No description

Find a file

Michael Ho 621fa47563 runners: add fedora-38 specific logic This fixes an issue where Fedora-38 hosts can not build CentOS-Stream-9 images due to an incompatible gpg key with the new default settings for rpm. On Fedora-38, rpm has changed to use a new backend for key verification and by default does not support SHA1 anymore, although the support for SHA1 can be re-enabled via a config file. The (current) CentOS-Stream-9 keys however still require SHA1 support in order to be importable. So they are now unusable on Fedora-38 unless SHA1 support is re-enabled. In OSBuild, the initial chroot does not contain the config files and so SHA1 support is disabled when rpmkeys from the host is called. It does not matter if the crypto-policies on the host machine is configured with the exception to support SHA1 because the chroot filters that out. This means it may not be possible to assemble CentOS-Stream-9 based images without disabling the key check. This patch adds an explicit conditional case for Fedora-38 to inject the needed configuration file into /etc/crypto-policies/back-ends to enable SHA1 support for rpm by default. It does this by copying the default policies from /usr/share/crypto-policies. The result is OSBuild behaving similar to the previous behaviour seen on Fedora-37 and earlier.		2023-05-16 13:19:44 +02:00
.devcontainer	devcontainer: include packit, boto3 & more tools	2021-08-17 10:42:03 +02:00
.github	CI: delete duplicate source code check from GitHub action	2023-04-12 11:57:18 +02:00
assemblers	osbuild: run isort on all files	2022-09-12 13:32:51 +02:00
data	devices: add custom udev rule inhibitor mechanism	2021-12-09 00:44:21 +00:00
devices	devices/lvm2.lv: use new ensure_device_node helper	2022-11-22 18:28:38 +01:00
docs	osbuid: integrate FsCache into ObjectStore	2022-12-09 12:03:40 +01:00
inputs	inputs/containers: change archive format to dir	2023-03-31 14:57:26 +02:00
mounts	mounts: add possiblity to use norecovery with ro	2023-02-10 14:09:03 +01:00
osbuild	Post release version bump	2023-05-10 08:13:14 +00:00
runners	runners: add fedora-38 specific logic	2023-05-16 13:19:44 +02:00
schemas	schemas/osbuild2: mark `version` as required	2022-07-25 16:01:48 +02:00
schutzbot	Start building osbuild on RHEL 8.9 and 9.3 nightly	2023-05-04 13:34:35 +03:00
selinux	docs: document osbuild and selinux integration	2021-10-01 11:02:32 +02:00
sources	sources: add org.osbuild.skopeo-index source	2023-03-31 14:57:26 +02:00
stages	org.osbuild.mkfs.ext4: Add verity option to	2023-05-16 00:03:16 +02:00
test	loop: use LOOP_CONFIGURE instead of LOOP_SET_FD	2023-05-05 15:42:47 +02:00
tools	tools/tree-diff: don't pass file descriptor to `os.scandir()`	2023-04-28 22:02:35 +02:00
.bandit	lint: provide bandit configuration	2023-04-23 21:44:46 +02:00
.editorconfig	editorconfig: include markdown specifications	2020-10-23 16:29:50 +02:00
.git-blame-ignore-revs	git: ignore isort commit	2022-09-12 13:32:51 +02:00
.gitignore	git: ignore common virtual env locations	2022-06-30 10:34:27 +02:00
.gitlab-ci.yml	Start building osbuild on RHEL 8.9 and 9.3 nightly	2023-05-04 13:34:35 +03:00
.mypy.ini	osbuild: fix optional-types	2022-07-13 17:31:37 +02:00
.packit.yaml	ci(packit): Use YAML Merge Key syntax to reduce duplicity	2022-10-18 13:04:03 +02:00
LICENSE	Revert "Fill in the license template"	2019-11-18 12:23:10 +01:00
Makefile	main: add a --version argument	2022-07-06 09:57:24 +02:00
osbuild.spec	Post release version bump	2023-05-10 08:13:14 +00:00
README.md	README: update required Python version to 3.6	2023-04-26 11:43:13 +02:00
requirements.txt	Makefile: use pytest for nicer output	2020-12-04 18:24:48 +01:00
samples	samples: replace with symlink to test data	2021-07-12 18:44:50 +02:00
Schutzfile	Start building osbuild on RHEL 8.9 and 9.3 nightly	2023-05-04 13:34:35 +03:00
setup.cfg	build: extend pylint suppressions	2022-09-13 16:21:14 +02:00
setup.py	Post release version bump	2023-05-10 08:13:14 +00:00

README.md

OSBuild

Build-Pipelines for Operating System Artifacts

OSBuild is a pipeline-based build system for operating system artifacts. It defines a universal pipeline description and a build system to execute them, producing artifacts like operating system images, working towards an image build pipeline that is more comprehensible, reproducible, and extendable.

See the osbuild(1) man-page for details on how to run osbuild, the definition of the pipeline description, and more.

Project

Website: https://www.osbuild.org
Bug Tracker: https://github.com/osbuild/osbuild/issues
IRC: #osbuild on Libera.Chat
Changelog: https://github.com/osbuild/osbuild/releases

Contributing

Please refer to the developer guide to learn about our workflow, code style and more.

Requirements

The requirements for this project are:

bubblewrap >= 0.4.0
python >= 3.6

Additionally, the built-in stages require:

bash >= 5.0
coreutils >= 8.31
curl >= 7.68
qemu-img >= 4.2.0
rpm >= 4.15
tar >= 1.32
util-linux >= 235
skopeo

At build-time, the following software is required:

python-docutils >= 0.13
pkg-config >= 0.29

Testing requires additional software:

pytest

Install

Installing osbuild requires to not only install the osbuild module, but also additional artifacts such as tools (i.e: osbuild-mpp) sources, stages, schemas and SELinux policies.

For this reason, doing an installation from source is not trivial and the easier way to install it is to create the set of RPMs that contain all these components.

This can be done with the rpm make target, i.e:

make rpm

A set of RPMs will be created in the ./rpmbuild/RPMS/noarch/ directory and can be installed in the system using the distribution package manager, i.e:

sudo dnf install ./rpmbuild/RPMS/noarch/*.rpm

Repository:

web: https://github.com/osbuild/osbuild
https: https://github.com/osbuild/osbuild.git
ssh: git@github.com:osbuild/osbuild.git

License:

Apache-2.0
See LICENSE file for details.