support ignition in edge simplified-installer and raw-image

Signed-off-by: Antonio Murdaca <runcom@linux.com> Signed-off-by: Antonio Murdaca <antoniomurdaca@gmail.com> Signed-off-by: Irene Diez <idiez@redhat.com> Co-authored-by: Irene Diez <idiez@redhat.com> Signed-off-by: Antonio Murdaca <antoniomurdaca@gmail.com>
2022-10-17 13:06:31 +02:00 · 2022-10-17 13:06:31 +02:00 · cca0e773f6
commit cca0e773f6
parent c2b4caaa66
8 changed files with 209 additions and 18 deletions
--- a/internal/distro/rhel9/edge.go
+++ b/internal/distro/rhel9/edge.go
@ -382,6 +382,10 @@ func edgeCommitPackageSet(t *imageType) rpmmd.PackageSet {
 		ps = ps.Append(aarch64EdgeCommitPackageSet(t))
 	}

+	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || !common.VersionLessThan(t.arch.distro.osVersion, "9-stream") {
+		ps.Include = append(ps.Include, "ignition", "ignition-edge", "ssh-key-dir")
+	}
+
 	return ps

 }
--- a/internal/distro/rhel9/images.go
+++ b/internal/distro/rhel9/images.go
@ -5,6 +5,7 @@ import (
 	"math/rand"

 	"github.com/osbuild/osbuild-composer/internal/blueprint"
+	"github.com/osbuild/osbuild-composer/internal/common"
 	"github.com/osbuild/osbuild-composer/internal/container"
 	"github.com/osbuild/osbuild-composer/internal/distro"
 	"github.com/osbuild/osbuild-composer/internal/fdo"
@ -243,6 +244,9 @@ func edgeContainerImage(workload workload.Workload,

 	img.Platform = t.platform
 	img.OSCustomizations = osCustomizations(t, packageSets[osPkgsKey], options, containers, customizations)
+	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || !common.VersionLessThan(t.arch.distro.osVersion, "9-stream") {
+		img.OSCustomizations.EnabledServices = append(img.OSCustomizations.EnabledServices, "ignition-firstboot-complete.service", "coreos-ignition-write-issues", "coreos-ignition-write-issues")
+	}
 	img.ContainerLanguage = img.OSCustomizations.Language
 	img.Environment = t.environment
 	img.Workload = workload
@ -375,6 +379,7 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
 		Checksum:   options.OSTree.FetchChecksum,
 	}
 	rawImg := image.NewOSTreeRawImage(commit)
+	rawImg.Ignition = true

 	rawImg.Users = users.UsersFromBP(customizations.GetUsers())
 	rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())
--- a/internal/image/ostree_raw.go
+++ b/internal/image/ostree_raw.go
@ -36,6 +36,8 @@ type OSTreeRawImage struct {
 	Locale              string

 	Filename string
+
+	Ignition bool
 }

 func NewOSTreeRawImage(commit ostree.CommitSpec) *OSTreeRawImage {
@ -46,7 +48,7 @@ func NewOSTreeRawImage(commit ostree.CommitSpec) *OSTreeRawImage {
 }

 func ostreeCompressedImagePipelines(img *OSTreeRawImage, m *manifest.Manifest, buildPipeline *manifest.Build) *manifest.XZ {
-	osPipeline := manifest.NewOSTreeDeployment(m, buildPipeline, img.Commit, img.OSName, img.Platform)
+	osPipeline := manifest.NewOSTreeDeployment(m, buildPipeline, img.Commit, img.OSName, img.Ignition, img.Platform)
 	osPipeline.PartitionTable = img.PartitionTable
 	osPipeline.Remote = img.Remote
 	osPipeline.KernelOptionsAppend = img.KernelOptionsAppend
--- a/internal/manifest/commit_deployment.go
+++ b/internal/manifest/commit_deployment.go
@ -37,6 +37,9 @@ type OSTreeDeployment struct {
 	platform platform.Platform

 	PartitionTable *disk.PartitionTable
+
+	// Whether ignition is in use or not
+	ignition bool
 }

 // NewOSTreeDeployment creates a pipeline for an ostree deployment from a
@ -45,6 +48,7 @@ func NewOSTreeDeployment(m *Manifest,
 	buildPipeline *Build,
 	commit ostree.CommitSpec,
 	osName string,
+	ignition bool,
 	platform platform.Platform) *OSTreeDeployment {

 	p := &OSTreeDeployment{
@ -52,6 +56,7 @@ func NewOSTreeDeployment(m *Manifest,
 		commit:   commit,
 		osName:   osName,
 		platform: platform,
+		ignition: ignition,
 	}
 	buildPipeline.addDependent(p)
 	m.addPipeline(p)
@ -95,6 +100,14 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 	kernelOpts := osbuild.GenImageKernelOptions(p.PartitionTable)
 	kernelOpts = append(kernelOpts, p.KernelOptionsAppend...)

+	if p.ignition {
+		kernelOpts = append(kernelOpts,
+			"coreos.no_persist_ip", // users cannot add connections as we don't have a live iso, this prevents connections to bleed into the system from the ign initrd
+			"ignition.platform.id=metal",
+			"$ignition_firstboot",
+		)
+	}
+
 	pipeline.AddStage(osbuild.NewOSTreeDeployStage(
 		&osbuild.OSTreeDeployStageOptions{
 			OsName: p.osName,
@ -170,6 +183,10 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 		pipeline.AddStage(grpStage)
 	}

+	if p.ignition {
+		pipeline.AddStage(osbuild.NewIgnitionStage(&osbuild.IgnitionStageOptions{}))
+	}
+
 	// if no root password is set, lock the root account
 	hasRoot := false
 	for _, user := range p.Users {
@ -216,6 +233,7 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 		p.platform.GetBIOSPlatform(),
 		p.platform.GetUEFIVendor(), true)
 	grubOptions.Greenboot = true
+	grubOptions.Ignition = p.ignition
 	grubOptions.Config = &osbuild.GRUB2Config{
 		Default:        "saved",
 		Timeout:        1,
--- a/internal/osbuild/grub2_stage.go
+++ b/internal/osbuild/grub2_stage.go
@ -26,6 +26,7 @@ type GRUB2StageOptions struct {
 	Greenboot          bool         `json:"greenboot,omitempty"`
 	WriteCmdLine       *bool        `json:"write_cmdline,omitempty"`
 	Config             *GRUB2Config `json:"config,omitempty"`
+	Ignition           bool         `json:"ignition,omitempty"`
 }

 type GRUB2UEFI struct {
--- a/internal/osbuild/ignition_stage.go
+++ b/internal/osbuild/ignition_stage.go
@ -5,6 +5,18 @@ import (
 	"fmt"
 )

+type IgnitionStageOptions struct {
+}
+
+func (IgnitionStageOptions) isStageOptions() {}
+
+func NewIgnitionStage(options *IgnitionStageOptions) *Stage {
+	return &Stage{
+		Type:    "org.osbuild.ignition",
+		Options: options,
+	}
+}
+
 type IgnitionStageInputInline struct {
 	InlineFile IgnitionStageInput `json:"inlinefile"`
 }