DNF supports more than one GPG key. It is possible that one may be used for
signing packages, and another to sign the repository metadata. This
renamed GPGKey to GPGKeys internally. It does not change the on-disk
repository json format.
Rework the stage to not reimplement `FilesInput` as
`RPMStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as
`IgnitionStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as `QEMUStageInput`,
but instead use the one common `FilesInput` implementation and its
supported references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as
`FDOStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The `FilesInputs` was since the beginning an XZ-specific implementation
of the input, but it was implemented in the `files_input.go` in a false
hope that it could be used as a generic stage inputs by any stages. It
turned out that various stages require different implementation of
its input. Specifically there is usually a stage-specific key, which has
assigned a common input type. For XZ stage, the key is `file`.
Remove `FilesInputs` and instead implement `XzStageInputs` which is now
accepted by the XZ stage.
Fix all affected pipeline implementations that use XZ stage.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework files input implementation to support all reference types
supported by the input schema. Also implement helper functions to
generate supported reference types. In some cases, the reference
supports e.g. referencing multiple pipelines in the stage inputs, but
this is currently not implemented, since no pipeline in composer uses
it.
Rework the files input unit tests to cover the new functionality.
Adjust all code affected by the changes made to files input.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The default value for the `os.FileMode` is zero, but the actual default
value used by the stage if no value is specified in the options is
`0777`. By using the pointer, we'll allow one to specify `0000`
permissions as a value which won't be omitted from the stage options.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for `exist_ok` stage option added as part of
PR#1224 [1], which allows to gracefully handle existence of a directory
path specified to the stage.
This will be helpful when creating custom directories in the image via
customizations, because one can't know in advance whether the directory
path won't be created by a package installed in the image.
Not bumping the requires on osbuild, because this new option is not yet
used by any image definition or customization.
[1] https://github.com/osbuild/osbuild/pull/1224
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The stage supports a `parents` property in stage path options, which
allows one to auto-create any parent directories as needed.
Add the property to stage options implementation.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The plain `Path` name was a bit unfortunate, since it was specific to
the `mkdir` stage, but it was used outside of the `osbuild` package as
`osbuild.Path` which was making a wrong impression of it being a generic
path structure. This is not true.
Rename the structure to contain the stage name.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
After introducing Go 1.18 to a project, it's required by law to convert at
least one method to a generic one.
Everyone hates IntToPtr, StringToPtr, BoolToPtr and Uint64ToPtr, so let's
convert them to the ultimate generic ToPtr one.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Updates firewall stage customizations to allow zones
as per the changes made on osbuild/osbuild#1157
Relevant tests and pipelines for rhel8+9 updated.
Signed-off-by: Irene Diez <idiez@redhat.com>
Creates new stage to configure
journald to persist the journal.
Instead of creating the `/var/log/journal`
directory we explicitly configure journald
via the new stage.This is done in
according to the FCOS norms.
Unit tests also added for functionality
check.
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
The org.osbuild.chrony stage was extended to allow additional directives
alongside time servers [1]. The old Timeservers string slice was kept
for backwards compatibility. Removing support for it in
osbuild-composer makes working with the stage's options simpler. Using
the new struct slice Servers field and only specifying a Hostname for
each element is equivalent to the old behaviour, so no functionality is
lost.
This simplifies the chrony stage since no validation is required
anymore.
It also simplifies the propagation of configuration options through the
pipeline generation code which doesn't need to check for both types of
stage options.
[1] https://github.com/osbuild/osbuild/pull/692
This adds the `fedora-image-installer` and
`fedora-image-installer-preview` images.
The image installer type installs anaconda-webui on Fedora >= 38 to use
the new UI. It also writes its setting to
`/usr/share/anaconda/interactive-defaults.ks` as the current
anaconda-webui has not yet been tested in kickstart mode.
To do so manifest.Anaconda was expanded to take a (subset) of options
for a KickstartStage which is will write into interactive-defaults.ks.
And to take a list of additional modules to enable, so we can set up
Anaconda with all default modules.
The CommitSource was used to specify the source URL and checksum of a
commit for use in manifest sources. Renaming to CommitSpec and adding a
Ref parameter generalises the type so that we can use it to specify
commits in various situations. This is building towards separating when
ostree parameters are used for fetching a commit, fetching a parent
commit, and building one.
The CommitSpec is (very roughly) analogous to the rpmmd.PackageSpec.
Don't pass blueprint Users and Groups options all the way down to the
osbuild stage bindings. Instead, convert them to the internal
users.User and users.Group structs.
Ideally we would do this even higher up in the code path, before
reaching the distro, but this is the first step towards that.
- Remove stage-specific input types when they are org.osbuild.tree input
types.
- Use PipelineTreeInputs when stage requires a single tree input
reference with an arbitrary key.
- For Stages that require a specific key with a tree input, make the key
part of the NewXStage() function and only allow specifying the name of
the pipeline from which to copy the tree as part of the function
arguments.
Convenience function for creating a map with a single input pointing to
a pipeline's tree with a given key.
Different stages use different keys in the map (often "tree").
Functions will be added for each stage to create a map with the
appropriate key when necessary.
The references field in org.osbuild.tree inputs currently supports one
of three forms, all of which are functionally equivalent:
- Array of one string
- Array of one object with key "id" and string value
- Single object with no properties (only key/name)
We use the first form which is the simplest.
The string should refer to a pipeline by name (as name:<pipelinename>),
which means the input refer to the final tree of the named pipeline.
Change partition tables on edgeBase images to use
'LVM partitioning'. We need to ensure that LVM
stages are done before LUKS stages (e.g. remove-key)
or the pipelines will break (we cannot open a device
when its password has changed).
Add relevant tests on device_test.go plus a new
test partition table on common_test.go
Generators for creating UsersStage and GroupsStage from the new internal
types.
These are almost identical to the existing stage option creation
functions. Those will be removed once every use is replaced with the
new generators.
New mount type added: org.osbuild.ostree.deployment.
Adding this to a stage will setup all needed bind mounts so that a given
`tree` will look like an active OSTree deployment, very much as OSTree
does during early boot.
This is often necessary when making changes to files in /etc for an
ostree image.
Most filesystems entries in fstab don't have a PassNo, which makes the
order of those entries dependent on the sorting algorithm. Changes in
the algorithm can introduce changes in the sort order, which we don't
like.
Add a secondary sorting key, the Path, which is guaranteed unique, to
guarantee stable ordering.
Add bindings for the `org.osbuild.skopeo` that can be used to copy
container images, accessed via the `org.osbuild.containers` input,
into images.
The constructor is designed with ease of use in mind and takes
the needed container inputs and the storage path option, i.e.
where to store the container in the images.
Add bindings for `org.osbuild.conainer` inputs which can be used to
supply containers to stages. Currently only fetching containers via
sources is supported.
