Similar to the `stage_module` fixture for stage tests this adds
a fixture to test sources modules of osbuild.
The code from `stage_module` and `sources_module` is similar and
could be combined but pytest makes it hard to do this without
having a shared root dir. Given that it's just four lines it
seems easier to just life with the tiny bit of code duplication.
The system-wide location for the containers storage.conf is
/usr/share/containers. The existence of a file in /etc/containers
completely overrides this (see containers-storage.conf(5)).
If no file is found at /etc/containers/storage.conf then fall back to
reading the config from /usr/share/containers/storage.conf.
If neither file exists, this is an error since the default config should
be packaged with any tool that requires it (skopeo, podman, etc).
Containers with the `containers-storage` are bind mounted to
the osbuild store. This helper function bind mounts the
containers-storage from the store into the `/containers/storage`
so that stages that require containers can then make use of these
containers.
An input that pairs with the org.osbuild.containers-storage source. It
makes the host container storage available to a stage and a container ID
for the stage to use.
Unlike all the other input types, this input does not refer to static
objects in the osbuild sources store but a dynamically mounted container
store that depends on the host storage configuration and the
availability of specific containers in that store.
Co-authored-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-authored-by: Gianluca Zuccarelli <gzuccare@redhat.com>
This source checks for the existence of a local container in the host's
containers-storage. The source first reads the host's
`/etc/containers/storage.conf` file for the storage config and then
checks if the user has imported the desired container into the local
store.
Unlike the org.osbuild.containers stource, the
org.osbuild.containers-storage source doesn't need any extra data other
than the image ID. The ID is all that is used to retrieve the
container. The location and other information regarding the storage are
read from the host configuration and are not encoded in the manifest
There's no need to use the name to resolve it like we do in other
sources because containers in the local storage can be directly
referenced by their image id (config digest).
Other data such as the name of the container will only be relevant in
the stage that will use the container as input.
The source items are objects instead of simple strings of checksums
because we might, in the future, want to add specific options for each
source.
The content_type for this source is `containers-storage`, which defines
the location in the store where the source will bind mount the host's
container storage for stages to read. We make this different from the
containers content because it will be treated differently enough to need
a separate input type.
Co-authored-by: Gianluca Zuccarelli <gzuccare@redhat.com>
Co-Authored-By: Michael Vogt <michael.vogt@gmail.com>
Under certain conditions a bind mount without a specified `rw` or `ro`
option gets mounted read-only. We need a way to be explicit about
needing a rw mount. We might want to change this in the future to be a
single option (mode optional?) with valid values "rw", "ro".
It's not entirely clear what the conditions are but it occurs when bind
mounting the containers storage into the osbuild store, which we will
need for the next few commits.
While integrating the changes to grub2 config stage options in the
`osbuild/images` repository, I noticed that the code for grub2.legacy
is embedding the grub2 stage config options struct in its own config
options struct [1]. However, the grub2 stage options contain also the
`default` entry, while the grub2.legacy stage does not allow this option
in its stage options.
This change fixes that and ensures that the grub2 stage options config
section is a subset of the grub2.legacy stage options config section.
[1] d5644f3115/pkg/osbuild/grub2_legacy_stage.go (L85)
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The code in `check-snapshots` will print "No snapshots cache found
at ..." regardless of the error that happens when trying to open
the file. This can be misleading if e.g. the issue is permissions
to open the file or the file is corrupted. So make the exception
more targeted and only catch FileNotFound error and let python
how the full error for the other cases. Obviously this can be
done in many ways so I'm happy to tweak and e.g. keep catching
all exception but print the value etc.
Right now the tools directory is not checked by pylint because
it will not auto-detect what files are python files and instead
just skip the dir if it does not have a __init__.py.
This commit uses `tox-backticks` to run a custom find to ensure
the python files are explicitely added. I'm not sure we can
use tox-backticks or we need it packages for fedora/rhel?
If we cannot use it we need to look into either a custom tox
plugin to support more rich globbing or just move out
`tools/set-env-variables.sh` as it's the only non-python code
in the repo and it will trip up pylint (syntax error).
Extend the stage to allow explicitly configuring more grub2 default
config options. Preserve the defaults for options which were previously
hard-coded.
Extend the stage unit test to verify setting of the new grub2 default
config options.
Related to https://issues.redhat.com/browse/RHEL-19583
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Extend the stage to allow explicitly configuring more grub2 default
config options. Preserve the defaults for options which were previously
hard-coded.
Extend the stage unit test to verify setting of the new grub2 default
config options.
Related to https://issues.redhat.com/browse/RHEL-19583
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Small unit test for the new `org.systemd.unit.create` stage. It
will do basic schema validation checks and ensures that a simple
service definition is correctly translated to a systemd unit.
The bootc.install-to-filesystem code needs to run against the
root directory of a mounted tree, i.e. with /boot, /boot/efi
mounted. So change the code so that the target dir is the
the "mounts" paths. This is similar to how bootupd works and
the caller need to arrange the right mount setup there.
Add systemd unit files in osbuild stage
This stage creates systemd unit file in `/usr/lib/systemd/system/`.
The stage accepts filename which must end with `.service`.Section
`Unit` , `Service` , `Install` accepts various parameters as per
the systemd documentaion.`systemd-analyze verify` is be performed
after the .service file is created to check for potential errors.
Signed-off-by: Sayan Paul <paul.sayan@gmail.com>
This commit adds a test that ensures that the output of
podman mount is part of the error message. While writing
the test I also tweaked the code slightly so that we only
try to `podman umount` if we managed to successfully mount.
The new `testutil.mock_command` context manager can be used to
mock commands in PATH and replace them with arbitrary shell
scripts. This is useful in testing to e.g. simulate exact error
conditions that would be hard to trigger otherwise or to replace
long running commands with faked results.
Example:
```
fake_cmd = textwrap.dedent("""\
do-something
""")
with mock_command("some-cmd", fake_cmd):
your_code
```
This commit adds example manifests for a bootc.install-to-filesystem
system. It does not do more with them because running a full test
requires a working podman which is difficult to use inside our
GH runners that are already running inside docker.
This adds a `default: true` option for all cases where OSTree
information is specified in schemas and allows for the information
to be picked up from the filesystem.
This is a safe operation because when building disk images there is
no known case where having two deployments makes sense. In the case
there ever were a case then the osname, ref, and serial options still
exist and can be used.
Co-authored-by: Luke Yang <luyang@redhat.com>
Co-authored-by: Michael Vogt <michael.vogt@gmail.com>
It seems like an artifical limitation to prevent copying from a mount
or from one location in the tree to another. It just so happens we need
this functionality when building CoreOS images because we want to take
a file embedded in the OSTree at a location and copy it to another
location in the tree. The particular example here is we want to copy
/usr/share/coreos-assembler/platforms.json -> /boot/coreos/platforms.json
See https://github.com/coreos/coreos-assembler/pull/3709
Allowing to copy from/to the tree we can now do something like:
```
- type: org.osbuild.copy
options:
paths:
- from: tree:///usr/share/coreos-assembler/platforms.json
to: tree:///boot/coreos/platforms.json
mounts:
- name: ostree.deployment
type: org.osbuild.ostree.deployment
options:
deployment:
ref: ostree/1/1/0
osname:
fedora-coreos
```
In some cases it could useful to add additional kernel options without
modifying BLS config, so any subsequent call to `zipl` would ignore them.
We are going to use this to append `ignition.firstboot` to kernel cmdline
for CoreOS on s390x.
