Read uncommented lined from /etc/resolv.conf and add them as a list to
the image-info report. The list of lines is present in the report even
if it is empty, so that the report is explicit about the file content
and presence.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Extend image-info to read systemd service unit drop-ins from
multiple paths:
- /etc/systemd/system/*.service.d
- /usr/lib/systemd/system/*.service.d
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Add a .gitleaks.toml file that lists all the test passwords and paths to
keys that should be ignored by the security scanner. This avoids false
positives so we can enable the scanner to catch actual leaks.
Closes#1747
Signed-off-by: Achilleas Koutsou <achilleas@koutsou.net>
thozza pointed out that `int` is platform dependent which results in
a fs size that is too small for 32-bit machines. This commit changes
the filesystem custimizations to use `uint64` instead of `int`
The bootloader option in ostree.config stage is new in osbuild 37. However,
osbuild 37 contains a bug that prevents it from working in certain cases,
thus we need to pin to a slightly newer commit that contains a fix for it:
bug: https://github.com/osbuild/osbuild/issues/822
fix: https://github.com/osbuild/osbuild/pull/824
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Use the new bootloader config for OSTree deployments to set the
bootloader backend to `none` since we use grub2 and BLS in all
currentlysupported architectures. In fact, not setting it to
`none`, will use the default `auto`, which will result in the
run of `grub2-mkconfig`, which is not what we want and might
even fail for us.
Expose the new (osbuild > 36) `sysroot.bootloader` option to
configure the bootloader backend for OSTree deployments.
Normally, this should be set to `none` for modern bootloader
that use the BLS, since the BLS snippets are always generated.
The main changes are:
- Kind, Href, Id fields for every object returned
- Attach operationIds to each request, return it for errors
- Errors are predefined and queryable
We don't run on RHEL 8.3 anymore.
Note that the koji-osbuild rev-deps test is not run anymore, therefore
it's fine to drop dependants, see:
https://github.com/osbuild/osbuild-composer/issues/1559
We should reintroduce it though.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We use the koji API to build RHEL nightlies, therefore we should build
only development versions in the testsuite.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
There is no need for osbuild-composer to wait until the whole multi-user
target is completed. It can be started earlier as it doesn't have any
dependencies in the target.
This can be a problem if there is a unit in the target that is not starting
and still is unrelated to osbuild-composer. There was a bug like this
with Plymouth where the service didn't finish and it was hanging. That
prevented osbuild-composer from starting and the user was left with
working SSH connection and shell, but composer-cli and systemctl start
osbuild-composer.service were both unresponsive.
Replace After=multi-user.target with After=network.target to start
osbuild-composer earlier.
The variables are set to the git revision from which the build is
triggered and rpm version from the spec file, if it is build using RPM.
This can be later used to query exact source version while
running osbuild-composer.
It is necessary to use both, because none of them is available in all
possible scenarios.
Use either git-rev (preferably) or RPM version (NEVRA) instead of the
"devel" build type. It was just a placeholder.
