Add package sets to the top level distribution and the
architectures. Merge package sets when requested through
`imageType.PackageSets()`.
This allows us to have "cascading" package sets:
distro > arch > image type
Previously this was only supported for the build packages. The idea is
generalised based on the idea of arbitrary package sets.
Certain package sets have special meaning (for the distro):
- packages: blueprint packages and special option packages are merged
into this one.
- build: is not expected to be defined on the image type so it is merged
from the distro and arch explicitly.
Traditional tar image type.
Pipelines generation function for tar image type uses the same pipelines
and stages as the tar installer, but exports the OS image directly.
Global const for defining kickstart path for all installer types.
Kernel options added to point to path.
Kickstart file renamed to osbuild.ks for all types and placed in the
bootiso root.
Fixes#1363
A recent update to crypto-policies changed its requirements from:
Recommends: grubby
to:
Recommends: (grubby if kernel)
We don't install kernel in the build pipeline, thus grubby was now no longer
installed. This caused also s390utils-core to not be installed on s390x.
s390utils-core has to be in the build pipeline though because we use
/usr/sbin/zipl from it to install the bootloader to s390x images.
Long story short, images for s390x currently cannot be build because
/usr/sbin/zipl is no longer in the build pipeline. This commit fixes that
by explicitly adding s390utils-core to the package list for s390x.
I verified this fix on an actual s390x machine. The test manifest was
regenerated but it's actually still the same because we use an older
snapshot that doesn't contain the newest crypto-policies change.
Kudos to Tomáš Hozza for helping me out!
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Image definitions added for all three edge types:
edge-commit
edge-container
edge-installer
Manifest pipelines generation methods attached to image types.
EXTRA_REPO_PATH_SEGMENT was needed when both Jenkins and Gitlab CI
were running in parallel (so they don't override their artifacts).
Jenkins is now decommissioned so we can drop the variable.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
There are currently some context mismatches in the image because of the new
files from the sysconfig stage. Let's move the selinux stage to the end so
we fix them.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
There's currently the Package Deletion Process going on in CentOS Stream 9.
When a maintainer wants to get rid of a package, several steps must be taken
before the package is completely removed from all places. We want to include
osbuild-composer in the process so packages that are used here are not deleted
without us noticing it. Thus, maintainers going through the process should be
able to easily see all packages that osbuild-composer includes in images.
This commit moves all package lists from rhel90/distro to rhel90/packages
to allow CentOS Stream maintainers to easily packages required by composer.
Not a functional change.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Fix for v1 results: collect RPMs for main stages, not build.
Support for v2 results: filter out build stages from stage results,
which include stages from all pipelines (flattened).
Metadata from stages in the output from osbuild in the v2 schema are
stored at the top level of the result structure.
Adding the same Metadata types from v1:
- org.osbuild.rpm stage
- org.osbuild.ostree.commit stage
- Raw metadata (for every other stage type)
When the assembler (v1) or any stage (v2) has type ostree.commit,
retrieve the commit ID (hash) from the osbuild stage metadata and return
it with the rest of the metadata (package NEVRAs).
Currently, metadata from osbuild is discarded for all stages except RPM.
Adding explicit support for the ostree.commit stage/assembler and
storing the metadata in a known type.
For all other stages, store the metadata directly without parsing.
The rawAssemblerResult is removed. Assembler results are treated as
stage results.
Move the OSBuildStagesToRPMs function, associated test, and RPM type
from the worker into the rpmmd subpackge. We will use this function in
the cloud API to compile the NEVRAs for the new metadata endpoint.
If a user uses a temporary access key for login, a session token is also
needed.
This commit adds support for it to the internal aws library and also
to the osbuild-upload-aws helper. Note that this doesn't affect the main
osbuild-composer executable nor the worker. Everything here should work
as before and session tokens are not supported. Something for a follow up
if anyone needs it.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
This enables the user to specify custom REPO_URL for use during
internal RHEL build testing as ENV in scheduled pipelines.
It also gives the option to use osbuild build specified in
Schutzfile or from the nightly build repository.
