From a65d17ba4edd6268e98b470fca2c221ea40c21d4 Mon Sep 17 00:00:00 2001 From: Sanne Raymaekers Date: Wed, 5 Feb 2025 14:05:59 +0100 Subject: [PATCH] api: Add osbuild-composer's cloudapi --- api/codegen.sh | 1 + api/config/composerCloudApi.ts | 17 + api/pull.sh | 2 + api/schema/composerCloudApi.v2.yaml | 2518 +++++++++++++++++++++++++++ 4 files changed, 2538 insertions(+) create mode 100644 api/config/composerCloudApi.ts create mode 100644 api/schema/composerCloudApi.v2.yaml diff --git a/api/codegen.sh b/api/codegen.sh index 418db166..a0bd9ff4 100644 --- a/api/codegen.sh +++ b/api/codegen.sh @@ -7,6 +7,7 @@ npx @rtk-query/codegen-openapi ./api/config/contentSources.ts & npx @rtk-query/codegen-openapi ./api/config/provisioning.ts & npx @rtk-query/codegen-openapi ./api/config/edge.ts & npx @rtk-query/codegen-openapi ./api/config/compliance.ts & +npx @rtk-query/codegen-openapi ./api/config/composerCloudApi.ts & # Wait for all background jobs to finish wait diff --git a/api/config/composerCloudApi.ts b/api/config/composerCloudApi.ts new file mode 100644 index 00000000..ac6e3396 --- /dev/null +++ b/api/config/composerCloudApi.ts @@ -0,0 +1,17 @@ +import type { ConfigFile } from '@rtk-query/codegen-openapi'; + +const config: ConfigFile = { + schemaFile: '../schema/composerCloudApi.v2.yaml', + apiFile: '../../src/store/cockpit/emptyComposerCloudApi.ts', + apiImport: 'emptyComposerCloudApi', + outputFile: '../../src/store/cockpit/composerCloudApi.ts', + exportName: 'composerCloudApi', + hooks: false, + unionUndefined: true, + filterEndpoints: [ + 'postCompose', + 'getComposeStatus', + ], +}; + +export default config; diff --git a/api/pull.sh b/api/pull.sh index a6c7faf3..d9bd0105 100644 --- a/api/pull.sh +++ b/api/pull.sh @@ -6,3 +6,5 @@ curl https://raw.githubusercontent.com/osbuild/image-builder/main/internal/v1/ap curl https://console.redhat.com/api/compliance/v2/openapi.json -o ./api/schema/compliance.json curl https://console.redhat.com/api/content-sources/v1/openapi.json -o ./api/schema/contentSources.json + +curl https://raw.githubusercontent.com/osbuild/osbuild-composer/main/internal/cloudapi/v2/openapi.v2.yml -o ./api/schema/composerCloudApi.v2.yaml diff --git a/api/schema/composerCloudApi.v2.yaml b/api/schema/composerCloudApi.v2.yaml new file mode 100644 index 00000000..a6d90f43 --- /dev/null +++ b/api/schema/composerCloudApi.v2.yaml @@ -0,0 +1,2518 @@ +--- +openapi: 3.0.1 +info: + version: '2' + title: OSBuild Composer cloud api + description: Service to build and install images. + license: + name: Apache 2.0 + url: https://www.apache.org/licenses/LICENSE-2.0.html + +servers: +- url: https://api.openshift.com/api/image-builder-composer/v2 + description: Main (production) server +- url: https://api.stage.openshift.com/api/image-builder-composer/v2 + description: Staging server +- url: /api/image-builder-composer/v2 + description: current domain + +paths: + /openapi: + get: + operationId: getOpenapi + summary: Get the openapi spec in json format + security: + - Bearer: [] + responses: + '200': + description: openapi spec in json format + content: + application/json: + schema: + type: object + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /composes/: + get: + operationId: getComposeList + summary: The list of composes + security: + - Bearer: [] + description: |- + Get the list of composes. They may be completed, uploaded, + locally saved, or failed. + responses: + '200': + description: list of composes + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeList' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /composes/{id}: + get: + operationId: getComposeStatus + summary: The status of a compose + security: + - Bearer: [] + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: '123e4567-e89b-12d3-a456-426655440000' + required: true + description: ID of compose status to get + description: |- + Get the status of a running or completed compose. + This includes whether or not the compose succeeded. + responses: + '200': + description: compose status + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeStatus' + '400': + description: Invalid compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /composes/{id}/metadata: + get: + operationId: getComposeMetadata + summary: Get the metadata for a compose. + security: + - Bearer: [] + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: 123e4567-e89b-12d3-a456-426655440000 + required: true + description: ID of compose status to get + description: |- + Get the metadata of a finished compose. + The exact information returned depends on the requested image type. + responses: + '200': + description: The metadata for the given compose. + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeMetadata' + '400': + description: Invalid compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '/composes/{id}/logs': + get: + operationId: getComposeLogs + summary: Get logs for a compose. + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: 123e4567-e89b-12d3-a456-426655440000 + required: true + description: ID of compose status to get + description: 'Get the status of a running or finished compose. This includes whether or not it succeeded, and also meta information about the result.' + responses: + '200': + description: The logs for the given compose, in no particular format (though valid JSON). + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeLogs' + '400': + description: Invalid compose id + content: + text/plain: + schema: + type: string + '404': + description: Unknown compose id + content: + text/plain: + schema: + type: string + '/composes/{id}/manifests': + get: + operationId: getComposeManifests + summary: Get the manifests for a compose. + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: 123e4567-e89b-12d3-a456-426655440000 + required: true + description: ID of compose status to get + description: 'Get the manifests of a running or finished compose. Returns one manifest for each image in the request. Each manifest conforms to the format defined at https://www.osbuild.org/man/osbuild-manifest.5' + responses: + '200': + description: The manifest for the given compose. + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeManifests' + '400': + description: Invalid compose id + content: + text/plain: + schema: + type: string + '404': + description: Unknown compose id + content: + text/plain: + schema: + type: string + + '/composes/{id}/sboms': + get: + operationId: getComposeSBOMs + summary: Get the SBOMs for a compose. + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: 123e4567-e89b-12d3-a456-426655440000 + required: true + description: ID of compose for which to get SBOMs + description: |- + Returns a set of SBOM documents for each image in the request. + SBOM documents are in the SPDX format. + responses: + '200': + description: The SBOMs for the given compose. + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeSBOMs' + '400': + description: Invalid compose id + content: + text/plain: + schema: + type: string + '404': + description: Unknown compose id + content: + text/plain: + schema: + type: string + + /composes/{id}/clone: + post: + operationId: postCloneCompose + summary: Clone an existing compose + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: 123e4567-e89b-12d3-a456-426655440000 + required: true + description: ID of the compose + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/CloneComposeBody' + responses: + '201': + description: The new image is being created + content: + application/json: + schema: + $ref: '#/components/schemas/CloneComposeResponse' + '400': + description: Invalid compose id + content: + text/plain: + schema: + type: string + '404': + description: Unknown compose id + content: + text/plain: + schema: + type: string + + /clones/{id}: + get: + operationId: getCloneStatus + summary: The status of a cloned compose + security: + - Bearer: [] + parameters: + - in: path + name: id + schema: + type: string + format: uuid + example: '123e4567-e89b-12d3-a456-426655440000' + required: true + description: ID of image status to get + description: |- + Get the status of a running or completed image from a compose. + This includes whether or not the image creation succeeded. + responses: + '200': + description: image status + content: + application/json: + schema: + $ref: '#/components/schemas/CloneStatus' + '400': + description: Invalid compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /compose: + post: + operationId: postCompose + summary: Create compose + description: Create a new compose, potentially consisting of several images and upload each to their destinations. + security: + - Bearer: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeRequest' + responses: + '201': + description: Compose has started + content: + application/json: + schema: + $ref: '#/components/schemas/ComposeId' + '400': + description: Invalid compose request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown compose id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /depsolve/blueprint: + post: + operationId: postDepsolveBlueprint + summary: Depsolve one or more blueprints + security: + - Bearer: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/DepsolveRequest' + responses: + '200': + description: Depsolved package list + content: + application/json: + schema: + $ref: '#/components/schemas/DepsolveResponse' + '400': + description: Invalid depsolve request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /search/packages: + post: + operationId: postSearchPackages + summary: Search for detailed information on a list of package names + security: + - Bearer: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/SearchPackagesRequest' + responses: + '200': + description: Search response with package details + content: + application/json: + schema: + $ref: '#/components/schemas/SearchPackagesResponse' + '400': + description: Invalid search request + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /distributions: + get: + operationId: getDistributionList + summary: |- + Get all of the supported distribution repository details + security: + - Bearer: [] + responses: + '200': + description: Distribution repositories + content: + application/json: + schema: + $ref: '#/components/schemas/DistributionList' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /errors/{id}: + get: + operationId: getError + summary: Get error description + description: Get an instance of the error specified by id + security: + - Bearer: [] + parameters: + - in: path + name: id + schema: + type: string + example: '13' + required: true + description: ID of the error + responses: + '200': + description: Error description + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown error id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + + /errors: + get: + operationId: getErrorList + summary: Get a list of all possible errors + security: + - Bearer: [] + parameters: + - $ref: '#/components/parameters/page' + - $ref: '#/components/parameters/size' + responses: + '200': + description: A list of errors + content: + application/json: + schema: + $ref: '#/components/schemas/ErrorList' + '401': + description: Auth token is invalid + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '403': + description: Unauthorized to perform operation + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '404': + description: Unknown error id + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + '500': + description: Unexpected error occurred + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + +components: + schemas: + ObjectReference: + type: object + required: + - id + - kind + - href + properties: + id: + type: string + kind: + type: string + href: + type: string + + List: + type: object + properties: + kind: + type: string + page: + type: integer + size: + type: integer + total: + type: integer + required: + - kind + - page + - size + - total + - items + + Error: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - code + - reason + - operation_id + properties: + code: + type: string + reason: + type: string + operation_id: + type: string + details: {} + + ErrorList: + allOf: + - $ref: '#/components/schemas/List' + - type: object + required: + - items + properties: + items: + type: array + items: + $ref: '#/components/schemas/Error' + + ComposeList: + allOf: + - $ref: '#/components/schemas/List' + - type: object + required: + - items + properties: + items: + type: array + items: + $ref: '#/components/schemas/ComposeStatus' + + DistributionList: + properties: + map: + type: object + description: Distribution name + additionalProperties: + map: + type: object + description: Architecture name + additionalProperties: + map: + type: object + description: Image type name + additionalProperties: + type: array + description: Repository used for this distro:arch:image-type + items: + $ref: '#/components/schemas/BlueprintRepository' + + ComposeStatus: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - status + - image_status + properties: + status: + $ref: '#/components/schemas/ComposeStatusValue' + image_status: + $ref: '#/components/schemas/ImageStatus' + image_statuses: + type: array + items: + $ref: '#/components/schemas/ImageStatus' + koji_status: + $ref: '#/components/schemas/KojiStatus' + ComposeStatusValue: + type: string + enum: + - success + - failure + - pending + example: success + ComposeLogs: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - image_builds + properties: + image_builds: + type: array + items: + type: object + x-go-type: interface{} + koji: + $ref: '#/components/schemas/KojiLogs' + KojiLogs: + type: object + required: + - init + - import + properties: + init: {} + import: {} + ComposeManifests: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - manifests + properties: + manifests: + type: array + items: + type: object + x-go-type: interface{} + ImageSBOM: + required: + - sbom + - sbom_type + - pipeline_name + - pipeline_purpose + properties: + sbom: + type: object + x-go-type: interface{} + description: |- + The SBOM document in the 'sbom_type' format. + sbom_type: + type: string + enum: ["spdx"] + description: |- + The type of the SBOM document. Currently only SPDX is supported. + pipeline_name: + type: string + description: |- + The name of the osbuild pipeline which has the packages described + in the SBOM installed. + pipeline_purpose: + type: string + enum: ["buildroot", "image"] + description: |- + The purpose of the pipeline. The `buildroot` pipeline was used for + the build environment dueing the image build. The `image` pipeline + represents the actual content of the image. Due to the nature of + some image types, there may be multiple pipelines of the same + purpose. + ComposeSBOMs: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - items + properties: + items: + type: array + description: |- + The SBOM documents for each image built in the compose. + items: + type: array + description: |- + The SBOM documents for the given image. Each image usually has + at least two SBOMs, one for the build environment and one for the + actual content of the image. + items: + $ref: '#/components/schemas/ImageSBOM' + ImageStatus: + required: + - status + properties: + status: + $ref: '#/components/schemas/ImageStatusValue' + upload_status: + $ref: '#/components/schemas/UploadStatus' + upload_statuses: + type: array + items: + $ref: '#/components/schemas/UploadStatus' + error: + $ref: '#/components/schemas/ComposeStatusError' + ComposeStatusError: + required: + - id + - reason + properties: + id: + type: integer + reason: + type: string + details: {} + ImageStatusValue: + type: string + enum: ['success', 'failure', 'pending', 'building', 'uploading', 'registering'] + UploadStatus: + required: + - status + - type + - options + properties: + status: + $ref: '#/components/schemas/UploadStatusValue' + type: + $ref: '#/components/schemas/UploadTypes' + options: + oneOf: + - $ref: '#/components/schemas/AWSEC2UploadStatus' + - $ref: '#/components/schemas/AWSS3UploadStatus' + - $ref: '#/components/schemas/GCPUploadStatus' + - $ref: '#/components/schemas/AzureUploadStatus' + - $ref: '#/components/schemas/ContainerUploadStatus' + - $ref: '#/components/schemas/OCIUploadStatus' + - $ref: '#/components/schemas/PulpOSTreeUploadStatus' + - $ref: '#/components/schemas/LocalUploadStatus' + UploadStatusValue: + type: string + enum: ['success', 'failure', 'pending', 'running'] + UploadTypes: + type: string + enum: + - aws + - aws.s3 + - gcp + - azure + - container + - oci.objectstorage + - pulp.ostree + - local + AWSEC2UploadStatus: + type: object + required: + - ami + - region + properties: + ami: + type: string + example: 'ami-0c830793775595d4b' + region: + type: string + example: 'eu-west-1' + AWSS3UploadStatus: + type: object + required: + - url + properties: + url: + type: string + GCPUploadStatus: + type: object + required: + - project_id + - image_name + properties: + project_id: + type: string + example: 'ascendant-braid-303513' + image_name: + type: string + example: 'my-image' + AzureUploadStatus: + type: object + required: + - image_name + properties: + image_name: + type: string + example: 'my-image' + KojiStatus: + type: object + properties: + build_id: + type: integer + example: 42 + ContainerUploadStatus: + type: object + additionalProperties: false + required: + - url + - digest + properties: + url: + type: string + example: 'quay.io/myaccount/osbuild:latest' + description: | + FQDN of the uploaded image + digest: + type: string + description: | + Digest of the manifest of the uploaded container on the registry + OCIUploadStatus: + type: object + required: + - url + properties: + url: + type: string + PulpOSTreeUploadStatus: + type: object + required: + - repo_url + properties: + repo_url: + type: string + LocalUploadStatus: + type: object + required: + - artifact_path + properties: + artifact_path: + type: string + ComposeMetadata: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + properties: + packages: + type: array + items: + $ref: '#/components/schemas/PackageMetadata' + description: 'Package list including NEVRA' + ostree_commit: + type: string + description: 'ID (hash) of the built commit' + PackageMetadata: + required: + - type + - name + - version + - release + - arch + properties: + type: + type: string + name: + type: string + version: + type: string + release: + type: string + epoch: + type: string + arch: + type: string + sigmd5: + type: string + signature: + type: string + checksum: + type: string + description: 'Optional package checksum using ALGO:HASH form' + example: 'sha256:525788de3dd44497c27d4172568366b20380a6b6707f0a1970473e4d97046a4f' + + ComposeRequest: + additionalProperties: false + required: + - distribution + not: {required: ['customizations', 'blueprint']} + properties: + distribution: + type: string + example: 'rhel-8' + image_request: + $ref: '#/components/schemas/ImageRequest' + image_requests: + type: array + items: + $ref: '#/components/schemas/ImageRequest' + customizations: + $ref: '#/components/schemas/Customizations' + koji: + $ref: '#/components/schemas/Koji' + blueprint: + $ref: '#/components/schemas/Blueprint' + ImageRequest: + additionalProperties: false + required: + - architecture + - image_type + - repositories + properties: + architecture: + type: string + example: 'x86_64' + image_type: + $ref: '#/components/schemas/ImageTypes' + repositories: + type: array + items: + $ref: '#/components/schemas/Repository' + ostree: + $ref: '#/components/schemas/OSTree' + upload_targets: + type: array + description: | + The type and options for multiple upload targets. Each item defines + a separate upload destination with its own options. Multiple + different targets as well as multiple targets of the same kind are + supported. + items: + $ref: '#/components/schemas/UploadTarget' + upload_options: + description: | + Top level upload options for a single upload target. If this is + defined, it is used with the default target type for the image type + and is combined with the targets defined in upload_targets. + $ref: '#/components/schemas/UploadOptions' + size: + x-go-type: uint64 + default: 0 + example: 4294967296 + description: | + Size of image, in bytes. When set to 0 the image size is a minimum + defined by the image type. + ImageTypes: + type: string + enum: + - aws + - aws-ha-rhui + - aws-rhui + - aws-sap-rhui + - azure + - azure-eap7-rhui + - azure-rhui + - azure-sap-rhui + - edge-commit + - edge-container + - edge-installer + - gcp + - gcp-rhui + - guest-image + - image-installer + - iot-bootable-container + - iot-commit + - iot-container + - iot-installer + - iot-raw-image + - iot-simplified-installer + - live-installer + - minimal-raw + - oci + - vsphere + - vsphere-ova + - wsl + Repository: + type: object + description: | + Repository configuration. + At least one of the 'baseurl', 'mirrorlist', 'metalink' properties must + be specified. If more of them are specified, the order of precedence is + the same as listed above. + properties: + rhsm: + type: boolean + default: false + description: 'Determines whether a valid subscription is required to access this repository.' + baseurl: + type: string + format: uri + example: 'https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/' + mirrorlist: + type: string + format: uri + example: 'http://mirrorlist.centos.org/?release=8-stream&arch=aarch64&repo=BaseOS' + metalink: + type: string + format: uri + example: 'https://mirrors.fedoraproject.org/metalink?repo=fedora-32&arch=x86_64' + gpgkey: + type: string + example: "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmQINBGAcScoBEADLf8YHkezJ6adlMYw7aGGIlJalt8Jj2x/B2K+hIfIuxGtpVj7e\nLRgDU76jaT5pVD5mFMJ3pkeneR/cTmqqQkNyQshX2oQXwEzUSb1CNMCfCGgkX8Q2\nzZkrIcCrF0Q2wrKblaudhU+iVanADsm18YEqsb5AU37dtUrM3QYdWg9R+XiPfV8R\nKBjT03vVBOdMSsY39LaCn6Ip1Ovp8IEo/IeEVY1qmCOPAaK0bJH3ufg4Cueks+TS\nwQWTeCLxuZL6OMXoOPKwvMQfxbg1XD8vuZ0Ktj/cNH2xau0xmsAu9HJpekvOPRxl\nyqtjyZfroVieFypwZgvQwtnnM8/gSEu/JVTrY052mEUT7Ccb74kcHFTFfMklnkG/\n0fU4ARa504H3xj0ktbe3vKcPXoPOuKBVsHSv00UGYAyPeuy+87cU/YEhM7k3SVKj\n6eIZgyiMO0wl1YGDRKculwks9A+ulkg1oTb4s3zmZvP07GoTxW42jaK5WS+NhZee\n860XoVhbc1KpS+jfZojsrEtZ8PbUZ+YvF8RprdWArjHbJk2JpRKAxThxsQAsBhG1\n0Lux2WaMB0g2I5PcMdJ/cqjo08ccrjBXuixWri5iu9MXp8qT/fSzNmsdIgn8/qZK\ni8Qulfu77uqhW/wt2btnitgRsqjhxMujYU4Zb4hktF8hKU/XX742qhL5KwARAQAB\ntDFGZWRvcmEgKDM1KSA8ZmVkb3JhLTM1LXByaW1hcnlAZmVkb3JhcHJvamVjdC5v\ncmc+iQJOBBMBCAA4FiEEeH6mrhFH7uVsQLMM20Y5cZhnxY8FAmAcScoCGw8FCwkI\nBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ20Y5cZhnxY+NYA/7BYpglySAZYHhjyKh\n/+f6zPfVvbH20Eq3kI7OFBN0nLX+BU1muvS+qTuS3WLrB3m3GultpKREJKLtm5ED\n1rGzXAoT1yp9YI8LADdMCCOyjAjsoWU87YUuC+/bnjrTeR2LROCfyPC76W985iOV\nm5S+bsQDw7C2LrldAM4MDuoyZ1SitGaZ4KQLVt+TEa14isYSGCjzo7PY8V3JOk50\ngqWg82N/bm2EzS7T83WEDb1lvj4IlvxgIqKeg11zXYxmrYSZJJCfvzf+lNS6uxgH\njx/J0ylZ2LibGr6GAAyO9UWrAZSwSM0EcjT8wECnxkSDuyqmWwVvNBXuEIV8Oe3Y\nMiU1fJN8sd7DpsFx5M+XdnMnQS+HrjTPKD3mWrlAdnEThdYV8jZkpWhDys3/99eO\nhk0rLny0jNwkauf/iU8Oc6XvMkjLRMJg5U9VKyJuWWtzwXnjMN5WRFBqK4sZomMM\nftbTH1+5ybRW/A3vBbaxRW2t7UzNjczekSZEiaLN9L/HcJCIR1QF8682DdAlEF9d\nk2gQiYSQAaaJ0JJAzHvRkRJLLgK2YQYiHNVy2t3JyFfsram5wSCWOfhPeIyLBTZJ\nvrpNlPbefsT957Tf2BNIugzZrC5VxDSKkZgRh1VGvSIQnCyzkQy6EU2qPpiW59G/\nhPIXZrKocK3KLS9/izJQTRltjMA=\n=PfT7\n-----END PGP PUBLIC KEY BLOCK-----\n" + description: 'GPG key used to sign packages in this repository.' + check_gpg: + type: boolean + check_repo_gpg: + type: boolean + default: false + description: | + Enables gpg verification of the repository metadata + ignore_ssl: + type: boolean + module_hotfixes: + type: boolean + default: false + description: | + Disables modularity filtering for this repository. + package_sets: + type: array + example: ["build", "os"] + items: + type: string + description: | + Naming package sets for a repository assigns it to a specific part + (pipeline) of the build process. + CustomRepository: + type: object + required: + - id + properties: + id: + type: string + name: + type: string + filename: + type: string + baseurl: + type: array + items: + type: string + format: uri + example: 'https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/' + mirrorlist: + type: string + format: uri + example: 'http://mirrorlist.centos.org/?release=8-stream&arch=aarch64&repo=BaseOS' + metalink: + type: string + format: uri + example: 'https://mirrors.fedoraproject.org/metalink?repo=fedora-32&arch=x86_64' + enabled: + type: boolean + gpgkey: + type: array + items: + type: string + check_gpg: + type: boolean + check_repo_gpg: + type: boolean + ssl_verify: + type: boolean + priority: + type: integer + module_hotfixes: + type: boolean + BlueprintRepository: + type: object + required: + - id + properties: + id: + type: string + baseurls: + type: array + items: + type: string + format: uri + example: 'https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/' + gpgkeys: + type: array + items: + type: string + metalink: + type: string + format: uri + example: 'https://mirrors.fedoraproject.org/metalink?repo=fedora-32&arch=x86_64' + mirrorlist: + type: string + format: uri + example: 'http://mirrorlist.centos.org/?release=8-stream&arch=aarch64&repo=BaseOS' + name: + type: string + priority: + type: integer + enabled: + type: boolean + gpgcheck: + type: boolean + repo_gpgcheck: + type: boolean + sslverify: + type: boolean + filename: + type: string + module_hotfixes: + type: boolean + description: | + Disables modularity filtering for this repository. + OpenSCAP: + type: object + required: + - profile_id + properties: + policy_id: + type: string + format: uuid + description: | + Puts a specified policy ID in the RHSM facts, so that any instances registered to + insights will be automatically connected to the compliance policy in the console. + profile_id: + type: string + tailoring: + $ref: '#/components/schemas/OpenSCAPTailoring' + json_tailoring: + $ref: '#/components/schemas/OpenSCAPJSONTailoring' + BlueprintOpenSCAP: + type: object + required: + - profile_id + properties: + policy_id: + type: string + format: uuid + description: | + Puts a specified policy ID in the RHSM facts, so that any instances registered to + insights will be automatically connected to the compliance policy in the console. + profile_id: + type: string + datastream: + type: string + tailoring: + $ref: '#/components/schemas/OpenSCAPTailoring' + json_tailoring: + $ref: '#/components/schemas/OpenSCAPJSONTailoring' + OpenSCAPTailoring: + type: object + properties: + selected: + type: array + items: + type: string + unselected: + type: array + items: + type: string + OpenSCAPJSONTailoring: + type: object + required: + - profile_id + - filepath + properties: + profile_id: + type: string + filepath: + type: string + Installer: + type: object + properties: + unattended: + type: boolean + sudo-nopasswd: + type: array + items: + type: string + ImportKeys: + type: object + properties: + files: + type: array + items: + type: string + RPMCustomization: + type: object + properties: + import_keys: + $ref: '#/components/schemas/ImportKeys' + DNFPluginConfig: + type: object + properties: + enabled: + type: boolean + SubManDNFPluginsConfig: + type: object + properties: + product_id: + $ref: '#/components/schemas/DNFPluginConfig' + subscription_manager: + $ref: '#/components/schemas/DNFPluginConfig' + SubManRHSMConfig: + type: object + properties: + manage_repos: + type: boolean + SubManRHSMCertdConfig: + type: object + properties: + auto_registration: + type: boolean + SubManConfig: + type: object + properties: + rhsm: + $ref: '#/components/schemas/SubManRHSMConfig' + rhsmcertd: + $ref: '#/components/schemas/SubManRHSMCertdConfig' + RHSMConfig: + type: object + properties: + dnf_plugins: + $ref: '#/components/schemas/SubManDNFPluginsConfig' + subscription_manager: + $ref: '#/components/schemas/SubManConfig' + RHSMCustomization: + type: object + properties: + config: + $ref: '#/components/schemas/RHSMConfig' + CACertsCustomization: + type: object + additionalProperties: false + required: + - pem_certs + properties: + pem_certs: + type: array + example: ['---BEGIN CERTIFICATE---\nMIIC0DCCAbigAwIBAgIUI...\n---END CERTIFICATE---'] + items: + type: string + UploadTarget: + type: object + required: + - type + - upload_options + properties: + type: + $ref: '#/components/schemas/UploadTypes' + description: | + The name of the upload target that matches the upload_options. + upload_options: + $ref: '#/components/schemas/UploadOptions' + UploadOptions: + anyOf: + - $ref: '#/components/schemas/AWSEC2UploadOptions' + - $ref: '#/components/schemas/AWSS3UploadOptions' + - $ref: '#/components/schemas/GCPUploadOptions' + - $ref: '#/components/schemas/AzureUploadOptions' + - $ref: '#/components/schemas/ContainerUploadOptions' + - $ref: '#/components/schemas/LocalUploadOptions' + - $ref: '#/components/schemas/OCIUploadOptions' + - $ref: '#/components/schemas/PulpOSTreeUploadOptions' + description: | + Options for a given upload destination. + This should really be oneOf but AWSS3UploadOptions is a subset of + AWSEC2UploadOptions. This means that all AWSEC2UploadOptions objects + are also valid AWSS3UploadOptionas objects which violates the oneOf + rules. Therefore, we have to use anyOf here but be aware that it isn't + possible to mix and match more schemas together. + LocalUploadOptions: + type: object + additionalProperties: false + properties: {} + AWSEC2UploadOptions: + type: object + additionalProperties: false + required: + - region + - share_with_accounts + properties: + region: + type: string + example: 'eu-west-1' + snapshot_name: + type: string + example: 'my-snapshot' + share_with_accounts: + type: array + example: ['123456789012'] + items: + type: string + AWSS3UploadOptions: + type: object + additionalProperties: false + required: + - region + properties: + region: + type: string + example: 'eu-west-1' + public: + type: boolean + default: false + description: | + If set to false (the default value), a long, obfuscated URL + is returned. Its expiration might be sooner than for other upload + targets. + + If set to true, a shorter URL is returned and + its expiration is the same as for the other upload targets. + OCIUploadOptions: + type: object + additionalProperties: false + GCPUploadOptions: + type: object + additionalProperties: false + required: + - region + properties: + region: + type: string + example: 'eu' + description: | + The GCP region where the OS image will be imported to and shared from. + The value must be a valid GCP location. See https://cloud.google.com/storage/docs/locations. + If not specified, the multi-region location closest to the source + (source Storage Bucket location) is chosen automatically. + bucket: + type: string + example: 'my-example-bucket' + description: 'Name of an existing STANDARD Storage class Bucket.' +# don't expose the os type for now +# os: +# type: string +# example: 'rhel-8-byol' +# description: 'OS of the disk image being imported needed for installation of GCP guest tools.' + image_name: + type: string + example: 'my-image' + description: | + The name to use for the imported and shared Compute Engine image. + The image name must be unique within the GCP project, which is used + for the OS image upload and import. If not specified a random + 'composer-api-' string is used as the image name. + share_with_accounts: + type: array + example: [ + 'user:alice@example.com', + 'serviceAccount:my-other-app@appspot.gserviceaccount.com', + 'group:admins@example.com', + 'domain:example.com' + ] + description: | + List of valid Google accounts to share the imported Compute Engine image with. + Each string must contain a specifier of the account type. Valid formats are: + - 'user:{emailid}': An email address that represents a specific + Google account. For example, 'alice@example.com'. + - 'serviceAccount:{emailid}': An email address that represents a + service account. For example, 'my-other-app@appspot.gserviceaccount.com'. + - 'group:{emailid}': An email address that represents a Google group. + For example, 'admins@example.com'. + - 'domain:{domain}': The G Suite domain (primary) that represents all + the users of that domain. For example, 'google.com' or 'example.com'. + If not specified, the imported Compute Engine image is not shared with any + account. + items: + type: string + AzureUploadOptions: + type: object + additionalProperties: false + required: + - tenant_id + - subscription_id + - resource_group + properties: + tenant_id: + type: string + example: '5c7ef5b6-1c3f-4da0-a622-0b060239d7d7' + description: | + ID of the tenant where the image should be uploaded. + How to find it in the Azure Portal: + https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-to-find-tenant + subscription_id: + type: string + example: '4e5d8b2c-ab24-4413-90c5-612306e809e2' + description: | + ID of subscription where the image should be uploaded. + resource_group: + type: string + example: 'ToucanResourceGroup' + description: | + Name of the resource group where the image should be uploaded. + location: + type: string + example: 'westeurope' + description: | + Location of the provided resource_group, where the image should be uploaded and registered. + How to list all locations: + https://docs.microsoft.com/en-us/cli/azure/account?view=azure-cli-latest#az_account_list_locations' + If the location is not specified, it is deducted from the provided resource_group. + image_name: + type: string + example: 'my-image' + description: | + Name of the uploaded image. It must be unique in the given resource group. + If name is omitted from the request, a random one based on a UUID is + generated. + hyper_v_generation: + type: string + enum: + - V1 + - V2 + default: V1 + description: | + Choose the VM Image HyperV generation, different features on Azure are available + depending on the HyperV generation. + ContainerUploadOptions: + type: object + additionalProperties: false + properties: + name: + type: string + example: 'osbuild' + description: | + Name for the created container image + tag: + type: string + example: 'latest' + description: | + Tag for the created container image + PulpOSTreeUploadOptions: + type: object + additionalProperties: false + required: + - basepath + properties: + basepath: + type: string + description: 'Basepath for distributing the repository' + repository: + type: string + description: 'Repository to import the ostree commit to' + server_address: + type: string + format: uri + Blueprint: + type: object + required: + - name + additionalProperties: false + properties: + name: + type: string + description: + type: string + version: + type: string + example: '7.7.70' + description: A semver version number + distro: + type: string + example: 'fedora-39' + description: | + The distribution to use for the compose. If left empty the host + distro will be used. + packages: + type: array + description: Packages to be installed + items: + $ref: '#/components/schemas/Package' + modules: + type: array + description: | + An alias for packages, retained for backwards compatability + items: + $ref: '#/components/schemas/Package' + groups: + type: array + description: Package groups to be installed + items: + $ref: '#/components/schemas/PackageGroup' + containers: + type: array + description: Container images to embed into the final artfact + items: + $ref: '#/components/schemas/Container' + customizations: + $ref: '#/components/schemas/BlueprintCustomizations' + BlueprintCustomizations: + type: object + additionalProperties: false + properties: + hostname: + type: string + description: Configures the hostname + kernel: + $ref: '#/components/schemas/Kernel' + sshkey: + type: array + description: List of ssh keys + items: + $ref: '#/components/schemas/SSHKey' + user: + type: array + description: List of users to create + items: + $ref: '#/components/schemas/BlueprintUser' + group: + type: array + description: List of groups to create + items: + $ref: '#/components/schemas/Group' + timezone: + $ref: '#/components/schemas/Timezone' + locale: + $ref: '#/components/schemas/Locale' + firewall: + $ref: '#/components/schemas/BlueprintFirewall' + services: + $ref: '#/components/schemas/Services' + filesystem: + type: array + description: List of filesystem mountpoints to create + items: + $ref: '#/components/schemas/BlueprintFilesystem' + installation_device: + type: string + description: | + Name of the installation device, currently only useful for the edge-simplified-installer type + example: /dev/sda + partitioning_mode: + type: string + enum: + - raw + - lvm + - auto-lvm + default: auto-lvm + description: | + Select how the disk image will be partitioned. 'auto-lvm' will use raw unless + there are one or more mountpoints in which case it will use LVM. 'lvm' always + uses LVM, even when there are no extra mountpoints. 'raw' uses raw partitions + even when there are one or more mountpoints. + fdo: + $ref: '#/components/schemas/FDO' + openscap: + $ref: '#/components/schemas/BlueprintOpenSCAP' + ignition: + $ref: '#/components/schemas/Ignition' + directories: + type: array + description: Directories to create in the final artifact + items: + $ref: '#/components/schemas/Directory' + files: + type: array + description: Files to create in the final artifact + items: + $ref: '#/components/schemas/BlueprintFile' + repositories: + type: array + description: | + Repositories to write to /etc/yum.repos.d/ in the final image. Note + that these are not used at build time. + items: + $ref: '#/components/schemas/BlueprintRepository' + fips: + type: boolean + description: Enable FIPS mode + installer: + $ref: '#/components/schemas/Installer' + rpm: + $ref: '#/components/schemas/RPMCustomization' + rhsm: + $ref: '#/components/schemas/RHSMCustomization' + cacerts: + $ref: '#/components/schemas/CACertsCustomization' + SSHKey: + type: object + additionalProperties: false + required: + - user + - key + properties: + user: + type: string + description: User to configure the ssh key for + example: admin + key: + type: string + description: Adds the key to the user's authorized_keys file + example: | + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIASWitkOH4U874EdsBUnytb3bwvRggHlQlbYXl7n10v9 + Package: + type: object + required: + - name + additionalProperties: false + properties: + name: + type: string + example: 'tmux' + description: | + Name of the package to install. File globbing is supported, + eg. 'openssh-*' + version: + type: string + example: '3.3a' + description: | + Optional version of the package to install. If left blank the + latest available version will be used. Wildcards are supported + eg. '4.11.*' + PackageGroup: + type: object + required: + - name + additionalProperties: false + properties: + name: + type: string + example: 'anaconda-tools' + description: Package group name + Customizations: + type: object + additionalProperties: false + properties: + containers: + type: array + items: + $ref: '#/components/schemas/Container' + description: Container images to embed into the final artfact + directories: + type: array + items: + $ref: '#/components/schemas/Directory' + description: Directories to create in the final artifact + files: + type: array + items: + $ref: '#/components/schemas/File' + description: Files to create in the final artifact + subscription: + $ref: '#/components/schemas/Subscription' + packages: + type: array + example: ['postgres'] + items: + type: string + users: + type: array + items: + $ref: '#/components/schemas/User' + payload_repositories: + type: array + items: + $ref: '#/components/schemas/Repository' + description: | + Extra repositories for packages specified in customizations. These + repositories will only be used to depsolve and retrieve packages + for the OS itself (they will not be available for the build root or + any other part of the build process). The package_sets field for these + repositories is ignored. + custom_repositories: + type: array + items: + $ref: '#/components/schemas/CustomRepository' + description: | + Extra repositories for packages specified in customizations. These + repositories will be used to depsolve and retrieve packages. Additionally, + these packages will be saved and imported to the `/etc/yum.repos.d/` directory + on the image + openscap: + $ref: '#/components/schemas/OpenSCAP' + filesystem: + type: array + items: + $ref: '#/components/schemas/Filesystem' + services: + $ref: '#/components/schemas/Services' + hostname: + type: string + description: Configures the hostname + example: myhostname + kernel: + $ref: '#/components/schemas/Kernel' + groups: + type: array + description: List of groups to create + items: + $ref: '#/components/schemas/Group' + timezone: + $ref: '#/components/schemas/Timezone' + locale: + $ref: '#/components/schemas/Locale' + firewall: + $ref: '#/components/schemas/FirewallCustomization' + installation_device: + type: string + description: | + Name of the installation device, currently only useful for the edge-simplified-installer type + example: /dev/sda + fdo: + $ref: '#/components/schemas/FDO' + ignition: + $ref: '#/components/schemas/Ignition' + partitioning_mode: + type: string + enum: + - raw + - lvm + - auto-lvm + default: auto-lvm + description: | + Select how the disk image will be partitioned. 'auto-lvm' will use raw unless + there are one or more mountpoints in which case it will use LVM. 'lvm' always + uses LVM, even when there are no extra mountpoints. 'raw' uses raw partitions + even when there are one or more mountpoints. + fips: + $ref: '#/components/schemas/FIPS' + installer: + $ref: '#/components/schemas/Installer' + rpm: + $ref: '#/components/schemas/RPMCustomization' + rhsm: + $ref: '#/components/schemas/RHSMCustomization' + cacerts: + $ref: '#/components/schemas/CACertsCustomization' + Container: + type: object + required: + - source + properties: + source: + type: string + description: Reference to the container to embed + example: 'registry.example.com/image:tag' + name: + type: string + description: Name to use for the container from the image + tls_verify: + type: boolean + description: Control TLS verifification + example: true + FirewallCustomization: + type: object + description: Firewalld configuration + additionalProperties: false + properties: + ports: + type: array + description: List of ports (or port ranges) and protocols to open + example: ["22:tcp", "80:tcp", "imap:tcp"] + items: + type: string + services: + $ref: '#/components/schemas/FirewallServices' + BlueprintFirewall: + type: object + description: Firewalld configuration + additionalProperties: false + properties: + ports: + type: array + description: List of ports (or port ranges) and protocols to open + example: ["22:tcp", "80:tcp", "imap:tcp"] + items: + type: string + services: + $ref: '#/components/schemas/FirewallServices' + zones: + type: array + items: + $ref: '#/components/schemas/FirewallZones' + FirewallServices: + type: object + description: Firewalld services to enable or disable + additionalProperties: false + properties: + enabled: + type: array + description: List of services to enable + example: ["ftp", "ntp"] + items: + type: string + disabled: + type: array + description: List of services to disable + example: ["telnet"] + items: + type: string + FirewallZones: + type: object + description: | + Bind a list of network sources to a zone to restrict traffic from + those sources based on the settings of the zone. + additionalProperties: false + properties: + name: + type: string + description: | + name of the zone, if left empty the sources will apply to + the default zone. + sources: + type: array + description: List of sources for the zone + items: + type: string + description: [/]||ipset: + Directory: + type: object + description: | + A custom directory to create in the final artifact. + required: + - path + properties: + path: + type: string + description: Path to the directory + example: '/etc/mydir' + mode: + type: string + description: Permissions string for the directory in octal format + example: "0755" + user: + oneOf: + - type: string + - type: integer + description: Owner of the directory as a user name or a uid + example: 'root' + group: + oneOf: + - type: string + - type: integer + description: Group of the directory as a group name or a gid + example: 'root' + ensure_parents: + type: boolean + description: Ensure that the parent directories exist + default: false + File: + type: object + description: | + A custom file to create in the final artifact. + required: + - path + properties: + path: + type: string + description: Path to the file + example: '/etc/myfile' + mode: + type: string + description: Permissions string for the file in octal format + example: "0644" + user: + oneOf: + - type: string + - type: integer + description: Owner of the file as a uid or a user name + example: 'root' + group: + oneOf: + - type: string + - type: integer + description: Group of the file as a gid or a group name + example: 'root' + data: + type: string + description: Contents of the file as plain text + ensure_parents: + type: boolean + description: Ensure that the parent directories exist + example: true + default: false + BlueprintFile: + type: object + description: | + A custom file to create in the final artifact. + required: + - path + properties: + path: + type: string + description: Path to the file + example: '/etc/myfile' + mode: + type: string + description: Permissions string for the file in octal format + example: "0644" + user: + oneOf: + - type: string + - type: integer + description: Owner of the file as a uid or a user name + example: 'root' + group: + oneOf: + - type: string + - type: integer + description: Group of the file as a gid or a group name + example: 'root' + data: + type: string + description: Contents of the file as plain text + Filesystem: + type: object + required: + - mountpoint + - min_size + properties: + mountpoint: + type: string + example: '/var' + min_size: + x-go-type: uint64 + example: 2147483648 + description: 'size of the filesystem in bytes' + BlueprintFilesystem: + type: object + required: + - mountpoint + - minsize + properties: + mountpoint: + type: string + example: '/var' + minsize: + x-go-type: uint64 + example: 2147483648 + description: 'size of the filesystem in bytes' + OSTree: + type: object + properties: + url: + type: string + contenturl: + type: string + description: | + A URL which, if set, is used for fetching content. Implies that `url` is set as well, + which will be used for metadata only. + ref: + type: string + example: 'rhel/8/x86_64/edge' + parent: + type: string + description: > + Can be either a commit (example: + 02604b2da6e954bd34b8b82a835e5a77d2b60ffa), or a branch-like + reference (example: rhel/8/x86_64/edge) + example: 'rhel/8/x86_64/edge' + rhsm: + type: boolean + default: false + description: | + Determines whether a valid subscription manager (candlepin) identity is required to + access this repository. Consumer certificates will be used as client certificates when + fetching metadata and content. + Subscription: + type: object + required: + - organization + - activation_key + - server_url + - base_url + - insights + properties: + organization: + type: string + example: '2040324' + activation_key: + type: string + format: password + example: 'my-secret-key' + server_url: + type: string + format: uri + example: 'subscription.rhsm.redhat.com' + base_url: + type: string + format: uri + example: 'http://cdn.redhat.com/' + insights: + type: boolean + example: true + rhc: + type: boolean + default: false + example: true + description: | + Optional flag to use rhc to register the system, which also always enables Insights. + User: + type: object + additionalProperties: false + required: + - name + properties: + name: + type: string + example: "user1" + groups: + type: array + items: + type: string + example: "group1" + key: + type: string + example: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrGKErMYi+MMUwuHaRAJmRLoIzRf2qD2dD5z0BTx/6x" + password: + type: string + format: password + description: | + If the password starts with $6$, $5$, or $2b$ it will be stored as + an encrypted password. Otherwise it will be treated as a plain text + password. + BlueprintUser: + type: object + additionalProperties: false + required: + - name + properties: + name: + type: string + example: "user1" + description: + type: string + password: + type: string + description: | + If the password starts with $6$, $5$, or $2b$ it will be stored as + an encrypted password. Otherwise it will be treated as a plain text + password. + key: + type: string + description: ssh public key + example: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrGKErMYi+MMUwuHaRAJmRLoIzRf2qD2dD5z0BTx/6x" + home: + type: string + description: The user's home directory + shell: + type: string + description: Login shell to use + groups: + type: array + items: + type: string + example: "group1" + description: A list of additional groups to add the user to + uid: + type: integer + description: User id to use instead of the default + gid: + type: integer + description: Group id to use instead of the default + Kernel: + type: object + additionalProperties: false + properties: + name: + type: string + description: Name of the kernel to use + example: kernel-debug + append: + type: string + description: Appends arguments to the bootloader kernel command line + example: nosmt=force + Services: + type: object + additionalProperties: false + properties: + enabled: + description: List of services to enable by default + type: array + minItems: 1 + items: + type: string + example: "nftables" + disabled: + description: List of services to disable by default + type: array + minItems: 1 + items: + type: string + example: "firewalld" + masked: + description: List of services to mask by default + type: array + minItems: 1 + items: + type: string + example: "telnetd" + Timezone: + type: object + description: Timezone configuration + additionalProperties: false + properties: + timezone: + type: string + description: Name of the timezone, defaults to UTC + example: US/Eastern + ntpservers: + type: array + description: List of ntp servers + example: ["0.north-america.pool.ntp.org", "1.north-america.pool.ntp.org"] + items: + type: string + Locale: + type: object + description: Locale configuration + additionalProperties: false + properties: + languages: + type: array + description: | + List of locales to be installed, the first one becomes primary, subsequent ones are secondary + example: ["en_US.UTF-8"] + items: + type: string + keyboard: + type: string + description: Sets the keyboard layout + example: us + FDO: + type: object + additionalProperties: false + description: FIDO device onboard configuration + properties: + manufacturing_server_url: + type: string + diun_pub_key_insecure: + type: string + diun_pub_key_hash: + type: string + diun_pub_key_root_certs: + type: string + di_mfg_string_type_mac_iface: + type: string + FIPS: + type: object + additionalProperties: false + description: System FIPS mode setup + properties: + enabled: + type: boolean + description: Enables the system FIPS mode + default: false + Ignition: + type: object + additionalProperties: false + description: Ignition configuration + properties: + embedded: + $ref: '#/components/schemas/IgnitionEmbedded' + firstboot: + $ref: '#/components/schemas/IgnitionFirstboot' + IgnitionEmbedded: + type: object + additionalProperties: false + required: + - config + properties: + config: + type: string + IgnitionFirstboot: + type: object + additionalProperties: false + required: + - url + properties: + url: + type: string + description: Provisioning URL + Group: + type: object + additionalProperties: false + required: + - name + properties: + name: + type: string + description: Name of the group to create + gid: + type: integer + description: Group id of the group to create (optional) + Koji: + type: object + additionalProperties: false + required: + - server + - task_id + - name + - version + - release + properties: + server: + type: string + format: uri + example: 'https://koji.fedoraproject.org/kojihub' + task_id: + type: integer + example: 42 + name: + type: string + example: Fedora-Cloud-Base + version: + type: string + example: '31' + release: + type: string + example: '20200907.0' + ComposeId: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - id + properties: + id: + type: string + format: uuid + example: '123e4567-e89b-12d3-a456-426655440000' + + CloneComposeBody: + oneOf: + - $ref: '#/components/schemas/AWSEC2CloneCompose' + + AWSEC2CloneCompose: + type: object + additionalProperties: false + required: + - region + properties: + region: + type: string + share_with_accounts: + type: array + example: ['123456789012'] + items: + type: string + + CloneComposeResponse: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - type: object + required: + - id + properties: + id: + type: string + format: uuid + example: '123e4567-e89b-12d3-a456-426655440000' + + CloneStatus: + allOf: + - $ref: '#/components/schemas/ObjectReference' + - $ref: '#/components/schemas/UploadStatus' + + DepsolveRequest: + additionalProperties: false + required: + - blueprint + - distribution + - architecture + properties: + repositories: + type: array + items: + $ref: '#/components/schemas/Repository' + distribution: + type: string + example: 'rhel-8' + architecture: + type: string + example: 'x86_64' + blueprint: + $ref: '#/components/schemas/Blueprint' + + DepsolveResponse: + type: object + required: + - packages + properties: + packages: + type: array + items: + $ref: '#/components/schemas/PackageMetadata' + description: 'Package list including NEVRA' + + SearchPackagesRequest: + additionalProperties: false + required: + - packages + - distribution + - architecture + properties: + repositories: + type: array + items: + $ref: '#/components/schemas/Repository' + distribution: + type: string + example: 'rhel-8' + architecture: + type: string + example: 'x86_64' + packages: + type: array + description: | + Array of package names to search for. Supports * wildcards for + names, but not for versions. + items: + type: string + + SearchPackagesResponse: + type: object + required: + - packages + properties: + packages: + type: array + items: + $ref: '#/components/schemas/PackageDetails' + description: 'Detailed package information from DNF' + + PackageDetails: + type: object + required: + - name + - version + - release + - arch + properties: + name: + type: string + summary: + type: string + description: + type: string + url: + type: string + version: + type: string + release: + type: string + epoch: + type: string + arch: + type: string + buildtime: + type: string + license: + type: string + + parameters: + page: + name: page + in: query + description: Page index + required: false + schema: + type: string + examples: + page: + value: "1" + size: + name: size + in: query + description: Number of items in each page + required: false + schema: + type: string + examples: + size: + value: "100" + + securitySchemes: + Bearer: + scheme: bearer + bearerFormat: JWT + type: http