Updates firewall stage customizations to allow zones
as per the changes made on osbuild/osbuild#1157
Relevant tests and pipelines for rhel8+9 updated.
Signed-off-by: Irene Diez <idiez@redhat.com>
Adds the new journald stage to rhel 8/9
rpmostree commit pipeline.This will add
the dropin file `10-persitent.conf` with
the storage option set as persistent.
Co-authored-by: Sayan Paul <paul.sayan@gmail.com>
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
Creates new stage to configure
journald to persist the journal.
Instead of creating the `/var/log/journal`
directory we explicitly configure journald
via the new stage.This is done in
according to the FCOS norms.
Unit tests also added for functionality
check.
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
Openshift overrides the `service` label for
all metrics in the cluster. Update the label
from `service` to `subsystem` for the status
metrics query. This helps us differentiate
between requests from composer and the worker
server.
Register the custom middleware function to the worker
server. This function is responsible for recording all
the status codes of all the server's endpoints.
Due to a bug with echo/v4, a request to an endpoint using
the incorrect method should return a `405` error but returns
a `404` error instead when a middleware function is registered.
The worker `server_test` has been updated to reflect this.
Register the custom middleware function to the cloudapi
server. This function is responsible for recording all
the status codes of all the server's endpoints.
Create a custom middleware function
to measure 5xx requests for all composer
& worker routes and not just the `/composer`
endpoint. The result is a prometheus metric
that contains info on the request status code,
path & method.
A helper function has been added to clean the
dynamic parameters in the path routes to reduce
metric cardinality
Add a helper function to register the same metrics
for both the worker and composer - the only difference
being the subsystem name. The function checks if the
metric has already been registered and, if so, returns
the already registered metric.
At the moment we have duplicate logic here; ideally of course
we consolidate (since both codebases are Go, perhaps we could
create a tiny little Go library for "RHEL GCP stuff"?) but
for now let's just cross-link for awareness.
The `RepositoryError` structure was weirdly used instead of a plan
`error` type and added no value. Delete it and replace its only use with
plain `error`.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Clean up the `rpmmd` package from unused interfaces and data structures.
These are leftovers after the last dnfjson rework.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Specifically describe that at least one of `baseurl`, `mirrorlist` or
`metalink` properties must be specified. Although this is not enforced
by the schema, it is the reality. Modifying the schema to enforce this
results in the generated data structure for `Repository` to be simply
an `interface{}`, which would just make the code more ugly, Therefore
this is covered by the API implementation logic.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Currently we only support "xz", but keeping it as a `switch` to easily
support more types in the future.
The empty string is also supported as a no-op.
The global qcow2ImgType was unconfigured and meant to be used by calling
the mkQcow2ImgType() function. In the distro initialisation code, the
new variable created from the mkQcow2ImgType() function with the
configuration was shadowing the global variable. This can lead to
errors in the future where it's not clear which variable is used where.
Putting the definition in a function makes it impossible to use without
configuring.
Add support for specifying where the kickstart file will be created:
either in the default location in the anaconda tree or at the root of
the ISO like we did so far in RHEL.
From the distro level, this is controlled by a boolean that when set to
true puts the kickstart file in the root of the ISO tree at /osbuild.ks
(the old behaviour) and if unset falls back to the default location
/usr/share/anaconda/interactive-defaults.ks.
Changed the name of the kickstart file for ostree back to osbuild.ks
Was ostree.ks for a while since a1bfcfe91c.
For Fedora we use the default and for RHEL we maintain the old behaviour
for now.
Add support for specifying the squashfs compression method for ISOTree
pipelines from the caller.
Build Fedora ISOs with lz4 compression and RHEL with xz.
Unconditionally enable the users module in Anaconda.
The module serves two purposes:
- It will create a user that's defined in the blueprint by adding the
user creation stage in the kickstart file.
- It allows users to create user accounts interactively during
installation.
- Add a list of image type names to skip with explanations.
- Run the test in two configurations: empty blueprint and blueprint with
named kernel (kernel, kernel-debug).
- Count only unique kernel names. Specifying the same kernel twice
isn't an issue. We might change this in the future, but for now the
kernel selection logic is a bit messy.
- Temporarily skip the image-installer until we settle on a common rule
for both Fedora and RHEL.
Add the image function and remove the pipeline function.
Remove the build package set.
The image function (imageInstallerImage) was adapted from the same one
in Fedora.
Similar to 194351e681 and
9ae47b6843cace3c9bef55d40a33fa11d8de391a.
Manifest initialisation during package collection uses options and
customizations to determine build root packages. Just like adding a
fake ostree checksum and an unresolved container list, we also need to
add the ostree ref, which is used to determine if a pipeline is being
generated for an ostree-based image type.
This fixes manifest generation when an ostree commit or container is
being built with an embedded container through the cloud API. Without
this change, the python toml module is not installed in the build root
and the container storage stage fails.
Read the containers from the test manifests when regenerating for the
test.
Also move the ostree option handling higher and make it cleaner. Only
apply the values if they're specified and needed.
Adding support for container embedding.
The containers need to be specified in the image function (imageFunc)
arguments and when specified, propagate down to the OS pipeline
generator to add the necessary stages.
Support is added for RHEL 9.x and Fedora.
Requires a temporary container spec array with the info from the
blueprint for the first initialization of the manifest that's needed
when collecting required packages.
This should be simplified in the future.
add the image function and remove the pipeline function.
Remove the build package set.
Parameterise image config creation functions so that RHSM is added
conditionally based on distro name, like we did for AMI/EC2.
image: set the raw filename for the GCE image type
GCP requires that the raw image file inside the archive be named
'disk.raw'. We set it on the imagePipeline while instantiating the
manifest as a workaround for now.
This should be changed to be configurable on the image type when
necessary, the same way the final filename is defined.
Extend the OSCustomizations to include options for dnf-automatic,
yum.repos, and gcp.guest-agent.
Propagate these options from the image configs in rhel9 down to the
OSCustomizations and add the stages to the os pipeline when they're
specified.
OSCustomizations defined firewall options as blueprint firewall
customizations. Changed it to instead be osbuild firewall stage
options.
This is swapping out one messy thing for another, but at least now we're
consistent in our mess.
GCE requires an archive with specific (tar) options, so we should have a
platform format defined separately for it.
Add the GCE image types to the x86_64 arch using the new platform
format.
Apply "xz" compression to any artifact pipeline if it's specified in the
image type. The image filename should be applied to the pipeline only
if it's the last one, so we need to skip this assignment if we're going
to add a compression pipeline at the end.
This is a bit dirty but the plan is to remove artifact compression from
manifests and perform it during the export in osbuild-composer, so this
should go away soon.
Extend the OSCustomizations to include the WAAgentConfig and UdevRules
options.
Propagate those options from the image's config down to the
OSCustomizations and add the stages to the os pipeline when they're
specified.
Add python3-pyyaml to the build root when the OS pipeline includes the
cloud-init stage.
Add python3-iniparse to the build root when the OS pipeline includes
the dnf.config or rhsm stage.
The addition of the stages is detected using the corresponding
customizations.
Add the image function and remove the pipeline function.
Remove the build package set.
Add "xz" compression and rename the last pipeline.
Propagate the compression option down to the liveImage() image creation
function.
The compression field defines the compression type for the final image,
if any.
This is a temporary change. We should design a better way to specify
"transport compression" for images, compression that is not required by
the image type or platform, but simply done for transport convenience or
storage.
