Newer warning from pylint, also consistent with how we do things
elsewhere. Note that this only applies to one file in the tests but
disabling it would be very weird for such a small fix.
Fedora 34 is end of life and we ought to be testing with newer
releases so that we catch issues like the authselect one, that
is detailed in "stages/rpm: support marking install as ostree".
Convert the manifest to use version 2 format. Version 1 is really
not used much anymore because composer was completely ported to
using v2. Welcome to the future, ostree commit.
Include cryptsetup and lvm2 so that commit can be deployed to
images that are encrypted and have lvm2 layout. Additionally,
include greenboot. Remove the explicit dependency on ostree
and systemd-udev, which are automatically pulled in.
Instead of using `subprocess` with `check=True`, which will
echo the command used, including all the files it checked,
check the error code and if non-zero, fail the test with a
nice small error message.
This stage allows to manifests to define information to be put into a
built image. The information can then later be used by RHSM/Insights.
The facts are stored in `/usr/share/osbuild/rhsm.facts` and then
symlinked into `/etc/rhsm/facts/osbuild.facts`.
From IEEE Std 1003.1-2017:
3.437 User Name:
A string that is used to identify a user; see also User Database. To be
portable across systems conforming to POSIX.1-2017, the value is composed
of characters from the portable filename character set. The <hyphen-minus>
character should not be used as the first character of a portable user name.
3.282 Portable Filename Character Set
The set of characters from which portable filenames are constructed.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a b c d e f g h i j k l m n o p q r s t u v w x y z
0 1 2 3 4 5 6 7 8 9 . _ -
The last three characters are the <period>, <underscore>, and <hyphen-minus>
characters, respectively.
---
The regex checking the username in org.osbuild.users stage omitted the
<period> character before. This commit adds it and modifies the stage
test in order to cover this change.
Fixes: rhbz#2104464
New stage to create or modify `containers-storage.conf` config
files. The currently implement strategy is to merge the given
and existing configuration options.
The oscap.remediation stage now runs the
remediation during build time rather than
creating the necessary files to run the
remediation on first-boot. The tests have
been updated to reflect these changes.
Add a new stage to import public keys into the RPM database via the
`rpmkeys` command. This is similar as to what the `org.osbuild.rpm`
stage already does but it uses inputs instead of inline data.
This commit introduces a new vagrant stage and initially only supports
the libvirt backend. The vagrant stage takes a disk image as input
generates a Vagrantfile and metadata.json.
The idea of this test case was to check that two identical trees are
only stored once, via their treesum in the object store; but this
functionality was removed in commit e97f6ef34 and instead of treesums
random uuids are now used. As a result there is no de-duplication
anymore -- the subject of the test. So remove the test.
Currently we hard code the vpc options `subformat=fixed` and
`force_size`, which are needed to generate valid azure images
with newer versions of qemu. But for other use cases or other
versions of qemu these options might not be wanted or valid.
Expose all the options but with defaults corresponding to the
old behavior.
Add a unit test for the `force_size` option to check its
effect. Also add a check for the correct size to the existing,
default value (i.e. `force_size` being `true`).
Can be used to create partition tables via GPT laypout via `sgdisk(8)`.
The schema of `partitions` is intentionally kept identical to the one
in `org.osbuild.sfdisk`.
Add corresponding tests.
Add a new class `SubIdsDB` as a database of subordinate Ids, like the
ones in `/etc/subuid` and `/etc/subgid`. Methods to read and write
data from these two files are provided.
Add corresponding unit tests.
Add a new member variable `caps` that if not `None` indicates the
capabilities to retain, i.e. all other capabilities not specified
will be dropped via `bubblewrap` (`--cap-drop`).
Add corresponding tests.
This extends the possible ways of passing references to inputs. The
current ways possible are:
1) "plain references", an array of strings:
["ref1", "ref2", ...]
2) "object references", a mapping of keys to objects:
{"ref1": { <options> }, "ref2": { <options> }, ...}
This patch adds a new way:
3) "array of object references":
[{"id": "ref1", "options": { ... }}, {"id": ... }, ]
While osbuild promises to preserves the order for "object references"
not all JSON serialization libraries preserve the order since the
JSON specification does leave this up to the implementation.
The new "array of object references" thus allows for specifying the
references together with reference specific options and this in a
specific order.
Additionally this paves the way for specifying the same input twice,
e.g. in the case of the `org.osbuild.files` input where a pipeline
could then be specified twice with different files. This needs core
rework though, since internally we use dictionaries right now.
