Osbuild doesn't support creating btrfs over multiple devices, thus it should
be fine to have only single and dup in the schema (other options are for raid)
So we have a quick reference how to work with btrfs-based images.
Co-authored-by: Christian Kellner <christian@kellner.me>
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
systemd unit stage will now be able to add user unit dropin,
this is done by adding an additional field:unit-type
which is set to system by default. It also adds ability
to update the unit config with ConditionPathExists.
Relevant testing updated for the new workflow.
Signed-off-by: Sayan Paul <paul.sayan@gmail.com>
This removes these unused repos:
fedora-35
fedora-36
rhel-8.8
rhel-9.2
Note that that script also reports that rhel-8.7 and rhel-9.1 do not have
Schutzfile entries. That is because they are used in deploy.sh which
does not use Schutzfile to lookup the urls.
This pulls the list of snapshots from the rpmrepo API, greps the
codebase for all uses of rpmrepo.osbuild.org that look like a snapshot
name, and then checks to make sure they are still valid.
This is the same script as osbuild-composer, except that it also skips
checking ./test/data/stages/ which has rpm urls that look like snapshot
urls.
This adjustment allows the definition of the mark with the RPMs and runs
DNF after installing the RPMs to put the proper markings in the DNF
state database. See #455.
This ensures that packages don't get removed during `autoremove` leading
to broken systems.
rpm-ostree 2023.2 dropped the `rpm-ostree container-encapsulate` entrypoint.
Instead, we have to use `rpm-ostree compose container-encapsulate`.
Adjust the code that it selects the correct entrypoint based on the rpm-ostree
version.
Since the new stage now requires python-yaml, add it to the buildroot and
regenerate all manifests.
This commit changes these manifests to use the new fedora-vars.ipp and
fedora-build-v2.ipp infrastructure to remove all hardcoded Fedora versions.
Note that this is currently limited only to stage tests that already use v2
manifests. v1 manifests will come later.
Notes:
The buildroot needs additional packages: zstd and openscap-utils. Thus,
all manifests had to be regenerated.
GPG keys were added where missing.
The oscap.remediation stage now creates a bunch of files with timestamps in
their names under /var/lib/authselect/backups. Thus, the newly introduced
`added_directories` directive is used to handle them.
I reviewed all changes in `diff.json` files, and they all seem sane given
that we jumped 4 releases forward.
There hasn't ever been an official tool for this and everyone was just using
the output from the test to generate the diff. This commit introduces a proper
tool for generating these files.
This commit adds support for a new field in tree diffs fed to the stage tests.
This is useful when you care that a directory is added, but you don't care
about its content.
Since this is useful only for the expected tree diff, it's supported only
there. The actual tree diff doesn't support the new field.
This commit changes this manifest to use the new fedora-vars.ipp and
fedora-build-v2.ipp infrastructure to remove all hardcoded Fedora versions.
We are also able to remove the container manifests from the Makefile,
because they are no longer depending on the old f34-build-v2.json.
This commit changes this manifest to use the new fedora-vars.ipp and
fedora-build-v2.ipp infrastructure to remove all hardcoded Fedora versions.
An auto-generated ostree ref and isolabel was added to fedora-vars.
smc-meera-fonts was retired, so this commit changes it to rit-meera-new-fonts.
See
a8fe0d2620
icfg and reiserfs-utils are gone too, and they don't seem to be neccessary for
the image, so they were removed as well. Please correct me, if I am wrong.
What? I can just edit variables in one files and all(*) manifests get updated
content? That's impressive.
(*) We will be able to do all once we migrate all to the new format. For now,
the usual disclaimer applies:
This change is applied only to manifests based on fedora-build-v2 for now.
module_platform_id has a format of `platform:f34`. I have no idea why just
`f34` is used. Let's fix it.
This change is applied only to manifests based on fedora-build-v2 for now.
They are the same everywhere, we can just factor them out and save some bytes.
This change is applied only to manifests based on fedora-build-v2 for now.
Defining variables in the build pipeline is potentially dangerous, because
it can lead to the buildroot using a different package set than the other
pipelines.
Thus, this commit removes the variables from the build manifest. Since now on,
the variables must be defined before the build manifest is included.
Since the build manifest is no longer buildable on its own, let's remove it
from mpp.yaml to ipp.yaml. This is a convention set by the automotive team:
ipp manifests are not meant to be directly buildable, they are only useful
for embedding.
This is the second step of the conversion. All mpp.yaml json files were loaded
and dumped again with pyyaml. It was tweaked to keep the order of keys and to
save multi-line strings in the "flow" style. This was done, so the GPG keys
are kept on one line. Otherwise, they take up too much visual space.
There is no functional change in this commit.
osbuild-mpp supports yaml files. The advantage of yaml is that it's less
verbose and allows comments. This way, we can start documenting all the
test manifests in this repository.
This is the first step: This commit just renames the files, so we keep the
history intact. Remember: YAML is a super-set(*) of JSON, so this is fine.
There is no functional change in this commit.
(*) There are some caveats, but we don't need to care in this case.
We have a lot of copypasta of `def ostree()` but in this
case it's actually rpm-ostree, and we should be clear about that.
(Also in the future this code will need to change
to use the non-deprecated entrypoint, see
https://github.com/coreos/rpm-ostree/pull/4527 )
When developing or rebuilding manifests a lot it is common to want to
checkpoint everything to the store. It seems we all have small shell
scripts hanging around for this.
Let `--checkpoint` take a shell-like glob such as `--checkpoint="*"` to
checkpoint everything.
Note that there's a behavioral change here; previously `osbuild
--checkpoint=a` would error if that specific checkpoint wasn't found.
Now `osbuild` will only error if nothing was selected by the passed
globs.
