The `fix-bls` stage supports a `prefix` argument, which was not
supported in composer. Specifying this argument is necessary in case the
`/boot` mountpoint is on a separate partition.
Add the `prefix` argument to the `fix-bls` stage. Amend unit tests.
The RHEL-8.5 and RHEL-9.0 `aarch64` `ec2` and `ami` images use partitioning
with `/boot` on a separate partition. Due to this, the pipeline must specify
a non-default prefix to the `fix-bls` stage.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Specifying the boot partition filesystem UUID in grub2 stage is required
in case the `/boot` mountpoint is on a separate partition. This is the
case of RHEL-8.5 and RHEL-9.0 `ami` and `ec2` images.
Extend `disk.PartitionTable` with a new `BootPartition` method, which
returns a pointer to partition with FS mountpoint `/boot` if there is
such partition, or `nil` otherwise.
Extend the RHEL-8.5 and RHEL-9.0 code creating options structure for
grub2 osbuild stage to include the boot partition in case it has been
provided.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
The `/boot` partition had incorrect FS type `EFI System partition`,
instead of `Linux filesystem data`. Fix this.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Otherwise, kernel-install will just pick the cmdline from /proc/cmdline
that is actually the host's one. This way, I managed to leak the cmdline
from my Fedora running on btrfs to RHEL 9 image which led to a very weird
results.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We want to also mangle RHEL 9 in the same style as we do 8.4+.
RHEL 8.0 => rhel-80
RHEL 8.1 => rhel-81
etc
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Renamed tar-installer to image-installer.
This is a more appropriate name:
- It disassociates the image type from the "tar" image type. The two
should not be perceived to be connected.
- It's more descriptive. The format of the payload (tar) isn't relevant
to the purpose of the image type.
The problem: osbuild-composer used to have a rather uncomplete logic for
selecting client certificates and keys while fetching data from
repositories that use the "subscription model". In this scenario, every
repo requires the user to use a client-side TLS certificate. The problem
is that every repo can use its own CA and require a different pair of
a certificate and a key. This case wasn't handled at all in composer.
Furthermore, osbuild-composer can use remote workers which complicates
things even more.
Assumptions: The problem outlined above is hard to solve in the general
case, but Red Hat Subscription Manager places certain limitations on how
subscriptions might be used. For example, a subscription must be tight to
a host system, so there is no way to use such a repository in osbuild-composer
without it being available on the host system as well.
Also, if a user wishes to use a certain repository in osbuild-composer it
must be available on both hosts: the composer and the worker. It will come
with different pair of a client certificate and a key but otherwise, its
configuration remains the same.
The solution: Expect all the subscriptions to be registered in the
/etc/yum.repos.d/redhat.repo file. Read the mapping of URLs to certificates
and keys from there and use it. Don't change the manifest format and let
osbuild guess the appropriate subscription to use.
For s390x, prepend a kernel cmdline stage to the start of the OS
pipeline. This is a noop for other architectures for now.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
Returns a single stage that configures the bootloader, either GRUB or
ZIPL based on architecture.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
Utility function for finding the kernel package and returning it's
version string. Useful for configuring bootloaders.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
Fix the split of x86_64 boot package set into the Legacy and UEFI set.
The package `dracut-config-generic` is needed for Legacy, UEFI and
Hybrid boot mode, therefore it must be included in both package sets.
In the case of the Hybrid mode, the duplicated package is not expected
to cause any issues, because it should not appear as duplicated after
depsolving the package set using DNF.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Add new image type definitions `ec2` and `ec2-ha` representing the
official RHEL ec2 image types.
Add a `xzArchivePipeline()`, which returns a pipeline producing a XZ
archive from a file produced by a different pipeline.
Add rpmrepo snapshots for `rhui` and `ha` repositories used to generate
image test cases. `rhui` is used by the `ec2` image and it is available
on x86_64 and aarch64 architectures. `ha` is used by the `ec2-ha` image
and it is available only for x86_64.
The new image type definitions are currently not used by any
API test case.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Previously, the support of UEFI has been captured only on the level or
architecture definition as a binary boolean value. In reality some of
the architectures are able to support legacy, UEFI or hybrid boot.
Introduce a new BootType value, defined on the architecture level, which
can be set to one of the three boot types mentioned above. The value set
on the architecture level can be overridden on the image type level in
the image type definition.
Add two unexported helper methods to the `imageType`, specifically
`getBootType()` which returns the boot type that should be used for the
image type and architecture combination. The values set explicitly in
the image type or architecture definition should not be used directly.
Second added method is `supportsUEFI()`, which returns boolean value
representing the fact if the image type supports UEFI boot.
Split and define the boot package sets separately for the legacy and
UEFI boot. The `PackageSets()` method of the imageType structure is
modified to take the boot type into consideration and append appropriate
package sets to the "os" package set.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Redefine the `ami` image type in RHEL-8.5 to be based on RHEL
ec2 images. The pipeline has different default settings, therefore the
common "os" pipeline is not used. The RHEL ec2 images have a different
default size than the original `ami` image definition. The RHEL ec2
images use a different default partitioning scheme. Their configuration
is slightly different for each architecture and the x86_64 version
of the image does not support UEFI.
Update rpmrepo snapshots used to generate RHEL-8.5 x86_64 and aarch64
image test cases.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
In the main OS pipeline created by osPipeline(), there is often a set of
stages that are added after the common ones. The SELinux stage must
always be last in the pipeline, so it is added externally by the calling
function.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
The package set is needed by the GRUB 2 stage options function to find
the Kernel package in order to add the saved entry option. The Kernel
package is defined in the blueprints package set, not the OS package
set.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
If there's no kernel in the main package set, the standard/default
kernel will be added while depsolving. This causes issues when an
alternative kernel is selected in the blueprint. Both kernels will be
installed (one from the blueprint and one from the main OS set) which
causes issues with ostree image types.
Since partitions without a filesystem are skipped, we need to
dynamically append to create the mounts array instead of pre-allocating
to the number of partitions.
Blueprint packages are now defined and passed into Manifest()
separately. The main osPipelines() already has an argument for
explicitly passing the blueprint packages. Added the same for the ostree
pipelines.
Previously, /boot/efi mount was specified before /. This obviously doesn't
work because we need to mount / firstly.
This commit adds explicit ordering of the mounts.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
osbuild has recently got support for specifying mounts as an array. This
commit takes advantage of it and uses this new format.
This allows us to specify the order of mounts which is important because
we cannot mount /boot/efi before / is mounted.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
EDGE image types are defined under a different name for RHEL-8.5,
specifically they don't contain the "rhel-" prefix any more. To ensure
backward compatibility, add image type aliases for all EDGE image types
with the "rhel-" prefix.
Image type aliases are used only when getting a specific imageType
instance by its name. When listing all available image types for an
architecture, only the current image type names are returned, without
any aliases. This prevents the image types from being exposed multiple
times under different names via Weldr API.
Extend the distro unit tests to test image type aliases.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Refactor data structures used for test cases in the
`TestFilenameFromType()` to have more descriptive names.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
