Drop ignition-firstboot-complete and ignition-setup-user services

They should be in distro glue instead. See also https://github.com/coreos/ignition/pull/1246#issuecomment-876451763.
2021-07-08 18:09:10 -04:00 · 2021-07-08 18:09:10 -04:00 · 5da7358135
commit 5da7358135
parent c67462bad1
4 changed files with 320 additions and 4 deletions
--- a/drop-ignition-firstboot-complete-2.11.0.patch
+++ b/drop-ignition-firstboot-complete-2.11.0.patch
@ -0,0 +1,67 @@
+From fdbd1e41bb15d24936e4c14323ea988a0ecf0846 Mon Sep 17 00:00:00 2001
+From: Jonathan Lebon <jonathan@jlebon.com>
+Date: Tue, 6 Jul 2021 14:49:32 -0400
+Subject: [PATCH 1/3] Remove ignition-firstboot-complete.service
+
+This is a distro-level integration service. Let's remove it from here
+and have it live e.g. in coreos/fedora-coreos-config for FCOS/RHCOS.
+
+Closes: #1125
+---
+ Makefile                                    |  1 -
+ systemd/ignition-firstboot-complete.service | 31 ---------------------
+ 2 files changed, 32 deletions(-)
+ delete mode 100644 systemd/ignition-firstboot-complete.service
+
+diff --git a/Makefile b/Makefile
+index 6b3f49a4..af9a94ad 100644
+--- a/Makefile
+++ b/Makefile
+@@ -23,7 +23,6 @@ install: all
+ 	  install -m 0644 -D -t $(DESTDIR)/usr/lib/dracut/modules.d/$${bn} $$x/*; \
+ 	done
+ 	chmod a+x $(DESTDIR)/usr/lib/dracut/modules.d/*/*.sh $(DESTDIR)/usr/lib/dracut/modules.d/*/*-generator
+-	install -m 0644 -D -t $(DESTDIR)/usr/lib/systemd/system systemd/*
+ 	install -m 0755 -D -t $(DESTDIR)/usr/lib/dracut/modules.d/30ignition bin/$(GOARCH)/ignition
+ 	install -m 0755 -D -t $(DESTDIR)/usr/bin bin/$(GOARCH)/ignition-validate
+ 
+diff --git a/systemd/ignition-firstboot-complete.service b/systemd/ignition-firstboot-complete.service
+deleted file mode 100644
+index c506773a..00000000
+--- a/systemd/ignition-firstboot-complete.service
+++ /dev/null
+@@ -1,31 +0,0 @@
+-[Unit]
+-Description=Mark boot complete
+-Documentation=https://github.com/coreos/ignition
+-ConditionKernelCommandLine=ignition.firstboot
+-ConditionPathExists=!/run/ostree-live
+-RequiresMountsFor=/boot
+-
+-[Service]
+-Type=oneshot
+-RemainAfterExit=yes
+-# The MountFlags=slave is so we remount /boot temporarily writable;
+-# see https://github.com/ostreedev/ostree/issues/1265 for the bigger picture.
+-# This option creates a new mount namespace; from the point of view of
+-# everything else, /boot stays readonly. We only have a transient writable mount
+-# for the lifetime of the unit.
+-#
+-# Also regarding the lack of `-f` for rm ; we should have only run if GRUB
+-# detected this file. Fail if we are unable to remove it, rather than risking
+-# rerunning Ignition at next boot.
+-MountFlags=slave
+-# It is better to have a separate script to do this but it might be polluting
+-# the target system with some script in i.e. /usr/sbin/firstboot-complete
+-# The retval code is still respected with having this if-else block.
+-ExecStart=/bin/sh -c \
+-	'mount -o remount,rw /boot && \
+-	if [[ $(uname -m) = s390x ]]; then zipl; fi && \
+-	rm /boot/ignition.firstboot'
+-
+-[Install]
+-# Part of basic.target so this happens early on in firstboot
+-WantedBy=basic.target
+-- 
+2.31.1
+
--- a/drop-ignition-setup-base-2.11.0.patch
+++ b/drop-ignition-setup-base-2.11.0.patch
@ -0,0 +1,25 @@
+From 9f25f6a7371c8027777c76efe77904c2e2c8fd75 Mon Sep 17 00:00:00 2001
+From: Benjamin Gilbert <bgilbert@redhat.com>
+Date: Wed, 7 Jul 2021 18:27:31 -0400
+Subject: [PATCH 2/3] dracut: drop reference to ignition-setup-base.service
+
+It was removed in e2d3fa3a61b3.
+---
+ dracut/30ignition/ignition-fetch-offline.service | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/dracut/30ignition/ignition-fetch-offline.service b/dracut/30ignition/ignition-fetch-offline.service
+index 0a18e0de..7c4b0289 100644
+--- a/dracut/30ignition/ignition-fetch-offline.service
+++ b/dracut/30ignition/ignition-fetch-offline.service
+@@ -14,7 +14,6 @@ After=basic.target
+ # Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ # We run after the setup stage has run because it may copy in new/different
+ # ignition configs for us to consume.
+-After=ignition-setup-base.service
+ After=ignition-setup-user.service
+ Before=ignition-fetch.service
+ 
+-- 
+2.31.1
+
--- a/drop-ignition-setup-user-2.11.0.patch
+++ b/drop-ignition-setup-user-2.11.0.patch
@ -0,0 +1,218 @@
+From d791aaed74b861fc40104e0c96c4427d667a8f7a Mon Sep 17 00:00:00 2001
+From: Benjamin Gilbert <bgilbert@redhat.com>
+Date: Thu, 8 Jul 2021 15:39:11 -0400
+Subject: [PATCH 3/3] dracut: drop ignition-setup-user.service
+
+It assumes that we can mount /dev/disk/by-label/boot and copy a file out
+of it, which may not be true on all distros.  We already have a clear
+external API for providing injected user configs to Ignition (put them
+in /usr/lib/ignition/user.ign), so leave this to the distro to handle as
+it wishes.
+---
+ dracut/30ignition/ignition-disks.service      |  2 +-
+ .../30ignition/ignition-fetch-offline.service |  5 +--
+ dracut/30ignition/ignition-fetch.service      |  2 +-
+ dracut/30ignition/ignition-files.service      |  2 +-
+ dracut/30ignition/ignition-generator          |  9 ------
+ dracut/30ignition/ignition-kargs.service      |  2 +-
+ dracut/30ignition/ignition-mount.service      |  2 +-
+ dracut/30ignition/ignition-setup-user.service | 23 -------------
+ dracut/30ignition/ignition-setup-user.sh      | 32 -------------------
+ dracut/30ignition/module-setup.sh             |  4 ---
+ 10 files changed, 6 insertions(+), 77 deletions(-)
+ delete mode 100644 dracut/30ignition/ignition-setup-user.service
+ delete mode 100755 dracut/30ignition/ignition-setup-user.sh
+
+diff --git a/dracut/30ignition/ignition-disks.service b/dracut/30ignition/ignition-disks.service
+index 66fa8838..92c8d242 100644
+--- a/dracut/30ignition/ignition-disks.service
+++ b/dracut/30ignition/ignition-disks.service
+@@ -5,7 +5,7 @@ ConditionPathExists=/etc/initrd-release
+ DefaultDependencies=false
+ Before=ignition-complete.target
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ After=ignition-fetch.service
+ Before=ignition-mount.service
+ 
+diff --git a/dracut/30ignition/ignition-fetch-offline.service b/dracut/30ignition/ignition-fetch-offline.service
+index 7c4b0289..b8ae7a7d 100644
+--- a/dracut/30ignition/ignition-fetch-offline.service
+++ b/dracut/30ignition/ignition-fetch-offline.service
+@@ -11,10 +11,7 @@ DefaultDependencies=false
+ Before=ignition-complete.target
+ After=basic.target
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+-# We run after the setup stage has run because it may copy in new/different
+-# ignition configs for us to consume.
+-After=ignition-setup-user.service
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ Before=ignition-fetch.service
+ 
+ OnFailure=emergency.target
+diff --git a/dracut/30ignition/ignition-fetch.service b/dracut/30ignition/ignition-fetch.service
+index d629273d..d914362d 100644
+--- a/dracut/30ignition/ignition-fetch.service
+++ b/dracut/30ignition/ignition-fetch.service
+@@ -9,7 +9,7 @@ ConditionPathExists=/run/ignition/neednet
+ # Don't run if the `fetch-offline` stage successfully fetched a config
+ ConditionPathExists=!/run/ignition.json
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ # We run after the setup stage has run because it may copy in new/different
+ # ignition configs for us to consume.
+ After=ignition-fetch-offline.service
+diff --git a/dracut/30ignition/ignition-files.service b/dracut/30ignition/ignition-files.service
+index 90bda675..aa64fb68 100644
+--- a/dracut/30ignition/ignition-files.service
+++ b/dracut/30ignition/ignition-files.service
+@@ -8,7 +8,7 @@ Before=ignition-complete.target
+ OnFailure=emergency.target
+ OnFailureJobMode=isolate
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ After=ignition-mount.service
+ 
+ # Run before initrd-parse-etc so that we can drop files it then picks up.
+diff --git a/dracut/30ignition/ignition-generator b/dracut/30ignition/ignition-generator
+index a444395a..1dff7442 100755
+--- a/dracut/30ignition/ignition-generator
+++ b/dracut/30ignition/ignition-generator
+@@ -47,15 +47,6 @@ if $(cmdline_bool 'ignition.firstboot' 0); then
+     # and therefore won't have a root disk.
+     if ! command -v is-live-image >/dev/null || ! is-live-image; then
+         add_requires ignition-diskful.target ignition-complete.target
+-
+-        # ignition-setup-user.service should depend on the boot device node
+-        # only on diskful boots
+-        mkdir -p "${UNIT_DIR}/ignition-setup-user.service.d"
+-        cat > "${UNIT_DIR}/ignition-setup-user.service.d/diskful.conf" <<EOF
+-[Unit]
+-Requires=dev-disk-by\x2dlabel-boot.device
+-After=dev-disk-by\x2dlabel-boot.device
+-EOF
+     fi
+ else
+     # If we're doing a non-Ignition (subsequent) boot, then
+diff --git a/dracut/30ignition/ignition-kargs.service b/dracut/30ignition/ignition-kargs.service
+index 75cbb39a..6272ccff 100644
+--- a/dracut/30ignition/ignition-kargs.service
+++ b/dracut/30ignition/ignition-kargs.service
+@@ -5,7 +5,7 @@ ConditionPathExists=/etc/initrd-release
+ DefaultDependencies=false
+ Before=ignition-complete.target
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ After=ignition-fetch.service
+ Before=ignition-disks.service
+ 
+diff --git a/dracut/30ignition/ignition-mount.service b/dracut/30ignition/ignition-mount.service
+index b3af2fa8..0d25afab 100644
+--- a/dracut/30ignition/ignition-mount.service
+++ b/dracut/30ignition/ignition-mount.service
+@@ -5,7 +5,7 @@ ConditionPathExists=/etc/initrd-release
+ DefaultDependencies=false
+ Before=ignition-complete.target
+ 
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+# Stage order: fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+ # We need to make sure the partitions and filesystems are set up before
+ # mounting. This is also guaranteed through After=initrd-root-fs.target but
+ # just to be explicit.
+diff --git a/dracut/30ignition/ignition-setup-user.service b/dracut/30ignition/ignition-setup-user.service
+deleted file mode 100644
+index 40c53dd1..00000000
+--- a/dracut/30ignition/ignition-setup-user.service
+++ /dev/null
+@@ -1,23 +0,0 @@
+-[Unit]
+-Description=Ignition (setup user config)
+-Documentation=https://github.com/coreos/ignition
+-ConditionPathExists=/etc/initrd-release
+-DefaultDependencies=false
+-Before=ignition-complete.target
+-
+-OnFailure=emergency.target
+-OnFailureJobMode=isolate
+-
+-# Stage order: setup -> fetch-offline [-> fetch] [-> kargs] -> disks -> mount -> files.
+-Before=ignition-fetch-offline.service
+-
+-# On diskful boots, ignition-generator adds Requires/After on
+-# dev-disk-by\x2dlabel-boot.device
+-
+-[Service]
+-Type=oneshot
+-RemainAfterExit=yes
+-# The MountFlags=slave is so the umount of /boot is guaranteed to happen
+-# /boot will only be mounted for the lifetime of the unit.
+-MountFlags=slave
+-ExecStart=/usr/sbin/ignition-setup-user
+diff --git a/dracut/30ignition/ignition-setup-user.sh b/dracut/30ignition/ignition-setup-user.sh
+deleted file mode 100755
+index e0f3c4e2..00000000
+--- a/dracut/30ignition/ignition-setup-user.sh
+++ /dev/null
+@@ -1,32 +0,0 @@
+-#!/bin/bash
+-set -euo pipefail
+-
+-copy_file_if_exists() {
+-    src="${1}"; dst="${2}"
+-    if [ -f "${src}" ]; then
+-        echo "Copying ${src} to ${dst}"
+-        cp "${src}" "${dst}"
+-    else
+-        echo "File ${src} does not exist.. Skipping copy"
+-    fi
+-}
+-
+-destination=/usr/lib/ignition
+-mkdir -p $destination
+-
+-if command -v is-live-image >/dev/null && is-live-image; then
+-    # Live image. If the user has supplied a config.ign via an appended
+-    # initrd, put it in the right place.
+-    copy_file_if_exists "/config.ign" "${destination}/user.ign"
+-else
+-    # We will support a user embedded config in the boot partition
+-    # under $bootmnt/ignition/config.ign. Note that we mount /boot
+-    # but we don't unmount boot because we are run in a systemd unit
+-    # with MountFlags=slave so it is unmounted for us.
+-    bootmnt=/mnt/boot_partition
+-    mkdir -p $bootmnt
+-    # mount as read-only since we don't strictly need write access and we may be
+-    # running alongside other code that also has it mounted ro
+-    mount -o ro /dev/disk/by-label/boot $bootmnt
+-    copy_file_if_exists "${bootmnt}/ignition/config.ign" "${destination}/user.ign"
+-fi
+diff --git a/dracut/30ignition/module-setup.sh b/dracut/30ignition/module-setup.sh
+index e51112f8..8e7e3033 100755
+--- a/dracut/30ignition/module-setup.sh
+++ b/dracut/30ignition/module-setup.sh
+@@ -56,9 +56,6 @@ install() {
+     # Required on system using SELinux
+     inst_multiple -o setfiles
+ 
+-    inst_script "$moddir/ignition-setup-user.sh" \
+-        "/usr/sbin/ignition-setup-user"
+-
+     inst_script "$moddir/ignition-kargs-helper.sh" \
+         "/usr/sbin/ignition-kargs-helper"
+ 
+@@ -83,7 +80,6 @@ install() {
+             "$systemdsystemunitdir/ignition-$x.target"
+     done
+ 
+-    install_ignition_unit ignition-setup-user.service
+     install_ignition_unit ignition-fetch.service
+     install_ignition_unit ignition-fetch-offline.service
+     install_ignition_unit ignition-kargs.service
+-- 
+2.31.1
+
--- a/ignition.spec
+++ b/ignition.spec
@ -13,13 +13,18 @@ Version:                2.11.0
 %global dracutlibdir %{_prefix}/lib/dracut

 Name:           ignition
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        First boot installer and configuration tool

 # Upstream license specification: Apache-2.0
 License:        ASL 2.0
 URL:            %{gourl}
 Source0:        %{gosource}
+# https://github.com/coreos/ignition/pull/1245
+Patch0:         drop-ignition-firstboot-complete-2.11.0.patch
+# https://github.com/coreos/ignition/pull/1248
+Patch1:         drop-ignition-setup-base-2.11.0.patch
+Patch2:         drop-ignition-setup-user-2.11.0.patch

 BuildRequires: libblkid-devel

@ -250,9 +255,7 @@ GOARCH=amd64 GOOS=windows %gocrossbuild -o ./ignition-validate-x86_64-pc-windows
 %install
 # dracut modules
 install -d -p %{buildroot}/%{dracutlibdir}/modules.d
-install -d -p %{buildroot}/%{_prefix}/lib/systemd/system
 cp -r dracut/* %{buildroot}/%{dracutlibdir}/modules.d/
-install -m 0644 -t %{buildroot}/%{_prefix}/lib/systemd/system/ systemd/*

 # ignition
 install -d -p %{buildroot}%{_bindir}
@ -276,7 +279,6 @@ install -p -m 0755 ./ignition %{buildroot}/%{dracutlibdir}/modules.d/30ignition
 %license %{golicenses}
 %doc %{godocs}
 %{dracutlibdir}/modules.d/*
-%{_prefix}/lib/systemd/system/*.service

 %files validate
 %doc README.md
@ -290,6 +292,10 @@ install -p -m 0755 ./ignition %{buildroot}/%{dracutlibdir}/modules.d/30ignition
 %{_datadir}/ignition/ignition-validate-x86_64-pc-windows-gnu.exe

 %changelog
+* Thu Jul  8 2021 Benjamin Gilbert <bgilbert@redhat.com> - 2.11.0-2
+- Move ignition-firstboot-complete and ignition-setup-user services out of
+  package into distro glue
+
 * Fri Jun 25 2021 Benjamin Gilbert <bgilbert@redhat.com> - 2.11.0-1
 - New release