Fix:
assemblers/org.osbuild.qemu:310:36: E0606: Possibly using variable 'prep_type' before assignment (possibly-used-before-assignment)
inputs/org.osbuild.tree:85:15: E0606: Possibly using variable 'path' before assignment (possibly-used-before-assignment)
stages/org.osbuild.sfdisk:58:36: E0606: Possibly using variable 'prep_type' before assignment (possibly-used-before-assignment)
stages/org.osbuild.systemd.unit:23:16: E0606: Possibly using variable 'unit_dropins_dir' before assignment (possibly-used-before-assignment)
test/mod/test_meta.py:219:29: E0606: Possibly using variable 'schema_part' before assignment (possibly-used-before-assignment)
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Fix:
osbuild/pipeline.py:101:12: R1737: Use 'yield from' directly instead of yielding each element one by one (use-yield-from)
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The new version of Pylint reports this issue in too many places. It is
unlikely that we would change all occurrences of it just to make
Pylint happy. Disable the check.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Update pylint to the latest upstream version, to fix a false positive
with Python 3.13, that was resolved in `astroid` dependency in version
`3.3.5`. In order to update the dependency, the `pylint` version itself
needs to be bumped to at least version `3.0.0`.
The error was:
test/run/test_stages.py:21:0: E0611: No name 'Mapping' in module 'collections.abc' (no-name-in-module)
More details: https://github.com/pylint-dev/pylint/issues/10000
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This is needed to resolve fialure to find `lib2to3` module on F41, which
was removed since Python 3.13 used by default there.
Update autopep8 and pycodestyle to the latest upstream releases.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The test case is skipped in the upstream CI, because the `autotailor`
executable is not installed in the `osbuild-ci` image. This will not
be the case in the future and the CI run will reveal a Python 3.6
incompatibility in the test implementation. Fix it.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This adds support for specifying paths to operate on,
rather than just the root of the target:
```
- type: org.osbuild.selinux
options:
file_contexts: etc/selinux/targeted/contexts/files/file_contexts
target: mount://root/path/to/dir
mounts:
- name: root
source: disk
target: /
```
or
```
- type: org.osbuild.selinux
options:
labels:
mount://root/path/to/file: system_u:object_r:boot_t:s0
mount://root/path/to/other/file: system_u:object_r:var_t:s0
mounts:
- name: root
source: disk
target: /
```
New fucntion returns tuple of 'root' and relative 'file path', which could be
useful in contexts, where knowing 'root' is required, for example setting
selinux labels.
This allows using e.g. mpp-eval in the resolve-image operation, similar
to how it is now possible in the mpp-depsolve handling.
We want this so we can inject the list of images from a list variable
(that can then be mpp-join:ed, etc).
The dnf5 library in Fedora 41 still has some issues that prevents us
from using it in osbuild-composer. Switch to using dnf4 on Fedora 41 as
well until these issues are resolved.
Add remove-signatures option to container-deploy stage.
The option will be translated to --remove-signatures
skopeo option and passed to skopeo when copying the container.
This option must be set when deploying signed containers.
Signed-off-by: Miguel Martín <mmartinv@redhat.com>
Michael Vogt pointed out that testcases start failing when we describe
the new format. Let's add a test case and fix the describe to include
the metadata.
Metadata is freeform in the `Manifest` instance but it is stored on it
during loading (at which time its properties are validated) and returned
as-is on describe.
Signed-off-by: Simon de Vlieger <supakeen@redhat.com>
Allows a new object under the top-level key `metadata` which contains a
`generators` property. This property is a list of all generators involved
in the creation of a manifest.
Each generator can add its name and version to this list.
Signed-off-by: Simon de Vlieger <supakeen@redhat.com>
For usecases where for example selinux is not supported,
we should expect more errors from tar so we should also accept this
when matching the string.
Kudos go to Achilleas Koutsou <achilleas@koutsou.net> for this hint
The full list of packages is also listed in terraform
containers/blob/main/docker-bake.hcl#L240 ("BASE_PACKAGES")
so this README and the package list should somewhat stay in sync
This change allows use the more advanced features of bash like
array operations (e.g. `${@:2}` to drop the first two arguments
or similar. On fedora/rhel this is a no-op as it is already using
sh -> bash (afaik).
We currently use the absolute path of these binaries in the
helper. This has some advantages but given that we control the
inputs for PATH in general it seems unnecessary.
We are also slightly inconsistent about this in the codebase but
favor the non absolute path version. A quick count:
```
$ git grep '"chroot"'|wc -l
13
$ git grep '"/usr/sbin/chroot"'|grep -v test_|wc -l
8
```
for `mount` and `umount` it seems this is the only place that uses
the absolute path.
It's not an important change but it has the nice property that it
allows us to use e.g. `testutil.mock_command()` in our tests and
it would be nice to be consistent.
The recent change in https://github.com/osbuild/osbuild/pull/1896
removed the dnf dependency, leading to failures in osbuild-mpp with the
following error:
ModuleNotFoundError: No module named 'dnf'
To fix it, add the python3-dnf dependency for the
osbuild-tools package.
Signed-off-by: Renata Ravanelli <rravanel@redhat.com>
I am keeping mailing list link, however, nobody was able to tell me how one can subscribe to it. I think it is Google Groups list now and there is no join option.
This commit moves the joining of path fragements from f-strings
to pathlib and simplifies some of the map/filter/lambda expressions
into more standard list comprehensions.
This was added years ago in 3c19420b3e.
Back then, we were constructing the initial buildroot using dnf directly
(stages had network access at that point). We reworked this with the
introduction of the rpm stage, sources and an external depsolver. The
dnf stage itself was actually removed in
892342b978. Thus, I think we don't need
to pull dnf anymore, so this commit removes the dependency.
This commit adds a new `transform` option to the tar stages that
maps directly to the `--transform=` comamndline argument of tar(1).
This allows to transform the names while files/dirs are added to
a tarfile. This is useful for the `gcp` pipeline for
bootc-image-builder where we want to create a gcp tar file that
expects the disk image filename in the tar to be exactly `disk.raw`.
Note that tar allows only a single `--transform` and we leave it
to the user to construct `sed` expressions if multiple renames
are required.
With the labels option the user is specifying the exact context
they want to set on the path so it's not necessary to supply a
context here. This can be also useful in the case where you want
to set some labels and you haven't yet populated the tree yet.
For the DNF4 version, we actually use 'dnf' package and not 'libdnf'.
Fix the SPEC file dependencies and also the check in unit test.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
This is essentially org.osbuild.systemd.unit.create but creates
file where podman looks for quadlets instead.
For now only container, volume and network is supported.
Not all quadlet options are supported, but at least the most usef ones, and enough for the automotive sample-images.
Its not uncommon for systemd unit key values to contain things like
"%t", as these are magic values expanded by systemd. We need to
disable the ConfigParser default interpolation that treats '%' as
meaning interpolation.
Otherwise you will get errors like:
```
File "/run/osbuild/bin/org.osbuild.systemd.unit.create", line 66, in <module>
r = main(args["tree"], args["options"])
File "/run/osbuild/bin/org.osbuild.systemd.unit.create", line 46, in main
config.set(section, option, str(value))
File "/usr/lib64/python3.9/configparser.py", line 1204, in set
super().set(section, option, value)
File "/usr/lib64/python3.9/configparser.py", line 894, in set
value = self._interpolation.before_set(self, section, option,
File "/usr/lib64/python3.9/configparser.py", line 402, in before_set
raise ValueError("invalid interpolation syntax in %r at "
ValueError: invalid interpolation syntax in '%t/asil-ipc-demo/asil_ipc.socket' at position 0
```
Currently if one uses `mpp-embed` with URLs, osbuild-mpp still wants to
download the full file just so it can hash it. Make this more efficient
by hashing from the stream instead, which `hashlib` natively supports.
This also makes osbuild-mpp work with large artifacts in environments
that may not have enough space to temporarily save the data.
