This platform copies more files into `/boot` which are necessary to be
able to boot IoT on some single board computers.
We also immediately set this on the `Aarch64_IoT` platform which needs
u-boot to be placed in the `/boot`.
This closes#3312.
Add a helper function that collects all the manifest list digests from a
list of container specs and returns a FilesInput to be used with the
stage.
Use the function in the OS pipeline when adding containers. The
manifests input to the stage constructor will be empty if there are no
manifest lists in the container specs.
The skopeo stage in osbuild supports an second optional set of inputs
called `manifest-lists`. This is an array of files, i.e.,
`org.osbuild.files` type input.
To support this we need a new type for the skopeo stage inputs that can
encompass both input types, images and manifest-lists.
It turned out that when we stopped setting the kernel options in grubenv
file, we also stopped setting them in /etc/default/grub under
`GRUB_CMDLINE_LINUX`. This file is used by grub2-mkconfig when
generating grub configuration.
10_linux script executed by grub2-mkconfig recently started to overwrite
the /etc/kernel/cmdline, if its timestamp is older than the timestamp of
/etc/default/grub [1]. As a result, all kernel options were wiped out from
/etc/kernel/cmdline.
Make sure that we always set the `KernelOptions` in the grub2 stage
options, even if the `WriteCmdLine` is set to `false`.
In addition, unify the way we concatenate kernel options set in the
grub2 stage options. Some pipeline implementations were previously using
space, other were using comma. Space is now used everywhere.
Regenerate all affected image manifests.
[1] https://src.fedoraproject.org/rpms/grub2/c/fc76aed5333f56dd05400521a35b944a5df52ebc
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Fix the following error reported by Coverity:
```
Defect type: SUPPRESSED_ERROR
1. osbuild-composer-75/_build/src/github.com/osbuild/osbuild-composer/internal/manifest/os.go:546: suppressed_error: The error returned by the function "GetVerStrFromPackageSpecList(p.packageSpecs, "dracut-config-rescue")" is not explicitly checked.
2. osbuild-composer-75/_build/src/github.com/osbuild/osbuild-composer/internal/manifest/os.go:546: remediation: Explicitly check the return error.
544| }
545|
546|-> rescueVer, _ := rpmmd.GetVerStrFromPackageSpecList(p.packageSpecs, "dracut-config-rescue")
547| hasRescue := rescueVer != ""
548| bootloader = osbuild.NewGrub2LegacyStage(
```
Change the code to check if the called function returned an error or
not. If not error is returned, then the function returns a package
version string.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This is a workaround to make the systemd believe it's firstboot
when ignition runs on real firstboot.
Right now, since we ship /etc/machine-id, systemd thinks it's not firstboot
and ignition depends on it to run on the real firstboot to enable services from presets.
Since this only applies to artifacts with ignition and changing machineid-compat at
commit creation time may have undesiderable effect, we're doing it here as a stopgap.
We may revisit this in the future.
This patch also pins the version of osbuild because it depends on a fix
for the ignition stage.
Signed-off-by: Antonio Murdaca <antoniomurdaca@gmail.com>
Tracing the package set and repository journey, I found that the
container package defined on the image type is never really used.
Added notes to fix later.
Function that filters a list of repositories to return only the global
repos and any that define a given pipeline or package set name in their
list of PackageSets.
Extend the `OSCustomizations` with a list of custom files and
directories, that should be created in the image. If any `Files` or
`Directories` are specified in the `OSCustomizations`, the appropriate
osbuild stages will be added to the `os` pipeline. In addition to that,
any custom files data will be returned by the `getInline()` method of
the `os` pipeline.
This customization can't be yet used by users, because the translation
from BP customization to the `OSCustomizations` is missing.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Move the handling of the list of enabled and disabled systemd services
more to the end of the `os` pipeline, just before the SELinux stage.
This has no functional effect on produced images, but it will make it
nicer once the handling of the custom files and directories will be
added to the pipeline. Specifically it should be added right before the
services stage to allow enabling custom service files, but after all
other configurations that are applied to the image.
Regenerate all manifests.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
There are 3 different ways for subscriptions to be setup, test the
pipeline to make sure it includes the correct commands, and check the
package set chain to make sure it includes the packages needed to
support the selected subscription mode.
When rhc is selected it will install the required packages, register
using rhc and always enable insights.
When rhc is not selected it will use subscription manager for
registration, and optionally enable insights. Also installing required
packages.
When the image definitions were updated to the new framework, I failed
to update the dracut modules for Anaconda installers to match the
existing ones.
The changes in the manifest are at commit
c4af0a1886.
The nvdimm module and the additional drivers were removed.
The nvdimm module in particular is required for http boot but should
only be specified for RHEL 9. In RHEL 8 it is part of the default set
of modules.
See 02bb7a0b4f and
dc95382ba3 for the original commits that
introduced these changes.
The `FilesInputs` was since the beginning an XZ-specific implementation
of the input, but it was implemented in the `files_input.go` in a false
hope that it could be used as a generic stage inputs by any stages. It
turned out that various stages require different implementation of
its input. Specifically there is usually a stage-specific key, which has
assigned a common input type. For XZ stage, the key is `file`.
Remove `FilesInputs` and instead implement `XzStageInputs` which is now
accepted by the XZ stage.
Fix all affected pipeline implementations that use XZ stage.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework files input implementation to support all reference types
supported by the input schema. Also implement helper functions to
generate supported reference types. In some cases, the reference
supports e.g. referencing multiple pipelines in the stage inputs, but
this is currently not implemented, since no pipeline in composer uses
it.
Rework the files input unit tests to cover the new functionality.
Adjust all code affected by the changes made to files input.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The RHEL 7 images need to enable the force_autorelabel option for the
SELinux stage in osbuild. This option should almost never be used but
it was added specifically for RHEL 7. With the rewrite to the new
definitions and the sharing of pipeline code between all distros, we
need to add support to all stages of the pipeline generation to be able
to enable it.
The RHEL 7 vpc subformat in qemu does not support force_size so we need
to be able to disable it. The parameter in all parts is defined as a
pointer because the default value is 'true'. Not specifying it will
keep the option in the osbuild stage as 'nil', falling back to 'true' in
osbuild.
Older OS versions (RHEL 7) with older versions of grub2 don't support
BLS entries. Setting NoBLS to true configures the bootloader with
traditional menu entries through the grub2.legacy osbuild stage. This
requires specifying extra information for the OS to the pipeline:
version, product, and nick.
Add the partition tool as an option on the Raw pipeline. Set it to the
old value (sfdisk) by default.
Expose the option up through the liveImage image kind so that the
distribution can set it if needed.
For RHEL 7, set it to sgdisk.
The default value for the `os.FileMode` is zero, but the actual default
value used by the stage if no value is specified in the options is
`0777`. By using the pointer, we'll allow one to specify `0000`
permissions as a value which won't be omitted from the stage options.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The plain `Path` name was a bit unfortunate, since it was specific to
the `mkdir` stage, but it was used outside of the `osbuild` package as
`osbuild.Path` which was making a wrong impression of it being a generic
path structure. This is not true.
Rename the structure to contain the stage name.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
After introducing Go 1.18 to a project, it's required by law to convert at
least one method to a generic one.
Everyone hates IntToPtr, StringToPtr, BoolToPtr and Uint64ToPtr, so let's
convert them to the ultimate generic ToPtr one.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Before we only had one optional kickstart module we would enable that
was Users, so we just had a single boolean for adding it. Now that we
often need to add multiple modules, keep the default ones in the
NewAnacondaStageOptions() function, but only have a single argument for
adding additional, optional modules. If the user module needs to be
enabled, add it to the list of additional ones.
The previous fix (9e66ee13e7) only fixed
half the problem with this bug. The ISOLinux stage was still added to
the iso-tree pipeline for Anaconda builds.
This is now removed.
The bootiso.mono stage in osbuild that we used until recently adds the
inst.stage2 option unconditionally [1] whereas the current grub2.iso
stage that we use now doesn't.
[1] 8511add169/stages/org.osbuild.bootiso.mono (L369)
The CoreOSInstaller pipeline supports adding inline data to the tree for
the FDO cert. This needs to be returned by the pipeline object via the
getInline() method to attach the necessary data to the Sources array in
the manifest.
New bootiso-tree pipeline specific to the CoreOS Installer.
This is very similar to the Anaconda bootiso-tree pipeline. Usually we
generalise these pipelines to support both installers. The bootiso-tree
is different enough that generalising the one for Anaconda would make it
harder to work with.
Different distros and image types have different dracut modules
available and enabled. Set these at the distro level and push them down
through the appropriate manifests, pipelines, and stages.
Added to both anaconda and coreos installers.
The kernel arguments for the EFIBootTree depend on the type of ISO we're
building, the payload, and the location of the kickstart file if any.
Instead of setting multiple fields on the object, most of which would be
mutually exclusive, set the kernel arguments from the image manifest
generator function which has all the information.
Support adding any pipeline as the tree for the ISO.
The existing ISOTree (bootiso-tree) pipeline is specific to Anaconda.
This change will allow the ISO (bootiso) pipeline to be created with any
pipeline, so we can add an ISO tree that is specific to the CoreOS
Installer.
Remove dependence of EFIBootTree pipeline (efiboot-tree) on an Anaconda
pipeline. The Anaconda pipeline was used to get the product and version
strings, so we pass those in instead.
This way, we an use the pipeline without needing an Anaconda pipeline.
The EFI tree shouldn't depend on an installer (or any) pipeline.
Adds the new journald stage to rhel 8/9
rpmostree commit pipeline.This will add
the dropin file `10-persitent.conf` with
the storage option set as persistent.
Co-authored-by: Sayan Paul <paul.sayan@gmail.com>
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
