Previously it was only possible to configure separate partitions
for mountpoints in the allow list and their immediate subdirectories
only i.e. /var & /var/log
This fix allows for an arbitrary level of mountpoints, i.e. /var/log/audit,
/var/a/b/c/d/e and so on
Previously it was only possible to configure separate partitions
for mountpoints in the allow list and their immediate subdirectories
only i.e. /var & /var/log
This fix allows for an arbitrary level of mountpoints, i.e. /var/log/audit,
/var/a/b/c/d/e and so on
V2 is compliant with api.openshift.com design guidelines.
Errors are predefined, have codes, and are queryable.
All requests have an operationId set: a unique identifier which is
sortable by time. This is added to the response in case of an error.
All returned objects have the href, id, and kind field set.
The RHSM DNF plugins `product-id` and `subscription-manager` are now
by default enabled on the RHEL-8.5 and RHEL-9.0 `ec2`, `ec2-ha` and
`ami` images.
The desired default state of the RHSM DNF plugins has been decided by
the RHSM team.
Related to https://bugzilla.redhat.com/show_bug.cgi?id=1996670
Signed-off-by: Tomas Hozza <thozza@redhat.com>
2 configurations for the listeners are now possible:
- enableJWT=false with client ssl auth
- enableJWT=true with https
Actual verification of the tokens is handled by
https://github.com/openshift-online/ocm-sdk-go.
An authentication handler is run as the top level handler, before any
routing is done. Routes which do not require authentication should be
listed as exceptions.
Authentication can be restricted using an ACL file which allows
filtering based on JWT claims. For more information see the inline
comments in ocm-sdk/authentication.
As an added quirk the `-v` flag for the osbuild-composer executable was
changed to `-verbose` to avoid flag collision with glog which declares
the `-v` flag in the package `init()` function. The ocm-sdk depends on
glog and pulls it in.
Move the ostree repository and the tar image to the root of the
boot iso. This has several advantages: we do no longer have to
correctly guess the size of the anaconda image. Also we do not
need to compress the payload within the squashfs.
Update the image installer's test data. NB: the changes to the
package list were introduced earlier and should mostly affect
the build pipeline. Should have caught is in the corresponding
change, but was apparently not picked up by CI.
OSBuild Composer can now build the RHEL 8.5 Raw Images. This images are
compressed raw images, i.e. a file that has a partition layout with an
deployed OSTree commit in it. It can be used to flash onto a hard drive
or booted in a virtual machine. An existing OSTree commit needs to
be provided.
The following image new types are supported: edge-raw-image.
Instead of using package sets at the distro, arch and image type
level and then merging them in `PackageSets`, store the function
that generates the package set in the image type and have them
return all the package set. In order to do so, they now take an
imageType parameter so that they can also return architecture
dependent packages.
Instead of having a common build package set defined at distro
struct level and merging them together with build packages in
the image type (and arches), we do the "inheritance" at the
package set level and append more specific packages to base
sets there. We also now ensure that each image type does have
a build package set defined.
The actual package set should not change for anything due to
this commit.
Split the common installer build packages from the one specific to
anaconda and edge.
NB: The "inheritance" is now done in the package sets rather than
outside, via package set merging.
The edge specific build packages, `edgeBuildPkgsKey` where defined
on the distro level but also always included in all actual edge
image types; there were thus duplicated.
This adds a new installer called the "Simplified Installer" for Edge.
In contrast to the existing insaller, which is based on Anaconda, this
new installer based on the CoreOS installer project[1], a small rust
based binary that is executed in the initramfs and will flash a raw
image to a specified installation device. For this a new blueprint
option is introduced. The raw image is created from an existing OSTree
commit and embedded into the resulting bootable iso. When booting the
iso the installation will automatically start witout any interaction
from the user.
NB: As with the existing edge installer, support is currently limited
to x86. The new installer also does not support non-uefi boot.
[1] https://github.com/coreos/coreos-installer
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
Add a new param to the helper function creating the grub2 stage, that
indicates whether greenboot should be enabled. So far this is false
for all uses, so nothing should change.
Add an argument to `dracutStageOptions` so that additional dracut
modules can be supplied. Remove `anaconda` from the list of mods
that are included by default, and manually include it for the
anaconda based installer.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
osbuild, since version 30, supports the ostree deployments for the
fstab stage.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Christian Kellner <christian@kellner.me>
Mark the `FilesInput` as valid input for the copy stage input so it
can be used in the constructor helper function(s).
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
Add a level of indirection for the copy stage constructor function
in order to be able to use it with existing input types, like the
files input.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
Add a new `install` option to the `grub2StageOptions` which directly
translates to the `uefi.install` option for the grub2 stage. This
should be false for all existing pipelines, where RPM directly is
used to fill `/boot/efi/EFI/<vendor>`.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
Add the new stages included in osbuild 30 that can be used to
deploy an OSTree commit as well as the grub iso stage that
is used to configure grub2 (efi) for isos.
Bump the spec file requirement accordingly.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Christian Kellner <christian@kellner.me>
Should be a pointer otherwise it creates an empty object in the manifest
which makes the stage fail.
Co-Developed-by: Christian Kellner <christian@kellner.me>
When building RHEL for Edge commits and a parent together with an
URL was specified, add a `org.osbuild.ostree.passwd` stage which
then will pre-load the uid/gid database with the data from the
parent commit. This ensures that uids and gids do not change for
the "child" commit.
