This commit also updates the rpmrepo snapshot for rhel-90 to the latest one.
Note that vmdk and vhd images are currently not buildable, see:
https://bugzilla.redhat.com/show_bug.cgi?id=1989841
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Otherwise, kernel-install will just pick the cmdline from /proc/cmdline
that is actually the host's one. This way, I managed to leak the cmdline
from my Fedora running on btrfs to RHEL 9 image which led to a very weird
results.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We still need to double-check that these are the right addresses. For now,
this is just a best-effort guess.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We want to also mangle RHEL 9 in the same style as we do 8.4+.
RHEL 8.0 => rhel-80
RHEL 8.1 => rhel-81
etc
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Renamed tar-installer to image-installer.
This is a more appropriate name:
- It disassociates the image type from the "tar" image type. The two
should not be perceived to be connected.
- It's more descriptive. The format of the payload (tar) isn't relevant
to the purpose of the image type.
The test case used to work only on Fedora 33. This patch introduces
support for all future Fedoras and RHEL 8.
It uses a fair bit of magic because it needs to dynamically discover if
a RHEL runner uses the rhel-8.json or the rhel-8-beta.json repository
override. Furthemore it needs to discover a redirection URL, if any, of
the repository override to correctly configure HTTP proxy.
It is designed for RHEL only. The switch for distros used to live in the
regression.sh script but it was removed so now the tests need to know if
they are running on a compatible system themselves.
It turns out there are edge cases where the previous mechanism worked
and the new one doesn't. Employee subscription is one example, where the
key can be used to access basically any content, yet nothing it written
in the redhat.repo file. This should have no effect on hosts running
RHSM the usual way.
It can happen that the system is not subscribed and the user requests a
source with rhsm set to "true". Return useful error message in such case
informing the user what to do about it.
Introduce a test case where 2 httpd proxies are used to simulate custom
repos with custom subscriptions. That is, every repo requires
client-side tls certificate with its own CA. Make sure both osbuild and
osbuild-composer can use these repositories by issuing an image build.
The problem: osbuild-composer used to have a rather uncomplete logic for
selecting client certificates and keys while fetching data from
repositories that use the "subscription model". In this scenario, every
repo requires the user to use a client-side TLS certificate. The problem
is that every repo can use its own CA and require a different pair of
a certificate and a key. This case wasn't handled at all in composer.
Furthermore, osbuild-composer can use remote workers which complicates
things even more.
Assumptions: The problem outlined above is hard to solve in the general
case, but Red Hat Subscription Manager places certain limitations on how
subscriptions might be used. For example, a subscription must be tight to
a host system, so there is no way to use such a repository in osbuild-composer
without it being available on the host system as well.
Also, if a user wishes to use a certain repository in osbuild-composer it
must be available on both hosts: the composer and the worker. It will come
with different pair of a client certificate and a key but otherwise, its
configuration remains the same.
The solution: Expect all the subscriptions to be registered in the
/etc/yum.repos.d/redhat.repo file. Read the mapping of URLs to certificates
and keys from there and use it. Don't change the manifest format and let
osbuild guess the appropriate subscription to use.
Host group should be 'guest'. The ansible inventory file in the test
uses the group name 'guest'.
Change package check to tmux since zsh isn't installed.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
rhel-8 distribution is in fact RHEL 8.3. As it doesn't make much sense
to build images from 8.3 definitions and 8.4+ content, this commit changes
the repositories for rhel-8 to point at 8.3 content.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Since we gained the ability to cross-distro build images, we need to have
a repo file per distribution even for RHEL. This commit adds one for RHEL
8.5.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
For s390x, prepend a kernel cmdline stage to the start of the OS
pipeline. This is a noop for other architectures for now.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
Returns a single stage that configures the bootloader, either GRUB or
ZIPL based on architecture.
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
