From 557df30e64809d2c71fe3a6a97eeb504d8b4ec1d Mon Sep 17 00:00:00 2001 From: Andrew Lukoshko Date: Tue, 4 Oct 2022 21:51:45 +0000 Subject: [PATCH] Include EFI boot fix --- SOURCES/leapp-repository-0.16.0-elevate.patch | 226 +++++++++++++----- SPECS/leapp-repository.spec | 2 +- 2 files changed, 173 insertions(+), 55 deletions(-) diff --git a/SOURCES/leapp-repository-0.16.0-elevate.patch b/SOURCES/leapp-repository-0.16.0-elevate.patch index d7b339e..8a2462c 100644 --- a/SOURCES/leapp-repository-0.16.0-elevate.patch +++ b/SOURCES/leapp-repository-0.16.0-elevate.patch @@ -1,63 +1,90 @@ diff --git a/README.md b/README.md -index 4de458b..6f8969d 100644 +index 4de458b..7b614d8 100644 --- a/README.md +++ b/README.md -@@ -29,3 +29,144 @@ We’ll gladly answer your questions and lead you to through any troubles with t - actor development. +@@ -1,8 +1,7 @@ ++# Leapp Elevation Repository + **Before doing anything, please read + [Leapp framework documentation](https://leapp.readthedocs.io/).** + +---- +- + ## Troubleshooting + + ### Where can I report an issue or RFE related to the framework or other actors? +@@ -11,6 +10,13 @@ + - Leapp framework: [https://github.com/oamg/leapp/issues/new/choose](https://github.com/oamg/leapp/issues/new/choose) + - Leapp actors: [https://github.com/oamg/leapp-repository/issues/new/choose](https://github.com/oamg/leapp-repository/issues/new/choose) + ++### Where can I report an issue or RFE related to the AlmaLinux actor or data modifications? ++- GitHub issues are preferred: ++ - Leapp actors: [https://github.com/AlmaLinux/leapp-repository/issues/new/choose](https://github.com/AlmaLinux/leapp-repository/issues/new/choose) ++ - Leapp data: [https://github.com/AlmaLinux/leapp-data/issues/new/choose](https://github.com/AlmaLinux/leapp-data/issues/new/choose) ++ ++### What data should be provided when making a report? ++ + - When filing an issue, include: + - Steps to reproduce the issue + - *All files in /var/log/leapp* +@@ -25,7 +31,149 @@ + Then you may attach only the `leapp-logs.tgz` file. + + ### Where can I seek help? +-We’ll gladly answer your questions and lead you to through any troubles with the +-actor development. ++We’ll gladly answer your questions and lead you to through any troubles with the actor development. You can reach us at IRC: `#leapp` on freenode. + -+ +## Third-party integration + +If you would like to add your **signed** 3rd party packages into the upgrade process, you can use the third-party integration mechanism. + +There are four components for adding your information to the elevation process: -+- .csv: repository mapping file ++- _map.json: repository mapping file +- .repo: package repository information +- .sigs: list of package signatures of vendor repositories -+- .json: package migration event list ++- _pes.json: package migration event list + +All these files **must** have the same part. + +### Repository mapping file + -+This CSV file provides information on mappings between source system repositories (repositories present on the system being upgraded) and target system repositories (package repositories to be used during the upgrade). ++This JSON file provides information on mappings between source system repositories (repositories present on the system being upgraded) and target system repositories (package repositories to be used during the upgrade). + -+The first line of the file, per CSV format, should contain the headers. Standard headers for vendor.csv files look like this: ++The file contains two sections, `mapping` and `repositories`. + -+```CSV -+Source system repoid,Target system repoid in custom repo file,Target system repo name in PES,Source system minor versions,Target system minor versions,architecture,type (rpm/srpm/debuginfo),source product type (ga/beta,htb),target product type (ga/beta/htb) -+``` ++`repositories` descripes the source and target repositories themselves. Each entry should have a unique string ID specific to mapping/PES files - `pesid`, and a list of attributes: ++- major_version: major system version that this repository targets ++- repo_type: repository type, see below ++- repoid: repository ID, same as in *.repo files. Doesn't have to exactly match `pesid` ++- arch: system architecture for which this repository is relevant ++- channel: repository channel, see below + -+Following lines should contain the repository map entries. As an example: -+ -+```CSV -+Source system repoid,Target system repoid in custom repo file,Target system repo name in PES,Source system minor versions,Target system minor versions,architecture,type (rpm/srpm/debuginfo),source product type (ga/beta,htb),target product type (ga/beta/htb) -+ -+source-repoid,target-custom-repoid,target-pes-repoid,all,all,x86_64,rpm,ga,ga -+``` -+ -+**Source system repoid** is the ID of a repository that is expected to be present on the system before the upgrade. -+ -+**Target system repoid in custom repo file** is the ID of a repository listed in the associated package repository information (.repo) file. It is supposed to be used during the upgrade process. -+ -+**Target system repo name in PES** is the ID which is used to refer to the target system repository in the package migration event list (.json). + +**Repository types**: +- rpm: normal RPM packages +- srpm: source packages +- debuginfo: packages with debug information + -+**Product types**: -+- GA: general availability repositories -+- Beta: beta-testing repositories -+- HTB: High Touch Beta repositories ++**Repository channels**: ++- ga: general availability repositories ++ - AKA stable repositories. ++- beta: beta-testing repositories ++- eus, e4s, aus, tus: Extended Update Support, Update Services for SAP Solutions, Advanced Update Support, Telco Extended Update Support ++ - Red Hat update channel classification. Most of the time you won't need to use these. + -+The repository mapping file also defines whether a vendor's packages will be included into the upgrade process at all. If at least one source repository listed in the file is present on the system, the vendor is considered active, and package repositories/PES events are enabled - otherwise, they will not affect the upgrade process. ++`mapping` establishes connections between described repositories. ++Each entryy in the list defines a mapping between major system versions, and contains the following elements: ++- source_major_version: major system version from which the system would be upgraded ++- target_major_version: major system version to which the system would be elevated ++- entries: the list of repository mappings ++ - source: source repository, one that would be found on a pre-upgrade system ++ - target: a list of target upgrade repositores that would contain new package versions. Each source repository can map to one or multiple target repositories + -+In the above example, vendor's data (including the .repo and .json files) will affect the upgrade process only if a repository with `source-repoid` ID is present on the system. + ++> **Important**: The repository mapping file also defines whether a vendor's packages will be included into the upgrade process at all. ++> If at least one source repository listed in the file is present on the system, the vendor is considered active, and package repositories/PES events are enabled - otherwise, they **will not** affect the upgrade process. + +### Package repository information + @@ -82,22 +109,39 @@ index 4de458b..6f8969d 100644 + +### Package migration event list + -+The Leapp upgrade process uses information from the AlmaLinux PES (Package Evolution System) to keep track of how packages change between the OS versions. This data is located in `leapp-data/files//vendors.d/.json` in the GitHub repository and in `/etc/leapp/files/vendors.d/.json` on a system being upgraded. ++The Leapp upgrade process uses information from the AlmaLinux PES (Package Evolution System) to keep track of how packages change between the OS versions. This data is located in `leapp-data/vendors.d/_pes.json` in the GitHub repository and in `/etc/leapp/files/vendors.d/_pes.json` on a system being upgraded. ++ ++> **Warning**: leapp doesn't force packages from out_packageset to be installed from the specific repository; instead, it enables repo from out_packageset and then DNF installs the latest package version from all enabled repos. ++ ++#### Creating event lists through PES ++ ++The recommended way to create new event lists is to use the PES mechanism. ++ ++The web interface can create, manage and export groups of events to JSON files. ++ ++This video demonstration walks through the steps of adding an action event group and exporting it as a JSON file to make use of it in the elevation process. ++ ++> https://drive.google.com/file/d/1VqnQkUsxzLijIqySMBGu5lDrA72BVd5A/view?usp=sharing ++ ++Please refer to the [PES contribution guide](https://wiki.almalinux.org/elevate/Contribution-guide.html) for additional information on entry fields. ++ ++#### Manual editing + +To add new rules to the list, add a new entry to the `packageinfo` array. -+**Important**: actions from PES json files will be in effect only for those packages that are signed **and** have their signatures in one of the active .sigs files. Unsigned packages will be updated only if some signed package requires a new version, otherwise they will by left as they are. ++ ++**Important**: actions from PES JSON files will be in effect only for those packages that are signed **and** have their signatures in one of the active .sigs files. Unsigned packages will be updated only if some signed package requires a new version, otherwise they will by left as they are. + +Required fields: + +- action: what action to perform on the listed package -+ - 0 - present -+ - 1 - removed -+ - 2 - deprecated -+ - 3 - replaced -+ - 4 - split -+ - 5 - merged -+ - 6 - moved to new repository -+ - 7 - renamed ++- 0 - present ++- 1 - removed ++- 2 - deprecated ++- 3 - replaced ++- 4 - split ++- 5 - merged ++- 6 - moved to new repository ++- 7 - renamed +- arches: what system architectures the listed entry relates to +- id: entry ID, must be unique +- in_packageset: set of packages on the old system @@ -127,24 +171,11 @@ index 4de458b..6f8969d 100644 + +For `in_packageset`, `repository` field defines the package repository the package was installed from on the source system. +For `out_packageset`, `repository` field for packages should be the same as the "Target system repo name in PES" field in the associated vendor repository mapping file. -+Warning: leapp doesn't force packages from out_packageset to be installed from the specific repository; instead, it enables repo from out_packageset and then dnf installs the latest package version from all enabled repos. -+ -+To take the above repository map example: -+ -+```CSV -+Source system repoid,Target system repoid in custom repo file,Target system repo name in PES,Source system minor versions,Target system minor versions,architecture,type (rpm/srpm/debuginfo),source product type (ga/beta,htb),target product type (ga/beta/htb) -+ -+source-repoid,target-custom-repoid,target-pes-repoid,all,all,x86_64,rpm,ga,ga -+``` -+ -+For this configuration, `in_packageset` entries would have `source-repoid` as the `repository` field, and `out_packageset` would have `target-pes-repoid` in theirs. -+ -+Please refer to [PES contribution guide](https://wiki.almalinux.org/elevate/Contribution-guide.html) for additional information on entry fields. + +### Providing the data + +Once you've prepared the vendor data for migration, you can make a pull request to https://github.com/AlmaLinux/leapp-data/ to make it available publicly. -+Files should be placed in `files//vendors.d/`. ++Files should be placed into the `vendors.d` subfolder if the data should be available for all elevation target OS variants, or into the `files//vendors.d/` if intended for a specific one. + +Alternatively, you can deploy the vendor files on a system prior to starting the upgrade. In this case, place the files into the folder `/etc/leapp/files/vendors.d/`. diff --git a/commands/command_utils.py b/commands/command_utils.py @@ -276,6 +307,93 @@ index 14bd6e3..f6adacf 100755 [ -z "$os_version" ] && { # This should not happen as /etc/initrd-release is supposed to have API # stability, but check is better than broken system. +diff --git a/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py b/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py +index f42909f..caa94e0 100644 +--- a/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py ++++ b/repos/system_upgrade/common/actors/efibootorderfix/finalization/actor.py +@@ -1,17 +1,78 @@ ++import os ++ ++from leapp.libraries.stdlib import run, api + from leapp.actors import Actor +-from leapp.libraries.common import efi_reboot_fix ++from leapp.models import InstalledTargetKernelVersion, KernelCmdlineArg, FirmwareFacts, MountEntry + from leapp.tags import FinalizationPhaseTag, IPUWorkflowTag ++from leapp.exceptions import StopActorExecutionError + + + class EfiFinalizationFix(Actor): + """ +- Adjust EFI boot entry for final reboot ++ Ensure that EFI boot order is updated, which is particularly necessary ++ when upgrading to a different OS distro. Also rebuilds grub config ++ if necessary. + """ + + name = 'efi_finalization_fix' +- consumes = () ++ consumes = (KernelCmdlineArg, InstalledTargetKernelVersion, FirmwareFacts, MountEntry) + produces = () + tags = (FinalizationPhaseTag, IPUWorkflowTag) + + def process(self): +- efi_reboot_fix.maybe_emit_updated_boot_entry() ++ is_system_efi = False ++ ff = next(self.consume(FirmwareFacts), None) ++ ++ dirname = { ++ 'AlmaLinux': 'almalinux', ++ 'CentOS Linux': 'centos', ++ 'CentOS Stream': 'centos', ++ 'Oracle Linux Server': 'redhat', ++ 'Red Hat Enterprise Linux': 'redhat', ++ 'Rocky Linux': 'rocky' ++ } ++ ++ efi_shimname_dict = { ++ 'x86_64': 'shimx64.efi', ++ 'aarch64': 'shimaa64.efi' ++ } ++ ++ with open('/etc/system-release', 'r') as sr: ++ release_line = next(line for line in sr if 'release' in line) ++ distro = release_line.split(' release ', 1)[0] ++ ++ efi_bootentry_label = distro ++ distro_dir = dirname.get(distro, 'default') ++ shim_filename = efi_shimname_dict.get(api.current_actor().configuration.architecture, 'shimx64.efi') ++ ++ shim_path = '/boot/efi/EFI/' + distro_dir + '/' + shim_filename ++ grub_cfg_path = '/boot/efi/EFI/' + distro_dir + '/grub.cfg' ++ bootmgr_path = '\\EFI\\' + distro_dir + '\\' + shim_filename ++ ++ has_efibootmgr = os.path.exists('/sbin/efibootmgr') ++ has_shim = os.path.exists(shim_path) ++ has_grub_cfg = os.path.exists(grub_cfg_path) ++ ++ if not ff: ++ raise StopActorExecutionError( ++ 'Could not identify system firmware', ++ details={'details': 'Actor did not receive FirmwareFacts message.'} ++ ) ++ ++ if not has_efibootmgr: ++ return ++ ++ for fact in self.consume(FirmwareFacts): ++ if fact.firmware == 'efi': ++ is_system_efi = True ++ break ++ ++ if is_system_efi and has_shim: ++ with open('/proc/mounts', 'r') as fp: ++ for line in fp: ++ if '/boot/efi' in line: ++ efidev = line.split(' ', 1)[0] ++ run(['/sbin/efibootmgr', '-c', '-d', efidev, '-p 1', '-l', bootmgr_path, '-L', efi_bootentry_label]) ++ ++ if not has_grub_cfg: ++ run(['/sbin/grub2-mkconfig', '-o', grub_cfg_path]) diff --git a/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py b/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py index edf978f..7fea4ec 100644 --- a/repos/system_upgrade/common/actors/ipuworkflowconfig/libraries/ipuworkflowconfig.py diff --git a/SPECS/leapp-repository.spec b/SPECS/leapp-repository.spec index 97df4d8..539a3d9 100644 --- a/SPECS/leapp-repository.spec +++ b/SPECS/leapp-repository.spec @@ -42,7 +42,7 @@ py2_byte_compile "%1" "%2"} Name: leapp-repository Version: 0.16.0 -Release: 6%{?dist}.elevate +Release: 6%{?dist}.elevate.1 Summary: Repositories for leapp License: ASL 2.0