Make edge raw images (both the raw image type and the same in the edge
simplified installer) mount the /sysroot as read-only. This was already
done in Fedora 37+ (547f7a66b3).
Copied commit message from 6f89e9d499 to a
comment in all places where the accompanying "rw" kernel option is set
explaining the requirement, since the option is counter-intuitive.
Signed-off-by: Antonio Murdaca <runcom@linux.com>
Signed-off-by: Antonio Murdaca <antoniomurdaca@gmail.com>
Co-Authored-By: Achilleas Koutsou <achilleas@koutsou.net>
The bootiso.mono stage in osbuild that we used until recently adds the
inst.stage2 option unconditionally [1] whereas the current grub2.iso
stage that we use now doesn't.
[1] 8511add169/stages/org.osbuild.bootiso.mono (L369)
The CoreOSInstaller pipeline supports adding inline data to the tree for
the FDO cert. This needs to be returned by the pipeline object via the
getInline() method to attach the necessary data to the Sources array in
the manifest.
Rename the raw image embedded in the simplified-installer ISO to
image.raw.xz for RHEL 8. This is the same name that's used for the raw
image when built on its own (as edge-raw-image).
The change is made for consistency with RHEL 9 and Fedora as well as for
consistency with the edge-raw-image.
Add the image function and remove the pipeline function.
Remove the build package set: build packages are added to the pipelines
on-demand based on platform, environment, and stage requirements.
Define the OSTreeSimplifiedInstaller ImageKind.
This is the top-level image definition.
It uses the raw image pipelines, iso pipelines, and the new coreos
installer pipelines.
New bootiso-tree pipeline specific to the CoreOS Installer.
This is very similar to the Anaconda bootiso-tree pipeline. Usually we
generalise these pipelines to support both installers. The bootiso-tree
is different enough that generalising the one for Anaconda would make it
harder to work with.
Different distros and image types have different dracut modules
available and enabled. Set these at the distro level and push them down
through the appropriate manifests, pipelines, and stages.
Added to both anaconda and coreos installers.
Defines an fdo.Options struct for the internal representation of the FDO
options. It can be easily converted from the blueprint FDO
customizations and is added to OSCustomizations in the pipeline
generators, which in turn define stage options.
The kernel arguments for the EFIBootTree depend on the type of ISO we're
building, the payload, and the location of the kickstart file if any.
Instead of setting multiple fields on the object, most of which would be
mutually exclusive, set the kernel arguments from the image manifest
generator function which has all the information.
Support adding any pipeline as the tree for the ISO.
The existing ISOTree (bootiso-tree) pipeline is specific to Anaconda.
This change will allow the ISO (bootiso) pipeline to be created with any
pipeline, so we can add an ISO tree that is specific to the CoreOS
Installer.
Remove dependence of EFIBootTree pipeline (efiboot-tree) on an Anaconda
pipeline. The Anaconda pipeline was used to get the product and version
strings, so we pass those in instead.
This way, we an use the pipeline without needing an Anaconda pipeline.
The EFI tree shouldn't depend on an installer (or any) pipeline.
The big rewrite of rhel9 distro omitted installing s390utils-base into the
buildroot. This caused the org.osbuild.zipl.inst stage because of missing
/usr/sbin/zipl.
This commit introduces s390utils-base back into the buildroot which fixes
building of the s390x images.
I verified it by building the RHEL 9.1 qcow2 image and booting it using
libvirt.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
The ostree options are used during the ostree resolve job, but when
generating the manifest the rhsm value comes from the image options, so
it's necessary to set it on both.
Updates firewall stage customizations to allow zones
as per the changes made on osbuild/osbuild#1157
Relevant tests and pipelines for rhel8+9 updated.
Signed-off-by: Irene Diez <idiez@redhat.com>
Adds the new journald stage to rhel 8/9
rpmostree commit pipeline.This will add
the dropin file `10-persitent.conf` with
the storage option set as persistent.
Co-authored-by: Sayan Paul <paul.sayan@gmail.com>
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
Creates new stage to configure
journald to persist the journal.
Instead of creating the `/var/log/journal`
directory we explicitly configure journald
via the new stage.This is done in
according to the FCOS norms.
Unit tests also added for functionality
check.
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
Openshift overrides the `service` label for
all metrics in the cluster. Update the label
from `service` to `subsystem` for the status
metrics query. This helps us differentiate
between requests from composer and the worker
server.
Register the custom middleware function to the worker
server. This function is responsible for recording all
the status codes of all the server's endpoints.
Due to a bug with echo/v4, a request to an endpoint using
the incorrect method should return a `405` error but returns
a `404` error instead when a middleware function is registered.
The worker `server_test` has been updated to reflect this.
Register the custom middleware function to the cloudapi
server. This function is responsible for recording all
the status codes of all the server's endpoints.
Create a custom middleware function
to measure 5xx requests for all composer
& worker routes and not just the `/composer`
endpoint. The result is a prometheus metric
that contains info on the request status code,
path & method.
A helper function has been added to clean the
dynamic parameters in the path routes to reduce
metric cardinality
Add a helper function to register the same metrics
for both the worker and composer - the only difference
being the subsystem name. The function checks if the
metric has already been registered and, if so, returns
the already registered metric.
At the moment we have duplicate logic here; ideally of course
we consolidate (since both codebases are Go, perhaps we could
create a tiny little Go library for "RHEL GCP stuff"?) but
for now let's just cross-link for awareness.
The `RepositoryError` structure was weirdly used instead of a plan
`error` type and added no value. Delete it and replace its only use with
plain `error`.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Clean up the `rpmmd` package from unused interfaces and data structures.
These are leftovers after the last dnfjson rework.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Specifically describe that at least one of `baseurl`, `mirrorlist` or
`metalink` properties must be specified. Although this is not enforced
by the schema, it is the reality. Modifying the schema to enforce this
results in the generated data structure for `Repository` to be simply
an `interface{}`, which would just make the code more ugly, Therefore
this is covered by the API implementation logic.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Currently we only support "xz", but keeping it as a `switch` to easily
support more types in the future.
The empty string is also supported as a no-op.
The global qcow2ImgType was unconfigured and meant to be used by calling
the mkQcow2ImgType() function. In the distro initialisation code, the
new variable created from the mkQcow2ImgType() function with the
configuration was shadowing the global variable. This can lead to
errors in the future where it's not clear which variable is used where.
Putting the definition in a function makes it impossible to use without
configuring.
Add support for specifying where the kickstart file will be created:
either in the default location in the anaconda tree or at the root of
the ISO like we did so far in RHEL.
From the distro level, this is controlled by a boolean that when set to
true puts the kickstart file in the root of the ISO tree at /osbuild.ks
(the old behaviour) and if unset falls back to the default location
/usr/share/anaconda/interactive-defaults.ks.
Changed the name of the kickstart file for ostree back to osbuild.ks
Was ostree.ks for a while since a1bfcfe91c.
For Fedora we use the default and for RHEL we maintain the old behaviour
for now.
Add support for specifying the squashfs compression method for ISOTree
pipelines from the caller.
Build Fedora ISOs with lz4 compression and RHEL with xz.
Unconditionally enable the users module in Anaconda.
The module serves two purposes:
- It will create a user that's defined in the blueprint by adding the
user creation stage in the kickstart file.
- It allows users to create user accounts interactively during
installation.
- Add a list of image type names to skip with explanations.
- Run the test in two configurations: empty blueprint and blueprint with
named kernel (kernel, kernel-debug).
- Count only unique kernel names. Specifying the same kernel twice
isn't an issue. We might change this in the future, but for now the
kernel selection logic is a bit messy.
- Temporarily skip the image-installer until we settle on a common rule
for both Fedora and RHEL.
