particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
1290 commits 2 branches 0 tags 60 MiB
Find a file
Christian Kellner 8429b08e79 stages/oci-archive: include limited set of xattrs 
Only include a very specific set of extended attributes:
  - user.*: user specified extended attributes
  - security.ima: Integrity Measurement Architecture (IMA)
  - security.capability: Linux capabilities(7)
This follows what containers/storage[1] and containers/buildah[2]
are doing. It is important to note that we DO NOT want selinux
related extended attributes (`security.selinux`) in there, which
seems to be pulled in by some versions of `tar` even if that was
seemingly excluded via `--no-selinux`. Therefore we also exclude
selinux and xattrs explicitly from the wrapping container to
make sure they are never included.

[1] 35ebda8ae2/pkg/archive/archive.go (L399)
[2] 214e4c9335/copier/xattrs.go (L19)
2021-03-31 15:04:34 +01:00
.devcontainer devcontainer: support for vs code devcontainer 2021-01-21 19:24:25 +01:00
.github ci: update images to F33 2021-03-17 14:31:26 +00:00
assemblers assemblers: add org.osbuild.error 2021-03-09 21:40:47 +00:00
docs Docs: Document --inspect option in the man page 2021-01-17 13:07:14 +01:00
inputs inputs/ostree: use ostree prefix for temp dir 2021-03-22 14:25:23 +01:00
osbuild fmt/v1: correctly infer result from assembler 2021-03-09 21:40:47 +00:00
runners runners: add Fedora 35 runner 2021-03-17 12:13:42 +01:00
samples stages/noop: fix the schema to allow any props 2020-07-16 19:02:25 +02:00
schemas schema: add version 2 manifest schema 2021-02-12 15:55:43 +01:00
schutzbot ci: Start running image tests against 8.4 2021-03-30 11:38:47 +03:00
selinux selinux: allow nnp and nosuid transitions 2020-08-10 14:05:24 +02:00
sources sources/ostree: capture ostree output 2021-03-12 18:49:41 +01:00
stages stages/oci-archive: include limited set of xattrs 2021-03-31 15:04:34 +01:00
test stages/rpm: sort packages metadata 2021-03-17 00:32:53 +00:00
tools tools: use dnf filtering in lorax-template helper 2021-03-01 16:18:50 +01:00
.editorconfig editorconfig: include markdown specifications 2020-10-23 16:29:50 +02:00
.gitignore test: add coverity targets to the Makefile 2020-06-24 10:01:24 +02:00
.pylintrc pylint: increase max attributes to 10 2020-07-21 13:25:04 +02:00
.travis.yml ci: move test_boot to github-actions 2020-05-13 22:00:27 +02:00
LICENSE Revert "Fill in the license template" 2019-11-18 12:23:10 +01:00
Makefile test: start a new ostree integration test suite 2021-02-12 15:55:43 +01:00
NEWS.md NEWS: update for osbuild version 27 2021-03-16 21:39:22 +00:00
osbuild.spec 27 2021-03-16 21:39:22 +00:00
README.md Makefile: use pytest for nicer output 2020-12-04 18:24:48 +01:00
requirements.txt Makefile: use pytest for nicer output 2020-12-04 18:24:48 +01:00
setup.py 27 2021-03-16 21:39:22 +00:00

README.md

OSBuild

Build-Pipelines for Operating System Artifacts

OSBuild is a pipeline-based build system for operating system artifacts. It defines a universal pipeline description and a build system to execute them, producing artifacts like operating system images, working towards an image build pipeline that is more comprehensible, reproducible, and extendable.

See the osbuild(1) man-page for details on how to run osbuild, the definition of the pipeline description, and more.

Project

Requirements

The requirements for this project are:

  • bubblewrap >= 0.4.0
  • python >= 3.7

Additionally, the built-in stages require:

  • bash >= 5.0
  • coreutils >= 8.31
  • curl >= 7.68
  • qemu-img >= 4.2.0
  • rpm >= 4.15
  • tar >= 1.32
  • util-linux >= 235

At build-time, the following software is required:

  • python-docutils >= 0.13
  • pkg-config >= 0.29

Testing requires additional software:

  • pytest

Build

The standard python package system is used. Consult upstream documentation for detailed help. In most situations the following commands are sufficient to build and install from source:

python setup.py build
python setup.py install --skip-build --root=/

The man-pages require python-docutils and can be built via:

rst2man docs/<input-file>.rst <output-file>

Repository:

License:

  • Apache-2.0
  • See LICENSE file for details.