi-tree", "efiboot-tree", "bootiso-tree", "bootiso"}, @@ -176,9 +163,7 @@ func mkMinimalRawImgType() *rhel.ImageType { "minimal-raw", "disk.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/gce.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/gce.go index 69a6ae72b..62401545e 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/gce.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/gce.go @@ -14,9 +14,7 @@ func mkGceImgType(rd distro.Distro) *rhel.ImageType { "gce", "image.tar.gz", "application/gzip", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "archive"}, @@ -37,9 +35,7 @@ func mkGceRhuiImgType(rd distro.Distro) *rhel.ImageType { "gce-rhui", "image.tar.gz", "application/gzip", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/options.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/options.go index 1f7d9d293..1f6b60682 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/options.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/options.go @@ -87,17 +87,6 @@ func checkOptions(t *rhel.ImageType, bp *blueprint.Blueprint, options distro.Ima // TODO: consider additional checks, such as those in "edge-simplified-installer" } - // warn that user & group customizations on edge-commit, edge-container are deprecated - // TODO(edge): directly error if these options are provided when rhel-9.5's time arrives - if t.Name() == "edge-commit" || t.Name() == "edge-container" { - if customizations.GetUsers() != nil { - warnings = append(warnings, fmt.Sprintf("Please note that user customizations on %q image type are deprecated and will be removed in the near future\n", t.Name())) - } - if customizations.GetGroups() != nil { - warnings = append(warnings, fmt.Sprintf("Please note that group customizations on %q image type are deprecated and will be removed in the near future\n", t.Name())) - } - } - if kernelOpts := customizations.GetKernel(); kernelOpts.Append != "" && t.RPMOSTree && t.Name() != "edge-raw-image" && t.Name() != "edge-simplified-installer" { return warnings, fmt.Errorf("kernel boot parameter customizations are not supported for ostree types") } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/package_sets.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/package_sets.go index a0ab856b3..e5489c836 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/package_sets.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/package_sets.go @@ -8,6 +8,6 @@ import ( "github.com/osbuild/images/pkg/rpmmd" ) -func packageSetLoader(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "", nil) +func packageSetLoader(t *rhel.ImageType) (map[string]rpmmd.PackageSet, error) { + return defs.PackageSets(t, nil) } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go index 5daf27f91..e3d07c8c9 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go @@ -13,9 +13,7 @@ func mkQcow2ImgType(rd *rhel.Distribution) *rhel.ImageType { "qcow2", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, @@ -35,9 +33,7 @@ func mkOCIImgType(rd *rhel.Distribution) *rhel.ImageType { "oci", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, @@ -57,9 +53,7 @@ func mkOpenstackImgType() *rhel.ImageType { "openstack", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ubi.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ubi.go index 75ddafd6b..55bbdf604 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ubi.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/ubi.go @@ -11,9 +11,7 @@ func mkWslImgType() *rhel.ImageType { "wsl", "disk.tar.gz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/vmdk.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/vmdk.go index f7399b679..73c35e0e8 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/vmdk.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/vmdk.go @@ -15,9 +15,7 @@ func mkVmdkImgType() *rhel.ImageType { "vmdk", "disk.vmdk", "application/x-vmdk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk"}, @@ -38,9 +36,7 @@ func mkOvaImgType() *rhel.ImageType { "ova", "image.ova", "application/ovf", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk", "ovf", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ami.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ami.go index 3ee311088..45c132a2e 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ami.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ami.go @@ -151,9 +151,7 @@ func mkEc2ImgTypeX86_64() *rhel.ImageType { "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -175,9 +173,7 @@ func mkAMIImgTypeX86_64() *rhel.ImageType { "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -198,9 +194,7 @@ func mkEC2SapImgTypeX86_64(osVersion string) *rhel.ImageType { "ec2-sap", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -222,9 +216,7 @@ func mkEc2HaImgTypeX86_64() *rhel.ImageType { "ec2-ha", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -246,9 +238,7 @@ func mkAMIImgTypeAarch64() *rhel.ImageType { "ami", "image.raw", "application/octet-stream", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image"}, @@ -269,9 +259,7 @@ func mkEC2ImgTypeAarch64() *rhel.ImageType { "ec2", "image.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/azure.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/azure.go index 058f2f760..644bf83e2 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/azure.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/azure.go @@ -16,9 +16,7 @@ func mkAzureImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType { "vhd", "disk.vhd", "application/x-vhd", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc"}, @@ -40,9 +38,7 @@ func mkAzureInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageType "azure-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, @@ -64,9 +60,7 @@ func mkAzureSapInternalImgType(rd *rhel.Distribution, a arch.Arch) *rhel.ImageTy "azure-sap-rhui", "disk.vhd.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vpc", "xz"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/bare_metal.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/bare_metal.go index b0a2eb2c8..1cf0f4dbf 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/bare_metal.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/bare_metal.go @@ -3,9 +3,7 @@ package rhel9 import ( "github.com/osbuild/images/internal/common" "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" - "github.com/osbuild/images/pkg/rpmmd" ) func mkTarImgType() *rhel.ImageType { @@ -13,9 +11,7 @@ func mkTarImgType() *rhel.ImageType { "tar", "root.tar.xz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, @@ -28,12 +24,7 @@ func mkImageInstallerImgType() *rhel.ImageType { "image-installer", "installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: func(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "bare-metal", nil) - }, - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.ImageInstallerImage, []string{"build"}, []string{"anaconda-tree", "rootfs-image", "efiboot-tree", "os", "bootiso-tree", "bootiso"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/edge.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/edge.go index f3426372a..86f62f488 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/edge.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/edge.go @@ -8,10 +8,8 @@ import ( "github.com/osbuild/images/pkg/datasizes" "github.com/osbuild/images/pkg/disk" "github.com/osbuild/images/pkg/distro" - "github.com/osbuild/images/pkg/distro/defs" "github.com/osbuild/images/pkg/distro/rhel" "github.com/osbuild/images/pkg/osbuild" - "github.com/osbuild/images/pkg/rpmmd" ) func mkEdgeCommitImgType(d *rhel.Distribution) *rhel.ImageType { @@ -19,9 +17,7 @@ func mkEdgeCommitImgType(d *rhel.Distribution) *rhel.ImageType { "edge-commit", "commit.tar", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.EdgeCommitImage, []string{"build"}, []string{"os", "ostree-commit", "commit-archive"}, @@ -51,12 +47,7 @@ func mkEdgeOCIImgType(d *rhel.Distribution) *rhel.ImageType { "edge-container", "container.tar", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - rhel.ContainerPkgsKey: func(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "edge_container_pipeline_pkgset", nil) - }, - }, + packageSetLoader, rhel.EdgeContainerImage, []string{"build"}, []string{"os", "ostree-commit", "container-tree", "container"}, @@ -126,9 +117,7 @@ func mkEdgeInstallerImgType() *rhel.ImageType { "edge-installer", "installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - rhel.InstallerPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.EdgeInstallerImage, []string{"build"}, []string{"anaconda-tree", "rootfs-image", "efiboot-tree", "bootiso-tree", "bootiso"}, @@ -163,16 +152,14 @@ func mkEdgeSimplifiedInstallerImgType(d *rhel.Distribution) *rhel.ImageType { "edge-simplified-installer", "simplified-installer.iso", "application/x-iso9660-image", - map[string]rhel.PackageSetFunc{ - // TODO: non-arch-specific package set handling for installers - // This image type requires build packages for installers and - // ostree/edge. For now we only have x86-64 installer build - // package sets defined. When we add installer build package sets - // for other architectures, this will need to be moved to the - // architecture and the merging will happen in the PackageSets() - // method like the other sets. - rhel.InstallerPkgsKey: packageSetLoader, - }, + // TODO: non-arch-specific package set handling for installers + // This image type requires build packages for installers and + // ostree/edge. For now we only have x86-64 installer build + // package sets defined. When we add installer build package sets + // for other architectures, this will need to be moved to the + // architecture and the merging will happen in the PackageSets() + // method like the other sets. + packageSetLoader, rhel.EdgeSimplifiedInstallerImage, []string{"build"}, []string{"ostree-deployment", "image", "xz", "coi-tree", "efiboot-tree", "bootiso-tree", "bootiso"}, @@ -298,9 +285,7 @@ func mkMinimalrawImgType() *rhel.ImageType { "minimal-raw", "disk.raw.xz", "application/xz", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "xz"}, @@ -380,7 +365,7 @@ func minimalrawPartitionTables(t *rhel.ImageType) (disk.PartitionTable, bool) { Type: "vfat", UUID: disk.EFIFilesystemUUID, Mountpoint: "/boot/efi", - Label: "EFI-SYSTEM", + Label: "ESP", FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", FSTabFreq: 0, FSTabPassNo: 2, @@ -428,7 +413,7 @@ func minimalrawPartitionTables(t *rhel.ImageType) (disk.PartitionTable, bool) { Type: "vfat", UUID: disk.EFIFilesystemUUID, Mountpoint: "/boot/efi", - Label: "EFI-SYSTEM", + Label: "ESP", FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", FSTabFreq: 0, FSTabPassNo: 2, @@ -488,7 +473,7 @@ func edgeBasePartitionTables(t *rhel.ImageType) (disk.PartitionTable, bool) { Type: "vfat", UUID: disk.EFIFilesystemUUID, Mountpoint: "/boot/efi", - Label: "EFI-SYSTEM", + Label: "ESP", FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", FSTabFreq: 0, FSTabPassNo: 2, @@ -559,7 +544,7 @@ func edgeBasePartitionTables(t *rhel.ImageType) (disk.PartitionTable, bool) { Type: "vfat", UUID: disk.EFIFilesystemUUID, Mountpoint: "/boot/efi", - Label: "EFI-SYSTEM", + Label: "ESP", FSTabOptions: "defaults,uid=0,gid=0,umask=077,shortname=winnt", FSTabFreq: 0, FSTabPassNo: 2, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/gce.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/gce.go index baff859a1..2d821f27c 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/gce.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/gce.go @@ -17,9 +17,7 @@ func mkGCEImageType() *rhel.ImageType { "gce", "image.tar.gz", "application/gzip", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/options.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/options.go index 1e11753db..1a4ce2e48 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/options.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/options.go @@ -99,17 +99,6 @@ func checkOptions(t *rhel.ImageType, bp *blueprint.Blueprint, options distro.Ima // TODO: consider additional checks, such as those in "edge-simplified-installer" } - // warn that user & group customizations on edge-commit, edge-container are deprecated - // TODO(edge): directly error if these options are provided when rhel-9.5's time arrives - if t.Name() == "edge-commit" || t.Name() == "edge-container" { - if customizations.GetUsers() != nil { - warnings = append(warnings, fmt.Sprintf("Please note that user customizations on %q image type are deprecated and will be removed in the near future\n", t.Name())) - } - if customizations.GetGroups() != nil { - warnings = append(warnings, fmt.Sprintf("Please note that group customizations on %q image type are deprecated and will be removed in the near future\n", t.Name())) - } - } - if kernelOpts := customizations.GetKernel(); kernelOpts.Append != "" && t.RPMOSTree && t.Name() != "edge-raw-image" && t.Name() != "edge-simplified-installer" { return warnings, fmt.Errorf("kernel boot parameter customizations are not supported for ostree types") } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/package_sets.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/package_sets.go index 309f9c50c..a71b50aac 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/package_sets.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/package_sets.go @@ -6,6 +6,6 @@ import ( "github.com/osbuild/images/pkg/rpmmd" ) -func packageSetLoader(t *rhel.ImageType) (rpmmd.PackageSet, error) { - return defs.PackageSet(t, "", nil) +func packageSetLoader(t *rhel.ImageType) (map[string]rpmmd.PackageSet, error) { + return defs.PackageSets(t, nil) } diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go index e58e541b5..e4053b6a6 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go @@ -13,9 +13,7 @@ func mkQcow2ImgType(d *rhel.Distribution) *rhel.ImageType { "qcow2", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, @@ -36,9 +34,7 @@ func mkOCIImgType(d *rhel.Distribution) *rhel.ImageType { "oci", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, @@ -59,9 +55,7 @@ func mkOpenstackImgType() *rhel.ImageType { "openstack", "disk.qcow2", "application/x-qemu-disk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "qcow2"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ubi.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ubi.go index 2b6744c40..e87dab99a 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ubi.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/ubi.go @@ -12,9 +12,7 @@ func mkWSLImgType() *rhel.ImageType { "wsl", "disk.tar.gz", "application/x-tar", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.TarImage, []string{"build"}, []string{"os", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/vmdk.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/vmdk.go index 07bb7dc7c..18a187251 100644 --- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/vmdk.go +++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/vmdk.go @@ -16,9 +16,7 @@ func mkVMDKImgType() *rhel.ImageType { "vmdk", "disk.vmdk", "application/x-vmdk", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk"}, @@ -41,9 +39,7 @@ func mkOVAImgType() *rhel.ImageType { "ova", "image.ova", "application/ovf", - map[string]rhel.PackageSetFunc{ - rhel.OSPkgsKey: packageSetLoader, - }, + packageSetLoader, rhel.DiskImage, []string{"build"}, []string{"os", "image", "vmdk", "ovf", "archive"}, diff --git a/vendor/github.com/osbuild/images/pkg/image/bootc_disk.go b/vendor/github.com/osbuild/images/pkg/image/bootc_disk.go index 1bfb38b16..d2b0fc716 100644 --- a/vendor/github.com/osbuild/images/pkg/image/bootc_disk.go +++ b/vendor/github.com/osbuild/images/pkg/image/bootc_disk.go @@ -22,7 +22,8 @@ type BootcDiskImage struct { Filename string - ContainerSource *container.SourceSpec + ContainerSource *container.SourceSpec + BuildContainerSource *container.SourceSpec // Customizations KernelOptionsAppend []string @@ -38,13 +39,15 @@ type BootcDiskImage struct { // SELinux policy, when set it enables the labeling of the tree with the // selected profile - SELinux string + SELinux string + BuildSELinux string } -func NewBootcDiskImage(container container.SourceSpec) *BootcDiskImage { +func NewBootcDiskImage(container container.SourceSpec, buildContainer container.SourceSpec) *BootcDiskImage { return &BootcDiskImage{ - Base: NewBase("bootc-raw-image"), - ContainerSource: &container, + Base: NewBase("bootc-raw-image"), + ContainerSource: &container, + BuildContainerSource: &buildContainer, } } @@ -53,7 +56,16 @@ func (img *BootcDiskImage) InstantiateManifestFromContainers(m *manifest.Manifes runner runner.Runner, rng *rand.Rand) error { - buildPipeline := manifest.NewBuildFromContainer(m, runner, containers, &manifest.BuildOptions{ContainerBuildable: true}) + policy := img.SELinux + if img.BuildSELinux != "" { + policy = img.BuildSELinux + } + buildContainers := []container.SourceSpec{*img.BuildContainerSource} + buildPipeline := manifest.NewBuildFromContainer(m, runner, buildContainers, + &manifest.BuildOptions{ + ContainerBuildable: true, + SELinuxPolicy: policy, + }) buildPipeline.Checkpoint() // In the bootc flow, we reuse the host container context for tools; diff --git a/vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go b/vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go index 1937a8ae6..95d95387c 100644 --- a/vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go +++ b/vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go @@ -1,6 +1,7 @@ package manifest import ( + "encoding/json" "fmt" "path" "path/filepath" @@ -25,6 +26,29 @@ const ( // Rootfs type enum ErofsRootfs // Create a plain erofs rootfs ) +func (r *RootfsType) UnmarshalJSON(data []byte) error { + var s string + if err := json.Unmarshal(data, &s); err != nil { + return err + } + switch s { + case "squashfs-ext4", "": + *r = SquashfsExt4Rootfs + case "squashfs": + *r = SquashfsRootfs + case "erofs": + *r = ErofsRootfs + default: + return fmt.Errorf("unknown RootfsType: %q", s) + } + + return nil +} + +func (r *RootfsType) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(r, unmarshal) +} + type ISOBootType uint64 // These constants are used by the ISO images to control the type of bootable iso diff --git a/vendor/github.com/osbuild/images/pkg/manifest/build.go b/vendor/github.com/osbuild/images/pkg/manifest/build.go index 983505d75..1e54703e9 100644 --- a/vendor/github.com/osbuild/images/pkg/manifest/build.go +++ b/vendor/github.com/osbuild/images/pkg/manifest/build.go @@ -43,6 +43,8 @@ type BuildrootFromPackages struct { // buildroot itself when running setfiles. Once osbuild has // this then this option would become "useChrootSetfiles" disableSelinux bool + + selinuxPolicy string } type BuildOptions struct { @@ -54,12 +56,24 @@ type BuildOptions struct { // currently needed when using (experimental) cross-arch building. DisableSELinux bool + // The SELinux policy to use in the buildroot, defaults to 'targeted' if not specified + SELinuxPolicy string + // BootstrapPipeline add the given bootstrap pipeline to the // build pipeline. This is only needed when doing cross-arch // building BootstrapPipeline Build } +// policy or default returns the selinuxPolicy or (if unset) the +// default policy +func policyOrDefault(selinuxPolicy string) string { + if selinuxPolicy != "" { + return selinuxPolicy + } + return "targeted" +} + // NewBuild creates a new build pipeline from the repositories in repos // and the specified packages. func NewBuild(m *Manifest, runner runner.Runner, repos []rpmmd.RepoConfig, opts *BuildOptions) Build { @@ -75,6 +89,7 @@ func NewBuild(m *Manifest, runner runner.Runner, repos []rpmmd.RepoConfig, opts repos: filterRepos(repos, name), containerBuildable: opts.ContainerBuildable, disableSelinux: opts.DisableSELinux, + selinuxPolicy: policyOrDefault(opts.SELinuxPolicy), } m.addPipeline(pipeline) @@ -93,10 +108,11 @@ func (p *BuildrootFromPackages) addDependent(dep Pipeline) { func (p *BuildrootFromPackages) getPackageSetChain(distro Distro) []rpmmd.PackageSet { // TODO: make the /usr/bin/cp dependency conditional // TODO: make the /usr/bin/xz dependency conditional + policyPackage := fmt.Sprintf("selinux-policy-%s", p.selinuxPolicy) packages := []string{ - "selinux-policy-targeted", // needed to build the build pipeline - "coreutils", // /usr/bin/cp - used all over - "xz", // usage unclear + policyPackage, // needed to build the build pipeline + "coreutils", // /usr/bin/cp - used all over + "xz", // usage unclear } packages = append(packages, p.runner.GetBuildPackages()...) @@ -143,7 +159,7 @@ func (p *BuildrootFromPackages) serialize() osbuild.Pipeline { pipeline.AddStage(osbuild.NewRPMStage(osbuild.NewRPMStageOptions(p.repos), osbuild.NewRpmStageSourceFilesInputs(p.packageSpecs))) if !p.disableSelinux { pipeline.AddStage(osbuild.NewSELinuxStage(&osbuild.SELinuxStageOptions{ - FileContexts: "etc/selinux/targeted/contexts/files/file_contexts", + FileContexts: fmt.Sprintf("etc/selinux/%s/contexts/files/file_contexts", p.selinuxPolicy), Labels: p.getSELinuxLabels(), }, )) @@ -182,6 +198,7 @@ type BuildrootFromContainer struct { containerBuildable bool disableSelinux bool + selinuxPolicy string } // NewBuildFromContainer creates a new build pipeline from the given @@ -200,6 +217,7 @@ func NewBuildFromContainer(m *Manifest, runner runner.Runner, containerSources [ containerBuildable: opts.ContainerBuildable, disableSelinux: opts.DisableSELinux, + selinuxPolicy: policyOrDefault(opts.SELinuxPolicy), } m.addPipeline(pipeline) return pipeline @@ -273,7 +291,7 @@ func (p *BuildrootFromContainer) serialize() osbuild.Pipeline { if !p.disableSelinux { pipeline.AddStage(osbuild.NewSELinuxStage( &osbuild.SELinuxStageOptions{ - FileContexts: "etc/selinux/targeted/contexts/files/file_contexts", + FileContexts: fmt.Sprintf("etc/selinux/%s/contexts/files/file_contexts", p.selinuxPolicy), ExcludePaths: []string{"/sysroot"}, Labels: p.getSELinuxLabels(), }, diff --git a/vendor/github.com/osbuild/images/pkg/manifest/os.go b/vendor/github.com/osbuild/images/pkg/manifest/os.go index 7febd7752..37ec69f88 100644 --- a/vendor/github.com/osbuild/images/pkg/manifest/os.go +++ b/vendor/github.com/osbuild/images/pkg/manifest/os.go @@ -740,7 +740,12 @@ func (p *OS) serialize() osbuild.Pipeline { p.platform.GetUEFIVendor() != "", p.platform.GetBIOSPlatform(), p.platform.GetUEFIVendor(), false) - if cfg := p.OSCustomizations.Grub2Config; cfg != nil { + + // Avoid a race condition because Grub2Config may be shared when set (yay pointers!) + if p.OSCustomizations.Grub2Config != nil { + // Make a COPY of it + cfg := *p.OSCustomizations.Grub2Config + // TODO: don't store Grub2Config in OSPipeline, making the overrides unnecessary // grub2.Config.Default is owned and set by `NewGrub2StageOptionsUnified` // and thus we need to preserve it @@ -748,7 +753,8 @@ func (p *OS) serialize() osbuild.Pipeline { cfg.Default = options.Config.Default } - options.Config = cfg + // Point to the COPY with the possibly new Default value + options.Config = &cfg } if p.OSCustomizations.KernelOptionsBootloader { options.WriteCmdLine = nil diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/chrony_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/chrony_stage.go index 78f4946e1..f77b76fa5 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/chrony_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/chrony_stage.go @@ -1,8 +1,11 @@ package osbuild import ( + "encoding/json" "fmt" "regexp" + + "github.com/osbuild/images/internal/common" ) const ( @@ -66,6 +69,65 @@ type ChronyConfigRefclock struct { Offset *float64 `json:"offset,omitempty"` } +type chronyConfigRefclockData struct { + Driver *json.RawMessage + + Poll *int `json:"poll,omitempty"` + Dpoll *int `json:"dpoll,omitempty"` + Offset *float64 `json:"offset,omitempty"` +} + +func (c *ChronyConfigRefclock) UnmarshalJSON(data []byte) (err error) { + var d chronyConfigRefclockData + if err := json.Unmarshal(data, &d); err != nil { + return err + } + c.Poll = d.Poll + c.Dpoll = d.Dpoll + c.Offset = d.Offset + + var peek struct { + Name string + } + if err := json.Unmarshal(*d.Driver, &peek); err != nil { + return err + } + switch peek.Name { + case "PPS": + var drv ChronyDriverPPS + if err := json.Unmarshal(*d.Driver, &drv); err != nil { + return err + } + c.Driver = &drv + case "SHM": + var drv ChronyDriverSHM + if err := json.Unmarshal(*d.Driver, &drv); err != nil { + return err + } + c.Driver = &drv + case "SOCK": + var drv ChronyDriverSOCK + if err := json.Unmarshal(*d.Driver, &drv); err != nil { + return err + } + c.Driver = &drv + case "PHC": + var drv ChronyDriverPHC + if err := json.Unmarshal(*d.Driver, &drv); err != nil { + return err + } + c.Driver = &drv + default: + return fmt.Errorf("unsupported reflock name: %q", peek.Name) + } + + return c.validate() +} + +func (c *ChronyConfigRefclock) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(c, unmarshal) +} + func (o ChronyConfigRefclock) validate() error { return o.Driver.validate() } diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/cloud_init_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/cloud_init_stage.go index d38ad6ef2..730ed4640 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/cloud_init_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/cloud_init_stage.go @@ -25,17 +25,17 @@ func NewCloudInitStage(options *CloudInitStageOptions) *Stage { // Represents a cloud-init configuration file type CloudInitConfigFile struct { - SystemInfo *CloudInitConfigSystemInfo `json:"system_info,omitempty"` + SystemInfo *CloudInitConfigSystemInfo `json:"system_info,omitempty" yaml:"system_info,omitempty"` Reporting *CloudInitConfigReporting `json:"reporting,omitempty"` Datasource *CloudInitConfigDatasource `json:"datasource,omitempty"` - DatasourceList []string `json:"datasource_list,omitempty"` + DatasourceList []string `json:"datasource_list,omitempty" yaml:"datasource_list,omitempty"` Output *CloudInitConfigOutput `json:"output,omitempty"` Network *CloudInitConfigNetwork `json:"network,omitempty"` } // Represents the 'system_info' configuration section type CloudInitConfigSystemInfo struct { - DefaultUser *CloudInitConfigDefaultUser `json:"default_user,omitempty"` + DefaultUser *CloudInitConfigDefaultUser `json:"default_user,omitempty" yaml:"default_user,omitempty"` } // Represents the 'reporting' configuration section @@ -54,7 +54,7 @@ type CloudInitConfigDatasource struct { } type CloudInitConfigDatasourceAzure struct { - ApplyNetworkConfig bool `json:"apply_network_config"` + ApplyNetworkConfig bool `json:"apply_network_config" yaml:"apply_network_config"` } // Represents the 'output' configuration section diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/disk.go b/vendor/github.com/osbuild/images/pkg/osbuild/disk.go index 94e0bed6d..da66fc717 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/disk.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/disk.go @@ -19,6 +19,7 @@ func sfdiskStageOptions(pt *disk.PartitionTable) *SfdiskStageOptions { Size: pt.BytesToSectors(p.Size), Type: p.Type, UUID: p.UUID, + Name: p.Label, } } stageOptions := &SfdiskStageOptions{ @@ -40,6 +41,7 @@ func sgdiskStageOptions(pt *disk.PartitionTable) *SgdiskStageOptions { Start: pt.BytesToSectors(p.Start), Size: pt.BytesToSectors(p.Size), Type: p.Type, + Name: p.Label, } if p.UUID != "" { diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/dnf_automatic_config_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/dnf_automatic_config_stage.go index 53ad0a06a..f0a31018e 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/dnf_automatic_config_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/dnf_automatic_config_stage.go @@ -13,9 +13,9 @@ const ( // DNFAutomaticConfigCommands represents the 'commands' configuration section. type DNFAutomaticConfigCommands struct { // Whether packages comprising the available updates should be installed - ApplyUpdates *bool `json:"apply_updates,omitempty"` + ApplyUpdates *bool `json:"apply_updates,omitempty" yaml:"apply_updates,omitempty"` // What kind of upgrades to look at - UpgradeType DNFAutomaticUpgradeTypeValue `json:"upgrade_type,omitempty"` + UpgradeType DNFAutomaticUpgradeTypeValue `json:"upgrade_type,omitempty" yaml:"upgrade_type,omitempty"` } // DNFAutomaticConfig represents DNF Automatic configuration. diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/dracut_conf_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/dracut_conf_stage.go index 216c8aa46..012edc70f 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/dracut_conf_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/dracut_conf_stage.go @@ -28,7 +28,7 @@ type DracutConfigFile struct { Modules []string `json:"dracutmodules,omitempty"` // Additional dracut modules to include - AddModules []string `json:"add_dracutmodules,omitempty"` + AddModules []string `json:"add_dracutmodules,omitempty" yaml:"add_dracutmodules,omitempty"` // Dracut modules to not include OmitModules []string `json:"omit_dracutmodules,omitempty"` @@ -37,7 +37,7 @@ type DracutConfigFile struct { Drivers []string `json:"drivers,omitempty"` // Add a specific kernel module - AddDrivers []string `json:"add_drivers,omitempty"` + AddDrivers []string `json:"add_drivers,omitempty" yaml:"add_drivers,omitempty"` // Add driver and ensure that they are tried to be loaded ForceDrivers []string `json:"force_drivers,omitempty"` diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/dracut_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/dracut_stage.go index daa4ff5d3..3357690c3 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/dracut_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/dracut_stage.go @@ -20,7 +20,7 @@ type DracutStageOptions struct { Drivers []string `json:"drivers,omitempty"` // Add a specific kernel module - AddDrivers []string `json:"add_drivers,omitempty"` + AddDrivers []string `json:"add_drivers,omitempty" yaml:"add_drivers,omitempty"` // Add driver and ensure that they are tried to be loaded ForceDrivers []string `json:"force_drivers,omitempty"` diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/firewall_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/firewall_stage.go index 2ed28ec23..8116b1223 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/firewall_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/firewall_stage.go @@ -6,7 +6,7 @@ type FirewallStageOptions struct { Ports []string `json:"ports,omitempty"` EnabledServices []string `json:"enabled_services,omitempty"` DisabledServices []string `json:"disabled_services,omitempty"` - DefaultZone string `json:"default_zone,omitempty"` + DefaultZone string `json:"default_zone,omitempty" yaml:"default_zone,omitempty"` Zones []FirewallZone `json:"zones,omitempty"` } diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/gcp_guest_agent_conf_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/gcp_guest_agent_conf_stage.go index 6a5436d9e..85435464a 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/gcp_guest_agent_conf_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/gcp_guest_agent_conf_stage.go @@ -32,7 +32,7 @@ type GcpGuestAgentConfigInstanceSetup struct { HostKeyTypes []string `json:"host_key_types,omitempty"` OptimizeLocalSsd *bool `json:"optimize_local_ssd,omitempty"` NetworkEnabled *bool `json:"network_enabled,omitempty"` - SetBotoConfig *bool `json:"set_boto_config,omitempty"` + SetBotoConfig *bool `json:"set_boto_config,omitempty" yaml:"set_boto_config,omitempty"` SetHostKeys *bool `json:"set_host_keys,omitempty"` SetMultiqueue *bool `json:"set_multiqueue,omitempty"` } @@ -59,14 +59,14 @@ type GcpGuestAgentConfigNetworkInterfaces struct { type GcpGuestAgentConfig struct { Accounts *GcpGuestAgentConfigAccounts `json:"Accounts,omitempty"` Daemons *GcpGuestAgentConfigDaemons `json:"Daemons,omitempty"` - InstanceSetup *GcpGuestAgentConfigInstanceSetup `json:"InstanceSetup,omitempty"` + InstanceSetup *GcpGuestAgentConfigInstanceSetup `json:"InstanceSetup,omitempty" yaml:"InstanceSetup,omitempty"` IpForwarding *GcpGuestAgentConfigIpForwarding `json:"IpForwarding,omitempty"` MetadataScripts *GcpGuestAgentConfigMetadataScripts `json:"MetadataScripts,omitempty"` NetworkInterfaces *GcpGuestAgentConfigNetworkInterfaces `json:"NetworkInterfaces,omitempty"` } type GcpGuestAgentConfigOptions struct { - ConfigScope GcpGuestAgentConfigScopeValue `json:"config_scope,omitempty"` + ConfigScope GcpGuestAgentConfigScopeValue `json:"config_scope,omitempty" yaml:"config_scope,omitempty"` Config *GcpGuestAgentConfig `json:"config"` } diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/grub2_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/grub2_stage.go index b4d95a0a8..bdbb05561 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/grub2_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/grub2_stage.go @@ -44,14 +44,14 @@ const ( type GRUB2Config struct { Default string `json:"default,omitempty"` - DisableRecovery *bool `json:"disable_recovery,omitempty"` - DisableSubmenu *bool `json:"disable_submenu,omitempty"` + DisableRecovery *bool `json:"disable_recovery,omitempty" yaml:"disable_recovery,omitempty"` + DisableSubmenu *bool `json:"disable_submenu,omitempty" yaml:"disable_submenu,omitempty"` Distributor string `json:"distributor,omitempty"` Terminal []string `json:"terminal,omitempty"` TerminalInput []string `json:"terminal_input,omitempty"` TerminalOutput []string `json:"terminal_output,omitempty"` Timeout int `json:"timeout,omitempty"` - TimeoutStyle GRUB2ConfigTimeoutStyle `json:"timeout_style,omitempty"` + TimeoutStyle GRUB2ConfigTimeoutStyle `json:"timeout_style,omitempty" yaml:"timeout_style,omitempty"` Serial string `json:"serial,omitempty"` } diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/keymap_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/keymap_stage.go index 09b24fb84..dcbbd82d2 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/keymap_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/keymap_stage.go @@ -7,7 +7,7 @@ import ( type KeymapStageOptions struct { Keymap string `json:"keymap"` - X11Keymap *X11KeymapOptions `json:"x11-keymap,omitempty"` + X11Keymap *X11KeymapOptions `json:"x11-keymap,omitempty" yaml:"x11-keymap,omitempty"` } func (KeymapStageOptions) isStageOptions() {} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_ext4_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_ext4_stage.go index aefa42f66..3f0b9e865 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_ext4_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_ext4_stage.go @@ -1,8 +1,9 @@ package osbuild type MkfsExt4StageOptions struct { - UUID string `json:"uuid"` - Label string `json:"label,omitempty"` + UUID string `json:"uuid"` + Label string `json:"label,omitempty"` + Verity *bool `json:"verity,omitempty"` } func (MkfsExt4StageOptions) isStageOptions() {} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_stage.go index 33558a66b..1db54f2d8 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/mkfs_stage.go @@ -2,8 +2,10 @@ package osbuild import ( "fmt" + "slices" "strings" + "github.com/osbuild/images/internal/common" "github.com/osbuild/images/pkg/disk" ) @@ -38,6 +40,7 @@ func GenFsStages(pt *disk.PartitionTable, filename string) []*Stage { case "vfat": options := &MkfsFATStageOptions{ VolID: strings.Replace(e.UUID, "-", "", -1), + Label: e.Label, } stages = append(stages, NewMkfsFATStage(options, stageDevices)) case "ext4": @@ -45,6 +48,10 @@ func GenFsStages(pt *disk.PartitionTable, filename string) []*Stage { UUID: e.UUID, Label: e.Label, } + if slices.Contains(e.MkfsOptions, disk.MkfsVerity) { + options.Verity = common.ToPtr(true) + } + stages = append(stages, NewMkfsExt4Stage(options, stageDevices)) default: panic(fmt.Sprintf("unknown fs type: %s", e.GetFSType())) diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/nm_conf_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/nm_conf_stage.go index bbfb52d62..bd890578c 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/nm_conf_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/nm_conf_stage.go @@ -38,7 +38,7 @@ type NMConfSettingsGlobalDNSDomainConfig struct { } type NMConfSettingsKeyfile struct { - UnmanagedDevices []string `json:"unmanaged-devices,omitempty"` + UnmanagedDevices []string `json:"unmanaged-devices,omitempty" yaml:"unmanaged-devices,omitempty"` } type NMConfDeviceConfig struct { diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/pam_limits_conf_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/pam_limits_conf_stage.go index 642655361..bd5fad73b 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/pam_limits_conf_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/pam_limits_conf_stage.go @@ -3,6 +3,8 @@ package osbuild import ( "encoding/json" "fmt" + + "github.com/osbuild/images/internal/common" ) // PamLimitsConfStageOptions represents a single pam_limits module configuration file. @@ -152,3 +154,7 @@ func (l *PamLimitsConfigLine) UnmarshalJSON(data []byte) error { return nil } + +func (l *PamLimitsConfigLine) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(l, unmarshal) +} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/sshd_config_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/sshd_config_stage.go index e82dd053c..4ee44a3ef 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/sshd_config_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/sshd_config_stage.go @@ -8,10 +8,10 @@ import ( ) type SshdConfigConfig struct { - PasswordAuthentication *bool `json:"PasswordAuthentication,omitempty"` - ChallengeResponseAuthentication *bool `json:"ChallengeResponseAuthentication,omitempty"` - ClientAliveInterval *int `json:"ClientAliveInterval,omitempty"` - PermitRootLogin PermitRootLoginValue `json:"PermitRootLogin,omitempty"` + PasswordAuthentication *bool `json:"PasswordAuthentication,omitempty" yaml:"PasswordAuthentication,omitempty"` + ChallengeResponseAuthentication *bool `json:"ChallengeResponseAuthentication,omitempty" yaml:"ChallengeResponseAuthentication,omitempty"` + ClientAliveInterval *int `json:"ClientAliveInterval,omitempty" yaml:"ClientAliveInterval,omitempty"` + PermitRootLogin PermitRootLoginValue `json:"PermitRootLogin,omitempty" yaml:"PermitRootLogin,omitempty"` } // PermitRootLoginValue is defined to represent all valid types of the @@ -45,10 +45,10 @@ const ( // Unexported struct used for Unmarshalling of SshdConfigConfig due to // 'PermitRootLogin' being a boolean or a string. type rawSshdConfigConfig struct { - PasswordAuthentication *bool `json:"PasswordAuthentication,omitempty"` - ChallengeResponseAuthentication *bool `json:"ChallengeResponseAuthentication,omitempty"` - ClientAliveInterval *int `json:"ClientAliveInterval,omitempty"` - PermitRootLogin interface{} `json:"PermitRootLogin,omitempty"` + PasswordAuthentication *bool `json:"PasswordAuthentication,omitempty" yaml:"PasswordAuthentication,omitempty"` + ChallengeResponseAuthentication *bool `json:"ChallengeResponseAuthentication,omitempty" yaml:"ChallengeResponseAuthentication,omitempty"` + ClientAliveInterval *int `json:"ClientAliveInterval,omitempty" yaml:"ClientAliveInterval,omitempty"` + PermitRootLogin interface{} `json:"PermitRootLogin,omitempty" yaml:"PermitRootLogin,omitempty"` } func (c *SshdConfigConfig) UnmarshalJSON(data []byte) error { @@ -82,7 +82,7 @@ func (c *SshdConfigConfig) UnmarshalYAML(unmarshal func(any) error) error { } type SshdConfigStageOptions struct { - Config SshdConfigConfig `json:"config"` + Config SshdConfigConfig `json:"config" yaml:"config"` } func (SshdConfigStageOptions) isStageOptions() {} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/sysconfig_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/sysconfig_stage.go index 75893e850..d754a0d08 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/sysconfig_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/sysconfig_stage.go @@ -5,7 +5,7 @@ type SysconfigStageOptions struct { Network *SysconfigNetworkOptions `json:"network,omitempty" yaml:"network,omitempty"` NetworkScripts *NetworkScriptsOptions `json:"network-scripts,omitempty" yaml:"network-scripts,omitempty"` Desktop *SysconfigDesktopOptions `json:"desktop,omitempty" yaml:"desktop,omitempty"` - LiveSys *SysconfigLivesysOptions `json:"livesys,omitempty" yaml:"libesys,omitempty"` + LiveSys *SysconfigLivesysOptions `json:"livesys,omitempty" yaml:"livesys,omitempty"` } func (SysconfigStageOptions) isStageOptions() {} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/systemd_unit_create_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/systemd_unit_create_stage.go index 13afec35f..2da65de5e 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/systemd_unit_create_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/systemd_unit_create_stage.go @@ -41,75 +41,75 @@ const ( ) type UnitSection struct { - Description string `json:"Description,omitempty"` - DefaultDependencies *bool `json:"DefaultDependencies,omitempty"` - ConditionPathExists []string `json:"ConditionPathExists,omitempty"` - ConditionPathIsDirectory []string `json:"ConditionPathIsDirectory,omitempty"` - Requires []string `json:"Requires,omitempty"` - Wants []string `json:"Wants,omitempty"` - After []string `json:"After,omitempty"` - Before []string `json:"Before,omitempty"` + Description string `json:"Description,omitempty" yaml:"Description,omitempty"` + DefaultDependencies *bool `json:"DefaultDependencies,omitempty" yaml:"DefaultDependencies,omitempty"` + ConditionPathExists []string `json:"ConditionPathExists,omitempty" yaml:"ConditionPathExists,omitempty"` + ConditionPathIsDirectory []string `json:"ConditionPathIsDirectory,omitempty" yaml:"ConditionPathIsDirectory,omitempty"` + Requires []string `json:"Requires,omitempty" yaml:"Requires,omitempty"` + Wants []string `json:"Wants,omitempty" yaml:"Wants,omitempty"` + After []string `json:"After,omitempty" yaml:"After,omitempty"` + Before []string `json:"Before,omitempty" yaml:"Before,omitempty"` } type ServiceSection struct { - Type SystemdServiceType `json:"Type,omitempty"` - RemainAfterExit bool `json:"RemainAfterExit,omitempty"` - ExecStartPre []string `json:"ExecStartPre,omitempty"` - ExecStopPost []string `json:"ExecStopPost,omitempty"` - ExecStart []string `json:"ExecStart,omitempty"` - Environment []EnvironmentVariable `json:"Environment,omitempty"` - EnvironmentFile []string `json:"EnvironmentFile,omitempty"` - StandardOutput string `json:"StandardOutput,omitempty"` + Type SystemdServiceType `json:"Type,omitempty" yaml:"Type,omitempty"` + RemainAfterExit bool `json:"RemainAfterExit,omitempty" yaml:"RemainAfterExit,omitempty"` + ExecStartPre []string `json:"ExecStartPre,omitempty" yaml:"ExecStartPre,omitempty"` + ExecStopPost []string `json:"ExecStopPost,omitempty" yaml:"ExecStopPost,omitempty"` + ExecStart []string `json:"ExecStart,omitempty" yaml:"ExecStart,omitempty"` + Environment []EnvironmentVariable `json:"Environment,omitempty" yaml:"Environment,omitempty"` + EnvironmentFile []string `json:"EnvironmentFile,omitempty" yaml:"EnvironmentFile,omitempty"` + StandardOutput string `json:"StandardOutput,omitempty" yaml:"StandardOutput,omitempty"` } type MountSection struct { - What string `json:"What"` - Where string `json:"Where"` - Type string `json:"Type,omitempty"` - Options string `json:"Options,omitempty"` + What string `json:"What" yaml:"What"` + Where string `json:"Where" yaml:"Where"` + Type string `json:"Type,omitempty" yaml:"Type,omitempty"` + Options string `json:"Options,omitempty" yaml:"Options,omitempty"` } type SwapSection struct { - What string `json:"What"` - Priority *int `json:"Priority,omitempty"` - Options string `json:"Options,omitempty"` - TimeoutSec string `json:"TimeoutSec,omitempty"` + What string `json:"What" yaml:"What"` + Priority *int `json:"Priority,omitempty" yaml:"Priority,omitempty"` + Options string `json:"Options,omitempty" yaml:"Options,omitempty"` + TimeoutSec string `json:"TimeoutSec,omitempty" yaml:"TimeoutSec,omitempty"` } type SocketSection struct { - Service string `json:"Service,omitempty"` - ListenStream string `json:"ListenStream,omitempty"` - ListenDatagram string `json:"ListenDatagram,omitempty"` - ListenSequentialPacket string `json:"ListenSequentialPacket,omitempty"` - ListenFifo string `json:"ListenFifo,omitempty"` - SocketUser string `json:"SocketUser,omitempty"` - SocketGroup string `json:"SocketGroup,omitempty"` - SocketMode string `json:"SocketMode,omitempty"` - DirectoryMode string `json:"DirectoryMode,omitempty"` - Accept string `json:"Accept,omitempty"` - RuntimeDirectory string `json:"RuntimeDirectory,omitempty"` - RemoveOnStop string `json:"RemoveOnStop,omitempty"` + Service string `json:"Service,omitempty" yaml:"Service,omitempty"` + ListenStream string `json:"ListenStream,omitempty" yaml:"ListenStream,omitempty"` + ListenDatagram string `json:"ListenDatagram,omitempty" yaml:"ListenDatagram,omitempty"` + ListenSequentialPacket string `json:"ListenSequentialPacket,omitempty" yaml:"ListenSequentialPacket,omitempty"` + ListenFifo string `json:"ListenFifo,omitempty" yaml:"ListenFifo,omitempty"` + SocketUser string `json:"SocketUser,omitempty" yaml:"SocketUser,omitempty"` + SocketGroup string `json:"SocketGroup,omitempty" yaml:"SocketGroup,omitempty"` + SocketMode string `json:"SocketMode,omitempty" yaml:"SocketMode,omitempty"` + DirectoryMode string `json:"DirectoryMode,omitempty" yaml:"DirectoryMode,omitempty"` + Accept string `json:"Accept,omitempty" yaml:"Accept,omitempty"` + RuntimeDirectory string `json:"RuntimeDirectory,omitempty" yaml:"RuntimeDirectory,omitempty"` + RemoveOnStop string `json:"RemoveOnStop,omitempty" yaml:"RemoveOnStop,omitempty"` } type InstallSection struct { - RequiredBy []string `json:"RequiredBy,omitempty"` - WantedBy []string `json:"WantedBy,omitempty"` + RequiredBy []string `json:"RequiredBy,omitempty" yaml:"RequiredBy,omitempty"` + WantedBy []string `json:"WantedBy,omitempty" yaml:"WantedBy,omitempty"` } type SystemdUnit struct { - Unit *UnitSection `json:"Unit"` - Service *ServiceSection `json:"Service,omitempty"` - Mount *MountSection `json:"Mount,omitempty"` - Socket *SocketSection `json:"Socket,omitempty"` - Swap *SwapSection `json:"Swap,omitempty"` - Install *InstallSection `json:"Install,omitempty"` + Unit *UnitSection `json:"Unit" yaml:"Unit"` + Service *ServiceSection `json:"Service,omitempty" yaml:"Service,omitempty"` + Mount *MountSection `json:"Mount,omitempty" yaml:"Mount,omitempty"` + Socket *SocketSection `json:"Socket,omitempty" yaml:"Socket,omitempty"` + Swap *SwapSection `json:"Swap,omitempty" yaml:"Swap,omitempty"` + Install *InstallSection `json:"Install,omitempty" yaml:"Install,omitempty"` } type SystemdUnitCreateStageOptions struct { - Filename string `json:"filename"` - UnitType unitType `json:"unit-type,omitempty"` // unitType defined in ./systemd_unit_stage.go - UnitPath SystemdUnitPath `json:"unit-path,omitempty"` - Config SystemdUnit `json:"config"` + Filename string `json:"filename" yaml:"filename"` + UnitType unitType `json:"unit-type,omitempty" yaml:"unit-type,omitempty"` // unitType defined in ./systemd_unit_stage.go + UnitPath SystemdUnitPath `json:"unit-path,omitempty" yaml:"unit-path,omitempty"` + Config SystemdUnit `json:"config" yaml:"config"` } func (SystemdUnitCreateStageOptions) isStageOptions() {} diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/udev_rules_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/udev_rules_stage.go index e4bfaca40..c44b17eef 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/udev_rules_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/udev_rules_stage.go @@ -1,8 +1,11 @@ package osbuild import ( + "encoding/json" "fmt" "regexp" + + "github.com/osbuild/images/internal/common" ) type udevOpType int @@ -134,6 +137,50 @@ type UdevRule interface { isUdevRule() } +func (u *UdevRules) UnmarshalJSON(data []byte) error { + var rawRules []map[string]interface{} + if err := json.Unmarshal(data, &rawRules); err != nil { + return err + } + + var newRules []UdevRule + for _, rawRule := range rawRules { + if v, ok := rawRule["comment"].([]interface{}); ok { + var vs []string + for _, vv := range v { + vs = append(vs, vv.(string)) + } + newRules = append(newRules, NewUdevRuleComment(vs)) + } else if v, ok := rawRule["rule"].([]interface{}); ok { + var vkv []map[string]interface{} + for _, vv := range v { + vkv = append(vkv, vv.(map[string]interface{})) + } + var kvs []UdevKV + for _, rawKV := range vkv { + var k, a, o, v string + k, _ = rawKV["K"].(string) + a, _ = rawKV["A"].(string) + o, _ = rawKV["O"].(string) + v, _ = rawKV["V"].(string) + kvs = append(kvs, UdevKV{ + K: k, + A: a, + O: o, + V: v, + }) + } + newRules = append(newRules, NewUdevRule(kvs)) + } + } + *u = newRules + return nil +} + +func (u *UdevRules) UnmarshalYAML(unmarshal func(any) error) error { + return common.UnmarshalYAMLviaJSON(u, unmarshal) +} + // Comments type UdevRuleComment struct { Comment []string `json:"comment"` diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/waagent_conf.go b/vendor/github.com/osbuild/images/pkg/osbuild/waagent_conf.go index 9d2e45049..95784cc9c 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/waagent_conf.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/waagent_conf.go @@ -1,10 +1,10 @@ package osbuild type WAAgentConfig struct { - ProvisioningUseCloudInit *bool `json:"Provisioning.UseCloudInit,omitempty"` - ProvisioningEnabled *bool `json:"Provisioning.Enabled,omitempty"` - RDFormat *bool `json:"ResourceDisk.Format,omitempty"` - RDEnableSwap *bool `json:"ResourceDisk.EnableSwap,omitempty"` + ProvisioningUseCloudInit *bool `json:"Provisioning.UseCloudInit,omitempty" yaml:"Provisioning.UseCloudInit,omitempty"` + ProvisioningEnabled *bool `json:"Provisioning.Enabled,omitempty" yaml:"Provisioning.Enabled,omitempty"` + RDFormat *bool `json:"ResourceDisk.Format,omitempty" yaml:"ResourceDisk.Format,omitempty"` + RDEnableSwap *bool `json:"ResourceDisk.EnableSwap,omitempty" yaml:"ResourceDisk.EnableSwap,omitempty"` } type WAAgentConfStageOptions struct { diff --git a/vendor/github.com/osbuild/images/pkg/osbuild/yum_repos_stage.go b/vendor/github.com/osbuild/images/pkg/osbuild/yum_repos_stage.go index cf2995e25..a61424c9d 100644 --- a/vendor/github.com/osbuild/images/pkg/osbuild/yum_repos_stage.go +++ b/vendor/github.com/osbuild/images/pkg/osbuild/yum_repos_stage.go @@ -14,17 +14,17 @@ const repoIDRegex = "^[\\w.\\-:]+$" // YumRepository represents a single DNF / YUM repository. type YumRepository struct { Id string `json:"id"` - BaseURLs []string `json:"baseurl,omitempty"` + BaseURLs []string `json:"baseurl,omitempty" yaml:"baseurl,omitempty"` Cost *int `json:"cost,omitempty"` Enabled *bool `json:"enabled,omitempty"` Priority *int `json:"priority,omitempty"` - GPGKey []string `json:"gpgkey,omitempty"` + GPGKey []string `json:"gpgkey,omitempty" yaml:"gpgkey,omitempty"` Metalink string `json:"metalink,omitempty"` Mirrorlist string `json:"mirrorlist,omitempty"` ModuleHotfixes *bool `json:"module_hotfixes,omitempty"` Name string `json:"name,omitempty"` - GPGCheck *bool `json:"gpgcheck,omitempty"` - RepoGPGCheck *bool `json:"repo_gpgcheck,omitempty"` + GPGCheck *bool `json:"gpgcheck,omitempty" yaml:"gpgcheck,omitempty"` + RepoGPGCheck *bool `json:"repo_gpgcheck,omitempty" yaml:"repo_gpgcheck,omitempty"` SSLVerify *bool `json:"sslverify,omitempty"` } diff --git a/vendor/github.com/osbuild/images/pkg/platform/yaml.go b/vendor/github.com/osbuild/images/pkg/platform/yaml.go new file mode 100644 index 000000000..2f9e4dde9 --- /dev/null +++ b/vendor/github.com/osbuild/images/pkg/platform/yaml.go @@ -0,0 +1,62 @@ +package platform + +import ( + "github.com/osbuild/images/pkg/arch" +) + +// PlatformConf is a platform configured from YAML inputs +// that implements the "Platform" interface +type PlatformConf struct { + Arch arch.Arch `yaml:"arch"` + ImageFormat ImageFormat `yaml:"image_format"` + QCOW2Compat string `yaml:"qcow2_compat"` + BIOSPlatform string `yaml:"bios_platform"` + UEFIVendor string `yaml:"uefi_vendor"` + ZiplSupport bool `yaml:"zipl_support"` + // packages are index by an arbitrary string key to + // make them YAML mergable, a good key is e.g. "bios" + // to indicate that these packages are needed for + // bios support + Packages map[string][]string `yaml:"packages"` + BuildPackages map[string][]string `yaml:"build_packages"` + BootFiles [][2]string `yaml:"boot_files"` +} + +// ensure PlatformConf implements the Platform interface +var _ = Platform(&PlatformConf{}) + +func (pc *PlatformConf) GetArch() arch.Arch { + return pc.Arch +} +func (pc *PlatformConf) GetImageFormat() ImageFormat { + return pc.ImageFormat +} +func (pc *PlatformConf) GetQCOW2Compat() string { + return pc.QCOW2Compat +} +func (pc *PlatformConf) GetBIOSPlatform() string { + return pc.BIOSPlatform +} +func (pc *PlatformConf) GetUEFIVendor() string { + return pc.UEFIVendor +} +func (pc *PlatformConf) GetZiplSupport() bool { + return pc.ZiplSupport +} +func (pc *PlatformConf) GetPackages() []string { + var merged []string + for _, pkgList := range pc.Packages { + merged = append(merged, pkgList...) + } + return merged +} +func (pc *PlatformConf) GetBuildPackages() []string { + var merged []string + for _, pkgList := range pc.BuildPackages { + merged = append(merged, pkgList...) + } + return merged +} +func (pc *PlatformConf) GetBootFiles() [][2]string { + return pc.BootFiles +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 259ebcef4..16eecceb8 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1049,7 +1049,7 @@ github.com/oracle/oci-go-sdk/v54/workrequests ## explicit; go 1.22.8 github.com/osbuild/blueprint/internal/common github.com/osbuild/blueprint/pkg/blueprint -# github.com/osbuild/images v0.144.0 +# github.com/osbuild/images v0.148.0 ## explicit; go 1.22.8 github.com/osbuild/images/data/dependencies github.com/osbuild/images/data/repositories