The consumer key/cert is used to uniquely identify a system against a
candlepin instances. They're useful for any Red Hat (ostree) content
which requires (cert) authentication.
Let's default to not providing the Resource Group Location when testing
Cloud API with Azure and leave it up to the implementation to determine
the correct location to use.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Providing the `location` is no longer required for Azure Upload Options.
If it is not provided, the implementation determines the location from
the provided Resource Group. This will make the API nicer for any
client, since they won't need to provide redundant information.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Make the `location` argument optional (can be now empty "") in
`RegisterImage()` and `CreateStorageAccount()` methods.
If the provided `location` argument is an empty string, then the location
is determined from the provided Resource Group instead.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This update removes all repos on the f-37 runner during provisioning
which should resolve issues with "updates-testing" repo being enabled
and not overwritten.
Koji clean-up doesn't delete the top-level directories. As we named every
top-level directory different, they were just cumulating on kojihub, which
is obviously wrong.
This commit changes that behaviour to put all the temporary directories under
a new osbuild-cg top-level one. This way, osbuild-cg won't ve ever cleaned,
whereas osbuild-cg/osbuild-composer-koji-{UUID} will be, which is exactly
what we want.
Closes: https://github.com/osbuild/osbuild-composer/issues/3064
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
The checkout in the working directory is a shallow clone with gitlab as
a remote. As a result fast-forwarding failed due to not recognizing the
remote release branch as an ancestor of $CI_COMMIT_SHA.
This clones (with `--bare`) the github remote in a separate
directory. It should not be necessary to remove the release-ff-clone
directory each time, simply fetch if it already exists.
dnf-json previously ran as a service, and the
/var/cache/osbuild-composer/rpmmd directory and files were owned by
root. As a script called from osbuild-composer those directories and
files need to be owned by _osbuild-composer:_osbuild-composer, otherwise
it will not be able to depsolve after an upgrade from the previous
implementation.
This can be worked around by removing the
/var/cache/osbuild-composer/rpmmd directory and restarting the service
or rebooting.
Fixes#3079
If params.Ref is an empty string, it's set to the distro's default
ref. The only difference here is that the default ref also gets
verified.
It makes splitting out resolving ostree refs to a new job easier.
In the weldr and cloud apis, ostree.ResolveParams always got executed,
also for non-ostree image types. Make it more explicit by only resolving
if the image type is actually an ostree image.
The EC2 images starting with 9.1 should:
- not configure RHSM using osbuild
- install `redhat-cloud-client-configuration` package which ships the
RHSM configuration.
Regenerate affected image manifests.
Related to COMPOSER-1805
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The EC2 images starting with 8.7 should:
- not configure RHSM using osbuild
- install `redhat-cloud-client-configuration` package which ships the
RHSM configuration.
Regenerate affected image manifests
Related to COMPOSER-1804.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Previously, it was expected from the user to provide the Object name
when uploading image to GCP. The object name does not matter much,
because the object is deleted once image import finishes. Make
the specification of the object name optional and generate it if not
provided.
Adjust the GCP Weldr test case to not provide the Object name when
uploading the image.
The user can still provide the Object name if needed.
GCP Bucket to use can be now configured in the worker configuration.
Make the `Bucket` optional in the Cloud API when uploading image to GCP.
Adjust the Cloud API test case to configure GCP Bucket on the worker and
not provide it in the API request.
Extend the worker's configuration to allow setting GCP Bucket to use
when uploading images to GCP. The value from the configuration is used
only if not provided in the TargetOptions of the job.
In GCP, the region of the bucket does not limit importing of the image
to a particular region. So it is completely possible to use a single
Bucket to import images to any and all regions.
Return an error in case no bucket name was set in the job nor in the
worker configuration.
Previously, the internal `OSBuildJobImpl` structure defined only
`GCPCreds` member. This is not practical, once there will be more
than one GCP-related variable.
Define a new `GCPConfiguration` structure, move the credentials variable
into it and use it in `OSBuildJobImpl` instead.
There is a desire to make the worker as "dumb" as possible. Therefore it
is not desired to generate the AWS object key names in the worker if it
was not provided in the job.
Modify the worker code to not generate the AWS object key in any case
and instead set an error in case the object key was not provided.
Modify Weldr API implementation to generate the object key, if it was
not provided by the user. This is consistent with Cloud API
implementation.
Flip the logic when deciding if to use the Bucket from the job or worker
configuration. Previously, the Bucket from the worker configuration was
always preferred if it was set, even if it was provided in the job
itself. This made it impossible to override the configuration.
Change the logic to use the Bucket from the worker configuration only if
it was not set in the job.
Report an error if no bucket name was provided with the job and there is
also none specified in the configuration.
We used to always set the sysroot.readonly setting to true, but this
never worked because of a bug in osbuild [1].
The bug is now fixed and the RHEL and CentOS edge-raw images are crated
with sysroot.readonly = true, and the images aren't booting.
Fixing the option to false. This changes the manifests, but not the
generated images because of the change in osbuild.
If sysroot is meant to be readonly, we will change it in a future
update.
[1] https://github.com/osbuild/osbuild/pull/1129
