pungi/doc/configuration.rst
Lubomír Sedlář d3cad4795c metadata: Allow creating internal releases
The internal flag in productmd is meant to indicate that a compose is
not meant for publishing. This is potentially useful to allow filtering
in PDC or similar service.

Signed-off-by: Lubomír Sedlář <lsedlar@redhat.com>
2016-12-06 12:49:33 +01:00

1362 lines
42 KiB
ReStructuredText

===============
Configuration
===============
Please read
`productmd documentation <http://release-engineering.github.io/productmd/index.html>`_
for
`terminology <http://release-engineering.github.io/productmd/terminology.html>`_
and other release and compose related details.
Minimal Config Example
======================
::
# RELEASE
release_name = "Fedora"
release_short = "Fedora"
release_version = "23"
# GENERAL SETTINGS
comps_file = "comps-f23.xml"
variants_file = "variants-f23.xml"
# KOJI
koji_profile = "koji"
runroot = False
# PKGSET
sigkeys = [None]
pkgset_source = "koji"
pkgset_koji_tag = "f23"
# CREATEREPO
createrepo_checksum = "sha256"
# GATHER
gather_source = "comps"
gather_method = "deps"
greedy_method = "build"
check_deps = False
# BUILDINSTALL
bootable = True
buildinstall_method = "lorax"
Release
=======
Following **mandatory** options describe a release.
Options
-------
**release_name** [mandatory]
(*str*) -- release name
**release_short** [mandatory]
(*str*) -- release short name, without spaces and special characters
**release_version** [mandatory]
(*str*) -- release version
**release_type** = "ga"
(*str*) -- release type, "ga" or "updates"
**release_is_layered** = False
(*bool*) -- typically False for an operating system, True otherwise
**release_internal** = False
(*bool*) -- whether the compose is meant for public consumption
Example
-------
::
release_name = "Fedora"
release_short = "Fedora"
release_version = "23"
# release_type = "ga"
Base Product
============
Base product options are **optional** and we need
to them only if we're composing a layered product
built on another (base) product.
Options
-------
**base_product_name**
(*str*) -- base product name
**base_product_short**
(*str*) -- base product short name, without spaces and special characters
**base_product_version**
(*str*) -- base product **major** version
**base_product_type** = "ga"
(*str*) -- base product type, "ga", "updates" etc., for full list see
documentation of *productmd*.
Example
-------
::
release_name = "RPM Fusion"
release_short = "rf"
release_version = "23.0"
release_is_layered = True
base_product_name = "Fedora"
base_product_short = "Fedora"
base_product_version = "23"
General Settings
================
Options
-------
**comps_file** [mandatory]
(*scm_dict*, *str* or None) -- reference to comps XML file with installation groups
**variants_file** [mandatory]
(*scm_dict* or *str*) -- reference to variants XML file that defines release variants and architectures
**failable_deliverables** [optional]
(*list*) -- list which deliverables on which variant and architecture can
fail and not abort the whole compose. This only applies to ``buildinstall``
and ``iso`` parts. All other artifacts can be configured in their
respective part of configuration.
Please note that ``*`` as a wildcard matches all architectures but ``src``.
**comps_filter_environments** [optional]
(*bool*) -- When set to ``False``, the comps files for variants will not
have their environments filtered to match the variant.
**tree_arches**
([*str*]) -- list of architectures which should be included; if undefined,
all architectures from variants.xml will be included
**tree_variants**
([*str*]) -- list of variants which should be included; if undefined, all
variants from variants.xml will be included
Example
-------
::
comps_file = {
"scm": "git",
"repo": "https://git.fedorahosted.org/git/comps.git",
"branch": None,
"file": "comps-f23.xml.in",
}
variants_file = {
"scm": "git",
"repo": "https://pagure.io/pungi-fedora.git ",
"branch": None,
"file": "variants-fedora.xml",
}
failable_deliverables = [
('^.*$', {
# Buildinstall can fail on any variant and any arch
'*': ['buildinstall'],
'src': ['buildinstall'],
# Nothing on i386 blocks the compose
'i386': ['buildinstall', 'iso', 'live'],
})
]
tree_arches = ["x86_64"]
tree_variants = ["Server"]
Image Naming
============
Both image name and volume id are generated based on the configuration. Since
the volume id is limited to 32 characters, there are more settings available.
The process for generating volume id is to get a list of possible formats and
try them sequentially until one fits in the length limit. If substitutions are
configured, each attempted volume id will be modified by it.
For layered products, the candidate formats are first
``image_volid_layered_product_formats`` followed by ``image_volid_formats``.
Otherwise, only ``image_volid_formats`` are tried.
If no format matches the length limit, an error will be reported and compose
aborted.
Options
-------
There a couple common format specifiers available for both the options:
* ``compose_id``
* ``release_short``
* ``version``
* ``date``
* ``respin``
* ``type``
* ``type_suffix``
* ``label``
* ``label_major_version``
* ``variant``
* ``arch``
* ``disc_type``
**image_name_format** [optional]
(*str*) -- Python's format string to serve as template for image names
This format will be used for all phases generating images. Currently that
means ``createiso``, ``live_images`` and ``buildinstall``.
Available extra keys are:
* ``disc_num``
* ``suffix``
**image_volid_formats** [optional]
(*list*) -- A list of format strings for generating volume id.
The extra available keys are:
* ``base_product_short``
* ``base_product_version``
**image_volid_layered_product_formats** [optional]
(*list*) -- A list of format strings for generating volume id for layered
products. The keys available are the same as for ``image_volid_formats``.
**volume_id_substitutions** [optional]
(*dict*) -- A mapping of string replacements to shorten the volume id.
**disc_types** [optional]
(*dict*) -- A mapping for customizing ``disc_type`` used in image names.
Available keys are:
* ``boot`` -- for ``boot.iso`` images created in *buildinstall* phase
* ``live`` -- for images created by *live_images* phase
* ``dvd`` -- for images created by *createiso* phase
* ``ostree`` -- for ostree installer images
Default values are the same as the keys.
Example
-------
::
# Image name respecting Fedora's image naming policy
image_name_format = "%(release_short)s-%(variant)s-%(disc_type)s-%(arch)s-%(version)s%(suffix)s"
# Use the same format for volume id
image_volid_formats = [
"%(release_short)s-%(variant)s-%(disc_type)s-%(arch)s-%(version)s"
]
# No special handling for layered products, use same format as for regular images
image_volid_layered_product_formats = []
# Replace "Cloud" with "C" in volume id etc.
volume_id_substitutions = {
'Cloud': 'C',
'Alpha': 'A',
'Beta': 'B',
'TC': 'T',
}
disc_types = {
'boot': 'netinst',
'live': 'Live',
'dvd': 'DVD',
}
Signing
=======
If you want to sign deliverables generated during pungi run like RPM wrapped
images. You must provide few configuration options:
**signing_command** [optional]
(*str*) -- Command that will be run with a koji build as a single
argument. This command must not require any user interaction.
If you need to pass a password for a signing key to the command,
do this via command line option of the command and use string
formatting syntax ``%(signing_key_password)s``.
(See **signing_key_password_file**).
**signing_key_id** [optional]
(*str*) -- ID of the key that will be used for the signing.
This ID will be used when crafting koji paths to signed files
(``kojipkgs.fedoraproject.org/packages/NAME/VER/REL/data/signed/KEYID/..``).
**signing_key_password_file** [optional]
(*str*) -- Path to a file with password that will be formatted
into **signing_command** string via ``%(signing_key_password)s``
string format syntax (if used).
Because pungi config is usualy stored in git and is part of compose
logs we don't want password to be included directly in the config.
Note: If ``-`` string is used instead of a filename, then you will be asked
for the password interactivelly right after pungi starts.
Example
-------
::
signing_command = '~/git/releng/scripts/sigulsign_unsigned.py -vv --password=%(signing_key_password)s fedora-24'
signing_key_id = '81b46521'
signing_key_password_file = '~/password_for_fedora-24_key'
.. _git-urls:
Git URLs
========
In multiple places the config requires URL of a Git repository to download some
file from. This URL is passed on to *Koji*. It is possible to specify which
commit to use using this syntax: ::
git://git.example.com/git/repo-name.git?#<rev_spec>
The ``<rev_spec>`` pattern can be replaced with actual commit SHA, a tag name,
``HEAD`` to indicate that tip of default branch should be used or
``origin/<branch_name>`` to use tip of arbitrary branch.
If the URL specifies a branch or ``HEAD``, *Pungi* will replace it with the
actual commit SHA. This will later show up in *Koji* tasks and help with
tracing what particular inputs were used.
.. note::
The ``origin`` must be specified because of the way *Koji* works with the
repository. It will clone the repository then switch to requested state
with ``git reset --hard REF``. Since no local branches are created, we need
to use full specification including the name of the remote.
Createrepo Settings
===================
Options
-------
**createrepo_checksum** [mandatory]
(*str*) -- specify checksum type for createrepo; expected values: sha256, sha
**createrepo_c** = True
(*bool*) -- use createrepo_c (True) or legacy createrepo (False)
**createrepo_deltas** = False
(*bool*) -- generate delta RPMs against an older compose. This needs to be
used together with `--old-composes`` command line argument.
**createrepo_use_xz** = False
(*bool*) -- whether to pass ``--xz`` to the createrepo command. This will
cause the SQLite databases to be compressed with xz.
**product_id** = None
(*scm_dict*) -- If specified, it should point to a directory with
certificates ``<variant_uid>-<arch>-*.pem``. This certificate will be
injected into the repository.
**product_id_allow_missing** = False
(*bool*) -- When ``product_id`` is used and a certificate for some variant
is missing, an error will be reported by default. Use this option to
instead ignore the missing certificate.
Example
-------
::
createrepo_checksum = "sha256"
Package Set Settings
====================
Options
-------
**sigkeys**
([*str* or None]) -- priority list of sigkeys, *None* means unsigned
**pkgset_source** [mandatory]
(*str*) -- "koji" (any koji instance) or "repos" (arbitrary yum repositories)
**pkgset_koji_tag** [mandatory]
(*str*) -- tag to read package set from
**pkgset_koji_inherit** = True
(*bool*) -- inherit builds from parent tags; we can turn it off only if we
have all builds tagged in a single tag
**pkgset_repos**
(*dict*) -- A mapping of architectures to repositories with RPMs: ``{arch:
[repo]}``. Only use when ``pkgset_source = "repos"``.
Example
-------
::
sigkeys = [None]
pkgset_source = "koji"
pkgset_koji_tag = "f23"
Buildinstall Settings
=====================
Script or process that creates bootable images with
Anaconda installer is historically called
`buildinstall <https://git.fedorahosted.org/cgit/anaconda.git/tree/scripts/buildinstall?h=f15-branch>`_.
Options
-------
**bootable**
(*bool*) -- whether to run the buildinstall phase
**buildinstall_method**
(*str*) -- "lorax" (f16+, rhel7+) or "buildinstall" (older releases)
**buildinstall_upgrade_image** [deprecated]
(*bool*) -- use ``noupgrade`` with ``lorax_options`` instead
**lorax_options**
(*list*) -- special options passed on to *lorax*.
Format: ``[(variant_uid_regex, {arch|*: {option: name}})]``.
Recognized options are:
* ``bugurl`` -- *str* (default ``None``)
* ``nomacboot`` -- *bool* (default ``True``)
* ``noupgrade`` -- *bool* (default ``True``)
**buildinstall_kickstart**
(*scm_dict*) -- If specified, this kickstart file will be copied into each
file and pointed to in boot configuration.
Example
-------
::
bootable = True
buildinstall_method = "lorax"
# Enables macboot on x86_64 for all variants and builds upgrade images
# everywhere.
lorax_options = [
("^.*$", {
"x86_64": {
"nomacboot": False
}
"*": {
"noupgrade": False
}
})
]
.. note::
It is advised to run buildinstall (lorax) in koji,
i.e. with **runroot enabled** for clean build environments, better logging, etc.
.. warning::
Lorax installs RPMs into a chroot. This involves running %post scriptlets
and they frequently run executables in the chroot.
If we're composing for multiple architectures, we **must** use runroot for this reason.
Gather Settings
===============
Options
-------
**gather_source** [mandatory]
(*str*) -- from where to read initial package list; expected values: "comps", "none"
**gather_method** [mandatory]
(*str*) -- "deps", "nodeps"
**gather_fulltree** = False
(*bool*) -- When set to ``True`` all RPMs built from an SRPM will always be
included. Only use when ``gather_method = "deps"``.
**gather_selfhosting** = False
(*bool*) -- When set to ``True``, *Pungi* will build a self-hosting tree by
following build dependencies. Only use when ``gather_method = "deps"``.
**greedy_method**
(*str*) -- see :doc:`gather`, recommended value: "build"
**multilib_methods** [deprecated]
([*str*]) -- use ``multilib`` instead to configure this per-variant
**multilib_arches** [deprecated]
([*str*] or None) -- use ``multilib`` to implicitly configure this: if a
variant on any arch has non-empty multilib methods, it is automatically
eligible
**multilib**
(*list*) -- mapping of variant regexes and arches to list of multilib
methods
Available methods are:
* ``none``
* ``all``
* ``runtime``
* ``file``
* ``kernel``
* ``yaboot``
**additional_packages**
(*list*) -- additional packages to be included in a variant and
architecture; format: ``[(variant_uid_regex, {arch|*: [package_globs]})]``
**filter_packages**
(*list*) -- packages to be excluded from a variant and architecture;
format: ``[(variant_uid_regex, {arch|*: [package_globs]})]``
**filter_system_release_packages**
(*bool*) -- for each variant, figure out the best system release package
and filter out all others. This will not work if a variant needs more than
one system release package. In such case, set this option to ``False``.
**gather_prepopulate** = None
(*scm_dict*) -- If specified, you can use this to add additional packages.
The format of the file pointed to by this option is a JSON mapping
``{variant_uid: {arch: {build: [package]}}}``. Packages added through this
option can not be removed by ``filter_packages``.
**multilib_blacklist**
(*dict*) -- multilib blacklist; format: ``{arch|*: [package_globs]}``. The
patterns are tested with ``fnmatch``, so shell globbing is used (not
regular expression).
**multilib_whitelist**
(*dict*) -- multilib blacklist; format: ``{arch|*: [package_names]}``. The
whitelist must contain exact package names; there are no wildcards or
pattern matching.
**gather_lookaside_repos** = []
(*list*) -- lookaside repositories used for package gathering; format:
``[(variant_uid_regex, {arch|*: [repo_urls]})]``
**hashed_directories** = False
(*bool*) -- put packages into "hashed" directories, for example
``Packages/k/kernel-4.0.4-301.fc22.x86_64.rpm``
**check_deps** = True
(*bool*) -- Set to ``False`` if you don't want the compose to abort when
some package has broken dependencies.
**gather_source_mapping**
(*str*) -- Only use when ``gather_source = "json"``. The value should be a
path to JSON file with following mapping: ``{variant: {arch: {rpm_name:
[rpm_arch|None]}}}``.
Example
-------
::
gather_source = "comps"
gather_method = "deps"
greedy_method = "build"
check_deps = False
hashed_directories = True
additional_packages = [
# bz#123456
('^(Workstation|Server)$', {
'*': [
'grub2',
'kernel',
],
}),
]
filter_packages = [
# bz#111222
('^.*$', {
'*': [
'kernel-doc',
],
}),
]
multilib = [
('^Server$', {
'x86_64': ['devel', 'runtime']
})
]
multilib_blacklist = {
"*": [
"gcc",
],
}
multilib_whitelist = {
"*": [
"alsa-plugins-*",
],
}
# gather_lookaside_repos = [
# ('^.*$', {
# 'x86_64': [
# "https://dl.fedoraproject.org/pub/fedora/linux/releases/22/Everything/x86_64/os/",
# "https://dl.fedoraproject.org/pub/fedora/linux/releases/22/Everything/source/SRPMS/",
# ]
# }),
# ]
.. note::
It is a good practice to attach bug/ticket numbers
to additional_packages, filter_packages, multilib_blacklist and multilib_whitelist
to track decisions.
Koji Settings
=============
Options
-------
**koji_profile**
(*str*) -- koji profile name
**runroot** [mandatory]
(*bool*) -- run some tasks such as buildinstall or createiso in koji build root (True) or locally (False)
**runroot_channel**
(*str*) -- name of koji channel
**runroot_tag**
(*str*) -- name of koji **build** tag used for runroot
Example
-------
::
koji_profile = "koji"
runroot = True
runroot_channel = "runroot"
runroot_tag = "f23-build"
Extra Files Settings
====================
Options
-------
**extra_files**
(*list*) -- references to external files to be placed in os/ directory and media; format: [(variant_uid_regex, {arch|*: [scm_dicts]})]
Example
-------
::
extra_files = [
('^.*$', {
'*': [
# GPG keys
{
"scm": "rpm",
"repo": "fedora-repos",
"branch": None,
"file": [
"/etc/pki/rpm-gpg/RPM-GPG-KEY-22-fedora",
],
"target": "",
},
# GPL
{
"scm": "git",
"repo": "https://pagure.io/pungi-fedora",
"branch": None,
"file": [
"GPL",
],
"target": "",
},
],
}),
]
Extra Files Metadata
--------------------
If extra files are specified a metadata file, ``extra_files.json``, is placed
in the os/ directory and media. This metadata file is in the format:
::
{
"header": {"version": "1.0},
"data": [
{
"file": "GPL",
"checksums": {
"sha256": "8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643"
},
"size": 18092
},
{
"file": "release-notes/notes.html",
"checksums": {
"sha256": "82b1ba8db522aadf101dca6404235fba179e559b95ea24ff39ee1e5d9a53bdcb"
},
"size": 1120
}
]
}
Productimg Settings
===================
Product images are placed on installation media and provide additional branding
and Anaconda changes specific to product variants.
Options
-------
**productimg** = False
(*bool*) -- create product images; requires bootable=True
**productimg_install_class**
(*scm_dict*, *str*) -- reference to install class **file**
**productimg_po_files**
(*scm_dict*, *str*) -- reference to a **directory** with po files for install class translations
Example
-------
::
productimg = True
productimg_install_class = {
"scm": "git",
"repo": "http://git.example.com/productimg.git",
"branch": None,
"file": "fedora23/%(variant_id)s.py",
}
productimg_po_files = {
"scm": "git",
"repo": "http://git.example.com/productimg.git",
"branch": None,
"dir": "po",
}
CreateISO Settings
==================
Options
-------
**createiso_skip** = False
(*list*) -- mapping that defines which variants and arches to skip during createiso; format: [(variant_uid_regex, {arch|*: True})]
**create_jigdo** = True
(*bool*) -- controls the creation of jigdo from ISO
**create_optional_isos** = False
(*bool*) -- when set to ``True``, ISOs will be created even for
``optional`` variants. By default only variants with type ``variant`` or
``layered-product`` will get ISOs.
**iso_size** = 4700000000
(*int|str*) -- size of ISO image. The value should either be an integer
meaning size in bytes, or it can be a string with ``k``, ``M``, ``G``
suffix (using multiples of 1024).
**split_iso_reserve** = 10MiB
(*int|str*) -- how much free space should be left on each disk. The format
is the same as for ``iso_size`` option.
.. note::
Source architecture needs to be listed explicitly.
Excluding '*' applies only on binary arches.
Jigdo causes significant increase of time to ISO creation.
Example
-------
::
createiso_skip = [
('^Workstation$', {
'*': True,
'src': True
}),
]
Common options for Live Images, Live Media and Image Build
==========================================================
All images can have ``ksurl``, ``version``, ``release`` and ``target``
specified. Since this can create a lot of duplication, there are global options
that can be used instead.
For each of the phases, if the option is not specified for a particular
deliverable, an option named ``<PHASE_NAME>_<OPTION>`` is checked. If that is
not specified either, the last fallback is ``global_<OPTION>``. If even that is
unset, the value is considered to not be specified.
The kickstart URL is configured by these options.
* ``global_ksurl`` -- global fallback setting
* ``live_media_ksurl``
* ``image_build_ksurl``
* ``live_images_ksurl``
Target is specified by these settings. For live images refer to ``live_target``.
* ``global_target`` -- global fallback setting
* ``live_media_target``
* ``image_build_target``
.. _auto_version:
Version is specified by these options. If no version is set, a default value
will be provided based on product version. If label is used (and is not
``RC``), the milestone will be appended to the version with an underscore.
* ``global_version`` -- global fallback setting
* ``live_media_version``
* ``image_build_version``
* ``live_images_version``
.. _auto_release:
Release is specified by these options. If set explicitly to ``None``, a value
will be generated based on compose label, and when compose label is not
provided; date, compose type and respin will be used.
* ``global_release`` -- global fallback setting
* ``live_media_release``
* ``image_build_release``
* ``live_images_release``
Each configuration block can also optionally specify a list of architectures
that are not release blocking with ``failable`` key. If any deliverable fails,
it will not abort the whole compose. Due to limitations in how the tasks are
done in Koji, if any architecture fails, all of them fail. Until this is
resolved, it is not possible to configure failability per architecture. An
empty list means required deliverable, non-empty list means non-blocking
deliverable.
Live Images Settings
====================
**live_target**
(*str*) -- Koji build target for which to build the images. This gets
passed to ``koji spin-livecd``.
**live_images**
(*list*) -- Configuration for the particular image. The elements of the
list should be tuples ``(variant_uid_regex, {arch|*: config})``. The config
should be a dict with these keys:
* ``kickstart`` (*str*)
* ``ksurl`` (*str*) [optional] -- where to get the kickstart from
* ``name`` (*str*)
* ``version`` (*str*)
* ``additional_repos`` (*list*) -- external repos specified by URL
* ``repo_from`` (*list*) -- repos from other variants
* ``specfile`` (*str*) -- for images wrapped in RPM
* ``scratch`` (*bool*) -- only RPM-wrapped images can use scratch builds,
but by default this is turned off
* ``type`` (*str*) -- what kind of task to start in Koji. Defaults to
``live`` meaning ``koji spin-livecd`` will be used. Alternative option
is ``appliance`` corresponding to ``koji spin-appliance``.
* ``sign`` (*bool*) -- only RPM-wrapped images can be signed
**live_images_no_rename**
(*bool*) -- When set to ``True``, filenames generated by Koji will be used.
When ``False``, filenames will be generated based on ``image_name_format``
configuration option.
Live Media Settings
===================
**live_media**
(*dict*) -- configuration for ``koji spin-livemedia``; format:
``{variant_uid_regex: [{opt:value}]}``
Required options:
* ``name`` (*str*)
* ``version`` (*str*)
* ``target`` (*str*)
* ``arches`` (*[str]*) -- what architectures to build the media for; by default uses
all arches for the variant.
* ``kickstart`` (*str*) -- name of the kickstart file
Available options:
* ``ksurl`` (*str*)
* ``ksversion`` (*str*)
* ``scratch`` (*bool*)
* ``release`` (*str*) -- a string with the release, or explicit ``None``
for automatically generating one. See :ref:`common options
<auto_release>` for details.
* ``skip_tag`` (*bool*)
* ``repo`` (*[str]*) -- external repo
* ``repo_from`` (*[str]*) -- list of variants to take extra repos from
* ``title`` (*str*)
* ``install_tree_from`` (*str*) -- variant to take install tree from
If many of your media use the same value for one of ``ksurl``, ``release``,
``target`` or ``version``, consider using these options to set the value in one
place and have all media inherit it.
**live_media_ksurl**
(*str*) -- Provides a fallback for media that do not specify ``ksurl`` in
the ``live_media`` block.
**live_media_release**
(*str*) -- Provides a fallback for media that do not specify ``release`` in
the ``live_media`` block. Please note that if you set this, there is no way
to unset it for a particular media. This is important if you want the
release generated by Koji.
**live_media_target**
(*str*) -- Provides a fallback for media that do not specify ``target`` in
the ``live_media`` block.
**live_media_version**
(*str*) -- Provides a fallback for media that do not specify ``version`` in
the ``live_media`` block.
Image Build Settings
====================
**image_build**
(*dict*) -- config for ``koji image-build``; format: {variant_uid_regex: [{opt: value}]}
By default, images will be built for each binary arch valid for the
variant. The config can specify a list of arches to narrow this down.
.. note::
Config can contain anything what is accepted by
``koji image-build --config configfile.ini``
Repo can be specified either as a string or a list of strings. It will be
automatically transformed into format suitable for ``koji``. A repo for the
currently built variant will be added as well.
If you explicitly set ``release`` to ``None``, it will be replaced with
a value generated as described in :ref:`common options <auto_release>`.
You can also add extra variants to get repos from with key ``repo_from``.
The value should be a list of variant names.
Please don't set ``install_tree``. This gets automatically set by *pungi*
based on current variant. You can use ``install_tree_from`` key to use
install tree from another variant.
The ``format`` attr is [('image_type', 'image_suffix'), ...].
See productmd documentation for list of supported types and suffixes.
If ``ksurl`` ends with ``#HEAD``, Pungi will figure out the SHA1 hash of
current HEAD and use that instead.
Setting ``scratch`` to ``True`` will run the koji tasks as scratch builds.
Example
-------
::
image_build = {
'^Server$': [
{
'image-build': {
'format': [('docker', 'tar.gz'), ('qcow2', 'qcow2')]
'name': 'fedora-qcow-and-docker-base',
'target': 'koji-target-name',
'ksversion': 'F23', # value from pykickstart
'version': '23',
# correct SHA1 hash will be put into the URL below automatically
'ksurl': 'https://git.fedorahosted.org/git/spin-kickstarts.git?somedirectoryifany#HEAD',
'kickstart': "fedora-docker-base.ks",
'repo': ["http://someextrarepos.org/repo", "ftp://rekcod.oi/repo"],
'distro': 'Fedora-20',
'disk_size': 3,
# this is set automatically by pungi to os_dir for given variant
# 'install_tree': 'http://somepath',
},
'factory-parameters': {
'docker_cmd': "[ '/bin/bash' ]",
'docker_env': "[ 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' ]",
'docker_labels': "{'Name': 'fedora-docker-base', 'License': u'GPLv2', 'RUN': 'docker run -it --rm ${OPT1} --privileged -v \`pwd\`:/atomicapp -v /run:/run -v /:/host --net=host --name ${NAME} -e NAME=${NAME} -e IMAGE=${IMAGE} ${IMAGE} -v ${OPT2} run ${OPT3} /atomicapp', 'Vendor': 'Fedora Project', 'Version': '23', 'Architecture': 'x86_64' }",
}
},
{
'image-build': {
'format': [('docker', 'tar.gz'), ('qcow2', 'qcow2')]
'name': 'fedora-qcow-and-docker-base',
'target': 'koji-target-name',
'ksversion': 'F23', # value from pykickstart
'version': '23',
# correct SHA1 hash will be put into the URL below automatically
'ksurl': 'https://git.fedorahosted.org/git/spin-kickstarts.git?somedirectoryifany#HEAD',
'kickstart': "fedora-docker-base.ks",
'repo': ["http://someextrarepos.org/repo", "ftp://rekcod.oi/repo"],
'distro': 'Fedora-20',
'disk_size': 3,
# this is set automatically by pungi to os_dir for given variant
# 'install_tree': 'http://somepath',
}
},
{
'image-build': {
'format': [('qcow2','qcow2')]
'name': 'fedora-qcow-base',
'target': 'koji-target-name',
'ksversion': 'F23', # value from pykickstart
'version': '23',
'ksurl': 'https://git.fedorahosted.org/git/spin-kickstarts.git?somedirectoryifany#HEAD',
'kickstart': "fedora-docker-base.ks",
'distro': 'Fedora-23',
# only build this type of image on x86_64
'arches': ['x86_64']
# Use install tree and repo from Everything variant.
'install_tree_from': 'Everything',
'repo_from': ['Everything'],
# Set release automatically.
'release': None,
}
}
]
}
OSTree Settings
===============
The ``ostree`` phase of *Pungi* can create ostree repositories. This is done by
running ``rpm-ostree compose`` in a Koji runroot environment. The ostree
repository itself is not part of the compose and should be located in another
directory. Any new packages in the compose will be added to the repository with
a new commit.
**ostree**
(*dict*) -- a variant/arch mapping of configuration. The format should be
``[(variant_uid_regex, {arch|*: config_dict})]``.
The configuration dict for each variant arch pair must have these keys:
* ``treefile`` -- (*str*) Filename of configuration for ``rpm-ostree``.
* ``config_url`` -- (*str*) URL for Git repository with the ``treefile``.
* ``source_repo_from`` -- (*str*) Name of variant serving as source repository.
* ``ostree_repo`` -- (*str*) Where to put the ostree repository
These keys are optional:
* ``extra_source_repos`` -- (*[dict]*) Extra source repos to get packages
while composing the OSTree repository. Each dict represents a yum repo.
The allowed keys are:
* ``name`` (required)
* ``baseurl`` (required) -- URL of external repo or variant UID, in the case
of variant UID, url to variant repo will be built automatically.
* ``gpgcheck`` (optional)
* ``exclude`` (optional)
* ``keep_original_sources`` -- (*bool*) Keep the existing source repos in
the tree config file. If not enabled, all the original source repos will
be removed from the tree config file.
* ``config_branch`` -- (*str*) Git branch of the repo to use. Defaults to
``master``.
* ``failable`` -- (*[str]*) List of architectures for which this
deliverable is not release blocking.
* ``update_summary`` -- (*bool*) Update summary metadata after tree composing.
Defaults to ``False``.
* ``version`` -- (*str*) Version string to be added as versioning metadata.
* ``tag_ref`` -- (*bool*, default ``True``) If set to ``False``, a git
reference will not be created.
Example config
--------------
::
ostree = [
("^Atomic$", {
"x86_64": {
"treefile": "fedora-atomic-docker-host.json",
"config_url": "https://git.fedorahosted.org/git/fedora-atomic.git",
"source_repo_from": "Server",
"extra_source_repos": [
{
"name": "repo_a",
"baseurl": "http://example.com/repo/x86_64/os",
"exclude": "systemd-container",
"gpgcheck": False
},
{
"name": "Everything",
"baseurl": "Everything",
}
],
"keep_original_sources": True,
"ostree_repo": "/mnt/koji/compose/atomic/Rawhide/",
"update_summary": True,
"version": "24"
}
})
]
Ostree Installer Settings
=========================
The ``ostree_installer`` phase of *Pungi* can produce installer image bundling
an OSTree repository. This always runs in Koji as a ``runroot`` task.
**ostree_installer**
(*dict*) -- a variant/arch mapping of configuration. The format should be
``[(variant_uid_regex, {arch|*: config_dict})]``.
The configuration dict for each variant arch pair must have this key:
* ``source_repo_from`` -- (*str*) Name of variant serving as source
repository or a URL pointing the the repo.
These keys are optional:
* ``release`` -- (*str*) Release value to set for the installer image. Set
to ``None`` to generate the value :ref:`automatically <auto_release>`.
* ``failable`` -- (*[str]*) List of architectures for which this
deliverable is not release blocking.
These optional keys are passed to ``lorax`` to customize the build.
* ``installpkgs`` -- (*[str]*)
* ``add_template`` -- (*[str]*)
* ``add_arch_template`` -- (*[str]*)
* ``add_template_var`` -- (*[str]*)
* ``add_arch_template_var`` -- (*[str]*)
* ``rootfs_size`` -- (*[str]*)
* ``template_repo`` -- (*str*) Git repository with extra templates.
* ``template_branch`` -- (*str*) Branch to use from ``template_repo``.
The templates can either be absolute paths, in which case they will be used
as configured; or they can be relative paths, in which case
``template_repo`` needs to point to a Git repository from which to take the
templates.
Example config
--------------
::
ostree_installer = [
("^Atomic$", {
"x86_64": {
"source_repo_from": "Everything",
"release": None,
"installpkgs": ["fedora-productimg-atomic"],
"add_template": ["atomic-installer/lorax-configure-repo.tmpl"],
"add_template_var": [
"ostree_osname=fedora-atomic",
"ostree_ref=fedora-atomic/Rawhide/x86_64/docker-host",
],
"add_arch_template": ["atomic-installer/lorax-embed-repo.tmpl"],
"add_arch_template_var": [
"ostree_repo=https://kojipkgs.fedoraproject.org/compose/atomic/Rawhide/",
"ostree_osname=fedora-atomic",
"ostree_ref=fedora-atomic/Rawhide/x86_64/docker-host",
]
'template_repo': 'https://git.fedorahosted.org/git/spin-kickstarts.git',
'template_branch': 'f24',
}
})
]
OSBS Settings
=============
*Pungi* can build docker images in OSBS. The build is initiated through Koji
``container-build`` plugin. The base image will be using RPMs from the current
compose and a ``Dockerfile`` from specified Git repository.
Please note that the image is uploaded to a Docker v2 registry and not exported
into compose directory. There will be a metadata file in
``compose/metadata/osbs.json`` with details about the built images (assuming
they are not scratch builds).
**osbs**
(*dict*) -- a mapping from variant regexes to configuration blocks. The
format should be ``{variant_uid_regex: [config_dict]}``.
The configuration for each image must have at least these keys:
* ``url`` -- (*str*) URL pointing to a Git repository with ``Dockerfile``.
Please see :ref:`git-urls` section for more details.
* ``target`` -- (*str*) A Koji target to build the image for.
Optionally you can specify ``failable``. If it has a truthy value, failure
to create the image will not abort the whole compose.
.. note::
Once OSBS gains support for multiple architectures, the usage of this
option will most likely change to list architectures that are allowed
to fail.
The configuration will pass other attributes directly to the Koji task.
This includes ``name``, ``version``, ``scratch`` and ``priority``.
A value for ``yum_repourls`` will be created automatically and point at a
repository in the current compose.
Example config
--------------
::
osbs = {
"^Server$": {
"url": "git://example.com/dockerfiles.git?#HEAD",
"name": "fedora-docker-base",
"target": "f24-docker-candidate",
"version": "24",
}
}
Media Checksums Settings
========================
**media_checksums**
(*list*) -- list of checksum types to compute, allowed values are ``md5``,
``sha1`` and ``sha256``
**media_checksum_one_file**
(*bool*) -- when ``True``, only one ``CHECKSUM`` file will be created per
directory; this option requires ``media_checksums`` to only specify one
type
**media_checksum_base_filename**
(*str*) -- when not set, all checksums will be save to a file named either
``CHECKSUM`` or based on the digest type; this option allows adding any
prefix to that name
It is possible to use format strings that will be replace by actual values.
The allowed keys are:
* ``arch``
* ``compose_id``
* ``date``
* ``label``
* ``label_major_version``
* ``release_short``
* ``respin``
* ``type``
* ``type_suffix``
* ``version``
* ``version``
For example, for Fedora the prefix should be
``%(release_short)s-%(variant)s-%(version)s-%(date)s%(type_suffix)s.%(respin)s``.
Translate Paths Settings
========================
**translate_paths**
(*list*) -- list of paths to translate; format: ``[(path, translated_path)]``
.. note::
This feature becomes useful when you need to transform compose location
into e.g. a HTTP repo which is can be passed to ``koji image-build``.
The ``path`` part is normalized via ``os.path.normpath()``.
Example config
--------------
::
translate_paths = [
("/mnt/a", "http://b/dir"),
]
Example usage
-------------
::
>>> from pungi.paths import translate_paths
>>> print translate_paths(compose_object_with_mapping, "/mnt/a/c/somefile")
http://b/dir/c/somefile
Miscelanous Settings
====================
**paths_module**
(*str*) -- Name of Python module implementing the same interface as
``pungi.paths``. This module can be used to override where things are
placed.
**link_type** = ``hardlink-or-copy``
(*str*) -- Method of putting packages into compose directory.
Available options:
* ``hardlink-or-copy``
* ``hardlink``
* ``copy``
* ``symlink``
* ``abspath-symlink``
**skip_phases**
(*list*) -- List of phase names that should be skipped. The same
functionality is available via a command line option.
**release_discinfo_description**
(*str*) -- Override description in ``.discinfo`` files. The value is a
format string accepting ``%(variant_name)s`` and ``%(arch)s`` placeholders.
**symlink_isos_to**
(*str*) -- If set, the ISO files from ``buildinstall``, ``createiso`` and
``live_images`` phases will be put into this destination, and a symlink
pointing to this location will be created in actual compose directory.