tag v0.165.0
Tagger: imagebuilder-bot <imagebuilder-bots+imagebuilder-bot@redhat.com>
Changes with 0.165.0
----------------
* distro: move rhel9 into a generic distro (osbuild/images#1645)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger
* Revert "distro: drop `ImageType.BasePartitionTable()`" (osbuild/images#1691)
* Author: Michael Vogt, Reviewers: Simon de Vlieger, Tomáš Hozza
* Update dependencies 2025-07-20 (osbuild/images#1675)
* Author: SchutzBot, Reviewers: Achilleas Koutsou, Simon de Vlieger
* defs: add missing `bootstrap_containers` (osbuild/images#1679)
* Author: Michael Vogt, Reviewers: Simon de Vlieger, Tomáš Hozza
* disk: handle adding `PReP` partition on PPC64/s390x (HMS-8884) (osbuild/images#1681)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger
* distro: bring per-distro checkOptions back (osbuild/images#1678)
* Author: Michael Vogt, Reviewers: Simon de Vlieger, Tomáš Hozza
* distro: cleanups in the pkg/distro/generic area (osbuild/images#1686)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger
* distro: move rhel8 into a generic distro (osbuild/images#1643)
* Author: Michael Vogt, Reviewers: Nobody
* distro: small followups for PR#1682 (osbuild/images#1689)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger, Tomáš Hozza
* distro: unify transform/match into a single concept (osbuild/images#1682)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Tomáš Hozza
* distros: de-duplicate runner build packages for centos10 (osbuild/images#1680)
* Author: Michael Vogt, Reviewers: Simon de Vlieger, Tomáš Hozza
* github: disable Go dep updates through dependabot (osbuild/images#1683)
* Author: Achilleas Koutsou, Reviewers: Simon de Vlieger, Tomáš Hozza
* repos: include almalinux 9.6 (osbuild/images#1677)
* Author: Simon de Vlieger, Reviewers: Lukáš Zapletal, Tomáš Hozza
* rhel9: wsl distribution config (osbuild/images#1694)
* Author: Simon de Vlieger, Reviewers: Michael Vogt, Sanne Raymaekers
* test/manifests/all-customizations: don't embed local file via URI (osbuild/images#1684)
* Author: Tomáš Hozza, Reviewers: Achilleas Koutsou, Brian C. Lane
— Somewhere on the Internet, 2025-07-28
---
tag v0.166.0
Tagger: imagebuilder-bot <imagebuilder-bots+imagebuilder-bot@redhat.com>
Changes with 0.166.0
----------------
* customizations/subscription: conditionally enable semanage call (HMS-8866) (osbuild/images#1673)
* Author: Sanne Raymaekers, Reviewers: Achilleas Koutsou, Michael Vogt
* distro/rhel-10: versionlock shim-x64 in the azure-cvm image (osbuild/images#1697)
* Author: Achilleas Koutsou, Reviewers: Michael Vogt, Simon de Vlieger
* manifestmock: move container/pkg/commit mocks into helper (osbuild/images#1700)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger
* rhel9: `vagrant-libvirt`, `vagrant-virtualbox` (osbuild/images#1693)
* Author: Simon de Vlieger, Reviewers: Michael Vogt, Sanne Raymaekers
* rhel{9,10}: centos WSL refinement (HMS-8922) (osbuild/images#1690)
* Author: Simon de Vlieger, Reviewers: Ondřej Budai, Sanne Raymaekers, Tomáš Hozza
— Somewhere on the Internet, 2025-07-29
---
tag v0.167.0
Tagger: imagebuilder-bot <imagebuilder-bots+imagebuilder-bot@redhat.com>
Changes with 0.167.0
----------------
* RHEL/Azure: drop obsolete WAAgentConfig keys [RHEL-93894] and remove loglevel kernel option [RHEL-102372] (osbuild/images#1611)
* Author: Achilleas Koutsou, Reviewers: Michael Vogt, Ondřej Budai, Sanne Raymaekers
* Update dependencies 2025-07-27 (osbuild/images#1699)
* Author: SchutzBot, Reviewers: Achilleas Koutsou, Simon de Vlieger
* distro/rhel9: set default_kernel to kernel-uki-virt (osbuild/images#1704)
* Author: Achilleas Koutsou, Reviewers: Ondřej Budai, Simon de Vlieger
* distro: drop legacy loaders and update tests (osbuild/images#1687)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Tomáš Hozza
* distro: fix issues with yaml distro definitions and enable yaml checks (osbuild/images#1702)
* Author: Achilleas Koutsou, Reviewers: Michael Vogt, Ondřej Budai, Simon de Vlieger
— Somewhere on the Internet, 2025-07-30
---
tag v0.168.0
Tagger: imagebuilder-bot <imagebuilder-bots+imagebuilder-bot@redhat.com>
Changes with 0.168.0
----------------
* distro: fix bug in variable substitution for static distros (osbuild/images#1710)
* Author: Michael Vogt, Reviewers: Achilleas Koutsou, Simon de Vlieger
* rhel{9,10}: azure for non-RHEL (HMS-8949) (osbuild/images#1707)
* Author: Simon de Vlieger, Reviewers: Achilleas Koutsou, Michael Vogt
— Somewhere on the Internet, 2025-07-30
---
Version 5.22 introduced a new option to /etc/containers/policy.json called
keyPaths, see
https://github.com/containers/image/pull/1609
EL9 immediately took advantage of this new feature and started using it, see
04645c4a84
This quickly became an issue in our code: The go library (containers/image)
parses the configuration file very strictly and refuses to create a client
when policy.json with an unknown key is present on the filesystem. As we
used 5.21.1 that doesn't know the new key, our unit tests started to
failing when containers-common was present.
Reproducer:
podman run --pull=always --rm -it centos:stream9
dnf install -y dnf-plugins-core
dnf config-manager --set-enabled crb
dnf install -y gpgme-devel libassuan-devel krb5-devel golang git-core
git clone https://github.com/osbuild/osbuild-composer
cd osbuild-composer
# install the new containers-common and run the test
dnf install -y https://kojihub.stream.centos.org/kojifiles/packages/containers-common/1/44.el9/x86_64/containers-common-1-44.el9.x86_64.rpm
go test -count 1 ./...
# this returns:
--- FAIL: TestClientResolve (0.00s)
client_test.go:31:
Error Trace: client_test.go:31
Error: Received unexpected error:
Unknown key "keyPaths"
invalid policy in "/etc/containers/policy.json"
github.com/containers/image/v5/signature.NewPolicyFromFile
/osbuild-composer/vendor/github.com/containers/image/v5/signature/policy_config.go:88
github.com/osbuild/osbuild-composer/internal/container.NewClient
/osbuild-composer/internal/container/client.go:123
github.com/osbuild/osbuild-composer/internal/container_test.TestClientResolve
/osbuild-composer/internal/container/client_test.go:29
testing.tRunner
/usr/lib/golang/src/testing/testing.go:1439
runtime.goexit
/usr/lib/golang/src/runtime/asm_amd64.s:1571
Test: TestClientResolve
client_test.go:32:
Error Trace: client_test.go:32
Error: Expected value not to be nil.
Test: TestClientResolve
When run with an older containers-common, it succeeds:
dnf install -y https://kojihub.stream.centos.org/kojifiles/packages/containers-common/1/40.el9/x86_64/containers-common-1-40.el9.x86_64.rpm
go test -count 1 ./...
PASS
To sum it up, I had to upgrade github.com/containers/image/v5 to v5.22.0.
Unfortunately, this wasn't so simple, see
go get github.com/containers/image/v5@latest
go: github.com/containers/image/v5@v5.22.0 requires
github.com/letsencrypt/boulder@v0.0.0-20220331220046-b23ab962616e requires
github.com/honeycombio/beeline-go@v1.1.1 requires
github.com/gobuffalo/pop/v5@v5.3.1 requires
github.com/mattn/go-sqlite3@v2.0.3+incompatible: reading github.com/mattn/go-sqlite3/go.mod at revision v2.0.3: unknown revision v2.0.3
It turns out that github.com/mattn/go-sqlite3@v2.0.3+incompatible has been
recently retracted https://github.com/mattn/go-sqlite3/pull/998 and this
broke a ton of packages depending on it. I was able to fix it by adding
exclude github.com/mattn/go-sqlite3 v2.0.3+incompatible
to our go.mod, see
https://github.com/mattn/go-sqlite3/issues/975#issuecomment-955661657
After adding it,
go get github.com/containers/image/v5@latest
succeeded and tools/prepare-source.sh took care of the rest.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Add a new generic container registry client via a new `container`
package. Use this to create a command line utility as well as a
new upload target for container registries.
The code uses the github.com/containers/* project and packages to
interact with container registires that is also used by skopeo,
podman et al. One if the dependencies is `proglottis/gpgme` that
is using cgo to bind libgpgme, so we have to add the corresponding
devel package to the BuildRequires as well as installing it on CI.
Checks will follow later via an integration test.
