Create an osbuild yum repository from
`rpmmd.RepoConfig`. Additionally, remove
pointers from the `YumRepository` struct,
since this will add values for fields that
weren't explicitly set by the user in the
repo customizations.
Update the internal RepoConfig object to
accept a slice of baseurls rather than a
single field. This change was needed to
align RepoConfig with the dnf spec [1].
Additionally, this change adds custom json
marshal and unmarshal functions to ensure
backwards compatibility with older workers.
Add json tags to the internal rpmmd config
since this is serialized in dnfjson.
Add unit tests to check the serialization
is okay.
[1] See dnf.config
This platform copies more files into `/boot` which are necessary to be
able to boot IoT on some single board computers.
We also immediately set this on the `Aarch64_IoT` platform which needs
u-boot to be placed in the `/boot`.
This closes#3312.
Add a helper function that collects all the manifest list digests from a
list of container specs and returns a FilesInput to be used with the
stage.
Use the function in the OS pipeline when adding containers. The
manifests input to the stage constructor will be empty if there are no
manifest lists in the container specs.
The skopeo stage in osbuild supports an second optional set of inputs
called `manifest-lists`. This is an array of files, i.e.,
`org.osbuild.files` type input.
To support this we need a new type for the skopeo stage inputs that can
encompass both input types, images and manifest-lists.
It turned out that when we stopped setting the kernel options in grubenv
file, we also stopped setting them in /etc/default/grub under
`GRUB_CMDLINE_LINUX`. This file is used by grub2-mkconfig when
generating grub configuration.
10_linux script executed by grub2-mkconfig recently started to overwrite
the /etc/kernel/cmdline, if its timestamp is older than the timestamp of
/etc/default/grub [1]. As a result, all kernel options were wiped out from
/etc/kernel/cmdline.
Make sure that we always set the `KernelOptions` in the grub2 stage
options, even if the `WriteCmdLine` is set to `false`.
In addition, unify the way we concatenate kernel options set in the
grub2 stage options. Some pipeline implementations were previously using
space, other were using comma. Space is now used everywhere.
Regenerate all affected image manifests.
[1] https://src.fedoraproject.org/rpms/grub2/c/fc76aed5333f56dd05400521a35b944a5df52ebc
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
These RequiredSizes are a map that is passed on to the partition table
logic which had hardcoded defaults. This makes it possible to define
either no RequiredSizes (`nil`) or empty RequiredSizes which means no
further constraint checks or partition resizes will be done.
This is a workaround to make the systemd believe it's firstboot
when ignition runs on real firstboot.
Right now, since we ship /etc/machine-id, systemd thinks it's not firstboot
and ignition depends on it to run on the real firstboot to enable services from presets.
Since this only applies to artifacts with ignition and changing machineid-compat at
commit creation time may have undesiderable effect, we're doing it here as a stopgap.
We may revisit this in the future.
This patch also pins the version of osbuild because it depends on a fix
for the ignition stage.
Signed-off-by: Antonio Murdaca <antoniomurdaca@gmail.com>
Default to always remove the destination before copying when generating
the copy stage options for custom files in the image. This will ensure
that if the destination is an existing symlink to another file, it won't
be followed.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for newly added `remove_destination` option in the copy
stage.
Related to https://github.com/osbuild/osbuild/pull/1241
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This will allow to conveniently add multiple stages to the pipeline at
once, which is useful if a generator function wrapping some
functionality generates more than one `Stage`.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Implement helper functions for generating osbuild stages for a slices of
`fsnode` types, such as Files and Directories. The generated stages will
ensure that the provided FS nodes will be created in the FS tree and
will have their respective properties set (such as ownership, mode,
etc).
These functions are not yet used by any pipeline code, but the idea is
that they will be used in pipeline generator functions to create custom
directories and files based on the pipeline-specific customizations.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for files input in the copy stage. This will enable copying
inline sources as a custom files in the image filesystem tree.
Add a simple unit test covering the use of this stage input.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The `GenCopyFSTreeOptions()` function has unused argument
`inputPipeline`. After discussing this with @achilleas-k, we determined
that it would be for the best to refactor this function and split out
the part that generates Mounts and Devices and instead return the actual
Stage from it. The reason for splitting out Mounts and Devices is that
these are then reused also by other stages when constructing pipelines
inside composer.
This would be a bigger change, so just adding the comment to the code to
capture this future work.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
DNF supports more than one GPG key. It is possible that one may be used for
signing packages, and another to sign the repository metadata. This
renamed GPGKey to GPGKeys internally. It does not change the on-disk
repository json format.
Rework the stage to not reimplement `FilesInput` as
`RPMStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as
`IgnitionStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as `QEMUStageInput`,
but instead use the one common `FilesInput` implementation and its
supported references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework the stage to not reimplement `FilesInput` as
`FDOStageInput`, but instead use the one common
`FilesInput` implementation and its supported
references.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The `FilesInputs` was since the beginning an XZ-specific implementation
of the input, but it was implemented in the `files_input.go` in a false
hope that it could be used as a generic stage inputs by any stages. It
turned out that various stages require different implementation of
its input. Specifically there is usually a stage-specific key, which has
assigned a common input type. For XZ stage, the key is `file`.
Remove `FilesInputs` and instead implement `XzStageInputs` which is now
accepted by the XZ stage.
Fix all affected pipeline implementations that use XZ stage.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Rework files input implementation to support all reference types
supported by the input schema. Also implement helper functions to
generate supported reference types. In some cases, the reference
supports e.g. referencing multiple pipelines in the stage inputs, but
this is currently not implemented, since no pipeline in composer uses
it.
Rework the files input unit tests to cover the new functionality.
Adjust all code affected by the changes made to files input.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The default value for the `os.FileMode` is zero, but the actual default
value used by the stage if no value is specified in the options is
`0777`. By using the pointer, we'll allow one to specify `0000`
permissions as a value which won't be omitted from the stage options.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for `exist_ok` stage option added as part of
PR#1224 [1], which allows to gracefully handle existence of a directory
path specified to the stage.
This will be helpful when creating custom directories in the image via
customizations, because one can't know in advance whether the directory
path won't be created by a package installed in the image.
Not bumping the requires on osbuild, because this new option is not yet
used by any image definition or customization.
[1] https://github.com/osbuild/osbuild/pull/1224
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The stage supports a `parents` property in stage path options, which
allows one to auto-create any parent directories as needed.
Add the property to stage options implementation.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The plain `Path` name was a bit unfortunate, since it was specific to
the `mkdir` stage, but it was used outside of the `osbuild` package as
`osbuild.Path` which was making a wrong impression of it being a generic
path structure. This is not true.
Rename the structure to contain the stage name.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
After introducing Go 1.18 to a project, it's required by law to convert at
least one method to a generic one.
Everyone hates IntToPtr, StringToPtr, BoolToPtr and Uint64ToPtr, so let's
convert them to the ultimate generic ToPtr one.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Updates firewall stage customizations to allow zones
as per the changes made on osbuild/osbuild#1157
Relevant tests and pipelines for rhel8+9 updated.
Signed-off-by: Irene Diez <idiez@redhat.com>
Creates new stage to configure
journald to persist the journal.
Instead of creating the `/var/log/journal`
directory we explicitly configure journald
via the new stage.This is done in
according to the FCOS norms.
Unit tests also added for functionality
check.
Co-authored-by: Irene Diez <idiez@redhat.com>
Signed-off-by: Sayan Paul <saypaul@redhat.com>
The org.osbuild.chrony stage was extended to allow additional directives
alongside time servers [1]. The old Timeservers string slice was kept
for backwards compatibility. Removing support for it in
osbuild-composer makes working with the stage's options simpler. Using
the new struct slice Servers field and only specifying a Hostname for
each element is equivalent to the old behaviour, so no functionality is
lost.
This simplifies the chrony stage since no validation is required
anymore.
It also simplifies the propagation of configuration options through the
pipeline generation code which doesn't need to check for both types of
stage options.
[1] https://github.com/osbuild/osbuild/pull/692
This adds the `fedora-image-installer` and
`fedora-image-installer-preview` images.
The image installer type installs anaconda-webui on Fedora >= 38 to use
the new UI. It also writes its setting to
`/usr/share/anaconda/interactive-defaults.ks` as the current
anaconda-webui has not yet been tested in kickstart mode.
To do so manifest.Anaconda was expanded to take a (subset) of options
for a KickstartStage which is will write into interactive-defaults.ks.
And to take a list of additional modules to enable, so we can set up
Anaconda with all default modules.
The CommitSource was used to specify the source URL and checksum of a
commit for use in manifest sources. Renaming to CommitSpec and adding a
Ref parameter generalises the type so that we can use it to specify
commits in various situations. This is building towards separating when
ostree parameters are used for fetching a commit, fetching a parent
commit, and building one.
The CommitSpec is (very roughly) analogous to the rpmmd.PackageSpec.
