Update osbuild/images v0.59.0

Pulling in: - https://github.com/osbuild/images/pull/650 - https://github.com/osbuild/images/pull/651
2024-05-03 13:38:32 +02:00 · 2024-05-03 13:38:32 +02:00 · cf75093163
commit cf75093163
parent 57f701587d
9 changed files with 357 additions and 22 deletions
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go
@ -524,7 +524,7 @@ func EdgeInstallerImage(workload workload.Workload,

 	img.Product = t.Arch().Distro().Product()
 	img.Variant = "edge"
-	img.OSName = "rhel"
+	img.OSName = "rhel-edge"
 	img.OSVersion = t.Arch().Distro().OsVersion()
 	img.Release = fmt.Sprintf("%s %s", t.Arch().Distro().Product(), t.Arch().Distro().OsVersion())
 	img.FIPS = customizations.GetFIPS()
@ -561,7 +561,7 @@ func EdgeRawImage(workload workload.Workload,
 		URL:        options.OSTree.URL,
 		ContentURL: options.OSTree.ContentURL,
 	}
-	img.OSName = "redhat"
+	img.OSName = "rhel-edge"

 	// TODO: move generation into LiveImage
 	pt, err := t.GetPartitionTable(customizations.GetFilesystems(), options, rng)
@ -603,7 +603,7 @@ func EdgeSimplifiedInstallerImage(workload workload.Workload,
 		URL:        options.OSTree.URL,
 		ContentURL: options.OSTree.ContentURL,
 	}
-	rawImg.OSName = "redhat"
+	rawImg.OSName = "rhel-edge"

 	// TODO: move generation into LiveImage
 	pt, err := t.GetPartitionTable(customizations.GetFilesystems(), options, rng)
@ -641,7 +641,7 @@ func EdgeSimplifiedInstallerImage(workload workload.Workload,
 	d := t.arch.distro
 	img.Product = d.product
 	img.Variant = "edge"
-	img.OSName = "redhat"
+	img.OSName = "rhel-edge"
 	img.OSVersion = d.osVersion

 	installerConfig, err := t.getDefaultInstallerConfig()
@ -708,7 +708,6 @@ func ImageInstallerImage(workload workload.Workload,

 	d := t.arch.distro
 	img.Product = d.product
-	img.OSName = "redhat"
 	img.OSVersion = d.osVersion
 	img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)

--- a/vendor/github.com/osbuild/images/pkg/dnfjson/dnfjson.go
+++ b/vendor/github.com/osbuild/images/pkg/dnfjson/dnfjson.go
@ -50,6 +50,12 @@ type BaseSolver struct {
 // doesn't use libexec.
 func findDepsolveDnf() string {
 	locations := []string{"/usr/libexec/osbuild-depsolve-dnf", "/usr/lib/osbuild/osbuild-depsolve-dnf"}
+
+	// Override the default location
+	testLocation := os.Getenv("OSBUILD_DEPSOLVE_DNF")
+	if len(testLocation) > 0 {
+		locations = []string{testLocation}
+	}
 	for _, djPath := range locations {
 		_, err := os.Stat(djPath)
 		if !os.IsNotExist(err) {
--- a/vendor/github.com/osbuild/images/pkg/manifest/os.go
+++ b/vendor/github.com/osbuild/images/pkg/manifest/os.go
@ -577,6 +577,9 @@ func (p *OS) serialize() osbuild.Pipeline {
 			commands = append(commands, "restorecon -R /root/.gnupg")
 			// execute the rhc post install script as the selinuxenabled check doesn't work in the buildroot container
 			commands = append(commands, "/usr/sbin/semanage permissive --add rhcd_t")
+			if p.OSTreeRef != "" {
+				p.runInsightsClientOnBoot()
+			}
 		} else {
 			commands = []string{fmt.Sprintf("/usr/sbin/subscription-manager register --org=${ORG_ID} --activationkey=${ACTIVATION_KEY} --serverurl %s --baseurl %s", p.Subscription.ServerUrl, p.Subscription.BaseUrl)}

@ -585,6 +588,9 @@ func (p *OS) serialize() osbuild.Pipeline {
 				commands = append(commands, "/usr/bin/insights-client --register")
 				// insights-client creates the .gnupg directory during boot process, and is labeled incorrectly
 				commands = append(commands, "restorecon -R /root/.gnupg")
+				if p.OSTreeRef != "" {
+					p.runInsightsClientOnBoot()
+				}
 			}
 		}

@ -882,3 +888,43 @@ func (p *OS) getInline() []string {

 	return inlineData
 }
+
+// For ostree-based systems, creates a drop-in file for the insights-client
+// service to run on boot and enables the service. This is only meant for
+// ostree-based systems.
+func (p *OS) runInsightsClientOnBoot() {
+	// Insights-client collection must occur at boot time  so
+	// that the current ostree commit hash can be reflected
+	// after upgrade. Otherwise, the upgrade shows as failed in
+	// the console UI.
+	// Add a drop-in file that enables insights-client.service to
+	// run on successful boot.
+	// See https://issues.redhat.com/browse/HMS-4031
+	//
+	// NOTE(akoutsou): drop-in files can normally be created with the
+	// org.osbuild.systemd.unit stage but the stage doesn't support
+	// all the options we need. This is a temporary workaround
+	// until we get the stage updated to support everything we need.
+	icDropinFilepath, icDropinContents := insightsClientDropin()
+	if icDropinDirectory, err := fsnode.NewDirectory(filepath.Dir(icDropinFilepath), nil, "root", "root", true); err == nil {
+		p.Directories = append(p.Directories, icDropinDirectory)
+	}
+	if icDropinFile, err := fsnode.NewFile(icDropinFilepath, nil, "root", "root", []byte(icDropinContents)); err == nil {
+		p.Files = append(p.Files, icDropinFile)
+	} else {
+		panic(err)
+	}
+	// Enable the service now that it's "enable-able"
+	p.EnabledServices = append(p.EnabledServices, "insights-client.service")
+}
+
+// Filename and contents for the insights-client service drop-in.
+// This is a temporary workaround until the org.osbuild.systemd.unit stage
+// gains support for all the options we need.
+func insightsClientDropin() (string, string) {
+	return "/etc/systemd/system/insights-client.service.d/override.conf", `[Unit]
+Requisite=greenboot-healthcheck.service
+After=network-online.target greenboot-healthcheck.service osbuild-first-boot.service
+[Install]
+WantedBy=multi-user.target`
+}
--- a/vendor/github.com/osbuild/images/pkg/manifest/raw_bootc.go
+++ b/vendor/github.com/osbuild/images/pkg/manifest/raw_bootc.go
@ -85,6 +85,39 @@ func (p *RawBootcImage) serializeEnd() {
 	p.containerSpecs = nil
 }

+func buildHomedirPaths(users []users.User) []osbuild.MkdirStagePath {
+	var containsRootUser, containsNormalUser bool
+
+	for _, user := range users {
+		if user.Name == "root" {
+			containsRootUser = true
+		} else {
+			containsNormalUser = true
+		}
+	}
+
+	rootHomePath := osbuild.MkdirStagePath{
+		Path:    "/var/roothome",
+		Mode:    common.ToPtr(os.FileMode(0700)),
+		ExistOk: true,
+	}
+	userHomePath := osbuild.MkdirStagePath{
+		Path:    "/var/home",
+		Mode:    common.ToPtr(os.FileMode(0755)),
+		ExistOk: true,
+	}
+	switch {
+	case containsRootUser && containsNormalUser:
+		return []osbuild.MkdirStagePath{rootHomePath, userHomePath}
+	case containsRootUser:
+		return []osbuild.MkdirStagePath{rootHomePath}
+	case containsNormalUser:
+		return []osbuild.MkdirStagePath{userHomePath}
+	default:
+		return nil
+	}
+}
+
 func (p *RawBootcImage) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()

@ -148,16 +181,12 @@ func (p *RawBootcImage) serialize() osbuild.Pipeline {
 		groupsStage.Devices = devices
 		pipeline.AddStage(groupsStage)
 	}
+
 	if len(p.Users) > 0 {
-		// ensure /var/home is available
+		// ensure home root dir (currently /var/home, /var/roothome) is
+		// available
 		mkdirStage := osbuild.NewMkdirStage(&osbuild.MkdirStageOptions{
-			Paths: []osbuild.MkdirStagePath{
-				{
-					Path:    "/var/home",
-					Mode:    common.ToPtr(os.FileMode(0755)),
-					ExistOk: true,
-				},
-			},
+			Paths: buildHomedirPaths(p.Users),
 		})
 		mkdirStage.Mounts = mounts
 		mkdirStage.Devices = devices