The oscap remediation is failing due to an issue with remediating the
firewall loopback traffic. The remediation fails and bails out early
resulting in a lower score and causing a regression in the test. This
will need to be fixed on the OpenSCAP side, so as a workaround, we can
remove this rule from the remediation.
Update the images dependency to v0.18.0
This includes a change in the Fedora IoT remote configuration which is
now installed through an RPM instead of being hard-coded in the image
definitions.
This handles corrupt job json files by skipping them. They still exist,
and errors are logged, but the system keeps working.
If one or more of the json files in /var/lib/osbuild-composer/jobs/
becomes corrupt they can stop the osbuild-composer service from
starting, or stop commands like 'composer-cli compose status' from
working because they quit on the first error and miss any job that
aren't broken.
When making the upload request for edge commit image types, use the new
upload_targets array to define the aws.s3 upload options.
Leave other upload target definitions as is for now to test the old
options.
Add the new upload_statuses under the image_status in the result of the
ComposeStatus object. The first status is also included in the old
top-level 'upload_status' property for backwards compatibility.
Tests are updated to match the new results.
Test some valid and invalid combinations for the GetTargets() upload
target selection.
Includes tests with and without the upload options for the default
target.
Read the upload target types and options in the UploadTargets array of
the ImageRequest and initialise the Target array. If the top-level
(old) UploadOptions are also specified, prepend them to the array using
the image type's default target type.
Each upload target type is checked against a support map for
compatibility.
Add an array of targets in the imageRequest and return an array from
ImageRequest.GetTargets() (renamed from GetTarget()). Currently, the
function still only returns one target, the default for the image type
with the top level upload options.
Separate the target selection in GetTarget() into two steps. First
determine the default target name for the image type and then use the
name to initialise the target object. This is a bit more work (and
double switching) but will be needed to support selecting targets
externally.
Separate the handling of each individual target type into its own
function called by GetTarget()'s case switch. This makes the function
more readable and the target object creation reusable.
Added an empty line after each creation of irTarget to make it easier to
visually distinguish the cases that fall through.
Add an upload_targets field to the image request. This lets the API
caller specify multiple upload targets and upload options to be used.
If the upload target type does not match the upload options, the request
is invalid.
For backwards compatibility, the upload targets field is optional. If
it is not specified, the default upload target and upload options for
the image type are assumed, which is the same as the old behaviour.
Adding an explicit selection to the request makes it possible to support
multiple upload targets for the same image type. We plan to support
ostree commits being uploaded to both aws.s3 and pulp.
To report on the multiple upload requests, we add an upload_statuses
field to the ImageStatus response.
The mountpoint policy changed as a result of COMPOSER-2030 [1]. Modify
the test case accordingly, to comprehensively test the updated
mountpoint policy.
[1] https://issues.redhat.com/browse/COMPOSER-2030
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Move the filesystem customization tests into their own file.
Additionally add tests for unmarshalling filesystem customizations
from TOML, since we have added a new `minsize` tag to ensure
consistency with the json tag.
The new tests check the validation of the TOML input and ensures
that either one or both of the `minsize` and `size` inputs are
set. If both are set, the input is checked to ensure that both
match.
Due to an oversight, the toml and json tags for the `MinSize`
field had different keywords. This commit fixes this by creating
a `minsize` toml tag and ensuring backwards compatability by
checking the old `size` tag.
If both `minsize` & `size` are set in the toml block, the
custom unmarshal function validates the input for inconsistencies.
Forgot the #1 rule of map iteration. Don't depend on the order.
This uses a slice instead, which should be just as good for testing the
loop variable alias behavior.
The SourceConfig pointer may be a loop variable that gets reused. This
results in unexpected behavior when the value pointed to is overwritten
by the loop calling this function.
Includes a test to make sure this is fixed.
So, DO NOT point to unsafe variables. Make a new pointer using
common.ToPtr where it is passed by value and returns a pointer to that
new value.
NOTE: This is NOT caught by golangci-lint. There may be other places
where this happens, but I have gone through the potential looking code
in osbuild-composer and images and not found any (other than a couple
places already noted with G601 tags as not a problem).
