This changes the `Manifest` function of the `ImageType`
interface so that any warnings detected during the
`checkOptions` step of the manifest initialization can
be propagated back to the Weldr-API (see next commit).
Signed-off-by: Irene Diez <idiez@redhat.com>
We sometimes skip testing customizations for image types that don't
support them, other times, we check for a specific error. If we don't
care about the specific error message that's received, running the test
and checking for error is better than skipping, because it ensures that
we're skipping the test for the right reasons and not accidentally
skipping a test for an image type that should support the
customizations.
Skip customizations tests for the EAP image.
Create a map of unsupported image types for each test to make adding new
ones easier.
Use a `nil` struct pointer for the pipeline names test instead of an
empty struct. Non-nil customizations can't be compared.
Initialise the image type as an Azure RHUI type with the name
"azure-eap7-rhui" and a workload attached that provides the extra
packages required by the EAP workload.
Add a local, private implementation of the Workload interface for RHEL
8. The type should be used for concrete workloads that provide package
package lists for specific image types.
The eapWorkload() function creates a workload that provides the packages
required for EAP image type variants.
Support specifying workload on an image type.
This isn't used yet, but when set, the workload will define packages and
services and not allow any blueprint customizations.
In the future, there will be multiple workloads with each image type
specifying one (but multiple image types can have the same default
workload). The custom workload will allow all customizations that are
currently supported.
Add a basic support for building RHEL-8.9 and RHEL-9.3 images with
composer.
Add 8.9 and 9.3 repositories to the multitude of places where we have
them.
Generate image test manifests for 8.9 and 9.3. No functional testing is
added for 8.9 or 9.3 at this moment.
This change unblocks the RHEL Gating (since unit tests are currently
failing on 8.9 and 9.3 as on unknown distribution).
Related to https://issues.redhat.com/browse/COMPOSER-1924
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Before instantiating the manifest, any repositories that contain a
package set key contained in `PayloadPackageSets()` should be added to
the os package set in order to correctly generate the `org.osbuild.rpm`
stage for the os pipeline.
Otherwise options like GPG keys are not set correctly.
Fixes#3326
This causes dnf-json to use separate caches, allowing them to run in
parallel, with one lock per distribution. Multiple depsolves with the
same distribution in the blueprint will continue to be serial.
For parity with ImageFactory built images there should be only a DOS
partition table in the raw images, with a non-standard ID set for the
boot partition for Raspberry Pi compatibility.
This only applies to the aarch64 images.
As noted in #3220.
These RequiredSizes are a map that is passed on to the partition table
logic which had hardcoded defaults. This makes it possible to define
either no RequiredSizes (`nil`) or empty RequiredSizes which means no
further constraint checks or partition resizes will be done.
With the addition of the minimal rpm package set and image type in #3181
the previously added bare metal package set is a duplicate. It's not
used elsewhere within fedora and the minimal rpm package set is
officially defined.
ioutil has been deprecated since go 1.16, this fixes all of the
deprecated functions we are using:
ioutil.ReadFile -> os.ReadFile
ioutil.ReadAll -> io.ReadAll
ioutil.WriteFile -> os.WriteFile
ioutil.TempFile -> os.CreateTemp
ioutil.TempDir -> os.MkdirTemp
All of the above are a simple name change, the function arguments and
results are exactly the same as before.
ioutil.ReadDir -> os.ReadDir
now returns a os.DirEntry but the IsDir and Name functions work the
same. The difference is that the FileInfo must be retrieved with the
Info() function which can also return an error.
These were identified by running:
golangci-lint run --build-tags=integration ./...
Tracing the package set and repository journey, I found that the
container package defined on the image type is never really used.
Added notes to fix later.
The value comes from the command line args of the test binary
(osbuild-composer-manifest-tests). It works in our tests because we use
the default value, but if it was set differently it would have been
ignored.
Pass through all repos to the initalizeManifest() function. Each
pipeline will then select which repositories it needs based on the
PackageSets field of each repository.
Before, we only passed global repos down to the manifest generators and
pipeline-specific repositories would only be used if they were attached
to package sets and were handled explicitly by a pipeline generator.
The repositories of the "blueprint" package set are explicitly added to
the workload and returned by the "os" pipeline.
The repositories of the "installer" package set are explicitly added to
the "anaconda-tree" pipeline.
If a repository was specified for any other pipeline, for example
"build", the repositories for the that package set were never added to
the pipeline.
Fixes#3290
Match the key for the OS packages to the name of the OS pipeline ("os").
We will use this key to identify package sets that are returned from the
OS pipeline since the manifest returns package sets indexed by each
pipeline's name.
New test that runs through a few different scenarios of assigning
repositories to specific package sets. Each scenario defines a set of
global repositories (or none) and a set of pipeline-specific
repositories (or none) and an expected result. It then calls the
distro's PackageSets() method. The test checks that the package sets
that are returned are assigned the correct repositories based on the
test case's expected result.
A basic string-set struct is implemented to help with merging and
comparing string slices.
This test should currently fail due to #3290.
Add a default policy for custom directories and files to constrain what
users can do. The intention is to ensure that directories and files can
be created only in `/etc` and also that none of the important
configuration files can be overwritten by this customization.
Add the policy validation to all distro implementation.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Hook up the custom BP directories and files implementation with OS
pipeline implementation. The user-provided values are now set in the OS
customizations structure and will be used by the OS pipeline generator
when adding stages to the pipeline.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Move the `CheckMountpoints()` implementation to `blueprint` package,
since it does not operate on any data structures from the `disk`.
Move the default mountpoint allow list policy definition to the
`pathpolicy` package.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Unify how are allowed options checked in distro implementation in
relation to Ignition customization. Specifically, delete `HasIgnition()`
function and replace its use by `GetIgnition()` call and checking if it is
`nil`. This approach is consistent with how this is checked for other
customizations.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
When rhc is selected it will install the required packages, register
using rhc and always enable insights.
When rhc is not selected it will use subscription manager for
registration, and optionally enable insights. Also installing required
packages.
The rhui-azure-rhel8-sap-ha package is currently missing
the /etc/pki/rpm-gpg/RPM-GPG-KEY-microsoft-azure-release key.
This makes the image type unbuildable, which causes some of our tests
to fail.
Overlay the generic RHUI config, so the missing key isn't imported.
See CLOUDX-336 for more information.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
DNF supports more than one GPG key. It is possible that one may be used for
signing packages, and another to sign the repository metadata. This
renamed GPGKey to GPGKeys internally. It does not change the on-disk
repository json format.
