deps: update osbuild/images to v0.3.0

Bump the required osbuild version to v93 (due to the systemd units
change).

Pin the new osbuild version in Schutzfile.

Update repo snapshots in Schutzfile due to osbuild v93 depending on
new selinux-policy build.

Schutzfile

@@ -2,7 +2,7 @@
   "fedora-37": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -46,14 +46,14 @@
           {
             "title": "updates",
             "name": "updates",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-x86_64-updates-released-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-x86_64-updates-released-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "updates",
             "name": "updates",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-aarch64-updates-released-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-aarch64-updates-released-20230824"
           }
         ]
       },
@@ -63,14 +63,14 @@
           {
             "title": "updates-modular",
             "name": "updates-modular",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-x86_64-updates-released-modular-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-x86_64-updates-released-modular-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "updates-modular",
             "name": "updates-modular",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-aarch64-updates-released-modular-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f37/f37-aarch64-updates-released-modular-20230824"
           }
         ]
       }
@@ -79,7 +79,7 @@
   "fedora-38": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -123,14 +123,14 @@
           {
             "title": "updates",
             "name": "updates",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-x86_64-updates-released-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-x86_64-updates-released-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "updates",
             "name": "updates",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-aarch64-updates-released-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-aarch64-updates-released-20230824"
           }
         ]
       },
@@ -140,14 +140,14 @@
           {
             "title": "updates-modular",
             "name": "updates-modular",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-x86_64-updates-released-modular-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-x86_64-updates-released-modular-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "updates-modular",
             "name": "updates-modular",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-aarch64-updates-released-modular-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/f38/f38-aarch64-updates-released-modular-20230824"
           }
         ]
       }
@@ -156,35 +156,35 @@
   "rhel-8.4": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-8.6": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-8.7": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-8.8": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-8.9": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -194,34 +194,34 @@
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-BaseOS",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-baseos-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-baseos-n8.9-20230824"
           },
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-AppStream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-appstream-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-appstream-n8.9-20230824"
           },
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-CRB",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-crb-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-x86_64-crb-n8.9-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-BaseOS",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-baseos-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-baseos-n8.9-20230824"
           },
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-AppStream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-appstream-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-appstream-n8.9-20230824"
           },
           {
             "title": "RHEL-8-RPMREPO-NIGHTLY-CRB",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-crb-n8.9-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el8/el8-aarch64-crb-n8.9-20230824"
           }
         ]
       }
@@ -230,28 +230,28 @@
   "rhel-9.0": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-9.1": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-9.2": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "rhel-9.3": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -261,34 +261,34 @@
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-BaseOS",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-baseos-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-baseos-n9.3-20230824"
           },
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-AppStream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-appstream-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-appstream-n9.3-20230824"
           },
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-CRB",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-crb-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-x86_64-crb-n9.3-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-BaseOS",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-baseos-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-baseos-n9.3-20230824"
           },
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-AppStream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-appstream-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-appstream-n9.3-20230824"
           },
           {
             "title": "RHEL-9-RPMREPO-NIGHTLY-CRB",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-crb-n9.3-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/rhvpn/el9/el9-aarch64-crb-n9.3-20230824"
           }
         ]
       }
@@ -297,21 +297,21 @@
   "centos-8": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "centos-9": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     }
   },
   "centos-stream-9": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -321,34 +321,34 @@
           {
             "title": "baseos",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-baseos-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-baseos-20230824"
           },
           {
             "title": "appstream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-appstream-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-appstream-20230824"
           },
           {
             "title": "crb",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-crb-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-x86_64-crb-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "baseos",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-baseos-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-baseos-20230824"
           },
           {
             "title": "appstream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-appstream-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-appstream-20230824"
           },
           {
             "title": "crb",
             "name": "crb",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-crb-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el9/cs9-aarch64-crb-20230824"
           }
         ]
       }
@@ -357,7 +357,7 @@
   "centos-stream-8": {
     "dependencies": {
       "osbuild": {
-        "commit": "c90b587dccf5f82e5732b7a264866c3535c066c2"
+        "commit": "433515cff898168b204833941a6d32399152128b"
       }
     },
     "repos": [
@@ -367,14 +367,14 @@
           {
             "title": "baseos",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-baseos-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-baseos-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "baseos",
             "name": "baseos",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-baseos-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-baseos-20230824"
           }
         ]
       },
@@ -384,14 +384,14 @@
           {
             "title": "appstream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-appstream-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-appstream-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "appstream",
             "name": "appstream",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-appstream-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-appstream-20230824"
           }
         ]
       },
@@ -401,14 +401,14 @@
           {
             "title": "powertools",
             "name": "powertools",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-powertools-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-x86_64-powertools-20230824"
           }
         ],
         "aarch64": [
           {
             "title": "powertools",
             "name": "powertoosl",
-            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-powertools-20230801"
+            "baseurl": "https://rpmrepo.osbuild.org/v2/mirror/public/el8/cs8-aarch64-powertools-20230824"
           }
         ]
       }

cmd/osbuild-playground/my-container.go

@@ -57,7 +57,7 @@ func (img *MyContainer) InstantiateManifest(m *manifest.Manifest,
 	os.OSCustomizations.Timezone = "UTC"
 
 	// create an OCI container containing the OS tree created above
-	container := manifest.NewOCIContainer(m, build, os)
+	container := manifest.NewOCIContainer(build, os)
 	artifact := container.Export()
 
 	return artifact, nil

cmd/osbuild-playground/my-image.go

@@ -50,7 +50,7 @@ func (img *MyImage) InstantiateManifest(m *manifest.Manifest,
 	os.KernelName = "kernel" // use the default fedora kernel
 
 	// create a raw image containing the OS tree created above
-	raw := manifest.NewRawImage(m, build, os)
+	raw := manifest.NewRawImage(build, os)
 	artifact := raw.Export()
 
 	return artifact, nil

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/Azure/go-autorest/autorest v0.11.29
 	github.com/Azure/go-autorest/autorest/azure/auth v0.5.12
 	github.com/BurntSushi/toml v1.3.2
-	github.com/aws/aws-sdk-go v1.44.325
+	github.com/aws/aws-sdk-go v1.44.329
 	github.com/coreos/go-semver v0.3.1
 	github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f
 	github.com/deepmap/oapi-codegen v1.8.2
@@ -20,7 +20,7 @@ require (
 	github.com/gobwas/glob v0.2.3
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/go-cmp v0.5.9
-	github.com/google/uuid v1.3.0
+	github.com/google/uuid v1.3.1
 	github.com/gophercloud/gophercloud v1.5.0
 	github.com/hashicorp/go-retryablehttp v0.7.4
 	github.com/jackc/pgtype v1.14.0
@@ -31,7 +31,7 @@ require (
 	github.com/labstack/gommon v0.4.0
 	github.com/openshift-online/ocm-sdk-go v0.1.362
 	github.com/oracle/oci-go-sdk/v54 v54.0.0
-	github.com/osbuild/images v0.0.0-20230817095437-c2aa82cc9a86
+	github.com/osbuild/images v0.3.0
 	github.com/prometheus/client_golang v1.16.0
 	github.com/segmentio/ksuid v1.0.4
 	github.com/sirupsen/logrus v1.9.3
@@ -43,7 +43,7 @@ require (
 	golang.org/x/oauth2 v0.11.0
 	golang.org/x/sync v0.3.0
 	golang.org/x/sys v0.11.0
-	google.golang.org/api v0.137.0
+	google.golang.org/api v0.138.0
 )
 
 require (

go.sum

@@ -100,8 +100,8 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd
 github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go v1.44.325 h1:jF/L99fJSq/BfiLmUOflO/aM+LwcqBm0Fe/qTK5xxuI=
+github.com/aws/aws-sdk-go v1.44.329 h1:Rqy+wYI8h+iq+FphR59KKTsHR1Lz7YiwRqFzWa7xoYU=
-github.com/aws/aws-sdk-go v1.44.325/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aws/aws-sdk-go v1.44.329/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
@@ -347,8 +347,9 @@ github.com/google/s2a-go v0.1.5 h1:8IYp3w9nysqv3JH+NJgXJzGbDHzLOTj43BmSkp+O7qg=
 github.com/google/s2a-go v0.1.5/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4=
+github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/enterprise-certificate-proxy v0.2.5 h1:UR4rDjcgpgEnqpIEvkiqTYKBCKLNmlge2eVjoZfySzM=
 github.com/googleapis/enterprise-certificate-proxy v0.2.5/go.mod h1:RxW0N9901Cko1VOCW3SXCpWP+mlIEkk2tP7jnHy9a3w=
 github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
@@ -580,8 +581,8 @@ github.com/openshift-online/ocm-sdk-go v0.1.362 h1:MoaSMCSzcr8nSK9DBqKmZ9c5e4Cp8
 github.com/openshift-online/ocm-sdk-go v0.1.362/go.mod h1:KYOw8kAKAHyPrJcQoVR82CneQ4ofC02Na4cXXaTq4Nw=
 github.com/oracle/oci-go-sdk/v54 v54.0.0 h1:CDLjeSejv2aDpElAJrhKpi6zvT/zhZCZuXchUUZ+LS4=
 github.com/oracle/oci-go-sdk/v54 v54.0.0/go.mod h1:+t+yvcFGVp+3ZnztnyxqXfQDsMlq8U25faBLa+mqCMc=
-github.com/osbuild/images v0.0.0-20230817095437-c2aa82cc9a86 h1:xBYCeCsCxyt9Iz1CwNOgKJOpQ7Z7CvUzF71JWhXe0t0=
+github.com/osbuild/images v0.3.0 h1:eedZbt/9B8UNVfI8TDfFNqX+Psi9YMOdbA1MXcBPHnk=
-github.com/osbuild/images v0.0.0-20230817095437-c2aa82cc9a86/go.mod h1:CfCCR1ATJF3vyoROU7fw5fmxmhpN4QV+ymCDiPPxlmI=
+github.com/osbuild/images v0.3.0/go.mod h1:lZsi8oJNfk57VRv5zhdrSLmn0z8YPcQzZBxzdHNfZls=
 github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -1058,8 +1059,8 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M
 google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
 google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
 google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
-google.golang.org/api v0.137.0 h1:QrKX6uNvzJLr0Fd3vWVqcyrcmFoYi036VUAsZbiF4+s=
+google.golang.org/api v0.138.0 h1:K/tVp05MxNVbHShRw9m7e9VJGdagNeTdMzqPH7AUqr0=
-google.golang.org/api v0.137.0/go.mod h1:4xyob8CxC+0GChNBvEUAk8VBKNvYOTWM9T3v3UfRxuY=
+google.golang.org/api v0.138.0/go.mod h1:4xyob8CxC+0GChNBvEUAk8VBKNvYOTWM9T3v3UfRxuY=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=

osbuild-composer.spec

@@ -294,10 +294,10 @@ The core osbuild-composer binary. This is suitable both for spawning in containe
 Summary:    The worker for osbuild-composer
 Requires:   systemd
 Requires:   qemu-img
-Requires:   osbuild >= 89
+Requires:   osbuild >= 93
-Requires:   osbuild-ostree >= 89
+Requires:   osbuild-ostree >= 93
-Requires:   osbuild-lvm2 >= 89
+Requires:   osbuild-lvm2 >= 93
-Requires:   osbuild-luks2 >= 89
+Requires:   osbuild-luks2 >= 93
 Requires:   %{name}-dnf-json = %{version}-%{release}
 
 %description worker

vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go

@@ -111,6 +111,15 @@ func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error)
 	if err != nil {
 		return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err)
 	}
+	if createResult.ExpiresIn == nil {
+		return cachedToken{}, fmt.Errorf("missing required field ExpiresIn")
+	}
+	if createResult.AccessToken == nil {
+		return cachedToken{}, fmt.Errorf("missing required field AccessToken")
+	}
+	if createResult.RefreshToken == nil {
+		return cachedToken{}, fmt.Errorf("missing required field RefreshToken")
+	}
 
 	expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second)
 

vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go

@@ -12188,6 +12188,9 @@ var awsPartition = partition{
 					},
 					Deprecated: boxedTrue,
 				},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "me-central-1",
 				}: endpoint{},
@@ -18155,6 +18158,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-northeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-northeast-3",
+				}: endpoint{},
 				endpointKey{
 					Region: "ap-south-1",
 				}: endpoint{},
@@ -18164,6 +18170,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "ap-southeast-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "ap-southeast-4",
+				}: endpoint{},
 				endpointKey{
 					Region: "ca-central-1",
 				}: endpoint{},
@@ -18995,6 +19004,9 @@ var awsPartition = partition{
 					},
 					Deprecated: boxedTrue,
 				},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "me-central-1",
 				}: endpoint{},
@@ -22525,6 +22537,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "eu-west-2",
 				}: endpoint{},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "rekognition-fips.ca-central-1",
 				}: endpoint{
@@ -27933,6 +27948,9 @@ var awsPartition = partition{
 				endpointKey{
 					Region: "eu-west-3",
 				}: endpoint{},
+				endpointKey{
+					Region: "il-central-1",
+				}: endpoint{},
 				endpointKey{
 					Region: "me-central-1",
 				}: endpoint{},
@@ -38667,7 +38685,7 @@ var awsusgovPartition = partition{
 					Region:  "us-gov-east-1",
 					Variant: dualStackVariant,
 				}: endpoint{
-					Hostname: "servicediscovery.us-gov-east-1.amazonaws.com",
+					Hostname: "servicediscovery.us-gov-east-1.api.aws",
 				},
 				endpointKey{
 					Region:  "us-gov-east-1",
@@ -38679,7 +38697,7 @@ var awsusgovPartition = partition{
 					Region:  "us-gov-east-1",
 					Variant: fipsVariant | dualStackVariant,
 				}: endpoint{
-					Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com",
+					Hostname: "servicediscovery-fips.us-gov-east-1.api.aws",
 				},
 				endpointKey{
 					Region: "us-gov-east-1-fips",
@@ -38697,7 +38715,7 @@ var awsusgovPartition = partition{
 					Region:  "us-gov-west-1",
 					Variant: dualStackVariant,
 				}: endpoint{
-					Hostname: "servicediscovery.us-gov-west-1.amazonaws.com",
+					Hostname: "servicediscovery.us-gov-west-1.api.aws",
 				},
 				endpointKey{
 					Region:  "us-gov-west-1",
@@ -38709,7 +38727,7 @@ var awsusgovPartition = partition{
 					Region:  "us-gov-west-1",
 					Variant: fipsVariant | dualStackVariant,
 				}: endpoint{
-					Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com",
+					Hostname: "servicediscovery-fips.us-gov-west-1.api.aws",
 				},
 				endpointKey{
 					Region: "us-gov-west-1-fips",
@@ -40069,6 +40087,9 @@ var awsisoPartition = partition{
 				endpointKey{
 					Region: "us-iso-east-1",
 				}: endpoint{},
+				endpointKey{
+					Region: "us-iso-west-1",
+				}: endpoint{},
 			},
 		},
 		"elasticache": service{
@@ -40412,6 +40433,16 @@ var awsisoPartition = partition{
 				}: endpoint{},
 			},
 		},
+		"resource-groups": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "us-iso-east-1",
+				}: endpoint{},
+				endpointKey{
+					Region: "us-iso-west-1",
+				}: endpoint{},
+			},
+		},
 		"route53": service{
 			PartitionEndpoint: "aws-iso-global",
 			IsRegionalized:    boxedFalse,
@@ -41052,6 +41083,13 @@ var awsisobPartition = partition{
 				}: endpoint{},
 			},
 		},
+		"outposts": service{
+			Endpoints: serviceEndpoints{
+				endpointKey{
+					Region: "us-isob-east-1",
+				}: endpoint{},
+			},
+		},
 		"ram": service{
 			Endpoints: serviceEndpoints{
 				endpointKey{

vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go

@@ -135,6 +135,7 @@ var requiredSignedHeaders = rules{
 			"X-Amz-Request-Payer":                                         struct{}{},
 			"X-Amz-Server-Side-Encryption":                                struct{}{},
 			"X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id":                 struct{}{},
+			"X-Amz-Server-Side-Encryption-Context":                        struct{}{},
 			"X-Amz-Server-Side-Encryption-Customer-Algorithm":             struct{}{},
 			"X-Amz-Server-Side-Encryption-Customer-Key":                   struct{}{},
 			"X-Amz-Server-Side-Encryption-Customer-Key-Md5":               struct{}{},

vendor/github.com/aws/aws-sdk-go/aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.44.325"
+const SDKVersion = "1.44.329"

vendor/github.com/aws/aws-sdk-go/service/ec2/api.go

@@ -12458,7 +12458,6 @@ func (c *EC2) DeleteKeyPairRequest(input *DeleteKeyPairInput) (req *request.Requ
 
 	output = &DeleteKeyPairOutput{}
 	req = c.newRequest(op, input, output)
-	req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
 	return
 }
 
@@ -78827,7 +78826,7 @@ type CreateVpcEndpointInput struct {
 	RouteTableIds []*string `locationName:"RouteTableId" locationNameList:"item" type:"list"`
 
 	// (Interface endpoint) The IDs of the security groups to associate with the
-	// endpoint network interface. If this parameter is not specified, we use the
+	// endpoint network interfaces. If this parameter is not specified, we use the
 	// default security group for the VPC.
 	SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"`
 
@@ -78836,8 +78835,11 @@ type CreateVpcEndpointInput struct {
 	// ServiceName is a required field
 	ServiceName *string `type:"string" required:"true"`
 
+	// The subnet configurations for the endpoint.
+	SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"`
+
 	// (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in
-	// which to create an endpoint network interface. For a Gateway Load Balancer
+	// which to create endpoint network interfaces. For a Gateway Load Balancer
 	// endpoint, you can specify only one subnet.
 	SubnetIds []*string `locationName:"SubnetId" locationNameList:"item" type:"list"`
 
@@ -78943,6 +78945,12 @@ func (s *CreateVpcEndpointInput) SetServiceName(v string) *CreateVpcEndpointInpu
 	return s
 }
 
+// SetSubnetConfigurations sets the SubnetConfigurations field's value.
+func (s *CreateVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *CreateVpcEndpointInput {
+	s.SubnetConfigurations = v
+	return s
+}
+
 // SetSubnetIds sets the SubnetIds field's value.
 func (s *CreateVpcEndpointInput) SetSubnetIds(v []*string) *CreateVpcEndpointInput {
 	s.SubnetIds = v
@@ -82045,6 +82053,12 @@ func (s *DeleteKeyPairInput) SetKeyPairId(v string) *DeleteKeyPairInput {
 
 type DeleteKeyPairOutput struct {
 	_ struct{} `type:"structure"`
+
+	// The ID of the key pair.
+	KeyPairId *string `locationName:"keyPairId" type:"string"`
+
+	// Is true if the request succeeds, and an error otherwise.
+	Return *bool `locationName:"return" type:"boolean"`
 }
 
 // String returns the string representation.
@@ -82065,6 +82079,18 @@ func (s DeleteKeyPairOutput) GoString() string {
 	return s.String()
 }
 
+// SetKeyPairId sets the KeyPairId field's value.
+func (s *DeleteKeyPairOutput) SetKeyPairId(v string) *DeleteKeyPairOutput {
+	s.KeyPairId = &v
+	return s
+}
+
+// SetReturn sets the Return field's value.
+func (s *DeleteKeyPairOutput) SetReturn(v bool) *DeleteKeyPairOutput {
+	s.Return = &v
+	return s
+}
+
 type DeleteLaunchTemplateInput struct {
 	_ struct{} `type:"structure"`
 
@@ -148163,7 +148189,7 @@ type ModifyVpcEndpointInput struct {
 	AddRouteTableIds []*string `locationName:"AddRouteTableId" locationNameList:"item" type:"list"`
 
 	// (Interface endpoint) The IDs of the security groups to associate with the
-	// network interface.
+	// endpoint network interfaces.
 	AddSecurityGroupIds []*string `locationName:"AddSecurityGroupId" locationNameList:"item" type:"list"`
 
 	// (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in
@@ -148195,7 +148221,7 @@ type ModifyVpcEndpointInput struct {
 	RemoveRouteTableIds []*string `locationName:"RemoveRouteTableId" locationNameList:"item" type:"list"`
 
 	// (Interface endpoint) The IDs of the security groups to disassociate from
-	// the network interface.
+	// the endpoint network interfaces.
 	RemoveSecurityGroupIds []*string `locationName:"RemoveSecurityGroupId" locationNameList:"item" type:"list"`
 
 	// (Interface endpoint) The IDs of the subnets from which to remove the endpoint.
@@ -148205,6 +148231,9 @@ type ModifyVpcEndpointInput struct {
 	// policy. The default policy allows full access to the service.
 	ResetPolicy *bool `type:"boolean"`
 
+	// The subnet configurations for the endpoint.
+	SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"`
+
 	// The ID of the endpoint.
 	//
 	// VpcEndpointId is a required field
@@ -148314,6 +148343,12 @@ func (s *ModifyVpcEndpointInput) SetResetPolicy(v bool) *ModifyVpcEndpointInput
 	return s
 }
 
+// SetSubnetConfigurations sets the SubnetConfigurations field's value.
+func (s *ModifyVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *ModifyVpcEndpointInput {
+	s.SubnetConfigurations = v
+	return s
+}
+
 // SetVpcEndpointId sets the VpcEndpointId field's value.
 func (s *ModifyVpcEndpointInput) SetVpcEndpointId(v string) *ModifyVpcEndpointInput {
 	s.VpcEndpointId = &v
@@ -171813,6 +171848,68 @@ func (s *SubnetCidrReservation) SetTags(v []*Tag) *SubnetCidrReservation {
 	return s
 }
 
+// Describes the configuration of a subnet for a VPC endpoint.
+type SubnetConfiguration struct {
+	_ struct{} `type:"structure"`
+
+	// The IPv4 address to assign to the endpoint network interface in the subnet.
+	// You must provide an IPv4 address if the VPC endpoint supports IPv4.
+	//
+	// If you specify an IPv4 address when modifying a VPC endpoint, we replace
+	// the existing endpoint network interface with a new endpoint network interface
+	// with this IP address. This process temporarily disconnects the subnet and
+	// the VPC endpoint.
+	Ipv4 *string `type:"string"`
+
+	// The IPv6 address to assign to the endpoint network interface in the subnet.
+	// You must provide an IPv6 address if the VPC endpoint supports IPv6.
+	//
+	// If you specify an IPv6 address when modifying a VPC endpoint, we replace
+	// the existing endpoint network interface with a new endpoint network interface
+	// with this IP address. This process temporarily disconnects the subnet and
+	// the VPC endpoint.
+	Ipv6 *string `type:"string"`
+
+	// The ID of the subnet.
+	SubnetId *string `type:"string"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s SubnetConfiguration) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s SubnetConfiguration) GoString() string {
+	return s.String()
+}
+
+// SetIpv4 sets the Ipv4 field's value.
+func (s *SubnetConfiguration) SetIpv4(v string) *SubnetConfiguration {
+	s.Ipv4 = &v
+	return s
+}
+
+// SetIpv6 sets the Ipv6 field's value.
+func (s *SubnetConfiguration) SetIpv6(v string) *SubnetConfiguration {
+	s.Ipv6 = &v
+	return s
+}
+
+// SetSubnetId sets the SubnetId field's value.
+func (s *SubnetConfiguration) SetSubnetId(v string) *SubnetConfiguration {
+	s.SubnetId = &v
+	return s
+}
+
 // Describes an association between a subnet and an IPv6 CIDR block.
 type SubnetIpv6CidrBlockAssociation struct {
 	_ struct{} `type:"structure"`

vendor/github.com/google/uuid/.travis.yml

@@ -1,9 +0,0 @@
-language: go
-
-go:
-  - 1.4.3
-  - 1.5.3
-  - tip
-
-script:
-  - go test -v ./...

vendor/github.com/google/uuid/CHANGELOG.md

@@ -0,0 +1,10 @@
+# Changelog
+
+## [1.3.1](https://github.com/google/uuid/compare/v1.3.0...v1.3.1) (2023-08-18)
+
+
+### Bug Fixes
+
+* Use .EqualFold() to parse urn prefixed UUIDs ([#118](https://github.com/google/uuid/issues/118)) ([574e687](https://github.com/google/uuid/commit/574e6874943741fb99d41764c705173ada5293f0))
+
+## Changelog

vendor/github.com/google/uuid/CONTRIBUTING.md

@@ -2,6 +2,22 @@
 
 We definitely welcome patches and contribution to this project!
 
+### Tips
+
+Commits must be formatted according to the [Conventional Commits Specification](https://www.conventionalcommits.org).
+
+Always try to include a test case! If it is not possible or not necessary,
+please explain why in the pull request description.
+
+### Releasing
+
+Commits that would precipitate a SemVer change, as desrcibed in the Conventional
+Commits Specification, will trigger [`release-please`](https://github.com/google-github-actions/release-please-action)
+to create a release candidate pull request. Once submitted, `release-please`
+will create a release.
+
+For tips on how to work with `release-please`, see its documentation.
+
 ### Legal requirements
 
 In order to protect both you and ourselves, you will need to sign the

vendor/github.com/google/uuid/README.md

@@ -1,6 +1,6 @@
-# uuid ![build status](https://travis-ci.org/google/uuid.svg?branch=master)
+# uuid
 The uuid package generates and inspects UUIDs based on
-[RFC 4122](http://tools.ietf.org/html/rfc4122)
+[RFC 4122](https://datatracker.ietf.org/doc/html/rfc4122)
 and DCE 1.1: Authentication and Security Services. 
 
 This package is based on the github.com/pborman/uuid package (previously named
@@ -9,10 +9,12 @@ a UUID is a 16 byte array rather than a byte slice.  One loss due to this
 change is the ability to represent an invalid UUID (vs a NIL UUID).
 
 ###### Install
-`go get github.com/google/uuid`
+```sh
+go get github.com/google/uuid
+```
 
 ###### Documentation 
-[![GoDoc](https://godoc.org/github.com/google/uuid?status.svg)](http://godoc.org/github.com/google/uuid)
+[![Go Reference](https://pkg.go.dev/badge/github.com/google/uuid.svg)](https://pkg.go.dev/github.com/google/uuid)
 
 Full `go doc` style documentation for the package can be viewed online without
 installing this package by using the GoDoc site here: 

vendor/github.com/google/uuid/node_js.go

@@ -7,6 +7,6 @@
 package uuid
 
 // getHardwareInterface returns nil values for the JS version of the code.
-// This remvoves the "net" dependency, because it is not used in the browser.
+// This removes the "net" dependency, because it is not used in the browser.
 // Using the "net" library inflates the size of the transpiled JS code by 673k bytes.
 func getHardwareInterface(name string) (string, []byte) { return "", nil }

vendor/github.com/google/uuid/uuid.go

@@ -69,7 +69,7 @@ func Parse(s string) (UUID, error) {
 
 	// urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 	case 36 + 9:
-		if strings.ToLower(s[:9]) != "urn:uuid:" {
+		if !strings.EqualFold(s[:9], "urn:uuid:") {
 			return uuid, fmt.Errorf("invalid urn prefix: %q", s[:9])
 		}
 		s = s[9:]
@@ -101,7 +101,8 @@ func Parse(s string) (UUID, error) {
 		9, 11,
 		14, 16,
 		19, 21,
-		24, 26, 28, 30, 32, 34} {
+		24, 26, 28, 30, 32, 34,
+	} {
 		v, ok := xtob(s[x], s[x+1])
 		if !ok {
 			return uuid, errors.New("invalid UUID format")
@@ -117,7 +118,7 @@ func ParseBytes(b []byte) (UUID, error) {
 	switch len(b) {
 	case 36: // xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 	case 36 + 9: // urn:uuid:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
-		if !bytes.Equal(bytes.ToLower(b[:9]), []byte("urn:uuid:")) {
+		if !bytes.EqualFold(b[:9], []byte("urn:uuid:")) {
 			return uuid, fmt.Errorf("invalid urn prefix: %q", b[:9])
 		}
 		b = b[9:]
@@ -145,7 +146,8 @@ func ParseBytes(b []byte) (UUID, error) {
 		9, 11,
 		14, 16,
 		19, 21,
-		24, 26, 28, 30, 32, 34} {
+		24, 26, 28, 30, 32, 34,
+	} {
 		v, ok := xtob(b[x], b[x+1])
 		if !ok {
 			return uuid, errors.New("invalid UUID format")

vendor/github.com/osbuild/images/pkg/distro/fedora/distro.go

@@ -157,6 +157,27 @@ var (
 		exports:          []string{"bootiso"},
 	}
 
+	iotSimplifiedInstallerImgType = imageType{
+		name:     "iot-simplified-installer",
+		filename: "simplified-installer.iso",
+		mimeType: "application/x-iso9660-image",
+		packageSets: map[string]packageSetFunc{
+			installerPkgsKey: iotSimplifiedInstallerPackageSet,
+		},
+		defaultImageConfig: &distro.ImageConfig{
+			EnabledServices: iotServices,
+		},
+		defaultSize:         10 * common.GibiByte,
+		rpmOstree:           true,
+		bootable:            true,
+		bootISO:             true,
+		image:               iotSimplifiedInstallerImage,
+		buildPipelines:      []string{"build"},
+		payloadPipelines:    []string{"ostree-deployment", "image", "xz", "coi-tree", "efiboot-tree", "bootiso-tree", "bootiso"},
+		exports:             []string{"bootiso"},
+		basePartitionTables: iotSimplifiedInstallerPartitionTables,
+	}
+
 	iotRawImgType = imageType{
 		name:        "iot-raw-image",
 		nameAliases: []string{"fedora-iot-raw-image"},
@@ -170,7 +191,7 @@ var (
 		defaultSize:         4 * common.GibiByte,
 		rpmOstree:           true,
 		bootable:            true,
-		image:               iotRawImage,
+		image:               iotImage,
 		buildPipelines:      []string{"build"},
 		payloadPipelines:    []string{"ostree-deployment", "image", "xz"},
 		exports:             []string{"xz"},
@@ -182,6 +203,24 @@ var (
 		requiredPartitionSizes: map[string]uint64{},
 	}
 
+	iotQcow2ImgType = imageType{
+		name:        "iot-qcow2-image",
+		filename:    "image.qcow2",
+		mimeType:    "application/x-qemu-disk",
+		packageSets: map[string]packageSetFunc{},
+		defaultImageConfig: &distro.ImageConfig{
+			Locale: common.ToPtr("en_US.UTF-8"),
+		},
+		defaultSize:         10 * common.GibiByte,
+		rpmOstree:           true,
+		bootable:            true,
+		image:               iotImage,
+		buildPipelines:      []string{"build"},
+		payloadPipelines:    []string{"ostree-deployment", "image", "qcow2"},
+		exports:             []string{"qcow2"},
+		basePartitionTables: iotBasePartitionTables,
+	}
+
 	qcow2ImgType = imageType{
 		name:     "qcow2",
 		filename: "disk.qcow2",
@@ -604,18 +643,10 @@ func newDistro(version int) distro.Distro {
 		&platform.X86{
 			BasePlatform: platform.BasePlatform{
 				FirmwarePackages: []string{
-					"microcode_ctl", // ??
+					"biosdevname",
-					"iwl1000-firmware",
+					"iwlwifi-dvm-firmware",
-					"iwl100-firmware",
+					"iwlwifi-mvm-firmware",
-					"iwl105-firmware",
+					"microcode_ctl",
-					"iwl135-firmware",
-					"iwl2000-firmware",
-					"iwl2030-firmware",
-					"iwl3160-firmware",
-					"iwl5000-firmware",
-					"iwl5150-firmware",
-					"iwl6000-firmware",
-					"iwl6050-firmware",
 				},
 			},
 			BIOS:       true,
@@ -637,6 +668,16 @@ func newDistro(version int) distro.Distro {
 		},
 		iotRawImgType,
 	)
+	x86_64.addImageTypes(
+		&platform.X86{
+			BasePlatform: platform.BasePlatform{
+				ImageFormat: platform.FORMAT_QCOW2,
+			},
+			BIOS:       false,
+			UEFIVendor: "fedora",
+		},
+		iotQcow2ImgType,
+	)
 	aarch64.addImageTypes(
 		&platform.Aarch64{
 			UEFIVendor: "fedora",
@@ -654,8 +695,9 @@ func newDistro(version int) distro.Distro {
 				QCOW2Compat: "1.1",
 			},
 		},
-		qcow2ImgType,
+		iotQcow2ImgType,
 		ociImgType,
+		qcow2ImgType,
 	)
 	aarch64.addImageTypes(
 		&platform.Aarch64{
@@ -674,17 +716,18 @@ func newDistro(version int) distro.Distro {
 		&platform.Aarch64{
 			BasePlatform: platform.BasePlatform{
 				FirmwarePackages: []string{
-					"uboot-images-armv8", // ??
-					"bcm283x-firmware",
 					"arm-image-installer", // ??
+					"bcm283x-firmware",
+					"iwl7260-firmware",
+					"uboot-images-armv8", // ??
 				},
 			},
 			UEFIVendor: "fedora",
 		},
-		iotCommitImgType,
-		iotOCIImgType,
-		iotInstallerImgType,
 		imageInstallerImgType,
+		iotCommitImgType,
+		iotInstallerImgType,
+		iotOCIImgType,
 		liveInstallerImgType,
 	)
 	aarch64.addImageTypes(
@@ -747,6 +790,51 @@ func newDistro(version int) distro.Distro {
 		minimalrawImgType,
 	)
 
+	if !common.VersionLessThan(rd.Releasever(), "38") {
+		// iot simplified installer was introduced in F38
+		x86_64.addImageTypes(
+			&platform.X86{
+				BasePlatform: platform.BasePlatform{
+					ImageFormat: platform.FORMAT_RAW,
+					FirmwarePackages: []string{
+						"grub2-efi-x64-cdboot",
+						"grub2-pc",
+						"grub2-pc-modules",
+						"grub2-tools",
+						"grub2-tools-extra",
+						"grub2-tools-minimal",
+						"iwlwifi-dvm-firmware",
+						"iwlwifi-mvm-firmware",
+						"microcode_ctl",
+						"syslinux",
+						"syslinux-nonlinux",
+					},
+				},
+				BIOS:       false,
+				UEFIVendor: "fedora",
+			},
+			iotSimplifiedInstallerImgType,
+		)
+		aarch64.addImageTypes(
+			&platform.Aarch64{
+				BasePlatform: platform.BasePlatform{
+					FirmwarePackages: []string{
+						"arm-image-installer",
+						"bcm283x-firmware",
+						"grub2-efi-aa64",
+						"grub2-efi-aa64-cdboot",
+						"grub2-tools",
+						"grub2-tools-extra",
+						"grub2-tools-minimal",
+						"uboot-images-armv8",
+					},
+				},
+				UEFIVendor: "fedora",
+			},
+			iotSimplifiedInstallerImgType,
+		)
+	}
+
 	rd.addArches(x86_64, aarch64)
 	return &rd
 }

vendor/github.com/osbuild/images/pkg/distro/fedora/images.go

@@ -3,9 +3,10 @@ package fedora
 import (
 	"fmt"
 	"math/rand"
-	"strings"
 
 	"github.com/osbuild/images/internal/common"
+	"github.com/osbuild/images/internal/fdo"
+	"github.com/osbuild/images/internal/ignition"
 	"github.com/osbuild/images/internal/oscap"
 	"github.com/osbuild/images/internal/users"
 	"github.com/osbuild/images/internal/workload"
@@ -16,6 +17,7 @@ import (
 	"github.com/osbuild/images/pkg/manifest"
 	"github.com/osbuild/images/pkg/osbuild"
 	"github.com/osbuild/images/pkg/ostree"
+	"github.com/osbuild/images/pkg/platform"
 	"github.com/osbuild/images/pkg/rpmmd"
 )
 
@@ -311,7 +313,7 @@ func imageInstallerImage(workload workload.Workload,
 
 	// Enable anaconda-webui for Fedora > 38
 	distro := t.Arch().Distro()
-	if strings.HasPrefix(distro.Name(), "fedora") && !common.VersionLessThan(distro.Releasever(), "38") {
+	if !common.VersionLessThan(distro.Releasever(), "38") {
 		img.AdditionalAnacondaModules = []string{
 			"org.fedoraproject.Anaconda.Modules.Security",
 			"org.fedoraproject.Anaconda.Modules.Timezone",
@@ -354,12 +356,31 @@ func iotCommitImage(workload workload.Workload,
 	parentCommit, commitRef := makeOSTreeParentCommit(options.OSTree, t.OSTreeRef())
 	img := image.NewOSTreeArchive(commitRef)
 
+	d := t.arch.distro
+
 	img.Platform = t.platform
 	img.OSCustomizations = osCustomizations(t, packageSets[osPkgsKey], containers, customizations)
+	if !common.VersionLessThan(d.Releasever(), "38") {
+		// see https://github.com/ostreedev/ostree/issues/2840
+		img.OSCustomizations.Presets = []osbuild.Preset{
+			{
+				Name:  "ignition-firstboot-complete.service",
+				State: osbuild.StateEnable,
+			},
+			{
+				Name:  "coreos-ignition-write-issues.service",
+				State: osbuild.StateEnable,
+			},
+			{
+				Name:  "fdo-client-linuxapp.service",
+				State: osbuild.StateEnable,
+			},
+		}
+	}
 	img.Environment = t.environment
 	img.Workload = workload
 	img.OSTreeParent = parentCommit
-	img.OSVersion = t.arch.distro.osVersion
+	img.OSVersion = d.osVersion
 	img.Filename = t.Filename()
 	img.InstallWeakDeps = false
 
@@ -376,14 +397,31 @@ func iotContainerImage(workload workload.Workload,
 
 	parentCommit, commitRef := makeOSTreeParentCommit(options.OSTree, t.OSTreeRef())
 	img := image.NewOSTreeContainer(commitRef)
-
+	d := t.arch.distro
 	img.Platform = t.platform
 	img.OSCustomizations = osCustomizations(t, packageSets[osPkgsKey], containers, customizations)
+	if !common.VersionLessThan(d.Releasever(), "38") {
+		// see https://github.com/ostreedev/ostree/issues/2840
+		img.OSCustomizations.Presets = []osbuild.Preset{
+			{
+				Name:  "ignition-firstboot-complete.service",
+				State: osbuild.StateEnable,
+			},
+			{
+				Name:  "coreos-ignition-write-issues.service",
+				State: osbuild.StateEnable,
+			},
+			{
+				Name:  "fdo-client-linuxapp.service",
+				State: osbuild.StateEnable,
+			},
+		}
+	}
 	img.ContainerLanguage = img.OSCustomizations.Language
 	img.Environment = t.environment
 	img.Workload = workload
 	img.OSTreeParent = parentCommit
-	img.OSVersion = t.arch.distro.osVersion
+	img.OSVersion = d.osVersion
 	img.ExtraContainerPackages = packageSets[containerPkgsKey]
 	img.Filename = t.Filename()
 
@@ -431,7 +469,7 @@ func iotInstallerImage(workload workload.Workload,
 	return img, nil
 }
 
-func iotRawImage(workload workload.Workload,
+func iotImage(workload workload.Workload,
 	t *imageType,
 	customizations *blueprint.Customizations,
 	options distro.ImageOptions,
@@ -443,14 +481,9 @@ func iotRawImage(workload workload.Workload,
 	if err != nil {
 		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
 	}
+	img := image.NewOSTreeDiskImage(commit)
 
-	img := image.NewOSTreeRawImage(commit)
-
-	// Set sysroot read-only only for Fedora 37+
 	distro := t.Arch().Distro()
-	if strings.HasPrefix(distro.Name(), "fedora") && !common.VersionLessThan(distro.Releasever(), "37") {
-		img.SysrootReadOnly = true
-	}
 
 	img.Users = users.UsersFromBP(customizations.GetUsers())
 	img.Groups = users.GroupsFromBP(customizations.GetGroups())
@@ -464,12 +497,13 @@ func iotRawImage(workload workload.Workload,
 		return nil, err
 	}
 
-	// "rw" kernel option is required when /sysroot is mounted read-only to
+	img.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
-	// keep stateful parts of the filesystem writeable (/var/ and /etc)
-	img.KernelOptionsAppend = []string{"modprobe.blacklist=vc4", "rw"}
 	img.Keyboard = "us"
 	img.Locale = "C.UTF-8"
 
+	img.SysrootReadOnly = true
+	img.KernelOptionsAppend = append(img.KernelOptionsAppend, "rw")
+
 	img.Platform = t.platform
 	img.Workload = workload
 
@@ -481,6 +515,23 @@ func iotRawImage(workload workload.Workload,
 	}
 	img.OSName = "fedora-iot"
 
+	if !common.VersionLessThan(distro.Releasever(), "38") {
+		img.Ignition = true
+		switch img.Platform.GetImageFormat() {
+		case platform.FORMAT_RAW:
+			img.IgnitionPlatform = "metal"
+			if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
+				img.KernelOptionsAppend = append(img.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
+			}
+		case platform.FORMAT_QCOW2:
+			img.IgnitionPlatform = "qemu"
+		}
+	}
+
+	if kopts := customizations.GetKernel(); kopts != nil && kopts.Append != "" {
+		img.KernelOptionsAppend = append(img.KernelOptionsAppend, kopts.Append)
+	}
+
 	// TODO: move generation into LiveImage
 	pt, err := t.getPartitionTable(customizations.GetFilesystems(), options, rng)
 	if err != nil {
@@ -494,6 +545,90 @@ func iotRawImage(workload workload.Workload,
 	return img, nil
 }
 
+func iotSimplifiedInstallerImage(workload workload.Workload,
+	t *imageType,
+	customizations *blueprint.Customizations,
+	options distro.ImageOptions,
+	packageSets map[string]rpmmd.PackageSet,
+	containers []container.SourceSpec,
+	rng *rand.Rand) (image.ImageKind, error) {
+
+	commit, err := makeOSTreePayloadCommit(options.OSTree, t.OSTreeRef())
+	if err != nil {
+		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
+	}
+	rawImg := image.NewOSTreeDiskImage(commit)
+
+	rawImg.Users = users.UsersFromBP(customizations.GetUsers())
+	rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())
+
+	rawImg.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
+	rawImg.Keyboard = "us"
+	rawImg.Locale = "C.UTF-8"
+	if !common.VersionLessThan(t.arch.distro.osVersion, "38") {
+		rawImg.SysrootReadOnly = true
+		rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, "rw")
+	}
+
+	rawImg.Platform = t.platform
+	rawImg.Workload = workload
+	rawImg.Remote = ostree.Remote{
+		Name:       "fedora-iot",
+		URL:        options.OSTree.URL,
+		ContentURL: options.OSTree.ContentURL,
+	}
+	rawImg.OSName = "fedora"
+
+	if !common.VersionLessThan(t.arch.distro.osVersion, "38") {
+		rawImg.Ignition = true
+		rawImg.IgnitionPlatform = "metal"
+		if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
+			rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
+		}
+	}
+
+	// TODO: move generation into LiveImage
+	pt, err := t.getPartitionTable(customizations.GetFilesystems(), options, rng)
+	if err != nil {
+		return nil, err
+	}
+	rawImg.PartitionTable = pt
+
+	rawImg.Filename = t.Filename()
+
+	if kopts := customizations.GetKernel(); kopts != nil && kopts.Append != "" {
+		rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, kopts.Append)
+	}
+
+	img := image.NewOSTreeSimplifiedInstaller(rawImg, customizations.InstallationDevice)
+	img.ExtraBasePackages = packageSets[installerPkgsKey]
+	// img.Workload = workload
+	img.Platform = t.platform
+	img.Filename = t.Filename()
+	if bpFDO := customizations.GetFDO(); bpFDO != nil {
+		img.FDO = fdo.FromBP(*bpFDO)
+	}
+	// ignition configs from blueprint
+	if bpIgnition := customizations.GetIgnition(); bpIgnition != nil {
+		if bpIgnition.Embedded != nil {
+			var err error
+			img.IgnitionEmbedded, err = ignition.EmbeddedOptionsFromBP(*bpIgnition.Embedded)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
+	d := t.arch.distro
+	img.ISOLabelTempl = d.isolabelTmpl
+	img.Product = d.product
+	img.Variant = "iot"
+	img.OSName = "fedora"
+	img.OSVersion = d.osVersion
+
+	return img, nil
+}
+
 // Create an ostree SourceSpec to define an ostree parent commit using the user
 // options and the default ref for the image type.  Additionally returns the
 // ref to be used for the new commit to be created.

vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go

@@ -257,7 +257,7 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
 		}
 	}
 
-	if t.name == "iot-raw-image" {
+	if t.name == "iot-raw-image" || t.name == "iot-qcow2-image" {
 		allowed := []string{"User", "Group", "Directories", "Files", "Services"}
 		if err := customizations.CheckAllowed(allowed...); err != nil {
 			return nil, fmt.Errorf("unsupported blueprint customizations found for image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
@@ -265,10 +265,48 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
 		// TODO: consider additional checks, such as those in "edge-simplified-installer" in RHEL distros
 	}
 
-	// BootISO's have limited support for customizations.
+	// BootISOs have limited support for customizations.
 	// TODO: Support kernel name selection for image-installer
 	if t.bootISO {
-		if t.name == "iot-installer" || t.name == "image-installer" {
+		if t.name == "iot-simplified-installer" {
+			allowed := []string{"InstallationDevice", "FDO", "Ignition", "Kernel", "User", "Group"}
+			if err := customizations.CheckAllowed(allowed...); err != nil {
+				return nil, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))
+			}
+			if customizations.GetInstallationDevice() == "" {
+				return nil, fmt.Errorf("boot ISO image type %q requires specifying an installation device to install to", t.name)
+			}
+
+			// FDO is optional, but when specified has some restrictions
+			if customizations.GetFDO() != nil {
+				if customizations.GetFDO().ManufacturingServerURL == "" {
+					return nil, fmt.Errorf("boot ISO image type %q requires specifying FDO.ManufacturingServerURL configuration to install to when using FDO", t.name)
+				}
+				var diunSet int
+				if customizations.GetFDO().DiunPubKeyHash != "" {
+					diunSet++
+				}
+				if customizations.GetFDO().DiunPubKeyInsecure != "" {
+					diunSet++
+				}
+				if customizations.GetFDO().DiunPubKeyRootCerts != "" {
+					diunSet++
+				}
+				if diunSet != 1 {
+					return nil, fmt.Errorf("boot ISO image type %q requires specifying one of [FDO.DiunPubKeyHash,FDO.DiunPubKeyInsecure,FDO.DiunPubKeyRootCerts] configuration to install to when using FDO", t.name)
+				}
+			}
+
+			// ignition is optional, we might be using FDO
+			if customizations.GetIgnition() != nil {
+				if customizations.GetIgnition().Embedded != nil && customizations.GetIgnition().FirstBoot != nil {
+					return nil, fmt.Errorf("both ignition embedded and firstboot configurations found")
+				}
+				if customizations.GetIgnition().FirstBoot != nil && customizations.GetIgnition().FirstBoot.ProvisioningURL == "" {
+					return nil, fmt.Errorf("ignition.firstboot requires a provisioning url")
+				}
+			}
+		} else if t.name == "iot-installer" || t.name == "image-installer" {
 			allowed := []string{"User", "Group"}
 			if err := customizations.CheckAllowed(allowed...); err != nil {
 				return nil, fmt.Errorf("unsupported blueprint customizations found for boot ISO image type %q: (allowed: %s)", t.name, strings.Join(allowed, ", "))

vendor/github.com/osbuild/images/pkg/distro/fedora/package_sets.go

@@ -180,7 +180,10 @@ func iotCommitPackageSet(t *imageType) rpmmd.PackageSet {
 	if !common.VersionLessThan(t.arch.distro.osVersion, "38") {
 		ps = ps.Append(rpmmd.PackageSet{
 			Include: []string{
-				"fdo-client", // added in F38
+				"fdo-client",
+				"fdo-owner-cli",
+				"ignition-edge",
+				"ssh-key-dir",
 			},
 		})
 	}
@@ -539,3 +542,54 @@ func minimalrpmPackageSet(t *imageType) rpmmd.PackageSet {
 		},
 	}
 }
+
+func iotSimplifiedInstallerPackageSet(t *imageType) rpmmd.PackageSet {
+	// common installer packages
+	ps := installerPackageSet(t)
+
+	ps = ps.Append(rpmmd.PackageSet{
+		Include: []string{
+			"attr",
+			"basesystem",
+			"binutils",
+			"bsdtar",
+			"clevis-dracut",
+			"clevis-luks",
+			"cloud-utils-growpart",
+			"coreos-installer",
+			"coreos-installer-dracut",
+			"coreutils",
+			"device-mapper-multipath",
+			"dnsmasq",
+			"dosfstools",
+			"dracut-live",
+			"e2fsprogs",
+			"fcoe-utils",
+			"fdo-init",
+			"fedora-logos",
+			"gdisk",
+			"gzip",
+			"ima-evm-utils",
+			"iproute",
+			"iptables",
+			"iputils",
+			"iscsi-initiator-utils",
+			"keyutils",
+			"lldpad",
+			"lvm2",
+			"mdadm",
+			"nss-softokn",
+			"passwd",
+			"policycoreutils",
+			"policycoreutils-python-utils",
+			"procps-ng",
+			"rootfiles",
+			"setools-console",
+			"sudo",
+			"traceroute",
+			"util-linux",
+		},
+	})
+
+	return ps
+}

vendor/github.com/osbuild/images/pkg/distro/fedora/partition_tables.go

@@ -13,13 +13,13 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size:     1 * common.MebiByte, // 1MB
+				Size:     1 * common.MebiByte,
 				Bootable: true,
 				Type:     disk.BIOSBootPartitionGUID,
 				UUID:     disk.BIOSBootPartitionUUID,
 			},
 			{
-				Size: 200 * common.MebiByte, // 200 MB
+				Size: 200 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -33,7 +33,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -46,7 +46,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -65,7 +65,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size: 200 * common.MebiByte, // 200 MB
+				Size: 200 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -79,7 +79,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -92,7 +92,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -114,7 +114,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size: 501 * common.MebiByte, // 501 MiB
+				Size: 501 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -128,7 +128,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 1 * common.GibiByte, // 1 GiB
+				Size: 1 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -141,7 +141,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2569 * common.MebiByte, // 2.5 GiB
+				Size: 2569 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -160,7 +160,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "dos",
 		Partitions: []disk.Partition{
 			{
-				Size:     501 * common.MebiByte, // 501 MiB
+				Size:     501 * common.MebiByte,
 				Type:     "06",
 				Bootable: true,
 				Payload: &disk.Filesystem{
@@ -174,7 +174,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 1 * common.GibiByte, // 1 GiB
+				Size: 1 * common.GibiByte,
 				Type: "83",
 				Payload: &disk.Filesystem{
 					Type:         "ext4",
@@ -186,7 +186,7 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2569 * common.MebiByte, // 2.5 GiB
+				Size: 2569 * common.MebiByte,
 				Type: "83",
 				Payload: &disk.Filesystem{
 					Type:         "ext4",
@@ -200,3 +200,146 @@ var iotBasePartitionTables = distro.BasePartitionTableMap{
 		},
 	},
 }
+
+var iotSimplifiedInstallerPartitionTables = distro.BasePartitionTableMap{
+	platform.ARCH_X86_64.String(): disk.PartitionTable{
+		UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0",
+		Type: "gpt",
+		Partitions: []disk.Partition{
+			{
+				Size: 501 * common.MebiByte,
+				Type: disk.EFISystemPartitionGUID,
+				UUID: disk.EFISystemPartitionUUID,
+				Payload: &disk.Filesystem{
+					Type:         "vfat",
+					UUID:         disk.EFIFilesystemUUID,
+					Mountpoint:   "/boot/efi",
+					Label:        "EFI-SYSTEM",
+					FSTabOptions: "umask=0077,shortname=winnt",
+					FSTabFreq:    0,
+					FSTabPassNo:  2,
+				},
+			},
+			{
+				Size: 1 * common.GibiByte,
+				Type: disk.XBootLDRPartitionGUID,
+				UUID: disk.FilesystemDataUUID,
+				Payload: &disk.Filesystem{
+					Type:         "ext4",
+					Mountpoint:   "/boot",
+					Label:        "boot",
+					FSTabOptions: "defaults",
+					FSTabFreq:    1,
+					FSTabPassNo:  1,
+				},
+			},
+			{
+				Type: disk.FilesystemDataGUID,
+				UUID: disk.RootPartitionUUID,
+				Payload: &disk.LUKSContainer{
+					Label:      "crypt_root",
+					Cipher:     "cipher_null",
+					Passphrase: "osbuild",
+					PBKDF: disk.Argon2id{
+						Memory:      32,
+						Iterations:  4,
+						Parallelism: 1,
+					},
+					Clevis: &disk.ClevisBind{
+						Pin:              "null",
+						Policy:           "{}",
+						RemovePassphrase: true,
+					},
+					Payload: &disk.LVMVolumeGroup{
+						Name:        "rootvg",
+						Description: "built with lvm2 and osbuild",
+						LogicalVolumes: []disk.LVMLogicalVolume{
+							{
+								Size: 2569 * common.MebiByte,
+								Name: "rootlv",
+								Payload: &disk.Filesystem{
+									Type:         "ext4",
+									Label:        "root",
+									Mountpoint:   "/",
+									FSTabOptions: "defaults",
+									FSTabFreq:    0,
+									FSTabPassNo:  0,
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	},
+	platform.ARCH_AARCH64.String(): disk.PartitionTable{
+		UUID: "0xc1748067",
+		Type: "dos",
+		Partitions: []disk.Partition{
+			{
+				Size:     501 * common.MebiByte,
+				Type:     "06",
+				Bootable: true,
+				Payload: &disk.Filesystem{
+					Type:         "vfat",
+					UUID:         disk.EFIFilesystemUUID,
+					Mountpoint:   "/boot/efi",
+					Label:        "EFI-SYSTEM",
+					FSTabOptions: "umask=0077,shortname=winnt",
+					FSTabFreq:    0,
+					FSTabPassNo:  2,
+				},
+			},
+			{
+				Size: 1 * common.GibiByte,
+				Type: disk.XBootLDRPartitionGUID,
+				UUID: disk.FilesystemDataUUID,
+				Payload: &disk.Filesystem{
+					Type:         "ext4",
+					Mountpoint:   "/boot",
+					Label:        "boot",
+					FSTabOptions: "defaults",
+					FSTabFreq:    1,
+					FSTabPassNo:  1,
+				},
+			},
+			{
+				Type: disk.FilesystemDataGUID,
+				UUID: disk.RootPartitionUUID,
+				Payload: &disk.LUKSContainer{
+					Label:      "crypt_root",
+					Cipher:     "cipher_null",
+					Passphrase: "osbuild",
+					PBKDF: disk.Argon2id{
+						Memory:      32,
+						Iterations:  4,
+						Parallelism: 1,
+					},
+					Clevis: &disk.ClevisBind{
+						Pin:              "null",
+						Policy:           "{}",
+						RemovePassphrase: true,
+					},
+					Payload: &disk.LVMVolumeGroup{
+						Name:        "rootvg",
+						Description: "built with lvm2 and osbuild",
+						LogicalVolumes: []disk.LVMLogicalVolume{
+							{
+								Size: 2569 * common.MebiByte,
+								Name: "rootlv",
+								Payload: &disk.Filesystem{
+									Type:         "ext4",
+									Label:        "root",
+									Mountpoint:   "/",
+									FSTabOptions: "defaults",
+									FSTabFreq:    0,
+									FSTabPassNo:  0,
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	},
+}

vendor/github.com/osbuild/images/pkg/distro/rhel7/partition_tables.go

@@ -7,21 +7,19 @@ import (
 	"github.com/osbuild/images/pkg/platform"
 )
 
-// ////////// Partition table //////////
-
 var defaultBasePartitionTables = distro.BasePartitionTableMap{
 	platform.ARCH_X86_64.String(): disk.PartitionTable{
 		UUID: "D209C89E-EA5E-4FBD-B161-B461CCE297E0",
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size:     1 * common.MebiByte, // 1MB
+				Size:     1 * common.MebiByte,
 				Bootable: true,
 				Type:     disk.BIOSBootPartitionGUID,
 				UUID:     disk.BIOSBootPartitionUUID,
 			},
 			{
-				Size: 200 * common.MebiByte, // 200 MB
+				Size: 200 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -35,7 +33,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -48,7 +46,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{

vendor/github.com/osbuild/images/pkg/distro/rhel8/images.go

@@ -439,7 +439,7 @@ func edgeRawImage(workload workload.Workload,
 		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
 	}
 
-	img := image.NewOSTreeRawImage(commit)
+	img := image.NewOSTreeDiskImage(commit)
 
 	img.Users = users.UsersFromBP(customizations.GetUsers())
 	img.Groups = users.GroupsFromBP(customizations.GetGroups())
@@ -484,7 +484,7 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
 		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
 	}
 
-	rawImg := image.NewOSTreeRawImage(commit)
+	rawImg := image.NewOSTreeDiskImage(commit)
 
 	rawImg.Users = users.UsersFromBP(customizations.GetUsers())
 	rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())

vendor/github.com/osbuild/images/pkg/distro/rhel8/partition_tables.go

@@ -32,7 +32,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -64,7 +64,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -88,7 +88,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				Bootable: true,
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",
 					Mountpoint:   "/",
@@ -104,7 +104,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "dos",
 		Partitions: []disk.Partition{
 			{
-				Size:     2 * common.GibiByte, // 2 GiB
+				Size:     2 * common.GibiByte,
 				Bootable: true,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",
@@ -233,7 +233,7 @@ var ec2LegacyBasePartitionTables = distro.BasePartitionTableMap{
 				UUID:     disk.BIOSBootPartitionUUID,
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -277,7 +277,7 @@ var ec2LegacyBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -305,7 +305,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 				UUID:     disk.BIOSBootPartitionUUID,
 			},
 			{
-				Size: 127 * common.MebiByte, // 127 MB
+				Size: 127 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -319,7 +319,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 384 * common.MebiByte, // 384 MB
+				Size: 384 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -332,7 +332,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.LUKSContainer{
@@ -366,7 +366,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size: 127 * common.MebiByte, // 127 MB
+				Size: 127 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -380,7 +380,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 384 * common.MebiByte, // 384 MB
+				Size: 384 * common.MebiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -393,7 +393,7 @@ var edgeBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2 GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.LUKSContainer{

vendor/github.com/osbuild/images/pkg/distro/rhel9/edge.go

@@ -7,6 +7,7 @@ import (
 	"github.com/osbuild/images/internal/environment"
 	"github.com/osbuild/images/pkg/disk"
 	"github.com/osbuild/images/pkg/distro"
+	"github.com/osbuild/images/pkg/osbuild"
 	"github.com/osbuild/images/pkg/platform"
 	"github.com/osbuild/images/pkg/rpmmd"
 )
@@ -23,6 +24,7 @@ var (
 		},
 		defaultImageConfig: &distro.ImageConfig{
 			EnabledServices: edgeServices,
+			SystemdUnit:     systemdUnits,
 		},
 		rpmOstree:        true,
 		image:            edgeCommitImage,
@@ -46,6 +48,7 @@ var (
 		},
 		defaultImageConfig: &distro.ImageConfig{
 			EnabledServices: edgeServices,
+			SystemdUnit:     systemdUnits,
 		},
 		rpmOstree:        true,
 		bootISO:          false,
@@ -196,7 +199,19 @@ var (
 		// TODO(runcom): move fdo-client-linuxapp.service to presets?
 		"NetworkManager.service", "firewalld.service", "sshd.service", "fdo-client-linuxapp.service",
 	}
-
+	//dropin to disable grub-boot-success.timer if greenboot present
+	systemdUnits = []*osbuild.SystemdUnitStageOptions{
+		{
+			Unit:     "grub-boot-success.timer",
+			Dropin:   "10-disable-if-greenboot.conf",
+			UnitType: osbuild.Global,
+			Config: osbuild.SystemdServiceUnitDropin{
+				Unit: &osbuild.SystemdUnitSection{
+					FileExists: "!/usr/libexec/greenboot/greenboot",
+				},
+			},
+		},
+	}
 	// Partition tables
 	edgeBasePartitionTables = distro.BasePartitionTableMap{
 		platform.ARCH_X86_64.String(): disk.PartitionTable{

vendor/github.com/osbuild/images/pkg/distro/rhel9/images.go

@@ -396,18 +396,11 @@ func edgeRawImage(workload workload.Workload,
 	if err != nil {
 		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
 	}
-
+	img := image.NewOSTreeDiskImage(commit)
-	img := image.NewOSTreeRawImage(commit)
-
-	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || t.arch.distro.osVersion == "9-stream" {
-		img.Ignition = true
-	}
 
 	img.Users = users.UsersFromBP(customizations.GetUsers())
 	img.Groups = users.GroupsFromBP(customizations.GetGroups())
 
-	// "rw" kernel option is required when /sysroot is mounted read-only to
-	// keep stateful parts of the filesystem writeable (/var/ and /etc)
 	img.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
 	img.Keyboard = "us"
 	img.Locale = "C.UTF-8"
@@ -416,6 +409,14 @@ func edgeRawImage(workload workload.Workload,
 		img.KernelOptionsAppend = append(img.KernelOptionsAppend, "rw")
 	}
 
+	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || t.arch.distro.osVersion == "9-stream" {
+		img.Ignition = true
+		img.IgnitionPlatform = "metal"
+		if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
+			img.KernelOptionsAppend = append(img.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
+		}
+	}
+
 	img.Platform = t.platform
 	img.Workload = workload
 	img.Remote = ostree.Remote{
@@ -425,11 +426,6 @@ func edgeRawImage(workload workload.Workload,
 	}
 	img.OSName = "redhat"
 
-	if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
-		img.KernelOptionsAppend = append(img.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
-	}
-
-	// 92+ only
 	if kopts := customizations.GetKernel(); kopts != nil && kopts.Append != "" {
 		img.KernelOptionsAppend = append(img.KernelOptionsAppend, kopts.Append)
 	}
@@ -459,17 +455,11 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
 	if err != nil {
 		return nil, fmt.Errorf("%s: %s", t.Name(), err.Error())
 	}
-
+	rawImg := image.NewOSTreeDiskImage(commit)
-	rawImg := image.NewOSTreeRawImage(commit)
-	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || t.arch.distro.osVersion == "9-stream" {
-		rawImg.Ignition = true
-	}
 
 	rawImg.Users = users.UsersFromBP(customizations.GetUsers())
 	rawImg.Groups = users.GroupsFromBP(customizations.GetGroups())
 
-	// "rw" kernel option is required when /sysroot is mounted read-only to
-	// keep stateful parts of the filesystem writeable (/var/ and /etc)
 	rawImg.KernelOptionsAppend = []string{"modprobe.blacklist=vc4"}
 	rawImg.Keyboard = "us"
 	rawImg.Locale = "C.UTF-8"
@@ -487,6 +477,14 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
 	}
 	rawImg.OSName = "redhat"
 
+	if !common.VersionLessThan(t.arch.distro.osVersion, "9.2") || t.arch.distro.osVersion == "9-stream" {
+		rawImg.Ignition = true
+		rawImg.IgnitionPlatform = "metal"
+		if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
+			rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
+		}
+	}
+
 	// TODO: move generation into LiveImage
 	pt, err := t.getPartitionTable(customizations.GetFilesystems(), options, rng)
 	if err != nil {
@@ -496,10 +494,6 @@ func edgeSimplifiedInstallerImage(workload workload.Workload,
 
 	rawImg.Filename = t.Filename()
 
-	if bpIgnition := customizations.GetIgnition(); bpIgnition != nil && bpIgnition.FirstBoot != nil && bpIgnition.FirstBoot.ProvisioningURL != "" {
-		rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, "ignition.config.url="+bpIgnition.FirstBoot.ProvisioningURL)
-	}
-
 	// 92+ only
 	if kopts := customizations.GetKernel(); kopts != nil && kopts.Append != "" {
 		rawImg.KernelOptionsAppend = append(rawImg.KernelOptionsAppend, kopts.Append)

vendor/github.com/osbuild/images/pkg/distro/rhel9/partition_tables.go

@@ -13,13 +13,13 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size:     1 * common.MebiByte, // 1MB
+				Size:     1 * common.MebiByte,
 				Bootable: true,
 				Type:     disk.BIOSBootPartitionGUID,
 				UUID:     disk.BIOSBootPartitionUUID,
 			},
 			{
-				Size: 200 * common.MebiByte, // 200 MB
+				Size: 200 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -33,7 +33,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Type: disk.XBootLDRPartitionGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -46,7 +46,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -65,7 +65,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "gpt",
 		Partitions: []disk.Partition{
 			{
-				Size: 200 * common.MebiByte, // 200 MB
+				Size: 200 * common.MebiByte,
 				Type: disk.EFISystemPartitionGUID,
 				UUID: disk.EFISystemPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -79,7 +79,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Type: disk.XBootLDRPartitionGUID,
 				UUID: disk.FilesystemDataUUID,
 				Payload: &disk.Filesystem{
@@ -92,7 +92,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Type: disk.FilesystemDataGUID,
 				UUID: disk.RootPartitionUUID,
 				Payload: &disk.Filesystem{
@@ -116,7 +116,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				Bootable: true,
 			},
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",
 					Mountpoint:   "/boot",
@@ -127,7 +127,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size: 2 * common.GibiByte, // 2GiB
+				Size: 2 * common.GibiByte,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",
 					Mountpoint:   "/",
@@ -143,7 +143,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 		Type: "dos",
 		Partitions: []disk.Partition{
 			{
-				Size: 500 * common.MebiByte, // 500 MB
+				Size: 500 * common.MebiByte,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",
 					Mountpoint:   "/boot",
@@ -154,7 +154,7 @@ var defaultBasePartitionTables = distro.BasePartitionTableMap{
 				},
 			},
 			{
-				Size:     2 * common.GibiByte, // 2GiB
+				Size:     2 * common.GibiByte,
 				Bootable: true,
 				Payload: &disk.Filesystem{
 					Type:         "xfs",

vendor/github.com/osbuild/images/pkg/image/anaconda_live_installer.go

@@ -82,7 +82,7 @@ func (img *AnacondaLiveInstaller) InstantiateManifest(m *manifest.Manifest,
 	// TODO: replace isoLabelTmpl with more high-level properties
 	isoLabel := fmt.Sprintf(img.ISOLabelTempl, img.Platform.GetArch())
 
-	rootfsImagePipeline := manifest.NewISORootfsImg(m, buildPipeline, livePipeline)
+	rootfsImagePipeline := manifest.NewISORootfsImg(buildPipeline, livePipeline)
 	rootfsImagePipeline.Size = 8 * common.GibiByte
 
 	bootTreePipeline := manifest.NewEFIBootTree(m, buildPipeline, img.Product, img.OSVersion)
@@ -104,12 +104,7 @@ func (img *AnacondaLiveInstaller) InstantiateManifest(m *manifest.Manifest,
 	// enable ISOLinux on x86_64 only
 	isoLinuxEnabled := img.Platform.GetArch() == platform.ARCH_X86_64
 
-	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(m,
+	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, livePipeline, rootfsImagePipeline, bootTreePipeline)
-		buildPipeline,
-		livePipeline,
-		rootfsImagePipeline,
-		bootTreePipeline,
-		isoLabel)
 	isoTreePipeline.PartitionTable = rootfsPartitionTable
 	isoTreePipeline.Release = img.Release
 	isoTreePipeline.OSName = img.OSName
@@ -117,8 +112,8 @@ func (img *AnacondaLiveInstaller) InstantiateManifest(m *manifest.Manifest,
 	isoTreePipeline.KernelOpts = kernelOpts
 	isoTreePipeline.ISOLinux = isoLinuxEnabled
 
-	isoPipeline := manifest.NewISO(m, buildPipeline, isoTreePipeline, isoLabel)
+	isoPipeline := manifest.NewISO(buildPipeline, isoTreePipeline, isoLabel)
-	isoPipeline.Filename = img.Filename
+	isoPipeline.SetFilename(img.Filename)
 	isoPipeline.ISOLinux = isoLinuxEnabled
 
 	artifact := isoPipeline.Export()

vendor/github.com/osbuild/images/pkg/image/anaconda_ostree_installer.go

@@ -91,7 +91,7 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
 	// TODO: replace isoLabelTmpl with more high-level properties
 	isoLabel := fmt.Sprintf(img.ISOLabelTempl, img.Platform.GetArch())
 
-	rootfsImagePipeline := manifest.NewISORootfsImg(m, buildPipeline, anacondaPipeline)
+	rootfsImagePipeline := manifest.NewISORootfsImg(buildPipeline, anacondaPipeline)
 	rootfsImagePipeline.Size = 4 * common.GibiByte
 
 	bootTreePipeline := manifest.NewEFIBootTree(m, buildPipeline, img.Product, img.OSVersion)
@@ -103,12 +103,7 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
 	// enable ISOLinux on x86_64 only
 	isoLinuxEnabled := img.Platform.GetArch() == platform.ARCH_X86_64
 
-	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(m,
+	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, anacondaPipeline, rootfsImagePipeline, bootTreePipeline)
-		buildPipeline,
-		anacondaPipeline,
-		rootfsImagePipeline,
-		bootTreePipeline,
-		isoLabel)
 	isoTreePipeline.PartitionTable = rootfsPartitionTable
 	isoTreePipeline.Release = img.Release
 	isoTreePipeline.OSName = img.OSName
@@ -124,8 +119,8 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
 	isoTreePipeline.OSTreeCommitSource = &img.Commit
 	isoTreePipeline.ISOLinux = isoLinuxEnabled
 
-	isoPipeline := manifest.NewISO(m, buildPipeline, isoTreePipeline, isoLabel)
+	isoPipeline := manifest.NewISO(buildPipeline, isoTreePipeline, isoLabel)
-	isoPipeline.Filename = img.Filename
+	isoPipeline.SetFilename(img.Filename)
 	isoPipeline.ISOLinux = isoLinuxEnabled
 	artifact := isoPipeline.Export()
 

vendor/github.com/osbuild/images/pkg/image/anaconda_tar_installer.go

@@ -111,7 +111,7 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
 	// TODO: replace isoLabelTmpl with more high-level properties
 	isoLabel := fmt.Sprintf(img.ISOLabelTempl, img.Platform.GetArch())
 
-	rootfsImagePipeline := manifest.NewISORootfsImg(m, buildPipeline, anacondaPipeline)
+	rootfsImagePipeline := manifest.NewISORootfsImg(buildPipeline, anacondaPipeline)
 	rootfsImagePipeline.Size = 4 * common.GibiByte
 
 	bootTreePipeline := manifest.NewEFIBootTree(m, buildPipeline, img.Product, img.OSVersion)
@@ -134,12 +134,7 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
 	// enable ISOLinux on x86_64 only
 	isoLinuxEnabled := img.Platform.GetArch() == platform.ARCH_X86_64
 
-	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(m,
+	isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, anacondaPipeline, rootfsImagePipeline, bootTreePipeline)
-		buildPipeline,
-		anacondaPipeline,
-		rootfsImagePipeline,
-		bootTreePipeline,
-		isoLabel)
 	isoTreePipeline.PartitionTable = rootfsPartitionTable
 	isoTreePipeline.Release = img.Release
 	isoTreePipeline.OSName = img.OSName
@@ -156,8 +151,8 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
 	isoTreePipeline.KernelOpts = img.AdditionalKernelOpts
 	isoTreePipeline.ISOLinux = isoLinuxEnabled
 
-	isoPipeline := manifest.NewISO(m, buildPipeline, isoTreePipeline, isoLabel)
+	isoPipeline := manifest.NewISO(buildPipeline, isoTreePipeline, isoLabel)
-	isoPipeline.Filename = img.Filename
+	isoPipeline.SetFilename(img.Filename)
 	isoPipeline.ISOLinux = isoLinuxEnabled
 
 	artifact := isoPipeline.Export()

vendor/github.com/osbuild/images/pkg/image/archive.go

@@ -39,8 +39,8 @@ func (img *Archive) InstantiateManifest(m *manifest.Manifest,
 	osPipeline.Environment = img.Environment
 	osPipeline.Workload = img.Workload
 
-	tarPipeline := manifest.NewTar(m, buildPipeline, &osPipeline.Base, "archive")
+	tarPipeline := manifest.NewTar(buildPipeline, osPipeline, "archive")
-	tarPipeline.Filename = img.Filename
+	tarPipeline.SetFilename(img.Filename)
 	artifact := tarPipeline.Export()
 
 	return artifact, nil

vendor/github.com/osbuild/images/pkg/image/container.go

@@ -39,8 +39,8 @@ func (img *BaseContainer) InstantiateManifest(m *manifest.Manifest,
 	osPipeline.Environment = img.Environment
 	osPipeline.Workload = img.Workload
 
-	ociPipeline := manifest.NewOCIContainer(m, buildPipeline, osPipeline)
+	ociPipeline := manifest.NewOCIContainer(buildPipeline, osPipeline)
-	ociPipeline.Filename = img.Filename
+	ociPipeline.SetFilename(img.Filename)
 	artifact := ociPipeline.Export()
 
 	return artifact, nil

vendor/github.com/osbuild/images/pkg/image/disk.go

@@ -58,76 +58,59 @@ func (img *DiskImage) InstantiateManifest(m *manifest.Manifest,
 	osPipeline.OSVersion = img.OSVersion
 	osPipeline.OSNick = img.OSNick
 
-	imagePipeline := manifest.NewRawImage(m, buildPipeline, osPipeline)
+	rawImagePipeline := manifest.NewRawImage(buildPipeline, osPipeline)
-	imagePipeline.PartTool = img.PartTool
+	rawImagePipeline.PartTool = img.PartTool
 
-	var artifact *artifact.Artifact
+	var imagePipeline manifest.FilePipeline
-	var artifactPipeline manifest.Pipeline
 	switch img.Platform.GetImageFormat() {
 	case platform.FORMAT_RAW:
-		if img.Compression == "" {
+		imagePipeline = rawImagePipeline
-			imagePipeline.Filename = img.Filename
-		}
-		artifactPipeline = imagePipeline
-		artifact = imagePipeline.Export()
 	case platform.FORMAT_QCOW2:
-		qcow2Pipeline := manifest.NewQCOW2(m, buildPipeline, imagePipeline)
+		qcow2Pipeline := manifest.NewQCOW2(buildPipeline, rawImagePipeline)
-		if img.Compression == "" {
-			qcow2Pipeline.Filename = img.Filename
-		}
 		qcow2Pipeline.Compat = img.Platform.GetQCOW2Compat()
-		artifactPipeline = qcow2Pipeline
+		imagePipeline = qcow2Pipeline
-		artifact = qcow2Pipeline.Export()
 	case platform.FORMAT_VHD:
-		vpcPipeline := manifest.NewVPC(m, buildPipeline, imagePipeline)
+		vpcPipeline := manifest.NewVPC(buildPipeline, rawImagePipeline)
-		if img.Compression == "" {
-			vpcPipeline.Filename = img.Filename
-		}
 		vpcPipeline.ForceSize = img.ForceSize
-		artifactPipeline = vpcPipeline
+		imagePipeline = vpcPipeline
-		artifact = vpcPipeline.Export()
 	case platform.FORMAT_VMDK:
-		vmdkPipeline := manifest.NewVMDK(m, buildPipeline, imagePipeline, nil)
+		imagePipeline = manifest.NewVMDK(buildPipeline, rawImagePipeline)
-		if img.Compression == "" {
-			vmdkPipeline.Filename = img.Filename
-		}
-		artifactPipeline = vmdkPipeline
-		artifact = vmdkPipeline.Export()
 	case platform.FORMAT_OVA:
-		vmdkPipeline := manifest.NewVMDK(m, buildPipeline, imagePipeline, nil)
+		vmdkPipeline := manifest.NewVMDK(buildPipeline, rawImagePipeline)
-		ovfPipeline := manifest.NewOVF(m, buildPipeline, vmdkPipeline)
+		ovfPipeline := manifest.NewOVF(buildPipeline, vmdkPipeline)
-		artifactPipeline := manifest.NewTar(m, buildPipeline, ovfPipeline, "archive")
+		tarPipeline := manifest.NewTar(buildPipeline, ovfPipeline, "archive")
-		artifactPipeline.Format = osbuild.TarArchiveFormatUstar
+		tarPipeline.Format = osbuild.TarArchiveFormatUstar
-		artifactPipeline.RootNode = osbuild.TarRootNodeOmit
+		tarPipeline.RootNode = osbuild.TarRootNodeOmit
-		artifactPipeline.Filename = img.Filename
+		tarPipeline.SetFilename(img.Filename)
-		artifact = artifactPipeline.Export()
+		imagePipeline = tarPipeline
 	case platform.FORMAT_GCE:
 		// NOTE(akoutsou): temporary workaround; filename required for GCP
 		// TODO: define internal raw filename on image type
-		imagePipeline.Filename = "disk.raw"
+		rawImagePipeline.SetFilename("disk.raw")
-		archivePipeline := manifest.NewTar(m, buildPipeline, imagePipeline, "archive")
+		tarPipeline := manifest.NewTar(buildPipeline, rawImagePipeline, "archive")
-		archivePipeline.Format = osbuild.TarArchiveFormatOldgnu
+		tarPipeline.Format = osbuild.TarArchiveFormatOldgnu
-		archivePipeline.RootNode = osbuild.TarRootNodeOmit
+		tarPipeline.RootNode = osbuild.TarRootNodeOmit
 		// these are required to successfully import the image to GCP
-		archivePipeline.ACLs = common.ToPtr(false)
+		tarPipeline.ACLs = common.ToPtr(false)
-		archivePipeline.SELinux = common.ToPtr(false)
+		tarPipeline.SELinux = common.ToPtr(false)
-		archivePipeline.Xattrs = common.ToPtr(false)
+		tarPipeline.Xattrs = common.ToPtr(false)
-		archivePipeline.Filename = img.Filename // filename extension will determine compression
+		tarPipeline.SetFilename(img.Filename) // filename extension will determine compression
+		imagePipeline = tarPipeline
 	default:
 		panic("invalid image format for image kind")
 	}
 
 	switch img.Compression {
 	case "xz":
-		xzPipeline := manifest.NewXZ(m, buildPipeline, artifactPipeline)
+		xzPipeline := manifest.NewXZ(buildPipeline, imagePipeline)
-		xzPipeline.Filename = img.Filename
+		xzPipeline.SetFilename(img.Filename)
-		artifact = xzPipeline.Export()
+		return xzPipeline.Export(), nil
 	case "":
-		// do nothing
+		// don't compress, but make sure the pipeline's filename is set
+		imagePipeline.SetFilename(img.Filename)
+		return imagePipeline.Export(), nil
 	default:
 		// panic on unknown strings
 		panic(fmt.Sprintf("unsupported compression type %q", img.Compression))
 	}
-
-	return artifact, nil
 }

vendor/github.com/osbuild/images/pkg/image/ostree_archive.go

@@ -56,11 +56,11 @@ func (img *OSTreeArchive) InstantiateManifest(m *manifest.Manifest,
 	osPipeline.OSTreeRef = img.OSTreeRef
 	osPipeline.InstallWeakDeps = img.InstallWeakDeps
 
-	ostreeCommitPipeline := manifest.NewOSTreeCommit(m, buildPipeline, osPipeline, img.OSTreeRef)
+	ostreeCommitPipeline := manifest.NewOSTreeCommit(buildPipeline, osPipeline, img.OSTreeRef)
 	ostreeCommitPipeline.OSVersion = img.OSVersion
 
-	tarPipeline := manifest.NewTar(m, buildPipeline, &ostreeCommitPipeline.Base, "commit-archive")
+	tarPipeline := manifest.NewTar(buildPipeline, ostreeCommitPipeline, "commit-archive")
-	tarPipeline.Filename = img.Filename
+	tarPipeline.SetFilename(img.Filename)
 	artifact := tarPipeline.Export()
 
 	return artifact, nil

vendor/github.com/osbuild/images/pkg/image/ostree_container.go

@@ -54,7 +54,7 @@ func (img *OSTreeContainer) InstantiateManifest(m *manifest.Manifest,
 	osPipeline.OSTreeRef = img.OSTreeRef
 	osPipeline.OSTreeParent = img.OSTreeParent
 
-	commitPipeline := manifest.NewOSTreeCommit(m, buildPipeline, osPipeline, img.OSTreeRef)
+	commitPipeline := manifest.NewOSTreeCommit(buildPipeline, osPipeline, img.OSTreeRef)
 	commitPipeline.OSVersion = img.OSVersion
 
 	nginxConfigPath := "/etc/nginx.conf"
@@ -69,10 +69,10 @@ func (img *OSTreeContainer) InstantiateManifest(m *manifest.Manifest,
 		listenPort)
 	serverPipeline.Language = img.ContainerLanguage
 
-	containerPipeline := manifest.NewOCIContainer(m, buildPipeline, serverPipeline)
+	containerPipeline := manifest.NewOCIContainer(buildPipeline, serverPipeline)
 	containerPipeline.Cmd = []string{"nginx", "-c", nginxConfigPath}
 	containerPipeline.ExposedPorts = []string{listenPort}
-	containerPipeline.Filename = img.Filename
+	containerPipeline.SetFilename(img.Filename)
 	artifact := containerPipeline.Export()
 
 	return artifact, nil

vendor/github.com/osbuild/images/pkg/image/ostree_disk.go

@@ -16,7 +16,7 @@ import (
 	"github.com/osbuild/images/pkg/runner"
 )
 
-type OSTreeRawImage struct {
+type OSTreeDiskImage struct {
 	Base
 
 	Platform       platform.Platform
@@ -39,32 +39,23 @@ type OSTreeRawImage struct {
 
 	Filename string
 
-	Compression string
+	Ignition         bool
-
+	IgnitionPlatform string
-	Ignition bool
+	Compression      string
 
 	Directories []*fsnode.Directory
 	Files       []*fsnode.File
 }
 
-func NewOSTreeRawImage(commit ostree.SourceSpec) *OSTreeRawImage {
+func NewOSTreeDiskImage(commit ostree.SourceSpec) *OSTreeDiskImage {
-	return &OSTreeRawImage{
+	return &OSTreeDiskImage{
 		Base:         NewBase("ostree-raw-image"),
 		CommitSource: commit,
 	}
 }
 
-func ostreeCompressedImagePipelines(img *OSTreeRawImage, m *manifest.Manifest, buildPipeline *manifest.Build) *manifest.XZ {
+func baseRawOstreeImage(img *OSTreeDiskImage, m *manifest.Manifest, buildPipeline *manifest.Build) *manifest.RawOSTreeImage {
-	imagePipeline := baseRawOstreeImage(img, m, buildPipeline)
+	osPipeline := manifest.NewOSTreeDeployment(buildPipeline, m, img.CommitSource, img.OSName, img.Ignition, img.IgnitionPlatform, img.Platform)
-
-	xzPipeline := manifest.NewXZ(m, buildPipeline, imagePipeline)
-	xzPipeline.Filename = img.Filename
-
-	return xzPipeline
-}
-
-func baseRawOstreeImage(img *OSTreeRawImage, m *manifest.Manifest, buildPipeline *manifest.Build) *manifest.RawOSTreeImage {
-	osPipeline := manifest.NewOSTreeDeployment(m, buildPipeline, img.CommitSource, img.OSName, img.Ignition, img.Platform)
 	osPipeline.PartitionTable = img.PartitionTable
 	osPipeline.Remote = img.Remote
 	osPipeline.KernelOptionsAppend = img.KernelOptionsAppend
@@ -80,39 +71,48 @@ func baseRawOstreeImage(img *OSTreeRawImage, m *manifest.Manifest, buildPipeline
 	osPipeline.EnabledServices = img.Workload.GetServices()
 	osPipeline.DisabledServices = img.Workload.GetDisabledServices()
 
-	return manifest.NewRawOStreeImage(m, buildPipeline, img.Platform, osPipeline)
+	return manifest.NewRawOStreeImage(buildPipeline, osPipeline, img.Platform)
 }
 
-func (img *OSTreeRawImage) InstantiateManifest(m *manifest.Manifest,
+func (img *OSTreeDiskImage) InstantiateManifest(m *manifest.Manifest,
 	repos []rpmmd.RepoConfig,
 	runner runner.Runner,
 	rng *rand.Rand) (*artifact.Artifact, error) {
 	buildPipeline := manifest.NewBuild(m, runner, repos)
 	buildPipeline.Checkpoint()
 
-	var art *artifact.Artifact
+	// don't support compressing non-raw images
+	imgFormat := img.Platform.GetImageFormat()
+	if imgFormat == platform.FORMAT_UNSET {
+		// treat unset as raw for this check
+		imgFormat = platform.FORMAT_RAW
+	}
+	if imgFormat != platform.FORMAT_RAW && img.Compression != "" {
+		panic(fmt.Sprintf("no compression is allowed with %q format for %q", imgFormat, img.name))
+	}
+
+	baseImage := baseRawOstreeImage(img, m, buildPipeline)
 	switch img.Platform.GetImageFormat() {
 	case platform.FORMAT_VMDK:
-		if img.Compression != "" {
+		vmdkPipeline := manifest.NewVMDK(buildPipeline, baseImage)
-			panic(fmt.Sprintf("no compression is allowed with VMDK format for %q", img.name))
+		vmdkPipeline.SetFilename(img.Filename)
-		}
+		return vmdkPipeline.Export(), nil
-		ostreeBase := baseRawOstreeImage(img, m, buildPipeline)
+	case platform.FORMAT_QCOW2:
-		vmdkPipeline := manifest.NewVMDK(m, buildPipeline, nil, ostreeBase)
+		qcow2Pipeline := manifest.NewQCOW2(buildPipeline, baseImage)
-		vmdkPipeline.Filename = img.Filename
+		qcow2Pipeline.Compat = img.Platform.GetQCOW2Compat()
-		art = vmdkPipeline.Export()
+		qcow2Pipeline.SetFilename(img.Filename)
+		return qcow2Pipeline.Export(), nil
 	default:
 		switch img.Compression {
 		case "xz":
-			ostreeCompressed := ostreeCompressedImagePipelines(img, m, buildPipeline)
+			compressedImage := manifest.NewXZ(buildPipeline, baseImage)
-			art = ostreeCompressed.Export()
+			compressedImage.SetFilename(img.Filename)
+			return compressedImage.Export(), nil
 		case "":
-			ostreeBase := baseRawOstreeImage(img, m, buildPipeline)
+			baseImage.SetFilename(img.Filename)
-			ostreeBase.Filename = img.Filename
+			return baseImage.Export(), nil
-			art = ostreeBase.Export()
 		default:
 			panic(fmt.Sprintf("unsupported compression type %q on %q", img.Compression, img.name))
 		}
 	}
-
-	return art, nil
 }

vendor/github.com/osbuild/images/pkg/image/ostree_simplified_installer.go

@@ -21,7 +21,7 @@ type OSTreeSimplifiedInstaller struct {
 	Base
 
 	// Raw image that will be created and embedded
-	rawImage *OSTreeRawImage
+	rawImage *OSTreeDiskImage
 
 	Platform         platform.Platform
 	OSCustomizations manifest.OSCustomizations
@@ -60,7 +60,7 @@ type OSTreeSimplifiedInstaller struct {
 	AdditionalDracutModules []string
 }
 
-func NewOSTreeSimplifiedInstaller(rawImage *OSTreeRawImage, installDevice string) *OSTreeSimplifiedInstaller {
+func NewOSTreeSimplifiedInstaller(rawImage *OSTreeDiskImage, installDevice string) *OSTreeSimplifiedInstaller {
 	return &OSTreeSimplifiedInstaller{
 		Base:          NewBase("ostree-simplified-installer"),
 		rawImage:      rawImage,
@@ -75,11 +75,11 @@ func (img *OSTreeSimplifiedInstaller) InstantiateManifest(m *manifest.Manifest,
 	buildPipeline := manifest.NewBuild(m, runner, repos)
 	buildPipeline.Checkpoint()
 
-	rawImageFilename := "image.raw.xz"
+	imageFilename := "image.raw.xz"
 
-	// create the raw image
+	// image in simplified installer is always compressed
-	img.rawImage.Filename = rawImageFilename
+	compressedImage := manifest.NewXZ(buildPipeline, baseRawOstreeImage(img.rawImage, m, buildPipeline))
-	rawImage := ostreeCompressedImagePipelines(img.rawImage, m, buildPipeline)
+	compressedImage.SetFilename(imageFilename)
 
 	coiPipeline := manifest.NewCoreOSInstaller(m,
 		buildPipeline,
@@ -109,7 +109,7 @@ func (img *OSTreeSimplifiedInstaller) InstantiateManifest(m *manifest.Manifest,
 		"coreos.inst.crypt_root=1",
 		"coreos.inst.isoroot=" + isoLabel,
 		"coreos.inst.install_dev=" + img.installDevice,
-		fmt.Sprintf("coreos.inst.image_file=/run/media/iso/%s", rawImageFilename),
+		fmt.Sprintf("coreos.inst.image_file=/run/media/iso/%s", imageFilename),
 		"coreos.inst.insecure",
 	}
 
@@ -147,20 +147,15 @@ func (img *OSTreeSimplifiedInstaller) InstantiateManifest(m *manifest.Manifest,
 	// enable ISOLinux on x86_64 only
 	isoLinuxEnabled := img.Platform.GetArch() == platform.ARCH_X86_64
 
-	isoTreePipeline := manifest.NewCoreOSISOTree(m,
+	isoTreePipeline := manifest.NewCoreOSISOTree(buildPipeline, compressedImage, coiPipeline, bootTreePipeline)
-		buildPipeline,
-		rawImage,
-		coiPipeline,
-		bootTreePipeline,
-		isoLabel)
 	isoTreePipeline.KernelOpts = kernelOpts
 	isoTreePipeline.PartitionTable = rootfsPartitionTable
 	isoTreePipeline.OSName = img.OSName
-	isoTreePipeline.PayloadPath = fmt.Sprintf("/%s", rawImageFilename)
+	isoTreePipeline.PayloadPath = fmt.Sprintf("/%s", imageFilename)
 	isoTreePipeline.ISOLinux = isoLinuxEnabled
 
-	isoPipeline := manifest.NewISO(m, buildPipeline, isoTreePipeline, isoLabel)
+	isoPipeline := manifest.NewISO(buildPipeline, isoTreePipeline, isoLabel)
-	isoPipeline.Filename = img.Filename
+	isoPipeline.SetFilename(img.Filename)
 	isoPipeline.ISOLinux = isoLinuxEnabled
 
 	artifact := isoPipeline.Export()

vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer.go

@@ -367,7 +367,7 @@ func dracutStageOptions(kernelVer string, biosdevname bool, additionalModules []
 	}
 }
 
-func (p *AnacondaInstaller) GetPlatform() platform.Platform {
+func (p *AnacondaInstaller) Platform() platform.Platform {
 	return p.platform
 }
 

vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go

@@ -55,25 +55,22 @@ type AnacondaInstallerISOTree struct {
 	ISOLinux bool
 }
 
-func NewAnacondaInstallerISOTree(m *Manifest,
+func NewAnacondaInstallerISOTree(buildPipeline *Build, anacondaPipeline *AnacondaInstaller, rootfsPipeline *ISORootfsImg, bootTreePipeline *EFIBootTree) *AnacondaInstallerISOTree {
-	buildPipeline *Build,
-	anacondaPipeline *AnacondaInstaller,
-	rootfsPipeline *ISORootfsImg,
-	bootTreePipeline *EFIBootTree,
-	isoLabel string) *AnacondaInstallerISOTree {
 
+	// the three pipelines should all belong to the same manifest
+	if anacondaPipeline.Manifest() != rootfsPipeline.Manifest() ||
+		anacondaPipeline.Manifest() != bootTreePipeline.Manifest() {
+		panic("pipelines from different manifests")
+	}
 	p := &AnacondaInstallerISOTree{
-		Base:             NewBase(m, "bootiso-tree", buildPipeline),
+		Base:             NewBase(anacondaPipeline.Manifest(), "bootiso-tree", buildPipeline),
 		anacondaPipeline: anacondaPipeline,
 		rootfsPipeline:   rootfsPipeline,
 		bootTreePipeline: bootTreePipeline,
-		isoLabel:         isoLabel,
+		isoLabel:         bootTreePipeline.ISOLabel,
 	}
 	buildPipeline.addDependent(p)
-	if anacondaPipeline.Base.manifest != m {
+	anacondaPipeline.Manifest().addPipeline(p)
-		panic("anaconda pipeline from different manifest")
-	}
-	m.addPipeline(p)
 	return p
 }
 

vendor/github.com/osbuild/images/pkg/manifest/coi_iso_tree.go

@@ -35,25 +35,27 @@ type CoreOSISOTree struct {
 	KernelOpts []string
 }
 
-func NewCoreOSISOTree(m *Manifest,
+func NewCoreOSISOTree(
 	buildPipeline *Build,
 	payloadPipeline *XZ,
 	coiPipeline *CoreOSInstaller,
-	bootTreePipeline *EFIBootTree,
+	bootTreePipeline *EFIBootTree) *CoreOSISOTree {
-	isoLabel string) *CoreOSISOTree {
+
+	// the three pipelines should all belong to the same manifest
+	if payloadPipeline.Manifest() != coiPipeline.Manifest() ||
+		payloadPipeline.Manifest() != bootTreePipeline.Manifest() {
+		panic("pipelines from different manifests")
+	}
 
 	p := &CoreOSISOTree{
-		Base:             NewBase(m, "bootiso-tree", buildPipeline),
+		Base:             NewBase(coiPipeline.Manifest(), "bootiso-tree", buildPipeline),
 		payloadPipeline:  payloadPipeline,
 		coiPipeline:      coiPipeline,
 		bootTreePipeline: bootTreePipeline,
-		isoLabel:         isoLabel,
+		isoLabel:         bootTreePipeline.ISOLabel,
 	}
 	buildPipeline.addDependent(p)
-	if coiPipeline.Base.manifest != m {
+	coiPipeline.Manifest().addPipeline(p)
-		panic("anaconda pipeline from different manifest")
-	}
-	m.addPipeline(p)
 	return p
 }
 
@@ -64,12 +66,12 @@ func (p *CoreOSISOTree) serialize() osbuild.Pipeline {
 		&osbuild.CopyStageOptions{
 			Paths: []osbuild.CopyStagePath{
 				{
-					From: fmt.Sprintf("input://file/%s", p.payloadPipeline.Filename),
+					From: fmt.Sprintf("input://file/%s", p.payloadPipeline.Filename()),
 					To:   fmt.Sprintf("tree://%s", p.PayloadPath),
 				},
 			},
 		},
-		osbuild.NewXzStageInputs(osbuild.NewFilesInputPipelineObjectRef(p.payloadPipeline.Name(), p.payloadPipeline.Filename, nil)),
+		osbuild.NewXzStageInputs(osbuild.NewFilesInputPipelineObjectRef(p.payloadPipeline.Name(), p.payloadPipeline.Filename(), nil)),
 	))
 
 	if p.coiPipeline.Ignition != nil {

vendor/github.com/osbuild/images/pkg/manifest/commit.go

@@ -16,20 +16,14 @@ type OSTreeCommit struct {
 // NewOSTreeCommit creates a new OSTree commit pipeline. The
 // treePipeline is the tree representing the content of the commit.
 // ref is the ref to create the commit under.
-func NewOSTreeCommit(m *Manifest,
+func NewOSTreeCommit(buildPipeline *Build, treePipeline *OS, ref string) *OSTreeCommit {
-	buildPipeline *Build,
-	treePipeline *OS,
-	ref string) *OSTreeCommit {
 	p := &OSTreeCommit{
-		Base:         NewBase(m, "ostree-commit", buildPipeline),
+		Base:         NewBase(treePipeline.Manifest(), "ostree-commit", buildPipeline),
 		treePipeline: treePipeline,
 		ref:          ref,
 	}
-	if treePipeline.Base.manifest != m {
-		panic("tree pipeline from different manifest")
-	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	treePipeline.Manifest().addPipeline(p)
 	return p
 }
 

vendor/github.com/osbuild/images/pkg/manifest/commit_server_tree.go

@@ -149,6 +149,6 @@ func chmodStageOptions(path, mode string, recursive bool) *osbuild.ChmodStageOpt
 	}
 }
 
-func (p *OSTreeCommitServer) GetPlatform() platform.Platform {
+func (p *OSTreeCommitServer) Platform() platform.Platform {
 	return p.platform
 }

vendor/github.com/osbuild/images/pkg/manifest/coreos_installer.go

@@ -66,8 +66,10 @@ func NewCoreOSInstaller(m *Manifest,
 	return p
 }
 
-// TODO: refactor - what is required to boot and what to build, and
+// TODO: refactor:
-// do they all belong in this pipeline?
+// - what is required to boot and what to build?
+// - do they all belong in this pipeline?
+// - should these be moved to the platform for the image type?
 func (p *CoreOSInstaller) getBootPackages() []string {
 	packages := []string{
 		"grub2-tools",
@@ -76,6 +78,11 @@ func (p *CoreOSInstaller) getBootPackages() []string {
 		"efibootmgr",
 	}
 
+	packages = append(packages, p.platform.GetPackages()...)
+
+	// TODO: Move these to the platform?
+	// For Fedora, this will add a lot of duplicates, but we also add them here
+	// for RHEL and CentOS.
 	switch p.platform.GetArch() {
 	case platform.ARCH_X86_64:
 		packages = append(packages,
@@ -97,6 +104,10 @@ func (p *CoreOSInstaller) getBootPackages() []string {
 		panic(fmt.Sprintf("unsupported arch: %s", p.platform.GetArch()))
 	}
 
+	if p.Biosdevname {
+		packages = append(packages, "biosdevname")
+	}
+
 	return packages
 }
 
@@ -185,6 +196,6 @@ func (p *CoreOSInstaller) serialize() osbuild.Pipeline {
 	return pipeline
 }
 
-func (p *CoreOSInstaller) GetPlatform() platform.Platform {
+func (p *CoreOSInstaller) Platform() platform.Platform {
 	return p.platform
 }

vendor/github.com/osbuild/images/pkg/manifest/iso.go

@@ -10,24 +10,29 @@ import (
 type ISO struct {
 	Base
 	ISOLinux bool
-	Filename string
+	filename string
 
 	treePipeline Pipeline
 	isoLabel     string
 }
 
-func NewISO(m *Manifest,
+func (p ISO) Filename() string {
-	buildPipeline *Build,
+	return p.filename
-	treePipeline Pipeline,
+}
-	isoLabel string) *ISO {
+
+func (p *ISO) SetFilename(filename string) {
+	p.filename = filename
+}
+
+func NewISO(buildPipeline *Build, treePipeline Pipeline, isoLabel string) *ISO {
 	p := &ISO{
-		Base:         NewBase(m, "bootiso", buildPipeline),
+		Base:         NewBase(treePipeline.Manifest(), "bootiso", buildPipeline),
 		treePipeline: treePipeline,
-		Filename:     "image.iso",
+		filename:     "image.iso",
 		isoLabel:     isoLabel,
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	treePipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -41,8 +46,8 @@ func (p *ISO) getBuildPackages(Distro) []string {
 func (p *ISO) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
-	pipeline.AddStage(osbuild.NewXorrisofsStage(xorrisofsStageOptions(p.Filename, p.isoLabel, p.ISOLinux), p.treePipeline.Name()))
+	pipeline.AddStage(osbuild.NewXorrisofsStage(xorrisofsStageOptions(p.Filename(), p.isoLabel, p.ISOLinux), p.treePipeline.Name()))
-	pipeline.AddStage(osbuild.NewImplantisomd5Stage(&osbuild.Implantisomd5StageOptions{Filename: p.Filename}))
+	pipeline.AddStage(osbuild.NewImplantisomd5Stage(&osbuild.Implantisomd5StageOptions{Filename: p.Filename()}))
 
 	return pipeline
 }
@@ -71,5 +76,5 @@ func xorrisofsStageOptions(filename, isolabel string, isolinux bool) *osbuild.Xo
 func (p *ISO) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-iso9660-image"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/iso_rootfs.go

@@ -14,13 +14,13 @@ type ISORootfsImg struct {
 	installerPipeline Pipeline
 }
 
-func NewISORootfsImg(m *Manifest, buildPipeline *Build, installerPipeline Pipeline) *ISORootfsImg {
+func NewISORootfsImg(buildPipeline *Build, installerPipeline Pipeline) *ISORootfsImg {
 	p := &ISORootfsImg{
-		Base:              NewBase(m, "rootfs-image", buildPipeline),
+		Base:              NewBase(installerPipeline.Manifest(), "rootfs-image", buildPipeline),
 		installerPipeline: installerPipeline,
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	installerPipeline.Manifest().addPipeline(p)
 	return p
 }
 

vendor/github.com/osbuild/images/pkg/manifest/oci_container.go

@@ -9,26 +9,29 @@ import (
 // tree created by another Pipeline.
 type OCIContainer struct {
 	Base
-	Filename     string
+	filename     string
 	Cmd          []string
 	ExposedPorts []string
 
-	treePipeline Tree
+	treePipeline TreePipeline
 }
 
-func NewOCIContainer(m *Manifest,
+func (p OCIContainer) Filename() string {
-	buildPipeline *Build,
+	return p.filename
-	treePipeline Tree) *OCIContainer {
+}
+
+func (p *OCIContainer) SetFilename(filename string) {
+	p.filename = filename
+}
+
+func NewOCIContainer(buildPipeline *Build, treePipeline TreePipeline) *OCIContainer {
 	p := &OCIContainer{
-		Base:         NewBase(m, "container", buildPipeline),
+		Base:         NewBase(treePipeline.Manifest(), "container", buildPipeline),
 		treePipeline: treePipeline,
-		Filename:     "oci-archive.tar",
+		filename:     "oci-archive.tar",
-	}
-	if treePipeline.GetManifest() != m {
-		panic("tree pipeline from different manifest")
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	treePipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -36,8 +39,8 @@ func (p *OCIContainer) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
 	options := &osbuild.OCIArchiveStageOptions{
-		Architecture: p.treePipeline.GetPlatform().GetArch().String(),
+		Architecture: p.treePipeline.Platform().GetArch().String(),
-		Filename:     p.Filename,
+		Filename:     p.Filename(),
 		Config: &osbuild.OCIArchiveConfig{
 			Cmd:          p.Cmd,
 			ExposedPorts: p.ExposedPorts,
@@ -57,5 +60,5 @@ func (p *OCIContainer) getBuildPackages(Distro) []string {
 func (p *OCIContainer) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-tar"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/os.go

@@ -123,6 +123,7 @@ type OSCustomizations struct {
 	WSLConfig            *osbuild.WSLConfStageOptions
 	LeapSecTZ            *string
 	FactAPIType          *facts.APIType
+	Presets              []osbuild.Preset
 
 	Subscription *subscription.ImageOptions
 	RHSMConfig   map[subscription.RHSMStatus]*osbuild.RHSMStageOptions
@@ -732,6 +733,12 @@ func (p *OS) serialize() osbuild.Pipeline {
 		pipeline.AddStage(osbuild.NewOscapRemediationStage(p.OpenSCAPConfig))
 	}
 
+	if len(p.Presets) != 0 {
+		pipeline.AddStage(osbuild.NewSystemdPresetStage(&osbuild.SystemdPresetStageOptions{
+			Presets: p.Presets,
+		}))
+	}
+
 	if p.SElinux != "" {
 		pipeline.AddStage(osbuild.NewSELinuxStage(&osbuild.SELinuxStageOptions{
 			FileContexts:     fmt.Sprintf("etc/selinux/%s/contexts/files/file_contexts", p.SElinux),
@@ -797,7 +804,7 @@ func usersFirstBootOptions(users []users.User) *osbuild.FirstBootStageOptions {
 	return options
 }
 
-func (p *OS) GetPlatform() platform.Platform {
+func (p *OS) Platform() platform.Platform {
 	return p.platform
 }
 

vendor/github.com/osbuild/images/pkg/manifest/ostree_deployment.go

@@ -45,6 +45,9 @@ type OSTreeDeployment struct {
 	// Whether ignition is in use or not
 	ignition bool
 
+	// Specifies the ignition platform to use
+	ignitionPlatform string
+
 	Directories []*fsnode.Directory
 	Files       []*fsnode.File
 
@@ -54,19 +57,21 @@ type OSTreeDeployment struct {
 
 // NewOSTreeDeployment creates a pipeline for an ostree deployment from a
 // commit.
-func NewOSTreeDeployment(m *Manifest,
+func NewOSTreeDeployment(buildPipeline *Build,
-	buildPipeline *Build,
+	m *Manifest,
 	commit ostree.SourceSpec,
 	osName string,
 	ignition bool,
+	ignitionPlatform string,
 	platform platform.Platform) *OSTreeDeployment {
 
 	p := &OSTreeDeployment{
-		Base:         NewBase(m, "ostree-deployment", buildPipeline),
+		Base:             NewBase(m, "ostree-deployment", buildPipeline),
-		commitSource: commit,
+		commitSource:     commit,
-		osName:       osName,
+		osName:           osName,
-		platform:     platform,
+		platform:         platform,
-		ignition:     ignition,
+		ignition:         ignition,
+		ignitionPlatform: ignitionPlatform,
 	}
 	buildPipeline.addDependent(p)
 	m.addPipeline(p)
@@ -145,9 +150,12 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 	kernelOpts = append(kernelOpts, p.KernelOptionsAppend...)
 
 	if p.ignition {
+		if p.ignitionPlatform == "" {
+			panic("ignition is enabled but ignition platform ID is not set")
+		}
 		kernelOpts = append(kernelOpts,
 			"coreos.no_persist_ip", // users cannot add connections as we don't have a live iso, this prevents connections to bleed into the system from the ign initrd
-			"ignition.platform.id=metal",
+			"ignition.platform.id="+p.ignitionPlatform,
 			"$ignition_firstboot",
 		)
 	}
@@ -239,6 +247,18 @@ func (p *OSTreeDeployment) serialize() osbuild.Pipeline {
 				"systemd.condition-first-boot=true",
 			},
 		}))
+
+		// We enable / disable services below using the systemd stage, but its effect
+		// may be overridden by systemd which may reset enabled / disabled services on
+		// firstboot (which happend on F37+). This behavior, if available, is triggered
+		// only when Ignition is used. To prevent this and to not have a special cases
+		// in the code based on distro version, we enable / disable services also by
+		// creating a preset file.
+		if len(p.EnabledServices) != 0 || len(p.DisabledServices) != 0 {
+			presetsStage := osbuild.GenServicesPresetStage(p.EnabledServices, p.DisabledServices)
+			presetsStage.MountOSTree(p.osName, commit.Ref, 0)
+			pipeline.AddStage(presetsStage)
+		}
 	}
 
 	// if no root password is set, lock the root account

vendor/github.com/osbuild/images/pkg/manifest/ovf.go

@@ -14,18 +14,13 @@ type OVF struct {
 }
 
 // NewOVF creates a new OVF pipeline. imgPipeline is the pipeline producing the vmdk image.
-func NewOVF(m *Manifest,
+func NewOVF(buidPipeline *Build, imgPipeline *VMDK) *OVF {
-	buildPipeline *Build,
-	imgPipeline *VMDK) *OVF {
 	p := &OVF{
-		Base:        NewBase(m, "ovf", buildPipeline),
+		Base:        NewBase(imgPipeline.Manifest(), "ovf", buidPipeline),
 		imgPipeline: imgPipeline,
 	}
-	if imgPipeline.Base.manifest != m {
+	buidPipeline.addDependent(p)
-		panic("live image pipeline from different manifest")
+	imgPipeline.Manifest().addPipeline(p)
-	}
-	buildPipeline.addDependent(p)
-	m.addPipeline(p)
 	return p
 }
 
@@ -36,7 +31,7 @@ func (p *OVF) serialize() osbuild.Pipeline {
 	pipeline.AddStage(osbuild.NewCopyStageSimple(
 		&osbuild.CopyStageOptions{
 			Paths: []osbuild.CopyStagePath{
-				osbuild.CopyStagePath{
+				{
 					From: fmt.Sprintf("input://%s/%s", inputName, p.imgPipeline.Export().Filename()),
 					To:   "tree:///",
 				},
@@ -46,7 +41,7 @@ func (p *OVF) serialize() osbuild.Pipeline {
 	))
 
 	pipeline.AddStage(osbuild.NewOVFStage(&osbuild.OVFStageOptions{
-		Vmdk: p.imgPipeline.Filename,
+		Vmdk: p.imgPipeline.Filename(),
 	}))
 
 	return pipeline

vendor/github.com/osbuild/images/pkg/manifest/pipeline.go

@@ -23,6 +23,13 @@ type Pipeline interface {
 	// Export this tree of this pipeline as an artifact when osbuild is called.
 	Export() *artifact.Artifact
 
+	// BuildPipeline returns a reference to the pipeline that creates the build
+	// root for this pipeline. For build pipelines, it should return nil.
+	BuildPipeline() *Build
+
+	// Manifest returns a reference to the Manifest which this Pipeline belongs to.
+	Manifest() *Manifest
+
 	getCheckpoint() bool
 
 	getExport() bool
@@ -95,7 +102,11 @@ func (p Base) getExport() bool {
 	return p.export
 }
 
-func (p Base) GetManifest() *Manifest {
+func (p Base) BuildPipeline() *Build {
+	return p.build
+}
+
+func (p Base) Manifest() *Manifest {
 	return p.manifest
 }
 
@@ -176,8 +187,17 @@ func (p Base) serialize() osbuild.Pipeline {
 	return pipeline
 }
 
-type Tree interface {
+// TreePipeline is any pipeline that produces a directory tree.
+type TreePipeline interface {
 	Name() string
-	GetManifest() *Manifest
+	Manifest() *Manifest
-	GetPlatform() platform.Platform
+	BuildPipeline() *Build
+	Platform() platform.Platform
+}
+
+// FilePipeline is any pipeline that produces a single file (typically an image file).
+type FilePipeline interface {
+	Pipeline
+	Filename() string
+	SetFilename(fname string)
 }

vendor/github.com/osbuild/images/pkg/manifest/qcow2.go

@@ -8,28 +8,31 @@ import (
 // A QCOW2 turns a raw image file into qcow2 image.
 type QCOW2 struct {
 	Base
-	Filename string
+	filename string
 	Compat   string
 
-	imgPipeline *RawImage
+	imgPipeline FilePipeline
+}
+
+func (p QCOW2) Filename() string {
+	return p.filename
+}
+
+func (p *QCOW2) SetFilename(filename string) {
+	p.filename = filename
 }
 
 // NewQCOW2 createsa new QCOW2 pipeline. imgPipeline is the pipeline producing the
 // raw image. The pipeline name is the name of the new pipeline. Filename is the name
 // of the produced qcow2 image.
-func NewQCOW2(m *Manifest,
+func NewQCOW2(buildPipeline *Build, imgPipeline FilePipeline) *QCOW2 {
-	buildPipeline *Build,
-	imgPipeline *RawImage) *QCOW2 {
 	p := &QCOW2{
-		Base:        NewBase(m, "qcow2", buildPipeline),
+		Base:        NewBase(imgPipeline.Manifest(), "qcow2", buildPipeline),
 		imgPipeline: imgPipeline,
-		Filename:    "image.qcow2",
+		filename:    "image.qcow2",
-	}
-	if imgPipeline.Base.manifest != m {
-		panic("live image pipeline from different manifest")
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	imgPipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -37,12 +40,12 @@ func (p *QCOW2) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
 	pipeline.AddStage(osbuild.NewQEMUStage(
-		osbuild.NewQEMUStageOptions(p.Filename,
+		osbuild.NewQEMUStageOptions(p.Filename(),
 			osbuild.QEMUFormatQCOW2,
 			osbuild.QCOW2Options{
 				Compat: p.Compat,
 			}),
-		osbuild.NewQemuStagePipelineFilesInputs(p.imgPipeline.Name(), p.imgPipeline.Filename),
+		osbuild.NewQemuStagePipelineFilesInputs(p.imgPipeline.Name(), p.imgPipeline.Filename()),
 	))
 
 	return pipeline
@@ -55,5 +58,5 @@ func (p *QCOW2) getBuildPackages(Distro) []string {
 func (p *QCOW2) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-qemu-disk"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/raw.go

@@ -11,24 +11,27 @@ import (
 type RawImage struct {
 	Base
 	treePipeline *OS
-	Filename     string
+	filename     string
 	PartTool     osbuild.PartTool
 }
 
-func NewRawImage(m *Manifest,
+func (p RawImage) Filename() string {
-	buildPipeline *Build,
+	return p.filename
-	treePipeline *OS) *RawImage {
+}
+
+func (p *RawImage) SetFilename(filename string) {
+	p.filename = filename
+}
+
+func NewRawImage(buildPipeline *Build, treePipeline *OS) *RawImage {
 	p := &RawImage{
-		Base:         NewBase(m, "image", buildPipeline),
+		Base:         NewBase(treePipeline.Manifest(), "image", buildPipeline),
 		treePipeline: treePipeline,
-		Filename:     "disk.img",
+		filename:     "disk.img",
 	}
 	buildPipeline.addDependent(p)
-	if treePipeline.Base.manifest != m {
-		panic("tree pipeline from different manifest")
-	}
 	p.PartTool = osbuild.PTSfdisk // default; can be changed after initialisation
-	m.addPipeline(p)
+	treePipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -48,26 +51,26 @@ func (p *RawImage) serialize() osbuild.Pipeline {
 		panic("no partition table in live image")
 	}
 
-	for _, stage := range osbuild.GenImagePrepareStages(pt, p.Filename, p.PartTool) {
+	for _, stage := range osbuild.GenImagePrepareStages(pt, p.Filename(), p.PartTool) {
 		pipeline.AddStage(stage)
 	}
 
 	inputName := "root-tree"
-	copyOptions, copyDevices, copyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename, pt)
+	copyOptions, copyDevices, copyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename(), pt)
 	copyInputs := osbuild.NewPipelineTreeInputs(inputName, p.treePipeline.Name())
 	pipeline.AddStage(osbuild.NewCopyStage(copyOptions, copyInputs, copyDevices, copyMounts))
 
-	for _, stage := range osbuild.GenImageFinishStages(pt, p.Filename) {
+	for _, stage := range osbuild.GenImageFinishStages(pt, p.Filename()) {
 		pipeline.AddStage(stage)
 	}
 
 	switch p.treePipeline.platform.GetArch() {
 	case platform.ARCH_S390X:
-		loopback := osbuild.NewLoopbackDevice(&osbuild.LoopbackDeviceOptions{Filename: p.Filename})
+		loopback := osbuild.NewLoopbackDevice(&osbuild.LoopbackDeviceOptions{Filename: p.Filename()})
 		pipeline.AddStage(osbuild.NewZiplInstStage(osbuild.NewZiplInstStageOptions(p.treePipeline.kernelVer, pt), loopback, copyDevices, copyMounts))
 	default:
 		if grubLegacy := p.treePipeline.platform.GetBIOSPlatform(); grubLegacy != "" {
-			pipeline.AddStage(osbuild.NewGrub2InstStage(osbuild.NewGrub2InstStageOption(p.Filename, pt, grubLegacy)))
+			pipeline.AddStage(osbuild.NewGrub2InstStage(osbuild.NewGrub2InstStageOption(p.Filename(), pt, grubLegacy)))
 		}
 	}
 
@@ -76,5 +79,5 @@ func (p *RawImage) serialize() osbuild.Pipeline {
 
 func (p *RawImage) Export() *artifact.Artifact {
 	p.Base.export = true
-	return artifact.New(p.Name(), p.Filename, nil)
+	return artifact.New(p.Name(), p.Filename(), nil)
 }

vendor/github.com/osbuild/images/pkg/manifest/raw_ostree.go

@@ -13,25 +13,27 @@ import (
 type RawOSTreeImage struct {
 	Base
 	treePipeline *OSTreeDeployment
-	Filename     string
+	filename     string
 	platform     platform.Platform
 }
 
-func NewRawOStreeImage(m *Manifest,
+func (p RawOSTreeImage) Filename() string {
-	buildPipeline *Build,
+	return p.filename
-	platform platform.Platform,
+}
-	treePipeline *OSTreeDeployment) *RawOSTreeImage {
+
+func (p *RawOSTreeImage) SetFilename(filename string) {
+	p.filename = filename
+}
+
+func NewRawOStreeImage(buildPipeline *Build, treePipeline *OSTreeDeployment, platform platform.Platform) *RawOSTreeImage {
 	p := &RawOSTreeImage{
-		Base:         NewBase(m, "image", buildPipeline),
+		Base:         NewBase(treePipeline.Manifest(), "image", buildPipeline),
 		treePipeline: treePipeline,
-		Filename:     "disk.img",
+		filename:     "disk.img",
 		platform:     platform,
 	}
 	buildPipeline.addDependent(p)
-	if treePipeline.Base.manifest != m {
+	treePipeline.Manifest().addPipeline(p)
-		panic("tree pipeline from different manifest")
-	}
-	m.addPipeline(p)
 	return p
 }
 
@@ -57,12 +59,12 @@ func (p *RawOSTreeImage) serialize() osbuild.Pipeline {
 		panic("no partition table in live image")
 	}
 
-	for _, stage := range osbuild.GenImagePrepareStages(pt, p.Filename, osbuild.PTSfdisk) {
+	for _, stage := range osbuild.GenImagePrepareStages(pt, p.Filename(), osbuild.PTSfdisk) {
 		pipeline.AddStage(stage)
 	}
 
 	inputName := "root-tree"
-	treeCopyOptions, treeCopyDevices, treeCopyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename, pt)
+	treeCopyOptions, treeCopyDevices, treeCopyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename(), pt)
 	treeCopyInputs := osbuild.NewPipelineTreeInputs(inputName, p.treePipeline.Name())
 
 	pipeline.AddStage(osbuild.NewCopyStage(treeCopyOptions, treeCopyInputs, treeCopyDevices, treeCopyMounts))
@@ -71,7 +73,7 @@ func (p *RawOSTreeImage) serialize() osbuild.Pipeline {
 	if len(bootFiles) > 0 {
 		// we ignore the bootcopyoptions as they contain a full tree copy instead we make our own, we *do* still want all the other
 		// information such as mountpoints and devices
-		_, bootCopyDevices, bootCopyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename, pt)
+		_, bootCopyDevices, bootCopyMounts := osbuild.GenCopyFSTreeOptions(inputName, p.treePipeline.Name(), p.Filename(), pt)
 		bootCopyOptions := &osbuild.CopyStageOptions{}
 
 		commit := p.treePipeline.ostreeSpecs[0]
@@ -91,12 +93,12 @@ func (p *RawOSTreeImage) serialize() osbuild.Pipeline {
 		pipeline.AddStage(osbuild.NewCopyStage(bootCopyOptions, bootCopyInputs, bootCopyDevices, bootCopyMounts))
 	}
 
-	for _, stage := range osbuild.GenImageFinishStages(pt, p.Filename) {
+	for _, stage := range osbuild.GenImageFinishStages(pt, p.Filename()) {
 		pipeline.AddStage(stage)
 	}
 
 	if grubLegacy := p.treePipeline.platform.GetBIOSPlatform(); grubLegacy != "" {
-		pipeline.AddStage(osbuild.NewGrub2InstStage(osbuild.NewGrub2InstStageOption(p.Filename, pt, grubLegacy)))
+		pipeline.AddStage(osbuild.NewGrub2InstStage(osbuild.NewGrub2InstStageOption(p.Filename(), pt, grubLegacy)))
 	}
 
 	return pipeline
@@ -104,5 +106,5 @@ func (p *RawOSTreeImage) serialize() osbuild.Pipeline {
 
 func (p *RawOSTreeImage) Export() *artifact.Artifact {
 	p.Base.export = true
-	return artifact.New(p.Name(), p.Filename, nil)
+	return artifact.New(p.Name(), p.Filename(), nil)
 }

vendor/github.com/osbuild/images/pkg/manifest/tar.go

@@ -8,7 +8,7 @@ import (
 // A Tar represents the contents of another pipeline in a tar file
 type Tar struct {
 	Base
-	Filename string
+	filename string
 
 	Format   osbuild.TarArchiveFormat
 	RootNode osbuild.TarRootNode
@@ -19,20 +19,25 @@ type Tar struct {
 	inputPipeline Pipeline
 }
 
+func (p Tar) Filename() string {
+	return p.filename
+}
+
+func (p *Tar) SetFilename(filename string) {
+	p.filename = filename
+}
+
 // NewTar creates a new TarPipeline. The inputPipeline represents the
 // filesystem tree which will be the contents of the tar file. The pipelinename
 // is the name of the pipeline. The filename is the name of the output tar file.
-func NewTar(m *Manifest,
+func NewTar(buildPipeline *Build, inputPipeline Pipeline, pipelinename string) *Tar {
-	buildPipeline *Build,
-	inputPipeline Pipeline,
-	pipelinename string) *Tar {
 	p := &Tar{
-		Base:          NewBase(m, pipelinename, buildPipeline),
+		Base:          NewBase(inputPipeline.Manifest(), pipelinename, buildPipeline),
 		inputPipeline: inputPipeline,
-		Filename:      "image.tar",
+		filename:      "image.tar",
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	inputPipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -40,7 +45,7 @@ func (p *Tar) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
 	tarOptions := &osbuild.TarStageOptions{
-		Filename: p.Filename,
+		Filename: p.Filename(),
 		Format:   p.Format,
 		ACLs:     p.ACLs,
 		SELinux:  p.SELinux,
@@ -60,5 +65,5 @@ func (p *Tar) getBuildPackages(Distro) []string {
 func (p *Tar) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-tar"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/vmdk.go

@@ -8,43 +8,31 @@ import (
 // A VMDK turns a raw image file or a raw ostree image file into vmdk image.
 type VMDK struct {
 	Base
-	Filename string
+	filename string
 
 	imgPipeline Pipeline
 }
 
+func (p VMDK) Filename() string {
+	return p.filename
+}
+
+func (p *VMDK) SetFilename(filename string) {
+	p.filename = filename
+}
+
 // NewVMDK creates a new VMDK pipeline. imgPipeline is the pipeline producing the
 // raw image. imgOstreePipeline is the pipeline producing the raw ostree image.
 // Either imgPipeline or imgOStreePipeline are required, but not both at the same time.
 // Filename is the name of the produced image.
-func NewVMDK(m *Manifest,
+func NewVMDK(buildPipeline *Build, imgPipeline FilePipeline) *VMDK {
-	buildPipeline *Build,
+	p := &VMDK{
-	imgPipeline *RawImage, imgOstreePipeline *RawOSTreeImage) *VMDK {
+		Base:        NewBase(imgPipeline.Manifest(), "vmdk", buildPipeline),
-	if imgPipeline != nil && imgOstreePipeline != nil {
+		imgPipeline: imgPipeline,
-		panic("NewVMDK requires either RawImage or RawOSTreeImage")
+		filename:    "image.vmdk",
-	}
-	var p *VMDK
-	if imgPipeline != nil {
-		p = &VMDK{
-			Base:        NewBase(m, "vmdk", buildPipeline),
-			imgPipeline: imgPipeline,
-			Filename:    "image.vmdk",
-		}
-		if imgPipeline.Base.manifest != m {
-			panic("live image pipeline from different manifest")
-		}
-	} else {
-		p = &VMDK{
-			Base:        NewBase(m, "vmdk", buildPipeline),
-			imgPipeline: imgOstreePipeline,
-			Filename:    "image.vmdk",
-		}
-		if imgOstreePipeline.Base.manifest != m {
-			panic("live image pipeline from different manifest")
-		}
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	imgPipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -52,7 +40,7 @@ func (p *VMDK) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
 	pipeline.AddStage(osbuild.NewQEMUStage(
-		osbuild.NewQEMUStageOptions(p.Filename, osbuild.QEMUFormatVMDK, osbuild.VMDKOptions{
+		osbuild.NewQEMUStageOptions(p.Filename(), osbuild.QEMUFormatVMDK, osbuild.VMDKOptions{
 			Subformat: osbuild.VMDKSubformatStreamOptimized,
 		}),
 		osbuild.NewQemuStagePipelineFilesInputs(p.imgPipeline.Name(), p.imgPipeline.Export().Filename()),
@@ -68,5 +56,5 @@ func (p *VMDK) getBuildPackages(Distro) []string {
 func (p *VMDK) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-vmdk"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/vpc.go

@@ -8,29 +8,32 @@ import (
 // A VPC turns a raw image file into qemu-based image format, such as qcow2.
 type VPC struct {
 	Base
-	Filename string
+	filename string
 
 	ForceSize *bool
 
 	imgPipeline *RawImage
 }
 
+func (p VPC) Filename() string {
+	return p.filename
+}
+
+func (p *VPC) SetFilename(filename string) {
+	p.filename = filename
+}
+
 // NewVPC createsa new Qemu pipeline. imgPipeline is the pipeline producing the
 // raw image. The pipeline name is the name of the new pipeline. Filename is the name
 // of the produced image.
-func NewVPC(m *Manifest,
+func NewVPC(buildPipeline *Build, imgPipeline *RawImage) *VPC {
-	buildPipeline *Build,
-	imgPipeline *RawImage) *VPC {
 	p := &VPC{
-		Base:        NewBase(m, "vpc", buildPipeline),
+		Base:        NewBase(imgPipeline.Manifest(), "vpc", buildPipeline),
 		imgPipeline: imgPipeline,
-		Filename:    "image.vhd",
+		filename:    "image.vhd",
-	}
-	if imgPipeline.Base.manifest != m {
-		panic("live image pipeline from different manifest")
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	imgPipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -40,8 +43,8 @@ func (p *VPC) serialize() osbuild.Pipeline {
 	formatOptions := osbuild.VPCOptions{ForceSize: p.ForceSize}
 
 	pipeline.AddStage(osbuild.NewQEMUStage(
-		osbuild.NewQEMUStageOptions(p.Filename, osbuild.QEMUFormatVPC, formatOptions),
+		osbuild.NewQEMUStageOptions(p.Filename(), osbuild.QEMUFormatVPC, formatOptions),
-		osbuild.NewQemuStagePipelineFilesInputs(p.imgPipeline.Name(), p.imgPipeline.Filename),
+		osbuild.NewQemuStagePipelineFilesInputs(p.imgPipeline.Name(), p.imgPipeline.Filename()),
 	))
 
 	return pipeline
@@ -54,5 +57,5 @@ func (p *VPC) getBuildPackages(Distro) []string {
 func (p *VPC) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/x-vhd"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/manifest/xz.go

@@ -8,23 +8,29 @@ import (
 // The XZ pipeline compresses a raw image file using xz.
 type XZ struct {
 	Base
-	Filename string
+	filename string
 
-	imgPipeline Pipeline
+	imgPipeline FilePipeline
+}
+
+func (p XZ) Filename() string {
+	return p.filename
+}
+
+func (p *XZ) SetFilename(filename string) {
+	p.filename = filename
 }
 
 // NewXZ creates a new XZ pipeline. imgPipeline is the pipeline producing the
 // raw image that will be xz compressed.
-func NewXZ(m *Manifest,
+func NewXZ(buildPipeline *Build, imgPipeline FilePipeline) *XZ {
-	buildPipeline *Build,
-	imgPipeline Pipeline) *XZ {
 	p := &XZ{
-		Base:        NewBase(m, "xz", buildPipeline),
+		Base:        NewBase(imgPipeline.Manifest(), "xz", buildPipeline),
-		Filename:    "image.xz",
+		filename:    "image.xz",
 		imgPipeline: imgPipeline,
 	}
 	buildPipeline.addDependent(p)
-	m.addPipeline(p)
+	imgPipeline.Manifest().addPipeline(p)
 	return p
 }
 
@@ -32,7 +38,7 @@ func (p *XZ) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
 	pipeline.AddStage(osbuild.NewXzStage(
-		osbuild.NewXzStageOptions(p.Filename),
+		osbuild.NewXzStageOptions(p.Filename()),
 		osbuild.NewXzStageInputs(osbuild.NewFilesInputPipelineObjectRef(p.imgPipeline.Name(), p.imgPipeline.Export().Filename(), nil)),
 	))
 
@@ -46,5 +52,5 @@ func (p *XZ) getBuildPackages(Distro) []string {
 func (p *XZ) Export() *artifact.Artifact {
 	p.Base.export = true
 	mimeType := "application/xz"
-	return artifact.New(p.Name(), p.Filename, &mimeType)
+	return artifact.New(p.Name(), p.Filename(), &mimeType)
 }

vendor/github.com/osbuild/images/pkg/osbuild/systemd_preset_stage.go

@@ -0,0 +1,56 @@
+package osbuild
+
+import "fmt"
+
+type SystemdPresetStageOptions struct {
+	Presets []Preset `json:"presets,omitempty"`
+}
+
+type PresetState string
+
+const (
+	StateEnable  PresetState = "enable"
+	StateDisable PresetState = "disable"
+)
+
+type Preset struct {
+	Name  string      `json:"name,omitempty"`
+	State PresetState `json:"state,omitempty"`
+}
+
+func (SystemdPresetStageOptions) isStageOptions() {}
+
+func NewSystemdPresetStage(options *SystemdPresetStageOptions) *Stage {
+	if err := options.validate(); err != nil {
+		panic(err)
+	}
+	return &Stage{
+		Type:    "org.osbuild.systemd.preset",
+		Options: options,
+	}
+}
+
+func (o SystemdPresetStageOptions) validate() error {
+	if len(o.Presets) == 0 {
+		return fmt.Errorf("at least one preset is required")
+	}
+	return nil
+}
+
+// GenServicesPresetStage creates a new systemd preset stage for the given
+// list of services to enable and disable.
+func GenServicesPresetStage(enabled, disabled []string) *Stage {
+	if len(enabled) == 0 && len(disabled) == 0 {
+		return nil
+	}
+
+	presets := make([]Preset, 0, len(enabled)+len(disabled))
+	for _, name := range enabled {
+		presets = append(presets, Preset{Name: name, State: StateEnable})
+	}
+	for _, name := range disabled {
+		presets = append(presets, Preset{Name: name, State: StateDisable})
+	}
+
+	return NewSystemdPresetStage(&SystemdPresetStageOptions{Presets: presets})
+}

vendor/github.com/osbuild/images/pkg/osbuild/systemd_unit_stage.go

@@ -1,9 +1,17 @@
 package osbuild
 
+type unitType string
+
+const (
+	System unitType = "system"
+	Global unitType = "global"
+)
+
 type SystemdUnitStageOptions struct {
-	Unit   string                   `json:"unit"`
+	Unit     string                   `json:"unit"`
-	Dropin string                   `json:"dropin"`
+	Dropin   string                   `json:"dropin"`
-	Config SystemdServiceUnitDropin `json:"config"`
+	Config   SystemdServiceUnitDropin `json:"config"`
+	UnitType unitType                 `json:"unit-type,omitempty"`
 }
 
 func (SystemdUnitStageOptions) isStageOptions() {}
@@ -18,6 +26,7 @@ func NewSystemdUnitStage(options *SystemdUnitStageOptions) *Stage {
 // Drop-in configuration for a '.service' unit
 type SystemdServiceUnitDropin struct {
 	Service *SystemdUnitServiceSection `json:"Service,omitempty"`
+	Unit    *SystemdUnitSection        `json:"Unit,omitempty"`
 }
 
 // 'Service' configuration section of a unit file
@@ -25,3 +34,9 @@ type SystemdUnitServiceSection struct {
 	// Sets environment variables for executed process
 	Environment string `json:"Environment,omitempty"`
 }
+
+// 'Unit' configuration section of a unit file
+type SystemdUnitSection struct {
+	// Sets condition to to check if file exits
+	FileExists string `json:"ConditionPathExists,omitempty"`
+}

vendor/google.golang.org/api/internal/version.go

@@ -5,4 +5,4 @@
 package internal
 
 // Version is the current tagged release of the library.
-const Version = "0.137.0"
+const Version = "0.138.0"

vendor/modules.txt

@@ -119,7 +119,7 @@ github.com/acarl005/stripansi
 # github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
 ## explicit; go 1.13
 github.com/asaskevich/govalidator
-# github.com/aws/aws-sdk-go v1.44.325
+# github.com/aws/aws-sdk-go v1.44.329
 ## explicit; go 1.11
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/arn
@@ -445,7 +445,7 @@ github.com/google/s2a-go/internal/v2/remotesigner
 github.com/google/s2a-go/internal/v2/tlsconfigstore
 github.com/google/s2a-go/retry
 github.com/google/s2a-go/stream
-# github.com/google/uuid v1.3.0
+# github.com/google/uuid v1.3.1
 ## explicit
 github.com/google/uuid
 # github.com/googleapis/enterprise-certificate-proxy v0.2.5
@@ -645,7 +645,7 @@ github.com/oracle/oci-go-sdk/v54/identity
 github.com/oracle/oci-go-sdk/v54/objectstorage
 github.com/oracle/oci-go-sdk/v54/objectstorage/transfer
 github.com/oracle/oci-go-sdk/v54/workrequests
-# github.com/osbuild/images v0.0.0-20230817095437-c2aa82cc9a86
+# github.com/osbuild/images v0.3.0
 ## explicit; go 1.19
 github.com/osbuild/images/internal/common
 github.com/osbuild/images/internal/dnfjson
@@ -973,7 +973,7 @@ golang.org/x/tools/internal/typeparams
 ## explicit; go 1.17
 golang.org/x/xerrors
 golang.org/x/xerrors/internal
-# google.golang.org/api v0.137.0
+# google.golang.org/api v0.138.0
 ## explicit; go 1.19
 google.golang.org/api/googleapi
 google.golang.org/api/googleapi/transport