a2d4ba715f
This is a preparation for defining EC2 images for RHEL-8.5.0. These extensions to image-info tool represent modifications done to the official EC2 images currently produced as RHEL release. It is important to be able to analyse these aspects of images, before we define them in osbuild-composer, to ensure that the resulting images will be consistent with the current state. - Read non-empty lines from /etc/hosts file and add them to the report. - Read content of /etc/machine-id and add it to the report. - Read uncommented key/values from /etc/systemd/logind.conf and add them to the report. - Read all ifcfg-* files from /etc/sysconfig/network-scripts/ and add their values to the report. - Read content of /etc/locale.conf and add it to the report. - Read SELinux configuration from /etc/selinux/config and add it to the report. - Inspect the filesystem tree for SELinux context mismatches and add them to the report. - Read configuration files from /etc/modprobe.d/ and for now report only all blacklisted kernel modules. - Read RHSM configuration from /etc/rhsm/rhsm.conf and add it to the report. - Read cloud-init configuration from /etc/cloud/cloud.conf and add it to the report. - Read all *.conf files from /etc/dracut.conf.d/ and add their content to the report. - Read VC and X11 keyboard configuration and add it to the report. - Read specific configuration directives from Chrony configuration and add them to the report. Specifically 'server', 'pool', 'peer' and 'leapsectz'. - Read drop-in configurations for *.service unit files from /etc/systemd/system/ and add them to the report. - Read all configuration files from /etc/tmpfiles.d/ and add them to the report. - Read all configuration files from /etc/sysctl.d/ and add them to the report. - Read the Tuned active profile and profile mode and add them to the report. - Read all configuration files from /etc/security/limits.d and add them to the report. - Read sudoers configuration from /etc/sudoers and files in /etc/sudoers.d/ and add uncommented lines to the report. No sophisticated parsing is done, because the configuration format grammar is too complicated for the purpose of image-info. - Read udev rules configuration files from /etc/udev/rules.d/ and add them to the report. - Read DNF configuration and defined vars and add them to the report. - Read profile ID and enabled features used by authselect. - Enable SELinux, extended attributes and POSIX ACLs support when unpacking 'tar' image type to prevent potential mismatches Regenerate all image test cases to reflect changes in the image-info output. Modify the distro-arch-imagetype-map.json to cover all combinations currently covered by existing image test cases. Add doc strings to all read_* functions. Signed-off-by: Tomas Hozza <thozza@redhat.com> |
||
|---|---|---|
| .github | ||
| cmd | ||
| containers/osbuild-composer | ||
| distribution | ||
| docs | ||
| image-types | ||
| internal | ||
| repositories | ||
| schutzbot | ||
| test | ||
| tools | ||
| vendor | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .golangci.yml | ||
| codecov.yml | ||
| CONTRIBUTING.md | ||
| DEPLOYING.md | ||
| dnf-json | ||
| go.mod | ||
| go.sum | ||
| HACKING.md | ||
| krb5.conf | ||
| LICENSE | ||
| Makefile | ||
| NEWS.md | ||
| osbuild-composer.spec | ||
| README.md | ||
| Schutzfile | ||
OSBuild Composer
Operating System Image Composition Services
The composer project is a set of HTTP services for composing operating system images. It builds on the pipeline execution engine of osbuild and defines its own class of images that it supports building.
Multiple APIs are available to access a composer service. This includes support for the lorax-composer API, and as such can serve as drop-in replacement for lorax-composer.
You can control a composer instance either directly via the provided APIs, or through higher-level user-interfaces from external projects. This, for instance, includes a Cockpit Module or using the composer-cli command-line tool.
Project
- Website: https://www.osbuild.org
- Bug Tracker: https://github.com/osbuild/osbuild-composer/issues
- IRC: #osbuild on Libera.Chat
About
Composer is a middleman between the workhorses from osbuild and the user-interfaces like cockpit-composer, composer-cli, or others. It defines a set of high-level image compositions that it supports building. Builds of these compositions can be requested via the different APIs of Composer, which will then translate the requests into pipeline-descriptions for osbuild. The pipeline output is then either provided back to the user, or uploaded to a user specified target.
The following image visualizes the overall architecture of the OSBuild infrastructure and the place that Composer takes:
Consult the osbuild-composer(7) man-page for an introduction into composer,
information on running your own composer instance, as well as details on the
provided infrastructure and services.
Requirements
The requirements for this project are:
osbuild >= 26systemd >= 244
At build-time, the following software is required:
go >= 1.14python-docutils >= 0.13
Build
The standard go package system is used. Consult upstream documentation for detailed help. In most situations the following commands are sufficient to build and install from source:
mkdir build
go build -o build ./...
The man-pages require python-docutils and can be built via:
make man
Repository:
- web: https://github.com/osbuild/osbuild-composer
- https:
https://github.com/osbuild/osbuild-composer.git - ssh:
git@github.com:osbuild/osbuild-composer.git
Pull request gating
Each pull request against osbuild-composer starts a series of automated
tests. Tests run via GitHub Actions and Jenkins. Each push to the pull request
will launch theses tests automatically.
Jenkins only tests pull requests from members of the osbuild organization in
GitHub. A member of the osbuild organization must say ok to test in a pull
request comment to approve testing. Anyone can ask for testing to run by
saying the bot's favorite word, schutzbot, in a pull request comment.
Testing will begin shortly after the comment is posted.
Test results in Jenkins are available by clicking the Details link on the right side of the Schutzbot check in the pull request page.
License:
- Apache-2.0
- See LICENSE file for details.