particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
3001 commits 2 branches 0 tags 60 MiB
Find a file
Achilleas Koutsou f255fba09f stage/systemd.unit.create: move systemd-analyze verify to tests 
Verifying the systemd unit also checks if any referred systemd units
(Wants, Requires, After) exist and if all commands in Exec exist and are
executable.  Without '--root', the systemd-analyze verify command is
testing this against files in the build root, which isn't valid.

Units and binaries might not exist in the build root when referenced in
the image root tree, making the unit fail when when it's valid.
Conversely, the verification can succeed by finding executables in the
build root that don't exist in the image root tree when it should be
failing.

When verifying user units, systemd expects runtime directories.

All of this makes it quite difficult to verify systemd units properly
when building an image.  The call is useful for making sure the unit is
structured properly, but the user unit verification setup is difficult
to accomplish in a general way while building.

Remove the systemd-analyze verify step from the stage.  Move it to the
unit test so that we have some assurance that our unit file structure is
correct and things work as expected.  Create referenced unit files and
commands to make the unit valid.
2024-04-18 17:20:57 +02:00
.devcontainer devcontainer: fix json file 2024-03-26 01:20:37 +01:00
.github workflow: simplify unit test running in the GH workflow 2024-04-16 15:16:49 +02:00
assemblers tox: add tox 2023-08-01 15:01:13 +02:00
data devices: add custom udev rule inhibitor mechanism 2021-12-09 00:44:21 +00:00
devices devices/loopback: enable partition scanning as an option 2023-12-22 10:18:29 -05:00
docs doc: document the new json-sequence monitor 2024-03-13 17:27:39 +01:00
inputs testutil: extract find_one_subclass_in_module() helper 2024-04-03 11:36:01 +02:00
mounts mounts: implement new org.osbuild.bind mount 2024-04-11 17:40:21 +02:00
osbuild testutil: skip tests for missing ThreadingHTTPServer in py36 2024-04-16 15:16:49 +02:00
runners runners: add debian runner (based on ubuntu1804) 2024-01-02 18:40:31 +01:00
schemas schemas: reformat json files for consistencyo 2024-03-26 01:20:37 +01:00
schutzbot Migrate manifest tests to new RHEL GA version 2024-03-21 15:46:48 +01:00
selinux docs: document osbuild and selinux integration 2021-10-01 11:02:32 +02:00
sources testutil: skip tests for missing ThreadingHTTPServer in py36 2024-04-16 15:16:49 +02:00
stages stage/systemd.unit.create: move systemd-analyze verify to tests 2024-04-18 17:20:57 +02:00
test meta: automatically allow devices as input in the stages schemas 2024-04-16 08:04:43 +02:00
tools tools: fix error when releasever cannot be found 2024-04-18 10:17:22 +02:00
.bandit lint: provide bandit configuration 2023-04-23 21:44:46 +02:00
.editorconfig editorconfig: include markdown specifications 2020-10-23 16:29:50 +02:00
.git-blame-ignore-revs git: ignore isort commit 2022-09-12 13:32:51 +02:00
.gitignore tox: add tox 2023-08-01 15:01:13 +02:00
.gitlab-ci.yml Disable F40 CI (CVE-2024-3094 response) 2024-03-31 17:10:13 +02:00
.mypy.ini util/containers: read host config 2024-02-21 17:55:37 +01:00
.packit.yaml Packit: make COPR builds for new releases in a dedicated project 2023-11-30 14:23:15 +01:00
.ruff.toml meta: rename -meta.json to .meta.json 2024-03-14 13:37:57 +01:00
LICENSE Revert "Fill in the license template" 2019-11-18 12:23:10 +01:00
Makefile Makefile: make sure that make test-all really runs all tests 2024-04-18 08:35:05 +02:00
osbuild.spec Post release version bump 2024-04-15 09:09:06 +00:00
README.md Fix developer guide link in README.md 2024-02-20 23:45:20 -08:00
requirements.txt Makefile: use pytest for nicer output 2020-12-04 18:24:48 +01:00
samples samples: replace with symlink to test data 2021-07-12 18:44:50 +02:00
Schutzfile schutzfile: Update snapshots to 20240415 2024-04-15 13:48:53 +02:00
setup.cfg tox: add tox 2023-08-01 15:01:13 +02:00
setup.py Post release version bump 2024-04-15 09:09:06 +00:00
tox.ini tox,workflow: pass tests to run via tox {posargs} instead of env 2024-04-16 15:16:49 +02:00

README.md

OSBuild

Build-Pipelines for Operating System Artifacts

OSBuild is a pipeline-based build system for operating system artifacts. It defines a universal pipeline description and a build system to execute them, producing artifacts like operating system images, working towards an image build pipeline that is more comprehensible, reproducible, and extendable.

See the osbuild(1) man-page for details on how to run osbuild, the definition of the pipeline description, and more.

Project

Principles

  1. OSBuild stages are never broken, only deprecated. The same manifest should always produce the same output.
  2. OSBuild stages should be explicit whenever possible instead of e.g. relying on the state of the tree.
  3. Pipelines are independent, so the tree is expected to be empty at the beginning of each.
  4. Manifests are expected to be machine-generated, so OSBuild has no convenience functions to support manually created manifests.
  5. The build environment is confined against accidental misuse, but this should not be considered a security boundary.
  6. OSBuild may only use Python language features supported by the oldest target distribution.

Contributing

Please refer to the developer guide to learn about our workflow, code style and more.

Requirements

The requirements for this project are:

  • bubblewrap >= 0.4.0
  • python >= 3.6

Additionally, the built-in stages require:

  • bash >= 5.0
  • coreutils >= 8.31
  • curl >= 7.68
  • qemu-img >= 4.2.0
  • rpm >= 4.15
  • tar >= 1.32
  • util-linux >= 235
  • skopeo

At build-time, the following software is required:

  • python-docutils >= 0.13
  • pkg-config >= 0.29

Testing requires additional software:

  • pytest

Build

Osbuild is a python script so it is not compiled. To verify changes made to the code use included makefile rules:

  • make lint to run linter on top of the code
  • make test-all to run base set of tests
  • sudo make test-run to run extended set of tests (takes long time)

Installation

Installing osbuild requires to not only install the osbuild module, but also additional artifacts such as tools (i.e: osbuild-mpp) sources, stages, schemas and SELinux policies.

For this reason, doing an installation from source is not trivial and the easier way to install it is to create the set of RPMs that contain all these components.

This can be done with the rpm make target, i.e:

make rpm

A set of RPMs will be created in the ./rpmbuild/RPMS/noarch/ directory and can be installed in the system using the distribution package manager, i.e:

sudo dnf install ./rpmbuild/RPMS/noarch/*.rpm

Repository

License

  • Apache-2.0
  • See LICENSE file for details.